Cryptography FULL

S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
C r y p t o g ra p h y |1
Cryptographic Terminology and Symmetric Algorithms

Learning objective
After completing this topic, you should be able to define key cryptographic terms and distinguish between types of symmetric key algorithms.
1. Cryptography
Cryptography is the method of protecting secret information from unauthorized people by storing and transmitting information in an unreadable format. Cryptography provides confidentiality denies unauthorized people from accessing information because information is stored and transmitted using cryptographic techniques availability ensures availability of information to authorized people only integrity assures that information is not modified accidentally or intentionally nonrepudiation establishes that a sender has sent information so that he cannot later deny having sent the information Some important milestones in the development of cryptographic techniques happened during 2000 BC 1300 AD 1500 AD 1900 AD 2000 BC Around 2000 BC in Egypt, hieroglyphics were used in inscriptions telling life stories of the deceased to make the life stories look ceremonial and noble. 1300 AD In 1379, Gabrieli di Lavinde compiled a combination substitution alphabet and small code nomenclator, which was used by diplomats for a very long period because of its convenience. 1500 AD In 1585, Blaise de Vigenere developed the polyalphabetic substitution cipher, which has 27 shift alphabets and the letters are shifted up only one place. It uses the Vigenere table to identify substitution letters for letters in plaintext. 1900 AD
2| Cr y p t o g r a p h y
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
In 1919, a rotor-based cipher machine was invented, which used different rotors within the machine to substitute letters. This led to the invention of the popular Enigma machine in 1923. Cryptography has developed over the centuries.
Supplement
Selecting the link title opens the resource in a new browser window.
Launch window View the history of cryptography. Some encryption and decryption related cryptographic terms are ciphertext plaintext decipher encipher work factor ciphertext Ciphertext is the data that has been encrypted and is unreadable until it has been converted into plaintext. plaintext Plaintext or cleartext is the original readable text before it is encrypted. decipher Decipher is the act of decrypting ciphertext into plaintext by means of an appropriate key. encipher Encipher is the act of encrypting plaintext into ciphertext by means of an appropriate key. work factor Work factor is the estimated time and effort required for an attacker to overcome a security control and break a cryptosystem. These are some key cryptographic terms: algorithm a small procedure or formula used for encryption and decryption cryptosystem hardware or software implementation of cryptography used to convert plaintext to ciphertext and ciphertext to plaintext
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
cryptology science that incorporates both cryptography and cryptanalysis, which deals with hidden, disguised, or encrypted communications including communications security and communications intelligence Some more cryptographic terms include
key key clustering keyspace data origin authentication entity authentication key A key is a discreet data set that controls the operation of a cryptography algorithm. In encryption, a key specifies a particular transformation of plaintext into ciphertext or ciphertext to plaintext during decryption. key clustering Key clustering occurs when two different keys generate the same ciphertext from the same plaintext. keyspace A keyspace is the range of possible values that can be used to construct keys. data origin authentication Data origin authentication is a system-based authentication that is used to verify the source of a message. entity authentication Entity authentication is used to verify the identity of an entity that sent a message. A cipher is an algorithm that helps represent plaintext units or single letters in the form of ciphertext using arbitrary symbols or group of symbols. These are the different types of ciphers used currently:
substitution cipher replaces bits, characters, or blocks with different bits, characters, or blocks transposition cipher uses permutation to scramble letters and the key to determine the positions to which the characters are moved running key cipher uses real world objects such as books to describe each word by a sequence of numbers concealment cipher ensures every X word within a text is part of the real message block cipher applies a cryptographic key and algorithm to a block of data at once rather than one bit at a time
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
stream cipher applies a cryptographic key and algorithm to one bit at a time in a data stream Cryptanalysis is the study of ciphertext and cryptosystems to find weaknesses in them. It involves breaking encryption and obtaining plaintext from ciphertext without using a key or an algorithm. Frequency analysis, the main method of cryptanalysis, involves analysis of patterns of letters. Some letters of the alphabet appear more frequently than others. Frequency analysis relies on ciphers that do not hide these statistics.
Question
Match the cryptographic term to the corresponding definition. Options:
1. 2. 3. 4. Ciphertext Cryptosystem Key Key clustering
Targets:
A. A discreet data set that controls the operation of a cryptography algorithm B. Encrypted data that is unreadable C. The hardware or software implementation of cryptography D. Two different keys generate the same ciphertext
Answer
A key is a discreet data set that controls the operation of a cryptography algorithm. Ciphertext is the encrypted data that is unreadable until it is decrypted. A cryptosystem is the hardware or software implementation of cryptography. Key clustering occurs when two different keys generate the same ciphertext from the same plaintext. Ciphertext is the encrypted data that is unreadable until it has been converted into plaintext. A cryptosystem is the hardware or software implementation of cryptography used to convert plaintext to ciphertext and ciphertext to plaintext. A key is a discreet data set that controls the operation of a cryptography algorithm. A key specifies a particular transformation of plaintext into ciphertext or ciphertext to plaintext.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Key clustering occurs when two different keys generate the same ciphertext from the same plaintext.
Question
Match the different types of ciphers to the correct description. Options:
1. 2. 3. 4. Block Running key Stream Transposition
Targets:
A. Applies a cryptographic algorithm to a block of data B. Applies a cryptographic algorithm to one bit at a time C. Uses permutation to scramble letters D. Uses real world objects to describe each word by a sequence of numbers
Answer
The block cipher applies a cryptographic key and algorithm to a block of data at once. The stream cipher applies a cryptographic key and algorithm to one bit at a time. The transposition cipher uses permutation to scramble letters. The running key cipher uses real world objects such as books to describe each word by a sequence of numbers. The block cipher applies a cryptographic key and algorithm to a block of data at once rather than one bit at a time. The running key cipher uses real world objects such as books to describe each word by a sequence of numbers. The stream cipher applies a cryptographic key and algorithm to one bit at a time in a data stream. In the transposition cipher, letters are scrambled using permutation and the key determines the positions to which the characters are moved.
2. Symmetric encryption
Encryption emerged as an art but was later used to protect secret information related to warfare, commerce, and government arenas. Encryption is the key
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
process used in cryptography and it has become an integrated part of the computing world with the advent of the Internet. Encryption involves encoding plaintext into ciphertext using encryption algorithms and keys. Only the intended recipient can access the encrypted data by using the reverse algorithm and the same key. The two types of encryption are symmetric key encryption uses a shared secret key for both encryption and decryption asymmetric key encryption uses two separate keys for encryption and decryption In symmetric key encryption, the sender and receiver use two instances of the same key. This key provides the encryption and decryption functionality and should be secured properly by each user. When a user wants to send data, the user encrypts data with a secret key. A copy of this key is shared with the intended recipient, who uses the secret key for decryption. These are the strengths of symmetric key systems: faster than asymmetric systems because simple algorithms are used hard to break if a large key size is used, providing confidentiality These are the weaknesses of symmetric key systems: the secret key needs to be secured properly by multiple users as the number of users increase, the number of keys increase, leading to complex key management does not provide authentication and nonrepudiation because the sender cannot be established if multiple users use the same key Unlike symmetric key encryption, asymmetric key encryption uses two separate, mathematically related keys for encryption and decryption. The two types of keys are private and public. Asymmetric key encryption is slower than symmetric key encryption because it involves complex mathematical operations. Asymmetric systems provide authentication and nonrepudiation when the recipient uses his private key to encrypt data to respond to the sender. Asymmetric systems also provide easy key management and better scalability than symmetric systems.
Question
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
What are the characteristics of symmetric key encryption? Options:

1. 2. 3. 4. Involves complex mathematical operations Provides complex key management Uses a shared secret key Uses public and private keys
Answer
Symmetric key encryption provides complex key management and uses a shared secret key for both encryption and decryption. Option 1 is incorrect. Asymmetric, not symmetric key encryption involves complex mathematical operations. Option 2 is correct. Symmetric key encryption provides complex key management because an increase in the number of users leads to an increase in the number of keys. Option 3 is correct. Symmetric key encryption uses a shared secret key for both encryption and decryption. Option 4 is incorrect. Asymmetric, not symmetric key encryption uses public and private keys. Different types of symmetric encryption algorithms have different ways of providing encryption and decryption functionality. These are the common symmetric encryption algorithms: Data Encryption Standard Triple Data Encryption Standard Advanced Encryption Standard Data Encryption Standard These are the characteristics of Data Encryption Standard (DES):
certified by the National Institute of Standards and Technology (NIST) block cipher based on IBM's 128-bit Lucifer algorithm operates on 64-bit blocks of plaintext uses a 56-bit key with additional 8 parity bits key space is 2^56
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
The DES algorithm divides plaintext into blocks of 64 bits and operates on each block one at a time. Sixteen rounds of transposition and substitution functions depending on the value of the key are performed on each block to produce ciphertext of 64 bits. There are five different modes of DES operation that provide different functionalities for different environments. These include In the Electronic Code Book (ECB) mode, a 64-bit block of plaintext is entered into the algorithm with a key to produce ciphertext. For a specific block of plaintext and key, the same block of ciphertext is always produced. The key consists of instructions to be used by the code book. The code book specifies how substitutions and permutations will be performed on plaintext. This mode is fast and easy and is used to encrypt small amounts of data such as personal identification numbers (PINs). This mode works with blocks independently, so is used for encryption in databases but is not used for encrypting large amounts of data. In the Cipher Block Chaining (CBC) mode, each block of plaintext, the key, and the value based on the previous block are processed in the algorithm and applied to the next block of plaintext. Ciphertext is extracted from the previous block of plaintext and used for the next block, linking the blocks and chaining them together. If a block of plaintext is the first in sequence and does not have any preceding blocks, a 64-bit initialization vector (IV) is XORed with the first block. This mode produces random ciphertext. So individual blocks and the whole message does not show any patterns that will help the attacker uncover the key. The Cipher Feedback (CFB) mode works combining a block cipher and a stream cipher. An IV and a key are used by the algorithm, which produces a keystream. The first block of plaintext is XORed with this keystream and produces ciphertext. One copy of this ciphertext goes to the server and another copy of this ciphertext along with another key is used by the algorithm to produce another keystream for the next block of plaintext. The extra copy of ciphertext brings more randomness to the encryption process. This mode is useful when a steady stream of data that is less than 64 bits needs to be encrypted and transmitted because this mode can encrypt blocks of any size including blocks of just 1 bit. The Output Feedback (OFB) mode is similar to the CFB mode, but in this mode, the values that are used to encrypt the next block of plaintext in sequence, come
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
directly from the keystream and not from the resulting ciphertext of the previous block. This mode helps in cases when some bit or bits of ciphertext gets corrupted because the corrupted bits are not carried forward. This mode is useful when small amount of data needs to be encrypted, like in a stream cipher. However, in this mode, there are lesser chances of creation or expansion of errors. The counter mode is similar to the OFB mode but this mode uses an IV counter instead of a random IV value to generate the keystream values. The counter increments for each block of plaintext that needs to be encrypted. There is no chaining involved in this mode because no previous ciphertext is used for encrypting the successive block of plaintext. Encryption can happen in parallel, leading to performance enhancement. The advantage of DES is that it is a fast algorithm and provides reasonably secure transmission of everyday information. The disadvantage of DES is that it is a weak algorithm in today's computing environment because the 56-bit key does not provide much protection from potent brute force attacks. Triple Data Encryption Standard Triple Data Encryption Standard (3DES) uses three 56-bit keys and encrypts/decrypts data three times with these three keys, effectively making a 168bit key. 3DES uses 48 rounds in its computation. 3DES works in different modes, where each mode uses a specific number of keys to perform specific functions. These modes are
DES-EEE3 uses three different keys for encryption, and the data is encrypted three times DES-EDE3 uses three different keys for encryption, and the data is encrypted, decrypted, and encrypted DES-EEE2 similar to DES-EEE3 but uses only two keys, and the first and the third encryption use the same key DES-EDE2 similar to DES-EDE3 but uses only two keys, and the first and the third encryption use the same key
3DES works in the same way as DES but three times over using the three keys: k1, k2, and k3. The plaintext is encrypted using the k1 key. This result is encrypted by the k2 key and the result is again encrypted by the k3 key to get ciphertext. This working is specific to the DES-EEE mode and varies according to the DES mode being used.
10 | C r y p t o g r a p h y
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
These are the advantages of 3DES:

easy to implement in hardware and software compared to other algorithms based on DES, which is a very trusted cipher much faster than public key cryptography methods
These are the disadvantages of 3DES:

heavy performance hit due to a large number of computation rounds using three separate keys unsafe transmission of the secret key among users
Advanced Encryption Standard Advanced Encryption Standard (AES) is a symmetric block cipher based on the Rijndael algorithm and supports key sizes of 128, 192, and 256 bits. The Rijndael algorithm supports block sizes of 128, 192, and 256 bits. The number of computation rounds can be 10 to 14 and depends on the block size and key length. If both key and block size is
128 bits, there are 10 rounds 192 bits, there are 12 rounds 256 bits, there are 14 rounds
AES operates on a 4x4 array of bytes called the states. Each encryption round, except the last, consists of four stages:
AddRoundKey a round key, derived from the cipher key, is combined with each byte of the state SubBytes each byte is substituted with another using a lookup table ShiftRows each row of the state is shifted cyclically a specific number of steps MixColumns four bytes in each column are combined using a linear transformation
These are the advantages of AES:

can be implemented in a wide range of processors, hardware, and environments has low memory requirements can defend against timing attacks key lengths of 192 or 256 bits can provide utmost security even for future applications
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 11
The disadvantage of AES is that it has a low number of computation rounds. The 3DES provides more security than the DES. The AES is a very secure symmetric encryption algorithm that uses variable block and key lengths. Some other common symmetric encryption algorithms are Blowfish International Data Encryption Algorithm RC4 RC5 RC6 CAST Blowfish Blowfish is a block cipher that works on 64-bit data blocks using a key length that can go up to 448 bits. The data blocks go through 16 rounds of cryptographic functions. International Data Encryption Algorithm International Data Encryption Algorithm (IDEA) is a block cipher that operates on 64-bit data blocks using a 128-bit key. The 64-bit data block is divided into four 16bit blocks and each has eight rounds of mathematical functions performed on it. IDEA is faster than DES. It is more secure than DES because of the large key size. IDEA is used in Pretty Good Privacy (PGP) encryption. RC4 RC4 is a popular and most commonly implemented stream cipher. It has a variable key size and is used in the Secure Sockets Layer (SSL) protocol. It is a trademark of the RSA Data Security but sometimes referred to as ARC4. RC5 RC5 is a very fast block cipher that has a variety of parameters it can use for block size, key size, and the number of rounds used. Block sizes are 32 bits, 64 bits, and 128 bits, and the key size goes up to 2048 bits. RC6 RC6 is a block cipher based and built upon RC5 so it has all the features of RC5 but higher speed than RC5. RC6 uses a key size that can go up to 2040 bits, includes integer multiplication, and uses four 4-bit working registers instead of two 2-bit working registers. CAST
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
CAST is a 128-bit encryption algorithm that belongs to the Feistel cipher class of encryption algorithms. CAST is similar to DES because it uses a DES-like Substitution-Permutation Network (SPN) cryptosystem, which has good resistance to differential cryptanalysis. CAST uses a pair of subkeys per round: a 32-bit quantity key for masking and a 5-bit quantity key for rotation. CAST-256 has three different round functions, a block size of 128 bits, and a variable key size of 128, 160, 192, 224, or 256 bits.
Question
Match the features to DES, 3DES, and AES. Options:
1. 2. 3. 4. 5. 6. Based on 128-bit Lucifer algorithm Forty eight rounds of computation Fourteen rounds of computation Key size of 128, 192, and 256 bits Key size of 168 bits Sixteen rounds of computation
Targets:
A. AES B. DES C. 3DES
Answer
AES has fourteen rounds of computation and a key size of 128, 192, and 256 bits. DES is based on the 128-bit Lucifer algorithm and has sixteen rounds of computation. 3DES has forty eight rounds of computation and a key size of 168 bits.
Question
Match the symmetric encryption algorithms to the appropriate descriptions. Options:
1. 2. 3. 4. Blowfish CAST IDEA RC5
Targets:
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 13
A.
Uses 16 rounds of cryptographic functions to work on 64-bit data blocks B. C. D. Uses a variety of parameters for block size, key size, and the number of rounds used Uses an SPN cryptosystem and a pair of subkeys per round Uses eight rounds of mathematical functions on 64-bit data blocks divided into four 16-bit blocks
Answer
Blowfish is a block cipher that uses 16 rounds of cryptographic functions to work on 64-bit data blocks using a key length up to 448 bits. RC5 uses a variety of parameters for block size, key size, and the number of rounds used. CAST is a 128-bit encryption algorithm that uses an SPN cryptosystem and a pair of subkeys per round. IDEA is a block cipher that uses eight rounds of mathematical functions on 64-bit data blocks divided into four 16-bit blocks. Blowfish is a block cipher that uses 16 rounds of cryptographic functions to work on 64-bit data blocks using a key length that can go up to 448 bits. CAST is a 128-bit encryption algorithm that uses a DES-like SPN cryptosystem and a pair of subkeys per round: a 32-bit quantity key for masking and 5-bit quantity key for rotation. IDEA is a block cipher that operates on 64-bit data blocks using a 128-bit key. The 64bit data block is divided into four 16-bit blocks and each has eight rounds of mathematical functions performed on it. RC5 is a block cipher that has a variety of parameters it can use for block size, key size, and the number of rounds used. Block sizes are 32 bits, 64 bits, and 128 bits, and the key size goes up to 2048 bits.
Summary
Cryptography is the method of storing and transmitting information in an unreadable format. Cryptography has developed over the centuries. A cipher is an algorithm that helps represent plaintext units or single letters using arbitrary symbols or a group of symbols. Cryptanalysis is the study of ciphertext and cryptosystems. Symmetric key encryption uses a shared secret key for both encryption and decryption. DES, 3DES, and AES are some common symmetric encryption algorithms.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Asymmetric Algorithms
Learning objective
After completing this topic, you should be able to distinguish between types of asymmetric algorithms.
1. Asymmetric algorithms
Asymmetric algorithms, or public key algorithms, perform encryption and decryption in a completely different way to symmetric algorithms. Symmetric algorithms use a single shared key, which changes per session, for encryption and decryption. Whereas asymmetric algorithms use two different, but mathematically related static keys. One key is used for encryption and its corresponding key is used for decryption. One of these keys is kept private and the other is made public. The public key is useless without the private key.
Note
Both public or private keys have the capability to encrypt or decrypt data. Asymmetric algorithms work using trapdoor one-way functions, which are used to mathematically relate the public and private keys. One-way functions are those that are easy to compute in one direction but not in the reverse direction. The forward direction is used for encryption and the reverse direction for decryption, making decryption a highly complex and time-consuming process. Trapdoor functions are easy to compute in the reverse direction if specific information (trapdoor) is given. The private key provides information for the trapdoor. A person who knows the trapdoor can perform encryption and decryption easily. But a person who does not know the trapdoor can only perform encryption and not the reverse process of decryption. Suppose Greg performs encryption using his private key. Dave receives this encrypted data from Greg. To decrypt the data, Dave uses a copy of Greg's public key. If Dave wants to send an encrypted reply to Greg, he will combine the reply with Greg's public key. Greg can then decrypt the reply using his private key. If Dave uses his private key to encrypt the reply, Greg will be assured that the reply has come from Dave and not any other user who also has Greg's public key. This provides authentication.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 15
There are different types of asymmetric algorithms: RSA DSA Diffie-Hellman ECC RSA The RSA algorithm, invented by Ron Rivest, Adi Shamir, and Leonard Adleman, provides both authentication (digital signatures) and key encryption. The key length is 768, 1024 bits. This algorithm is based on the fact that two very large prime numbers can be easily multiplied but cannot be easily factored. The public and private keys are functions of this pair of prime numbers. Here is how the RSA algorithm generates the public and private keys: 1. choose two large prime numbers, p and q 2. calculate n = p * q 3. choose a random number, e, as the encryption key such that e and (p-1) * (q-1) are relatively prime 4. compute d from e * d = 1 mod (p-1) * (q-1) The public key = (n, e) and the private key = d. C = mê mod n gives the ciphertext (C) and m = C^d mod n gives back the original message (m). The RSA algorithm has been used in
various Web browsers with Secure Sockets Layer (SSL) Microsoft, Apple, Sun, and Novell operating systems Pretty Good Privacy (PGP) encryption IPSecurity (IPSec) network interface cards, secure telephones, and smart cards symmetric key encryption using the Data Encryption Standard (DES) or Advanced Encryption Standard (AES)
The RSA algorithm when used with IPSec provides

