Cryptographic Services

Secure Communica ons

15.1.1 Authen ca on, Integrity, and Confiden ality

To ensure secure communica ons across both the public and private infrastructure, the network
administrator’s first goal is to secure the network infrastructure, including routers, switches, servers,
and hosts. This can be accomplished using device hardening, AAA access control, ACLs, firewalls,
monitoring threats using IPS, securing endpoints using Advanced Malware Protec on (AMP), and
enforcing email and web security using the Cisco Email Security Appliance (ESA) and Cisco Web
Security Appliance (WSA). The figure shows an example of a secure network topology.

The next goal is to secure the data as it travels across various links. This may include internal traffic,
but of greater concern is protec ng the data that travels outside of the organiza on to branch sites,
telecommuter sites, and partner sites.

There are three primary objec ves of securing communica ons:

 Authen ca on - This guarantees that the message is not a forgery and actually comes from
the authen c source. Modern networks ensure authen ca on using hash message
authen ca on code (HMAC).

 Integrity - This guarantees that no one intercepted the message and altered it; similar to a
checksum func on in a frame. This is provided by implemen ng the SHA-2 or SHA-3 family of
hash-genera ng algorithms.
  Confiden ality - This guarantees that if the message is captured, it cannot be deciphered.
This is provided using symmetric or asymmetric encryp on algorithms.

Note: These primary objec ves are similar but not iden cal to the three primary issues in securing
and maintaining a computer network which are confiden ality, integrity, and availability.

The most popular symmetric encryp on algorithm is the Advanced Encryp on Standard (AES).
Symmetric encryp on algorithms are based on the premise that each communica ng party knows
the pre-shared key.

Data confiden ality can also be ensured using asymmetric algorithms, including Rivest, Shamir, and
Adleman (RSA) and the public key infrastructure (PKI). Asymmetric encryp on algorithms are based
on the assump on that the two communica ng par es have not previously shared a secret and must
establish a secure method to do so.

15.1.2 Authen ca on

There are two primary methods for valida ng a source in network communica ons: authen ca on
services and data nonrepudia on services.

Authen ca on guarantees that a message comes from the source that it claims to come from.
Authen ca on is similar to entering a secure personal iden fica on number (PIN) for banking at an
ATM, as shown in the figure. The PIN should only be known to the user and the financial ins tu on.
The PIN is a shared secret that helps protect against forgeries.

Entering an ATM Authen ca on PIN

In network communica ons, authen ca on can be accomplished using cryptographic methods. This
is especially important for applica ons or protocols, such as email or IP, that do not have built-in
mechanisms to prevent spoofing of the source.

Data nonrepudia on is a similar service that allows the sender of a message to be uniquely
iden fied. With nonrepudia on services in place, a sender cannot deny having been the source of
that message. It might appear that the authen city service and the nonrepudia on service are
fulfilling the same func on. Although both address the ques on of the proven iden ty of the sender,
there is a difference between the two.

The most important part of nonrepudia on is that a device cannot repudiate, or refute, the validity
of a message sent. Nonrepudia on relies on the fact that only the sender has the unique
characteris cs or signature for how that message is treated. Not even the receiving device can know
how the sender treated this message to prove authen city because the receiver could then pretend
to be the source.

If the major concern is for the receiving device to validate the source and there is no concern about
the receiving device imita ng the source, it does not ma er whether the sender and receiver both
know how to treat a message to provide authen city. An example of authen city versus
nonrepudia on is a data exchange between two computers of the same company versus a data
exchange between a customer and an e-commerce website. The two computers exchanging data
within an organiza on do not have to prove to the other which of them sent a message.

This prac ce is not acceptable in business applica ons, such as when purchasing items online. If the
online store knows how a customer message was created to prove the authen city, then it could
easily fake “authen c” orders. In such a scenario, the sender must be the only party with the
knowledge of how the message was created. The online store can prove to others that the order
was, in fact, sent by the customer, and the customer cannot argue that the order is invalid.

