Documente Academic
Documente Profesional
Documente Cultură
Objectives
Demystify commonly used terminology
Explain how PKI works
Get you playing with PKI in the lab
Make some simple recommendations
Agenda
Foundational Concept (level 200)
PKI and Signatures (level 330)
Recommendations (level 310)
Reference material
Common Algorithms (level 360)
Foundational Concepts
Encryption vs.
Authentication
Encrypted information cannot be automatically
trusted
Assets
What we are securing?
Data
Services (i.e. business etc. applications or their
individually accessible parts)
Weak Physical
Security of KA
Strong Physical
Security of KA
Strong Digital
Security
Strong Digital
Security
Weak Digital
Security
Good Security
Everywhere
Insecure
Environment
Insecure
Environment
http://www.nhsia.nhs.uk/pathology/pages/docum
ents/cp_cps.doc
Symmetric Key
Cryptography
Plain-text input
The quick
brown fox
jumps over
the lazy
dog
Cipher-text
Plain-text output
AxCv;5bmEseTfid3)f
GsmWe#4^,sdgfMwir
3:dkJeTsY8R\s@!
q3%
The quick
brown fox
jumps over
the lazy
dog
Encryption
Decryption
Same key
(shared secret)
Weakness:
Must agree the key beforehand
Securely pass the key to the other party
Public
Key
Encryption
Clear-text Input
Clear-text Output
Cipher-text
Cipher-text
The quick
brown fox
jumps over
the lazy
dog
The quick
brown fox
jumps over
the lazy
dog
Py75c%bn&*)9|
fDe^bDFaq#xzjFr@g
5=&nmdFg$5knvMdr
kvegMs
Encryption
public
Recipients
public key
Decryption
Different keys
privat
e
Recipients
private key
Strength
Solves problem of passing the key
Allows establishment of trust context between
parties
Hybrid Encryption
(Real
World)
Symmetric
Launch key
for nuclear
missile
RedHeat
is...
encryption
(e.g. DES)
Users
public key
(in certificate)
RandomlyGenerated
symmetric
session key
*#$fjda^j
u539!3t
t389E *&\@
5e%32\^kd
RNG
Symmetric key
encrypted asymmetrically
(e.g., RSA)
Digital
Envelope
As above, repeated
for other recipients
or recovery agents
Digital
Envelope
Other recipients or
agents public key
(in certificate)
in recovery policy
Hybrid Decryption
*#$fjda^j
u539!3t
t389E *&\@
5e%32\^kd
Launch key
for nuclear
missile
RedHeat
is...
Symmetric
decryption
(e.g. DES)
Symmetric
session key
Recipients
private key
Asymmetric
decryption of
session key (e.g. RSA)
Digital envelope
contains session
key encrypted
using recipients
public key
Digital
Envelope
But
Scott creates a keypair (private/public) and quickly tells
the world that the public key he published belongs to
Bill
Eureka!
We need PKI to solve that problem
And a few others
Creating a Digital
Signature
Message or File
Digital Signature
128 bits
128 bits
Message Digest
This is a
really long
message
about
Bills
Jrf843kjfgf*
$&Hdif*7oU
sd*&@:<CH
DFHSD(**
Py75c%bn&*)9|
fDe^bDFaq#xzjFr@g
5=&nmdFg$5knvMdr
kvegMs
Hash
Function
(SHA, MD5)
Calculate a short
message digest from
even a long input
using a one-way
message digest
function (hash)
Asymmetric
Encryption
privat
e
Signatorys
private key
Verifying a Digital
Signature
Digital Signature
Jrf843kjf
gf*$&Hd
if*7oUsd
*&@:<CHD
FHSD(**
Asymmetric
decryption
(e.g. RSA)
Py75c%bn&*)
9|fDe^bDFaq
#xzjFr@g5=
&nmdFg$5kn
vMdrkvegMs
? == ?
Signatorys
public key
Everyone has
access to trusted
public key of the
signatory
This is a
really long
message
about Bills
Py75c%bn&*)
9|fDe^bDFaq
#xzjFr@g5=
&nmdFg$5kn
vMdrkvegMs
Original Message
Recommendations
Dont be scared of PKI!
Set up a test environment to enable hyou to
play
Minimise the scope of your first implementation
Read up on CP & CPS
Document the purpose and operating
procedures of your PKI
Summary
Cryptography is a rich and amazingly mature field
We all rely on it, everyday, with our lives
Know the basics and make good choices avoiding
common pitfalls
References
Visit www.microsoft.com/security
Read sci.crypt (incl. archives)
Attend SEC499 for Encryption in Detail on Friday at
14.45 in Room 1
Common Algorithms
Symmetric
Blowfish, Twofish
B. Schneiers replacement for DES, followed by Twofish, one of the
NIST competition finalists
Rijndael (AES)
Standard replacement for DES for US government,
and, probably for all of us as a result
Construction, again, deceptively similar to DES (Sboxes, XORs etc.) but really different
GOST
Soviet Unions version of DES but with a clearer design
and many more repetitions of the process
256 bit key but really 610 bits of secret, so pretty much
tank quality
Backdoor? Who knows
RC4
Symmetric
R. Rivest in 1994
But!
It relies on a really good random number generator
And that is the problem
Asymmetric
ElGamal
Relies on complexity of discrete logarithms
Quantum Cryptography
Method for generating and passing a secret key or a random stream
Not for passing the actual data, but thats irrelevant
MD5, SHA
Hash functions not encryption at all!
Goals:
Not reversible: cant obtain the message from its hash
Hash much shorter than original
Two messages wont have the same hash
Diffie-Hellman, SSL,
Certs
Methods for key generation and exchange
DH is very clever since you always generate a
new key-pair for each asymmetric session
STS, MTI, and certs make it even safer
Cryptanalysis
Brute force
Good for guessing passwords, and some 40-bit symmetric
keys (in some cases needed only 27 attempts)
Frequency analysis
For very simple methods only (US mobiles)
Linear cryptanalysis
For stronger DES-like, needs 243 plain-cipher pairs
Differential cryptanalysis
Weaker DES-like, needs from 214 pairs
Strong Systems
It is always a mixture! Changes all the time
Symmetric:
AES, min. 128 bits for RC2 & RC5, 3DES, IDEA, carefully
analysed RC4, 256 bit better
Asymmetric:
RSA, ElGamal, Diffie-Hellman (for keys) with minimum
1024 bits (go for the maximum, typically 4096, if you
can afford it)
Hash:
Either MD5 or SHA but with at least 128 bit results, 256
better
Weak Systems
Anything with 40-bits (including 128 and 56 bit
versions with the remainder fixed)
CLIPPER
A5 (GSM mobile phones outside US)
Vigenre (US mobile phones)
Dates from 1585!