encryption the sender uses the receiver's public key to encrypt data and sends the data back to the receiver, who decrypts the data using the corresponding public key.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
digital signatures the sender encrypts a hash value with a private key and sends the data to the receiver, who uses the sender's public key to decrypt and obtain the hash value. The hash value, obtained from the sender's public key, assures that the value has come from the sender.
DSA The Digital Signature Algorithm (DSA) is used for digital signatures only and not for encryption. The key length varies from 512 bits to 1024 bits. When creating signatures, the DSA works at the same speed as the RSA algorithm. But when verifying signatures, the DSA works 10 to 40 times slower. The DSA works with the Secure Hash Algorithm-1 (SHA-1). SHA-1 generates the message hash on which the secret key operates. To verify a signature, you need to recompute the hash of the message, use the public key to decrypt the signature, and then compute the results. The DSA is mainly used in government installations. Diffie-Hellman The Diffie-Hellman algorithm is not used for encryption or digital signatures, but for obtaining the secret key between two parties over an insecure medium, which is known as the key agreement procedure. The two parties can exchange the secret key without exchanging any prior secrets. The key length is 768, 1024 bits. The Diffie-Hellman algorithm requires each communicating party to generate a pair of public and private keys. The private key of one party is combined with the public key of the other party to compute the shared secret key, which helps the two parties communicate. Suppose James and Cathy want to communicate. James generates a private value, a, and Cathy generates a private value, b. The Diffie-Hellman protocol has two system parameters, p and g. The public value of James is calculated as gâ mod p, and the public value of Cathy is calculated as g^b mod p. James computes gâb = (g^b)â mod p, and Cathy computes g^ba = (gâ)^b mod p. gâb = g^ba = k, where k is the shared secret key. The Diffie-Hellman algorithm is vulnerable to man-in-the-middle attacks because the communicating parties are not authenticated. Suppose Mike intends to break-in the communication between James and Cathy. Mike will interpret James' public value and send his own public value to Cathy. When Cathy transmits her public value, Mike replaces this value with his own and sends it to James. Therefore, James and Mike have a shared secret key, and Cathy and Mike have another shared secret key. This way, Mike is able to decrypt
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 17
the messages sent out by James and Cathy and modify, re-encrypt, and transmit the modified messages to James and Cathy. ECC Elliptic Curve Cryptography (ECC) provides digital signatures, secure key distribution, and encryption. ECC is based on the study of elliptic curves, which are drawn as gently looping lines in the (X,Y) plane. ECC uses the Abelian group of points of an elliptic curve. On the curve, a specific type of point addition can be defined that helps add two given points on the curve to determine the third point on the curve. Here is how ECC works. Consider horizontal and vertical lines, drawn on an XY plane, which generate the coordinate (X,Y) on intersection. An elliptic curve is drawn on this plane. Given any two points, a and b, on the curve and a definable operator, any third point, c, on the curve can be determined. Any straight line that passes through the curve, intersects it at three points. The straight line drawn through a and b, gives the third intersecting point, c. A vertical line drawn through c gives the final intersecting point at x, therefore, depicting that a + b = x. The ECC requires a shorter key length. This reduces the processing time, for equivalent security levels as compared to the integer factorization problem and the discrete logarithm problem faced by other asymmetric algorithms. The discrete log problem is now easier to solve in ordinary number groups than in elliptic curve groups because of Number Field Sieve (NFS) techniques. So to increase the security level of the traditional asymmetric algorithms, key lengths need to be increased. But ECC requires shorter key lengths to provide security to highly complex discrete log problems in elliptic curve groups. The asymmetric algorithms are used to create public/private key pairs, perform key exchange or agreement, and generate and verify digital signatures. Some more asymmetric algorithms include El Gamal Knapsack LUC El Gamal El Gamal is used for encryption, key exchange, and digital signatures. The key length is 768, 1024 bits. This algorithm is based on the discrete logarithm problem. El Gamal is an extension of the Diffie-Hellman algorithm because it allows for message encryption as well. RSA and El Gamal have a similar strength of security for equivalent key lengths.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
The disadvantage of this algorithm is that it depends on the randomness of some parameters used in the algorithm and is very slow when used for digital signatures. Knapsack The Knapsack algorithm has different versions Merkle-Hellman and Chor Rivest. It provides encryption and digital signature capabilities. This algorithm is based on the problem of selecting a number of objects with given weights from a large set such that the sum of weights is equal to a prespecified weight. Although, this algorithm is based on a difficult problem to solve, it is considered weak and no longer used in cryptosystems. LUC The LUC implements the best features of El Gamal, RSA, and Diffie-Hellman systems and is based on Lucas sequences to implement a discrete logarithm in a finite field. The use of Lucas sequences increases the computation time.
Question
Match each asymmetric algorithm to the correct description of its features and usage. Options:
1. 2. 3. Diffie-Hellman DSA RSA
Targets:
A. Used for authentication and key encryption based on the fact that two very large prime numbers can be multiplied easily but cannot be factored easily B. Used for digital signatures only, uses a key length that varies from 512 bits to 1024 bits, and works with SHA-1 C. Used to perform key exchange over an insecure medium and is vulnerable to man-inthe-middle attacks
Answer
The RSA asymmetric algorithm is used for authentication and key encryption based on the fact that two very large prime numbers can be multiplied easily but cannot be factored easily. The DSA is used for digital signatures only, uses a key length that varies from 512 bits to 1024 bits, and works with SHA-1. The Diffie-Hellman algorithm is used to perform key exchange over an insecure medium and is vulnerable to manin-the-middle attacks.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 19
The Diffie-Hellman algorithm is not used for encryption or digital signatures but for obtaining the secret key between two parties over an insecure medium. This algorithm is vulnerable to man-in-the-middle attacks because the communicating parties are not authenticated. The DSA asymmetric algorithm is used for digital signatures only and not for encryption. The key length varies from 512 bits to 1024 bits. The DSA works with SHA-1, which generates the message hash on which the secret key operates. The RSA asymmetric algorithm provides both authentication and key encryption. It is based on the fact that two very large prime numbers can be multiplied easily but cannot be factored easily. These are the advantages of asymmetric key algorithms: provide better key distribution and scalability than symmetric systems can provide authentication and nonrepudiation These are the disadvantages of asymmetric key algorithms: involve mathematically intense tasks, therefore, they are much slower than symmetric systems not suitable for encrypting bulk data
Question
How do asymmetric algorithms work? Options:
1. 2. 3. 4. By using a dynamically changing key By using a single shared secret key By using the public and private keys By using trapdoor one-way functions
Answer
Asymmetric algorithms work by using the public and private keys and trapdoor oneway functions. Option 1 is incorrect. Asymmetric algorithms use two different, but mathematically related static keys. Option 2 is incorrect. Symmetric, not asymmetric, algorithms use a single shared secret key for encryption and decryption.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Option 3 is correct. Asymmetric algorithms use the public and private keys to perform encryption and decryption. Option 4 is correct. Asymmetric algorithms use trapdoor one-way functions to mathematically relate the public and private keys.
Question
What are the advantages of using asymmetric key algorithms? Options:
1. 2. 3. 4. Faster than symmetric systems Involve mathematically simple tasks Provide authentication and nonrepudiation Provide better key distribution
Answer
Asymmetric key algorithms provide authentication and nonrepudiation and better key distribution. Option 1 is incorrect. Asymmetric key algorithms involve mathematically complex tasks so are much slower than symmetric systems. Option 2 is incorrect. Asymmetric key algorithms do not involve mathematically simple tasks but involve mathematically intense tasks, which make them slower than symmetric key algorithms. Option 3 is correct. Asymmetric key algorithms provide authentication and nonrepudiation. Option 4 is correct. Asymmetric key algorithms provide better key distribution than symmetric systems.
2. Message formats
Asymmetric key algorithms can perform different functions confidentiality, authentication, or both depending on which key is used to encrypt messages. Each function has its corresponding message format: secure message format message is encrypted by the receiver's public key open message format message is encrypted by the sender's private key secure and signed format message is encrypted by the sender's private key and then again encrypted with the receiver's public key
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 21
If confidentiality of information is the goal, then the recipient's public key is used to encrypt the message, which ensures that the message can be decrypted only by the recipient's private key. Suppose Eric and Kevin are working as software developers in Diallonic, a large company that is developing a software application to effectively control and manage the flow of information in an organization. Eric wants to send Kevin a piece of the source code for integration into the software application. The confidentiality of the source code is very important so that the source code does not leak out to any unauthorized person. Eric will encrypt this source code with Kevin's public key (secure message format) so that only Kevin can decrypt the source code with his private key. This ensures that only the desired person, here Kevin, can decrypt the confidential data. If verification of the sender's identity, or authentication, is important, the sender encrypts the message using his private key. This ensures that this message can only be decrypted using the sender's public key. This method does not ensure confidentiality because anyone can have the sender's public key. Suppose Nancy is working as the Human Resource Head at Imagenie. For the annual appraisal process, she requires each employee to send their supervisor review comments to her. Nancy needs to ensure that she receives the information from only the concerned employee. For this, she would need to establish the identity of the employee. To achieve this authentication functionality, each employee will encrypt his data with his private key and send it to Nancy, who will then decrypt each employee's data using that employee's public key. This will ensure that the data has come from the correct source. If confidentiality and authentication are the goals, message is encrypted using the sender's private key and then encrypted again using the receiver's public key. The message is first decrypted using the receiver's private key and then decrypted again using the sender's public key. Suppose Bruce and Frank are working on a common software development project. Bruce is developing one segment of the project, and Frank is developing another segment related to Bruce's segment. Bruce needs to send some secret development code to Frank. This information that is exchanged between them needs to be confidential while also ensuring that it has come from the correct sender and no unauthorized person. For this, Bruce will first encrypt the message using his private key and then encrypt again by Frank's public key. Frank will decrypt the message first using his private key and then decrypt again by Bruce's public key.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Question
Match each message format to the appropriate use scenario. Options:
1. 2. 3. Open message format Secure and signed format Secure message format
Targets:
A. Ensure message confidentiality B. Ensure message confidentiality and provide authentication C. Establish the sender's identity
Answer
The secure message format is used to ensure message confidentiality. The secure and signed format is used to ensure message confidentiality and provide authentication. The open message format is used to establish the sender's identity. The open message format is used to establish the sender's identity because the sender's private key is used for encrypting the message. The secure and signed format is used to ensure message confidentiality and provide authentication because the message is encrypted using the sender's private key and then again encrypted using the receiver's public key. The secure message format is used to ensure message confidentiality because the message is encrypted using the receiver's public key, which assures that only the receiver's private key can be used to decrypt the message.
Summary
Asymmetric algorithms use two different, but mathematically related static keys for encryption and decryption. Asymmetric cryptography works using trapdoor one-way functions. There are different types of asymmetric algorithms. Asymmetric key algorithms can perform different functions using different message formats.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 23
Using Symmetric and Asymmetric Algorithms

