cryptographic tools and techniques part 2 of 2

Cryptographic Tools and Techniques Part 2 of 2

Table of Contents

Types of Encryption ........................................................................................................................ 2

Symmetric Encryption ..................................................................................................................... 3

Symmetric Encryption Example ...................................................................................................... 4

Asymmetric Encryption ................................................................................................................... 5

Asymmetric Encryption Example .................................................................................................... 7

Diffie-Hellman Key Agreement (example) ...................................................................................... 8

Diffie-Hellman Calculation .............................................................................................................. 9

Example with Color-coded Values ................................................................................................ 11

Symmetric vs. Asymmetric Encryption -1 ..................................................................................... 15

Symmetric vs. Asymmetric Encryption -2 ..................................................................................... 17

Choosing an Encryption Option .................................................................................................... 19

Option 3: Hybrid Encryption ......................................................................................................... 21

Notices .......................................................................................................................................... 23

of 23

Types of Encryption

10

Types of Encryption

SymmetricAsymmetric

**010 So, two types of encryption, symmetric and asymmetric.

of 23

Symmetric Encryption

11

Symmetric Encryption

Encryption and decryption are done using the same key.

Keys must be kept secret to be secure.• Commonly referred to as a ‘secret key’ or shared secret.

Examples• DES/3DES• AES• Blowfish• Twofish

**011 Symmetric encryption-- we use both of them, by the way. You're going to actually see it pretty soon. But we actually use both of these all the time. Encryption-- in symmetric encryption, you use the same key to encrypt things as you do to decrypt them. So, they keys have to be kept secret to be secure. Now, where's my crypto guys in the room? People come around periodically to rekey things, right? The problem is they have to come around to rekey it because that's the only way to keep the keys secure. They can't email it to you because then anybody who could intercept

of 23

the email would say, "Oh, look. There's the key value." And then they could break the encryption. So, that's the hard part with symmetric encryption.

Symmetric Encryption Example

12

Symmetric Encryption Example

**012 However, symmetric encryption is really fast. It doesn't take a whole lot of bits to do a really strong job of encryption. And it works really well. It just has this little flaw that says it's a pain in the neck to use as anybody who's had to wait around for somebody come back and bring you another key, right, because when your key goes dead, what happens?

of 23

Student: Rekey. Joe Mayes: Yep, and no transmissions until the rekey because it doesn't work because you and the other side have to have the same key.

Asymmetric Encryption

13

Asymmetric Encryption

Encryption and decryption are done with separate keys.• Encryption is usually done with a public key.• Decryption is done with the corresponding private key.

Public key is easily available; private key must be kept secret.

Examples• Diffie-Hellman• ElGamel• DSS/DSA

**013 Asymmetric encryption, this is where you think who thought this one up. I love to think about-- when I do computing stuff, I love to think about the fact that some guys together in a hot tub on a Friday night drinking a couple of beers said, "Hey, let's try this." And one of the let's try this's was asymmetric

of 23

encryption. Use one key to encrypt, and a different key to decrypt. They're related, but they're not the same. Who sat around and dreamed up that math? I can encrypt with this key. And I can decrypt with that key because you actually can't decrypt-- if you try to decrypt with the encryption key, it doesn't work. It has to be the other key. So, they're a pair of keys. So, the public key and private key is what they call them. There's also a public key that can be used to decrypt. The public key can be shared. So, what happens on an email system is your public key is parked up. And we'll talk about where that's parked later. But it's parked up here. We'll figure out what up here means, okay? But it's parked up here. If I want to read the encrypted email you sent me, I grab your public key and pull it down. I apply it to the encrypted email you sent me. You encrypted it with the private key of your CAC card. It comes to me. I run the decryption algorithm with the public key and viola. There it is. So, that's public key encryption-- public/private key encryption. There are a number of standards for it. We're going to actually walk through a couple of these and see some little demos of this. But public key encryption works really well. But it's a lot more complicated computationally. It takes a lot more

of 23

CPU cycles. The computer's got to work a lot harder. Therefore, it's not as fast. So, a couple of common ones are Diffie-Hellman, ElGamel, and the Digital Signature Standard, DSS.

