Addis Ababa University

Faculty of Science
Department of Computer Science

COSC 6301 – Computer Security

Chapter 5 – Technical Controls

By
Girum Ketema (PhD)
[email protected]
[email protected]
Outline

Identification and Authentication

Logical Access Control

Audit Trails

Cryptography
Outline

Identification and Authentication

Logical Access Control

Audit Trails

Cryptography
Identification and Authentication (I & A)
• For most systems, identification and authentication is often the first
line of defense.
• Identification is the means of verifying/indicating the identity of a
user, process, or device, typically as a prerequisite for granting access
to resources in a system.
• Authentication is the act/process of proving the identity of a
computer system user.
• Computer systems recognize people based on the authentication
data the systems receive.
Identification and Authentication (I & A)
• There are three means of authenticating a user's identity which can
be used alone or in combination:
• Something the individual knows (a secret- e.g., a password, Personal
Identification Number (PIN), or cryptographic key);
• Something the individual possesses (a token - e.g., an ATM card or a smart
card);
• Something the individual is (a biometric - e.g., such characteristics as a voice
pattern, iris, face, or a fingerprint).
I&A Based on Something the User Knows -
Passwords
• Password systems work by requiring the user to enter a user ID and
password (or passphrase or personal identification number).
• The system compares the password to a previously stored password for that user ID.
• If there is a match, the user is authenticated and granted access.
• Benefits of passwords
• Many admins know how it works
• Integrated with many operating systems
• Problems of passwords
• Security depends on keeping passwords secret. It can easily be compromised
• Guessing Passwords
• Giving Passwords away
• Electronic Monitoring
• Accessing the password file
I&A Based on Something the User Knows –
Passwords – Strengthening Passwords
• Use Password generators.
• Limits on log-in attempts.
• Password attributes
• Minimum length
• Special characters
• Numbers
• Capital and small letters
• Periodically Change Passwords
• Protection of the Password File
• Access control
• One-way encryption
I&A Based on Something the User Knows –
Cryptographic Keys
• Knowledge of the encryption keys is important for I&A
• Encryption keys are required to encrypt/decrypt information
• This might have to be used along with other I&A methods (because
you may need to have a PC or Smart Card to use the Keys)
I&A Based on Something the User Possesses
• This method can be applied alone or in combination with “something
the user knows”
• Combining this method with “something the user knows” results in
stronger security
• The object that the user possesses is called Token.
• Tokens may be categorized as
• Smart Tokens
• Memory Tokens
I&A Based on Something the User Possesses –
Memory Tokens
• Memory tokens store information
• They do not process info
• Special readers/writers are used to access or modify the information
• Magnetic Strips are commonly used.
• Examples: ATM Cards, Passive RFID Cards, …
• Usually, such tokens are used in combination with PIN
• Benefits
• Stronger authentication than passwords (when used with PIN)
• Easier for logging
• Problems
• Requires special readers
• Token loss
• Compromised PIN
I&A Based on Something the User Possesses –
Smart Tokens
• Improve memory tokens by including Integrated Circuits (Chips)
• A smart token requires a user also to provide something the user knows (i.e., a
PIN or password) in order to "unlock" the smart token for use.
• Types of smart tokens
• Based on Physical Characteristics
• Smart Card – similar to ATM card but has microprocessor
• Other Types of Tokens – different shapes (eg. Key fob, …)
• Based on Interface
• Manual – Have keys to enter PIN
• Electronic – automatically read by machine
• Protocol
• Static Password Exchange – same as memory tokens
• Dynamic password Generator – create a unique value regularly (eg. Every minute)
• Challenge-response protocol – computer generates a challenge and the token provides response
I&A Based on Something the User Possesses –
Smart Tokens
• Benefits
• One-Time Passwords (OTPs)
• Reduced Risk of Forgery
• Multi-application
• Problems
• Needs readers/writers or human intervention
• Readers/writers – cost
• Human intervention – user dissatisfaction
• Substantial Administration
I&A Based on Something the User IS
• Biometric authentication technologies use the unique characteristics (or attributes) of
an individual to authenticate that person’s identity.
• Fingerprints
• Voice
• Face
• Iris (Retina)
• Enrolment of users by creating a reference profile is done before authentication
• Every time the user tries to authenticate, the biometric measurement is taken and is
compared against the reference profile
• Benefits
• Very secured as compared to other methods
• Problems
• Expensive
• Biometric attributes may change under different conditions (e.g., voice or fingerprint changes)
Implementation of I&A systems –
Administration
• I&A systems need to create, distribute, and store authentication data.
• For passwords - creating passwords, issuing them to users and maintaining a
password file.
• For Token systems - creation and distribution of tokens/PINs and data that tell the
computer how to recognize valid tokens/PINs.
• For Biometric systems - creating and storing profiles.
• Administration of authentication data is a critical element for all types of
authentication systems.
• I&A administrative tasks should address lost or stolen passwords or
tokens.
• The administrative overhead associated with I&A can be significant.
• Protecting password files (even from system administrators) is also an
admin task
Implementation of I&A systems – Maintaining
Authentication
• Unauthorized user may use other person’s (legitimate user’s) logged-
in session to access the system
• Different mechanisms must be in place to prevent this
• Logout user after some idle time
• Lock screen after some idle time
Implementation of I&A systems – Single Sign
On (SSO)
• Single sign-on is an authentication scheme that allows a user to log in
with a single ID to any of several related, yet independent, software
systems.
• True single sign-on allows the user to log in once and access services without
re-entering authentication factors.
• If the systems that needs authentication are on the one host, use
access control lists for SSO.
• If the systems are on different hosts, use:
• Host-to-Host Authentication
• Authentication Server
• User-to-Host Authentication
Implementation of I&A systems – Single Sign
On (SSO) …
• Host-to-Host Authentication
• users authenticate themselves once to a host computer. That computer then authenticates
itself to other computers and assures for the specific user.
• can be done by passing a password or by a challenge-response mechanism or other one-
time password scheme.
• Under this approach, it is necessary for the computers to recognize each other and to trust
each other.
• Authentication Server
• the users authenticate themselves to a special host computer (the authentication server).
This computer then authenticates the user to other host computers the user wants to access.
• The host computers needs to trust the authentication server
• Examples Protocols: Kerberos, TACACS, RADIUS, DIAMETER, LDAP, …
• User-to-Host Authentication
• requires the user to log-in to each host computer.
• a smart token (such as a smart card) can contain all authentication data and perform that
service for the user.
• To users, it looks as though they were only authenticated once.
Outline

