Chapter 5: Basics of Cryptography

Cryptography entails the use of a wide array of hardware and software mechanisms to mask (or encrypt) information into an illegible format. This is done in order to transport sensitive information over insecure networks such as the Internet or simply to store data in a safe manner. Most cryptographic systems also provide a method of decrypting the information upon retrieval. As we will discuss, these systems generally use one of two methods to accomplish this transformation: private-key systems (symmetric), which employ a single secret key, and public-key systems (asymmetric) that use a combination of a public-key and a private key. The processes used to disguise information are generally characterized by their varying degrees of complexity.

Concepts of Using Cryptography

Some cryptographic methods are actually designed to be irreversible, such as hash encryption. Hash encryption techniques provide a method of storing an encrypted representation (or fingerprint) of a data block. This is useful when you don't actually want to store the data in question, as with passwords. For example, on a UNIX system, a hash of your password is the only stored version that is available to the system. The password cannot be recovered from its hash. Rather, you enter your password and the system applies the hash algorithm to your entry. The result is compared to the stored hash and access is granted only if there is a match. This makes it theoretically impossible to break into the system and discover passwords.

As far as reversible encryption processes are concerned, few developers will claim that their product is hack-proof. Effectively, one of the goals of cryptography is to make it so hard to get to the encrypted data, the amount of time spent cracking the code is not worth the prize. This is the theory, at least. However, because the persistence of hackers continues to amaze us security professionals of goodwill, a plethora of techniques is now available that aid in the fight to protect sensitive data. Victory at the front lines of the Security+ examination will require your knowledge of these techniques and what makes some stronger than others. You should also have a full understanding of the key theoretical concepts of using cryptography, which include those discussed in the following sections.

Confidentiality

This term couldn't be more straightforward. Confidentiality is simply the process of keeping data hidden from unauthorized persons. It is the main reason that we encrypt data in the first place. Obviously, there are endless reasons to keep data confidential, ranging from combat soldiers exchanging information on the battlefield without giving away their positions, to testing centers receiving the contents of your exam over the Internet without you getting a copy. In the latter example, confidentiality is really protecting you, the test taker. If the confidentiality of exam contents were repeatedly compromised, the value of certification would be lessened, the job market would be flooded with 'security professionals,' employers would not recognize certification as an asset, and you would be hard-pressed to find a job.

Integrity

Guarding the integrity of data involves keeping it from being altered while in transit or while being stored. Following our last example, imagine an individual who wished failure upon you regarding your examination. If this malicious person could infiltrate the test data on its way to the testing center, they could mix up the answers and then send it back on its way. After reading this book, you would naturally select all the correct answers, still fail the exam, have no idea why, and again, you would be hard-pressed to find a job. This is a most undesirable scenario and it's important to understand that encryption alone will not protect data integrity. For this reason, many encryption programs have built-in measures to check data integrity. Although closely related, confidentiality and integrity have different objectives. Be aware of the differences.

One tool used in the verification of data integrity is the message digest. A message digest is essentially a fingerprint of a chunk of data. For example, the MD5 hashing algorithm can create a unique fingerprint for a file based on its contents. The process is irreversible and the contents of the original file can't be determined from its fingerprint. Upon receipt of the file, the algorithm is reapplied and the resultant fingerprint is compared to a known good one, which might be stored on a server at the original location of the file. If it's a match, it's safe to say that the file's contents were not altered in transit and its integrity is intact. Digital Signature (DS) methods, which we'll discuss shortly, also include integrity verification features.

Non-repudiation

Repudiation is the denial of involvement in an agreement-more specifically, an agreement that involves the transfer of money. When you go out to dinner and charge the bill on your credit card, the restaurant requires you to sign their copy of your receipt. This is done to protect them if you don't remember eating out that night and you call to dispute the charge. With your signature on file, it's very simple for the restaurant owner to prove to the credit card company that you did indeed eat there. This is a non-repudiation security measure built into the credit card system. This procedure also protects you if your card is stolen, giving you the ability to prove that your signature was forged. It's simple and sweet. In extreme cases, either party involved in a dispute might call upon an expert to prove or disprove the authenticity of a signature. Digital Signatures (DS) and time stamps are among the methods used to provide non-repudiation in the realm of electronic documents.

