Chapter 3
Cryptography

  1. image III. Security
    • D. Cryptography
  2. image IV. Tools/Systems/Programs
    • C. Access control mechanisms
    • D. Cryptography techniques
  3. image V. Procedures/Methodology
    • A. Cryptography
    • B. Public key infrastructure (PKI)

This chapter covers cryptography, a topic and body of knowledge that you will encounter over and over again during your career as a pen tester, IT person, or security manager. Having a firm grip of the technology and science is indispensable because cryptography is critical in so many areas. This chapter covers the following aspects of cryptography:

Cryptography is the body of knowledge that relates to the protection of information in all its forms. Through the application of cryptography, you can safeguard the confidentiality and integrity of information. Cryptography provides you with a means of keeping information away from prying eyes and gives you a way to keep the same information intact. This chapter focuses on cryptography and its application in the modern world, but first it delves into some of the rich history of the science to give you a firm foundation on which you can build your knowledge.

The science of cryptography provides a unique set of abilities that have been around as long as humans have wanted to share information with some but not with others. Although technology, science, and computers have improved on the older methods, what has remained a constant is the underlying goal of protecting information.

You may have opened this book with little or no knowledge of the technology, or maybe you have a basic understanding. In either case, this chapter will get you where you need to be for the CEH exam and will move cryptography out of the realm of secret agents, spies, and puzzles and into the realm of practical applications and usage. You’ll learn about something that is woven into the fabric of your everyday life—from the phone in your pocket, to the computer on your lap, and even to that card you stick in the ATM or use to charge dinner.

Cryptography: Early Applications and Examples

So what is cryptography? Why should you even care? Well, let’s see if I can answer these questions by looking at the body of knowledge and exploring its depths. Cryptography deals with protection and preservation of information in all its forms. This science has evolved dramatically over time, but its underlying goal has never changed, though the tools have. As information has changed and human beings have gotten smarter, the technology has become substantially more advanced to keep up with changing issues and threats. If you look back in time and trace the evolution of the science up to the current day, you’ll see that technology in the form of increasingly powerful computers has made the process more complex and innovative as well as stronger.

In the field of cryptography, the topic of encryption gets by far the most attention and can probably be said to be the “sexy” form of the art. Other techniques such as steganography also belong in this field, but encryption is the one that attracts the most attention for manipulating and protecting information. Also within the field of cryptography is something known as cryptanalysis, which deals with unlocking or uncovering the secrets that others try so hard to hide or obscure. Cryptanalysis is an old science that has been around as long as people have been trying to keep things secret.

History of Cryptography

I know you purchased this book not for history lessons, but for information on how to become an ethical hacker. Yet you can learn things by studying the history of cryptography that can help you relate to the techniques a little better. Early cultures taught us that cryptography is simply a technique or group of techniques used to protect information. The primitive techniques of times past may look antiquated and simple in the face of today’s complex and mind-numbing technologies, but the basic concept has not changed.

Cryptography is far from being a new technology and has existed for a very long time. The story goes back at least 4,000 years if not longer. Some systems developed during the science’s long history may have dropped out of use whereas others have evolved, yet the concept is the same. Let’s look at some of the early applications of cryptography to demystify this topic and make it more understandable.

The intricate patterns and glyphs used in Egyptian hieroglyphics were commonly used for spiritual and religious reasons. The ancient Egyptians were probably using the system not so much to withhold secrets but because they wanted a special writing system to commune with their gods and eternity. It is believed that only members of the royal family and the religious orders could fully understand how to read and write the system and comprehend it fully.

The pictograms served as a way to illustrate the life story of the deceased of royal and noble descent. From what we can tell, the language was purposely controlled and designed to be cryptic, to provide an air of mystery about it, and to inspire a sense of awe. However, over time the writing system became more complex; eventually the public and those who could write the language either passed away or turned their interests to other endeavors, and the ability to decipher the symbols was lost for a time. It wasn’t until the middle of the eighteenth century that several attempts were made by Europeans to uncover its secrets, which were perceived to be either mystical or scientific. The symbols, despite the work of scholars, stubbornly held onto their secrets for many more years.

