Cr yptog r aphy

Fundamentals

Asdrúbal Pichardo, Thomas Obert

Global IT Enterprise Network Services
 Table of Contents

Encryption and Decryption

Public Key Cryptography

Hash Values

Digital Signatures

Digital Certificates, PKI

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training2, A. Pichardo 2
 Security Requirements Today

Security requirements for today’s networking applications (i.e.

E-Commerce)
 Authentication: be sure you know who you are communicating
with
 Privacy: confidentiality, keeps secrets secret
 Authorization: ensure users do not exceed their allowed authority
 Integrity: be sure the data is kept intact and is not changed during
transit
 Non-repudiation: have the evidence in the event of a dispute

It‘s
It‘s aaPAIN!
PAIN!

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training3, A. Pichardo 3
 Solution
Cryptography
But, there are several interesting issues, which need good solutions:
 Strong encryption methods
Protocols, key length, approved algorithms, etc.
 Key Management
Everything about the life-cycle of keys, from generation to destruction.
 Key Exchange
„How do the communication partners securely exchange their keys?“
 Trust Relationships
„Are the keys I‘m using really owned by the recipient only?“

Issues solved with

Public-/Private-Key Cryptography
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training4, A. Pichardo 4
 What is Encryption and Decryption?
In general, a message consists of „clear text“.
SAP is
the
best!

The method, to hide the content of a message is called „encryption“.

SAP is HD(§j
the Encryption 8Ias
best! ?=32

The result of an encryption is a message in „cipher text“.

HD(§j
8Ias
?=32

The method, to unhide the „clear text“ is called „decryption“.

SAP is HD(§j
the Decryption 8Ias
best! ?=32

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training5, A. Pichardo 5
 Most important Cryptography
Fundamentals
Sehr

Symmetric Encryption geehrter

Herr...
Secre
t
Sehr

Asymmetric Encryption geehrter

Herr...
Public
Private

Sehr Secre
Hybrid Encryption geehrter
Herr...
t
Public
Private

Sehr

Hash Methods geehrter

Herr...

Sehr

Digital Signature geehrter

Herr...
Thom
as
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training6, A. Pichardo 6
 Symmetric Encryption
Sehr Sehr
geehrter geehrter
Herr... Herr...

Tza7)8
)891js
idU#...
1 3

Secre
Steps: t

1. Encrypt clear Text message with Secre  Cipher Text

t
2. Transmit cipher Text
3. Decrypt cipher Text with Secre  Clear Text
t
Most important aspects:
There is only one secret key
Key must be shared by the communication partners – They both use the same key!
Most difficult: Secure Key Exchange!
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training7, A. Pichardo 7
 Asymmetric Encryption (Public Key
Cryptography)
Sehr Sehr
geehrter geehrter
Herr... Herr...

Tza7)8
)891js
idU#...
1 3

Public Private
Steps:
1. Encrypt clear Text message with  Cipher Text
Public
2. Transmit cipher Text
3. Decrypt cipher Text with Private
 Clear Text
Most important aspects:
Each Entity owns two keys (one key-pair) – one public key and one private key
Public key is published – Everybody can access this key
Private Key is the secret of the owner!
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training8, A. Pichardo 8
 Pros and Cons
Symmetric Encryption Asymmetric Encryption

Pros - Simple protocols - No secret key exchange necessary

- Fast encryption - Only one key-pair per participant*

 used for encryption of large
amount of data - Non-Repudiation possible

Cons - Secret distribution of Keys difficult - Algorithms are slow (about 1000
times slower than secret key enc.)
- Non-Repudiation cannot be  Not useful for encryption of
guaranteed large amount of data
- Need different keys for each
recipient*

* Example: For 100 users you need

•for secret encryption  4950 Keys,
•for asymmetric encryption 100 private and 100 public keys  200 keys

Conclusion: Combine both methods  Hybrid Encryption

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training9, A. Pichardo 9
 Hybrid Encryption (1) – Secret Key
Exchange
1
Secre Secre
t 3 t

Secre
2 t 4
Public

Public Private
Steps:
1. Create Session Key for symmetric encryption Secre
t
2. Encrypt session key with Public
 encrypted session key
3. Transmit encrypted session key
4. Decrypt session key with  session key
Private

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training10
, A. Pichardo 10
 Hybrid Encryption (2) – Cipher Text
transmission
Sehr Sehr
geehrter geehrter
Herr... Herr...