15.1.3 Data Integrity

Data integrity ensures that messages are not altered in transit. With data integrity, the receiver can
verify that the received message is iden cal to the sent message and that no manipula on occurred.

European nobility ensured the data integrity of documents by crea ng a wax seal to close an
envelope, as shown in the figure. The seal was o en created using a signet ring. These bore the
family crest, ini als, a portrait, or a personal symbol or mo o of the owner of the signet ring. An
unbroken seal on an envelope guaranteed the integrity of its contents. It also guaranteed
authen city based on the unique signet ring impression.

Wax Seal Ensuring Integrity

15.1.4 Data Confiden ality

Data confiden ality ensures privacy so that only the receiver can read the message. This can be
achieved through encryp on. Encryp on is the process of scrambling data so that it cannot be easily
read by unauthorized par es.

When enabling encryp on, readable data is called plaintext, or cleartext, while the encrypted version
is called encrypted text or ciphertext. In this course, we will use the term ciphertext. The plaintext
readable message is converted to ciphertext, which is the unreadable, disguised message.
Decryp on reverses the process. A key is required to encrypt and decrypt a message. The key is the
link between the plaintext and ciphertext.

Historically, various encryp on algorithms and methods have been used. Julius Caesar is said to have
secured messages by pu ng two sets of the alphabet, side-by-side, and then shi ing one of them by
a specific number of places. The number of places in the shi serves as the key. He converted
plaintext into ciphertext using this key, and only his generals, who also had the key, knew how to
decipher the messages. This method is now known as the Caesar cipher. An encoded message using
the Caesar cipher is shown in the figure.
The figure shows a representa on of a scroll with an encoded caesar cipher message on it

Encoded Caesar Cipher Message

Using a hash func on is another way to ensure data confiden ality. A hash func on transforms a
string of characters into a usually shorter, fixed-length value or key that represents the original string.
The difference between hashing and encryp on is in how the data is stored. With encrypted text, the
data can be decrypted with a key. With the hash func on, a er the data is entered and converted
using the hash func on, the plaintext is gone. The hashed data is simply there for comparison. For
example, when a user enters a password, the password is hashed and then compared to the stored
hashed value. If the user forgets the password, it is impossible to decrypt the stored value, and the
password must be reset.

The purpose of encryp on and hashing is to guarantee confiden ality so that only authorized en es
can read the message

Cryptography
15.2.1 Crea ng Cipher Text

The history of cryptography starts in diploma c circles thousands of years ago. Messengers from a
king’s court took encrypted messages to other courts. Occasionally, other courts not involved in the
communica on, a empted to steal messages sent to a kingdom they considered an adversary. Not
long a er, military commanders started using encryp on to secure messages.

A scytale is a device used to generate a transposi on cipher. A strip of paper or other material is
wrapped around a rod of a known diameter, as shown in the figure. The message is wri en on the
paper across rows. When the strip is removed, the message is unreadable un l it is wrapped around
another rod of the same diameter.
The Caesar Cipher is a type of subs tu on cipher in which each le er is replaced by another le er
that is a set number of places away in the alphabet. That number of places is the key. In the figure,
the key is 3.

The Vigenère cipher is a type of polyalphabe c subs tu on cipher. It was considered unbreakable
un l 1863. To use the cipher a key text is generated that repeats for the length of the message to be
encrypted. A combina on of the plaintext le er and the corresponding key le er are used to locate
the ciphertext value for the le er in a table, shown in the figure, or other device. In the table, the
row value would be the key le er, the plaintext would be located in the column. The loca on where
the row and column intersect is the ciphertext le er to be used.
The Enigma machine was an electromechanical encryp on device that was developed and used by
Nazi Germany during World War II. The device depended on the distribu on of pre-shared keys that
were used to encrypt and decrypt messages. The Enigma ciphers were broken by the Allies, and
numerous Enigma-encoded messages were decoded during the war. This provided a significant
advantage to the Allies and is es mated to have greatly shortened the war and saved many lives

15.2.2 Transposi on Ciphers

In transposi on ciphers, no le ers are replaced; they are simply rearranged. An example of this type
of cipher is taking the FLANK EAST ATTACK AT DAWN message and transposing it to read NWAD TA
KCATTA TSAE KNALF. In this example, the key is to reverse the le ers.

