Cryptography falls into the sixth and last domain of CompTIA’s Security+ exam (SYO-401) and contributes 12% to the exam score. The Security+ exam tests the candidate’s knowledge of cryptography and how it relates to the security of networked and stand-alone systems in organizations. To pass the Security+ exam, the candidates must understand both symmetric and asymmetric cryptography, as well as in-band vs. out-of-band key exchange, encryption methods and their differences, and cryptography attacks. Show
IT security experts employ cryptographic systems to meet various fundamental goals, including:
Symmetric vs. AsymmetricSymmetric cryptography, also called secret-key or private-key cryptography, is an encryption scheme in which both parties (sender and receiver) use the same key for encryption and decryption of the message (see Figure 1). The sender utilizes the private key to encrypt the message and transmits it to the receiver. The receiver, who is in possession of the same private key, employs it to decrypt the message successfully. Symmetric cryptography is very fast compared to asymmetric cryptography. Its speed is due to straightforward and efficient algorithms and the fact that a single shared key is used to encrypt and decrypt the message. Symmetric cryptography is secure only as long as the shared key is kept private. If a shared key is stolen or compromised, true protection cannot be ensured. To make the key secure, the communicating parties should implement a preferred method, which is a public key infrastructure (PKI) solution. Some other solutions include advanced encryption standard (AES), triple data encryption standard (3DES), blowfish, twofish, and Rivest Cipher 6 (RC6). Another good approach for symmetric cryptography is to use the larger key. Asymmetric cryptography, also called public-key cryptography, is an encryption scheme in which the communicating parties use a different, but mathematically related, pair of keys to encrypt and decrypt the message (see Figure 2). Although the keys are mathematically similar, they cannot be derived from each other. The key pairs consist of a public key and a private key. The use of the key pairs makes asymmetric cryptography much more scalable than symmetric cryptography. The public key is known and open. On the other hand, the private key must be kept private and secure, and only the recipient can possess it. The sender encrypts the message with the intended recipient’s public key and then the receiver decrypts the message with a private key that only he/she owns. Because asymmetric cryptography is much slower than symmetric cryptography, it isn’t fit for the encryption of a large amount of data. In that case, symmetric cryptography will be the best fit. The common solutions for asymmetric encryption include the Rivest, Shamir, and Adelman (RSA), Diffie-Hellman, ElGamal, and elliptic curve cryptography (ECC). Session KeysSession keys are encryption keys used for a communication session. Session keys can be either symmetric or asymmetric and are randomly generated for a single session. In-Band vs. Out-Band Key ExchangeAn in-band key exchange is an exchange by two or more parties of a public key over the Internet or through an existing communication channel. The In-band is less secure because man-in-the-middle attack could intercept the data. On the other hand, an out-of-band key exchange is an exchange by two or more parties of a private key outside the Internet and outside of the current communication channel. For example, smart cards, ExpressCard/PC Card technology, and USB drives can store the private keys for authentication and, when these keys are delivered outside of a network, the out-of-band key exchange takes place. It’s more secure than in-band exchange key because any attack trying to access the initial channel is less likely to have access to the alternate communications path. Fundamental Differences and Encryption MethodsBlock vs. StreamBlock and stream are two sub-forms of symmetric cryptography. A block cipher breaks the plain text into fixed-length segments called blocks and operates on each block separately. Encryption algorithms are also applied at the same time. A stream cipher encrypts data one bit at a time, unlike block cipher, which works on blocks of plain text. Stream ciphers, in terms of design, are faster than block ciphers. A block cipher uses the same key to encrypt each of the blocks, while a stream cipher uses different keys to encrypt each bit. HashingHashing is used to protect the integrity of a message by preventing it from being improperly accessed during transmits over a network. Hashing produces a unique identifier, which can be a hash, hash value, checksum, or fingerprint. A hash function is used to generate the identifier. The common hash algorithms include Message Digest 5 (MD5), MD4, MD2, and Secure Hash Algorithm (SHA-1). Hashing attacks are done by using reverse engineering. Furthermore, the hackers mostly use hashing attacks to crack the passwords. SteganographySteganography is a process of hiding a message in a communication medium, such as a digital audio file, video file, or image file. Steganography uses the least significant bit (LSB) method to hide the message. Another common form is to hide the text inside the graphics. If an attack occurs, the entire message can instantly be compromised. Brute-force attacks, in which the hackers try to extract the hidden message from the communication channel, are often used. Digital SignaturesDigital signatures are used to prove that a message was sent from a particular user and that the message was not altered while in transit. A digital signature uses either an asymmetric or symmetric encryption solution and involves a hashing algorithm as well. What Type of Cryptographic Attacks Do You Need to Know for Security+ Exam?There are some common cryptographic attacks, including: Birthday AttacksBirthday attacks are examples of attacks targeted at the keys. A birthday attack takes place on a simple premise. For example, if there are 30 people in a house, there is some probability that three of them will have the same birthday. The probability would increase if the additional people