In 1799, a chance discovery in the sands of Egypt by the French Army uncovered something that would be instrumental in decoding the language. The Rosetta Stone was the key that allowed modern civilization to understand a language that was nearly lost, though it took over 20 years of concerted effort to reveal the language to the world once again.

Tracing the Evolution

As with the ancient Egyptians and Romans, who used secret writing methods to obscure trade or battle information and hunting routes, one of the most widely used applications of cryptography is in the safeguarding of communications between two parties wanting to share information. Guaranteeing that information is kept secret is one thing, but in the modern world it is only part of the equation. In today’s world, information must not only be kept secret, but provisions to detect unwelcome or unwanted modifications are just as important. In the days of Julius Caesar and the Spartans, keeping a message secret could be as simple as writing it in a language the general public didn’t, or wasn’t likely to, understand. Later forms of encryption require that elaborate systems of management and security be implemented in order to safeguard information.

Is the body of knowledge relating to cryptography only concerned with protecting information? Well, in the first few generations of its existence the answer is yes, but that has changed. The knowledge is now used in systems to authenticate individuals and to validate that someone who sent a message or initiated an action is the right party.

Cryptography has even made some of the everyday technologies that you use possible. One area that owes its existence to cryptography is e-commerce. E-commerce demands the secure exchange and authentication of financial information. The case could be made that e-commerce would not exist in anything resembling its current form without the science of cryptography.

Another area that has benefited tremendously from the science of cryptography is mobile technologies. The careful and thoughtful application of the science has led to a number of threats such as identity theft being thwarted. Mobile technologies implement cryptographic measures to prevent someone from duplicating a device and running up thousands in fraudulent charges or eavesdropping on another party.

So what does the field focus on? Each of the following is a topic you need to understand to put the tools and techniques in their proper context:

Confidentiality Confidentiality is the primary goal that cryptography seeks to achieve. Encryption information is done to keep that information secret or away from prying eyes. Under the right conditions, encryption should be impossible to break or reverse unless an individual possesses the correct key. Confidentiality is the more widely sought aspect of encryption.

Integrity Cryptography can help you detect changes in information and thus determine its integrity. You’ll learn more about this in the section “Understanding Hashing,” later in this chapter.

Authentication Cryptography allows a person, object, or party to be identified with a high degree of confidence. Authentication is an essential component of a secure system because it allows software and other things to be positively identified. A common scenario for authentication nowadays is in the area of device drivers, where it provides a means of having a driver signed and verified as coming from the actual vendor and not from some other unknown (and untrusted) source. Authentication in the context of electronic messaging provides the ability to validate that a particular message originated from a source that is a known entity which, by extension, can be trusted.

Nonrepudiation The ability to provide positive identification of the source or originator of an event is an important part of security. One of the most common applications of nonrepudiation and cryptography is that of digital signatures, which provides positive identification of where the message came from and from whom.

Key Distribution Arguably one of the most valuable components of a cryptosystem is the key, which represents the specific combination or code used to encrypt or decrypt data.

Cryptography in Action

You will encounter cryptography in many forms throughout this book. It is applied to many different technologies and situations and, as such, is something you need to have a firm grasp of.

Some examples of applied cryptography are:

In many cases, encryption technologies are not only an important part of a technology or system but a required part that cannot be excluded. For example, e-commerce and similar systems responsible for performing financial transactions cannot exclude encryption for legal reasons. Introducing encryption to a system does not ensure bulletproof security as it may still be compromised—but encryption does make hackers work a little harder.

So How Does It Work?

Cryptography has many different ways of functioning. Before you can understand the basic process, you must first become familiar with some terminology. With this in mind, let’s look at a few of the main terms used in the field of cryptography.

Plaintext/Cleartext Plaintext is the original message. It has not been altered; it is the usable information. Remember that even though Caesar’s cipher operates on text, it is but one form of plaintext. Plaintext can literally be anything.