Asymmetric Encryption Example

14

Asymmetric Encryption Example

**014 So, there's the public key. There's the private key. And we use them both ways, by the way. Sometimes you can process with the private key, and then the public key opens it. Sometimes you process with the public key, and the private key opens it. We'll talk about both of those situations.

of 23

Diffie-Hellman Key Agreement (example)

15

Diffie-Hellman Key Agreement (example)

Describes a method whereby two parties, without any prior arrangements, can agree upon a secret key that is known only to them

• In particular, it is not known to an eavesdropper listening to the dialogue by which the parties agree on the key

**015 So, Diffie-Hellman-- by the way, if you're really good, you get an encryption named after yourself. Like the Vince Lombardi trophy, except this is the Diffie-Hellman trophy. So, Diffie-Hellman, two people, they described a method where two parties without any prior arrangements can agree on a secret key. And what's cool about that is what it means is you start with you're talking to me. I'm talking to you. And we're talking in the clear. They developed a protocol that says I can pass you some information. You can pass me some information. And boom, we can now have an encrypted session. And nobody in the

of 23

middle can break in because we didn't pass enough information for them to know what the key is. That took two hot tubs to figure that one out.

Diffie-Hellman Calculation

16

Diffie-Hellman Calculation

Steps in the algorithmI. Alice and Bob agree on a prime number p and a base g.

II. Alice chooses a secret number a, and sends Bob (ga mod p).

III. Bob chooses a secret number b, and sends Alice (gb mod p).

IV. Alice computes ((gb mod p)a mod p).

V. Bob computes ((ga mod p)b mod p).

Both Alice and Bob can use this number as their key.Notice that p and g need not be protected.

**016 So, as I talk about Alice and Bob, if you read Diffie-Hellman, Alice and Bob are the two most famous characters in the encryption world. There's always Alice and Bob. And why Alice and Bob? Because it makes it more fun than saying Person A and Person B, right?

of 23

So, Alice and Bob agree on a prime number. Everybody know what prime numbers are? Right? A number divisible only by itself and one. And a base number, which we'll call g, or the generator. And then Alice chooses a secret number and sends it to Bob. But she doesn't send him the secret number. The secret number is her what? Student: Her private key. Joe Mayes: Her private key. So, instead, she sends-- we had p. We had g. And she sends g sub a mod p. Bob sends g sub b mod p. And then Alice computes. And Bob computes. And they get the same number. You believe that, right? The cool part here is p and g don't need to be protected. So, we can agree on p and g out in the open. And if you go to the next slide, we actually show you how it works with easy numbers, not with hundred and twenty-eight bit keys or five hundred and twelve bit keys or anything like that.

of 23

Example with Color-coded Values

17

Example with Color-coded Values

Steps in the color codeI. Alice and Bob agree on p = 23(a prime #) and g = 5(the base #)

II. Alice chooses a = 6 and sends 56 mod 23 = 856 mod 23 = 15625 mod 23 = 8, because 15625 / 23 equals 679, remainder 8

III. Bob chooses b = 15 and sends 515 mod 23 = 19

IV. Alice computes 196 mod 23 = 2

V. Bob computes 815 mod 23 = 2

The concept here is that, in the end, Bob and Alice both calculated the same value (2). And the value (2) could not be calculated by a third party sniffing the transaction, even if the values 8 and 19 were sniffed.

**017 So, here we go. I'm going to walk to the other side here. So, my neck can be equally sore on both sides. So, Alice and Bob agree. So, we've got-- notice I tried to color code this. Twenty-three is a prime number. And five is the base number. So, Alice and I just agreed on we're going to use twenty-three as the p value and five as the g value. And the whole world saw that. So, now Alice is going to choose six for her private key value. And she sends five to the sixth power mod twenty-three. Of course, you all know what that is from high school math,

of 23

right? No, let's make it easy, right? Five to the sixth power mod twenty- three equals five times five time five times five times five times five or fifteen thousand six hundred twenty- five. Mod twenty-three equals eight. So, now you've got to know what a modulus is. Modulus is essentially a fancy way of saying the remainder. So, what they did was they take fifteen thousand six hundred twenty- five divided by twenty-three. It equals six seventy-nine with a remainder of eight. So, as twenty- three goes into that number six hundred and seventy-nine times, we don't care about that. It could go in three times or three thousand times. It doesn't matter. What we care about is it has a remainder. And the remainder is eight. That's why you use prime numbers because a prime number won't divide into anything evenly. So, it's always going to generate a remainder because it's the remainder we wanted, not the six seventy-nine. We wanted the remainder. So, Alice chose six. Bob chooses fifteen. So, Bob does the same thing. He takes five to the fifteenth power. And she here took five to the sixth power. So, that's the generator on both sides. So, this five got generated as five to the sixth power. And this five got generated as five to the fifteenth power because fifteen was Bob's secret number. And his value is nineteen. So, what