Identification and Authentication

Logical Access Control

Audit Trails

Cryptography
Logical Access Controls
• Logical access controls provide a technical means of controlling what
information users can utilize, the programs they can run, and the modifications
they can make.
• It is used to permit or deny access to a particular resource.
• Access is different from authorization and authentication
• Access = the ability to do something (eg. Modify or view) on a computer resource
• Authorization = permission to use a computer resource
• Authentication = proving that users who they claim to be
• Access control is the means by which the ability is explicitly enabled or restricted
in some way (usually through physical and system-based controls).
• Computer-based access controls are called logical access controls.
• Logical access controls can prescribe not only who or what is to have access to a
specific system resource but also the type of access that is permitted.
Access Criteria
• Identity Based
• Based on identity of the user (most logical access controls are based on this)
• Individual, group or anonymous identities can be applied
• Role based
• Access to information may also be controlled by the job assignment or function
• Access rights are grouped by role names (eg. Data entry clerk, programmer, …)
• Different from shared or group account
• Location based
• Access to particular system resources may also be based upon physical or logical location.
• Time based
• Time-of-day or day-of-week restrictions are common limitations on access.
• Transaction based
• Access is dynamically granted by the system for specific transactions to reduce mischief
• Common access modes
• Read, Write, Execute, Delete, Create, Search
Access Policy
• Logical access controls are a technical means of implementing policy
decisions.
• The development of an access control policy requires balancing interests of
• security
• operational requirements
• User-friendliness
• Technical constraints
• Who should have what type of access is addressed by system specific
policies (discussed as management control), enforcing this policy through
technical means is implementation issue and hence is technical control
Technical Implementation Mechanisms -
Internal Access Controls
• Internal Access Controls are a logical means of separating what users (or user
groups) can or cannot do with system resources.
• Passwords
• Passwords are most often associated with user authentication.
• They are also used to protect data and applications on many systems
• Encryption
• Encrypted information can only be decrypted by those possessing the appropriate
cryptographic key.
• Specially very important for resources with limited physical security (eg. Laptops)
• Access Control Lists (ACLs)
• Is a list (or multiple lists) of
• users who have been given permission to use a particular system resource
• The type of access they have been permitted.
• ACLs vary considerably in their capability and flexibility.
Technical Implementation Mechanisms -
Internal Access Controls …
• Constrained User Interfaces
• Restrict users' access to specific functions by never allowing them to request
the use of information, functions, or other specific system resources for which
they do not have access.
• Often used with ACLs
• Three major types exist:
• menus
• database views
• physically constrained user interfaces
• Security Labels
• Labels can be used for controlling access, specifying protective measures, or
indicating additional handling instructions.
Technical Implementation Mechanisms -
External Access Controls
• External access controls are a means of controlling interactions between
the system and outside people, systems, and services.
• Port Protection Devices
• Fitted to a communications port of a host computer, a port protection device (PPD)
authorizes access to the port itself, prior to and independent of the computer's own
access control functions.
• Secure Gateways/Firewalls
• block or filter access between two networks, often between a private network and
public network, which attract malicious hackers.
• Can be combined with other functionalities (IPS/IDS, UTM., …)
• Host-Based Authentication
• Host-based authentication grants access based upon the identity of the host
originating the request, instead of the identity of the user making the request.
Administration of Access Controls
• Access Control Administration involves implementing, monitoring,
modifying, testing, and terminating user accesses on the system.
• There are three basic approaches to administering access controls:
centralized, decentralized, or Hybrid.
• Centralized Administration
• One user or office is responsible for administration of access controls
• Decentralized
• Access control is administered directly by the owners of the files or the systems
• Hybrid
• Combines both centralized and decentralized administration
• Central Administration = broadest and basic access
• Owners/creators = access to their files
Outline