enter the house. Probability doesn’t ensure the occurrence of something. Instead, it only guesses that something is more likely to take place. If the key is hashed, there is a possibility that, given enough time, the hacker can create another value that would give the same hash value. The birthday attack is so dangerous that even an MD5 hash is vulnerable to it. Man-in-the-Middle AttackA man-in-the-middle attack is an eavesdropping attack in which an attacker positions himself in the communication channel between a client and server or any two communicating entities. With this attack, the attackers can secretly modify the communication channel. To prevent man-in-the-middle attacks, security experts can take some countermeasures, including secure encryption techniques, such as IPsec, and the use of the strong authentication methods, such as multifactor authentication, mutual authentication, certificates, and Kerberos. Side-Channel AttacksSide-channel attacks are based on data obtained from the physical infrastructure of cryptosystems, rather than theoretical deficiencies in the algorithms. For instance, power consumption, timing information, electromagnetic leaks, or even sound can provide useful information that can be exploited to break down the system. A side-channel attack can be further classified as:
Mathematical AttackA mathematical attack focuses on an encryption algorithm or any weak area in it, and the key mechanism. Mathematical attacks use statistical analysis and mathematical modeling to determine how the systems operate. Security+ Boot CampThe InfoSec Institute offers a Security+ Boot Camp that teaches you information theory and reinforces theory with hands-on exercises that help you learn by doing. InfoSec also offers thousands of articles on all manner of security topics.
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key.[1][2] Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security.[3] In a public-key encryption system, anyone with a public key can encrypt a message, yielding a ciphertext, but only those who know the corresponding private key can decrypt the ciphertext to obtain the original message.[4] For example, a journalist can publish the public key of an encryption key pair on a web site so that sources can send secret messages to the news organization in ciphertext. Only the journalist who knows the corresponding private key can decrypt the ciphertexts to obtain the sources' messages—an eavesdropper reading email on its way to the journalist can't decrypt the ciphertexts. However, public-key encryption doesn't conceal metadata like what computer a source used to send a message, when they sent it, or how long it is. Public-key encryption on its own also doesn't tell the recipient anything about who sent a message—it just conceals the content of a message in a ciphertext that can only be decrypted with the private key. In a digital signature system, a sender can use a private key together with a message to create a signature. Anyone with the corresponding public key can verify whether the signature matches the message, but a forger who doesn't know the private key can't find any message/signature pair that will pass verification with the public key.[5][6] For example, a software publisher can create a signature key pair and include the public key in software installed on computers. Later, the publisher can distribute an update to the software signed using the private key, and any computer receiving an update can confirm it is genuine by verifying the signature using the public key. As long as the software publisher keeps the private key secret, even if a forger can distribute malicious updates to computers, they can't convince the computers that any malicious updates are genuine. Public key algorithms are fundamental security primitives in modern cryptosystems, including applications and protocols which offer assurance of the confidentiality, authenticity and non-repudiability of electronic communications and data storage. They underpin numerous Internet standards, such as Transport Layer Security (TLS), SSH, S/MIME and PGP. Some public key algorithms provide key distribution and secrecy (e.g., Diffie–Hellman key exchange), some provide digital signatures (e.g., Digital Signature Algorithm), and some provide both (e.g., RSA). Compared to symmetric encryption, asymmetric encryption is rather slower than good symmetric encryption, too slow for many purposes.[7] Today's cryptosystems (such as TLS, Secure Shell) use both symmetric encryption and asymmetric encryption, often by using asymmetric encryption to securely exchange a secret key which is then used for symmetric encryption. DescriptionBefore the mid-1970s, all cipher systems used symmetric key algorithms, in which the same cryptographic key is used with the underlying algorithm by both the sender and the recipient, who must both keep it secret. Of necessity, the key in every such system had to be exchanged between the communicating parties in some secure way prior to any use of the system – for instance, via a secure channel. This requirement is never trivial and very rapidly becomes unmanageable as the number of participants increases, or when secure channels aren't available, or when, (as is sensible cryptographic practice), keys are frequently changed. In particular, if messages are meant to be secure from other users, a separate key is required for each possible pair of users. By contrast, in a public key system, the public keys can be disseminated widely and openly, and only the corresponding private keys need be kept secret by its owner. Two of the best-known uses of public key cryptography are:
