CISSP Certification Security Engineering-Part2

CISSPSECURITY ENGINEERINGASM Educational Center Inc. (ASM)Where Training, Technology & Service Convergewww.asmed.comPhone: (301)984-7400

1

http://www.asmed.com/

SECURITY ENGINEERING

Cryptographic Systems Encryption systems have become extremely

crucial in computing and data protection today.

Detailed discussions and understanding required.

2

3

SECURITY ENGINEERINGThe purpose of cryptography is to render information unintelligible to all but the intended recipient. The sender enciphers a message into unintelligible form, and the receiver deciphers it into intelligible form. The word “cryptology” is derived from the Greek kryptos (hidden) and logos (word). • Cryptology: The scientific study of cryptography and cryptanalysis• Cryptography: The enciphering and deciphering of messages into

secret codes by means of various transformations of the plaintext• Cryptanalysis: The process of deriving the plaintext from the

ciphertext (breaking a code) without being in possession of the key or the system (code breaking).• The history of codes and ciphers goes back almost 4,000 years to the

early Egyptian civilization.

http://skillport.books24x7.com/viewer.asp?bkid=23395&destid=1326

4

SECURITY ENGINEERINGMore Definitions:Plaintext – a message (sometimes called cleartext)Encryption – the process of making a message disguisedDecryption – the process of turning a disguised message back into

plaintextCryptography – the science of keeping message secureCryptanalysis – the science of breaking ciphertextCryptology – mathematics of both cryptography and cryptanalysis

SECURITY ENGINEERING• The History of Cryptography•Cryptographic Definitions & Concepts

• Components of a Cryptosystem• Software• Protocols• Algorithms• Key

• Kerckhoff’s Principle• Key should be the only secret

component in cryptosystems.• Strength of a Cryptosystem• Combination of the algorithm, key

secrecy, key length, and the initialization vector.

5

6

SECURITY ENGINEERING Basics - Services of a Cryptosystems

- Ensure Confidentiality by preventing unauthorized users to access message/data.

- Ensure Integrity - Info cannot be altered in storage or in transit

- Non-repudiation - Creator or sender cannot deny (via use of digital signatures)- Authentication - Provide foundation for secure access control by using encrypted passwords and token-based devices.- Make compromise unattractive - too expensive or time consuming to be worth the effort

7


• Governmental Involvement in Crypto

SECURITY ENGINEERING• The History of Cryptography• Cryptographic Definitions & Concepts

One-Time Pad:-Considered the most secured encryption scheme- Sender uses each key letter on the pad to encrypt exactly one plaintext character- Pad is used only one time- Pad is as long as the message- Primarily used for ultra-secure low-bandwidth channels- Used by many secret agents

• Running Cipher – use common components (a page within a book)• Concealment Cipher – message within a message (i.e.

In a sentence)• Steganography – message hidden within a different

media (i.e. graphics)8


CIPHERSA cipher (cryptographic algorithm) is a series of transformations that convert plaintext to unreadable text (ciphertext), using the cipher key.

Keystream – A set of random or pseudorandom characters that are used to combine plaintext messages during encryption.

9

SECURITY ENGINEERINGATTRIBUTES OF A STRONG CIPHER (Algorithms)• There should be long periods of no repeating patterns,

which means that the bits generated by the keystream must be random.• The cipher must be statistically unpredictable, ensuring

that the bits generated from the keystream generator cannot be predicted.• The keystream should not be linearly related to the key so

that someone who guesses the keystream cannot also guess the key.• The keystream should be statistically unbiased, ensuring

that there are the same number of 0’s and 1’s.• The cipher should contain the right level of confusion and

diffusion.10

11

SECURITY ENGINEERING Strong Cipher Concepts

Confusion:- A mechanism to hide the relationship of the

encryption key, plaintext, and ciphertext.- It reinforces the complexity to increase the work

factor of reverse-engineering- The attacker should not be able to predict what

changing one or more characters in the plaintext will do to the resulting ciphertext.

Diffusion: - A mechanism to obscure redundancy in a plaintext by

spreading the effects of the transformation over the ciphertext.

12


Cryptographic ConceptsDiffusion cont’d:- It changes the value of at least one bit in a block of

plaintext being encrypted and will affect the value of every other bit in the same block.

- It does dissipate the redundancy of plaintext by spreading it out over the ciphertext.

- It impedes any statistical/frequency analysis based on word or character occurrence.

Any well-designed algorithm should utilize properties of both confusion and diffusion.

