Applications for Cryptography - Paiet/Tech-Journal-for-Everything GitHub Wiki
Digital Signatures are used to provide non-repudiation & proof of origin for the sender of an e-mail. They are also able to provide integrity protection for a file or block of data.
With a digital signature, the sender encrypts data with their private key. If the reciepient decrypts the data with the sender's public key, then it must have been sent by the person purported to have sent the message.
Digital Certificates - A certificate is a digital representation of information that identifies you as a relevant entity by a trusted third party.
Most widely deployed/issued certificate template/type in the world is (X.509v3), first used in July of 1988.
The content of an X.509 certificate includes the following:
Version
Certificate holder's public key
Serial number
Certificate holder's distinguished name
Certificate's validity period
Unique name of certificate issuer
Digital signature of issuer
Signature algorithm identifier
There are a variety of file extensions for digital certificates, including the following:
.pem: Privacy Enhanced Mail, which is a Base64 encoded Distinguished Encoding Rules (DER) certificate, enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"
.cer, .crt, .der: Usually in binary DER form, but Base64-encoded certificates are common too
.p7b, .p7c: PKCS#7 SignedData structure without data, just certificate(s) or CRL(s)
.p12: PKCS#12, may contain certificate(s) (public) and private keys (password protected)
.pfx: Predecessor of PKCS#12 (usually contains data in PKCS#12 format)
Certificate Classes:
Class 1 - for individuals, intended for email
Class 2 - for organizations for which proof of identity is required
Class 3 - for servers and software signing, for which independent verification and checking of identity and authority is done by the issuing CA
Class 4 - for online business transactions between companies
Class 5 - for private organizations or governmental security
Certificate Management (Certificate Lifecycle)
Setup and Initialization Phase
Registration
Key Pair Generation
Certificate Generation
Certificate Dissemination
Administration Phase
Key storage
Certificate retrieval and validation
Backup or escrow
Recovery
Cancellation and History Phase
Expiration
Renewal
Revocation
Suspension
Destruction
Update and Patch Vulnerabilities
Person who can recover keys from the keystore on behalf of a user
Issue recovery agent certificate
EFS Recovery Agent certificate
Key Recovery Agent certificate
Trust Models:
Single Authority
Hierarchical
Web of Trust
Authentication Protocols:
Password Authentication Protocol (PAP) - transmission of user name and password in the clear. Basic HTTP Authentication uses PAP.
Shiva Password Authentication Protocol (S-PAP) - extends PAP by encrypting username and password transmission.
Challenge Handshake Authentication Protocol (CHAP) - calculates a hash after the user has logged in, then it shares that hash with the client system. Periodically, the server will ask the client to provide that hash (this is the challenge part). If the client cannot, then it is clear that the communications have been compromised. MS-CHAP is a Microsoft-specific extension to CHAP.
Kerberos - A user logs in, the authentication server verifies their identity and then contacts the ticket granting server (these are often on the same machine). The ticket granting server sends an encrypted ticket to the uses machine. When the user needs to access some resource on the network the user's machine uses that ticket granting ticket to gain access to the target machine.
Kerberos Components:
1. Principal: Any server or client that can be assigned a ticket.
2. Authentication Server (AS): Server that authorizes the principal and connects them to the ticket granting server.
3. Ticket Granting Server (TGS): Issues tickets.
4. Key Distribution Center (KDC): Server that provides the initial ticket and handles TGS requests.
5. Realm: A boundary within an organization. Each realm has its own AS and TGS.
6. Ticket Granting Ticket (TGT): Ticket that is granted during the authentication process.
7. Ticket: Used to authenticate. Contains the identity of the client, the session key, the timestamp, and the checksum. Encrypted with the servers key.
8. Session Key: Temporary encryption key.
The Kerberos process:
1. User sends credentials to the AS that will authenticate them.
2. The AS authenticates the user and issues a TGT.
3. The user's computer presents the TGT to the TGS when the user wants to access a network resource. The TGS will use the AS to authenticate that ticket. If it is authentic, then a specific resource ticket and a session key are issued and sent to the user's computer.