Ciphertext Ciphertext is the opposite of plaintext; it is a message or other data that has been transformed into a different format using a mechanism known as an algorithm. It is also something that can be reversed using an algorithm and a key.

Algorithms Ciphers, the algorithms for transforming cleartext into ciphertext, are the trickiest and most mysterious part of the encryption process. This component sounds complex, but the algorithm or cipher is nothing more than a formula that includes discrete steps that describe how the encryption and decryption process is to be performed in a given instance.

Keys Keys are an important, and frequently complicated, item. A key is a discrete piece of information that is used to determine the result or output of a given cryptographic operation. A key in the cryptographic sense can be thought of in the same way a key in the physical world is: as a special item used to open or unlock something—in this case, a piece of information. In the encryption world, the key is used to produce a meaningful result and without it a result would not be possible.

Next let’s look at the two major types of cryptography: symmetric and asymmetric (aka public-key cryptography).

Symmetric Cryptography

Symmetric algorithms do some things really well and other things not so well. Modern symmetric algorithms are great at all of the following:

  • Preserving confidentiality
  • Increasing speed
  • Ensuring simplicity (relatively speaking, of course)
  • Providing authenticity

Symmetric algorithms have their drawbacks in these areas:

  • Key management issues
  • Lack of nonrepudiation features

First let’s focus on the defining characteristic of symmetric encryption algorithms: the key. All algorithms that fit into the symmetric variety use a single key to both encrypt and decrypt (hence the name symmetric). This is an easy concept to grasp if you think of a key used to lock a gym locker as the same key used to unlock it. A symmetric algorithm works the exactly the same way: the key used to encrypt is the same one used to decrypt.

Common Symmetric Algorithms

There are currently a myriad of symmetric algorithms available to you; a Google search turns up an endless sea of alphabet soup of algorithms. Let’s look at some common algorithms in the symmetric category:

Data Encryption Standard (DES) Originally adopted by the U.S. government in 1977, the DES algorithm is still in use today. DES is a 56-bit key algorithm, but the key is too short to be used today for any serious security applications.

Triple DES (3DES) This algorithm is an extension of the DES algorithm, which is three times more powerful than the DES algorithm. The algorithm uses a 168-bit key.

Blowfish Blowfish is an algorithm that was designed to be strong, fast, and simple in its design. The algorithm uses a 448-bit key and is optimized for use in today’s 32- and 64-bit processors (which its predecessor DES was not). The algorithm was designed by encryption expert Bruce Schneier.

International Data Encryption Algorithm (IDEA) Designed in Switzerland and made available in 1990, this algorithm is seen in applications such as the Pretty Good Privacy (PGP) system (see the section “Pretty Good Privacy” later in this chapter).

MARS This AES finalist was developed by IBM and supports key lengths of 128–256 bits.

RC2 Originally an algorithm that was a trade secret of RSA Labs, the RC2 algorithm crept into the public space in 1996. The algorithm allows keys between 1 and 2,048 bits. The RC2 key length was traditionally limited to 40 bits in software that was exported to allow for decryption by the U.S. National Security Agency.

RC4 Another algorithm that was originally a trade secret of RSA Labs, RC4, was revealed to the public via a newsgroup posting in 1994. The algorithm allows keys between 1 and 2,048 bits.

RC5 Similar to RC2 and RC4, RC5 allows users to define a key length.

RC6 RC6 is another AES finalist developed by RSA Labs and supports key lengths of 128–256 bits.

Rijndael or Advanced Encryption Standard (AES) The successor to DES and chosen by the National Institute of Standards and Technology (NIST) to be the new U.S. encryption standard. The algorithm is very compact and fast and can use keys that are 128, 192, or 256 bits long.

Serpent This AES finalist, developed by Ross Anderson, Eli Biham, and Lars Knudsen, supports key lengths of 128–256 bits.

Twofish This AES candidate, also developed by Bruce Schneier, supports key lengths of 128–256 bits.