Another example of a transposi on cipher is known as the rail fence cipher. In this transposi on, the
words are spelled out as if they were a rail fence. They are staggered, some in front, some in the
middle and some in back, across several parallel lines.

Modern encryp on block cipher algorithms, such as AES and the legacy 3DES, s ll use transposi on
as part of the algorithm.
The plaintext message will be encoded using a key of 3. This key value specifies that three lines are
required when crea ng the encrypted code.

A rail fence cipher is used with the key of 3.

This is the encrypted text.

15.2.3 Subs tu on Ciphers

Subs tu on ciphers subs tute one le er for another. In their simplest form, subs tu on ciphers
retain the le er frequency of the original message.

The Caesar cipher was a simple subs tu on cipher.

Because the en re message relied on the same single key shi , the Caesar cipher is referred to as a
monoalphabe c subs tu on cipher. It is also fairly easy to crack. For this reason, polyalphabe c
ciphers, such as the Vigenère cipher, were invented. The method was originally described by Giovan
Ba sta Bellaso in 1553, but the scheme was later misa ributed to the French diplomat and
cryptographer, Blaise de Vigenère.
Shi the top scroll over by the three characters (a key of 3) and A becomes D, B becomes E, and so
on. If the key used was 8, then A becomes I, B becomes J, and so on.

15.2.4 A More Complex Subs tu on Cipher

The Vigenère cipher is based on the Caesar cipher, except that it encrypts text by using a different
polyalphabe c key shi for every plaintext le er. The different key shi is iden fied using a shared
key between sender and receiver. The plaintext message can be encrypted and decrypted using the
Vigenère Cipher Table that is shown in the figure.
To illustrate how the Vigenère Cipher Table works, suppose that a sender and receiver have a shared
secret key composed of these le ers: SECRETKEY. The sender uses this secret key to encode the
plaintext FLANK EAST ATTACK AT DAWN:

 The F (FLANK) is encoded by looking at the intersec on of column F and the row star ng
with S (SECRETKEY), resul ng in the cipher le er X.

 The L (FLANK) is encoded by looking at the intersec on of column L and the row star ng with
E (SECRETKEY), resul ng in the cipher le er P.

 The A (FLANK) is encoded by looking at the intersec on of column A and the row star ng
with C (SECRETKEY), resul ng in the cipher le er C.

 The N (FLANK) is encoded by looking at the intersec on of column N and the row star ng
with R (SECRETKEY), resul ng in the cipher le er E.

 The K (FLANK) is encoded by looking at the intersec on of column K and the row star ng
with E (SECRETKEY), resul ng in the cipher le er O.

The process con nues un l the en re text message FLANK EAST ATTACK AT DAWN is encrypted. The
process can also be reversed. For instance, the F is s ll the cipher le er X if encoded by looking at the
intersec on of row F (FLANK) and the column star ng with S (SECRETKEY).

When using the Vigenère cipher, if the message is longer than the key, the key is repeated. For
example, SECRETKEYSECRETKEYSEC is required to encode FLANK EAST ATTACK AT DAWN:

 Secret key: SECRETKEYSECRETKEYSEC

 Plaintext: FLANKEASTATTACKATDAWN

 Cipher text: XPCEOXKURSXVRGDKXBSAP

Although the Vigenère cipher uses a longer key, it can s ll be cracked. For this reason, a be er cipher
method was required.

15.2.5 One-Time Pad Ciphers

Gilbert Vernam was an AT&T Bell Labs engineer who, in 1917, invented, and later patented, the
stream cipher. He also co-invented the one- me pad cipher. Vernam proposed a teletype cipher in
which a prepared key consis ng of an arbitrarily long, non-repea ng sequence of numbers was kept
on paper tape, shown in the figure. It was then combined character by character with the plaintext
message to produce the ciphertext.

