My key takeaways and crucial points

Historical Milestones in Crypto

● Caesar cipher - Shift each letter of the alphabet 4 places to the

right. A becomes D, B becomes E, etc..
o Cracked via frequency analysis - Most common English
letters are E, T, A, O, N, R, I, S, H. Attackers find the common
substitutions and experiment until they can discern the
message.

Crypto Basics

● Goals of Crypto
o Confidentiality
o Preservation of secrecy of stored information
o Symmetric crypto systems use a secret key shared by
all users
o Asymmetric crypto systems use individual combos of
public and private keys for each user
o Data in transit aka data on the wire - exam terms,
same thing
o Integrity
o Message digests - aka digital signatures, created
when message is transmitted, used to ensure data
wasn’t altered
o Authentication
o Challenge-response authentication
o Prove that one can encrypt/decrypt something to
validate identity
o Nonrepudiation
o Only offered by asymmetric systems
o Assurance that the message originated by the sender,
not someone pretending to be the sender
● Cryptography Concepts
o Plaintext - Before a message is coded
o Ciphertext - After a message is encrypted
o Keys - Used in encryption calculations.
o Key space - The range of values that are valid for use as a
key in a specific algorithm, aka bit size
 o Kerckhoff’s Principle - A Cryptographic system should
be secure even if everything about the system, except the key,
is public knowledge
o Cryptovariable - Sometimes used to refer to keys
o Cryptography - Implementing secret codes and ciphers
o Cryptanalysis - The study of methods to defeat codes and
ciphers
o Cryptology - Cryptography and cryptanalysis together

Cryptographic Mathematics

● Boolean Math - Logical Operations

o AND - Represented by the ^ symbol, checks whether two
input values are both true
o OR - Represented by the v symbol, checks whether at least
one input value is true
o NOT - Represented by the ! symbol, reverses the value of an
input variable
o XOR - Represented by the ⊕ symbol, returns true when only
one of the input values is true
● Modulo function - showing a remainder value each time you
performed a division operation, very important to crypto operations
● Nonce - A random number that acts as a placeholder variable in
mathematical functions
● Zero-Knowledge Proof - Prove your knowledge of a fact to a third
party without revealing the fact itself to the third party
● Split knowledge - Knowledge is divided among multiple users
o M of N control - Requires a minimum (M) number of the total
agents (N) work together to perform a high-security action
● Work function - Measures the strength of a crypto system
o Time and effort required to complete a brute-force attack
o Work function only needs to be slightly greater than the time
value of the asset

Codes vs. Ciphers

● Codes - Crypto systems of symbols that represent words or

phrases, sometimes secret, not always meant to provide
confidentiality
o Ex: “The eagle has landed”
 ● Ciphers - Always meant to hide the true meaning of a message
o Ex: The transformation of plaintext to ciphertext

Transposition Ciphers

● Transposition cipher - Use an encryption algorithm to rearrange

the letters of a plaintext message to form ciphertext
● Can used a keyword to perform a columnar transposition

Substitution Ciphers

● Substitution cipher - Use an encryption algorithm to replace each

character or bit of the plaintext with a different character
● Vigenère cipher - Uses a chart of the alphabet shifted once per
line, then a key is used to decrypt

One-Time Pads

● One-time pads - Use a different substitution alphabet for each

letter of the plaintext message
● AKA Vernam ciphers
● One-time pad must be randomly generated
● Most be physically protected against disclosure
● OTP must be used only once
● Key must be at least as long as the plaintext
● When used properly, OTP is unbreakable - no repeating patterns

Running Key Ciphers

● Running key cipher - aka a book cipher

● Key is as long as the message itself, often chosen from a common
book

Block Ciphers

● Block ciphers - Operate on chunks or blocks of a message

Stream Ciphers

● Stream ciphers - Operate on one character or bit of a message (or

data stream) at a time
Confusion and Diffusion

● Confusion - Occurs when the relationship between plaintext and

the key is too complicated for an attacker to altering the plaintext
and analyzing the ciphertext to determine the key
● Diffusion - Occurs when a change in the plaintext results in multiple
changes throughout the ciphertext
● Substitution introduces confusing
● Transposition introduces diffusion

Modern Crypto

● Crypto keys
o Kerckhoff’s Principle - Opening algorithms to public scrutiny
actually improves their security
o Modern cryptosystems rely on secrecy of one or more
cryptographic keys
● Symmetric Key Algorithms
o AKA secret key and private key crypto
o Rely on a shared secret
o Weaknesses
o Need to distribute the key - See Diffie-Hellman
o Does not implement nonrepudiation
o Algo doesn’t scale well - secure private comms between
individuals can only be achieved if every possible combo
of users has their own shared key
o (n * (n - 1)) / 2 = number of keys needed
o Keys need to be regenerated every time group
membership changes
o Very fast
● Asymmetric Key Algorithms
o AKA public key algos
o Each user has two keys
o Public key - Shared with all users
o Private key - Kept secret, known only to the user
o Supports digital signing
o Transience - new users requires only one new public-private
key pair, users can be easily removed
o Only need to regenerate keys when a user’s private key is
compromised
 o Can provide integrity, authentication, nonrepudiation
o Simple key distribution
o No pre-existing communication link needs to exist
o Big disadvantage is slow speed of operation
o Lots of applications use a asymmetric crypto to establish a
connection, and exchange a symmetric secret, then the rest of
the session is encrypted with symmetric crypto

Symmetric Cryptography

● Data Encryption Standard

o No longer considered secure
o Superseded by Advanced Encryption Standard (AES)
o Uses a long series of XOR operations, repeated 16 times (aka
16 rounds of encryption)
o 56 bit key size
o Electronic Code Book Mode - ECB
o Weakest mode
o 64 bit blocks processed
o The same block of input produces the same encrypted
block
o Only for exchanging small amounts of data
o Cipher Block Chaining Mode - CBC
o Each block of plaintext is XORed with the preceding
block of ciphertext before it’s encrypted with DES
o CBC has an initialization vector and XORs it with the first
block of the message - IV must be sent to recipient
o Errors propagate
o Cipher Feedback Mode - CFB
o Streaming cipher version of CBC
o Operates against data produced in real time
o Uses a memory buffer instead of block size
o Uses an IV and chaining
o Output Feedback Mode - OFB
o Almost the same as CFB, except instead of XORing an
encrypted version of the previous ciphertext, it’s XORed
with a seed value
o Still uses an IV to create the seed value
o Future seeds are derived by running DES on previous
seed
 o No chaining function, so transmission errors don’t
propagate
o Counter Mode - CTR
o Stream cipher similar to CFB and OFB
o Uses a simple counter that increments for each
operation
o Errors do not propagate
o Well suited for use in parallel computing
● Triple DES
o Effective key = 64 bit
o 64 bit block size
o Four versions
o Encrypt plaintext 3 times using 3 different keys
o Effective key size of 112 bits
o Uses three keys, but replaces the second encryption
with a decryption operation
o Only uses two keys
o Uses two keys, and uses a decryption operation in the
middle
● International Data Encryption Algorithm
o Key is broken up in a series of operations into 52 16-bit
subkeys
o Same 5 modes as DES
o Used in PGP - Pretty Good Privacy
● Blowfish
o 64-bit blocks of text
o Keys between 32 bits and 448 bits
o Much faster than DES and IDEA
o Released for public use with no license
● Skipjack
o US Government
o 64-bit blocks of text
o 80-bit keys
o Clipper and Capstone encryption chips - just know these are
related to Skipjack
o Supports escrow of encryption keys
o Not widely embraced because of mistrust of escrow
processes within US government
● RV5 - Rivest Cipher 5
o Block sizes - 32, 64, 128 bits
 o Key sizes - between 0 and 2040 bits
● Advanced Encryption Standard - AES
o 128-bit keys require 10 rounds of encryption
o 192-bit keys require 12 rounds of encryption
o 256-bit keys require 14 rounds of encryption
● Twofish
o Prewhitening - XORing the plaintext with a separate subkey
before the first round of encryption
o Postwhitening - Uses a similar operation after the 16th round
of encryption
There is a table (6.2) that I won’t reproduce here that you
should familiarize yourself with before your exam
Symmetric Key Management

● Creation and distribution

o Offline - physical distribution
o Use public key encryption to setup an initial communications
link, exchange a secret key over the secure public key link
o Diffie-Hellman
● Storage and destruction of keys
o Never store keys on the same system as encrypted data
o Sensitive keys can be split up and then split knowledge can
be used
● Key escrow and recovery
o Fair cryptosystems - Secret keys used in communication are
divided into two or more pieces, each of which is given to an
independent third party
o Escrowed encryption standard - Provides the government
with a technological means to decrypt ciphertext - used in
Skipjack

Cryptographic Lifecycle

● Moore’s Law - except One-Time Pad, all crypto systems have a

limited life span
o A cited trend in the advancement of computing power that
states the processing abilities of a microprocessor will double
approximately every two years
o Not a law, just a previous trend
 o Means what is hard to crack today might not be hard to crack
tomorrow - especially with quantum computing

Chapter 7: PKI and Cryptographic Applications

My key takeaways and crucial points
Public and Private Keys

● Every user maintains a public key and a private key in asymmetric

crypto
● Private key is preserved for the sole use of the individual who owns
the key
● Public key is available to anyone they want to communicate with
● RSA
o Choose two large prime numbers approximately 200 digits
each labeled p and q
o Multiply them together n = p * q
o Select a number e that is:
o Less than n
o e and (p - 1)(q - 1) are relatively prime (no common
factors)
o Find d that is (ed - 1) mod (p - 1)(q - 1) = 1
o Distribute e and n as the public key and keep d as the secret
private key
● Key length is the most important parameter
o RSA key length: 1024 bits
o DSA key length: 1024 bits
o Elliptical curve key length: 160 bits
● El Gamal
o Major disadvantage - this algo doubles the length of any
message it encrypts
● Elliptical Curve
o Better for low power devices like phones
o 1024 bit RSA key is cryptographically equivalent to 160 bit
elliptical curve

Hash Functions
 ● Hash functions - Take a potentially long message and generate a
unique output value derived from the content of the message
o Message digest - The output of a hash function
● Basic hash function requirements
o Input can be any length
o Output has a fixed length
o Should be relatively easy to compute for any input
o Hash function is one-way which means it is extremely hard to
determine the input when provided the output
o Collision free - hard to find two inputs that produce the same
message digest
● SHA - Secure Hash Algorithm
o SHA-1 produces 160 bit digest
o Processes 512 bit blocks
o Pads messages to fit
o SHA-256 produces 256 bit messages using 512 bit block size
o SHA-224 uses truncated version of SHA-256 hash to make a
224 bit message with 512 bit block size
o SHA-512 produces 512 bit message digests using a 1024 bit
block size
o SHA-384 uses truncated SHA-512 to produce 384 bit digest
with 1024 bit block size
● MD5
o 512 bit blocks
o 4 distinct rounds of computation
o Message length must be 64 bits less than a multiple of 512
bits
o Uses padding to make up the difference
● Hash of Variable Length (HAVAL) - MD5 variant
o Hash value length: 128, 160, 192, 224, 256 bits

Digital Signatures

● Enforces nonrepudiation
● Assures the recipient that the message was not altered while in
transit
● If Alice wants to sign a message she’s sending to Bob…
o Alice generates a message digest of the original plaintext
using a hashing algo
 o Alice encrypts the message digest using her private key - this
is the digital signature
o Alice appends the signed message digest to the plaintext
o Alice transmits the appended message to Bob
o Bob decrypts the digital signature using Alice’s public key
o Bob uses the same hashing function to create a message
digest of the full plaintext received from Alice
o Bob compares the decrypted message digest he got from
Alice with the message digest he computed himself
o If the hashes match, the signature is verified and the
message was sent from Alice
o If the hashes do not match, the signature is invalid and
either the message didn’t come from Alice, or it was
modified in transit
● Does not provide privacy/confidentiality
● Does provide integrity, authentication, nonrepudiation
● HMAC - Hashed Message Authentication Code
o Provides integrity, does not provide nonrepudiation
o Depends on a shared secret key

Which Key To Use When

If you want to
Encrypt a message
Decrypt a message sent to you
Digitally sign a message you are sending to someone else
Verify the signature on a message sent by someone else

Digital Signature Standard

● Federal Information processing Standard (FIPS) 186-4

Public Key Infrastructure

● Certificates
o Endorsed copies of a public key
o International standard: X.509
o Contains
o Version of X.509 it conforms to
o Serial number
o Signature algo identifier
 o Issuer name
o Validity period
o Subject’s name
o Subject’s public key
o Certificate extensions are custom variables inserted into a
certificate
● Certificate Authorities
o Neutral organizations that offer notarization services for digital
certificates
o Registration authorities assist by verifying user’s identities
prior to issuing certificates but do not issue certs themselves
o Certificate Path Validation - CPV. Each certificate in the
certificate path from the original start or root of trust down to
the server or client in question is valid and legitimate.
● Certificate Generation and Destruction
o Enrollment
o Prove your identity to the CA
o Provide them your public key
o CA signs your certificate with their private key
o Verification
o Verify the cert by checking the CA’s digital signature
using the CA’s public key
o Make sure it was not revoked (Certificate Revocation
List - CRL)
o Or Online Certificate Status Protocol (OCSP)
o A certificate is valid if:
o The digital signature of the CA is authentic
o You trust the CA
o The certificate is not listed on a CRL
o The certificate contains the data you are trusting
o Revocation
o Revoking a certificate declares it invalid before it’s
natural expiry
o Certificate Revocation Lists (CRLs) contain serial
numbers of certs that a CA revoked along with when
they were revoked
o Online Certificate Status Protocol (OCSP) eliminates
latency with CRLs by providing a real-time check