Asymmetric, or Public Key, Cryptography

Asymmetric, or public key, cryptography is a relatively new form of cryptography that was only fully realized in the mid-1970s by Whitfield Diffie and Martin Hellman. The new system offered advantages, such as nonrepudiation and key distribution benefits, that previous systems did not.

Public key systems feature a key pair made up of a public and a private key. Each person who participates in the system has two keys uniquely assigned to them. In practice the public key will be published in some location whereas the private key will remain solely in the assigned user’s possession and will never be used by anyone else (lest security be compromised).

Both keys can be used to encrypt, but when either key is used only the other key can reverse it. For example, if you were to encrypt a message with my public key I am the only one who could decrypt it since I have the private key that can open it. The reverse is true as well.

The only requirement is that public keys must be associated with their users in a trusted manner. With PKI, anyone can send a confidential message by using public information, though the message can be decrypted only with the private key in the possession of the intended recipient. Furthermore, public key cryptography meets the needs for privacy and authentication.

How Does It Work?

In our example Alice wants to send a message to Bob and keep it secret at the same time. To do so Alice will locate Bob’s public key and use it to encrypt her message. Once she sends the message to Bob, he will use his private key to decrypt the message. No intermediate party will be able to view the message since only one person, Bob, has the means to decrypt it.

If the other key is used—the private key—then a process using digital signatures becomes possible. Since anything encrypted with the private key can be reversed only with the public key and only one person holds, or should hold, the corresponding private key, then the identity of the encrypting party can be assured.

Signing an electronic message involves the following process: In our example Alice will create a message and then perform a special type of mathematical computation against it; then she will use her private key to complete the operation. If Bob receives the message, he will simply retrieve Alice’s public key and use it to verify that the private key was used. If the process can be reversed with the key, that means it came from Alice; if it can’t, then it didn’t come from Alice.

A hash function is used in both creating and verifying a digital signature. A hash function is an algorithm that creates a digital representation, or fingerprint, in the form of a hash value or hash result of a standard length (which is usually much smaller than the message but unique to it). Any change to the message invariably produces a different hash result when the same hash function is used. In the case of a secure hash function, known as a one-way hash function, it is not possible to derive the original message from the hash value.

To perform verification of the message, hashing is used as part of the digital signature creation. When the message is received by the intended party or parties, the hashing process is re-created and then compared to the one the original sender created. If the two match, the message is verified as being unchanged because the hashes match.

But How Do You Know Who Owns a Key?

How do you know a key belongs to a certain individual? Well, that’s where certification authorities (CAs) come into play. To bind a key pair to a specific signer, a CA will issue what is known as a digital certificate, an electronic credential that is unique to a person, computer, or service. When a party is presented with the certificate, they can view the credential, inspect the private key, and use it to verify the private key, or more accurately, anything that was performed with the private key.

The certificate is issued under certain conditions, and if those conditions are violated or called into question, then the certificate must be revoked. If the user were to lose control of the private key, the certificate becomes unreliable, and the CA may revoke the certificate.

A digital certificate is a cryptographically sealed object that is populated with various pieces of information. Some of the items included on the digital credential are:

  • Version
  • Serial number
  • Algorithm ID
  • Issuer
  • Validity
  • Not before
  • Not after
  • Subject
  • Subject Public Key Info
  • Public Key Algorithm
  • Subject Public Key

The certificate is signed by generating a hash value and encrypting it with the issuer’s private key. At this point if the certificate is altered—for example, if a party tries to replace the public key—the certificate becomes invalid and the client should see a warning indicating that. If a client possesses the issuer’s public key and trusts the issuer of the key, then the client will assume the public key in the certificate checks out. For an attacker to compromise the system, they would have to have access to either the private key of the server or the private key of the issuer to successfully impersonate one of the parties.

A digital certificate allows you to associate the public key with a particular service, such as a web server, for use in e-commerce.

Authenticating the Certificate

A digital certificate complements or replaces other forms of authentication. A user who presents the credential must have a method in place that allows for the credential to be validated. One such method is the CA. When you present a certificate to another party, the credential is validated and allows the party or parties of a transaction to have their identities confirmed. Once a series of steps is undertaken, secure communication or the validation of items such as the digital signature can take place.