Tza7)8
)891js
idU#...
1 3

Secre Private
Steps: t
Public
1. Encrypt clear Text message with  Cipher Text
Secre
2. Transmit cipher Text t

3. Decrypt cipher Text with Secre  Clear Text

t

 Standard secret key encryption for data privacy

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training11
, A. Pichardo 11
 Hash Functions
A cryptographic hash function is an algorithm that takes a
message x of any arbitrary length and produces a fixed-length
output h(x), called a message digest or fingerprint
Used to verify the integrity of messages or files
Commonly used with digital signatures (the message digest is
the one actually „digitally signed“, not the entire message)
For cryptographic use, the hash function should be strongly
collision free
Main Hash functions:
 MD5, developed by Ronald Rivest at MIT, produces a 128 bit
message digest
 SHA (Secure Hash Algorithm), developed by NIST, outputs a 160
bit message digest
MD5
MD5is
isfaster
fasterthan
thanSHA,
SHA,but
butSHA
SHAis
isaalittle
littlebit
bitmore
moresecure
securethan
thanMD5
MD5
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training12
, A. Pichardo 12
 Hash Algorithm
Sehr
Sehr geehrter
geehrter Herr...
Herr...
1 4
2 ==?
3
Sehr
geehrter
Herr...
Hash-Value
Fingerprint

Steps:
1. Create a collision-free hash-value for the message
2. Transmit data together with hash-value
3. Separate Message and hash-value
4. Recipient creates hash-value himself and compares both values

IfIfmessage
messagehas
hasbeen
beenmodified,
modified,the
thehash-values
hash-valueswill
willbe
bedifferent
different
Integrity
Integritycan
canbe
beguaranteed!
guaranteed!
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training13
, A. Pichardo 13
 Message Authentication Code (MAC)
Sehr
Sehr geehrter
geehrter Herr...
Herr...
1 4
2 ==?
3
Sehr
geehrter
Herr...
Secre
MACt
Secre
Steps: t
Secre
1. Create a collision-free hash-value
t for the message with add. secret key
2. Transmit data together with message authentication code
3. Separate Message and hash-value using the add. secret key
4. Recipient creates hash-value himself and compares both values

IfIfmessage
messagehas
hasbeen
beenmodified,
modified,the
thehash-values
hash-valueswill
willbe
bedifferent
different
Integrity
Integritycan
canbe
beguaranteed!
guaranteed!
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training14
, A. Pichardo 14
 Symmetric-Key Cryptosytems
Stream ciphers vs. Block ciphers
DES: Data Encryption Standard
 Has been used for almost 25 years
 May be cracked in less than 3 days  Insecure
 Key size up to 56 bits
Triple DES or 3DES
 Interim solution for DES
 DES applied 3 times with different keys each time
 Secure (key size up to 168)
 Very slow without hardware accelerators

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training15
, A. Pichardo 15
 Advanced Encryption Standard (AES)
New encryption standard
In 1997, NIST solicited submissions from the cryptography
community for candidates for the new AES
5 final candidates, winner (Rijndael) chosen based on best
combination of:
 Security
 Ease of implementation
 Flexibility and simplicity
AES supports key sizes of 128, 192 and 256 bits
AES is becoming the new encryption standard, and hardware
and software vendors are including support for it

AES
AESis
isvery
verysecure
secureand
andit‘s
it‘sfaster
fasterthan
than3DES
3DES

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training16
, A. Pichardo 16
 Public Key Cryptosystems
Most of public key cryptosystems are based on the concept of
trapdoor one-way functions. One-way functions are easy to
compute but hard to invert, whereas „trapdoor“ one-way
functions are one-way functions which can be inverted easily
with the knowledge of some additional information
Public key cryptosystems:
 RSA
 ElGamal
 Elliptic Curve Cryptography
 Diffie-Hellman Key Exchange
Digital signatures are implemented via a public key
cryptosystem

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training17
, A. Pichardo 17
 RSA Cryptosystem
First published public-key cryptosystem
Developed by Ronald Rivest, Adi Shamir and Len Adlemar at MIT
Based on the difficulty of factoring large integers
The RSA system may be described as follows:
 Generate two large primes p and q
 Compute the product of the primes n = pq
 Compute the number of integers that are less than n and relatively prime
to n, which is equal to the Euler phi function:
φ (n)=(p – 1)(q – 1)
 Select a random number b such that 1 < b < φ (n)and b is relatively
prime to φ (n), that is, gcd(b, φ (n)))=1
 Compute a = b –1 mod φ (n)
 Keep a, p, and q secret and make n and b available to any one who
wishes to send you encrypted messages