SECURITY ENGINEERINGCIPHER TYPES & MODES

• Substitution Ciphers• Transposition Ciphers

Methods of Encryption 1. Substitution methods

- substituting one bit for another bit - destination has to have the correct key to indicate how to substitute the original bit back in

2. Transposition methods - Bits are moved to new places in bitstream - Bits are scrambled - The destination has to have the correct key to indicate how to unscramble the bits

13

SECURITY ENGINEERINGInitialization VectorsRandomly-generated value used by many cryptosystems to ensure that a unique a ciphertext is generated when there are multiple ciphertext generated by the same key.It is simply a continuously changing number used in combination with a secret key to encrypt data.Key:Long string of random values. The key is the element that effects randomness in the work of the algorithm. In other words, the key values are used by the algorithms to indicate which mathematical equations to use and in which order, and also with what values.Key Space: Comprises all the possible values that can facilitate the generation of a key.The large the key size the larger the key space ( 2 64 < 2 128 ).Therefore the larger the key space the more values an attacker has to deal with via brute force. 14

SECURITY ENGINEERINGExclusive-OR (XOR)

• Another name for binary addition: an XOR operation results in 0, if both values are the same or 1, if they are different.

• Provides simple and efficient method to combine two values.• Used in many stream and block ciphers for substitution

operations.• Rules:

• If both bits are the same, the result is 0• 0 XOR 0 = 0• 1 XOR 1 = 0

• If bits are different, the result is 1• 1 XOR 0 = 1• 0 XOR 1 = 1

• Example of XOR in operation:• Assume you have two binary values: 11100101 and 10101111• If you XOR them, you get 01001010• In order to get back the original value, you just need to XOR the second

value (101001111) back into the result (01001010).

15

SECURITY ENGINEERINGAlgorithm:An algorithm is a well-defined mathematical/computational procedure that takes a variable input and generates a corresponding output. It performs the actual encryption and decryption process.

Work Factor: The amount of effort and resources, such as time, needed by an

attacker to break into a system.

16

SECURITY ENGINEERINGMethods of Encryption

Symmetric vs. Asymmetric AlgorithmsBlock & Stream CiphersHybrid Encryption Methods

17


The Mathematics of Encryption

18

ALGORITHMS

SYMMETRIC ASYMMETRIC

Block Factoring

Stream Discrete Logarithm

s

SECURITY ENGINEERINGCIPHERS TYPES & MODESa.Block ciphersMessage divided into blocks of bitsEach block is encrypted (algorithm applied) separatelyWhole message is not encrypted as one entityBest used in software implementationsUses diffusion, confusion, and substitution boxes in each

step

b. Stream ciphersEncrypts (applies mathematical functions) individual bits

of the messageMore complex as compared to block ciphersBest used in hardware implementations 19

20


Block Cipher ModesElectronic Code Book (ECB)ECB is a block cipher mode used primarily to disguise the

pattern of a ciphertext. That is when each block of plaintext is also encrypted and in addition mapped to a code.

Cipher Block Chaining (CBC)Ciphertext from previously encrypted block is used to encrypt

the next block of dataProvides more randomness and patterns are not as much of a

concern as in ECB code

21

SECURITY ENGINEERING Block Cipher Modes CFB & OFBa.k.a. Stream Cipher Emulation Modes

Cipher Feedback (CFB) ModePrevious ciphertext is used to encrypt the next block of data.Basically the same as the CBC mode except the CFB

emulates a stream cipher by using a keystream generator.

Output Feedback (OFB) ModeValues from a previous keystream are used to encrypt the

next block of dataOften used to encrypt satellite communications

SECURITY ENGINEERING• Symmetric Systems

Uses a shared secret key for encryption and decryption

Based on mathematical transposition and substitution functions

Faster than asymmetric and hard to break. Examples below:

Data Encryption Standard (DES)Triple-DESAdvance Encryption Standard (AES)International Data Encryption Algorithm (IDEA)BlowfishRC4RC5RC6 22


•Weaknesses of Symmetric SystemsDifficulty in distributing secret key

securely to recipientsScalability – extremely difficult for large

groups to useDoes not provide authentication and

non-repudiation because sender cannot be established if multiple users have the same key

Keys must be regenerated often

23

SECURITY ENGINEERINGAsymmetric SystemsUses a pair of keys (private and public) for encryption and

decryptionBuilt upon hard-to-resolve mathematical problem using

factorization, discreet logarithms, and the elliptic curve theory.Slower than symmetric algorithm.

Strengths of Asymmetric SystemsAddition of new users may require the generation of only

one public-private key pairUsers can be removed far more easily via a key revocation

mechanismKey regeneration is required only when a user’s private key

is compromisedAsymmetric encryption key can provide integrity,

authentication, and nonrepudiationKey distribution is a simple processNo preexisting communication links need to exist.