Asymmetric Key Management

 ● Choose an encryption system whose algo is in the public domain
● Use a key length that balances security requirements with
performance
● Keep private key secret
● Retire keys when they’re done being useful
● Back up your key
● Hardware security modules - HSMs. Store and manage
encryption keys in a secure manner
o Yubikey is an example

Applied Cryptography

● Portable devices
o Windows includes BitLocker and Encrypting File System (EFS)
o Mac has FileVault
o Linux has VeraCrypt
o All for disk encryption of mobile devices like laptops
● Trusted Platform Module - TPM. A chip on the motherboard that
stores and manages keys used for full disk encryption.
● Email
o For confidentiality, encrypt the message
o For integrity, hash the message
o For authentication, integrity, and/or nonrepudiation, digitally
sign the message
o For confidentiality, integrity, authentication, and
nonrepudiation, encrypt and sign the message
o Always the responsibility of the sender
o Pretty Good Privacy - PGP
o “web of trust”
o Secure email system
o Secure/Multipurpose Internet Mail Extensions - S/MIME
o Uses X.509 certificates for exchanging crypto keys
● Web Applications
o SSL and TLS (Secure Sockets Layer, and Transport Layer
Security)
o HTTPS (Hypertext Transfer Protocol Secure) uses port 443 to
negotiate encrypted communications between web servers
and clients
o Depends on the exchange of server digital certificates
 o When a user accesses a website, the browser gets the
web server’s cert and extracts the public key from it
o The browser creates a random symmetric key, uses the
server’s public key to encrypt it, and sends the
encrypted symmetric key to the server
o The server decrypts the symmetric key using it’s private
key, and the two systems exchange future messages
using symmetric encryption/key
o Padding Oracle On Downgraded Legacy Encryption (POODLE)
is a downgrade attack - forcing a system to use an
older/vulnerable version of TLS or SSL instead of an up to
date version
● Steganography and Watermarking
o Steganography - Using crypto techniques to embed secret
messages within another message
o Ex: Adding digital watermarks to documents to protect
intellectual property
● Digital Rights Management - DRM
o Using encryption to enforce copyright restrictions on digital
media
o High-Bandwidth Digital Content Protection - HDCP.
Provides protection over digital connections like HDMI
o Advanced Access Content System - AACS. Protects Blu-
Ray
o Video games increasingly depend on having an internet
connection
o Document DRM may want to control permissions like who can
read, modify, remove watermarks, download/save, print, take
a screenshot

Networking

● IPSec and Internet Security Association and Key Management

Protocol (ISAKMP)
● Circuit Encryption
o Link encryption - Protects entire communication circuits by
creating a secure tunnel
o End-to-end encryption - Protects communications between
two parties
 o The difference between the above is that link encryption, all
data including headers, trailers, address, routing data is also
encrypted
o When encryption happens at higher OSI layers, it’s usually
end-to-end
o Secure Shell - SSH. End-to-end encryption
● IPSec
o Could be any two entities - servers, routers, gateway, a combo
o Uses public key crypto to provide encryption, access control,
nonrepudiation, message authentication
o VPNs use IPSec
o Authentication Header - AH. provides message integrity
and nonrepudiation
o Encapsulating Security Payload - ESP. Provides
confidentiality and integrity of packet contents
o Transport mode - only the packet payload is encrypted
o Tunnel mode - entire packet, including header, is encrypted
o Set up a session with a security association (SA)
o Represents the communication session and records
configuration and status
o Need two SAs, one for each direction
o If using both AH and ESP bi-directional, you need four
SAs
● ISAKMP
o Used by IPSec for negotiating, establishing, modifying,
deleting SAs
● Wireless networking
o Wired Equivalent Privacy - WEP. 64 bit and 128 bit
encryption for IEEE 802.11
o A lot of flaws exist here, not considered secure - should
never be used
o WiFi Protected Access - WPA. Improves WEP by
adding Temporal Key Integrity Protocol (TKIP)
o WPA2 adds AES crypto
o Does not provide end-to-end encryption
o 802.11x - authentication and key management framework for
both wired and wireless networks
o Client runs software called a supplicant

Cryptographic Attacks
 ● Analytic Attack - Using math to reduce complexity of algo
● Implementation Attack - Exploits weaknesses in the
implementation of a crypto system
● Statistical Attack - Using math to find patterns, floating-point
errors, inability to find truly random numbers
● Brute Force - Trying every possible combination for key and
password
o Key length is critical for defending brute force
o Rainbow tables - precomputed values for crypto hashes,
commonly for cracking passwords
● Salt - A random value added to the end of the password before it is
hashed
● Frequency analysis - Counting the number of times each letter
appears in the ciphertext
● Known Plaintext - Attacker has a copy of the encrypted message,
along with plaintext, can be used to determine the key
● Chosen Ciphertext - Attacker has ability to decrypt portions of the
ciphertext
● Chosen Plaintext - Attacker has ability to encrypt plaintext
messages of their choosing
● Meet in the Middle - Known plaintext message
● Man in the Middle - A malicious individual sits between two
communicating parties and intercepts communications
● Birthday - AKA collision attack, finding flaws in hashing functions
where two inputs generate the same output
● Replay - A system lacks temporal protections, a message can be
sent more than once at different times

Study Notes Cryptography Finish date Study notes Finish

Date book exercise ●
Cryptography is a method of storing and transmitting data in a form that only
those it is intended for can read and process. It is considered a science of
protecting information by encoding it into an unreadable format.
● One of the goals of cryptography, and the mechanisms that make it up, is to
information from unauthorized individuals.
● Because with enough time, resources, and motivation, hackers can break most
algorithms and reveal the encoded information. So, a more realistic goal of
cryptography is to make obtaining the information too work intensive
or time consuming to be worthwhile the attacked.
● Modular math
Modular math lies behind much of cryptography; simply put, modular math
shows you what remains (the remainder) after division. It is sometimes called
“clock math” because we use it to tell time. Assuming a 12hour
clock, 6 hours past 9:00 PM is 3:00 AM. In
other words, 9 þ 6 is 15, divided by 12 leaves a remainder of 3.
As we will see later, methods like the running key
cipher use modular math. There are 26 letters in the English alphabet; adding
the letter “Y” (the 25th letter) to “C” (the third letter) equals “B” (the 2nd
letter). In other words, 25 þ 3 equals 28. 28 divided by 26 leaves a remainder of
2. It is like moving in a circle (such as a clock face): Once
you hit the letter “Z,” you wrap around back to “A.”
● Exclusive Or (XOR)
Exclusive
Or (XOR) is the “secret sauce” behind modern encryption.
Combining a key with a plaintext via XOR creates a ciphertext.
XORing ciphertext with the same key restores the original plaintext.
XOR math is fast and simple, so simple that it can be implemented with phone
relay switches (as we will see with the Vernam cipher) 1
Two bits are true (or 1) if one or the other (exclusively, not both) is 1; in other
words, if two bits are different the answer is 1 (true). If two bits are the same, th
answer is 0 (false). XOR uses a truth table, shown in Table 6.1.
This dictates how to combine the bits of a key and plaintext.If you were to
encrypt the plaintext “ATTACK AT DAWN” with a key of “UNICORN,”you
would XOR the bits of each letter together, letter by letter.Wewill encrypt and
then decrypt the first letter to demonstrate XOR math. “A” is binary 01000001
and “U” is binary 01010101. We then XOR each bit of the plaintext to the key,
using the truth table below: The result is
● History of Cryptography
● Hebrew cryptographic method required the alphabet to be flipped so each
letter in the original alphabet was mapped to a different letter in the flipped, or
shifted, alphabet.
The encryption method was called atbash, which was used to hide the true
meaning of messages.

An example of an encryption key used in the atbash encryption scheme is

shown here:
2ABCDEFGHIJKLMNOPQRSTUVWXYZZYXWVUTSRQPONMLKJIHGF
EDCBA This is an example of a substitution cipher, because each character is
replaced with another character.This type of substitution cipher is referred to as
a monoalphabetic substitution cipher because it uses only one alphabet,
whereas a polyalphabetic substitution cipher uses multiple alphabets.
● Scytale Cipher Around 400 B.C., the Spartans used a system of encrypting
information in which they would write a message on a sheet of papyrus (a type
of paper) that was wrapped around a staff (a stick or wooden rod), which was
then delivered and wrapped around a different staff by the recipient.
The message was only readable if it was wrapped around the correct size staff,
which made the letters properly match up.
● Caesar Cipher
Later,in Rome, Julius Caesar (100–44 B.C.) developed a simple method of
shifting letters of the alphabet, similar to the atbash scheme. He simply shifted
the alphabet by three positions. The following example shows a standard
alphabet and a shifted alphabet. The alphabet serves as the algorithm, and the
key is the number of locations it has been shifted during the encryption and
decryption process.
Standard Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cryptographic Alphabet: DEFGHIJKLMNOPQRSTUVWXYZABC
As an example, suppose we need to encrypt the message “Logical Security.”
We take the first letter of this message, L, and shift up three locations within the
alphabet. The encrypted version of this first letter is O, so we write that down.
The next letter to be encrypted is O, which matches R when we shift three
spaces. We continue this process for the whole message. Once the message is
encrypted, a carrier takes the encrypted version to the destination, where the
process is reversed.
Plaintext:
LOGICAL SECURITY
Ciphertext:
ORJLFDO VHFXULWB
● ROT13
3 A more recent encryption method used in the 1980s, ROT13, was really the
same thing as a Caesar cipher. Instead of shifting 3 spaces in the alphabet, the
encryption process shifted 13 spaces.
● Vigenere Cipher
In the 16th century in France, Blaise de Vigenere developed a polyalphabetic
substitution cipher for Henry III.This was based on the Caesar cipher, but it
increased the difficulty of the encryption and decryption process.
Whereas the Caesar cipher used 1 shift alphabet ( letters were shifted up three
places), the Vigenere cipher has 27 alphabets and the letters are shifted up only
one place. The message to be translated is SYSTEM SECURITY AND
CONTROL
The key to be used is SECURITY We have a Vigenere table or algorithm.
Key: SECURITY Plain text: SYSTEM SECURITY AND CONTROL
KEY : SECURI TYSECURI TYS ECURITY
CIPHER TEXT: KCUNV UMCUY TCKGT LVGQH KZHJL
Starting
with the first alphabet in our algorithm, trace over to the S column.
Then we look at the first value of plaintext that needs to be encrypted, which is
S, and go down to the S row. We follow the column and row and see that they
intersect on the value K. That is the first encrypted value of our message, so we
write down K. Then we go to the next value in our key, which is E, and the next
value of plaintext, which is Y. We see that the E column and the Y row intersect
at the cell with the value of C.
4 This is our second encrypted value, so we write that down.We
continue this process for the whole message (notice that the key repeats itself,
since the message is longer than the key).
The resulting ciphertext is the encrypted form that is sent to the destination.
The destination must have the same algorithm (Vigenere table) and the same
key
(SECURITY) to properly reverse the process to obtain a meaningful message.
● Cipher Disk
Cipher disks have two concentric disks, each with an alphabet around the
periphery. They allow both monoalphabetic and polyalphabetic encryption.
For monoalphabetic encryption, two parties agree on a fixed offset: “Set ‘S’ to
‘D’. For polyalphabetic encryption, the parties agree on a fixed starting offset
and then turn the wheel once every X characters: “Set ‘S’ to ‘D’ and then turn
the inner disk 1 character to the right after every 10 characters of encryption.
● Jeffersons Disk

