Asymmetric Key Algorithms

Cryptography is used to provide confidentiality and integrity, two of the tenets of the CIA triad. It employs encryption to make data unreadable by transforming it into ciphertext. In addition, cryptography is used to provide assurance of a message's author, source authentication, and delivery proof. This lesson discusses cryptography techniques and implementations used to secure data in the enterprise.

Source: Dominique Hubbard, https://www.edjet.com/scorm-content/edjet-prod-uploads/1bbb6bd2940fd96497953e96a7011e315c141cf3/771aacefbe2ed9e16b17173a36b691df/story_content/WebObjects/6MLNkf2prXH/lesson03/index.html
This work is licensed under a Creative Commons Attribution 3.0 License.

Cryptography is the enciphering and deciphering of data using various algorithms, and it is a tool that is used to increase the security of a system. The concept of cryptography has been around for a long time and has continued to evolve over thousands of years. One of the first forms of cryptography was used by Julius Creaser, and it is commonly known as the Creaser cipher which was a simple substitution cipher. Modern day cryptography, however, requires much more complicated algorithms in order to serve the purpose of data integrity.

Watch the video, Encryption Part I: Introduction to Encryption 1 (12:15), for an explanation on what encryption is and how it works.

This is one the simplest security schemes due to the fact that it requires both the sender and the receiver require access to a shared key which is used for both encryption and decryption of the message. Review the following advantages and disadvantages of symmetric key encryption.

With symmetric algorithms, the challenge is making sure that the encryption key remains secure. Users must find a secure method for exchanging the key. There is a special type of symmetric key referred to as a session key that is used to encrypt messages between two users during one communication session.

Examples of Symmetric Algorithms

3DES (Triple DES): Digital Encryption Standard (DES) is a symmetric block cipher with 64-bit block size that uses a 56-bit key. It takes a 64-bit block of plaintext as input and outputs a 64-bit block of ciphertext. It always operates on blocks of equal size and it uses both permutations and substitutions in the algorithm.

A stream cipher inputs digits or bits and encrypts the stream of data. Stream ciphers combine a plain text bit with a pseudorandom cipher bit through an XOR operation. An XOR operation is a bitwise operation that takes two bit patterns that are an equal length and performs the logical exclusive OR operation on each pair. The result of the pair is a 1 if only the first bit is 1 or only the second bit is a 1. The result is 0 if both are 0 or both are 1. Stream ciphers are used in hardware implementations.

DES has four modes of operation:

1. Electronic codebook (ECB) mode: the default mode of encryption. If the last block is not fully 64 bits, padding is added.
2. Cipher block chaining (CBC) mode: If the last block is not fully 64 bits, CBC inserts some of the cipher text created from the previous block into the next one.
3. Output feedback (OFB) mode: Uses plain text to feed back into the stream of cipher text, an initialization vector is used to create a seed value for the first encrypted block, and DES XORs the plain text with the seed value and applies it to subsequent data.
4. Cipher feedback (CFB) mode: previously generated cipher text is added to subsequent streams.

Triple DES encrypts data three times and uses a different key for at least one of the three passes giving it a cumulative key size of 112-168 bits. 3DES is resistant to attack, but it is much slower than DES.

3DES Encryption Cycle:

1. Data encrypted by first DES
2. Data decrypted by second DES
3. Data re-encrypted by third DES

The reverse process is used to decrypt the ciphertext.

IDEA: The International Data Encryption Algorithm (IDEA) uses 64-bit blocks and 128-bit keys. IDEA performs eight rounds of transformations on each of the 16 blocks that results from dividing each 64-bit block. It was created in order to replace DES and is now used in PGP (Pretty Good Privacy). PGP is a program that provides privacy and authentication for data communication. GNU Privacy Guard (GPG) is a licensed, free version of PGP.

AES: The Advanced Encryption Standard AES) has a fixed block size of 128-bits but has an infinite key limit with common lengths of 128,163, and 259. The Advanced Encryption Standard algorithm approved by NIST in December 2001 uses 128-bit blocks. The cipher currently supports key lengths of 128, 192, and 256 bits. AES is the required algorithm for sensitive but unclassified U.S. government data.

Other block ciphers include Skipjack, developed by the NSA and Blowfish, one of the few algorithms that have not been patented, Twofish, RC4/RC5/RC6, and CAST.

In the following example, Bob and Barbara need to exchange a message using symmetric key encryption. In this case, Bob will encrypt the plaintext message using a key. Barbara will need to use the same key to decrypt the cipher text.

Figure 1 – Symmetric Key Encryption flow

Unlike symmetric encryption methods, asymmetric encryption methods use two separate keys for the encryption and decryption process. Asymmetric encryption is also referred to as public key encryption. A public key is used during the encryption process to encrypt the plaintext message and a private key is used during the decryption process to decrypt ciphertext.