One important issue is confidence/proof that a particular public key is authentic, i.e. that it is correct and belongs to the person or entity claimed, and has not been tampered with or replaced by some (perhaps malicious) third party. There are several possible approaches, including: A public key infrastructure (PKI), in which one or more third parties – known as certificate authorities – certify ownership of key pairs. TLS relies upon this. This implies that the PKI system (software, hardware, and management) is trust-able by all involved. A "web of trust" which decentralizes authentication by using individual endorsements of links between a user and the public key belonging to that user. PGP uses this approach, in addition to lookup in the domain name system (DNS). The DKIM system for digitally signing emails also uses this approach. ApplicationsThe most obvious application of a public key encryption system is for encrypting communication to provide confidentiality – a message that a sender encrypts using the recipient's public key which can be decrypted only by the recipient's paired private key. Another application in public key cryptography is the digital signature. Digital signature schemes can be used for sender authentication. Non-repudiation systems use digital signatures to ensure that one party cannot successfully dispute its authorship of a document or communication. Further applications built on this foundation include: digital cash, password-authenticated key agreement, time-stamping services and non-repudiation protocols. Hybrid cryptosystemsBecause asymmetric key algorithms are nearly always much more computationally intensive than symmetric ones, it is common to use a public/private asymmetric key-exchange algorithm to encrypt and exchange a symmetric key, which is then used by symmetric-key cryptography to transmit data using the now-shared symmetric key for a symmetric key encryption algorithm. PGP, SSH, and the SSL/TLS family of schemes use this procedure; they are thus called hybrid cryptosystems. The initial asymmetric cryptography-based key exchange to share a server-generated symmetric key from the server to client has the advantage of not requiring that a symmetric key be pre-shared manually, such as on printed paper or discs transported by a courier, while providing the higher data throughput of symmetric key cryptography over asymmetric key cryptography for the remainder of the shared connection. WeaknessesAs with all security-related systems, it is important to identify potential weaknesses. Aside from poor choice of an asymmetric key algorithm (there are few which are widely regarded as satisfactory) or too short a key length, the chief security risk is that the private key of a pair becomes known. All security of messages, authentication, etc., will then be lost. AlgorithmsAll public key schemes are in theory susceptible to a "brute-force key search attack".[9] However, such an attack is impractical if the amount of computation needed to succeed – termed the "work factor" by Claude Shannon – is out of reach of all potential attackers. In many cases, the work factor can be increased by simply choosing a longer key. But other algorithms may inherently have much lower work factors, making resistance to a brute-force attack (e.g., from longer keys) irrelevant. Some special and specific algorithms have been developed to aid in attacking some public key encryption algorithms; both RSA and ElGamal encryption have known attacks that are much faster than the brute-force approach.[10] None of these are sufficiently improved to be actually practical, however. Major weaknesses have been found for several formerly promising asymmetric key algorithms. The "knapsack packing" algorithm was found to be insecure after the development of a new attack.[11] As with all cryptographic functions, public-key implementations may be vulnerable to side-channel attacks that exploit information leakage to simplify the search for a secret key. These are often independent of the algorithm being used. Research is underway to both discover, and to protect against, new attacks. Alteration of public keysAnother potential security vulnerability in using asymmetric keys is the possibility of a "man-in-the-middle" attack, in which the communication of public keys is intercepted by a third party (the "man in the middle") and then modified to provide different public keys instead. Encrypted messages and responses must, in all instances, be intercepted, decrypted, and re-encrypted by the attacker using the correct public keys for the different communication segments so as to avoid suspicion. A communication is said to be insecure where data is transmitted in a manner that allows for interception (also called "sniffing"). These terms refer to reading the sender's private data in its entirety. A communication is particularly unsafe when interceptions can't be prevented or monitored by the sender.[12] A man-in-the-middle attack can be difficult to implement due to the complexities of modern security protocols. However, the task becomes simpler when a sender is using insecure media such as public networks, the Internet, or wireless communication. In these cases an attacker can compromise the communications infrastructure rather than the data itself. A hypothetical malicious staff member at an Internet Service Provider (ISP) might find a man-in-the-middle attack relatively straightforward. Capturing the public key would only require searching for the key as it gets sent through the ISP's communications hardware; in properly implemented asymmetric key schemes, this is not a significant risk. In some advanced man-in-the-middle attacks, one side of the communication will see the original data while the other will receive a malicious variant. Asymmetric man-in-the-middle attacks can prevent users from realizing their connection is compromised. This remains so even when one user's data is known to be compromised because the data appears fine to the other user. This can lead to confusing disagreements between users such as "it must be on your end!" when neither user is at fault. Hence, man-in-the-middle attacks are only fully preventable when the communications infrastructure is physically controlled by one or both parties; such as via a wired route inside the sender's own building. In summation, public keys are easier to alter when the communications hardware used by a sender is controlled by an attacker.