Authentication

As we learned in Chapter 2, authentication is the process of proving that you are who you say you are. Whether you are logging onto a network, signing an encrypted e-mail, or withdrawing cash at the ATM, there must always be an authentication scheme in place to provide this facet of security. Sometimes this process takes place without any user input, as with Secure Socket Layer (SSL) transmissions. The server authenticates itself during SSL-driven communications. In a similar fashion, your browser, on its own, generates a temporary key for each session.

The methods and organizational systems directly related to cryptography that provide authentication include passwords, Key Distribution Centers (KDC), Digital Signatures (DS), and Certification Authorities (CA). Remember, you need to have a handle on the differences between authentication and authorization. They look and sound alike but they have distinctly different purposes.

Digital Signature (DS)

The elegance and effectiveness of the handwritten signature has kept it a worldwide standard for ages. Despite all of our technology, we still rely on it today. Signing an electronic message was not always so simple. It became apparent that a digital equivalent of the signature was needed and the Digital Signature (DS) was born.

It is within the public-key encryption scenario that a DS is generally applied to an electronic message. The purpose of the DS is to verify that a message is truly from the sender noted in the message. A DS can also provide measures to ensure the integrity of a message. Although the DS process is usually handled behind the scenes by encryption software, it has a few steps that should be understood in order to sign and verify electronic documents properly. Now, let's examine a brief overview of signing a document digitally.

First, the sender's software uses a hashing algorithm to create a fingerprint (or message digest) of the message contents.

The message digest, personal information about the sender, and possibly a time stamp, are then encrypted using the sender's private key, creating the DS. The resultant ciphertext string (the DS) is appended to the message and everything is encrypted with the recipient's public key. The message is now signed, encrypted, and sent on its way.

Upon retrieval, the recipient's encryption software will decrypt the message using their respective private key, exposing the DS and the original plain text message. The extracted DS is decrypted with the sender's public key, revealing the fingerprint of the original message. Using the same algorithm as the sender, the recipient's software will fingerprint (or hash) the original, plain text message. This fingerprint is compared to the one extracted from the message, and if it matches, you can be sure who it's from and that its contents have not been altered. At this point, you have verified the signer of the document and the integrity of its contents. This process also provides a non-repudiation security measure that discourages the denial of involvement in a digital transaction.

There are a few standards in place that govern the creation of digital signatures. The DSS, or Digital Signature Standard, uses the Digital Signature Algorithm (DSA) developed by the National Security Agency (NSA) and is used for the creation of digital signatures. Specified in Federal Information Processing Standard (FIPS) 186, DSS is the U.S. government standard algorithm used for signing electronic data. The National Institute of Standards and Technology (NIST) brought DSS to the public in 1994.

That's all fine and good, right? The DS is very effective but how do you really know that when your software extracts a digital signature, the signature in question is truly authentic? The answer lies within the Certification Authority (CA), which acts as the digital counterpart to the handwriting analyst. CAs use several techniques to guarantee the authenticity of a DS. Stay tuned; we'll discuss CAs in greater detail later in the chapter.

Access Control

Access control is mentioned again here to emphasize its role as one of the key concepts of using cryptography and its importance in the study of security as a whole. (Review Chapter 2 to obtain more information about access control.) As you are learning, this study demands skills that cover a vast ocean of topics and disciplines, extending far beyond the reach of this book and the test it's preparing you for. By now, you should be starting to get a clearer picture of the more pertinent subject matter that you're likely to see in the exam.

You'll recall that access control is a term for systems in place that manage access to resources. Remember Windows 2000/NT Discretionary Access Control (DAC) and the Access Control List (ACL) that it uses? Windows 2000 access control works in conjunction with the Kerberos protocol. In turn, this secure protocol takes advantage of different algorithms to deliver secure logon capabilities. The algorithms used in Kerberos include DES and RC4. RC4 is the default choice while DES support is available to enable interoperability with other applications.

What exactly is an algorithm? Good question-we're about to learn about algorithms.