Watch the video, Encryption Part I: Introduction to Encryption 2 (6:23) which discusses asymmetric encryption and hashing.

If Alice wants to send a message that only Bob can read, Alice will use Bob's public key to encrypt the message. The only way the message can be decrypted is when Bob uses his private key.

Figure 2 – Asymmetric encryption

The most popular asymmetric algorithm is RSA which can provide key exchange, encryption, and digital signatures. The strength of this algorithm lies in the difficulty of calculating the prime factors of very large numbers. Other asymmetric algorithms include ElGamal, ECC, and Knapsack. Read the article, Asymmetric Encryption Algorithms, Diffie-Hellman, RSA, ECC, ElGamal, DSA, for a comparison of these algorithms.

If the public and private keys used in secure communications are compromised, the data exchanged in that session as well as previously exchanged data may be revealed. Perfect Forward Secrecy (PFS) ensures that a session key will not be compromised if a private key is compromised in the future. For example, IPsec negotiates new keys for every communication. Using IPsec, the compromise of a single key permits access to only the data protected by the single key.

The video, Twitter Toughens Security Against NSA Snooping (1:34), explains the implementation of forward secrecy on Twitter to encrypt its traffic on a session-by-session basis.

Hashing is the use of a hash function to create a message digest or checksum. The message digest or checksum created is used in order to validate the integrity of a message or file upon delivery. A hash function is a mathematical algorithm that performs one way operations on the data. This means that once a message or file has been put through a hashing algorithm there is no way to discover the original data with just the message digest or checksum

A hash value is a number generated from a string of characters. The hash is substantially smaller than the text itself, and is generated by an algorithm. It is extremely unlikely that some other text will produce the same hash value. The use of hashes plays a role in security systems to ensure that transmitted messages have not been modified or tampered with. Normally the sending system or user generates a hash of the message, then encrypts the message and sends it with the message itself. The receiving system must decrypt both the message and the hash. The hash is extracted from the received message, and the two hashes are compared. If the hash message digest is the same, the receiver can be confident that the message was transmitted intact.

Hash-based message authentication code (HMAC) is a system/process for calculating message authentication codes using a cryptographic hash function coupled with a secret key. HMAC can be used to verify both the integrity and authenticity of a message. What makes HMAC more secure than Message Authentication Code (MAC) is that the key and the message are hashed in separate steps. The video, 5 – 1 – Message Authentication Codes-Cryptography (15:15), discusses the concept of providing message integrity through implementing message authentication codes.

Hashing Vulnerabilities

There are two major vulnerabilities that occur with hashing. Collision is when two different items have matching checksums after a hash function is used. SHA is a popular algorithm chosen due to the fact that it is less likely to produce collisions. The other vulnerability occurs when hashing comes from the use of rainbow tables. Rainbow tables are precompiled tables that contain hash values matched to plaintext. The most common use of rainbow tables is in cracking passwords. In order to prevent people from using rainbow tables to crack password, salt can be added to the password.

In encryption and hashing, a salt is random data that is added to the input of a one-way function (hash). The primary function of salting is to defend against dictionary attacks versus a list of password hashes and against pre-computed rainbow table attacks. A new salt is randomly generated for each hash generated. In a typical setting, the salt and the hash key are concatenated into the hash function.

Figure 4 – Adding salt to the hash function

Hashes are used to create pseudorandom numbers which can be used as a salt when hashing passwords for storage.

Random numbers are difficult to produce in computer systems since the numbers are usually generated by an algorithm. Pseudorandom numbers are generated by using random input variables such as keystrokes, voltage, and other varying information, and if they appear to be statistically random, then they are accepted as being random. A common hardware solution using pseudorandom number generation is the Trusted Platform Module chip which securely stores cryptographic keys used by the system.

Key stretching, or key strengthening, uses cryptography to make a weak key stronger by increasing the time that it takes to test each possible key. An algorithm is applied to the original key to produce an enhanced key. Key stretching provides a key of at least 128 bits.

Key stretching slows down an attacker because the attacker has to compute the stretching function for every guess in the attack. PGP, WPA, and WPA2 all use key stretching.

Watch the video, Encryption Part I: Introduction to Encryption 3 (8:23), which discusses the implementation of various forms of secure encryption.

A digital signature is a hash value encrypted with the sender's private key. The receiver can decrypt the hash value with the sender's public key providing authentication, non-repudiation, and integrity. The receiver is assured that the message had indeed come from the sender. Read How digital signatures work for more information on the components involved.

Since the sender of data is provided with proof of delivery and the recipient is assured of the sender's identity, digital signatures provide non-repudiation.

Code signing is used by software manufacturers as a way to ensure that the code is legitimate. This means then when the OS is updated on a computer, the digital signature of the update is checked to ensure that the update is from the manufacturer. Another popular example of code signing is the downloading of iPhone apps from the App store.

