Module 8:
Cryptography plays a pivotal role in safeguarding digital information and communications in the realm of cybersecurity. It is the science of converting plaintext data into a secure and unintelligible format, ensuring that only authorized parties can decipher it. In this post, we’ll explore the key concepts of cryptography and its crucial applications for a CompTIA Security+ professional.
Implementing Cryptography
- identify Advanced Cryptography Concepts
- Select Cryptographic Algorithms
- Configure a Public Key Infrastructure
- Enroll Certificates
- Back Up and Restore Certificates and Private Keys
- Revoke Certificates
Cryptography Elements
| Cryptographic Element | Description |
|---|---|
| Confusion | Relationship between ciphertext and encryption key is complex and opaque. Prevents attackers from looking for patterns between ciphertext and plaintext. |
| Diffusion | Ciphertext changes drastically on slightest change to plaintext input. Prevents attackers from determining parts of message encrypted by same key. |
| Collision | Two different plaintext inputs produce same exact ciphertext. Weakens integrity and enables attacker to replace one message with another. |
| Obfuscation | Similar to encryption, but no key involved, and not as secure. Anyone who knows the obfuscation algorithm can de-obfuscate the code. |
| pseudorandom number generator (PRNG) | An algorithm produces numbers that approximate true randomness. Based on seed state, which is passed into a formula to produce the number. Key generation tends to use pseudorandom numbers. |
| Perfect Forward Secrecy (PFS) | If a key is compromised, past sessions encrypted by the key will not be affected. Prevents attackers from decrypting previous sessions if they steal the key. |
Hashing Concepts
Cryptographic salt: A random value added to plaintext input during password hashing.
- Drastically changes message digest.
- If the salt changes, the same input with different salts will produce different digests.
- Salt is stored with message digests and is not hidden.
Attacker will need to generate unique rainbow tables to account for the salt.
- Rainbow table attacks therefore become ineffective.
Nonce: Similar to salt, but is a number used only once.
- Nonces dont repeat, but a salt can.
- Nonces used primarily in authentication protocols to prevent replay attacks.
Data States
Data at rest: Data stored on various media.
- Software and hardware can encrypt data at rest.
- In a breach, the data remains protected.
Data in transit: Data that moves from medium to medium.
- Encrypting data in transit prevents man-in-the-middle attacks.
- Secures transmission channel and data flowing through it.
Data in use: Data currently being created, deleted, read, or modified.
- Un-encrypted sessions during use can put the data at risk.
- Some mechanisms can encrypt the data in memory.
Key Exchange
The method by which cryptographic keys are transferred between entities.
- Both sender and receiver need to be equipped to encrypt and decrypt messages.
How they are equipped depends on the technique used:
- In symmetric cryptography, both need a copy of the same key.
- In asymmetric cryptography, anyone needing to encrypt a message needs the recipient’s public key.
In-band exchange uses the same path as the data being shared.
Out-of-band exchange uses a different path, like a phone call or physical meeting.
- Symmetric key cryptography requires out-of-band.
Symmetric Cipher
- Same Public key used by both parties.
Asymmetric Cipher
- Different Public key used by both parties.
Digital Signatures
A message digest that has been encrypted again with a user’s private key.
- Enabled by asymmetric algorithms.
- Encrypted hash is attached to message as a digital signature.
Digital signatures uphold:
- Authenticity
- Integrity
- Non-repudiation
Cipher Suites
A collection of symmetric and asymmetric algorithms used to establish secure connections between hosts.
- Commonly used with SSL/TLS.
Over 200 cipher suites available.
- Avoid suites with weak ciphers (e.g., key length of 40- or 56-bit).
A cipher suite includes:
- Key exchange algorithm.
- Bulk encryption algorithm.
- Message authentication code algorithm.
- Pseudorandom function.
TLS 1.3 (draft) defines cipher suites differently.
- Only includes symmetric ciphers and message authentication codes.
- TLS 1.3 cipher suites incompatible with earlier ones.
Session Keys
A single-use symmetric key used for encrypting all messages in a single series of related communications.
Reasons to use:
- Limits the amount of data encrypted with a key to reduce the effectiveness of analysis. .
- Can be faster and more efficient than asymmetric encryption alone.
Key Stretching
A technique that strengthens weak cryptographic keys against brute force attacks.
- Original key is run through a key stretching algorithm.
- Enhanced keys are usually larger than 128 bits.
Techniques include:
- Repeatedly looping hash functions.
- Repeatedly looping block ciphers.
- Configuring the ciphers schedule to increase setup time for the key.