Example of One-Time Pad Device

 To decipher the ciphertext, the same paper tape key was again combined character by character,
producing the plaintext. Each tape was used only once; hence, the name one- me pad. As long as
the key tape does not repeat or is not reused, this type of cipher is immune to cryptanaly c a ack.
This is because the available ciphertext does not display the pa ern of the key.

Several difficul es are inherent in using one- me pads in the real world. One difficulty is the
challenge of crea ng random data. Computers, because they have a mathema cal founda on, are
incapable of crea ng true random data. Addi onally, if the key is used more than once, it is easy to
break. RC4 is an example of this type of cipher that is widely used on the internet. Again, because the
key is generated by a computer, it is not truly random. In addi on to these issues, key distribu on is
also challenging with this type of cipher.

Cryptanalysis
15.3.1 Cracking Code

For as long as there has been cryptography, there has been cryptanalysis. Cryptanalysis is the
prac ce and study of determining the meaning of encrypted informa on (cracking the code),
without access to the shared secret key. This is also known as codebreaking.

Throughout history, there have been many instances of cryptanalysis:

 The Vigenère cipher had been absolutely secure un l it was broken in the 19th century by
English cryptographer Charles Babbage.

 Mary, Queen of Scots, was plo ng to overthrow Queen Elizabeth I from the throne and sent
encrypted messages to her co-conspirators. The cracking of the code used in this plot led to
the beheading of Mary in 1587.

 The Enigma-encrypted communica ons were used by the Germans to navigate and direct
their U-boats in the Atlan c. Polish and Bri sh cryptanalysts broke the German Enigma code.
Winston Churchill was of the opinion that it was a turning point in WWII.

15.3.2 Methods of Cracking Code

Several methods are used in cryptanalysis:

 Brute-force method - The a acker tries every possible key knowing that eventually one of
them will work.

 Ciphertext method - The a acker has the ciphertext of several encrypted messages but no
knowledge of the underlying plaintext.

 Known-Plaintext method - The a acker has access to the ciphertext of several messages and
knows something about the plaintext underlying that ciphertext.

 Chosen-Plaintext method - The a acker chooses which data the encryp on device encrypts
and observes the ciphertext output.

 Chosen-Ciphertext method - The a acker can choose different ciphertext to be decrypted

and has access to the decrypted plaintext.

 Meet-in-the-Middle method - The a acker knows a por on of the plaintext and the
corresponding ciphertext.
Note: Details of how these methods are implemented is beyond the scope of this course.

The simplest method to understand is the brute-force method. For example, if a thief a empted to
steal a bicycle secured with the combina on lock displayed in the figure, they would have to a empt
a maximum of 10,000 different possibili es (0000 to 9999). All encryp on algorithms are vulnerable
to this a ack. On average, a brute-force a ack succeeds about 50 percent of the way through the
keyspace, which is the set of all possible keys.

The objec ve of modern cryptographers is to have a keyspace large enough that it takes too much
me and money to accomplish a brute-force a ack.

15.3.3 Cracking Code Example

When choosing a cryptanalysis method, consider the Caesar cipher encrypted code. The best way to
crack the code is to use brute force. Because there are only 25 possible rota ons, the effort is
rela vely small to try all possible rota ons and see which one returns something that makes sense.

A more scien fic approach is to use the fact that some characters in the English alphabet are used
more o en than others. This method is called frequency analysis. For example, the graph in the
figure below shows the frequency of le ers in the English language. The le ers E, T, and A are the
most popular le ers used in the English language. The le ers J, Q, X, and Z are the least popular.
Understanding this pa ern can help discover which le ers are probably included in the cipher
message.

The figure is a graph that outlines the frequency of le ers in the English language.

Frequency Analysis of the English Alphabet

The graph outlines the frequency of le ers in the English language.