Identification and Authentication

Logical Access Control

Audit Trails

Cryptography
Audit Trail
• An audit trail is a series of records of computer events, about an
operating system, an application, or user activities.
• A computer system may have several audit trails, each devoted to a
particular type of activity.
• Auditing is the review and analysis of management, operational, and
technical controls.
• The auditor can obtain valuable information about activity on a
computer system from the audit trail.
• Audit trails improve the auditability of the computer system.
Benefits and Objectives
• Audit trails can provide a means to help accomplish several security-
related objectives.
• Individual Accountability
• The responsible person for an event can be identified from the audit trails
• Reconstruction of Events
• By combining multiple audit trails from different systems, the admins may reconstruct
the event that led to security breach
• Intrusion Detection
• Intrusion can be detected by careful analysis of audit trails
• Problem Analysis
• The logged information in the audit trail may indicate the cause of a problem
Audit Trails and Logs
• A system can maintain several different audit trails concurrently. Two
kinds of information are logged
• An event-oriented log
• A record of every keystroke
• Event-based logs usually contain records describing system events,
application events, or user events.
• Audit trails must collect sufficient records required for auditing
• Too much records = resource wastage (storage, processing, …)
• Too little records = not sufficient enough for the required auditing
Audit Trails and Logs …
• Keystroke monitoring
• Keystroke monitoring is the process used to view or record both the keystrokes
entered by a computer user and the computer's response during an interactive
session.
• Examples of keystroke monitoring would include viewing characters as they are
typed by users, reading users' electronic mail, and viewing other recorded
information typed by users.
• Audit Events
• System audit records are generally used to monitor and fine-tune system
performance.
• Application audit trails may be used to discern flaws in applications, or violations of
security policy committed within an application.
• User audits records are generally used to hold individuals accountable for their
actions.
• An analysis of user audit records may expose a variety of security violations
Audit Trails and Logs – Different log files
Outline

Identification and Authentication

Logical Access Control

Audit Trails

Cryptography
Secure Communication
Needs and Requirements
• Secrecy
• Only intended receiver understands the message
• Authentication
• Sender and receiver need to confirm each others identity
• Message Integrity
• Ensure that their communication has not been altered, either maliciously or
by accident during transmission
Cryptography
Basics
• Cryptography is the science of secret, or hidden writing
• It has two main Components:
• Encryption
• Practice of hiding messages so that they can not be read by anyone other
than the intended recipient
• Authentication & Integrity
• Ensuring that users of data/resources are the persons they claim to be
and that a message has not been surreptitiously altered
Encryption
Cipher
• Cipher is a method for encrypting messages