of 23

happens is Alice sends eight to Bob. Bob sends nineteen to Alice. Alice then computes nineteen to the sixth power divided by twenty-three. Bob computes eight to the fifteenth power divided by twenty-three. And guess what? For the both of them, the answer is two. Two is now their shared key. And if you're the guy in the middle and all you saw go by was twenty-three, five, eight, and nineteen, you can't make this because you have twenty-three. You have five. You have eight. You have nineteen. So, you have eight, nineteen, twenty-three, and five. What you don't have is you don't have the six or the fifteen. So, without the six or the fifteen, you can't make the equation. And because you can't make the equation, you can't come up with two. Therefore, you don't know what the key is. Student: So, how does Bob know that Alice picked six? Joe Mayes: Bob doesn't have to know Alice picked six. See, Bob didn't use the six. Bob used the numbers that he knew, eight, and twenty- three, and used his fifteen. Alice didn't know Bob's number. Alice used nineteen from Bob, and the six that she picked, and the twenty-three. That's what makes this cool is it actually works. Now, the real trick is these are really small numbers. Imagine what this is like with a five hundred and twelve bit key. The numbers are really big.

of 23

That's why you need a computer, right? But the concept works. The math works. And I know at least one of you will go home tonight with a calculator and double check this. But it really does work. Student: So, that's why they're always looking for the really big prime numbers on supercomputers? Joe Mayes: Right. Yeah, because the bigger the prime numbers you have, the bigger the keys you can make. But this works. And what it does is it allows people to share and come back with these guys both knowing what two is. And Alice told Bob, my number is two without ever telling him. Bob told Alice, my number is two without ever telling him. They both agree that the secret key is two now, except it's going to be a lot bigger when you use real numbers in this thing. But this is small enough numbers you can actually do the math. So, it's a good example. That is Diffie-Hellman. And this using public and private keys to then perform an encryption because now that they both agree on two, they can use two as an encrypting key, and encrypt everything they want with a value of two because they each know it's two. And nobody else in the world knows it's two.

of 23

Symmetric vs. Asymmetric Encryption -1

18


Symmetric encryption is stronger and faster• More encryption for a given key length• Shorter key length = less processing overhead• BUT

— Key Exchange is an issue (how to distribute/redistribute keys)— Key Management is an issue (unique source/destination keys)

o If keys re-used, one key compromise affects many systems— Symmetric keys provide encryption only

**018 Joe Mayes: So, symmetric encryption is stronger and faster, shorter key length, less processing overhead. But the key exchange problem is the big deal. Key management's also an issue. You have two choices for key management if you're using shared key encryption. One choice is everybody gets the same key. So, if you've got ten people in the room, and they all have to send to each other, they all get one key. What's the problem there? Ten chances for the key to get compromised. And once it's compromised, you compromised the communications of all ten people.

of 23

The other choice is what? Each pair gets their own key. If each pair gets their own unique key, it takes like ninety keys for ten people to talk to each other, ninety different keys and one for each end. So, there's a hundred and eighty keys on ninety key pairs to be able to talk to each other. So, it's not scalable. That's why in the military they have to be really secure about how they move the keys around because if you lose a key anywhere, what happens? That key has to be invalidated all over the world or however big the pool is that that key was being used in. And one other thing is they provide encryption only. Well, yeah that's what we're talking about is encryption, right? Oh, but you can do more than encryption with an encryption key. Hang on.

of 23


19


Asymmetric encryption• Public/private keys

— the public key can be freely distributed— Unique sender/receiver encryptions are automatically created— Each public key is matched to the corresponding private key

o Provides authentication when keypair match is achieved• BUT

— Encryption is 10x more intensive for same level of security— Key exchange of public keys is easy, but can be spoofed

**019 Asymmetric encryption, the public key can be freely distributed, right? That's what we said about your email. That public key sits up on a mail server someplace. And anybody can ask for it. Four hundred thousand people in the service can all have your public key, and it doesn't affect the security of your encryption because it's only the public key. That's why they call it the public key. You could take it and post it on a billboard if you wanted to. Unique sender/receiver encryptions are automatically created because it's a public/private key handshake. Each public key is matched to the

of 23

corresponding private key so that you get authentication for the key pair. The problem is that the encryption is ten times more intensive for the same level of security. You're going to see in a demo I'm doing really quickly now that we're going to use a a thousand twenty-four bit public key as equivalent to a hundred twenty- eight bit shared key. Ten twenty-four bits of public key encryption is equal to a hundred and twenty-eight bits of shared key encryption, or roughly equal, which means you're computer has got to work ten times as hard to do every encryption or every decryption. And key exchange of public keys is easy but can be spoofed. The way it can be spoofed is if I say, "Here, this is my public key," and you take it, and you don't check that it doesn't have my name on it-- I cross this out, white it out and put my name on it. And I give it to you. And you think it's my public key, but really it's not. Really it's somebody else's. And I want to get their email open. So, I gave you Dan's public key. And I have Dan's private key because I stole it. So, you think you're sending an email to me, but you're actually using Dan's key pair. And then I can read Dan's email now because everything you're encrypting that you thought you were encrypting to me, you're really encrypting to Dan. Everything you thought you were encrypting to Dan, you're really encrypting to me. We have ways around that problem, and we'll show those to you.