Learning objective
After completing this topic, you should be able to determine the appropriate cryptography implementation for a given scenario.
Exercise overview
In this exercise, you are required to determine the appropriate cryptography implementation for a specific scenario. This involves the following tasks: selecting the encryption method selecting the encryption algorithm
Task 1: Selecting the encryption method

Suppose you are Richard Hill and work as a cryptanalyst. Various organizations require your consultation for selecting the appropriate encryption method for protecting organizational data.
Step 1 of 2
Major Justin Grey is deployed in a war-zone. He needs to exchange secret data containing arms and ammunition information with Colonel Fred Allen and Brigadier General Mark Benson. Which is the appropriate encryption method you will suggest for this scenario that will help protect confidential data from leaking out to unauthorized personnel? Options:
1. 2. 3. 4. Asymmetric encryption Distributed key encryption Public key encryption Symmetric encryption
Result
Symmetric encryption is the appropriate encryption method that will help protect confidential data from leaking out to unauthorized personnel.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Option 1 is incorrect. The objective is confidentiality of data. Asymmetric encryption involves more number of keys compared to symmetric encryption; therefore key security can be a concern. Option 2 is incorrect. Distributed key encryption is not an encryption method. Option 3 is incorrect. Public key encryption is similar to asymmetric encryption and is not appropriate for this scenario, where data confidentiality is important. Option 4 is correct. Symmetric encryption is the appropriate encryption method because it uses a single secret key that is shared among the people exchanging data. The single key overcomes the security issues related with using separate keys.
Step 2 of 2
Simon Reeves is working as the Chief Finance Officer at Brocadero, a courier service company. For the annual audit process, the various department heads in the organization need to send data related to their departments to him. Simon needs to ensure that he receives the correct data from the correct person and that the data once sent cannot be reverted. Which is the most appropriate encryption method for this scenario? Options:
1. 2. 3. 4. Asymmetric encryption Distributed key encryption Private key encryption Symmetric encryption
Result
Asymmetric encryption is the most appropriate encryption method for this scenario because in this case, authentication and nonrepudiation are the more desired functionalities than data confidentiality. Option 1 is correct. Asymmetric encryption is the most appropriate encryption method here because authentication and nonrepudiation are more important than data confidentiality. Option 2 is incorrect. Distributed key encryption is not an encryption method. Option 3 is incorrect. Private key, or symmetric, encryption is appropriate when data confidentiality is more important than authentication or nonrepudiation.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 25
Option 4 is incorrect. Symmetric key encryption is appropriate when data confidentiality is more important than authentication or nonrepudiation.
Task 2: Selecting the encryption algorithm

After suggesting the type of encryption method, as a cryptanalyst you need to further suggest the appropriate encryption algorithm that should be used by an organization.
Step 1 of 6
Suppose Poseidon Bank wants to install a device at all its Automatic Teller Machines (ATMs) to encrypt the Personal Identification Number (PIN) of any customer using his ATM card for a transaction. This will ensure that PIN numbers cannot be revealed to bank employees, who can compromise the security of a PIN of a customer. Which is the appropriate encryption algorithm that should be used for encrypting PINs in this scenario? Options:
1. 2. 3. 4. DES Diffie-Hellman algorithm Knapsack 3DES
Result
Data Encryption Standard (DES) should be used for encrypting PINs in this scenario. Option 1 is correct. DES is the appropriate encryption algorithm that can be used for encrypting PINs because this algorithm is fast and reasonably secure. Option 2 is incorrect. The Diffie-Hellman algorithm is used for obtaining the secret key between two parties over an insecure medium, known as the key agreement procedure. Option 3 is incorrect. Knapsack is a weak algorithm and is no longer used in cryptosystems. Option 4 is incorrect. 3DES involves a large number of computation rounds leading to a performance hit. Therefore, it is not suitable for processing everyday information.
Step 2 of 6
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Zoflina is a metadata consulting firm focusing on revitalization of corporate data. All data revitalization services are supported by a unique metadata solution backbone. Data is transmitted through a wide variety of processors and environments. Which is the appropriate encryption algorithm that Zoflina should adopt to ensure the confidentiality of data? Options:
1. 2. 3. 4. AES DES 3DES DSA
Result
AES is the appropriate encryption algorithm that Zoflina should adopt to ensure confidentiality of data being transmitted among the wide range of processors and environments. Option 1 is correct. AES can be implemented in a wide range of processors, hardware, and environments. Option 2 is incorrect. DES is a weak algorithm and does not provide much protection from potent brute force attacks. Option 3 is incorrect. 3DES has a heavy performance hit due to a large number of computation rounds using three separate keys and involves unsafe transmission of the secret key among users. Option 4 is incorrect. DSA is used for digital signatures only and not for encryption.
Step 3 of 6
Portage Airlines has a real-time system for flight bookings, which processes the data spontaneously and not in batches. The confidentiality of data is important because online bookings contain personal information of people. Which is the appropriate encryption algorithm that Portage Airlines should adopt? Options:
1. 2. 3. 4. IDEA RC4 RC5 RC6
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 27
Result
RC4 is the appropriate encryption algorithm that Portage Airlines should adopt for encryption of data coming into their real-time system because it is a symmetric encryption algorithm that is implemented as a stream cipher. Option 1 is incorrect. IDEA is not appropriate for Portage Airlines because it is a block cipher. Option 2 is correct. RC4 is the appropriate encryption algorithm because it is a symmetric encryption algorithm, implemented as a stream cipher. Option 3 is incorrect. RC5 is not appropriate for Portage Airlines because it is a block cipher. Option 4 is incorrect. RC6 is not appropriate for Portage Airlines because it is a block cipher based and built upon RC5.
Step 4 of 6
Suppose the Ministry of Finance wants to authenticate the identity of a sender of information into their system and also ensure that no person can revert from having sent any data once sent. For this, the Ministry wants a signature mechanism to be used among people exchanging data. What is the appropriate encryption algorithm that should be deployed by the Ministry of Finance? Options:
1. 2. 3. 4. DES DSA El Gamal RSA
Result
DSA is the appropriate encryption algorithm that should be deployed by the Ministry of Finance to ensure authentication and nonrepudiation. Option 1 is incorrect. DES is a symmetric key algorithm and does not provide authentication and nonrepudiation. Option 2 is correct. DSA is used only for digital signatures and is mainly used in government installations. It is the appropriate encryption algorithm here, to ensure authentication and nonrepudiation.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Option 3 is incorrect. El Gamal is used for encryption, key exchange, and digital signatures. In this scenario, data encryption is not required but only digital signatures are required. Option 4 is incorrect. RSA provides both authentication (digital signatures) and key encryption. In this scenario, digital signatures are required, data encryption is not required.
Step 5 of 6
Suppose a space research organization requires an encryption algorithm that provides authentication and nonrepudiation along with data encryption. The organization wants to ensure that data is transmitted only to the concerned people and this data does not become accessible to unauthorized persons. Which is the appropriate encryption algorithm that should be deployed by the space research organization? Options:
1. 2. 3. 4. AES DES DSA El Gamal
Result
El Gamal is the appropriate encryption algorithm that should be deployed by the space research organization because this algorithm can be used for encryption, key exchange, and digital signatures. Option 1 is incorrect. AES is a symmetric key algorithm and does not provide authentication and nonrepudiation. Option 2 is incorrect. DES is a symmetric key algorithm and does not provide authentication and nonrepudiation. Option 3 is incorrect. DSA is not appropriate for this scenario because it provides only authentication and not data encryption. Option 4 is correct. El Gamal is used for encryption, key exchange, and digital signatures. This algorithm is appropriate in this scenario because here both data encryption and digital signatures (authentication) are required.
Step 6 of 6
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 29
To merge with another company, Phlogistix needs to exchange critical merger information over the Internet with the prospective company. Phlogistix does not want to send any prior secret information to the company and wants to follow an agreement protocol before exchanging information. Which is the appropriate encryption algorithm that should be deployed by Phlogistix? Options:
1. 2. 3. 4. AES CAST DES Diffie-Hellman
Result
The Diffie-Hellman algorithm is the appropriate encryption algorithm that should be deployed by Phlogistix because it is used for obtaining the secret key between two parties over an insecure medium without exchanging any prior secrets. Option 1 is incorrect. AES uses a single shared secret key for encryption. For any exchange of information among two companies, prior secrets would need to be exchanged. Option 2 is incorrect. CAST is similar to DES and would require exchange of prior secrets, before any data between two companies can be shared. Option 3 is incorrect. DES uses a single shared secret key for encryption. For any exchange of information among two companies, prior secrets would need to be exchanged. Option 4 is correct. The Diffie-Hellman algorithm is appropriate for this scenario because it is used for obtaining the secret key between two parties over an insecure medium without exchanging any prior secrets.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Cipher Types and Cryptanalytic Attacks

Learning objective
After completing this topic, you should be able to distinguish between types of cipher and identify different categories of cryptanalytic attack.
1. Cipher types and modes