Plain Text Encryption Cipher Text Decryption Plain Text

Algorithm Algorithm

Key A Key B

• Encryption algorithms are standardized & published

• The key which is an input to the algorithm is secret
• Key is a string of numbers or characters
• If same key is used for encryption & decryption the algorithm is called symmetric
• If different keys are used for encryption & decryption the algorithm is called asymmetric
Encryption
Symmetric Algorithms

• Algorithms in which the key for encryption and decryption are

the same are Symmetric
• Example: Caesar Cipher
• Types:
1. Block Ciphers
– Encrypt data one block at a time (typically 64 bits, or 128 bits)
– Used for a single message
2. Stream Ciphers
– Encrypt data one bit or one byte at a time
– Used if data is a constant stream of information
 Symmetric Encryption
Key Strength
• Strength of algorithm is determined by the size of the key
• The longer the key the more difficult it is to crack
• Key length is expressed in bits
• Typical key sizes vary between 48 bits and 448 bits
• Set of possible keys for a cipher is called key space
• For 40-bit key there are 240 possible keys
• For 128-bit key there are 2128 possible keys
• Each additional bit added to the key length doubles the security
• To crack the key the hacker has to use brute-force
(i.e. try all the possible keys till a key that works is found)
• Supercomputers can crack a 56-bit key in 24 hours
• It will take 272 times longer to crack a 128-bit key
(Longer than the age of the universe)
 Substitution Ciphers
Caesar Cipher
• Caesar Cipher is a method in which each letter in the
alphabet is rotated by fixed letters as shown

ABCDEFGHIJKLMNOPQRSTUVWXYZ

DEFGHIJKLMNOPQRSTUVWXYZABC
Substitution Ciphers
Caesar Cipher
Encryption
Plain Text Cipher Text
Cipher:
Message: Caesar Cipher Message:
Attack at Dawn Algorithm Dwwdfn Dw Gdyq

Key (3)
Decryption
Cipher Text Plain Text
Cipher:
Message: Caesar Cipher Message:
Dwwdfn Dw Gdyq Algorithm Attack at Dawn

Key (3)
Substitution Cipher
Monoalphabetic Cipher
• Any letter can be substituted for any other letter
• Each letter has to have a unique substitute

ABCDEFGH I JKLMNOPQRSTUVWXYZ

MNBVCXZASDFGHJ KLPO IUYTREWQ

• There are 26! pairing of letters (~1026)
• Brute Force approach would be too time consuming
• Statistical Analysis would make it feasible to crack the key

Message: Encrypted
Cipher: Message:
Bob, I love you. Monoalphabetic Nkn, s gktc wky.
Alice Cipher mgsbc

Key
Substitution Cipher
Polyalphabetic Caesar Cipher
• Uses a sequence of monoalpabetic ciphers in tandem
• e.g. C1, C2, C2, C1, C2

Plain Text ABCDEFGH I JKLMNOPQRSTUVWXYZ

C1(k=6) FGH I JKLMNOPQRSTUVWXYZABCDE

C2(k=20) TUVWXYZABCDEFGH I JKLMNOPQRS

• Example

Message: Encrypted
Cipher: Message:
Bob, I love you. Monoalphabetic Gnu, n etox dhz.
Alice Cipher tenvj

Key
 Transposition Cipher
Columnar Transposition
• This involves rearrangement of characters on the plain text into columns
• How it works
• Arrange the word in columns. The number of columns is determined by the number of
letters in the keyword
• The cipher text is formed by collecting the letters in the columns. The order of
collection columns is determined by the alphabetical order of the letters in the key
• EXAMPLE:
• Plain Text = “THIS IS PLAIN TEXT”
• Keyword = HEMAN Length of Keyword = 5 Alphabetical Order = 32415

H E M A N Cipher Text
3 2 4 1 5
SP Z HSIXTIAEI NT LTZ
T H I S -
I S - P L
A I N - T
E X T Z Z
 Transposition Cipher
Columnar Transposition
• Decryption
• EXAMPLE:
• Cipher Text = “SP ZHSIXTIAEI NT LTZ”
• Keyword = HEMAN Length of Keyword = 5 Alphabetical Order = 32415

Plain Text

H E M A N
3 2 4 1 5
 Transposition Cipher
Columnar Transposition
• Decryption
• EXAMPLE:
• Cipher Text = “SP ZHSIXTIAE LTZ”
• Keyword = HEMAN Length of Keyword = 5 Alphabetical Order
= 32415
Plain Text

