Cryptography and Encryption Techniques

sunflowerplateAI and Robotics

Nov 21, 2013 (3 years and 8 months ago)

60 views

Cryptography and Encryption
Techniques



Plaintext
-
>
Ciphertext

(& back)



CIA Triad


Confidentiality


Integrity


Authentication



Substitution
vs

Transposition




Symmetric


same key used both ways


Strength: fast


Weaknesses


Security of Key distribution


Scalability


Limited security (confidentiality only, no nonrepudiation)


Algorithms


DES


3DES (used by Linux for VPN)


AES


IDEA


Twofish


RC4



Asymmetric (public) key


Strengths:


Secure (as long as the private key is secret)


Provides data encryption


Provides digital signatures


Confidentiality, Authentication, Nonrepudiation


Security of Key distribution


Scalability



Weakness: processing intensive



Block


Encrypt blocks of data (usually 64
-
bits)


Stream


Single bits as a continuous stream


Faster than block


Plaintext is
XOR’d

with encryption key


PKI infrastructure


Digital certificates


Certificate authorities


Certificate generation and destruction


Key management



One way only



Often used to provide integrity proof



Algorithms


SHA
-
1


MD5


RIPEMD
-
160



Short: 40 bits; Long: 448 bits


MD5: generates 128
-
bit digest


SHA: generates 160
-
bit digest


RC4 / RC5


Blowfish


64bit cipher; up to 448bit key length; open source


Twofish



128bit cipher; up to 256bit key length


MAC


HMAC



Cipher Text
-
Only Attack


Study several messages to look for patterns


Attacker has access to only a set of
ciphertexts



Known
-
Plain Text Attack


Attacker has access to both plaintext and resulting
ciphertext
; study plaintext and
ciphertext

to discover key


Chosen
-
Plain Text Attack


Attacker has ability to choose plaintext and then study
ciphertext

result for obtaining key


Chosen
-
Cipher Text Attack


Decrypt portions of cipher text to discover key


Rubber hose attack



EFS &
Bitlocker


TrueCrypt


Open Source for Linux and Windows


Uses AES
-
256, Serpent, or
Twofish


Stunnel


SSL wrapper


allows encrypting TCP connection inside
SSL protocol


CryptoHeaven


2048 to 4096bit asymmetric & 256bit symmetric


Secure IM, mail, file sharing, online storage, etc.


WinMagic

SecureDoc


Disk encryption; supports smart cards and biometrics



OrphCrack

Live CD


free bootable Live CD
includes a Windows password
-
cracking program.
Uses rainbow tables.



John the Ripper: free password
-
cracking tool



Cain & Abel: password
-
recovery tool. Can recover
passwords using network packet sniffing. Uses
dictionary, brute force and cryptanalysis attacks.



WEPCrack