Special Considerations for Cryptography
| Considerations | Description |
|---|---|
| Low latency | Every second counts when processing data. Cryptographic operations can add time to data processing. Objective is to achieve low latency. Latency is the time between input being added and output being obtained. |
| Low power devices | Low power devices are a good candidate for lightweight cryptography. loT and smart devices have resource constraints. Available resources need to be balanced with security requirements. Lightweight algorithms provide security while consuming minimal resources. |
| Leakage resiliency | Side-channel attacks glean info from physical implementations of cryptography. Can glean power consumption, processor state, etc. Attacker analyzes info to use in breaking implementation. Leakage resiliency: Eliminates or minimizes leakage. Decouples link between leaked info and secret materials. |
Types of Ciphers
| Cipher Type | Description |
|---|---|
| Stream cipher | Encrypts data one bit at a time. Relatively fast and requires little overhead. Ciphertext is same size as plaintext. Produces fewer errors and errors affect only one bit. |
| Block cipher | Encrypts data in blocks, usually 64-bit. Stronger and more secure than stream. Worse performance than stream. Mode of operation defines how plaintext is transformed into repeated blocks. |
Types of Hashing Algorithms
| Hashing Algorithm | Description |
|---|---|
| MD5 | Produces a 128-bit message digest. Created by Ronald Rivest and now in public domain. Weak and should be avoided, except for limited situations like computer forensics |
| SHA | Modeled after MD5, but stronger. 160-, 256-, 384-, and 512-bit modes. SHA-1 (160-bit) is being deprecated due to collision weaknesses. |
| RIPEMD | Based on the design principles of MD4. 128-, 160-, 256-, and 320-bit versions. Less popular than SHA. |
| Hash-Based Message Authentication Code (HMAC) | Adds authentication to integrity verification. Combines hashing with a secret key. Calculation is named based on hash algorithm used (e.g., HMAC-SHA256). |
Types of Symmetric Encryption Algorithms
| Symmetric Algorithm | Description |
|---|---|
| Data Encryption Standard (DES) | Encrypts data in 64-bit blocks using 56-bit key. Short key length makes it weak. Requires little performance overhead. |
| 3DES | Processes each block three times using the same key. Stronger than DES. Triples the performance impact of DES. |
| Advanced Encryption Standard (AES) | Block cipher used by U.S. government. 128-, 192-, or 256-bit key sizes. Very strong and better performance than 3DES. |
| Blowfish | 64-bit block cipher using a variable key length. No longer considered strong. Better performance than DES. |
| Twofish | Improvement on Blowfish. Block size of 128 bits and key sizes up to 256 bits. Uses a pre-computed algorithm called an S-box for key substitution. |
| Rivest Cipher (RC) | Series of algorithms with variable key lengths. RC4 is a stream cipher; RCS and RC6 are block ciphers. RC6 is strong and offers good performance. |
Types of Asymmetric Encryption Techniques
| Asymmetric Algorithm | Description |
|---|---|
| Rivest-Shamir-Adleman (RSA) | First successful public key algorithm. Variable key length and block size. Secure when using long keys. |
| Diffie-Hellman (DH) | Techniques provide secure key exchange. Forms the basis for algorithms like RSA and DHE. Key length is determined by DH groups. |
| Diffie-Hellman Key Exchange (DHE) | A variant of DH that uses ephemeral keys in an exchange. |
| Elliptic-curve cryptography (ECC) | A technique that uses elliptic curves over finite fields. Used with wireless and mobile devices. |
| Ephemeral Elliptic Curve Diffie-Hellman | A variant of DH that uses ECC and ephemeral keys. |
| Digital Signature Algorithm (DSA) | Standard for digital signature authentication and integrity verification. |
| Pretty Good Privacy, Gnu Privacy Guard (PGP/GPG) | PGP is proprietary software for public key-based email encryption. GPG is the open-source version of PGP. |
Types of Key Stretching Algorithms
Password-Based Key Derivation Function 2 is a key derivation function that uses five input parameters to create a derived key.
Parameters:
- A pseudorandom function such as a hash.
- A Master password used to derive keys.
- A salt.
- The number of iterations for the function to loop.
- The length of the derived key.
bcrypt is a key derivation function based on the Blowfish cipher.
- Uses a salt, but adapts over time by increasing iteration count.
- Implementations available for Ruby, Python, C, Java, and many other languages.
Substitution Ciphers
Substitution cipher is a cipher in which each unit of plaintext is kept in the same position, but its value is changed.
- A basic form of obfuscation.
- To de-obfuscate the ciphertext, the inverse substitution is applied.
ROT13 is a simple substitution cipher that replaces a letter with the letter that is 13 letters after it in the alphabet.
- The letter A becomes the letter N.
- The term substitution cipher becomes fhofgvghgvba pvcure.
- These kind of ciphers are used as a teaching tool, not for serious cryptography.
- The concept of substitution is still used in secure contexts (e.g., S-box).