4. The user presents that ticket/key to the resource.
5. The resource verifies that ticket with the TGS.
6. Then the user is authorized to access the resource.
Pretty Good Privacy (PGP) - created by Phillip Zimmerman. It is an application that is designed to make encryption/decryption accessible to anyone that wants to use it.
A PGP certificate includes the following:
PGP version number
Certificate holder's public key
Certificate holder's information
Digital signature of certificate owner
Certificate validity period
Preferred symmetric encryption algorithm for the key
Wifi Encryption:
Wired Equivalent Privacy (WEP) - uses the stream cipher RC4 to secure the data and a CRC-32 checksum for error checking. Standard WEP uses a 40-bit key with a 24-bit initialization vector (IV).
WiFi Protected Access (WPA) - Replaces RC4 with Temporal Key Integrity Protocol (TKIP), which is a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet.
WPA-2 - Based on the IEEE 802.11i standard. Uses AES with CCMP to provide for enhanced confidentiality, integrity and authentication.
WPA-2 Enterprise - Also referred to as WPA-802.1x mode. Requires a RADIUS authentication server. An Extensible Authentication Protocol (EAP) is used for authentication.
Secure Socket Layer (SSL)/ Transport Layer Security (TLS):
How SSL works:
1. The browser asks the web server to prove its identity.
2. The server sends back a copy of its SSL certificate.
3. The browser checks to see if the certificate is from a CA it trusts.
4. The server sends back a digitally signed acknowledgement and a session is started.
How TLS works:
A TLS client and server negotiate a connection by using a handshaking procedure. The handshake begins when a client connects to a TLS-enabled server requesting a secure connection and presents a list of encryption and hash functions it can support. From this list, the server picks the strongest encryption and hash function that it also supports and notifies the client of the chosen algorithms. The server sends back its identification in the form of a digital certificate. This is a standard X.509 certificate. (The client may contact the CA that issued the certificate and confirm the validity of the certificate before proceeding.) In order to generate the session keys used for the secure connection, the client encrypts a random number with the server's public key and sends the result to the server. The server decrypts that number with its private key. From the random number, both parties generate key material for encryption and decryption.
\
Public Key Infrastructure (PKI)
Certificate Authority (CA) - primary role of the CA is to digitally sign and publish the public key bound to a given user. It is an entity trusted by one or more users to manage certificates.
Registration Authority (RA) - acts as a proxy between the user and the CA. The RA receives a certificate request, authenticates it, and forwards it to the CA.
Certificate Revocation List (CRL) - a list of certificates that have been revoked. CAs publish their own CRLs.
Online Certificate Status Protocol (OCSP) - a real-time protocol for verifying certificates.
Server-based Certificate Validation Protocol (SCVP) - RFC 5055. An Internet protocol for determining the path between a X.509 digital certificate and a trusted root (Delegated Path Discovery) and the validation of that path (Delegated Path Validation) according to a particular validation policy.
Steganography - the hiding of a secret message within an ordinary message and the extraction of it at its destination. Most common implementation is through the use of Least Significant Bit (LSB) replacement.
Payload - the data to be covertly communicated.
Carrier - the signal, stream, or data file into which the payload is hidden.
Channel - the type of medium used. This may be still photos, videos, or sound files.
Steganalysis - analysis of an image to detect the use of steganography. Two common types are:
Raw Quick Pair (RQP) method - based on statistics of the numbers of unique colors and close-color pairs in a 24-bit image. RQP analyzes the pairs of colors created by LSB embedding.
Chi-Square Analysis - measures the theoretical versus calculated population difference of the bits.
