Computer Security and Ethical Hacking - Lecture 2 Notes

Computer Security and Ethical Hacking - Lecture 2 Notes

Learning Objectives

  • Overview of the following topics:

    • Symmetric block encryption.

    • Block encryption and stream encryption.

    • Asymmetric block encryption.

    • Digital Signature.

    • Authentication.

Types of Encryption Schemes

  • Symmetric Encryption: 1 Key for 2 users - known as Secret Key.

  • Asymmetric Encryption: Involves Public and Private Keys.

  • Block Encryption: Message is broken into fixed-size blocks.

  • Synchronous Encryption: Key stream depends on the key and an initialization vector (IV).

  • Self-Synchronous Encryption: Key stream depends on key, IV, and previous ciphertext.

Symmetric Encryption

  • Universal technique for providing confidentiality for transmitted or stored data.

  • Also referred to as conventional encryption or single-key encryption.

  • Two requirements for secure use:

    1. Strong encryption algorithm necessary to prevent decryption of ciphertext or discovery of the key.

    2. Sender and receiver must obtain secret key securely and keep it secure.

Components of Symmetric Encryption

  1. Plaintext: Original message or data fed into the algorithm.

  2. Encryption Algorithm: Performs substitutions and transformations on plaintext.

  3. Secret Key: Input to the encryption algorithm influencing the transformations.

  4. Ciphertext: Scrambled message generated as output based on plaintext and secret key; differs for different keys.

  5. Decryption Algorithm: Essentially the encryption algorithm run in reverse to retrieve original plaintext from ciphertext.

Attacking Symmetric Encryption - Cryptanalysis

  • Two Main Approaches:

    1. Cryptanalysis: Attempt to break encryption by determining the decrypting algorithm and the key.

    2. Brute-Force Attack: Trying every possible key to achieve intelligible plaintext from ciphertext.

Block Ciphers

  • Most commonly used symmetric encryption algorithms are block ciphers.

  • Processes plaintext in fixed-size blocks, producing ciphertext of equal size for each block.

  • Major symmetric algorithms include:

    • Data Encryption Standard (DES)

    • Triple DES

    • Advanced Encryption Standard (AES)

Block Ciphers - Characteristics

  • Short block length can lead to tabular attack issues.

  • Example: 64-bit block length.

  • Transformations in Block Ciphers:

    • Substitution: Replace k-bit input blocks with k-bit output blocks.

    • Permutation: Rearranging bits.

    • Round: Involves alternating substitution and permutation rounds.

    • Diffusion and Confusion: Essential principles.

Data Encryption Standard (DES)

  • A symmetric block cipher developed in 1976 by IBM for NIST.

  • Operates on 64-bit blocks with a key length of 56 bits.

  • DES algorithm involves:

    • 16 iterations using substitution steps, permutation steps, and key transformations.

    • Vulnerable to brute-force attacks due to short key length.

Double DES

  • A proposal to address DES key weaknesses.

  • Utilizes two keys, k1 and k2, performing double encryption: E(k2, E(k1, m)).

  • Theoretically increases difficulty of breaking encryption but shows equivalent effectiveness to a single 57-bit key in practice.

Triple DES (3DES)

  • Further enhances DES security by using three keys.

  • Encryption procedure: C = E(k3, E(k2, E(k1, m))).

  • This achieves strength comparable to a 112-bit key.

  • A variation is C = E(k1, D(k2, E(k1, m))), using two keys and a decrypt step.

Advanced Encryption Standard (AES)

  • A symmetric block cipher selected after a competition won by Rijmen and Daemen (Rijndael).

  • Highly efficient and suitable for simple processors.

  • Operations include substitution, transposition, bit shifting, exclusive OR, and addition.

  • Utilizes 10, 12, or 14 rounds for 128, 192, and 256-bit keys respectively, with each round comprised of four steps that scramble and substitute bits.

Stream Ciphers vs Block Ciphers

  • Stream Ciphers:

    • Encrypts each byte of the data stream separately, processing input continuously.

    • Generally faster and requires less code than block ciphers.

  • Block Ciphers:

    • Processes data in fixed-size blocks.

Stream vs Block Ciphers - Advantages and Disadvantages

Stream Ciphers

  • Advantages:

    • Speed of transformation.

    • Low error propagation.

    • High diffusion.

    • Immunity to symbol insertion.

  • Disadvantages:

    • Low diffusion.

    • Susceptible to insertion and modifications.

Block Ciphers

  • Advantages:

    • High diffusion.

    • Better protection against modifications.

  • Disadvantages:

    • Slower encryption.

    • Requires padding leading to error propagation.

Public Key (Asymmetric) Cryptography

  • Each user has one Public key and one Private key.

  • Messages encrypted using the public key can only be decrypted by the corresponding private key.

  • Key definitions:

    • Let kPRIV be the user's private key and kPUB the corresponding public key.

    • Decryption of plaintext using the relationship P = D(kPRIV, E(kPUB, P)).

Digital Signature

  • Technique to confirm authenticity with a distinct bit pattern affixed to a file.

  • Example process:

    • Bob generates a hash value for a message then encrypts the hash with his private key to create a digital signature.

    • Alice accomplishes verification by:

    1. Calculating the hash for the received message.

    2. Decrypting Bob's signature using his public key.

    3. Comparing both hash values to ensure they match, confirming authenticity.

Certificates: Trustable Identities and Public Keys

  • A certificate consists of a public key bound with identity and signed by a Certificate Authority (CA).

  • CA is a trusted entity that verifies identities before generating those certificates.

Message Authentication

  • Protects against active attacks ensuring authenticity of the received message.

  • Guarantee of:

    • Contents have not been altered.

    • Message originates from an authentic source.

    • Messages are timely and in correct sequence.

Message Authentication Without Confidentiality

  • Authentication without confidentiality can be managed through separate algorithms without security for encrypted messages.

  • Applicable scenarios include:

    • Broadcast of same message to multiple destinations.

    • Situations where decryption overhead is unfeasible.

    • Authenticating computer programs in plaintext.

Authentication Process

  1. Identification Step: The user presents their identifier to the security system.

  2. Verification Step: The system verifies the identification through authentication information.

Authentication Architecture Model

  • Users must register with a system to authenticate.

  • Sequence of interaction includes:

    1. Applicant registers with Registration Authority (RA).

    2. RA verifies identity for a Credential Service Provider (CSP).

    3. CSP issues an electronic credential binding identity and attributes.

Means of Authentication

  • Types:

    1. Knowledge-based: Something known (e.g., password).

    2. Possession-based: Something held (e.g., keycard).

    3. Biometric-based: Something inherent (e.g., fingerprints).

    4. Behavioral: Something done (e.g., typing rhythm).

  • Drawbacks: Potential for stealing or forgetting passwords, issues with tokens, biometric acceptance, and management overhead.

Multifactor Authentication

  • Employs multiple means from prior categories to strengthen security. Systems using two or more factors are substantially stronger than single-factor systems.

Summary of Topics Covered

  • Symmetric encryption

  • Block Ciphers: DES, AES

  • Stream Ciphers

  • Asymmetric encryption

  • Digital Signature

  • Authentication Process and Architecture

Recommended Reading

  • Chapter 2 from "Security in Computing" by Stallings

  • Chapter 2 from "Security in Computing" by Pfleeger

Copyright Information

  • Based on lecture notes by Raj Jain and texts by William Stallings and Charles P. Pfleeger (4th Edition).