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training18
, A. Pichardo 18
 Diffie-Hellman Key Exchange
Developed by Whitfield Diffie and Martin Hellman
Based on the Discrete Logarithm problem
The key exchange proceed as follows:
 Alice and Bob decide on a suitable prime p and an integer α , such that
α is a primitive root of p; α and p can be made public
 Alice chooses a secret integer β , computes yA = α β mod p and sends
yA to Bob
 Bob chooses a secret integer θ , computes yB = α θ
mod p and sends
yB to Alice
 Alice generates the secret key K by computing K = (yB)β mod p
 Bob generates the secret key K by computing K = (yA)θ mod p
 Alice and Bob will generate the identical key K
The security of the Diffie-Hellman key exchange is based on
the assumption that it is computationally infeasible to
compute β or θ from yA or yB and α
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training19
, A. Pichardo 19
 Digital Signatures – Create a Digital
Signature Sehr
geehrter
1 Herr...

Hash-Value
Sehr
Fingerprint
geehrter
Herr...

3
2 Signed
with
Private Private
Key
Steps:
1. Create a collision-free hash-value for the message
2. Encrypt hash-value with private key (sign)
3. Combine clear text message and signed hash-value

Additionally,
Additionally,the
theclear
cleartext
textmessage
messagecould
couldbe
beencrypted
encryptedwith
withthe
the
public
publickey
keyof
ofthe
therecipient!
recipient!
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training20
, A. Pichardo 20
 Digital Signatures – Verify a Digital
Signature Sehr
geehrter
Herr...
2
4
Sehr
geehrter
Herr...
1
==?
3

Signed
with Signed
Private with
Key
Steps: Private
Key
Public
1. Extract digital signature and clear text
2. Create a collision-free hash-value for the message
3. Use Public-Key of sender to verify signature (encrypt hash value)
4. Compare hash values

IfIfverification
verificationof
ofsignature
signaturesucceeds,
succeeds,the
thesender
sendercannot
cannotrepudiate
repudiate
the
themessage!
message!
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training21
, A. Pichardo 21
 Digital Certificate
An electronic document that
identifies an individual or an
entity
Subject
Public Key Info Contains relevant
Issuer (CA) information
Validity  Name, E-mail address,
Version company, title, etc.
Serial Number
Extended Attributes Contains the owner’s public
e.g. E-mail, key
Address,
Job Position Is notarized or validated by
CA Digital Signature
a trusted third party
 Certification Authority (CA)

Standard: X.509v3

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training22
, A. Pichardo 22
 PKI: Public Key Infrastructure
PKI is the architecture, organization, technology, infrastructure
and procedures, that collectively support the implementation
and operation of a certificate-based public key cryptographic
system
PKI consists of systems that collaborate to provide and
implement the public certificate system and related services
PKI is the application of digital certificates and public key
technology to business solutions:
 Authentication and authorization of an entity
 Encryption of critical data
 Digital signature capability
PKI provides an uniform approach for achieving required
security levels in today‘s applications

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training23
, A. Pichardo 23
 PKI Components
Certification Authority (CA):
 Operates the PKI: distributes and administer public keys
(certificates)
Registration Authority (RA):
 Validates the identity of the user or entity
Digital Certificates:
 Used to distribute users‘ public keys
 Individual or company „Digital ID“
Directory Services:
 Publish issued certificates, Certificate Revokation Lists (CRLs)
Security Policies:
 Policy & Practices, Service Availability, Liability Management

 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training24
, A. Pichardo 24
 Approaches of PKI

Use strong authentication methods to establish identity

 Authenticity 
Use methods to avoid changes of sensitive data or to recognize
unauthorized changes

 Integrity 
Encrypt data, which is intended for particular recipients only

 Confidentiality, Privacy 

Take measures, that a sender cannot repudiate information

 Non-Repudiation 
 SAP
 SAP
2001 AG
SAP
2001,
IT ENS
VPN–and
Genesis
IPSecProject
Training25
, A. Pichardo 25