Chapter 8
Asymmetric Encryption
Asymmetric Encryption Another category of encryption techniques is asymmetric encryption, also known as public-key encryption. Whereas the symmetric encryption systems are based on a single key to both encrypt and decrypt a message, asymmetric encryption uses two different keys. Either key can be used to encrypt or decrypt the message. However, if Key A is used to encrypt the message, only Key B can decrypt, and if Key B is used to encrypt a message, only Key A can decrypt it. The public key is stored in a public location, where anyone can use it. The private key, as its name suggests, is a secret known only to the owner of the key pair. The problem with asymmetric encryption is that it requires four keys to hold a single conversation between two parties. Asymmetric encryption is not as efficient as symmetric encryptions in terms of CPU computations. As a result, the hybrid system described in the section on Public Key Infrastructure is more commonly used, instead of a pure asymmetric system.
Encryption
Converting original message into a form unreadable by unauthorized individuals
Correlation Attack
Correlation attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem. Differential and linear cryptanalysis, both of which are advanced methods of breaking codes, have been used to mount successful attacks on block cipher encryptions such as DES. The only defense against this kind of attack is the selection of strong cryptosystems that have stood the test of time, thorough key management, and strict adherence to the best practices of cryptography in the frequency of changing keys.
Dictionary Attacks
Hackers use dictionary words to narrow down passwords
Cyptography
Process of making and using codes to secure transmission of information
Cryptanalysis
Process of obtaining original message from encrypted message without knowing algorithm
Cryptology
Science of encryption
Symmetric Encryption
Symmetric encryption indicates that the same key, also known as a secret key, is used to conduct both the encryption and decryption of the message. Symmetric encryption methods can be extremely efficient, requiring minimal processing to either encrypt or decrypt the message. The problem is that both the sender and the receiver must own the encryption key. If either copy of the key is compromised, an intermediate can decrypt and read the messages. One of the challenges of symmetric key encryption is getting a copy of the key to the receiver, a process that must be conducted out-of-band to avoid interception.
Key
The information used in conjunction with the algorithm to create ciphertext from plaintext
Algorithm
The math formula used to convert an unencrypted message into an encrypted message
Decryption
The process of converting the ciphertext
Steganography
The process of hiding messages in a picture or graphic. Work factor: The amount of effort (usually in hours) required to perform cryptanalysis on an encoded message. The most popular modern version of steganography involves hiding information within files that appear to contain digital pictures or other images. Most computer graphics standards use a combination of three color values (red, blue, and green (RGB)) to represent a picture element or pixel. Each of the three color values usually requires an 8-bit code for that color's intensity (e.g., 00000000 for no red and 11111111 for maximum red). This inability to perceive difference on the part of humans provides the steganographer with one bit per color (or three bits per pixel) to use for encoding data into an image file. Some applications are capable of hiding messages in .bmp, .wav, .mp3, and .au files, as well as in unused storage space on CDs and DVDs.
Cipher
The transformation of the individual components of an uncrypted message into encrypted components
Plaintext
The unencrypted message
Ciphertext
The unintelligible encrypted or encoded message resulting from an encrypted or encoded message resulting from an encryption
Decipher
To decrypt or conver ciphertext to plaintext
Encipher
To encrypt or convert plaintext to ciphertext
Encryption Key Size
When using ciphers, one of the decisions that has to be made is the size of the cryptovariable or key. The strength of many encryption applications and cryptosystems is measured by key size. When it comes to cryptosystems, the security of encrypted data is not dependent on keeping the encrypting algorithm secret; in fact, algorithms are often published, so that research to uncover their weaknesses can be done. The security of any cryptosystem depends on keeping some or all of the elements of the cryptovariable(s) or key(s) secret.
S-HTTP
extended version of Hypertext Transfer Protocol; provides for encryption of individual messages between client and server across Internet Allows encryption of information passing between computers through protected and secure virtual connection
Man in the middle
A man-in-the-middle attack is designed to intercept the transmission of a public key or even to insert a known key structure in place of the requested public key. From the perspective of the victims of such attacks, their encrypted communication appears to be occurring normally, but in fact the attacker is receiving each encrypted message and decoding it and then encrypting and sending it to the originally intended recipient. Establishment of public keys with digital signatures can prevent the traditional man-in-the-middle attack, as the attacker cannot duplicate the signatures.
Link encryption
A series of encryptions and decryptions between a number of systems, whereby each node decrypts the message sent to it and then reencrypts it using different keys and sends it to the next neighbor, until it reaches the final destination
Digital Signatures
An interesting thing happens when the asymmetric process is reversed, that is, the private key is used to encrypt a short message. The public key can be used to decrypt it, and the fact that the message was sent by the organization that owns the private key cannot be refuted. This is known as nonrepudiation, which is the foundation of digital signatures. Digital signatures are encrypted messages that are independently verified by a central facility (registry) as authentic.
Digital Certificate
As alluded to earlier, a digital certificate is an electronic document, similar to a digital signature, attached to a file certifying that this file is from the organization it claims to be from and has not been modified from the originating format. A certificate authority is an agency that manages the issuance of certificates and serves as the electronic notary public to verify their worth and integrity.
Public-Key Infrastructure
is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely. PKI systems are based on public-key cryptosystems and include digital certificates and certificate authorities (CAs). Authentication. Digital certificates in a PKI system permit parties to validate the identity of other parties in an Internet transaction. Integrity. A digital certificate demonstrates that the content signed by the certificate has not been altered while being moved from server to client. Privacy. Digital certificates keep information from being intercepted during transmission over the Internet. Authorization. Digital certificates issued in a PKI environment can replace user IDs and passwords, enhance security, and reduce some of the overhead required for authorization processes and controlling access privileges. Nonrepudiation. Digital certificates can validate actions, making it less likely that customers or partners can later repudiate a digitally signed transaction.
Timing Attack
the attacker eavesdrops during the victim's session and uses statistical analysis of the user's typing patterns and inter-keystroke timings to discern sensitive session information. While timing analysis may not directly result in the decryption of sensitive data, it can be used to gain information about the encryption key and perhaps the cryptosystem in use. Once the attacker has successfully broken an encryption, he or she may launch a replay attack, which is an attempt to resubmit a recording of the deciphered authentication to gain entry into a secure source.
PGP
uses IDEA Cipher for message encoding
SSL
uses public key encryption to secure channel over public Internet