Exclusive Or
An operation that outputs to true only if one input is true and the other input is false.
- The operation is called XORing; two inputs are said to be XoRed.
- XORing is bitwise, the operation works on each bit.
- Binary value of L is 01001100 and 0 is 01001111. 0 represents false, 1 represents true.
- Commonly used to obfuscate malicious code.
- XORing is quick, simple, and light on performance.
- Malware is run through a XOR obfuscator to make the code difficult to analyze.
Cryptographic Modules
Cryptographic module is software or hardware solution that implements one or more cryptographic concepts.
- Once you select an algorithm, you need to apply it through a module.
Cryptographic Service Provider (CSP) is a Windows software library that implements Microsoft’s CryptoAPI.
- Several CSPs are offered.
- Developers can design their apps to call a CSP to perform cryptographic services.
- Example: Microsoft Enhanced Cryptographic Provider can generate 128-bit RC4 keys.
CSP specifies:
- Encryption algorithm
- Key length
- Key exchange algorithm
- And more
Public Key Infrastructure (PKI)
A system composed of various cryptographic components for the purpose of enabling authenticity and validation of data and entities.
- Can be implemented in hierarchical structures.
- Can be publicly available or privately maintained.
- Implements asymmetric cryptography for encryption/decryption of network data, Including Internet-based transactions.
PKI Components
| PKI Components | Description |
|---|---|
| Digital certificate | Electronic document that associates credentials with public key. Validates holders identity through digital signature. Distributes public key. Contains identity information. |
| OID | Provides certificate identity information. Multiple OIDs that define a dimension of an owners identity. Formatted as numbers separated by periods: 2.5.4.10 is Organization. |
| CA | Server that issues digital certificates Maintains associated keypair. |
| RA | Server that verifies user/device identities. Approves or denies certificate requests. |
| CSR | A message sent to a CA applying for a certificate. Includes certificate details like public key, signature, and other identifying info. |
CA Hierarchies
CA Hierarchies is a single CA or group of CAs that work together to issue digital certificates.
- Each CA works in a parent-child relationship with CAs above and below it.
- Hierarchy ensures CAs distribute workload and provide certificates more efficiently.
- If CA is compromised, only its children are compromised as well.
Chain of trust is the process by which an entity validates a certificate from the bottom of the hierarchy to the top.
- Certificate may be signed by another CA, which is signed by another CA above it, etc.
- Entity must trust all links (CAS) in the chain.
The Root CA
The topmost CA in the hierarchy and the most trusted authority.
- Self-signs first certificate in the chain.
- Must be secure; if compromised, all other certificates are invalid.
Offline Root CAs
Organizations will take the root CA offline after setting it up.
- Offline means disconnecting from the network and powering down.
- The subordinate CAs will issue the remaining certificates.
- Ensures that root CA is not network accessible.
- A compromised root means a compromise of all other certificates in the hierarchy.
- Keeping the root CA online is a significant risk.
Types of Certificates
| Certificate Type | Description |
|---|---|
| Self-signed | Certificate owned by same entity that signs it. Does not recognize higher authority in the chain. Requires client to trust entity directly. |
| Root | Issued by CA. Certifies all other certificates below it. Must be self-signed. |
| User | Issued to users when password authentication is discouraged. Example: User presents certificate to SSH server for remote authentication. |
| Computer | Computers need access to other computers/resources. Can use certificates for authentication rather than passwords. |
| Used to encrypt and authenticate email messages. Used in S/MIME; similar to PGP but relies on centralized PKI. | |
| Code signing | Developers digitally sign source code so customers can validate apps. Code is often self-signed but can be signed by CA-issued certificates. |
| SAN | Organization has multiple domains it wants covered in a single certificate. SAN is an extension to X.509 that enables this. Example: develetech.com and develetech.org on single certificate. |
| Wildcard | Similar to SAN but enables certification of subdomains. Example: products.develetch.com, sales.develetech.com, news.develetech.com. All formatted under *.develetech.com. |
| DV | Proves some entity has control over a particular domain. Does so by methods like emailing the contact listed in WHOIS search. Doesn’t actually prove an entity legally owns the domain. |
| EV | Offers stronger proof of legal ownership of a domain. Public CAs use thorough checks to validate ownership. Example: Verifying contact by phone number and requiring a supervisor. |
X.509
A standard for formatting digital certificates used in a PKI.
- Defines the structure of a certificate with information provided in CSR.
Includes:
- The public key.
- The X.509 version.
- The certificates serial number.
- The algorithm used to sign the certificate.
- The name of the issuing entity. The validity period.
- The name of the subject being certified.
- Optional organizational/regional attributes.