The National Security Agency (NSA) cryptography suites:
Suite "A" is classified
Suite "B" is publically available
Algorithms are classified by type as well - Type 1 - Type 4 (Type 1 is the highest classification)
Type 1 - Juniper (block cipher), MAYFLY (asymmetric), FASTHASH (hashing), WALBURN (high bandwidth link encryption), PEGASUS (satellite telemetry)
Type 2 - Skipjack, Key Exchange Algorithm (KEA)
Type 3 - DES, 3-DES, SHA, AES (some AES implementations are considered Type 1)
Type 4 - Not certified for any gov't usage
Commercial NSA (CNSA) suite includes cryptographic algorithms for encryption, hashing, digital signatures and key exchange:
Encryption: Advanced Encryption Standard (AES) - FIPS 197
Hashing: Secure Hash Algorithm (SHA) - FIPS 180-4
Digital Signature: Elliptic Curve Digital Signature Algorithm (ECDSA) - FIPS 186-4
Digital Signature: RSA - FIPS 186-4
Key Exchange: Elliptic Curve Diffie-Hellman (ECDH) - NIST SP 800-56A
Key Exchange: Diffie-Hellman (DH) - IETF RFC 3526
Key Exchange: RSA - NIST SP 800-56B rev 1
Virtual Private Network (VPN) - Used to extend access to a private network over a public network such as the Internet.
Protocols that are often used to create VPNs:
Point to Point Tunneling Protocol (PPTP) - Works at Layer 2 of the OSI model. Offers the ability to encrpyt and authenticate. Uses Extensible Authenitication Protocol (EAP) and/or Challange Handshake Authentication Protocol (CHAP) to authenticate. Uses Microsoft Point to Point Encryption (MPPE) for encryption. (MPPE is a derived version of DES). PPTP ONLY works over standard IP Networks.
Layer 2 Tunneling Protocol (L2TP) - Works at Layer 2 of the OSI model. Combination of PPTP and Cisco's Layer 2 Forwarding Protocol (L2F). Offers additional methods for authentication; PPTP offers two, whereas L2TP offers five. In addition to CHAP and EAP, L2TP offers PAP, SPAP, and MS-CHAP. L2TP works over standard IP networks, but also X.25 and ATM.
Internet Protocol Security (IPSec) - Used with L2TP VPN's to provide the encryption capability required to protect data.
SSL/TLS VPN - Used to establish a VPN via a web browser.
Encrypting File System (EFS)
EFS is a Microsoft technology that lets you encrypt data on your computer, and control who can decrypt, or recover, the data. To use EFS, all users must have EFS certificates. EFS users must also have NTFS permission to modify the files. Users need to backup their EFS key in order to ensure that it will be available if required to be used.
How to backup an EFS key:
Open a Command Prompt.
Insert the removable media that you're using to store your certificate.
Navigate to the directory on the removable media drive where you want to store the recovery certificate by typing drive letter, and then press "Enter".
Type "cipher /r:file name" , and then press "Enter". If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
How to restore an EFS key:
1. Insert the removable media that contains your recovery certificate.
2. Click the Start button. In the search box, type "secpol.msc", and then press "Enter".
(If you're prompted for an administrator password or confirmation, type the password or provide confirmation.)
3. In the left pane, select "Public Key Policies", right-click "Encrypting File System", and then click "Add Data Recovery Agent". This opens the Add Recovery Agent wizard.
4. Click "Next", and then navigate to your recovery certificate.
5. Click the certificate, and then click "Open".
6. When you are asked if you want to install the certificate, click "Yes", click "Next", and then click "Finish".
7. Open a Command Prompt.
8. At the command prompt, type "gpupdate /force", and then press "Enter".
Bitlocker - Starting in Windows 7, Microsoft also offers an option to do full disk encryption. Bitlocker can either use a Trusted Platform Module (TPM) to store the encryption keys, or an external USB device that must be inserted into the machine during boot to load and validate the keys.
Common mistakes that lead to weak cryptography implementations:
Using a standard modulus in RSA which is too small. (The small modulus makes cryptanalysis easier)
Using seeds for symmetric algorithms that are not random enough
Hard coded cryptographic secrets/elements
Using too short a key
Re-using keys
Unsecure Key Escrow
Use of an unsecure cryptographic block mode such as ECB mode
Use of proprietary cryptographic algorithms