Enter the PKI System

A CA creates and revokes certificates that it has in its control along with the associated public keys. A CA can be controlled by a company for its internal use or by a public entity for use by any who wish to purchase a credential from the controlling party.

A CA is a trusted third party that is responsible for issuing, managing, identifying, and revoking certificates as well as enrolling parties for their own certificates. The CA vouches for the identity of the holder of any given certificate. A CA issues credentials to banks, webmail, VPNs, smart cards, and many other entities. The CA gathers information, validates, and issues a credential to the requesting party if everything checks out.

The CA will require a party to provide information that proves identity. Items such as name, address, phone, physical data such as faxed records, and other records and personal interviews might also be required as policy dictates. Once this information is obtained and validated, the CA will issue the certificate or validate an existing certificate. A publicly owned CA such as Thawte or VeriSign typically will perform a background check by asking the requester to provide documentation such as a driver’s license, passport, or other form of ID.

When a CA issues a certificate, a series of actions that you should know about takes place:

  1. The request is received.
  2. Background information is requested by the CA and validated.
  3. The information provided by the requester is applied to the certificate.
  4. The CA hashes the certificate.
  5. The issuing CA signs the certificate with their private key.
  6. The requester is informed that their certificate is ready for pickup.
  7. The requester installs the certificate on their computer or device.

A CA is able to perform a number of roles in addition to the validation process outlined here. Some actions that a CA is called on to perform include the following:

Generation of the Key Pair When a CA goes through the process of creating a certificate, a key pair that is made up of a public and private key is generated. The public key is made available to the public at large whereas the private key is given to the party requesting the digital certificate.

Generation of Certificates The CA generates digital certificates for any authorized party when requested. This certificate is generated after validation of the identity of the requesting party, as mentioned earlier.

Publication of the Public Key The public key is bound to each digital certificate. Anyone who trusts the CA or requests the public key will get the key for their use.

Validation of Certificates When a certificate is presented by one party to another it must be validated. Since both parties involved typically do not know each other, they must rely on a third party who is trusted; this is the role of the CA.

Revocation of Certificates If a certificate is no longer needed or trusted, it can be revoked before it expires.

All CAs are not the same. The types of CAs are as follows:

Root CA The root CA initiates all trust paths. The root CA is the top of the food chain and thus must be secured and protected; if its trust is called into question, all other systems will become invalid.

Trusted Root CA A trusted root CA of a CA which is added to an application such as a browser by the software vendor. It signifies that the application vendor trusts the CA and assigns the entity a high level of trust.

Peer CA The peer CA provides a self-signed certificate that is distributed to its certificate holders and used by them to initiate certification paths.

Subordinate CA A subordinate CA does not begin trust paths. Trust initiates from a root CA. In some deployments, a subordinate CA is referred to as a child CA.

Registration Authority (RA) The RA is an entity positioned between the client and the CA that is used to support or offload work from a CA. Although the RA cannot generate a certificate, it can accept requests, verify a person’s identity, and pass along the information to the CA that will perform the actual certificate generation. RAs are usually located at the same level as the subscribers for which they perform authentication.

Building a PKI Structure

Now that you understand what CA and digital certificates are, let’s build a public-key infrastructure (PKI) system. The term does not refer to a single technology but rather a group of technologies and concepts that work together as a unit to accomplish the tasks we described earlier. PKI is designed to validate, issue, and manage certificates on a large scale. The system is simply a security architecture that you can use to provide an increased level of confidence for exchanging information over an insecure medium.

Any systems that interact with this system must be PKI aware, but that is a common feature in today’s environment. A PKI-aware application is any application that knows how to interact with a PKI system. Most applications have this ability, including web browsers, e-mail applications, and operating systems. All these applications offer the ability to interact with the system described in this chapter and do so transparently.

When working with PKI, understand that tying the whole system together is trust. Trust is absolutely important as without it the system falls apart pretty quickly.