24


Types of Asymmetric SystemsThe Diffie-Hellman AlgorithmRSAEl GamalElliptic Curve CryptosystemsLUCKnapsackZero Knowledge Proof

25


Diffie-Hellman Key Exchange Algorithm (Asymmetric)The Diffie-Hellman Key Exchange Algorithm

allows two entities to exchange a secret key over an insecure medium

Developed in 1976 by Whitfield Diffie and Martin Hellman

It is based on the asymmetric algorithm scheme

26


Message IntegrityThe One-Way HashVarious Hashing AlgorithmsAttacks against One-Way hash FunctionsDigital SignaturesDigital Signature Standard

27

SECURITY ENGINEERINGHashing Algorithms

Uses a one-way mathematical function.Characteristics:Accepts variable-length string (message) and generates

a fixed-length value (hash value)No key is involvedNo confidentiality is provided because nothing is getting

encryptedSimilar to a CRC functionCreates a “fingerprint” of the message

28

SECURITY ENGINEERINGHashing Algorithms:MD2 (128-bit digest)MD4 (128-bit digest)MD5 (128-bit digest)SHA-1 (160-bit digest : NIST)SHA-256 (256-bit digest : NIST)SHA-512 (512-bit digest : NIST)HAVAL (Variable length message digest)RIPE MD-150, RIPE MD-128TIGER

29

SECURITY ENGINEERINGSecurity Issues in Hashing

Strength Hashing Algorithm:

Hash should be computed over entire messageMessages cannot be disclosed by MD valueDifferent messages should generate different

MD values – ie. Collision free

30

SECURITY ENGINEERING Digital Signatures

Providing Authenticity and Non-repudiationAfter message is put through a hashing algorithm,

the MD is encrypted with the sender’s private keyReceiver validates the digital signature by

decrypting it with the sender’s public keyProvides data integrity, authenticity, and non-

repudiation

31

SECURITY ENGINEERING Digital Signatures

32

SECURITY ENGINEERINGU.S. Government Standard Digital Signature Standard (DSS):

Secure Hash Algorithm (SHA) must be used for message digest creation

DSA, RSA, and ECDSA asymmetric algorithms can be used for digital signature creation

ECDSA – elliptic curve digital signature algorithm

33


Public Key Infrastructure (PKI)Certificate AuthorityCertificatesThe Registration AuthorityPKI Steps

34

SECURITY ENGINEERING Public Key Infrastructure (PKI) (e.g. Certification

Authorities, etc.)

Key Components of PKI• CA• RA• Certificate repository• Certificate revocation system

35


Authorities, etc.)

Certificate Authority (VeriSign, Thawte, GoDaddy.com, DigiCert, etc.)Creates digital certificateBinds customer’s identity to public keySends certificate directly to user (customer)Maintains certificate throughout its lifetime

X.509 v3 is the standard that defines Digital Certificates.

36


Authorities, etc.)

Registration Authority:Accepts registration requests from buyersValidates user’s identitiesPasses requests to CACannot create certificates

37

SECURITY ENGINEERINGPublic Key Infrastructure (PKI)

Digital Certificates

CharacteristicsCurrently using X.509 version 3Associates public key with ownerDigitally signed by CA

38


Public Key Infrastructure (PKI) Certificate Details

VersionSerial numberIssuer nameValidity periodSubject (user) nameetc

39


Public Key Infrastructure (PKI)

Certificate Repository Storage of certificatesUsually publicly accessibleEach certificate is digitally signed, therefore,

eliminating the possibility of being modified

40

DOMAIN #3 – SECURITY ENGINEERING

Public Key Infrastructure (PKI)

Certificate Revocation List (CRL) Certificates can be revokedCRL is a list of certificates that have been revokedMethod to inform the public about status of certificates

Online Certificate Status Protocol (OCSP)

41

SECURITY ENGINEERINGKey Management

Key Management PrinciplesKey must not be in cleartext.There should be recovery options for keys

Rules for Keys & Key ManagementKey length must be long enough to provide the

necessary protectionKey should be stored and transmitted by secure

meansKeys should be extremely random, and the

algorithm should use the full spectrum of keyspace.

The keys lifetime should correspond to the sensitivity of the data it is protecting

The more the key is used the shorter its lifetime should be

Keys should be backed up or escrowed for emergencies

Keys should be properly destroyed at the end of their lifetimes

42

GOOD LUCK!ASM Educational Center Inc. (ASM)Where Training, Technology & Service Co

nvergewww.asmed.com

Phone: (301)984-740043

http://www.asmed.com/