CISSP Week 18
Transcript of CISSP Week 18
StaridLabs
Cryptography IIDomain 5 Pages 790-821Official CISSP CBK Third Edition
Jem JensenStaridLabs
A Quick Recap
Converting plaintext into ciphertext through transpositions or substitutions
Spartan Scytale Wrap message (written on a belt/strap) around a stick to decipher
Caesar cipher shift the whole alphabet
Nazi Enigma machines
Key used to encrypt/decrypt the plaintext
Substitution Ciphers
Replaces a letter for a letter
Like in the newspaper!
Examples:Caesar cipher
Decoder ring
Playfair Cipher
Used through WW2
Pre-shared keyword (Ex: CRYPTO)
Keyword is fed into a table, followed by the remaining alphabetMerge I&J
CRYPT
OABDE
FGHI/JK
LMNQS
UVWXZ
Playfair Cipher
Break apart plaintext into pairsSprinkle filler characters (Ex: K)
WE AR EK ST AR IK DL AK BS
Playfair Cipher
Draw a box between the 2 letters in the pairIf the box is larger than 1xn, swap letters with the other 2 corners (Ex: WE = BZ)
If the box is only 1 row thick, use the next letter in line (Ex: AR=RV)
CRYPT
OABDE
FGHI/JK
LMNQS
UVWXZ
Transposition Cipher
Change the order of letters
Like pig latin!Move first letter of a word to the end
Add an a sound at the end
Et-gay ti-ay?
Rail Fence
Like writing the message on a fence then tilting the posts to the side
Draw a box with 2+ columns thick
Enter the text in a zig-zag fashion
Read the text across the columns for encrypted version (Ex: gvecslirmaieahodeael)
Susceptible to frequency analysis
A quick side note
Frequency analysisE, T, A, & O are the most common letters in English words
Z, Q, & X are the least used
If you know a message is in English and you see a lot of E, T, A & Os or very few Z, Q, or X you know it's a transposition cipher and can probably start guessing some letters correctly
Rectangular Substitution Table
Sender and receiver agree on table dimensions and the order to read the message (Ex: 4x4 table, read top to bottom, left to right)
= WERAESIBATDSRAL
Also susceptible to frequency analysis
WEAR
ESTA
RIDL
ABS
Monoalphabetic Cipher
Like a Caesar cipher except we scramble the alphabet instead of
shifting itCAESAR
MONO
Ex: In the above Caesar, FEED=IHHG
In the above Mono, FEED=IWWU
ABCDEF......YZ
MGPUWI......TK
ABCDEF......YZ
DEFGHI......BC
Polyalphabetic Cipher
Like a monoalphabetic except we add more rows of scrambled
alphabets
POLY
Ex: In the Mono, FEED=IWWU
In the above Poly, FEED=IXWC
ABCDEF......YZ
MGPUWI......TK
NBVCXZ......FW
Blaise De Vigenre
Transposition table
Blaise De Vigenre
Sender/receiver have a pre-shared keyword
Locate the intersection of the keyword with the plaintext for
the cipher equivalentExample
Keyword: CABBAGE
Plaintext: FEEDBOB
Ciphertext: HEFEBUF
Modular Mathematics
Modulus/Modulo OperationThe remainder after dividing a number by
nExample
5 mod 2 : 5/2 : 3/2 = 1
4 mod 2 : 4/2 : 4/2 = 0
Running Key Cipher
Since there are 26 letters in the alphabet, we'll use mod
26Ciphertext = (plaintext + key) mod 26
C = P + K (mod 26)
Example:
Plaintext: E (or 4) C = (4 + 22) mod 26 = 0
Key: W (or 22) Ciphertext: A
ABCDEF......YZ
012345......2425
Running Key Cipher
To translate CHEEK using the key of FEED:
The longer the key, the better, since there's less repetition
PtxtCHEEK
KeyFEEDF
n(P)274410
n(K)54435
n(C)7118715
CtxtHLIHP
One-time Pads
Gilbert Vernam asserted that a cipher key as long as the plaintext (that doesn't repeat) should be unbreakable
Requires a sender and receiver to exchange the long key beforehand (ex: book ciphers)
Ideally the key is randomly chosen values like letters, numbers, Geiger counter readings
One-time Pads
Key of ksosdfshepwlqz
The key could be longer than the plaintext
PtxtDONOT
KeyKSOSD
n(P)314131419
n(K)101814183
n(C)133227622
CtxtNBGWS
A step back
So what have we learned?