Thomas Jefferson created Jefferson disks in the 1790s.Jefferson

called his invention the “wheel cypher.” It had 36 wooden disks, each with 26
letters in random order (“jumbled and without order,” according to Jefferson
[2]) along the edge, like the ridges of a coin. To encrypt a message with
Jefferson disks, you must first create an identical set of disks
and securely send one to the party you wish to communicate with. Then arrange
the first 36 letters of plaintext along one line of letters on the disks. Then pick
any other line of “jumbled” letters; this is the ciphertext. Continue this process
for each 36 letters of plaintext.
To decrypt, the recipient arranges the ciphertext along one line of the disks, and
then the recipient scans the other 25 lines, looking for one that makes sense (the
rest will be a jumble of letters, in all likelihood).
● Book cipher and runningkey
cipher
The book cipher and runningkey
cipher both use wellknown
texts as the basis for
keys.
A book cipher uses whole words from a wellknown
text such as a dictionary.
To encode, agree on a text source, and note the page number, line, and word
offset of each word you would like to encode. Benedict Arnold used a book
cipher to communicate with British conspirators. Here
is a sample of ciphertext sent from Arnold to Andre´ on July 12, 1780: “As
158.9.25 and 115.9.12 are 226.9.30d by./236.8.20ing 131.9.21, 163.9.6 . . . .”
This ciphertext means “As <word on page 158, column 9, offset 25> and <word
on page 115, column 9, offset 12>. . . .” etc. This translates into, “As life and
fortune are risked by serving His Majesty . . . .”
● Concealment Cipher A.
K.A. Null Cipher
5
Is a message within a message. If it is decided that the key value is every third
word, then when the message is received, the receiver will pick out every third
word and write it down.
● Project VENONA
VENONA
was a project undertaken by U.S. and U.K. cryptanalysts in the 1940s to
break the encryption used by the KGB (the Soviet Union’s national security
agency).The KGB used onetime pads for sensitive transmissions, which should
have rendered the ciphertext unbreakable; however, the KGB violated one of
the three rules of onetime pads in that they reused the pads.
This allowed the U.S. and U.K. cryptanalysts to break many of the
transmissions, providing critical intelligence. Many famous names were
decrypted, including details on the nuclear espionage committed by Ethel and
Julius Rosenberg.
● Hebern machines and purple
Hebern machines, named after Edward Hebern, are a class of cryptographic
devices known as rotor machines. The machine looked like a large manual
typewriter, electrified with rotors (rotating motors). These devices were used
after World War I, through World War II, and in some cases into the 1950s.
● Enigma
Enigma was used by German Axis powers during World War II. The military
version of Enigma (commercial versions also existed) had three finger wheels
that could be set to any number from 1 to 26 (the finger wheels provide the
key).
As you type on the keyboard, the finger wheels turn, and a lamp for the
corresponding ciphertext illuminates.
To decrypt, set the finger wheels back to their original position, and type the
ciphertext into the keyboard.
The lamps illuminate to show the corresponding plaintext.
● SIGABA
SIGABA
was a rotor machine used by the United States through World War II into the
1950s. While similar to other rotor machines such as Enigma, it was more
complex, based on analysis of weaknesses in Enigma by American
cryptanalysts, including William Friedman. SIGABA was also called ECM
(Electronic Code Machine) Mark II. SIGABAwas never known to be broken.
● Purple
6 Purple is the Allied name for the encryption device used by Japanese Axis
powers during World War II. While many sources describe Purple as a rotor
machine from the same era, such as Enigma and American SIGABA, it is
actually a stepping switch device, primarily built with phone switch hardware.
Other models included Red and Jade.
● Cryptographic Definitions and Concepts
Cryptography
Science of secret writing that enables an entity to store and transmit
data in a form that is available only to intended individuals.
Cryptanalysis
is the science of studying and breaking the secrecy of encryption
process, compromising authentication schemes, and reverseengineering
algorithms and keys.
Cryptology
The study of both cryptography and cryptoanalysis.
Encryption
is a method of transforming readable data, called plaintext, into a form
that appears to be random and unreadable, which is called ciphertext.
Plaintext
→ Encryption → Ciphertext → Decryption → Plaintext
Encipher
Act f transforming data into an unreadable format
Decipher
Act of transforming data into readable format.
A system or a product that provides encryption and decryption is referred to as a
cryptosystem and can be created through hardware components or program in
an application. PGP ( Pretty Good Privacy) is just one example of a
cryptosystem. A cryptosystem is made at least of the following:
● Software
● Protocols
● Algorithms
● Keys
The algorithm, the set of rules also known as the cipher, dictates how
enciphering and deciphering take place. Many of the mathematical algorithms
used in computer systems today are publicly known and are not the secret part
of the encryption process.
The secret piece of using a wellknown encryption algorithm is the key.
Key
Sequence of bits that are used as instructions taht govern the acts of
cryptographic functions within an algorithm.
Key
clustering Instance when two different keys generate the same ciphertext from
the same plaintext.
Keyspace
A range of possible values used to construct keys. Kerckhoffs’
principle said that the only secrecy involved with cryptography system
should be the key. By making an algorithm publicly available, means that many
more people can view the source code, test it, and uncover any type of flaws or
weaknesses.7 Governments around the world create their own algorithm that are
not released to the public. Their stance is that if a smaller number of people
know how the algorithm actually works, then a smaller number of people will
know how to possibly break it.
● The Strength of the Cryptosystem
The strength of an encryption method comes from the algorithm, the secrecy of
the key, the length of the key, the initialization vectors, and how they all work
together within the cryptosystem. When strength is discussed in encryption, it
refers to how hard it is to figure out the algorithm or key, whichever is not made
public.The strength of an encryption method correlates to the amount of
necessary processing power, resources, and time required to break the
cryptosystem, or to figure out the value of the key. Breaking
a cryptosystem can be accomplished by a brute force attack, which means
trying every possible key value until the resulting plaintext is meaningful.
The goal when designing an encryption method is to make compromising it too
expensive or too timeconsuming. Another name for cryptographic strength is
work factor, which is an estimate of the effort and resources it would take an
attacker to penetrate a cryptosystem. Other issues with encryption can weaken
encryption method. Improper protection of the key can weaken the encryption.
Important elements of encryption are to use an algorithm without flaws, use a
large key size, use all possible values within the keyspace, and protect the actual
key. If one element is weak, it could be the link that dooms the whole process.
● Services of Cryptosystems
Cryptosystem
can provide the following:
● Confidentiality Renders
the information unintelligible except by authorized entities.
● Integrity Data
has not been altered in an authorized manned since it was created,
transmitted, or stored.
● Authentication Verifies
that identity of the user or system that created the
information
● Authorization Upon
providing identity, the individuals is then provided with the key
or password that will allow access to some resource.
● Nonrepudiation Ensures
that the sender cannot deny sending the message.
8
● OneTime Pad
A onetime pad is a perfect encryption scheme because it is considered
unbreakable if
implemented properly.
It was invented by Gilbert Vernam in 1917, so sometimes it is referred to as the
VERNAM CIPHER.
This encryption process uses a binary mathematical function called
exclusiveOR, usually abbreviated as XOR.
XOR
is an operation that is applied to two bits and is a function commonly used in
binary mathematics and encryption methods. When combining the bits, if both
values are the same, the results is 0 (1 XOR 1 = 0). If the bits are different from
each other, the result is 1 (1 XOR 0 = 1). The one time pad encryption scheme
is deemed unbreakable only if the following things are true about the
implementation:
● The pad must be used only one time
● The pad must be as long as the message If
it is not as long as the message, the pad will need to be reused to cover the
whole message. This would be the same thing as using a pad more than one
time, which could introduce patterns.
● The pad must be securely distribute and protected at its destination
● The pad must be made up of truly random values This
may not seem like a difficult task, but even our computer system today do not
have truly random number generators. They have pseudorandom number
generators.A number generator is used to create a stream of random values
and must be seeded by an initial value. This piece of software obtains its
seeding value from some component within the computer system ( time, CPU,
cycles, and so on). Although a computer system is complex, it is a predictable
environment, so if the seeding value is predictable, in any way, the resulting
values created are not truly randombut
PSEUDORANDOM.
Although the onetime pad approach to encryption can provide a very high
degree of security, it is impractical in most situations because of all of its
different requirements.
● Steganography
Is a method of hiding data in another media type so the very existence of the
data is concealed. Only the sender and receiver are supposed to be able to see
the message because itis secretly hidden in a graphic, wave file, document, or
other type of media. The message is not encrypted, just hidden.
Steganography is a type of security through obscurity.
Steganography includes the concealment of information within computer files.
In digital steganographic coding inside of a document file, image file, program,
or protocol. Media files are ideal for steganographic transmission because of
their large size. Components that are involved with steganography are:
● Carrier A signal, data stream, or file that has hidden information (payload)
inside of it.9
● StegoMedium The medium in which the information is hidden.
● Payload The information that is to be concealed and transmitted.
The message is the payload. If the payload is embedded in the picture of, the
picture is the carrier file. The stegomedium is the JPEG. A method of
embedding the message into some type of medium is to use the least significant
bit (LSB). Many types of files have some bits that can be modified and not
affect the file they are in, which is where secret data can be hidden without
altering the file in a visible manner.In the LSB approach, graphics with a high
resolution or an audio file that has many different types of sounds are the most
successful for hiding information within. A concealment cipher ( null cipher), is
an exempla of a type of steganography method.
The null values are not part of the secret message, but are used to hide the secret
message.
● Digital Watermarking
The embedded logo or trademark is called a digital watermark. Instead
of having a secret message within a graphic that is supposed to be invisible to
you, digital watermarks are usually visible. These are put into place to DETER
people from using material that is not theirs. This type of steganography is
referred to as Digital Rights Management (DRM).
The goal is to restrict the usage of material that is owned by a company or
individual.
● Types of Cipher
Symmetric encryption ciphers come in two basic types:
● Substitution cipher It replaces bits, characters, or blocks of characters with
differents bits, characters, or blocks A substitution cipher uses a key to dictate
how the substitution should be carried out. In the Caesar cipher, each letter is
replaced with the letter three places beyond in the alphabet.
● Transposition cipher (permutation) Does not replace the original text with
different text, but rather moves the original values around. It rearranges the bits,
characters, or blocks of characters to hid the original meaning. In transposition
cipher, the values are scrambled, or put into a different order.The key
determines the positions the values are moved to.
● Understanding the relationship ALGORITHM X KEY
The algorithm contains the possible ways that substitution and transposition
processes can take place ( represented in mathematical formulas). 10 The key is
used as the instructions for the algorithm, dictating exactly how these
processes will happen and in what order. Conceptually, an algorithm is made up
of different boxes, each of which has a different set of mathematical formulas
that dictate the substitution and transposition steps that will take place on the
bits that enter the box. To foil an evildoer, we use a key, which is a set of values
that indicates which box should be used, in what order, and with what values.
It is the KEY that address the RANDOMNESS and the secrecy to the
encryption process.
● Simple substitution and transposition ciphers are vulnerable to attacks that
perform
frequency analysis.
● Key Derivation Function
For complex keys to be generated, a master key is commonly created, and then
symmetric keys are generated from it. When two or mode keys are created from
a master key, they are called subkeys KDFs are used to generate keys that are
made up of random values. Different values can be used independently or
together as random key material. The algorithm is created to use specific hash,
password, and/or salt values, which will go through a certain number of rounds
of mathematical functions dictated by the algorithm.
● Methods of Encryption
● Symmetric Cryptography
In a cryptosystem that uses symmetric cryptography the sender and receiver use
two instances of the same key for encryption and decryption. So the key has
dual functionality, in that it can carry out both encryption and decryption
process. Symmetric
keys are also called secret keys, because this type of encryption relies on
each user to keep the key a secret and properly protected.
The equation used to calculate the number of symmetric keys needed is N(N1)/
2 = number of keys. The key must be sent using an outofband method. Which
means that email, telephone calls or anything that could be intercepted , would
be a trusted way. Because both users employ the same key to encrypt and
decrypt messages, symmetric cryptosystems can provide
CONFIDENTIALITY,but they cannot provide AUTHENTICATION OR
NON REPUDIATION. There is no way to prove through cryptography who
actually sent a message if two people are using the same key. The following list
outlines the strengths and weakness of symmetric key systems:
● Strengths
Much faster (less computationally intensive) than asymmetric systems. 11 Hard
to break if using large key size.
● Weaknesses
Requires a secure mechanism to deliver keys properly Each pair of users needs
a unique key, so as the number of individuals increases, so does the number of
keys, possibly making key management overwhelming. Provides confidentiality
but not authenticity or non repudiation.
● The following are examples of symmetric algorithms:
Data Encryption Standard (DES) TripleDES (3DES) Blowfish International
Data Encryption Algorithm (IDEA) RC4, RC5 and RC6 Advanced Encryption
Standard (AES)
● Asymmetric Cryptography
In public key system, the pair of keys is made up of one public key and one
private key.The public key is know by everyone. The private key must be
known and used only by the owner. The two different asymmetric keys are
mathematically related. If the message is encrypted by one key, the other key is
required in order to decrypt the message.
It is not possible to encrypt and decrypt using the same key when using an
asymmetric key algorithm. If confidentiality is the most important security
service to a sender, then the sender would encrypt the file with the receiver’s
public key. This is called a secure message format because it can only be
decrypted by the person who has the corresponding private key. If
authentication is the most important security service to the sender, then the
sender would encrypt the data with his private key. This provides assurance to
the receiver that the only person who could have encrypted the data is the
individual who has possession of that private key. If the sender encrypted the
data with the receiver’s public key, authentication is not provided because this
public key is available to anyone. Encrypting data with the sender’s private key
is called an opens message format because anyone with a copy of the
corresponding public key can decrypt the message. Confidentiality is not
ensured. The following list outlines the strengths and weaknesses of
asymmetric key algorithms:
● Strengths Better key distribution than symmetric systems 12 Better
scalability than symmetric systems Can provide authentication and non
repudiation.
● Weaknesses Works much more slowly than symmetric systems.
Mathematically intensive tasks
● The following are examples of asymmetric key algorithms:
RivestShamirAdleman (RSA) Elliptic curve cryptosystem (ECC) DiffieHellman
El Gamal Digital Signature Algorithm (DSA) MerkleHellman Knapsack
● Block and Stream Ciphers.
The two main types of symmetric algorithms are block ciphers, which work on
blocks of bits, and stream ciphers which work on one bit at a time.
● Block Ciphers When a block cipher is used for encryption and decryption