H E M A N
3 2 4 1 5
S
P
-
Z
 Transposition Cipher
Columnar Transposition
• Decryption
• EXAMPLE:
• Cipher Text = “SP ZHSIXTIAE LTZ”
• Keyword = HEMAN Length of Keyword = 5 Alphabetical Order
= 32415
Plain Text

H E M A N
3 2 4 1 5
H S
S P
I -
X Z
 Transposition Cipher
Columnar Transposition
• Decryption
• EXAMPLE:
• Cipher Text = “SP ZHSIXTIAE LTZ”
• Keyword = HEMAN Length of Keyword = 5 Alphabetical Order
= 32415
Plain Text

H E M A N
3 2 4 1 5
T H S
I S P
A I -
E X Z
 Transposition Cipher
Columnar Transposition
• Decryption
• EXAMPLE:
• Cipher Text = “SP ZHSIXTIAE LTZ”
• Keyword = HEMAN Length of Keyword = 5 Alphabetical Order
= 32415
Plain Text

H E M A N
3 2 4 1 5
T H I S
I S - P
A I N -
E X T Z
 Transposition Cipher
Columnar Transposition
• Decryption
• EXAMPLE:
• Cipher Text = “SP ZHSIXTIAE LTZ”
• Keyword = HEMAN Length of Keyword = 5 Alphabetical Order
= 32415
Plain Text

THIS IS PLAIN TEXT

H E M A N
3 2 4 1 5
T H I S -
I S - P L
A I N - T
E X T Z Z
Ciphers
Shannon’s Characteristics of “Good” Ciphers
• The amount of secrecy needed should determine the amount of
labor appropriate for the encryption and decryption.
• The set of keys and the enciphering algorithm should be free from
complexity.
• The implementation of the process should be as simple as possible.
• Errors in ciphering should not propagate and cause corruption of
further information in the message.
• The size of the enciphered text should be no larger than the text of
the original message.
 Cryptanalysis
Techniques
• Cryptanalysis is the process of breaking an encryption code
• Tedious and difficult process
• Several techniques can be used to deduce the algorithm
• Attempt to recognize patterns in encrypted messages, to be able to break
subsequent ones by applying a straightforward decryption algorithm
• Attempt to infer some meaning without even breaking the encryption, such as
noticing an unusual frequency of communication or determining something by
whether the communication was short or long
• Attempt to deduce the key, in order to break subsequent messages easily
• Attempt to find weaknesses in the implementation or environment of use of
encryption
• Attempt to find general weaknesses in an encryption algorithm, without
necessarily having intercepted any messages
 Data Encryption Standard (DES) Basics
• Goal of DES is to completely scramble the data and key so that
every bit of cipher text depends on every bit of data and ever
bit of key
• DES is a block Cipher Algorithm
• Encodes plaintext in 64 bit chunks
• One parity bit for each of the 8 bytes thus it reduces to 56 bits
• It is the most used algorithm
• Standard approved by US National Bureau of Standards for
Commercial and nonclassified US government use in 1993
 Data Encryption Standard (DES) Basics
64-bit input 56-bit key • DES consists of two permutations steps (the first and last steps of the algorithm)
• Operation of each round is identical – taking output of the pervious round as
48-bit k1
L1 R1 input
• During each round – the rightmost 32 bits of input are moved to left 32 bits of
F(L1, R1, K1) the output
• The entire 64 bit input to the ith round and the 48-bit key for the ith round are
48-bit k2
L2 R2 taken as an input to a function
• The function involves expansion of 4-bit chunks into 6-bit chunks , exclusive or-
F(L2, R2, K2) ing with the expanded 6-bit chunks of the 48-bit key Ki, a substitution operation
48-bit k3
and further exclusive OR-ing with the leftmost 32 bits of the input.
L3 R3 • The resulting 32 bits of the input of the function is then used as the rightmost
32 bits of the round’s 64-bit output
• DES run in reverse to decrypt
F(L16, R16, K16) • Cracking DES
• 1997: 140 days
48-bit k16
L17 R17 • 1999: 14 hours
• TripleDES uses DES 3 times in tandem
• Output from 1 DES is input to next DES
Encryption Algorithm
Summary