Crypto can provide integrity controlsIf the message was altered by a modification or error, it won't decrypt
Some degree of authenticationOnly the people who have the key should be able to use it. If we only share the key with one person, we can know it's them
Symmetric Cryptography
The sender and receiver use a single shared key for encryption/decryption
Key management is the biggest problemWe can't send the keys over the same channel we're trying to encrypt!
Send the key via out-of-band distribution (ex: fax, mailing a CD, calling on the phone)
Symmetric Cryptography
Fast, secure cheap
Doesn't provide non-reputiation
Limited message integrity and access controlWe can tell the message changed and it requires the key in order to be read
Physical example:10 people have a key to the server room. Who entered at 11pm? We only know it was one of the 10
Examples of Symmetric Algorithms
Caesar Cipher
Spartan Scytale
Enigma Machines
DES
Data Encryption StandardHarst Feistal
Take input block, divide it in half, and XOR several timesEach XOR is called a round
Became gov't standard in 1977
Repaced by AES
Block Cipher Modes
ECB Electronic Codebook ModeEssentially a digital representation of a codebook. Feed in plaintext and it outputs the ciphertext using a table
Useful for very short messages to reduce repeating (64-bit)
CBC Cipher Block Chaining ModeUses an IV and chaining function so that subsequent output will be different even if the input was identical
Initial input block is XORed with the randomly chosen IV
Output if then XORed with next input
Block Cipher Modes
CFB Cipher Feedback ModeInput broken into segments (usually 8 bit)
Segments are XORed with a random IV
Previous segment is XORed with the next segment
Drawback if a bit is corrupted, everything after will be too
OFB Output Feedback ModeLike CFB but uses encrypted keystream instead of ciphertext so that one corruption won't affect future encryption
Can also generate keystream ahead of time for future use
CTR Counter ModeLike OFB but increments a counter for keystream
Allows for out-of-order processing
Pros/Cons of DES
Fast
Breaking DES was unrealistic back in the day
Susceptible to brute-forcing since key is only 56 bits long
Double DES
Since brute forcing if our main method of attack... let's just double the key!
Done by running DES over DES with diff keys
Yo dawg! I heard you like DES so I DESed your DES so you can DES while you DES!
Double DES
Meet in the middle attackDouble DES had hoped that their key doubling would result in an attack taking exponentially longer
Can still brute forceJust takes twice as long
Step 1: Encrypt plaintext with all possible keys
Step 2: Decrypt using all possible keys
Triple DES (3DES)
Third time's the charm!
Eliminates meet in the middle attack
I don't know many more times can I DES the DES with a DES...
AES
Beat out 3DES in terms of:Security
Speed
Larger block size
Rijndael algorithm
CCMP
Counter mode cipher block chaining message authentication code protocolAES with 128 bit key
48 bit IVPrevents replay attacks
CTR counterProvides data privacy
MIC message integrity check code
Used in 802.11i standard
Algorithms
RijndaelSubstitute bytes (s-box substitution)
shift rows (transposition)
mix columns (substitution)
add round key (XOR with this round's key)
IDEA (1991)8 rounds of transposition and substitution
CAST (1996)48 rounds
Algorithms
SAFERPatent-free, 64 or 128 bit
Used in bluetooth
BlowfishExtremely fast and memory efficient
Slow to regenerate keys
Currently unreakable
Twofish
Algorithms
RC5RSA algorithm
Very adaptable 4 modes of operation
RC4 (1987)Stream cipher
Varying length keys
Pros/Cons of Symmetric Algorithms
Very fast, secure
Can be implemented in hardware and software
Key management can be difficultCan be challenges with distributing the keys
Manage additional out of bound channel
Can't provide non-reputiation
Next Week:Asymmetric Algorithms!