purposes, the message is divided into blocks of bits
These blocks are then put through mathematical functions, one block at a time.
Suppose the block being used is the 64 bits. The message is 640 bits. This will
be chopped up into 10 individual blocks of 64 bits. Each block is put through a
succession of mathematical formulas, and the outcome is 10 blocks of encrypted
text. A strong cipher contains the right level of two main attributes:
● Confusion is commonly carried out through substitution.
Confusion pertains to making the relationship between the key and resulting
ciphertext as complex as possible so the key cannot be uncovered from the
ciphertext. Each ciphertext value should depend upon several parts of the key,
but this mapping between the key values and the ciphertext values should seem
completely random to the observer.
● Diffusion carried out by using transposition. For a cipher to be strong, it must
contain both of these attributes to ensure that reverseengineering is basically
impossible. The randomness of the key values and the complexity of the
mathematical functions dictate the level of confusion and diffusion involved.
A single plaintext bit has influence over several of the ciphertext bits. Changing
a plaintext value should change many ciphertext values, not just one. In fact, in
a strong block cipher, if one plaintext bit is changed, it will change every
ciphertext bit with the probability of 50%. This means that if one plaintext bit
changes, then about half of the ciphertext bits will change.
● A very similar concept of diffusion is the avalanche effect. If an algorithm
follows a strict avalanche effect criteria, this means that if the input to an
algorithm is slightly 13 modified then the output of the algorithm is changed
significantly. So a small change to the key or the plaintext should cause drastic
changes to the resulting ciphertext.
● Stream Ciphers A stream cipher treats the message as a stream of bits and
performs mathematical functions on each bit individually. When using a stream
cipher, a plaintext bit will be transformed into a different ciphertext bit each
time it is encrypted. Stream ciphers use Keystream generators, which produce
a stream of bits that is XORed with the plaintext bits to produce ciphertext.
This process is very similar to the onetime pad explained earlier. The individual
bits in the onetime pad are used to encrypt the individual bits of the message
through the XOR function, and in a stream algorithm the individual bits created
by the keystream generator are used to encrypt the bits of the message through
XOR also.In stream ciphers, the key also provides randomness, so that the
stream of bits that is XORed to the plaintext is as random as possible.
● Initialization Vectors (IVs)IVs are random values that are used with
algorithms to ensure patterns are not created during the encryption process.
They are used with keys and do not need to be encrypted when being sent to the
destination.If IVs are not used, then two identical plaintext values that are
encrypted with the same key will create the same ciphertext.
If the same phrase is repeated in the plaintext, then this could result in a pattern
in the ciphertext.IV and the key are both used by the algorithm to provide more
randomness to the encryption process.
● A strong and effective stream cipher contains the following characteristics:
14
Long periods of no repeating patterns within keystream values Bits
generated by the keystream must be random.
Statically unpredictable keystream Bits generated from the keystream
generator cannot be predicted.
A keystream not linearly related to the key If someone figures out the
keystream values, that does not mean they know the key value.
Statically unbiased keystream (as many zeroes as ones) There
should be no dominance in the number of zeroes or ones in the keystream.
Stream ciphers require a lot of randomness and encrypt individual bits at a time.
This requires more processing power than block ciphers require, which is why
stream ciphers are better suited to be implemented at the hardware level.
Because block ciphers do not require as much processing power, they can be
easily implemented at the software level. Overall, stream ciphers are considered
less secure than block ciphers and are used less frequently. Stream
ciphers can encrypt and decrypt more quickly and are able to scale better with
increased bandwidth requirements. When realtime applications, as in VoIP or
multimedia, have encryption requirements, it is common that stream ciphers are
implemented to accomplish this task.
● Cryptographic Transformation Techniques
Some other techniques used in algorithms to increase their cryptographic
strength are listed:
Compression Reduces redundancy before plaintext is encrypted. Compression
functions are run on the text before it goes into the encryption algorithm.
Expansion Expanding the plaintext by duplicating values. Commonly used to
increase the plaintext size to map the key sizes.
Padding
Adding material to plaintext data before it is encrypted.
Key Mixing Using a portion (subkey) of a key to limit the exposure of the key.
Key schedules are used to generate subkeys from master keys.
● Asymmetric and Symmetric Algorithms Used Together
Public key cryptography uses two keys ( public and private) generated by an
asymmetric algorithm for protecting encryption keys and key distribution, and a
secret key is generated by a symmetric algorithm and used for bulk encryption.
In the hybrid approach, the two technologies are used in a complementary
manner, with each performing a different function.
A symmetric algorithm creates keys used for encryption bulk data, and
asymmetric algorithm creates keys used for automated key distribution.
When a symmetric key is used for bulk data encryption, this key is used to
encrypt the message you want to send. The receiver will need the same
symmetric key to decrypt it. Asymmetric key is used to encrypt the symmetric
key. 15 The
symmetric is is used to encrypt the message and the asymmetric key is used to
encrypt the symmetric key. Asymmetric algorithm takes longer because the
math is more complex. Because the message will likely be longer than the
length of the key, we use the faster algorithm (symmetric) on the message and
the slower algorithm (asymmetric) on the key.
How it works:
Bill wants to send a message to Paul and wants only Paul to be able to read it.
1st Bill
encrypts his message with a secret key ( symmetric key). Bill has a ciphertext
and a symmetric key. 2nd Bill encrypts the symmetric key with an asymmetric
key. Here is the key to understand it Asymmetric algorithms use public and
private key. So Bill will encrypt the symmetric key with Paul’s PUBLIC KEY.
Now Bill has a ciphertext from the message and a ciphertext from the
symmetric key.
● The symmetric key was encrypted with Paul’s public key, because Bill wants
only Paul to read it. So the only one able to decrypt Paul’s public key is Paul
who has the private key.
● If Bill encrypted the message with his private key, then anyone who has Bill’s
public key would be able to decrypt it and know the symmetric key.
3rd Paul receives Bill’s message and Paul uses his private key to decrypt the
symmetric key.
4th Paul then uses the symmetric key to decrypt the message.16
● If a symmetric key is encrypted with the receiver’s public key, then it will
provide
CONFIDENTIALITY because only the receiver’s private key can be used to
decrypt
the symmetric key, and only the receiver should have access to this private key.
● If data are encrypted with the sender’s private key, then it will provide
AUTHENTICITY
AND NON REPUDIATION. If the receiver can decrypt the encrypted data
with the sender’s public key, then the receiver knows the data was encrypted
with the sender’s private key.
● Session keys Session key is a singleuse symmetric key that is used to encrypt
messages between two users during a communication session. A session key is
no different from the symmetric key described in the previous section, but it is
only good for one communication session between users. A session key
provides more protection than static symmetric key because it is valid for only
one session between two computers.
● Digital Enveloper
The use of Asymmetric algorithm and symmetric algorithm is referred to
Hybrid mode as well as DIGITAL ENVELOPE.
● Symmetric cryptography can be referred to as any of the following:
Single key cryptography Secret key cryptography Session key
cryptography
17 Private key cryptography Sharedkey cryptography
● Types of Symmetric Systems
The one thing that they all have in common is that they are symmetric
algorithms,
meaning the sender and receiver are using two instances of the same key.
● Data Encryption Standard (DES)
IBM developed a 128bit algorithm called Lucifer which was accepted by NIST.
The NSA modified this algorithm to use a key size of 64 bits ( with 8 bits for
parity, resulting in an effective key length of 56 bits instead of the 128bits.
The NSA named it Data Encryption Algorithm (DEA) which is the algorithm
for DES DES is the standard and DEA the algorithm. DES is a symmetric
block encryption algorithm, When 64bit block of plaintext go in, 64bit of
ciphertext come out.It is also a symmetric algorithm, meaning the same key is
used for encryption and decryption. It uses a 64bit key: 56 bits make up the true
key, and 8 bits are used for parity. When the DES algorithm is applied to data, it
divides the message into blocks and operates on them one at a time. The blocks
are put through 16 rounds of transposition and substitution functions. The order
and type of transposition and substitution functions depend on the value of the
key used with the algorithm.
● DES Modes Block ciphers have several modes of operation. Each mode
specifies how a block cipher will operate. One mode may work better in one
type of environment for specific functionality, whereas another mode my work
better in another environment with totally different requirements. DES and
other symmetric block ciphers have several distinct modes of operation that are
used in different situations for different results. Here are five of them:
● Electronic Code Book (ECB)
● Cipher Block Chaining (CBC)
● Cipher Feedback (CFB)
● Output Feedback (OFB)
● Counter Mode (CTR)
● Electronic Code Book (ECB):
ECB mode operates like a code book. A 64bit data block is entered into the
algorithm with a key, and a block of ciphertext is produced. For a given block
of plaintext and a given key, the same block of ciphertext is always
produced.18Not all messages end up in neat and tidy 64bit blocks, so ECB
incorporates padding to address this problem. ECB is the easiest and fastest
mode to use, but hast it dangers. A key is basically instructions for the use of
code book that dictates how a block of text will be encrypted and decrypted.
The code book provides the recipe of substitutions and permutations that will be
performed on the block of plaintext. The security issue is that by using ECB ,
each block will be encrypted with the exact same key, and thus the exact same
code book. This means that if the word “Arthur” was encrypted and the result
was “hwssim”, each time it was encrypted using the same key, the same
ciphertext would always be given.
The crux of the problem is that there is not enough randomness to the process of
encrypting the independent blocks, so if this mode is used to encrypt a large
amount of data, it could be cracked more easily than other modes that block
cipher can work in. This mode is the fastest and easiest. So people use it to
encrypt small amounts of data, such as PINs, challenge response values in
authentication processes, and encrypting keys. Some important characteristics
of ECB encryption are :
● Operations can be run in parallel, which decreases processing time.
● Errors are contained. If an error takes place during the encryption process, it
only affects one block of data.
● Only usable for the encryption of short messages.
● Cannot carry out preprocessing functions before receiving plaintext.
● Cipher Block Chaining (CBC) mode
It does not review a pattern because each block of text, the key, and the value
based on the previous block are processed in the algorithm and applied to the
next block of text. This results in more random ciphertext. The results of one
block are XORed with the next block before it is encrypted, meaning each block
is used to modify the following block. This chaining effect means that a
particular ciphertext block is dependent upon all blocks before it , not just the
previous block.To add randomness, 64bit IV is added to it. The 64bit IV is
XORed with the first block of plaintext, and then it goes through the encryption
processes.
The result of that (ciphertext), is XORed with the second block of plaintext, and
the second block encrypted. If we choose a different IV each time we encrypt a
message, every if it is the same message, the ciphertext will always be unique.
● Cipher Feedback (CFB) Mode
CFC is a combination of a block cipher and a stream cipher. 19 For the first
block of eight bits that needs to be encrypted, e do tha same thing we did in
CBC mode, which is to use an IV. They Key and the IV are used by the
algorithm to create a keystream, which is just a random set of bits.
This set of bits is XORed to the block of plaintext, which results in the same
size block of ciphertext. This result will be used to encrypt the next block of
plaintext.
CFB mode can be used to encrypt any size blocks, even blocks of just one bit.
But since most of our encoding maps eight bits to one characters, using CFB to
encrypt eight bit blocks is very common. When using CBC mode, it is a good
idea to use a unique IV value per message, but this is not necessary since the
message being encrypted is usually very large.
When using CFB mode, we are encrypting a smaller amount of data, so it is
imperative
a new IV value be used to encrypt each new stream of data.
● Output Feedback (OFB) Mode
In some case you still need to encrypt a small amount of data at a time (one to
eight bits), but you need to ensure possible errors do not affect your encryption
and decryption process. The previous Modes that use dependency, the next
block is encrypted with the previous ciphertext. If the ciphertext is corrupted,
then the whole data at the end will also be. With this mode, the values used to
encrypt the next block of plaintext are coming directly from the keystream, not
from the resulting ciphertext. If you need to encrypt something that would be
very sensitive to these types of errors, such as digitized video or digitized video
signals, you should not use CFB mode. You should use OFB. So OFB mode is a
mode that a block cipher can work in when it needs to emulate a stream because
it encrypts small amounts of data at a time, but has a smaller chance of creating
and extending errors through the full encryption process.
● Counter (CTR) Mode
Isvery similar to OFB mode, but instead of using a randomly unique IV value to
generate the keystream values, this mode uses an IV counter that increments for
plaintext block that needs to be encrypted. The unique counter ensures that each
block is XORed with a unique keystream value. The other difference is that
there is no chaining involved, which means no ciphertext is brought forward to
encrypt the next block. 20 Since there is no chaining, the encryption of the
individual blocks can happens in parallel, which increases the performance.
The main reason CTR would be used instead of the other modes is
PERFORMANCE.
This mode has been around for quite sometime and is used in encrypting ATM
cells for virtual circuits, in IPSec, and is now integrated in the new WIFI
standard 802.11i.
● Wrappingup the Modes
● ECB Used for the process of encrypting small amounts of data, such as key or
PIN value. These components will be around 64 bits or more, so ECB modes
work as a true block cipher. Blocks work independently.
● CBC Used to encrypt larger amounts of data in block sizes of 64 bits. Uses
concepts of chain.
● CFB Used to encrypt smaller amount of data. It works like a stream cipher.
Encrypts individuals bits of a block.
● OFB Used to encrypt smaller amount of data but since it does not use the
previous ciphertext to encrypt the next block of plaintext, there are more
chances that there will be not errors at the end of the encryption process. If the
first ciphertext is corrupted, then the whole encryption will be. It uses the
keystream to encrypt the next plaintext.
● CRT It is very similar to OFB. but instead of using a randomly unique IV
value to generate the keystream values, this mode uses an IV counter that
increments for each plaintext block that needs to be encrypted. Does not use the
CHAIN concept. Encryption can run in parallel. The main reason to be used is
PERFORMANCE.
Synchronous
cryptosystems use keystreams to encrypt plaintext one bit at a time. The key
stream values are “in synch” with the plaintext value.
Asynchronous
cryptosystems uses previously generated output to encrypt the current plaintext
values.
So stream algorithm would be considered synchronous, while a block algorithm
using chaining would be considered asynchronous.
● TripleDES
Triple Data Encryption Algorithm ( TDEA) = Algorithm 3DES uses 48 rounds
in its computation, which makes it highly resistant to differential cryptanalysis.
However, because of the extra work 3DES performs, there is a heavy
performance hit. It can take up to three times longer than DES to perform
encryption and decryption. 3DES can work in different modes, and the mode
chosen dictates the number of 21keysused and what functions are carried out:
● DESEEE3
Uses three different keys for encryption, and the data are encrypted, encrypted,
encrypted.
● DESEDE3
Uses three different keys for encryption, and the data are encrypted, decrypted,
encrypted.
● DESEEE2
The same as DESEEE3, but uses only two keys, and the first and third
encryption processes use the same key.
● DESEDE2