Algorithm Type Key Size Features

DES Block 56 bits Most Common, Not

Cipher strong enough
TripleDES Block 168 bits Modification of DES,
Cipher (112 effective) Adequate Security
Blowfish Block Variable Excellent Security
Cipher (Up to 448 bits)
AES Block Variable Replacement for DES,
Cipher (128, 192, or Excellent Security
256 bits)
RC4 Stream Variable Fast Stream Cipher,
Cipher (40 or 128 bits) Used in most SSL
implementations
 Symmetric Encryption
Limitations

• Any exposure to the secret key compromises secrecy of

ciphertext

• A key needs to be delivered to the recipient of the coded

message for it to be deciphered
• Potential for eavesdropping attack during transmission of key
 Asymmetric Encryption
Basics
• Uses a pair of keys for encryption
• Public key for encryption
• Private key for decryption
• Messages encoded using public key can only be decoded by the
private key
• Secret transmission of key for decryption is not required
• Every entity can generate a key pair and release its public key

Plain Text Cipher Text Plain Text

Cipher Cipher

Public Key Private Key

 Asymmetric Encryption
Types
• Two most popular algorithms are RSA & El Gamal
• RSA
• Developed by Ron Rivest, Adi Shamir, Len Adelman
• Both public and private key are interchangable
• Variable Key Size (512, 1024, or 2048 bits)
• Most popular public key algorithm
• El Gamal
• Developed by Taher ElGamal
• Variable key size (512 or 1024 bits)
• Less common than RSA, used in protocols like PGP
 Asymmetric Encryption
RSA
• Choose two large prime numbers p & q
• Compute n=pq and z=(p-1)(q-1)
• Choose number e, less than n, which has no common factor (other than 1)
with z
• Find number d, such that ed – 1 is exactly divisible by z
• Keys are generated using n, d, e
• Public key is (n,e)
• Private key is (n, d)
• Encryption: c = me mod n
• m is plain text
• c is cipher text
• Decryption: m = cd mod n
• Public key is shared and the private key is hidden
 Asymmetric Encryption
RSA Example
• P=5 & q=7
• n=5*7=35 and z=(4)*(6) = 24
• e=5
• d = 29 , (29x5 –1) is exactly divisible by 24
• Keys generated are
• Public key: (35,5)
• Private key is (35, 29)
• Encrypt the word love using (c = me mod n)
• Assume that the alphabets are between 1 & 26

Plain Text Numeric Representation me Cipher Text (c = me mod n)

l 12 248832 17
o 15 759375 15
v 22 5153632 22
e 5 3125 10
Asymmetric Encryption
RSA
• Decrypt the word love using (m = cd mod n)
• n = 35, c=29

Cipher cd (m = me mod n) Plain

Text Text
17 481968572106750915091411825223072000 17 l
15 12783403948858939111232757568359400 15 o
22 852643319086537701956194499721110000000 22 v
10 100000000000000000000000000000 10 e
 Asymmetric Encryption
Weaknesses
• Efficiency is lower than Symmetric Algorithms
• A 1024-bit asymmetric key is equivalent to 128-bit
symmetric key
• Potential for man-in-the middle attack
• It is problematic to get the key pair generated for the
encryption
 Asymmetric Encryption
Man-in-the-middle Attack
• Hacker could generate a key pair, give the public key away and tell
everybody, that it belongs to somebody else. Now, everyone believing it
will use this key for encryption, resulting in the hacker being able to
read the messages. If he encrypts the messages again with the public
key of the real recipient, he will not be recognized easily.

Trudeau’s Trudeau’s
Bob
Message Encrypted
+ public key Cipher Message
David’s
Public Key

David’s
Bob’s Bob’s Public Key
Message Trudeau
Cipher Encrypted David
+ Public key (Middle-man)
Message

Bob’s Attacker Trudeau’s

Public Key Public Key

Trudeau’s David’s
Trudeau’s Trudeau’s
New Message Message
Encrypted Cipher + public key Encrypted Cipher + public key
Message Message
 Asymmetric Encryption
Session-Key Encryption
• Used to improve efficiency
• Symmetric key is used for encrypting data
• Asymmetric key is used for encrypting the symmetric key

Plain Text Cipher Cipher Text

(DES)