For example, the le ers E, T, and A are the most popular.

In the Caesar ciphered message IODQN HDVW DWWDFN DW GDZQ, shown in the figure, the cipher
le er D appears six mes while the cipher le er W appears four mes. There is a good possibility
that the cipher le ers D and W represent either the plaintext E, T or A. In this case, the D represents
the le er A, and the W represents the le er T.
An a acker would only have to replace the cipher le er D first with popular plaintext le ers
including E, T, and finally A. Trying A would reveal the shi pa ern of 3, and the a acker could then
decipher the en re message.

The figure shows an example of deciphering a message using the le er frequency analysis.

15.3.4 Check Your Understanding - Crack the Code

In this ac vity, you will use the tables below to find the encrypted values for different words. In the
last ques on, you will decode encrypted text to reveal the cleartext word. The cleartext is in the top
row and the encoded text values are in the bo om row.

Chart 1 is a table with 26 columns and two rows. The top row shows the English alphabet star ng
with the le er a. The bo om row is also the English alphabet but it begins with the le er w and
starts at the le er a again a er the le er z.
Cryptology
15.4.1 Making and Breaking Secret Codes

The figure depicts cryptography plus cryptanalysis = cryptology.

Cryptology = Cryptography + Cryptanalysis

Cryptology is the science of making and breaking secret codes. As shown in the figure, cryptology
combines two separate disciplines:

 Cryptography - the development and use of codes

 Cryptanalysis - the breaking of those codes

There is a symbio c rela onship between the two disciplines because each makes the other one
stronger. Na onal security organiza ons employ prac oners of both disciplines and put them to
work against each other.

There have been mes when one of the disciplines has been ahead of the other. For example, during
the Hundred Years War between France and England, the cryptanalysts were leading the
cryptographers. France mistakenly believed that the Vigenère cipher was unbreakable, and then the
Bri sh cracked it. Some historians believe that the successful cracking of encrypted codes and
messages had a major impact on the outcome of World War II. Currently, it is believed that
cryptographers are in the lead.
15.4.2 Cryptanalysts

Cryptanalysis is o en used by governments in military and diploma c surveillance, by enterprises in

tes ng the strength of security procedures, and by malicious hackers in exploi ng weaknesses in
websites.

Cryptanalysts are individuals who perform cryptanalysis to crack secret codes. A sample job
descrip on is displayed in the figure.

While cryptanalysis is o en linked to mischievous purposes, it is actually a necessity. It is an ironic

fact of cryptography that it is impossible to prove that any algorithm is secure. It can only be proven
that it is not vulnerable to known cryptanaly c a acks. Therefore, there is a need for
mathema cians, scholars, and security forensic experts to keep trying to break the encryp on
methods.

15.4.3 The Secret is in the Keys

In the world of communica ons and networking, authen ca on, integrity, and data confiden ality
are implemented in many ways using various protocols and algorithms. The choice of protocol and
algorithm varies based on the level of security required to meet the goals of the network security
policy.

As an example, for message integrity, message-digest 5 (MD5) is faster than Secure Hash Algorithm 2
(SHA2). However, MD5 but is now considered to be insecure. Confiden ality can be implemented
using the legacy 3DES or the more secure AES. Again, the choice varies depending on the security
requirements specified in the network security policy document. Addi onal considera ons are the
compu ng power that is required to encrypt and decrypt data, and the acceptance of the protocol in
the security community. The table lists some common cryptographic hashes, protocols, and
algorithms.

Integrity Authen city Confiden ality

MD5 (legacy) HMAC-MD5 (legacy) 3DES (legacy)

SHA HMAC-SHA-256 AES

RSA and DSA

Old encryp on algorithms, such as the Caesar cipher or the Enigma machine, were based on the
secrecy of the algorithm to achieve confiden ality. With modern technology, where reverse
engineering is o en simple, public-domain algorithms are frequently used. With most modern
algorithms, successful decryp on requires knowledge of the appropriate cryptographic keys. This
means that the security of encryp on lies in the secrecy of the keys, not the algorithm.