The same as DESEDE3, but uses only two keys, and the first and third
encryption processes use the same key.
● The Advanced Encryption Standard
In January 1997, NIST announced its request for AES candidates and outlined
the requirements in FIPS PUB 197.
AES was to be a symmetric block cipher supporting key sizes of 128, 192, and
256 bits. The following five algorithms were the finalists:
● MARS Developed by the IBM team that created Lucifer
● RC6 Developed by RSA Laboratories
● Serpent Developed by Ross Anderson, Eli Biham, and Lars Knudsen
● Twofish Developed by Counterpane Systems
● Rijndael Developed by Joan Daemen and Vincent Rijmen Out of these
contestants, Rijndael was chosen.The
block sizes that Rijndael supports are 128, 192, and 256 bits. The number of
rounds depends upon the size of the block and the key length:
● If both the key and block size are 128 bits, there are 10 rounds.
● If both the key and block size are 192 bits, there are 12 rounds.
● If both the key and block size are 256 bits, there are 14 rounds.
Rijndael works well when implemented in software and hardware in a wide
range of products and environments.
It has low memory requirements and has been constructed to easily defend
against
timing attacks. Rijndael was NIST’s choice to replace DES.
It is now the algorithm required to protect sensitive but unclassified U.S.
government information. DEA is the algorithm used within DES, and
Rijndael is the algorithm used in
AES. AES has four functions:
● ShiftRows Provides diffusion
● MixColumns Provides diffusion
● SubBytes Provides Confusion
● AddRoundKey Provides XORs. 22
● International Data Encryption Algorithm (IDEA): Is a block cipher and
operates on 64bit blocks of data. The 64bit data block is divided into 16 smaller
blocks, and each has eight rounds of mathematical functions performed on
it.The key is 128 bits long, and IDEA is faster than DES when implemented in
software.
The IDEA is used in the PGP and other encryption software implementations.
It was thought to replace DES, put it is patented, meaning that licensing fees
would have to be paid to use it.
So far there have been no successful practical attacks to this algorithm.
● Blowfish
Blowfish is a block cipher that works on 64bit
blocks of data. The key length can be anywhere from 32 bits up to 448 bits, and
the data blocks go through 16 rounds of cryptographic functions.
It was intended as a replacement to the aging DES. Blowfish is unpatented and
the algorithm is placed on a public domain.
● RC4
RC4
is one of the most commonly implemented stream ciphers.
It has a variable key size, is used in the SSL protocol, and was (improperly)
implemented in the 802.11 WEP protocol standard. Since the source code was
released nefariously, the stolen algorithm is sometimes implemented and
referred to as ArcFour or ARC4 because the title RC4 is trademarked.
The algorithm is very simple, fast, and efficient, which is why it became so
popular. But because it has a low diffusion rate, it is subject to modification
attacks. This is one reason that the new wireless security standard (IEEE
802.11i) moved from the RC4 algorithm to the AES algorithm.
● RC5 RC5 is a block cipher that has a variety of parameters it can use for
block size, key size, and the number of rounds used. It was created by Ron
Rivest and analyzed by RSA Data Security, Inc.
The block sizes used in this algorithm are 32, 64, or 128 bits, and the key size
goes up to 2,048 bits. The number of rounds used for encryption and decryption
is also variable. The number of rounds can go up to 255.
● RC6 RC6 is a block cipher that was built upon RC5, so it has all the same
attributes as RC5. The algorithm was developed mainly to be submitted as AES,
but Rijndael was chosen instead. 23 There were some modifications of the RC5
algorithm to increase the overall speed, the result of which is RC6.
● Types of Asymmetric Systems
Using only symmetric key cryptography has three drawbacks, which affect the
following:
● Security services Purely symmetric key cryptography provides
confidentiality only, not authentication or nonrepudiation.
● Scalability As the number of people who need to communicate increases, so
does the number of symmetric keys required, meaning more keys must be
managed.
● Secure key distribution The symmetric key must be delivered to its
destination through a secure courier.
● The DiffieHellman Algorithm
The DiffieHellman algorithm enables two systems to generate a symmetric key
securely without requiring a previous relationship or prior arrangements.
The algorithm allows for key distribution, but does not provide encryption or
digital signature functionality. The original DFH algorithm is vulnerable to a
maninthemiddle attack because no authentication occurs before public keys are
exchanged. The countermeasure to this type of attack is to have authentication
to take place before accepting someone’s public key, which usually happens
through the use of digital signatures and digital certificates. DFH uses key
agreements whichs is different from key exchange. MQV
(MenezesQuVanstone) is an authentication key agreement cryptography
function very similar to DiffieHellman. The users’ public keys are exchanged to
create session keys. It provides protection from an attacker figuring out the
session key because she would need to have both users’ private keys.
● RSA
RSA, named after its inventors Ron Rivest, Adi Shamir, and Leonard Adleman,
is a public key algorithm that is the most popular when it comes to asymmetric
algorithms. RSA is a worldwide de facto standard and can be used for digital
signatures, key exchange, and encryption. It was developed in 1978 at MIT
and provides authentication as well as key encryption.
It can be used as a key exchange protocol, meaning it is used to encrypt the
symmetric key to get it securely to its destination. 24 So, when RSA is used as a
key exchange protocol, a cryptosystem generates a symmetric key using either
the DES or AES algorithm. Then the system encrypts the symmetric key with
the receiver’s public key and sends it to the receiver. The symmetric key is
protected because only the individual with the corresponding private key can
decrypt and extract the symmetric key.
OneWay Function A oneway function is a mathematical function that is easier
to compute in one direction than in the opposite direction. This function
supplies a trapdoor, but the only way the trapdoor can be taken advantage of is
if it is known about and the correct code is applied. The private key provides
this service. The private key knows about the trapdoor, knows how to derive the
original prime numbers, and has the necessary programming code to take
advantage of this secret trapdoor to unlock the encoded message.
Knowing about the trapdoor and having the correct functionality to take
advantage of it are what make the private key private.
When a oneway function is carried out in the easy direction, encryption and
digital signature verification functionality are available. When the oneway
function is carried out in the hard direction, decryption and signature generation
functionality are available.
This means only the public key can carry out encryption and signature
verification and
only the private key can carry out decryption and signature generation.
● EL Gamal
El Gamal is a public key algorithm that can be used for digital signatures,
encryption, and key exchange.
It is based not on the difficulty of factoring large numbers but on calculating
discrete logarithms in a finite field. El Gamal is actually an extension of the
DiffieHellman algorithm. Although El Gamal provides the same type of
functionality as some of the other asymmetric algorithms, its main drawback is
performance. When compared to other algorithms, this algorithm is usually the
slowest.
● Elliptic Curve Cryptosystems
Elliptic curves are rich mathematical structures that have shown usefulness in
many different types of applications. An elliptic curve cryptosystem (ECC)
provides much of the same functionality RSA provides: digital signatures,
secure key distribution, and encryption. One differing factor is ECC’s
efficiency. ECC is more efficient than RSA and any other asymmetric
algorithm. Some devices have limited processing capacity, storage, power
supply, and bandwidth, such as wireless devices and cellular telephones. With
these types of devices, efficiency of resource use is very important. 25 ECC
provides encryption functionality, requiring a smaller percentage of the
resources compared to RSA and other algorithms, so it is used in these types of
devices.
In most cases, the longer the key, the more protection that is provided, but ECC
can provide the same level of protection with a key size that is shorter than what
RSA requires. Because longer keys require more resources to perform
mathematical tasks, the smaller keys used in ECC require fewer resources of the
device.
● Knapsack Over the years, different versions of knapsack algorithms have
arisen. The first to be developed, MerkleHellman, could be used only for
encryption, but it was later improved upon to provide digital signature
capabilities. These types of algorithms are based on the “knapsack problem,” a
mathematical dilemma that poses the following question: If you have several
different items, each having its own weight, is it possible to add these items
to a knapsack so the knapsack has a specific weight?
This algorithm was discovered to be insecure and is not currently used in
cryptosystems.
● Message Integrity
Hash algorithms are required to successfully detect intentional and unintentional
unauthorized modifications to data.
The OneWay Hash
A oneway hash is a function that takes a variable length string (a message) and
produces a fixedlength value called a hash value. The hashing algorithm is not a
secret—it is publicly known. The secrecy of the oneway hashing function is its
“onewayness.” The function is run in only one direction, not the other direction.
This is different from the oneway function used in public key cryptography, in
which security is provided based on the fact that, without knowing a trapdoor, it
is very hard to perform the oneway function backward on a message and come
up with readable plaintext. The hashing oneway function takes place without the
use of any keys. Due to that, if the message is intercepted, changed and another
message digest generated, the receiver will not know that was changed because
the two message digest will be the same. If more protection is wanted, then
MAC (message authentication code) is needed.
A MAC function is an authentication scheme derived by applying a secret key
to a message in some form. This does not mean the symmetric key is used to
encrypt the message, though.
You should be aware of three basic types of MACs: a hash MAC (HMAC),
CBCMAC, and CMAC.
➢ HMAC 26 In HMAC instead of just a plain hashing algorithm, a symmetric
key would be concatenated with the message. This result of this processes
would be put through a hashing algorithm, and the result
would be a MAC value. This MAC value is then appended to the message and
sent to the receiver. If someone were to intercept it and modify it, he would not
have the necessary symmetric key to create the MAC value because the
symmetric key is not known. When the message is concatenate with a
symmetric key, it does not mean a symmetric key is used to encrypt the
message.
The message is not encrypted in an HMAC function, so THERE IS NO
CONFIDENTIALITY being provided. This type of technology requires the
sender and receiver to have the same symmetric key.
➢ CBCMAC If a CBCMAC is being used, the message is encrypted with a
symmetric block cipher in CBC mode, and the output of the final block of
ciphertext is used as the MAC. The sender does not send the encrypted
version of the message, but instead sends the plaintext version and the MAC
attached to the message. The receiver receives the plaintext message and
encrypts it with the same symmetric block cipher in CBC mode and calculates
an independent MAC value. The receiver compares the new MAC value sent
with the message. This
method does not use a hashing algorithm as does HMAC. The use of the
symmetric key ensures that the only person who can verify the integrity of the
message is the person who has a copy of this key. The receiver knows that the
message came from the system that has the other copy of the symmetric key, so
MAC provides a form of authentication. It provides DATA ORIGIN
AUTHENTICATION sometimes referred to as SYSTEM
AUTHENTICATION. MAC authentication provides the weakest form of
authentication because it is not bound to a user, just to a computer or device.
➢ CMAC ( Cipherbased Message Authentication Code) It provides the same
type of data origin authentication and integrity as CBCMAC, butis more secure
mathematically. CMAC is a variation of CBCMAC.
It is approved to work with AES and 3DES. The symmetric algorithm (AES and
3DES) creates the symmetric key. This key is used to create subkeys.
The subkeys are used individually to encrypt the individual blocks of a
message.
➢ CCM A newer block mode combines CTR and CBCMAC and is called
CCM. 27 The goal of using this mode is to provide both data origin
authentication and encryption through the use of the same key. One key value is
used for the counter values for CTR mode encryption and the IV value for
CBCMAC operations.
The IEEE 802.11i wireless security standard outlines the use of CCM mode for
the block cipher AES.
PRINT PAGE 825
● Hashing Algorithms If a hashing algorithm takes steps to ensure it does not
create the same hash value for two or more messages, it is said to be collision
free. Strong cryptographic hash functions has the following characteristics:
● The hash should be computed over the entire message.
● The hash should be a oneway function so messages are not disclosed by their
values.
● Given a message and its hash value, computing another message with the
same hash value should be impossible.
● The function should be resistant to birthday attacks.
● Message Digest 2 (MD2) Algorithm
MD2 is a oneway hash function designed by Ron Rivest that creates a 128bit
message digest value.
It is not necessarily any weaker than the other algorithms in the “MD”family,
but it is much slower.
● Message Digest 4 (MD4) Algorithm
MD4 is a oneway hash function designed by Ron Rivest. It also produces a
128bit message digest value. It is used for highspeed computation in software
implementations and is optimized for microprocessors.
● Message Digest 5 (MD5) Algorithm
MD5 was also created by Ron Rivest and is the newer version of MD4. It still
produces a 128bit hash, but the algorithm is more complex, which makes it
harder to break. MD5 added a fourth round of operations to be performed
during the hashing functions and makes several of its mathematical operations
carry out more steps or more complexity to provide a higher level of security.
● SHA
SHA was designed by NSA and published by NIST to be used with the Digital
Signature Standard (DSS). 28 SHA was designed to be used in digital signatures
and was developed when a more secure hashing algorithm was required for U.S.
government applications. SHA produces a 160bit hash value, or message digest.
This is then inputted into an asymmetric algorithm, which computes the
signature for a message. SHA is similar to MD4. It has some extra mathematical
functions and produces a 160bit hash instead of a 128bit hash, which makes it
more resistant to brute force attacks, including birthday attacks. SHA was
improved upon and renamed SHA1. Recently, newer versions of this algorithm
(collectively known as the SHA2 family) have been developed and released:
SHA256, SHA384,and SHA512.
● HAVAL HAVAL is a variable length, oneway hash function and is a
modification of MD5.It processes message blocks twice the size of those used
in MD5; thus, it processes blocks of 1,024 bits.
HAVAL can produce hashes from 128 to 256 bits in length.
● Tiger Ross Anderson and Eli Biham developed a hashing algorithm called
Tiger. It was designed to carry out hashing functionalities on 64bit systems and
to be faster than MD5 and SHA1. The resulting hash value is 192 bits. Design
wise, most hash algorithms (MD5,
RIPEMD, SHA0, and SHA1) are derivatives or have been built upon the MD4
architecture. Tiger was built upon a different type of architecture with the goal
of not being vulnerable to the same type of attacks that could be successful on
the other hashing algorithms.
● RIPE A European project called RIPE (RACE Integrity Primitives
Evaluation) developed a hashing algorithm with the purpose of replacing MD4.
This algorithm is called RIPEMD and is very similar to MD4, but has not
gained much
attention as of yet.
● Attacks Against OneWay Hash Functions
A strong hashing algorithm does not produce the same hash value for two
different messages. If the algorithm does produce the same value for two
distinctly different messages, this is called a collision.An attacker can attempt to
force a collision, which is referred to as a birthday attack.
This attack is based on the mathematical birthday paradox that exists in standard
statistics. The name is based on fact that in a room with 23 people or more, the
odds are greater than 50% that two will share the same birthday. 29 If you are in
a room full of 23 people, you have a 1 in 365 chance of sharing a birthday with
each of the 22 other people in the room, for a total of 22/365 chances. If you fail
to match, you leave the room and Joe has a 21/365 chance of sharing a birthday
with the remaining people. If Joe fails to match, he leaves the room and Morgan
has a 20/365 chance, and so on. If you add 22/365 þ 21/365 þ 20/365 þ
19/365 . . . þ 1/365, you pass 50% probability.
● Digital Signatures
A digital signature is a hash value that has been encrypted with the sender’s
private key. The act of signing means encrypting the message’s has value with a
private key.
How it works: 1st Message is put through a hashing algorithm and hash value
is generated.