[13][14][15] Public key infrastructureOne approach to prevent such attacks involves the use of a public key infrastructure (PKI); a set of roles, policies, and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. However, this has potential weaknesses. For example, the certificate authority issuing the certificate must be trusted by all participating parties to have properly checked the identity of the key-holder, to have ensured the correctness of the public key when it issues a certificate, to be secure from computer piracy, and to have made arrangements with all participants to check all their certificates before protected communications can begin. Web browsers, for instance, are supplied with a long list of "self-signed identity certificates" from PKI providers – these are used to check the bona fides of the certificate authority and then, in a second step, the certificates of potential communicators. An attacker who could subvert one of those certificate authorities into issuing a certificate for a bogus public key could then mount a "man-in-the-middle" attack as easily as if the certificate scheme were not used at all. In an alternative scenario rarely discussed,[citation needed] an attacker who penetrates an authority's servers and obtains its store of certificates and keys (public and private) would be able to spoof, masquerade, decrypt, and forge transactions without limit. Despite its theoretical and potential problems, this approach is widely used. Examples include TLS and its predecessor SSL, which are commonly used to provide security for web browser transactions (for example, to securely send credit card details to an online store). Aside from the resistance to attack of a particular key pair, the security of the certification hierarchy must be considered when deploying public key systems. Some certificate authority – usually a purpose-built program running on a server computer – vouches for the identities assigned to specific private keys by producing a digital certificate. Public key digital certificates are typically valid for several years at a time, so the associated private keys must be held securely over that time. When a private key used for certificate creation higher in the PKI server hierarchy is compromised, or accidentally disclosed, then a "man-in-the-middle attack" is possible, making any subordinate certificate wholly insecure. ExamplesExamples of well-regarded asymmetric key techniques for varied purposes include:
Examples of asymmetric key algorithms not yet widely adopted include:
Examples of notable – yet insecure – asymmetric key algorithms include:
Examples of protocols using asymmetric key algorithms include:
HistoryDuring the early history of cryptography, two parties would rely upon a key that they would exchange by means of a secure, but non-cryptographic, method such as a face-to-face meeting, or a trusted courier. This key, which both parties must then keep absolutely secret, could then be used to exchange encrypted messages. A number of significant practical difficulties arise with this approach to distributing keys. AnticipationIn his 1874 book The Principles of Science, William Stanley Jevons[16] wrote:
Here he described the relationship of one-way functions to cryptography, and went on to discuss specifically the factorization problem used to create a trapdoor function. In July 1996, mathematician Solomon W. Golomb said: "Jevons anticipated a key feature of the RSA Algorithm for public key cryptography, although he certainly did not invent the concept of public key cryptography."[19] Classified discoveryIn 1970, James H. Ellis, a British cryptographer at the UK Government Communications Headquarters (GCHQ), conceived of the possibility of "non-secret encryption", (now called public key cryptography), but could see no way to implement it.[20][21] In 1973, his colleague Clifford Cocks implemented what has become known as the RSA encryption algorithm, giving a practical method of "non-secret encryption", and in 1974 another GCHQ mathematician and cryptographer, Malcolm J. Williamson, developed what is now known as Diffie–Hellman key exchange. The scheme was also passed to the US's National Security Agency.[22] Both organisations had a military focus and only limited computing power was available in any case; the potential of public key cryptography remained unrealised by either organization:
These discoveries were not publicly acknowledged for 27 years, until the research was declassified by the British government in 1997.[23] Public discoveryIn 1976, an asymmetric key cryptosystem was published by Whitfield Diffie and Martin Hellman who, influenced by Ralph Merkle's work on public key distribution, disclosed a method of public key agreement. This method of key exchange, which uses exponentiation in a finite field, came to be known as Diffie–Hellman key exchange.[24] This was the first published practical method for establishing a shared secret-key over an authenticated (but not confidential) communications channel without using a prior shared secret. Merkle's "public key-agreement technique" became known as Merkle's Puzzles, and was invented in 1974 and only published in 1978. This makes asymmetric encryption a rather new field in cryptography although cryptography itself dates back more than 2,000 years.[25] In 1977, a generalization of Cocks' scheme was independently invented by Ron Rivest, Adi Shamir and Leonard Adleman, all then at MIT. The latter authors published their work in 1978 in Martin Gardner's Scientific American column, and the algorithm came to be known as RSA, from their initials.[26] RSA uses exponentiation modulo a product of two very large primes, to encrypt and decrypt, performing both public key encryption and public key digital signatures. Its security is connected to the extreme difficulty of factoring large integers, a problem for which there is no known efficient general technique (though prime factorization may be obtained through brute-force attacks; this grows much more difficult the larger the prime factors are). A description of the algorithm was published in the Mathematical Games column in the August 1977 issue of Scientific American.[27] Since the 1970s, a large number and variety of encryption, digital signature, key agreement, and other techniques have been developed, including the Rabin cryptosystem, ElGamal encryption, DSA - and elliptic curve cryptography. See also
Notes
References
External links
|