A cipher is a series of transformations that convert plaintext to ciphertext using the cipher key. Some attributes of a strong cipher are there should be long periods of no repeating patterns, which means that the bits generated by the keystream must be random the cipher should be statistically unpredictable, ensuring that bits generated from the keystream generator cannot be predicted the keystream should not be linearly related to the key so that someone who guesses the keystream cannot also guess the key value the keystream should be statistically unbiased, ensuring that there are the same number of 0s and 1s the cipher should contain the right level of confusion and diffusion There are various types of ciphers: Block ciphers Stream ciphers One-time pads Block ciphers A block cipher works by dividing a message into blocks of bits on which mathematical functions are applied one block at a time. A fixed-length block of plaintext creates a block of ciphertext of the same length. Most block ciphers work with a block size of 64 bits. Block ciphers are more suitable for software implementations because they work with blocks of data usually the width of a databus of 64 bits. Block ciphers use these properties of operation associated with a secure cipher: Confusion is provided by carrying out complex substitution functions to make the
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 31
relationship between the key and the ciphertext very complex. This ensures that the key cannot be uncovered from the ciphertext, which disables a hacker from figuring out the right values to generate the plaintext. Diffusion takes place as individual bits of a block are scrambled or diffused throughout the block. A change in a single plaintext bit changes not just one ciphertext value, but many values. Substitution takes place using an S-box, which contains a lookup table that instructs how to perform permutation of bits for encryption. The decryption key dictates what S-boxes should be used and in what order. Stream ciphers A stream cipher works by treating messages as a stream of bits performing mathematical functions on each bit individually. A stream cipher generates a sequence of bits called a keystream. The keystream bits are XORed with the plaintext bits to produce ciphertext. If the generation of the keystream is independent of the plaintext and ciphertext, it is called a synchronizing cipher. If the keystream is dependent, the stream cipher is called self-generating. Stream ciphers encrypt and decrypt one bit at a time, which can be processor intensive. So stream ciphers are more suitable for hardware implementations. Stream ciphers are exceptionally faster than block ciphers. The encryption of any particular plaintext with a block cipher results in the same ciphertext when the same key is used. But in a stream cipher, the transformation of the plaintext units vary depending on when they are encountered during the encryption process. In a block cipher, the key provides randomness to the encryption process by determining what functions to apply to the plaintext and in what order. But in stream ciphers, the key provides randomness to the keystream that is XORed to the plaintext. One-time pads One-time pads use a keystream string generated completely at random that is XORed with plaintext bits. The keystream is the same length as the plaintext. Because the keystream is truly random and used only once, one-time pads are considered unbreakable. One-time pads are difficult to implement because it is difficult to distribute the pads of random numbers to all the necessary parties. Stream ciphers were developed to approximate one-time pads. But stream ciphers
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
do not provide the same level of protection that one-time pads do. However, stream ciphers are much more practical because they are implemented through software and automated means. Block ciphers meet the needs of a strong cipher because they divide a message into blocks of bits apply algorithms to each separate block of data use diffusion, confusion, and substitution boxes in each step use a key to determine functions to plaintext and the order of implementation of functions Stream ciphers also meet the needs of a strong cipher because they apply mathematical functions individually to each bit of a data stream and use a key to determine functions to plaintext and the order of implementation of functions. Block and stream ciphers use different cipher modes of operation, which include Cipher Feedback Output Feedback Electronic Code Book Cipher Block Chaining Cipher Feedback The Cipher Feedback (CFB) mode is considered a stream cipher. In this mode, the ciphertext is used by the key-generating device to create the next keystream for encrypting the next unit of plaintext. In the CFB mode, a block-sized buffer is filled with plaintext units, and the encryption algorithm is applied. The left most bit of the output is then used to encrypt the next unit of plaintext. Errors in the CFB mode propagate. To avoid vulnerability to replay attacks, the CFB mode uses an initialization vector (IV), which is a random string of variables, at the start of a plaintext message. When two ciphertext blocks are identical, the block cipher operation outputs at the next step are also identical. This causes information about plaintext blocks to leak. The speed of full feedback mode encryption is identical to the block cipher. Output Feedback The Output Feedback (OFB) mode is an additive stream cipher that works like the CFB mode, but in the OFB mode, the values that are used to encrypt the next unit of plaintext in sequence, come directly from the keystream and not from the previous ciphertext. Ciphertext errors in the OFB mode do not propagate to cause additional errors in the decrypted plaintext.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 33
The OFB mode is vulnerable to block replay attacks, where an attacker can easily manipulate plaintext. If the feedback size is not similar to the plaintext size, the strength of the encryption algorithm will be reduced. The speed of encryption is identical to the block cipher. The encryption process cannot be easily parallelized, but the keystream can be generated before the data for encryption is available, which saves time. Electronic Code Book In the Electronic Code Book (ECB) mode, a 64-bit block of plaintext is encrypted independently to produce ciphertext. The key consists of instructions to be used by the code book. The code book specifies how substitutions and permutations will be performed on plaintext. In this mode, for a specific block of plaintext and key, the same block of ciphertext is always produced. Each 64-bit block of ciphertext can be attacked separately. If the first few bytes of a key are known, plaintext can be guessed. The recovered key can then be used to decrypt the remaining ciphertext blocks. The ECB mode is simple and fast to implement because it allows easy parallelization. Cipher Block Chaining In the Cipher Block Chaining (CBC) mode, a block of 64 randomly chosen bits, called the IV, is itself encrypted and sent as the first block of ciphertext. This IV is then XORed with the first 64-bit block of plaintext. The resulting value is encrypted using the encryption algorithm to produce the second block of ciphertext. The next block of plaintext is XORed with the ciphertext from the previous block. The CBC mode is a modification of the ECB mode because in the CBC mode, the encryptive feedback is added across the blocks of plaintext, which makes encryption much stronger. Decrypting any block does not produce any recognizable patterns. A different IV will produce different ciphertext for the same block of plaintext. The speed of the CBC mode is identical to the block cipher. While the decryption process can be easily parallelized, encryption process cannot be easily parallelized.
Question
What are the attributes of a strong cipher? Options:
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
1. 2. 3. 4.
Should have long periods of no repeating patterns Should have short periods of patterns The keystream should not be linearly related to the key The keystream should not have the same number of 0s and 1s
Answer
A strong cipher should have long periods of no repeating patterns and have a keystream not linearly related to the key. Option 1 is correct. A strong cipher should have long periods of no repeating patterns implying that the bits generated by the keystream must be random. Option 2 is incorrect. The cipher should have long periods of no repeating patterns. Option 3 is correct. The keystream should not be linearly related to the key so that someone who guesses the keystream cannot also guess the key value. Option 4 is incorrect. The keystream should be statistically unbiased, ensuring that there are same number of 0s and 1s.
Question
Match the characteristics to block, stream, and one-time pad ciphers. Options:
1. 2. 3. 4. 5. 6. Difficult to implement Perform mathematical functions on a block of bits Perform mathematical functions on a stream of bits Suitable for hardware implementation Suitable for software implementation Use a totally random keystream
Targets:
A. Block cipher B. C. One-time pad cipher Stream cipher
Answer
A block cipher performs mathematical functions on a block of bits and is suitable for software implementation. A one-time pad cipher is difficult to implement and uses a totally random keystream. A stream cipher performs mathematical functions on a stream of bits and is suitable for hardware implementation.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 35
Question
Suppose the army wants to encrypt all data sent over a wireless communication line from a war-zone to the operating base. What is the appropriate cipher type that should be used in this scenario? Options:
1. 2. 3. 4. Block cipher One-time block cipher One-time pad cipher Stream cipher
Answer
A one-time pad cipher is the appropriate cipher type that should be used in this scenario. Option 1 is incorrect. A block cipher is not the appropriate cipher type that should be used in this scenario because the data that needs to be encrypted is a stream of bits. Option 2 is incorrect. One-time block cipher is not a cipher type. Option 3 is correct. A one-time pad works like a stream cipher and is considered unbreakable. In this scenario, highly confidential data is sent over the wireless communication line in a stream of bits. Option 4 is incorrect. A stream cipher does not provide as much security as a onetime pad cipher. In this scenario, data security is extremely crucial.
Question
Match the characteristics to the different cipher modes. Options:
1. 2. 3. 4. 5. 6. Ciphertext errors do not propagate Decryption can be easily parallelized but encryption cannot be easily parallelized Keystream can be generated before the data for encryption is available Plaintext block is encrypted independently to produce ciphertext Simple and fast to implement because allows easy parallelization The IV is itself encrypted and sent as the first block of ciphertext
Targets:
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
A.
CBC B. ECB C. OFB
Answer
In the CBC mode, decryption can be easily parallelized but encryption cannot be easily parallelized, and the IV is itself encrypted and sent as the first block of ciphertext. In the ECB mode, a plaintext block is encrypted independently to produce ciphertext and implementation is simple and fast because of easy parallelization. In the OFB mode, ciphertext errors do not propagate, and the keystream can be generated before the data for encryption is available.
2. Cryptanalytic attacks
Cryptanalysis is the science of defeating cryptographic protection, which helps find and correct weaknesses of cryptographic algorithms. There are various techniques involved in cryptanalysis to crack codes, decode secrets, and break cryptographic protocols. These techniques are generally known as attacks. The various techniques involved in cryptanalysis are categorized as ciphertext-only attack known-plaintext attack chosen-plaintext attack adaptive chosen-plaintext attack chosen-ciphertext attack adaptive chosen-ciphertext attack ciphertext-only attack In the ciphertext-only attack, the cryptanalyst obtains a sample of ciphertext without the plaintext associated with it. The cryptanalyst tries to recover the plaintext. The ciphertext-only attack is difficult and requires a very large ciphertext sample. known-plaintext attack In the known-plaintext attack, the cryptanalyst has both the ciphertext and its corresponding plaintext. The cryptanalyst intends to recover the key. chosen-plaintext attack In the chosen-plaintext attack, the cryptanalyst chooses an arbitrary quantity of plaintext and then obtains its corresponding ciphertext to recover the key. adaptive chosen-plaintext attack
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 37
The adaptive chosen-plaintext attack is a special case of the chosen-plaintext attack, where the cryptanalyst chooses plaintext samples dynamically based on the information from previous encryptions. chosen-ciphertext attack In the chosen-ciphertext attack, the cryptanalyst chooses a piece of ciphertext and attempts to obtain the corresponding plaintext to recover the key. This attack is generally applicable to public-key cryptosystems. adaptive chosen-ciphertext attack In the adaptive chosen-ciphertext attack, the cryptanalyst chooses ciphertext samples dynamically based on the previous results. The cryptanalyst has free access to decryption hardware but is unable to extract the decryption key from it. The objective of the cryptanalyst is to be able to decrypt new pieces of ciphertext by extracting the secret key without any additional information.
Question
Suppose the cryptanalyst has both the ciphertext and its corresponding plaintext. The cryptanalyst intends to recover the key. Which is this type of cryptanalytic attack? Options:
1. 2. 3. 4. Chosen-ciphertext attack Chosen-plaintext attack Ciphertext-only attack Known-plaintext attack
Answer
This is the known-plaintext attack, where the cryptanalyst has both the ciphertext and its corresponding plaintext and the goal is to recover the key. Option 1 is incorrect. In the chosen-ciphertext attack, the cryptanalyst chooses a piece of ciphertext and attempts to obtain the corresponding plaintext to recover the key. Option 2 is incorrect. In the chosen-plaintext attack, the cryptanalyst chooses an arbitrary quantity of plaintext and then obtains its corresponding ciphertext to recover the key. Option 3 is incorrect. In the ciphertext-only attack, the cryptanalyst obtains a sample of ciphertext without the plaintext associated with it.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Option 4 is correct. In the known-plaintext attack, the cryptanalyst has both the ciphertext and its corresponding plaintext. The goal is to recover the key.
Summary
Block, stream, and one-time pads are different types of ciphers. Block and stream ciphers use different cipher modes of operation that include the CFB, OFB, ECB, and CBC mode. Cryptanalysis is the science of defeating cryptographic protection. The various techniques involved in cryptanalysis are known as attacks, which are categorized into six categories.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 39
Message Authentication
Learning objective
After completing this topic, you should be able to distinguish between the various algorithms used for message authentication.
1. Hash functions
Data is most vulnerable when it is in transit over an untrusted network, such as the Internet. The risk of data being altered during transmission is high. As a result, it is essential to maintain data integrity. Integrity means that the receiver should receive exactly what the sender has sent. Message authentication over an untrusted network helps achieve this. It ensures that the data has not been tampered with during transmission. Message authentication aims at validating the integrity of the data identifying the sender of the data identifying the uniqueness of the data You use hash functions, which in turn use hash algorithms, to authenticate messages. A hash function is a technique that takes a long message, runs it through an algorithm, and produces a unique output value derived from the subject matter of the message. This unique output value is known as message digest (MD). Using this MD value, hash functions help verify the integrity of data. The process of a hash function is simple. When the sender sends data, it goes through an algorithm and an MD value is generated for the data. When the receiver receives the data, it goes through an algorithm and an MD value is generated for the data. If the MD values of both the parties sender and receiver match, the data is considered untampered during data transmission. These are the basic requirements of a hash function: the input data can be of any length the output (MD value) of the data has a fixed length the MD value can be calculated for any input data the function should be collision free by generating a unique MD value for each input data
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
should support one-way function, meaning the input data cannot be guessed or derived using the MD value
Question
What are the characteristics of a hash function? Options:
1. 2. 3. 4. Each input data should have a unique MD value Input data should be of fixed length Input data should not be known using the MD value The MD value should always be of variable length
Answer
A strong hash function should generate a unique MD value for each input and the input should not be derived at using the MD value. Option 1 is correct. A strong hash function should generate a unique MD value for each input. This prevents collision attacks. Option 2 is incorrect. A strong hash function should be able to process inputs of variable lengths but generate output of fixed length for all the inputs. Option 3 is correct. A strong hash function should not be derived at using the MD value. This means, given the value of MD, input should not be guessed. Option 4 is incorrect. A strong hash function should generate an MD value of fixed length. This also helps identify the level of security that the function would provide.
2. Types of hash algorithms