2ndThe sender uses his private key to encrypt the hash value
3rd Sender sends the message to receiver
4th When receiver gets the message, he will perform the hashing function on
the message and come up with his own hashing value.
5th Receiver will then decrypt the sent hash value (digital signature) with the
sender’s public key
6th Receiver will then compare both hash values. If they are the same, then he
can be surthat the message was not altered during transmission. The receiver is
also sure the message
came from the sender because the value was encrypted with his private key.
Thehashing function ensures the integrity of the message, and the signing of
the
hash value provides authentication and nonrepudiation.
●
Available choices within Cryptography
Different algorithms provide different types of security services
● A message can be encrypted, which provides confidentiality.
● A message can be hashed, which provides integrity.
● A message can be digitally signed, which provides authentication,
nonrepudiation, and integrity.
● A message can be encrypted and digitally signed, which provides
confidentiality, authentication, nonrepudiation,
and integrity.
● Digital Signature Standard
Because digital signatures are so important in proving who sent which
messages, the U.S. government decided to establish standards pertaining to their
functions and acceptable use.
In 1991, NIST proposed a federal standard called the Digital Signature Standard
(DSS). The federal government requires its departments to use DSA (Digital
Signature Algorithm), RSA, or the elliptic curve digital signature algorithm
(ECDSA) and SHA. SHA creates a 160bit message digest output, which is then
inputted into one of the three mentioned digital signature algorithms.
30 SHA is used to ensure the integrity of the message, and the other algorithms
are used to digitally sign the message. This is an example of how two different
algorithms are combined to provide the right combination of security services.
RSA and DSA are the best known and most widely used digital signature
algorithms. DSA was developed by the NSA. Unlike RSA, DSA can be used
only for digital
signatures, and DSA is slower than RSA in signature verification. RSA can
be used for digital signatures, encryption, and secure distribution of symmetric
keys.
● PKI Public Key Infrastructure
Public key infrastructure (PKI) consists of programs, data formats, procedures,
communication protocols, security policies, and public key cryptographic
mechanisms working in a comprehensive manner to enable a wide range of
dispersed people to communicate in a secure and predictable fashion.
In other words, a PKI establishes a level of trust within an environment. PKI is
an ISO authentication framework that uses public key cryptography and the
X.509 standard
The framework was set up to enable authentication to happen across different
networks and the Internet. Particular protocols and algorithms are not specified,
which is why PKI is called a framework and not a specific technology.
PKI provides authentication, confidentiality, nonrepudiation, and integrity
of the messages exchanged. It is a hybrid system of symmetric and asymmetric
key algorithms and methods already discussed.
➢ Certification Authorities
Each person who wants to participate in a PKI requires a digital certificate,
which is a credential that contains the public key for that individual along with
other identifying information.
The certificate is created and signed (digital signature) by a trusted third party,
which is a certificate authority (CA).
When the CA signs the certificate, it binds the individual’s identity to the public
key, and the CA takes liability for the authenticity of that individual.
It is this trusted third party (the CA) that allows people who have never met to
authenticate to each other and to communicate in a secure method. When a
person requests a certificate, the registration authority (RA) verifies that
individual’s identity and passes the certificate request off to the CA. The CA
constructs the certificate, signs it, sends it to the requester, and maintains the
certificate over its
lifetime. When another person wants to communicate with this person, the CA
will basically vouch for that person’s identity.
31 The CA can be internal to an organization. Such a setup would enable the
company to control the CA server, configure how authentication takes place,
maintain the certificates, and recall certificates when necessary.
Other CAs are organizations dedicated to this type of service, and other
individuals and companies pay them to supply it.
A cross certification is the process undertaken by CAs to establish a trust
relationship in which they rely upon each other’s digital certificates and public
keys as if they had issued themselves.
The CA is responsible for creating and handing out certificates, maintaining
them and revoking them if necessary.
Revocation
is handled by the CA, and the revoked certificate information is stored on
a certificate revocation list (CRL). This is a list of every certificate that has
been
revoked. This list is maintained and updated periodically. A certificate may be
revoked because the key holder’s private key was compromised or because the
CA discovered the certificate was issued to the wrong person
Online Certificate Status Protocol (OCSP) is being used more and more
rather than the cumbersome CRL approach. When using just a CRL, the user’s
browser must either check a central CRL to find out if the certification has been
revoked or the CA has to continually push out CRL values to the clients to
ensure they have an updated
CRL. If OCSP is implemented, it does this work automatically in the
background. It carries out real time validation of a certificate and reports back to
the user whether the certificate is valid, invalid, or unknown. OCSP checks the
CRL that is maintained by the CA.
So the CRL is still being used, but now we have a protocol developed
specifically to check the CRL during a certificate validation process.
● Certificates One of the most important pieces of a PKI is its digital
certificate.
A certificate is the mechanism used to associate a public key with a collection
of
components in a manner that is sufficient to uniquely identify the claimed
owner.
The standard for how the CA creates the certificate is X.509, which dictates the
different fields used in the certificate and the valid values that can populate
those
fields. The most commonly used version is 3 of this standard, which is often
denoted as X.509v3. Many cryptographic protocols use this type of certificate,
including SSL.
The certificate includes the serial number, version number, identity
information, algorithm information, lifetime dates, and the signature of the
issuing authority.
● The Registration Authority (RA) The registration authority (RA) performs
the certification registration duties. 32 The RA establishes and confirms the
identity of an individual, initiates the certification process with a CA on behalf
of an end user, and performs certificate lifecycle management functions.
The RA cannot issue certificates, but can act as a broker between the user and
the
CA.When users need new certificates, they make requests to the RA, and the
RA verifies all necessary identification information before allowing a request to
go to the CA.
● PKI Steps:
1. John makes a request to the RA.
2. The RA requests certain identification information from John, such as a copy
of his driver’s license, his phone number, his address, and other identifying
information.
3. Once the RA receives the required information from John and verifies it, the
RA sends his certificate request to the CA.
4. The CA creates a certificate with John’s public key and identity information
embedded. (The private/public key pair is generated either by the CA or on
John’s machine, which depends on the systems’ configurations. If it is created
at the CA, his private key needs to be sent to him by secure means. In most
cases, the user generates this pair and sends in his public key during the
registration process.)
5. John requests Diane’s public key from a public directory.
6. The directory, sometimes called a repository, sends Diane’s digital certificate.
7. John verifies the digital certificate and extracts her public key. John uses this
public key to encrypt a session key that will be used to encrypt their messages.
John sends the encrypted session key to Diane. John also sends his certificate,
containing his public key, to Diane.
8. When Diane receives John’s certificate, her browser looks to see if it trusts
the
CA that digitally signed this certificate. Diane’s browser trusts this CA and,
after she verifies the certificate, both John and Diane can communicate using
encryption.
A PKI may be made up of the following entities and functions:
● Certification authority
● Registration authority
● Certificate repository
● Certificate revocation system
● Key backup and recovery system
● Automatic key update
● Management of key histories
● Timestamping
● Clientside
Software 33
PKI
supplies the following security services :
● Confidentiality, Access Control, Integrity, Authentication and
NonRepudiation
● Another important component that must be integrated into a PKI is a reliable
time source that provides a way for secure timestamping. This comes into play
when true nonrepudiation is required.
● Key Management
The keys must be distributed securely to the right entities and updated
continuously. They must also be protected as they are being transmitted and
while they are being stored on each workstation and server.
The keys must be generated, destroyed, and recovered properly. Key
management can be handled through manual or automatic processes. A
company must evaluate the overhead of key management, the required security
level, and cost benefit
issues to decide how it will conduct key management, but overall, automation
provides a more accurate and secure approach. Key management is the most
challenging part of cryptography and also the most
crucial.
➢ Key Management Principles
Key management is critical for proper protection. The following are
responsibilities that fall under the key management umbrella:
● The key length should be long enough to provide the necessary level of
protection.
● Keys should be stored and transmitted by secure means.
● Keys should be extremely random, and the algorithm should use the full
spectrum of the keyspace.
● The key’s lifetime should correspond with the sensitivity of the data it is
protecting. (Less secure data may allow for a longer key lifetime, whereas more
sensitive data might require a shorter key lifetime.)
● The more the key is used, the shorter its lifetime should be.
● Keys should be backed up or escrowed in case of emergencies.
● Keys should be properly destroyed when their lifetime comes to an end.*
● Key escrow is a process or entity that can recover lost or corrupted
cryptographic keys; thus, it is a common component of key recovery operations.
When two or more entities are required to reconstruct a key for key recovery
processes, this is known as multiparty key recovery.
● Multiparty key recovery implements dual control, meaning tha two or more
people have to be involved with a critical task.
● Trusted Platform Module
The Trusted Platform Module (TPM) is a microchip installed on the
motherboard of modern computers and is dedicated to carrying out security
functions that involve the 34 storage and processing of symmetric and
asymmetric keys, hashes, and digital certificates. The TPM was devised by the
Trusted Computing Group (TCG), an organization that promotes open standards
to help strengthen computing platforms against security weaknesses and attacks.
➢ TPM Uses“Binding” a hard disk drive is the most common usage scenario
of the TPM. Where the content of a given hard disk drive is affixed with a
particular computing system.
The content of the hard disk drive is encrypted, and the decryption key is stored
away in the TPM chip. To ensure safe storage of the decryption key, it is further
“wrapped” with another encryption key. Another application of the TPM is
“sealing” a system’s state to a particular hardware and software configuration.
Sealing a computing system through TPM is used to deter any attempts to
tamper with a system’s configurations. Sealing a system is fairly
straightforward. The TPM generates hash values based on the system’s
configuration files and stores them in its memory. A sealed system will only be
activated once the TPM verifies the integrity of the system’s configuration by
comparing it with the original “sealing” value. TPM’s internal memory is
divided into two different segments: persistent (static) and versatile
(dynamic) memory modules:
● Persistent memory There are two kinds of keys present in the static memory:
Endorsement Key (EK) and Storage Root Key (SRK):
➢ The EK is a public/private key pair that is installed in the TPM at the time of
manufacture and cannot be modified. The private key is always present inside
the
TPM, while the public key is used to verify the authenticity o the TPM itself.
The EK, installed in TPM, is unique to that TPM and its platform.
➢ The SRK is the master wrapping key used to secure the keys stored in the
TPM.
● Versatile memory There are three kinds of keys (or values) present in the
versatile
memory: Attestation Identity Key (AIK), Platform Configuration Register
Hashes
(PCR), and storage keys:
➢ The AIK is used for the attestation of the TPM chip itself to service
providers. The AIK
is linked to the TPM’s identity at the time o development, which in turn is
linked to the TPM’s Endorsement Key. Therefore, the AIK ensures the integrity
of the EK.
➢ The PCR is used to store cryptographic hashes of data used for TPM’
“sealing” functionality.
➢ The storage keys are used to encrypt the storage media of the computer
system.
● Link Encryption vs EndtoEnd Encryption
➢ Link encryption 35 Encrypts all the data along a specific communication
path, as in a satellite link, T3 line, or telephone circuit. Not only is the user
information encrypted, but the header, trailers, addresses, and routing data that
are part of the packets are also encrypted. The only traffic not encrypted in this
technology is the data link control messaging information, which includes
instructions and parameters that the different link devices use to synchronize
communication methods. Sometimes called online encryption The router has to
decrypt the header to look at the routing portion and encrypt it again.
It occurs at the data link layer and physical layers. Because no part of the data is
available to an attacker, the attacker cannot learn basic information about how
data flows through the environment. This is referred to as trafficflow security.
● Advantages of link encryption include the following:
All data are encrypted, including headers, addresses, and routing information.
Users do not need to do anything to initiate it. It works at a lower layer in the
OSI
model.
● Disadvantages of link encryption include the following:
Key distribution and management are more complex because each hop device
must receive a key, and when the keys change, each must be updated.
Packets are decrypted at each hop; thus, more points of vulnerability exist.
➢ EndtoEnd
Encryption In endtoend encryption, the headers, addresses, routing, and trailer
information are not encrypted, enabling attackers to learn more about a captured
packet and where it is headed. Packets do not need to be decrypted and then
encrypted again at each hop because the headers and trailers are not encrypted.
● Advantages of endtoend
encryption include the following: It provides more flexibility to the user in
choosing what gets encrypted and how. Higher- granularity of functionality is
available because each application user can
choose specific configurations. Each hop device on the network does not need
to have a key to decrypt each packet.
● Disadvantages of endtoend encryption include the following:
Headers, addresses, and routing information are not encrypted, and therefore not
protected.
● In reality, encryption can happen at different layers of an operating system
and
network stack. The following are just a few examples:
Endtoend encryption happens within the applications.
SSL encryption takes place at the transport layer.
PPTP encryption takes place at the data link layer.
Link encryption takes place at the data link and physical layers.
36
● Email Standards Multipurpose
Internet Mail Extension
Multipurpose Internet Mail Extension (MIME) is a technical specification
indicating how multimedia data and email binary attachments are to be
transferred. The Internet has mail standards that dictate how mail is to be
formatted, encapsulated, transmitted, and opened. If a message or document
contains a binary attachment, MIME dictates how that portion of the message
should be handled. This specification has several types and subtypes, enables
different computers to exchange data in varying formats, and provides a
standardized way of presenting the data.
Secure MIME (S/MIME) is a standard for encrypting and digitally signing
electronic mail and for providing secure data transmissions. S/MIME extends
the MIME standard by allowing for the encryption of email and attachments.
The encryption and hashing algorithms can be specified by the user of the mail
package, instead of having it dictated to them. S/MIME follows the Public Key
Cryptography Standards (PKCS). S/MIME provides confidentiality through
encryption algorithms, integrity through hashing algorithms, authentication
through the use of X.509 public key certificates, and nonrepudiation through
cryptographically signed message digests. Pretty Good Privacy Pretty Good
Privacy (PGP) was designed by Phil Zimmerman as a freeware email security
program and was released in 1991.It was the first widespread public key
encryption program. PGP is a complete cryptosystem that uses cryptographic
protection to protect email and files. It can use RSA public key encryption for