In the previous section, the use of public keys in symmetric and asymmetric cryptographic systems was discussed. One of the issues with using public keys is validating their integrity. Digital certificates can be used when passing public keys between two separate entities which can be people, hardware, software, or a department. Digital certificates have become the standard mode of public key transmission because it contains information about the user of the key. With the information gained by using digital certificates, a public key infrastructure (PKI) can be established which can perform various functions that make disturbing keys and maintaining their integrity easier. PKI vendors provide methods to make this process easier.

The video, What are certificates (15:10), discusses what a digital certificate is and how a certificate works to secure communication.

The primary elements of PKI are Certificate Authority, Digital Certificates, Policies, Certificate Management and Registration Authority as illustrated in Figure 5.

Figure 5 – The primary elements of PKI

• A Digital Certificate is a standard format for passing public keys that uses a digital signature to bind entities to keys.
• A Certificate Authority (CA) is a third-party that ensures users are who they say they are.
• The Registration Authority (RA) accepts the enroll request from users, authenticates users, and then passes the request to the Certificate Authority so that the CA can issue the digital certificate.

X.509 is a standard for PKI digital certificate formatting that includes specifics such as the public key certificates, certificate revocation list, and attribute certifications. There are four main types of digital certificates issued by a Certificate Authority, as shown in the chart.

In addition to verifying identities, the CA also creates the digital certificate. Once the digital certificate is issued, the CA then gives that user a public key, and separately stores the privet key if it's required. A CA should also contain a certification practice statement (CPS) which gives guidelines on how to verify identities.

The components of a Certificate Authority include: software, hardware, providers, human validation system, and policies as illustrated in Figure 6.

In most Certificate Authority systems, there are different levels of certificates, and each level requires different forms of identification. Certificates with higher class levels generally require more information when requested including the information that was requested for the previous level.

The information requested by a Registration Authority is shown below.

Validating a certificate is a task that falls on the end user. The end user is the one trying to figure out if the certificate presented is valid. Usually, this is done by the user's software.

The process for validating a certificate includes the following steps.

1. Compare the CA that signed the certificate to the CA in the receiver's computer

2. Calculate a message digest for the certificate

3. Use the CA public key to decrypt the signature and recover message

4. Review validity dates

5. Review identification information

6. Compare encrypted and decrypted message to prove integrity

7. Check revocation list for certificates

There are two techniques for checking whether a certificate has been revoked. The first is the certificate revocation lists (CRL) which are issued periodically by a CA that contains a list of certificate serial numbers that are invalid. The second method is an online check called Online Certificate Status Protocol (OCSP).OCSP is a protocol that browser software uses to query a CA dynamically for the revocation status of a certificate.

In this section, you will review implementations to secure communication.

Secure Socket Layer

Secure socket layer (SSL) is a protocol that is used by most websites to obtain confidential information from the user. It uses a combination of asymmetric and symmetric encryption methods to secure links. A sever sends a public asymmetric key to the client. The client uses the received key to encrypt a symmetric session key. The client then returns the ciphertext back to the server which uses the corresponding private key to decrypt the asymmetric encryption and gain the symmetric session key. The client and server can then both use the symmetric key for communications for the rest of the session. One of the most popular examples of SSL is its use in HTTPS, secure HTTP. The video, How SSL works tutorial – with HTTPS example (11:08), provides a tutorial on setting up SSL to provide a secure web connection.

Publishers, copyright holders, and hardware manufacturers use digital rights management (DRM) to control the use of digital content. Read the article, How Digital Rights Management Works.

Steganography is similar to cryptography since it is used to achieve confidentiality. Steganography requires two items, a container and the data that will be hidden. Containers used include image, audio, video, or Office document files. The video, Steganography – Hiding Data inside Pictures or Sound files (6:16) provides a demonstration using a tool called Steghide.

Watermarking is used to identify ownership of copyrighted material. If the original material gets copied, a watermark flags the data's ownership without degrading it in any way. Watermarking is a passive protection tool.

SSH is a cryptographic network protocol that provides secure remote access. It uses TCP port 22 and is the secure alternative to FTP or Telnet. SSH can be used to execute remote commands and provide data confidentiality and integrity over an unsecured network.

S/MIME is a standard for public key encryption by providing digital signatures and message encrypting for MIME data. S/MIME is built into most email programs such as Microsoft's Outlook to secure email.

This lesson discussed symmetric and asymmetric encryption systems. Symmetric systems are faster due to the fact that there is only one key being used. Asymmetric encryption is more secure but the use of both a private key and a public key make key management more difficult. The SSL protocol makes use of both symmetric and asymmetric encryption. This lesson also discussed the primary components of public key infrastructure (PKI).