Cryptographic Services Summary

15.5.1 What Did I Learn in this Module?

Securing Communica ons

In addi on to ensuring that the network and network devices are secure and protected from a ack,
network security personnel also ensure that data is protected during transmission. The three primary
objec ves of securing communica ons are:

 Authen ca on - This guarantees that the message is not a forgery and actually comes from
the authen c source.

 Integrity - This guarantees that no one intercepted the message and altered it; similar to a
checksum func on in a frame.

 Confiden ality - This guarantees that if the message is captured, it cannot be deciphered.

Authen ca on may be secured by HMAC. Integrity is ensured through the use of the legacy MD5 or
secure members of the SHA family of hash genera ng algorithms. Data confiden ality is ensured
through symmetric encryp on algorithms, including the legacy 3DES and AES. Symmetric encryp on
algorithms are based on the premise that communica ng par es both know a pre-shared key.
Asymmetric algorithms, such RSA and PKI, are based on the assump on that communica ng par es
do not know a pre-shared key and must establish a secure means of key exchange.

In network communica ons, authen ca on proves that a message actually comes from a valid
source. Data nonrepudia on is a similar service to authen ca on in that it allows the sender of a
message to be uniquely iden fied. Data integrity ensures that messages are not altered in transit.
Data confiden ality ensures privacy so that only the intended receiver can read the message.

Cryptography
Cryptography has been used to secure communica ons for thousands of years. Historic ciphers
include the scytale from ancient Greece, the Caesar cipher, and the Vigenère cipher. The Vigenère
cipher is a type of polyalphabe c subs tu on cipher that was considered unbreakable un l 1863.
The Enigma Machine was an electro-mechanical device that produced encoded messages that were
very difficult to break during World War II. Three types of cipher are:

 Transposi on - The rearranged le ers are used for the encoded text. In order for the key to
be sharable, the le ers were shi ed by a specific number of characters.

 Subs tu on - This is when different le ers are subs tuted for the le ers in the cleartext.

 One- me pad - This is a prepared key consis ng of an arbitrarily long, non-repea ng

sequence of numbers was kept on paper tape. It was then combined character by character
with the plaintext message to produce the ciphertext. The keys were only used once and
were pre-shared.

Cryptanalysis
Cryptanalysis, or codebreaking, is the prac ce and study of determining the meaning of encrypted
informa on (cracking the code), without access to the shared secret key. Several methods of
cryptanalysis are:

 Brute-force method - The a acker tries every possible key knowing that eventually one of
them will work.

 Ciphertext method - The a acker has the ciphertext of several encrypted messages but no
knowledge of the underlying plaintext.

 Known-Plaintext method - The a acker has access to the ciphertext of several messages and
knows something about the plaintext underlying that ciphertext.

 Chosen-Plaintext method - The a acker chooses which data the encryp on device encrypts
and observes the ciphertext output.

 Chosen-Ciphertext method - The a acker can choose different ciphertext to be decrypted

and has access to the decrypted plaintext.

 Meet-in-the-Middle method - The a acker knows a por on of the plaintext and the
corresponding ciphertext.

The objec ve of modern cryptographers is to have a keyspace large enough that it takes too much
me and money to accomplish a brute-force a ack. Analysis of the frequency of le ers in a language
can help with breaking simple subs tu on and transposi on ciphers.

Cryptology
Cryptology is the science of making and breaking secret codes. It combines cryptography and
cryptanalysis. In the world of communica ons and networking, authen ca on, integrity, and data
confiden ality are implemented in many ways using various protocols and algorithms. The choice of
algorithm varies depending on the security requirements, the hardware resources that are available
for encryp on and decryp on, and the acceptance of the algorithm in the security community.
Public-domain algorithms are frequently used. With most modern algorithms, successful decryp on
requires knowledge of the appropriate cryptographic keys. This means that the security of
encryp on lies in the secrecy of the keys, not the algorithm.