key management and use IDEA symmetric cipher for bulk encryption of data,
although the user has the option of picking different types of algorithms for
these functions. PGP can provide confidentiality by using the IDEA encryption
algorithm, integrity by using the MD5 hashing algorithm, authentication by
using the public key certificates, and nonrepudiation by using
cryptographically signed messages. PGP uses its own type of digital certificates
rather than what is used in PKI, but they both have similar purposes.
The user’s private key is generated and encrypted when the application asks the
user to randomly type on her keyboard for a specific amount of time. Instead
of using passwords, PGP uses passphrases. The passphrase is used to encrypt
the user’s private key that is stored on her hard drive. PGP does not use a
hierarchy of CAs, or any type of formal trust certificates, but instead relies on a
“web of trust” in its key management approach. Each user generates and
distributes his or her public key, and users sign each other’s public keys, which
creates a community of users who trust each other. Each user keeps in a file,
referred to as a key ring, a collection of public keys he has received from other
users.
37 Each key in that ring has a parameter that indicates the level of trust assigned
to that user and the validity of that particular key.
Because the web of trust does not have a central leader, such as a CA, certain
standardized functionality is harder to accomplish. PGP is a public domain
software that uses public key cryptography. It has not been endorsed by the
NSA, but because it is a great product and free for individuals to use, it has
become somewhat of a de facto encryption standard on the Internet.
● Quantum Cryptography
In traditional cryptography, we try to make it very hard for an eavesdropper to
break an algorithm and uncover a key, but we cannot detect that an
eavesdropper is on the line. In quantum cryptography, however, not only is the
encryption very strong, but an eavesdropper can be detected.
In quantum cryptography, photon polarization is commonly used to represent
bits (1 or 0). Polarization is the orientation of electromagnetic waves, which is
what photons are. Photons are the particles that make up light. The polarizations
can be represented as vertical (|), horizontal (–), left (\), or right (/), and since we
only have two values in binary, there must be some overlap. At the quantum
level, even “looking” at an atom or a subatomic particle changes its
attributes.This
means that if there is an eavesdropper carrying out a passive attack, such as
sniffing, the receiver would know because just this simple act changes the
characteristics (polarization) of the photons.
● Internet Security
➢ HTTP
HTTP is a stateless protocol
HTTP works at the application layer
Sits on top of TCP\IP
➢ HTTPS
HTTP Secure (HTTPS) is HTTP running over SSL. (HTTP works at the
application layer, and SSL works at the transport layer.)
Secure Sockets Layer (SSL) uses public key encryption and provides data
encryption (Confidentiality), server authentication, message integrity, and
optional client authentication.
When the client goes from a public page on the web site to a secured page, the
web server will start the necessary tasks to invoke SSL and protect this type of
communication. The server sends a message back to the client, indicating a
secure session should be established, and the client in response sends its
security parameters. The server compares those security parameters to its own
until it finds a match. This is the handshaking phase.38 The server authenticates
to the client by sending it a digital certificate which includesthe site’s public
key, signed by the certificate authority’s private key. If the client decides to
trust the server, the process continues. The server can require the client to send
over a digital certificate for mutual authentication, but that is rare. The client
generates a session key and encrypts it with the server’s public key. This
encrypted key is sent to the web server, and they both use this symmetric key to
encrypt the data they send back and forth. This is how the secure channel is
established.
SSL is actually made up of two protocols: one works at the lower end of the
session layer, and the other works at the top of the transport layer. This is why
one resource will state that SSL works at the session layer and another resource
puts it in the transport layer. For the purposes of the CISSP exam, we’ll use the
latter definition: the SSL protocol works at the transport layer.
Since SSL is not an open protocol, its specifications and functionalities cannot
be
modified. So the open community and standardized version of SSL is Transport
Layer Security (TLS). The differences between SSL 3.0 and TLS are slight, but
TLS is more extensible and is backward compatible with SSL.
SSL and TLS are commonly used when data need to be encrypted while “in
transit,” which means as they are moving from one system to another system.
Data must also be encrypted while “at rest,” which is when the data are stored.
Encryption of data at rest can be accomplished by whole disk encryption, PGP,
or other types of software based encryption.
➢ Secure HTTP Though their names are very similar, there is a difference
between Secure HTTP (SHTTP) and HTTP Secure (HTTPS).
SHTTP is a technology that protects each message sent between two
computers,
while HTTPS protects the communication channel between two computers,
messages and all.
HTTPS
uses SSL/TLS and HTTP to provide a protected circuit between a client and
server. So, SHTTP is used if an individual message needs to be encrypted, but if
all information that passes between two computers must be encrypted, then
HTTPS is used, which is SSL over HTTP.
➢ Secure Electronic Transaction (SET) is a security technology proposed by
Visa and MasterCard to allow for more secure credit card transaction
possibilities than what is currently available.
SET is a cryptographic protocol and infrastructure developed to send encrypted
credit card numbers over the Internet. The following entities would be involved
with a SET transaction, which would require each of them to upgrade their
software, and possibly their hardware:
● Issuer (cardholder’s bank) The financial institution that provides a credit
card to the individual. 39
● Cardholder The individual authorized to use a credit card.
● Merchant The entity providing goods.
● Acquirer (merchant’s bank) The financial institution that processes
payment cards.
● Payment gateway This processes the merchant payment. It may be an
acquirer. To use SET, a user must enter her credit card number into her
electronic wallet software. This information is stored on the user’s hard drive or
on a smart card.
The software then creates a public key and a private key that are used
specifically for encrypting financial information before it is sent. When the user
starts to purchase it, he sends his encrypted credit card information to the
merchant’s web server. The Merchant does not decrypt the credit card
information, but instead digitally signs it and sends it on to its processing bank.
At the bank, the payment server decrypts the information, verified that the user
has the necessary funds, and transfers the funds from the user’s account to the
merchant’s account. Then
the payment server sends a message to the merchant telling it to finish the
transaction, and a receipt is sent to user and the merchant. This is basically a
very secure way of doing business over the Internet, but today everyone seems
to be happy enough with the security SSL provides. They do not feel motivated
enough to move to a different and more encompassing technology. The lack of
motivation comes from all of the changes that would need to take place to our
current processes and the amount of money these changes would require.
➢ Cookies Cookies are text files that a browser maintains on a user’s hard drive
or memory segment. Cookies have different uses, and some are used for
demographic and advertising information.
The servers at the web site determine how cookies are actually used. When a
user
adds items to his shopping cart on a site, such data are usually added to a cookie
Then, when the user is ready to check out and pay for his items, all the data in
this specific cookie are extracted and the totals are added. Some cookies are
stored as text files on your hard drive. These files should not contain any
sensitive information, such as account numbers and passwords. In most cases,
cookies that contain sensitive information stay resident in memory and are not
stored on the hard drive The cookies that contain sensitive information should
be encrypted by the server at the site that distributes them, but this does not
always happen, and a nosey attacker could find this data on the user’s hard drive
and attempt to use it for mischievous activity.
➢ Internet Protocol Security (IPsec) The Internet Protocol Security (IPSec)
protocol suite provides a method of setting up a
secure channel for protected data exchange between two devices. 40 IPSec
uses two basic security protocols: Authentication Header (AH) and
Encapsulating Security Payload (ESP). AH is the authenticating protocol
ESP is an authenticating and encrypting protocol that uses cryptographic
mechanisms to provide source authentication, confidentiality, and message
integrity. IPSec can work in one of two modes: Transport mode, in which the
payload of the message is protected. transport mode encrypts the actual message
information so it cannot be sniffed and uncovered by an unauthorized entity.
Tunnel mode, in which the payload and the routing and header information are
protected. Tunnel mode provides a higher level of protection by also protecting
the header and trailer data an attacker may find useful. Each device will have at
least one security association (SA) for each secure connection it uses. The SA,
which is critical to the IPSec architecture, is a record of the configurations the
device needs to support an IPSec connection. The SA can contain the
authentication and encryption keys, the agreed upon algorithms, the key
lifetime, and the source IP address. SAs are directional, so a device will have
one SA for outbound traffic and a different SA for inbound traffic for each
individual communication channel. Each device has an SPI (security
parameter index) that keeps track of the different SAs and tells the device
which one is appropriate to invoke for the different packets it receives. The SPI
value is in the header of an IPSec packet, and the device reads this value to tell
it which SA to consult. IPsec can authenticate the sending devices of the pact by
using MAC. AH provides authentication and integrity, and ESP can provide
those two functions and confidentiality. In most cases, the reason why to use
AH has to do with whether the environment is using a NAT. IPSec will generate
an integrity check value (ICV), which is really the same thing as a MAC value,
over a portion of a packet.
The receiver compares her ICV value with the one sent by the sender. If both
values match, the receiver can be assured the packet has not been modified
during
transmission. The AH protocol calculates this ICV over the data payload,
transport, and network headers. If the packet then goes through a NAT device,
the NAT device changes the IP address of the packet. This means a portion of
the data (Network header) that was included to calculate the ICV value has now
changed, and the receiver will generate an ICV value that is different from the
one sent with the packet, which means the packet will be discarded
automatically.
The ESP protocol follows similar steps, except it does not include the network
header portion when calculating its ICV value. When the NAT device changes
the IP address, 41 it will not affect the receiver’s ICV value because it does not
include the network header when calculating the ICV. The de facto standard for
IPSec is to use Internet Key Exchange (IKE), which is a combination of the
ISAKMP and OAKLEY protocols.
The Internet Security Association and Key Management Protocol
(ISAKMP) is a key exchange architecture that is independent of the type of
keying mechanisms used. Basically, ISAKMP provides the framework of what
can be negotiated to set up an IPSec connection (algorithms, protocols, modes,
keys).
The OAKLEY protocol is the one that carries out the negotiation process. You
can think of ISAKMP as providing the playing field (the infrastructure) and
OAKLEY as the guy running up and down the playing field (carrying out the
steps of the negotiation). Simple Key Management Protocol for IP (SKIP) is
another key exchange protocol that provides basically the same functionality as
IKE. It is important to know that all of these protocols work at the network
layer.
● Attacks CiphertextOnly Attacks
In this type of attack, the attacker has the ciphertext of several messages.
Each of the messages has been encrypted using the same encryption algorithm.
The attacker’s goal is to discover the key used in the encryption process. Once
the attacker figures out the key, she can decrypt all other messages encrypted
with the same key. A cipher textonly attack is the most common type of active
attack because it is very easy to get ciphertext by sniffing someone’s traffic, but
it is the hardest attack to actually be successful at because the attacker has so
little information about the encryption process.
Known Plaintext Attacks In known plaintext attacks, the attacker has the
plaintext and corresponding ciphertext of one or more messages. Again, the
goal is to discover the key used to encrypt the messages so other messages can
be deciphered and read.
Chosen Plaintext Attacks and Adaptive Chosen Plaintext Attacks In chosen
plaintext attacks, the attacker has the plaintext and ciphertext, but can choose
the plaintext that gets encrypted to see the corresponding ciphertext. This gives
her more power and possibly a deeper understanding of the way the encryption
process works so she can gather more information about the key being used.
Once the key is discovered, other messages encrypted with that key can be
decrypted.
Chosen Ciphertext Attacks and Adaptive Chosen Ciphertext Attacks In
Chosen ciphertext attacks, the attacker can choose the ciphertext to be decrypted
and has access to the resulting decrypted plaintext. Again, the goal is to figure
out the key. This is a harder attack to carry out compared to the previously
mentioned attacks, and the attacker may need to have control of the system that
contains the
cryptosystem. Differential Cryptanalysis 42 This type of attack also has the
goal of uncovering the key that was used for encryption purposes. This attack
looks at ciphertext pairs generated by encryption of plaintext pairs with specific
differences and analyzes the effect and result of those differences.
Linear Cryptanalysis Linear cryptanalysis is another type of attack that carries
out functions to identify the highest probability of a specific key employed
during the encryption process using a block algorithm. The attacker carries out a
known plaintext attack on several different messages encrypted with the same
key. The more messages the attacker can use and put through this type of attack,
the higher the confidence level in the probability of a specific key value.
Side Channel Attacks
Side channel attacks use physical data to break a cryptosystem, such as
monitoring CPU cycles or power consumption used while encrypting or
decrypting.
Replay Attacks
A big concern in distributed environments is the replay attack, in which an
attacker captures some type of data and resubmits it with the hopes of fooling
the receiving device into thinking it is legitimate information. Many times, the
data captured and resubmitted are authentication information, and the attacker is
trying to authenticate herself as someone else to gain unauthorized access.
Timestamps and sequence numbers are two countermeasures to replay attacks.
Algebraic Attacks
Algebraic attacks analyze the vulnerabilities in the mathematics used within the
algorithm and exploit the intrinsic algebraic structure. For instance, attacks on
the
“textbook” version of the RSA cryptosystem exploit properties of the algorithm,
such as the fact that the encryption of a raw “0” message is “0.”
Analytic Attacks
Analytic attacks identify algorithm structural weaknesses or flaws, as opposed
to brute force attacks, which simply exhaust all possibilities without respect to
the specific properties of the algorithm. Examples include the Double DES
attack and RSA factoring attack.
Statistical attacks
Statistical attacks identify statistical weaknesses in algorithm design for
exploitation—for example, if statistical patterns are identified, as in the number
of zeros compared to the number of ones. For instance, a random number
generator (RNG) may be biased. If keys are taken directly from the output of
the RNG, then the distribution of keys would also be biased. The statistical
knowledge about the bias could be used to reduce the search time for the keys.
Social Engineering Attacks
They are nontechnical attacks that are carried out on people with the goal of
tricking them into divulging some type of sensitive information that can be used
by the attacker.
Meet in the Middle Attacks
This term refers to a mathematical analysis used to try and break a math
problem from both ends. It is a technique that works on the forward mapping of
a function and the inverse of the second function at the same time. The attack
works by encrypting from one end and decrypting from the other end, thus
meeting in the middle.
Known Key The term known key attack is misleading. If the cryptanalyst
knows the key, the attack is over. Known key means the cryptanalyst knows
something about the key, to reduce the efforts used to attack it. If the
cryptanalyst knows that the key is an uppercase letter and a number only, other
characters may be omitted in the attack.
44

