Вы находитесь на странице: 1из 4

CHAPTER 7 PKI and Cryptographic Applications

Understand the key types used in asymmetric cryptography

 Public keys are freely shared among communicating parties, whereas private keys are kept secret. To encrypt
a message, use the recipient’s public key. To decrypt a message, use your own private key. To sign a message,
use your own private key. To validate a signature, use the sender’s public key.
Be familiar with the three major public key cryptosystems

 RSA is the most famous public key cryptosystem; it was developed by Rivest, Shamir, and Adleman in 1977.
It depends on the difficulty of factoring the product of prime numbers.
 El Gamal is an extension of the Diffie-Hellman key exchange algorithm that depends on modular arithmetic.
o major disadvantage—the algorithm doubles the length of any message it encrypts
 The elliptic curve algorithm depends on the elliptic curve discrete logarithm problem and provides more
security than other algorithms when both are used with keys of the same length.
 The key lengths shown in the following table for three asymmetric cryptosystems all provide equal protection:

Cryptosystem Key Length


RSA 1,024 bits
DSA 1,024 bits
Elliptic curve 160 bits

Know the fundamental requirements of a hash function

 Good hash functions have five requirements. They must allow input of any length, provide fixed-length
output, make it relatively easy to compute the hash function for any input, provide one-way functionality, and
be collision free.
Be familiar with the major hashing algorithms

 The successors to the Secure Hash Algorithm (SHA), SHA-1 and SHA-2, make up the government standard
message digest function. SHA-1 produces a 160-bit message digest whereas SHA-2 supports variable lengths,
ranging up to 512 bits. SHA-3 improves upon the security of SHA-2 and supports the same hash lengths.
 TIP: SHA-3 is the ideal hashing algorithm and MD5 should not be used.
Know how cryptographic salts improve the security of password hashing

 When straight-forward hashing is used to store passwords in a password file, attackers may use rainbow tables
of precomputed values to identify commonly used passwords. Adding salts to the passwords before hashing
them reduces the effectiveness of rainbow table attacks. Common password hashing algorithms that use key
stretching to further increase the difficulty of attack include PBKDF2, bcrypt, and scrypt.
Understand how digital signatures are generated and verified

 To digitally sign a message, first use a hashing function to generate a message digest. Then encrypt the digest
with your private key. To verify the digital signature on a message, decrypt the signature with the sender’s
public key and then compare the message digest to one you generate yourself. If they match, the message is
authentic.
Know the components of the Digital Signature Standard (DSS)

 The Digital Signature Standard uses the SHA-1, SHA-2, and SHA-3 message digest functions along with
one of three encryption algorithms:
1. Digital Signature Algorithm (DSA)
2. Rivest, Shamir, Adleman (RSA) algorithm
3. Elliptic Curve DSA (ECDSA) algorithm.
Understand the public key infrastructure (PKI)
 In the public key infrastructure, certificate authorities (CAs) generate digital certificates containing the public
keys of system users. Users then distribute these certificates to people with whom they want to communicate.
Certificate recipients verify a certificate using the CA’s public key.
 Digital certificates contain specific identifying information, and their construction is governed by an
international standard—X.509.
o Version of X.509 to which the certificate conforms
o Serial number (from the certificate creator)
o Signature algorithm identifier (specifies the technique used by the certificate authority to digitally sign
the contents of the certificate)
o Issuer name (identification of the certificate authority that issued the certificate)
o Validity period (specifies the dates and times—a starting date and time and an ending date and time—
during which the certificate is valid)
o Subject’s name (contains the distinguished name, or DN, of the entity that owns the public key
contained in the certificate)
o Subject’s public key (the meat of the certificate—the actual public key the certificate owner used to
set up secure communications)
 Certificate Generation and Destruction
o Enrollment - When you want to obtain a digital certificate, you must first prove your identity to the
CA in some manner.
o Verification - When you receive a digital certificate from someone with whom you want to
communicate, you verify the certificate by checking the CA’s digital signature using the CA’s public
key. Requirements:
 The digital signature of the CA is authentic.
 You trust the CA.
 The certificate is not listed on a CRL.
 The certificate actually contains the data you are trusting.
o Revocation - Occasionally, a certificate authority needs to revoke a certificate. This might occur for
one of the following reasons:
 The certificate was compromised (for example, the certificate owner accidentally gave away
the private key).
 The certificate was erroneously issued (for example, the CA mistakenly issued certificate
without proper verification).
 The details of the certificate changed (for example, the subject’s name changed).
 The security association changed (for example, the subject is no longer employed by the
organization sponsoring the certificate).
 Certificate Revocation List (CRL) - must be downloaded and cross-referenced periodically,
introducing a period of latency between the time a certificate is revoked and the time end
users are notified of the revocation.
 Online Certificate Status Protocol (OCSP) - This protocol eliminates the latency inherent in
the use of certificate revocation lists by providing a means for real-time certificate
verification.
Know the common applications of cryptography to secure email