There are different hash algorithms that are available to authenticate data. Each algorithm uses a different technique for ensuring that the data remains secured during transit. There are five major types of hash algorithms. Each of them provides supports for one-way function: MD2 MD4 MD5 HAVAL
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 41
SHA MD2 MD2 refers to the message digest 2 algorithm and was designed by Ron Rivest. This algorithm supports computers with eight-bit processors. MD2 pads the original message in such a way that its total length is divisible by 16. A 16-byte checksum is added to the end of the original, padded message. Then the 128-bit MD value is calculated for the original message along with the added checksum. The weakness of MD2 is that a collision of the MD value can occur if the 16-byte checksum calculation for the original message is omitted. Also, it is slower than other MD algorithms. MD4 MD4 refers to the message digest 4 algorithm and was designed by Ron Rivest. This algorithm supports computers with 32-bit processors. MD4 pads the original message in such a way that its total length is divisible by 16. The message length is then appended to the original message and the MD buffer is initialized. The message is then processed in 16-word blocks to generate the output. The output generated is a 128-bit MD value. MD4 can be used for high-speed software computations but generates collisions when it is executed completely. Therefore, now MD4 is considered as a broken algorithm. MD5 MD5 refers to the message digest 5 algorithm and was designed by Ron Rivest. This algorithm supports computers with 32-bit processors. This algorithm takes input of any size and generates a 128-bit MD value. This means that an input of any length will produce a 128-bit MD value. MD5 adds an additional round of computations in the hash function itself. MD5 uses four distinct rounds of computation to produce an MD value. This adds to the complexity level. But the level of security provided is quite high because the algorithm is tough to crack. At many places, it has replaced the MD4 algorithm. HAVAL HAVAL is an enhancement of the MD5 algorithm and provides more protection against attacks than MD5 does. HAVAL encrypts the message in the same way as MD5 does. The only difference is that HAVAL processes message blocks of 1,024 bits. This is two times the size of what MD5 processes.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
The main advantage of HAVAL, as compared to other algorithms, is that HAVAL produces a variable-length MD value. SHA Secure Hash Algorithm (SHA) is quite similar to the MD4 algorithm and generates a 160-bit MD value. SHA was designed by NIST and NSA to be used with the Digital Signature Standard (DSS) and was primarily designed to meet the US government's application requirements. During encryption, input is passed on to an asymmetric hash algorithm. This algorithm has some added functionalities, such as resistant to brute force attacks, but output is the same, that is, a 160-bit MD value. This algorithm is safer than other algorithms. The 160-bit MB value makes SHA more resistant to brute force attacks. Further, SHA is free from collisions of MB values and is used extensively for creating digital signatures. Also, over the years SHA has improved a lot and now there are multiple versions available. The different types of hash algorithms include MD2, MD4, MD5, HAVAL, and SHA. Cryptographers can use any of these algorithms to maintain the integrity of data when it is in transit.
Question
Match the given characteristics to the appropriate hash algorithm. Options:
1. 2. 3. 4. 5. 6. Generates a 128-bit MD value Generates a 160-bit MD value Helps create digital signatures Processes messages of 1,024 bits Produces a variable-length MD value Supports computers with 32-bit processors
Targets:
A. HAVAL B. MD5 C. SHA
Answer
HAVAL is a variable, one-way function that processes messages of 1,024 bits to generate a variable-length MD value. MD5 is a complex algorithm that supports
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 43
computers with 32-bit processors and generates a 128-bit MD value. SHA generates a 160-bit MD value and is used in digital signatures.
Question
An organization needs to implement a strong encryption algorithm that generates a 160-bit MD value in the form of a digital signature. Identify the appropriate hash algorithm that can be used by the organization in this situation. Options:
1. 2. 3. 4. HAVAL MD4 MD5 SHA
Answer
SHA produces a 160-bit hash value that is used in digital signatures for strong encryption. Option 1 is incorrect. HAVAL processes a message block two times the size of those used in MD5 and produces a variable-length MD value. Option 2 is incorrect. MD4 creates a 128-bit MD value and supports computers with 32-bit processors. Option 3 is incorrect. MD5 creates a 128-bit MD value and is hard to crack. It is recommended for a higher level of security. Option 4 is correct. SHA produces a 160-bit MD value and is used to create digital signatures for strong encryption.
3. Message authentication codes (MACs)

Hash algorithms generate nonkeyed MD values, which are prone to man-in-themiddle attacks. If the attacker intercepts the message and the MD value associated with it, the attacker can change the message, compute a new MD value for the message, and send the message to the receiver. When the receiver receives the message, it goes through an algorithm at his end and an MD value is generated for the message. The receiver then compares the MD value generated at his end with the MD value received from the sender.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Because the MD value matches, the receiver considers that the message is received from the sender and the data is not modified while in transit. This is the drawback of using hash algorithms to check the integrity of messages over untrusted networks. To overcome the drawback of hash algorithms, a secret key is added to the message, which runs through an algorithm. This creates a random key, called Message Authentication Code (MAC), which is not known to the attackers. The different types of MACs are HMAC CBC-MAC HMAC In Hash-based Message Authentication Code (HMAC), a secret key is added to the message. The message then runs through an algorithm, which generates a MAC value for the message. Only the message and the MAC value are sent to the receiver, and not the secret key. The receiver accepts the message and adds his secret key to the message. The message then runs through an algorithm, which generates a MAC value for the message. If the receiver's MAC value matches that of the sender, the receiver knows that the message was not modified and knows from which computer the message came. HMAC provides data origin authentication, but fails to provide data confidentiality. CBC-MAC In Cipher Block Chaining Message Authentication Code (CBC-MAC), a message is encrypted with a symmetric block cipher. The last block of the message is used for the MAC value. The sender does not send the encrypted message, but instead sends the message as plaintext along with the MAC value. The receiver receives the plaintext message, encrypts it using the same symmetric block cipher, and computes the new MAC value. If the new MAC value matches the MAC value sent by the sender, the message is not modified. CBC-MAC does not use any hash algorithms to calculate MAC values. CBC-MAC provides data origin authentication but fails to provide confidentiality of data because the message is sent in plaintext form.
Question
Match the given characteristics to the appropriate MAC type. Options:
1. A secret key is added to the message
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 45
2. 3. 4.
A symmetric block cipher is used to encrypt messages MAC is added to the last block of the message MAC value is received separately
Targets:
A. CBC-MAC B. HMAC
Answer
HMAC uses an algorithm in which a secret key is added to the message and the MAC value is received separately. CBC-MAC uses a symmetric block cipher to encrypt the message, and then MAC is added to the last block of the message.
4. Attacks against hash algorithms