Certificate File Formats
| X.509 File Format | Description |
|---|---|
| .der | Encodes certificate in binary DER format. |
| .pen | Encodes DER certificates in Base64. File Starts with —–BEGIN CERTIFICATE—– File Ends with —–END CERTIFICATE—– |
| .cer | Encodes certificate in binary DER format. May also include PEM-encoded data on windows systems. Unix like equivalent is .crt extension. |
| .p7b | Uses PKCS#7 to encode certificate in Base64. Cannot obtain private key data. |
| .p12 | Uses PKCS#12 to encode certificate data in Base64. Can contain private key data and may be password protected. |
| .pfx | Predecessor to PKCS#12 developed by Microsoft. Two formats often used interchangeably. |
CA Hierarchy Design Options
| Company Profile | CA Hierarchy Implementation |
|---|---|
| A few dozen local employees | Single root CA with no subordinates. Services all employees in local office. |
| Thousands of employees worldwide | Subordinate CAs are designated by geographic location. Balances number of issued certificates among individual CAs. |
| Individuals need to access specific applications only. | Subordinate CAs are designated by function or department. CAs serve groups of people with specific resource needs. |
| Tight security allows individuals to have differing levels of access to the same resources | Subordinate CAs are designated by security requirements. Some CAs may issue a certificate with network ID and password. Other CAs require a person to present a valid driver’s license. |
The Certificate Enrollment Process
Authentication
- Policy applied.
- Request sent to CA.
- Entity notified.
- Certificate request.
- Certificate installed.
- Certificate issued.
The Certificate Lifecycle
- Certificate is suspended.
- Root issues self-signed certificate.
- Certificate is enrolled.
- Certificate is renewed.
- Certificate is revoked.
Certificate Lifecycle Management
- The longer the lifecycle, the less admin overhead.
- Long lifecycle gives attackers more time to break encryption or compromise system.
- Short lifecycle may be more conducive to advances in cryptography.
- Lifecycle will be based on business and security needs.
The SSL/TLS Connection Process
- Client sends request.
- Server responds with certificate.
- Encryption negotiated.
- Client sends encrypted session key.
- Connection is encrypted.
Private Key Protection Methods
- Back it up to removable media and store the media securely.
- Delete it from insecure media.
- Require a password to restore the private key.
- Never share a key.
- Never transmit a key on the network or across the Internet after it is issued.
- Consider using key escrow to store a private key with trusted third parties.
Key Escrow
Key escrow is a method of storing private keys securely while allowing trusted third parties to access keys under predefined conditions.
- An alternative to key backups.
Key escrow agent is the third party in a key escrow system.
- Government agency may require private keys to be stored in escrow with the agency
Commercial CAs can also provide escrow services.
- Useful for organizations who want to offload management of private keys.
Private Key Restoration Methods
- If key is lost or damaged, you must restore from a backup or escrow.
In escrow, key is divided among agents.
- Agents use the parts to reconstruct the lost key or decrypt data directly.
- Otherwise, key must be restored from backup location.
Private Key Replacement
- Recover the private key.
- Decrypt and encrypt data.
- Destroy the original private key.
- Obtain a new key pair.
- Re-encrypt the data using the new private key.
Certificate Revocation
- The certificate owners private key has been compromised or lost.
- The certificate was obtained by fraudulent means.
- The certificate has been superseded by another certificate.
- The certificate holder is no longer trusted.
Certificate Revocation List
The Certificate Revocation List is a list of certificates that were revoked before the expiration date.
- Each CA has its own CRL.
- Access through directory services or website.
CRL typically contains:
- Requesters name.
- Request ID number.
- Reason for revocation.
- Other pertinent info.
Many programs will check CRL for status of certificate.
- If the certificate is revoked, the app will reject it.
- CRL is not mandatory and may not be available.
Online Certificate Status Protocol
A HTTP-based protocol for dynamically checking the status of revoked certificates.
- OCSP is an alternative to using CRLs.
General process:
- OCSP server accepts a request to check a certificates status.
- OCSP server searches the CA database by the certificates serial no.
- OCSP server then sends the certificates status to the requester.
Main advantage over CRL is the reduced overhead.
- Specific responses contain less data than entire revocation lists.
- Benefits both client and network.
OCSP does not encrypt these transmissions by default.
- Attacker may be able to learn when a certificate was used and what resource it applies to.
In summary, cryptography is a cornerstone of cybersecurity, protecting data, communication, and privacy. Understanding its core concepts, applications, and challenges is essential for any professional in the field. As a CompTIA Security+ professional, mastering cryptography, you can contribute to the defense of digital information and secure the digital world.
You can find all of our CompTIA Sec+ guides here: CompTIA Sec+
We also have guides for the CompTIA A+ here: CompTIA A+
Recommendation:
Basic Security Testing with Kali Linux: https://amzn.to/3S0t7Vq