of 23

Choosing an Encryption Option

20

Choosing an Encryption Option

Use symmetric encryption• When key management and key exchange aren’t issues• When the highest levels of encryption are needed• When authentication is not needed as part of the encryption

Use asymmetric encryption• When key pairs have to be exchanged in exposed environments• When authentication (or integrity) are needed

— Example: Facebook uses https to assure the user is actually connected to Facebook and that the information is not altered

• When encryption overhead is not an issue— Works best with small payloads

**020 So, when do you use these things? This is an important question. All through this thing, I'm going to teach technologies like this. And I'm also going to talk about it and say, "Okay, now that you understand it, what are you going to do with it?" And the what are you going to do with this it is when do you use symmetric encryption. Well, you use it when key management and key exchange aren't issues, or when the highest levels of encryption are needed, or when authentication is not needed as part of the encryption. When do you use asymmetric? When key phrase has to be exchanged in

of 23

exposed environments, when authentication or integrity are needed. And one place that uses that, anybody ever been to a think called Facebook? You may have heard of this. When you go to Facebook, even before you log on, even if you just go to their homepage, they're already using HTTPS. And the reason they're using HTTPS is because Facebook was being spoofed. And people were going to spoofed Facebook sites. So, they decided to go to HTTPS because if you can go to HTTPS facebook.com, and you don't get an error, then you're at the real Facebook. If you go and there's pop up banners that says, "Wait, this site doesn't match." Then you're at a fake Facebook site. And you can also use it when encryption overhead's not an issue and works best with small payloads because the smaller the payload, the less you care about the fact that it's ten times more intensive. If you're moving Hello, World, and that's the only text on your document, then it doesn't really matter how long it takes to encrypt two words.

of 23

Option 3: Hybrid Encryption

21

Option 3: Hybrid Encryption

Create asymmetric encrypted sessions between hosts

Remote host authenticates target public key• Authenticated public key assures connecting to the correct target

Use the encrypted session to exchange unique session-based symmetric session keys

Send the data using symmetric encryption

**021 So, there is a third option. The third option is to be a hybrid encryption. And hybrid encryption, we sneak around. We do the best of both worlds. This is the best of both worlds thing. In hybrid encryption, we take and create an asymmetric encrypted session between hosts. Can we do that in the clear? The Bob and Alice thing, right? We do the Bob and Alice thing. And now we have an encrypted session. So, we didn't have to worry about key exchanges. Now, in that encrypted session, instead of sending my data, why

of 23

don't just instead I'll send you a shared key. I'll generate a shared key, send it to you, now you have it. Now, when I sent you the shared key, could anybody else see it? Student: No. Joe Mayes: No because I was already encrypted with asymmetric encryption, right? Once I get the shared key to you, what happens? Now, we both have the same shared key. Now, I can move large amounts of data using shared key encryption because I was able to send that shared key to you securely by using public key encryption to send the shared key. Hurts doesn't it. Yep because the whole problem shared key encryption was how do you get the key to the other person without compromising it. Well, if we use public key encryption to set up the ability to send the shared key, and then do the rest of our encryption using the shared key, now we've got something.

of 23

Notices

2

Notices© 2014 Carnegie Mellon University

This material is distributed by the Software Engineering Institute (SEI) only to course attendees for their own individual study.

Except for the U.S. government purposes described below, this material SHALL NOT be reproduced or used in any other manner without requesting formal permission from the Software Engineering Institute at [email protected].

This material was created in the performance of Federal Government Contract Number FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. The U.S. government's rights to use, modify, reproduce, release, perform, display, or disclose this material are restricted by the Rights in Technical Data-Noncommercial Items clauses (DFAR 252-227.7013 and DFAR 252-227.7013 Alternate I) contained in the above identified contract. Any reproduction of this material or portions thereof marked with this legend must also reproduce the disclaimers contained on this slide.

Although the rights granted by contract do not require course attendance to use this material for U.S. government purposes, the SEI recommends attendance to ensure proper understanding.

THE MATERIAL IS PROVIDED ON AN “AS IS” BASIS, AND CARNEGIE MELLON DISCLAIMS ANY AND ALL WARRANTIES, IMPLIED OR OTHERWISE (INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, RESULTS OBTAINED FROM USE OF THE MATERIAL, MERCHANTABILITY, AND/OR NON-INFRINGEMENT).

CERT ® is a registered mark owned by Carnegie Mellon University.

of 23

cryptographic tools and techniques part 2 of 2

Documents