There are different types of attacks against hash algorithms. These include collision aliasing collision Collision is the instance when multiple unique inputs generate the same MD value. The risk of collisions generally decreases as the bit size of the output hash increases. For example, the collision attack is less with a 160-bit MD value than with a 128-bit MD value. Collision can occur during the calculation of an MD value as well. This is referred to as pseudo-collision. aliasing Aliasing restarts the hash algorithm through any input. This makes it easier for the attacker to make any input that would generate the same hash value as the original on passing through the algorithm. A successful aliasing attack often creates a collision. Apart from collision and aliasing attacks, there are other types of attacks that do not attack algorithms but attack probabilities. One such example is a birthday paradox. Birthday paradox refers to the probability that two entities in a group can share a common characteristic feature. For example, consider a group of 23 or more people present in a room. There is a probability that a pair will share a common birthday. The odds of one person having the same birthday as one other person is one in 365 and this probability would increase as the number of people in the group increases. Based on this paradox, there are various match attacks that do not attack the
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
algorithms but instead attack the probability. A birthday attack is an example of a match attack. Birthday attacks can be used to find collisions in hash algorithms. MD5 and SHA algorithms use birthday attacks to find collisions.
Question
Match the attack type to the corresponding description. Options:
1. 2. 3. Aliasing Birthday paradox Collision
Targets:
A. Attacks the probabilities and is used to find collisions in hash algorithms B. Generates a unique MD value for multiple input messages C. Reinitiates a hash algorithm based on any input message
Answer
An aliasing attack occurs when a hash algorithm is reinitiated regardless of the input message. A collision attack occurs when multiple input messages generate the unique MD value. A birthday paradox attacks the probabilities and is used to find collisions in hash algorithms. An aliasing attack occurs when the hash algorithm is reinitiated regardless of the input message. A birthday paradox attacks the probabilities and is used to find collisions in hash algorithms. A collision attack occurs when multiple input messages generate the unique MD value.
Summary
Data is always at risk when traveling through a network. For this reason, message authentication is essential. The various nonkeyed hash algorithms used for message authentication include MD2, MD4, MD5, HAVAL, and SHA. To overcome the limitations of hash algorithms, message authentication codes
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 47
(MACs) are used. The two types of MACs are CBC-MAC and HMAC. Collision and aliasing are the two main attacks against hash algorithm. Apart from collision and aliasing, there are other types of attacks that do not attack algorithms but attack probabilities. One such example is a birthday paradox.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Using Hashing Algorithms

Learning objective
After completing this topic, you should be able to determine the appropriate hashing algorithm to use in a given scenario.
Exercise overview
In this exercise, you are required to determine the appropriate hashing algorithm to use in a given scenario. This involves the following task: determining the appropriate hash algorithm
Task 1: Determining the appropriate hash algorithm

Suppose you are working as a cryptographer. Your responsibility is to ensure errorfree data transmission between the sender and the receiver. One of your major tasks is to determine the appropriate hash algorithm.
Step 1 of 6
An organization currently needs to implement a strong encryption algorithm that supports a 160-bit Message Digest (MD) value in the form of a digital signature. In addition, the organization wants to prevent the encryption algorithm from birthday attacks. Which hash algorithm would you recommend in the given scenario? Options:
1. 2. 3. 4. HAVAL Message Digest 2 (MD2) Message Digest 4 (MD4) Secure Hash Algorithm (SHA)
Result
In this situation, the SHA hash algorithm should be used.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 49
Option 1 is incorrect. HAVAL is a variable-length, one-way hash algorithm that processes 1,024 message block sizes, which is 2 times the size of those used in MD5. Option 2 is incorrect. MD2 is a one-way function that creates a 128-bit hash value. It is much slower than MD4 and MD5. Option 3 is incorrect. MD4 creates a 128-bit hash value. It is optimized for computers with 32-bit processors and used for intensive, high-speed software computations. Option 4 is correct. SHA creates a 160-bit hash value that is used to create digital signatures for strong encryption. SHA is also resistant to birthday attacks.
Step 2 of 6
An organization wants the capability to process messages in blocks of 1,024 bits and the flexibility to create a Message Digest (MD) value of variable length. Which hash algorithm would you recommend in the given scenario? Options:
Result
In this situation, the HAVAL hash algorithm should be used. Option 1 is correct. HAVAL is a variable-length, one-way hash algorithm that processes 1,024 message block sizes, which is 2 times the size of those used in MD5. Option 2 is incorrect. MD2 is a one-way function that creates a 128-bit hash value. It is much slower than MD4 and MD5. Option 3 is incorrect. MD4 creates a 128-bit hash value. It is optimized for computers with 32-bit processors and used for intensive, high-speed software computations. Option 4 is incorrect. SHA creates a 160-bit hash value that is used to create digital signatures for strong encryption.
Step 3 of 6
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
An organization wants to implement a 128-bit algorithm. This should support computers with 8-bit processors. Speed and security is not much of a concern. Which hash algorithm would you recommend in the given scenario? Options:
Result
In this situation, the MD2 hash algorithm should be used. Option 1 is incorrect. HAVAL is a variable-length, one-way hash algorithm that processes 1,024 message block sizes, which is 2 times the size of those used in MD5. Option 2 is correct. MD2 is a one-way function that creates a 128-bit hash value. It is much slower than MD4 and MD5. Option 3 is incorrect. MD4 creates a 128-bit hash value. It is optimized for computers with 32-bit processors and used for intensive, high-speed software computations. Option 4 is incorrect. SHA creates a 160-bit hash value that is used to create digital signatures for strong encryption.
Step 4 of 6
A large, microchip manufacturing company wants to implement a hash function of minimum 128 bits that is optimized for microprocessors. The company wants to protect data integrity as well. Which hash algorithm would you recommend in the given scenario? Options:
Result
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 51
In this situation, both the MD4 and MD5 hash algorithms are suitable. Option 1 is incorrect. HAVAL is a variable-length, one-way hash algorithm that processes 1,024 message block sizes, which is 2 times the size of those used in MD5. Option 2 is correct. MD4 creates a 128-bit hash value. It is optimized for computers with 32-bit processors and used for intensive, high-speed software computations. Option 3 is correct. MD5 creates a 128-bit hash value. It is hard to crack and recommended for a higher level of security. Option 4 is incorrect. SHA creates a 160-bit hash value that is used to create digital signatures for strong encryption.
Step 5 of 6
An organization wants to implement additional security to protect the integrity of a message using a secret key. The receiver would be sent his copy of the secret key to calculate the Message Authentication Code (MAC) value. Which MAC function would you recommend in the given scenario? Options:
1. 2. 3. 4. Cipher Block Chaining - Message Authentication Code (CBC-MAC) Keyed-Hash Message Authentication Code (HMAC) Message Digest 5 (MD5) Secure Hash Algorithm (SHA)
Result
In this scenario, the HMAC function should be used. Option 1 is incorrect. In CBC-MAC, a message is encrypted with a symmetric block cipher and the last block of the message is used for the MAC value. If the MAC value of the receiver matches the MAC value of the sender, the message has not been modified. Option 2 is correct. In HMAC, a secret key is added to the message. The message then runs through an algorithm, which generates a MAC value for the message. If the MAC value of the receiver matches the MAC value of the sender, the message has not been modified. Option 3 is incorrect. MD5 is a nonkey hash algorithm that creates a 128-bit MD value. It is hard to crack and recommended for a higher level of security.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Option 4 is incorrect. SHA is a nonkey hash algorithm that creates a 160-bit MD value that is used to create digital signatures for strong encryption.
Step 6 of 6
An organization wants to encrypt messages in such a way that the output of the final block of cipher text is used as MAC. The receiver would be sent his copy of the message and a symmetric block to calculate the MAC value. Which MAC function would you recommend in the given scenario? Options:
1. 2. 3. 4. Cipher Block Chaining - Message Authentication Code (CBC-MAC) Keyed-Hash Message Authentication Code (HMAC) Message Digest 5 (MD5) Secure Hash Algorithm (SHA)
Result
In this scenario, the CBC-MAC function should be used. Option 1 is correct. In CBC-MAC, a message is encrypted with a symmetric block cipher and the last block of the message is used for the MAC value. If the MAC value of the receiver matches the MAC value of the sender, the message has not been modified. Option 2 is incorrect. In HMAC, a secret key is added to the message. The message then runs through an algorithm, which generates a MAC value for the message. If the MAC value of the receiver matches the MAC value of the sender, the message has not been modified. Option 3 is incorrect. MD5 is a nonkey hash algorithm that creates a 128-bit MD value. It is hard to crack and recommended for a higher level of security. Option 4 is incorrect. SHA is a nonkey hash algorithm that creates a 160-bit MD value that is used to create digital signatures for strong encryption.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 53
Certificate Authority and Digital Signatures

Learning objective
After completing this topic, you should be able to recognize how certificate authorities (CAs), digital signatures, and the Public Key Infrastructure (PKI) are used to provide confidentiality, integrity, and authentication.
1. Digital signatures
Hash algorithms generate nonkeyed MD values that are prone to man-in-the-middle (MITM) attacks. If the attacker intercepts the message and the MD value associated with it, the attacker can change the message, compute a new MD value for the message, and send the message to the receiver. These attacks can be mitigated by using shared secret keys. MITM attacks can also be mitigated using digital signatures. A digital signature is an electronic signature based on the cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified. To implement digital signatures to authenticate messages when they are in transit, you need to obtain a digital certificate from a Certificate Authority (CA). A CA is a trusted third party or organization that issues and manages security credentials and public keys for message encryption. To obtain a digital certificate from a CA, you need to appear in front of the CA and produce appropriate documents. The CA includes VeriSign, Entrust, and BelSign. CA allows users, applications, and other entities to validate data and source integrity. This validation is done through cryptographic functions. A digital signature depends on a combination of public key cryptography and hashing functions. The public key is used to decrypt the message. Digital signatures provide integrity and authentication for a message. Further, digital signatures provide nonrepudiation for a message. In other words, a digitally signed message assures the recipient that the message is received from the claimed sender. The nonrepudiation of a message prevents the sender from claiming that the message is a forgery at a later date. Suppose Chris wants to send a digitally signed message to Adam. Chris runs the message through an algorithm and encrypts only the MD value using his private key. Chris appends the signed MD value to the encrypted message and sends the signed message to Adam.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Note - Chris does not send his private key along with the message. When Adam receives the digitally signed message, Adam decrypts the MD value using Chris's public key. Then Adam passes the MD value through an algorithm and generates a MAC value for the message. If Adam's MAC value matches that of Chris's, Adam knows that the message was not modified and knows from which computer the message came. In this way, you create and verify a digital signature. Here, hashing provides integrity and digitally signing the message provides both authentication and nonrepudiation. The public key is useless without the private key. The private key is used for encryption and the public key is used for decryption. As a result, it is essential to protect the private key because losing the private key would mean losing all the data encrypted using it. Further, you cannot recreate the private key. For example, you have a locker in a bank to store your valuables. The bank issues two keys for your locker. The bank keeps one key private with them and gives you the second key public. When you want to open your locker, you need to use both keys private and public. Without the private key, you cannot open your locker. To safeguard the private key, key escrow is used. Key escrow refers to the handling of the private key's data by a trusted third party. These parties store a copy of the private key. They have a very high level of security and are expensive to use as well.
Question
Identify the characteristics of a digital signature. Options:
1. 2. 3. 4. Detects unauthorized modifications to data Provides authentication and nonrepudiation Secrecy of data is a challenge Uses public key cryptography
Answer
A digital signature is a combination of public key cryptography and the hashing function. The hashing function detects unauthorized modifications to data and the
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 55
public key decrypts the message. Because the message is digitally signed, it provides for authentication and nonrepudiation. Option 1 is correct. A digital signature is a combination of public key cryptography and the hashing function. The hashing function detects unauthorized modifications to data. Option 2 is correct. The message is digitally signed and this provides for authentication and nonrepudiation. Option 3 is incorrect. Digital signatures maintain the secrecy of data because of their strict issuing rules. Option 4 is correct. A digital signature is a combination of public key cryptography and the hashing function. The public key decrypts the message.
2. Public Key Infrastructure