 S/MIME relies on the use of X.509 certificates for exchanging cryptographic keys. The public keys contained
in these certificates are used for digital signatures and for the exchange of symmetric keys used for longer
communications sessions. RSA is the only public key cryptographic protocol supported by S/MIME. The
protocol supports the AES and 3DES symmetric encryption algorithms. The use of browser extensions is
required.
 Pretty Good Privacy (PGP) combines the CA hierarchy described earlier in this chapter with the “web of
trust” concept—that is, you must become trusted by one or more PGP users to begin using the system.
o Commercial version uses RSA for key exchange, IDEA for encryption/decryption, and MD5 for
message digest production.
o Freeware version (based on the extremely similar OpenPGP standard) uses Diffie-Hellman key
exchange, the Carlisle Adams/Stafford Tavares (CAST) 128-bit encryption/decryption algorithm,
and the SHA-1 hashing function.
Know the common applications of cryptography to secure web activity

 The de facto standard for secure web traffic is the use of HTTP over Transport Layer Security (TLS) or the
older Secure Sockets Layer (SSL). Most web browsers support both standards, but many websites are
dropping support for SSL due to security concerns.
Know the common applications of cryptography to secure networking

 Circuit Encryption: Security administrators use two types of encryption techniques to protect data traveling
over networks:
o Link encryption protects entire communications circuits by creating a secure tunnel between two
points using either a hardware solution or a software solution that encrypts all traffic entering one end
of the tunnel and decrypts all traffic entering the other end of the tunnel. For example, a company
with two offices connected via a data circuit might use link encryption to protect against attackers
monitoring at a point in between the two offices.
 All the data, including the header, trailer, address, and routing data, is also encrypted.
o End-to-end encryption protects communications between two parties (for example, a client and a
server) and is performed independently of link encryption. An example of end-to-end encryption
would be the use of TLS to protect communications between a user and a web server. This protects
against an intruder who might be monitoring traffic on the secure side of an encrypted link or traffic
sent over an unencrypted link.
 Does not encrypt the header, trailer, address, and routing data, so it moves faster from point
to point but is more susceptible to sniffers and eavesdroppers.
Be able to describe IPsec

 IPsec is a security architecture framework that supports secure communication over IP. IPsec uses public
key cryptography to provide encryption, access control, nonrepudiation, and message authentication, all using
IP-based protocols. The primary use of IPsec is for virtual private networks (VPNs), so IPsec can operate in
either transport or tunnel mode. IPsec is commonly paired with the Layer 2 Tunneling Protocol (L2TP) as
L2TP/IPsec.
 IPsec establishes a secure channel in either transport mode or tunnel mode.
o Tunneling: Whole Packet is encapsulated (Security). This mode is designed for gateway-to-gateway
communication.
o Transport: Only Payload is encapsulated (Performance). This mode is designed for peer-to-peer
communication.
 It can be used to establish direct communication between computers or to set up a VPN between networks.
IPsec uses two protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP).
o The Authentication Header (AH) provides assurances of message integrity and nonrepudiation but
not confidentiality. AH also provides authentication and access control and prevents replay attacks.
o The Encapsulating Security Payload (ESP) provides confidentiality and integrity of packet
contents but not the IP header. It provides encryption and limited authentication and prevents replay
attacks.
 Uses Diffie-Hellman for key exchange.
 The Internet Security Association and Key Management Protocol (ISAKMP) provides background security
support services for IPsec by negotiating, establishing, modifying, and deleting security associations. As you
learned in the previous section, IPsec relies on a system of security associations (SAs). These SAs are
managed through the use of ISAKMP.
o Authenticate communicating peers
o Create and manage security associations
o Provide key generation mechanisms
o Protect against threats (for example, replay and denial-of-service attacks)

Be able to explain common cryptographic attacks

 Brute-force attacks are attempts to randomly find the correct cryptographic key.
 Known plaintext, chosen ciphertext, and chosen plaintext attacks require the attacker to have some extra
information in addition to the ciphertext.
 The meet-in-the-middle attack exploits protocols that use two rounds of encryption.
 The man-in-the-middle attack fools both parties into communicating with the attacker instead of directly with
each other.
 The birthday attack is an attempt to find collisions in hash functions.
 The replay attack is an attempt to reuse authentication requests.
Understand uses of digital rights management (DRM)

 Digital rights management (DRM) solutions allow content owners to enforce restrictions on the use of their
content by others. DRM solutions commonly protect entertainment content, such as music, movies, and e-
books but are occasionally found in the enterprise, protecting sensitive information stored in documents.

Вам также может понравиться