Chapter 10: Physical Security Requirements

My key takeaways and crucial points
Apply Security Principles to Site and Facility Design

● Secure facility plan - Outlines the security needs of your

organization and emphasizes methods or mechanisms to employ to
provide security
● Critical path analysis - Identifying relationships between mission-
critical applications, processes, and operations
● Technology convergence - The tendency for various
technologies, solutions, utilities, and systems to evolve and merge
over time

Site Selection
 ● Visibility - Where are the closest emergency services located? Are
there unique hazards? Locations of security cameras.
● Natural disasters
● Facilities design - Crime Prevention through Environmental Design
(CPTED)

Implement Site and Facility Security Controls

● Administrative physical security controls - Include facility

construction and selection, personnel controls, awareness training,
emergency response
● Technical physical security controls - Include access controls,
intrusion detection, alarms, monitoring, heating, ventilation, HVAC,
power supplies, fire detection and suppression
● Physical physical security controls - Includes fences, lighting,
locks, mantraps, dogs, guards
● Functional order controls should be used:
1. Deterrence - Boundary restrictions
2. Denial - Locked vault doors
3. Detection - Using motion detectors
4. Delay - Cable lock on a laptop

Equipment failure

● Service level agreements (SLA) - Defines vendor response time

● Mean time to failure (MTTF) - Expected typical functional lifetime of
the device
● Mean time to repair (MTTR) - The average length of time required to
perform a repair
● Mean time between failures (MTBF) - Estimation of the time between
the first and any subsequent failures

Wiring Closets

● An element of cable plant management policy

● Entrance facility - aka demarcation point, where the cable enters
the building
● Equipment room - Main wiring closet
 ● Backbone distribution system - Between equipment room and
telecommunication rooms
● Telecommunications room - Serves the connection needs of a
floor or a section of a large building
● Horizontal distribution system - Between the telecommunication
room and work areas

Server Room

● The more human incompatible a server room is, the more protection
it offers against casual and determined attacks
● Walls should have one-hour minimum fire rating
● Datacenter could be a single tenant or multitenant
● Smartcards - Credit-card-sized, IDs, badges, security passes with
an embedded magnetic strip, bar code, or integrated circuit chip
● Memory cards - Machine-readable ID cards with a magnetic strip
● Proximity reader - Passive device, a field-powered device, or a
transponder
● Passive device - Like antitheft devices found in DVDs
● Intrusion detection system - Systems designed to detect a
breach or attack
● Masquerading - Using someone else’s security ID to gain entry into
facilities
● Piggybacking - Following someone through a secured gate or
doorway without being identified or authorized personally
● Emanation - Electromagnetic signals or radiation that can be
intercepted by unauthorized individuals
● Faraday cage - An area designed with an external metal skin that
surrounds the area on all sides and blocks electromagnetic
interference (EMI)
● White noise - Random sounds, signal, or process that can drown
out meaningful information
● Control zone - is an implementation of a Faraday cage or white
noise generator or both to protect a specific area

Media storage facilities

 ● Data remnants - The remaining data elements left on a storage
device after a standard deletion or formatting
● Have a librarian or custodian
● Implement drive sanitization or zeroization
● Verify data integrity with hash-based integrity checks
● Limit storage access, especially to evidence

Restricted and work area security

● Shoulder surfing - Gathering information from a system by

observing the monitor or the use of the keyboard by the operator
● Sensitive Compartmented Information Facility (SCIF)

Utilities and HVAC Considerations

● Uninterruptible power supply - UPS. A type of self-charging

battery that can be used to supply consistent clean power
● Line interactive UPS have surge protectors, voltage regulators
● Fault - Momentary loss of power
● Blackout - A complete loss of power
● Sag - Momentary low voltage
● Brownout - Prolonged low voltage
● Spike - Momentary high voltage
● Surge - Prolonged high voltage
● Inrush - Initial surge of power associated with connecting to a
power source
● Noise - A steady interfering power disturbance or fluctuation
o EMI - electromagnetic interference has two types
o Common mode noise is generated by a difference in
power between the hot and ground wires
o Traverse mode noise is generated by a difference in
power between the hot and neutral wires
o Radio frequency interference - RFI, electrical appliances
generate RFI like fluorescent lights
● Transient - A short duration of line noise
● Clean - Nonfluctuating pure power
● Ground - The wire in an electrical circuit that is grounded
Temperature, Humidity, and Static

● Humidity in a computer room should be maintained between 40-

60%
● 1500 volts causes destruction of data stored on hard drives

Water Issues (e.g., Leakage, Flooding)

● Water and electricity don’t mix

This is seriously the only thing I have highlighted in this
three paragraph section of the book
Fire Prevention, Detection, and Suppression

● Protecting personnel from harm should always be the

most important goal of any security or protection
system
● Fire extinguisher classes
Class Type
A Common combustibles
B Liquids
C Electrical
D Metal
K Kitchen (for grease fires, like B)
● Fixed temperature detection - Triggers suppression when a
specific temperature is reached
● Rate of rise detection - Triggers detection if a temperature
increases at a specific speed
● Flame actuated system - Triggers suppression based on infrared
energy of flames
● Smoke actuated system - Uses photoelectric or radioactive
ionization sensors
● Water suppression systems
o Wet pipe - Always full of water
o Dry pipe - Air escapes opening a water valve
o Deluge - A form of dry pipe that uses larger pipes
o Preaction - Combination of dry and wet pipe, system is dry
until initial stages of fire when pipes are filled with water. Water
 is only released after sprinkler head activation triggers are
melted by heat.
o Most appropriate water-based system for environments
with both humans and computers
● Water system failures are most often caused by human error
● Gas discharge systems
o More effective than water discharge, but shouldn’t be used
where people are located
o They deploy halon (not since it was banned), Co2, or FM-200
(halon replacement)

Implement and Manage Physical Security

● Fences 3-4 feet high deter casual trespassers

● Fences 6-7 feet high discourage most intruders except determined
ones
● Fences 8 feet or more high with three strands of barbed wire deter
even determined intruders
● Gates - Controlled exit and entry points in a fence
● Turnstile - Restricts movement in one direction
● Mantrap - A double set of doors that is often protected by a guard
● Perimeter protection needs lights with 2 foot-candles of power
● If a lighted area is 40 feet in diameter, poles should be 40 feet apart
o 5 feet apart in parkades
● You need to be able to handle visitors
● Lock - A crude form of identification and authorization mechanism
● Electronic access control lock - Has an electromagnet to keep
the door locked, a credential reader for authentication, and a sensor
to reengage the electromagnet when the door is closed
● Local alarm systems - Must broadcast an audible alarm heard up
to 400 feet away (up to 120 decibel)
● Central station system - Usually silent locally, but offsite
monitoring agents are notified
● Auxiliary station - Emergency services are notified
● Closed circuit TV is not an automated detection and response
system, it needs people watching it
● Human safety is always the most important factor
 ● Privacy means protecting personal information from discloser - NIST
800-122, GDPR
o You are usually obliged to have physical security controls
o *****
******************************************************************
Diffie-Hellman key agreement protocol Key agreement allows two parties the security with
which to agree on a symmetric key via a public channel, such as the Internet, with no prior
key exchange. An attacker who is able to sniff the entire conversation is unable to derive
the exchanged key. Whitfield Diffie and Martin Hellman created the Diffie-Hellman Key
Agreement Protocol (also called the Diffie-Hellman Key Exchange) in 1976. Diffie-Hellman
uses discrete logarithms to provide security.

Elliptic curve cryptography ECC leverages a one-way function that uses discrete
logarithms as applied to elliptic curves. Solving this problem is harder than solving discrete
logarithms, so algorithms based on elliptic curve cryptography (ECC) are much stronger per
bit than systems using discrete logarithms (and also stronger than factoring prime
numbers). ECC requires less computational resources because it uses shorter keys
comparison to other asymmetric methods. Lower-power devices often use ECC for this
reason

PUBLIC KEY INFRASTRUCTURE Public Key Infrastructure (PKI) leverages all three forms of encryption
to provide and manage digital certificates. A digital certificate is a public key signed with a digital
signature. Digital certificates may be server-based or client-based. If client and server certificates are
used together, they provide mutual authentication and encryption. The standard digital certificate
format is X.509. Certificate authorities and organizational registration authorities Digital certificates
are issued by certificate authorities (CAs). Organizational registration authorities (ORAs) authenticate
the identity of a certificate holder before issuing a certificate to them. An organization may operate
as a CA or ORA (or both). Certificate revocation lists The CAs maintain certificate revocation lists
(CRL), which, as the name implies, is a list of revoked certificates. A certificate may be revoked if the
private key has been stolen, an employee is terminated, etc. A CRL is a flat file and does not scale
well.

The Online Certificate Status Protocol (OCSP) is a replacement for CRLs and uses client-server design
that scales better. Key management issues CAs issue digital certificates and distribute them to
certificate holders. The confidentiality and integrity of the holder’s private key must be assured
during the distribution process. Public/private key pairs used in PKI should be stored centrally and
securely. Users may lose their private key as easily as they may forget their password. A lost private
key means that anything encrypted with the matching public key will be lost, short of cryptanalysis,
as described previously.
Note that key storage is different than key escrow. Key storage means the organization that issued
the public/private key pairs retains a copy. Key escrow means a copy is retained by a third-party
organization (and sometimes multiple organizations), often for law enforcement purposes. A retired
key may not be used for new transactions, but one may be used to decrypt previously encrypted
plaintexts. A destroyed key no longer exists and therefore cannot be used for any purpose.

IPsec Internet Protocol Security (IPsec) is a suite of protocols that provide a cryptographic layer to
both IPv4 and IPv6. It is one of the methods used to provide virtual private networks (VPN), which
allow you to send private data over an insecure network, such as the Internet; the data crosses a
public network, but is “virtually private.” IPsec includes two primary protocols: Authentication
Header (AH) and Encapsulating Security Payload (ESP). AH and ESP provide different and sometimes
overlapping functionality. Supporting IPsec protocols include Internet Security Association and Key
Management Protocol (ISAKMP) and Internet Key Exchange (IKE). AH and ESP Authentication header
(AH) provides authentication and integrity for each packet of network data. AH provides no
confidentiality; it acts as a digital signature for the data. AH also protects against replay attacks,
where data is sniffed off a network and resent, often in an attempt to fraudulently reuse encrypted
authentication credentials. ESP primarily provides confidentiality by encrypting packet data. It may
also optionally provide authentication and integrity. Security association and ISAKMP AH and ESP
may be used separately or in combination. An IPsec Security Association (SA) is a simplex (one-way)
connection that may be used to negotiate ESP or AH parameters. If two systems communicate via
ESP, they use two SAs, one for each direction. If the systems leverage AH in addition to ESP, they use
two more SAs for a total of four. A unique 32-bit number called the security parameter index (SPI)
identifies each simplex SA connection. The internet security association and key management
protocol (ISAKMP) manages the SA creation process. Tunnel and transport mode IPsec is used in
tunnel mode or transport mode. Security gateways use tunnel mode because they can provide
point-to-point IPsec tunnels. ESP tunnel mode encrypts the entire packet, including the original
packet headers. ESP transport mode only encrypts the data, not the original headers; this is
commonly used when the sending and receiving system can “speak” IPsec natively