Send to Recipient

Encrypted
Cipher Key
(RSA)
Session Key

Recipient’s Public Key

 Asymmetric Encryption
Encryption Protocols
• Pretty Good Privacy (PGP)
• Used to encrypt e-mail using session key encryption
• Combines RSA, TripleDES, and other algorithms
• Secure/Multipurpose Internet Mail Extension (S/MIME)
• Newer algorithm for securing e-mail
• Backed by Microsoft, RSA, AOL
• Secure Socket Layer(SSL) and Transport Layer Socket(TLS)
• Used for securing TCP/IP Traffic
• Mainly designed for web use
• Can be used for any kind of internet traffic
Asymmetric Encryption
Key Agreement
• Key agreement is a method to create secret key by exchanging only public
keys.
• Example
• Bob sends Alice his public key
• Alice sends Bob her public key
• Bob uses Alice’s public key and his private key to generate a session key
• Alice uses Bob’s public key and her private key to generate a session key
• Using a key agreement algorithm both will generate same key
• Bob and Alice do not need to transfer any key

Alice’s
Private Key

Bob’s Cipher
Public Key
(DES) Alice and Bob
Bob’s Session Key
Generate Same
Private Key Session Key!
Alice’s Cipher
Public Key
(DES)
Asymmetric Encryption
Key Diffie-Hellman Mathematical Analysis
Bob & Alice
Bob agree on non-secret Alice
prime p and value a

Generate Secret Generate Secret

Random Number x Random Number y

Bob & Alice

Compute Public Key exchange Compute Public Key
ax mod p public keys ay mod p

Compute Session Key Compute Session Key

(ay)x mod p (ax)y mod p

Identical Secret Key

Asymmetric Encryption
Key Agreement con’t.
• Diffie-Hellman is the first key agreement algorithm
• Invented by Whitfield Diffie & Martin Hellman
• Provided ability for messages to be exchanged securely
without having to have shared some secret information
previously
• Inception of public key cryptography which allowed keys
to be exchanged in the open
• No exchange of secret keys
• Man-in-the middle attack avoided
Authentication
Basics
• Authentication is the process of validating the
identity of a user or the integrity of a piece of data.
• There are three technologies that provide
authentication
• Message Digests / Message Authentication Codes
• Digital Signatures
• Public Key Infrastructure
Authentication
Message Digests
• A message digest is a fingerprint for a document
• Purpose of the message digest is to provide proof that data
has not altered
• Process of generating a message digest from data is called
hashing
• Hash functions are one way functions with following
properties
• Infeasible to reverse the function
• Infeasible to construct two messages which hash to same digest
• Commonly used hash algorithms are
• MD5 – 128 bit hashing algorithm by Ron Rivest of RSA
• SHA & SHA-1 – 162 bit hashing algorithm developed by NIST

Message Message Digest

Digest
Algorithm
Message Authentication Codes
Basics
• A message digest created with a key
• Creates security by requiring a secret key to be
possesses by both parties in order to retrieve the
message

Message
Message Digest Digest
Algorithm

Secret Key
 Authentication
Digital Signatures
• A digital signature is a data item which accompanies or is
logically associated with a digitally encoded message.
• It has two goals
• A guarantee of the source of the data
• Proof that the data has not been tampered with

Sender’s Sender’s
Private Key Public Key
Message Digest Digest Message
Sent to Algorithm Algorithm Digest
Receiver

Same?

Digital
Message Signature Signature Signature Message
Digest Algorithm Sent to Algorithm Digest
Receiver

Sender Receiver
Authentication
Digital Cerftificates
• A digital certificate is a signed statement by a trusted party that another
party’s public key belongs to them.
• This allows one certificate authority to be authorized by a different authority
(root CA)
• Top level certificate must be self signed
• Any one can start a certificate authority
• Name recognition is key to some one recognizing a certificate authority
• Verisign is industry standard certificate authority

Identity
Information

Signature Certificate
Sender’s
Algorithm
Public Key

Certificate
Authority’s
Private Key
Authentication
Cerftificates Chaining
• Chaining is the practice of signing a certificate with another private key
that has a certificate for its public key
• Similar to the passport having the seal of the government
• It is essentially a person’s public key & some identifying information signed
by an authority’s private key verifying the person’s identity
• The authorities public key can be used to decipher the certificate
• The trusted party is called the certificate authority

Certificate Signature New Certificate

Algorithm

Certificate
Authority’s
Private Key
Reading Assignment
• Public Key Infrastructure (PKI)