Public Key Infrastructure (PKI) is a set of policies, processes, server platforms, software, and workstations to administer certificates and public/private key pairs, including the ability to issue, maintain, and revoke public key certificates. PKI provides security services for confidentiality, integrity, authentication, nonrepudiation, and access control, based on using private and public key cryptography. The key pairs are obtained through a trusted authority CA and this enables PKI to provide digital certificates. PKI is used when users have to transmit data across an untrusted network, such as the Internet. PKI ensures that the integrity of the data is secured when it is in transit. PKI is a method of managing asymmetric keys on a secure basis for use by widely distributed users or systems. A PKI consists of certificate authority registration authority certificate repository certificate management system certificate authority A certificate authority (CA) issues and verifies digital certificates. The certificate includes the public key or information related to the public key. registration authority
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
A registration authority (RA) acts as a verifier for the certificate authority before a digital certificate is issued to a requestor. certificate repository One or more directories that store certificates with their private keys also form one of the components of PKI. certificate management system A certificate management system manages all certificates. A certificate is an electronic record that identifies the public key as the subject of the certificate and confirms that the prospective signer/subscriber holds the corresponding private key.
Question
Identify the components of public key infrastructure (PKI). Options:
1. 2. 3. 4. Access controls Certificate repository Digital certificates Registration authority
Answer
A certificate repository and a registration authority are components of PKI. Option 1 is incorrect. Access controls are provided by PKI depending on the public private key. It is a service of PKI and not a component of it. Option 2 is correct. A certificate repository is a collection of one or more directories where certificates are stored. Option 3 is incorrect. Digital certificates are generated by PKI. These certificates are not components of PKI. Option 4 is correct. A registration authority acts as a verifier for the certificate authority to authenticate the requestor of the digital certificate. There are various guidelines that PKI has to follow to manage keys. The significant rules are the length of the key should be enough to provide security the transmission of the key should take place over a secured network the generation of the keys should involve full utilization of all keyspaces
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 57
the lifetime of the key should be short if it is used for sensitive data or if it is frequently used keys should be escrowed or backed up keys should be destroyed when not in use Keys need to be protected to maintain the authenticity of data. The keys can be modified, corrupted, or given away to unauthorized people. For this reason, PKI has to address various security issues related to confidentiality, integrity, authentication, and nonrepudiation. Authentication ensures that an individual is the one who claims to be the sender. Integrity assures that the data is not modified, and every unauthorized modification attempt has been a failure. Finally, confidentiality assures the user that only an intended reader can read the data. When keys are stored on a central server, it is essential to ensure that they are distributed, as needed. For this, you can use the X.509 option. It is a certificate that uses distinguished names to provide the identities of subscribers and CAs. This certificate includes the serial and version number, identity and algorithm information, lifetime dates, and signature of the issuing authority. Public/private key pairs are generated by PKI but sometimes, the individuals prefer to generate their own public/private key pair. If the individuals generate their own keys, the keys are stored on the local machine, and this might prove fatal in case the local machine crashes. The major issue involved in determining who will issue public key certificates for end users CAs or RAs depends on the size of the community base. Generally, CAs issue the public key certificates, but if the size of the group requesting the keys is too large, RAs offload the CAs by verifying the details of requesting individuals. CAs can invoke key recovery agents to recover the keys, key components, or plaintext messages, whenever there is an authorized request. There are three methods of key recovery
method A method B method C method A In method A, the key is stored in such a way that it is directly accessible by the key recovery agent. method B
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
In method B, the key is stored at different storage locations from where it can be retrieved by the key recovery agent. method C In method C, the key recovery agent does not need to store the user's key. The key can also be retrieved by the message header that could contain a session key that has been encrypted with a key known by the key recovery agent. There are various ways in which the confidentiality of the keys is protected in storage. Some of the keys are protected by the integrity of the storage mechanisms while other keys are destroyed by virtue of self-destructive storage devices when subject to forcible ways of disclosure. There are few storage devices that store the keys in encrypted form to protect their confidentiality. Consequently, in all possibility, the data is well protected by keeping the keys as strong as possible to overcome any sort of attack.
Question
Identify the guidelines for key management and distribution. Options:
1. 2. 3. 4. Keys need to be backed up or escrowed Keys need not be destroyed when not in use Keys should not be transmitted X.509 can be used to distribute keys
Answer
For key management and distribution, it is important to back up or escrow the keys and use the X.509 certificate that provides identity to the subscribers. Option 1 is correct. Because important data is protected using keys, the keys should be backed up or escrowed for emergencies. Option 2 is incorrect. For effective key management, keys should be destroyed when not in use. Option 3 is incorrect. Keys need to be transmitted over a secured network. Option 4 is correct. X.509 is a certificate that provides identity to the subscribers and is essential for the distribution of the keys.
Question
Identify the ways in which storage mechanisms can safeguard key integrity.
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 59
Options:
1. 2. 3. 4. Keys can be moved to a different location after usage Keys can be stored openly and password can be assigned for access Keys are automatically destroyed when subject to forcible disclosure Key integrity can be protected by the integrity of the storage mechanism
Answer
Key integrity can be protected either by the integrity of the storage mechanisms or the keys can be destroyed when an attempt to disclose them forcibly is made. Option 1 is incorrect. Moving the keys to a different location after usage will not aid storage mechanisms in safeguarding the key integrity. Option 2 is incorrect. If the keys are stored openly and accessed using a password, the storage mechanisms cannot safeguard key integrity. Option 3 is correct. Some of the storage mechanisms destroy the keys when an attempt to disclose them forcibly is made. This safeguards key integrity. Option 4 is correct. Some of the storage mechanisms are strongly protected for integrity. This in turn protects the integrity of the keys.
3. Cracking encryption
Despite the best efforts being put in by individuals to secure data and protect keys, cryptanalysts always attempt to break an encryption method. They try to either break the algorithm or break the key to access the data. Cryptographers prefer to make an algorithm public and invite the public to break the algorithm or expose its weaknesses. The cryptanalysts then expose the weaknesses of the algorithm, which helps the cryptographers to repair their shortcomings. This process of ongoing improvement goes on till the algorithm becomes resistant to attack. The attackers would then have the least probability to break the algorithm or break the key. Attackers have taken just a day's time to crack a 56-bit keyspace used by Data Encryption Standard (DES). To overcome such issues, key strength was the major issue. The developers affirm the fact that key strength is directly proportional to the length of the key. To break keys of different lengths, a specific amount of time and money is needed, and it is important that you understand them and their relationships with each other.
0 9 0 4 7 6
S e g u r i d a d
d e
S i s t e m a s
Supplement
Selecting the link title opens the resource in a new browser window.
Launch window View the comparison of time and money needed to break different length keys.
Question
Identify the considerations involved in breaking an encryption method. Options:
1. 2. 3. 4. Algorithm can be cracked Avoid transmitting the keys Keys can be cracked Keys can be denied access
Answer
Cryptanalysts can break the encryption method by cracking the algorithm or the key. Option 1 is correct. Cryptanalysts try to crack the algorithm to break an encryption method. Option 2 is incorrect. Cryptanalysts can break the encryption method even if the transmission of the keys is avoided. Option 3 is correct. Cryptanalysts try to crack the keys to break an encryption method. It is generally very easy for weak keys but can be very tough for strong keys. Option 4 is incorrect. Denying access to the keys can not help the cryptanalysts in any way to break the encryption method.
Summary
A digital signature is an electronic signature based on the cryptographic methods of originator authentication such that the identity of the signer and the integrity of the data can be verified. A digital certificate needs to be obtained from a Certificate Authority (CA). Public Key Infrastructure (PKI) is a set of policies, processes, server platforms, software, and workstations used to administer certificates and public/private key pairs, including the ability to issue, maintain, and revoke public key certificates. PKI
S e g u r i d a d
d e
S i s t e m a s
0 9 0 4 7 6
Cryptography | 61
provides security services for confidentiality, integrity, authentication, nonrepudiation, and access control. Despite the best efforts being put in by individuals to secure data and protect the keys, cryptanalysts always attempt to break an encryption method. They try to either break the algorithm or break the key to access the data.

Cryptography FULL

Încărcat de

Informații document

Descriere originală:

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Cryptography FULL

Încărcat de

Drepturi de autor:

Formate disponibile

S e g u r i d a d

Cryptographic Terminology and Symmetric Algorithms

What are the characteristics of symmetric key encryption? Options:

These are the advantages of 3DES:

These are the disadvantages of 3DES:

These are the advantages of AES:

The RSA algorithm when used with IPSec provides

Using Symmetric and Asymmetric Algorithms

Task 1: Selecting the encryption method

Task 2: Selecting the encryption algorithm

Cipher Types and Cryptanalytic Attacks

1. Cipher types and modes

CBC B. ECB C. OFB

2. Types of hash algorithms

3. Message authentication codes (MACs)

4. Attacks against hash algorithms

Using Hashing Algorithms

Task 1: Determining the appropriate hash algorithm

Certificate Authority and Digital Signatures

2. Public Key Infrastructure

S-ar putea să vă placă și