Putting all the building blocks together, it is possible to see the whole process of creating a digital signature. Digital signatures make use of several types of encryption such as asymmetric, public and private key encryption, and hashing. By combining these cryptographic functions, you can provide authentication of a message or digital item. Let’s look at each component:

Public/Private Key Encryption Though you can encrypt with a private key and then decrypt whatever you have encrypted by accessing the public key on the corresponding digital certificate for the encrypting party, it does not provide all of what you need. However, since a public key is possessed by a specific party, only it can play an important part in digital signatures.

Digital Certificates Certificates are an essential component of a digital signature. Remember earlier when I said that a public key is bound to a digital certificate? This fact pays off its reward here. The digital certificate tells the recipient of the public key that it belongs to a specific party and, by extension, it is the companion of the private key.

Hashing This is the mechanism that lets you know whether or not an item has been altered. The hash states that the signer agrees to the current state of the document. You’ll learn more about this topic in the next section.

Understanding Hashing

Simply put, hashing is one-way encryption. It is a form of encryption that creates a scrambled output that cannot be reversed, or at least cannot be reversed easily. The process of hashing takes plaintext and transforms it into ciphertext, but does so in such a way that it is not intended to be decrypted. The process outputs what is known as a hash, hash value, or message digest.

Designed to be a one-way process, hashing is commonly used to validate the integrity of information. A hash function generates a fixed-length value that is always the same length no matter how large or small the data entering the process or algorithm is. The resulting output, as we already discussed, is intended to be nonreversible or very nearly impossible to reverse. The fixed-length value is unique for every different input that enters the process. It is due to this unique property and its behavior that hashes are used to detect the changes that can happen in data of any type.

Hashing lets you easily detect changes in information: anything that is hashed and then changed, even a small amount, will result in an entirely different hash from the original. Hashed values are the result of information being compressed into the fixed-length value. A one-way hash function is also sometimes referred to as a one-time cipher key, or a thumbprint.

The following is a list of hashing algorithms currently in use:

Message Digest 2 (MD2) A one-way hash function used in the privacy-enhanced mail (PEM) protocols along with MD5.

Message Digest 4 (MD4) A one-way hash function used for PGP and other systems. MD4 has been replaced by MD5 in most cases.

Message Digest 5 (MD5) An improved and redesigned version of MD4 that produces a 128-bit hash. MD5 is still extremely popular in many circles, but it is being phased out due to weaknesses that have led to the system being vulnerable. In many cases, MD5 has been replaced with SHA2.

Message Digest (MD6) A hashing algorithm that was designed by Ron Rivest.

HAVAL A variable-length, one-way hash function and modification of MD5.

Whirlpool A hashing algorithm designed by the creators of AES.

Tiger A hash that is optimized for 64-bit processors but works well on other systems.

RIPE-MD A hashing algorithm commonly used in Europe.

Secure Hash Algorithm-0 (SHA-0) Used prior to SHA-1 and has since been replaced by SHA-1.

Secure Hash Algorithm-1 (SHA-1) One of the other more commonly used hashing algorithms. It has been broken.

Secure Hash Algorithm-2 (SHA-2) Designed to be an upgrade to SHA-1.

Let’s look at an example of the hashing process. Say you have two parties, Sean and Katrina. Sean is the sender of the message and Katrina is the receiver:

  1. Sean creates a message.
  2. Sean hashes the message using an algorithm such as MD5 or SHA2.
  3. Sean encrypts the hash with his private key.
  4. Sean binds the encrypted bundle and the plaintext message together.
  5. Sean sends the combination to Katrina.
  6. Katrina sees that the message came from Sean.
  7. Seeing who the sender is, Katrina retrieves Sean’s public key from the CA they both trust.
  8. Katrina decrypts the hash; it decrypts successfully, thus validating the identity of the sender (Sean).
  9. After the hash is decrypted, Katrina reruns the MD5 algorithm against the plaintext message and compares the new hash with the one she received from Sean.
  10. If the two hashes match, the message has not been altered since Sean signed it.

Issues with Cryptography

Much like any system that will be explored in this text, cryptography has its faults and potential attacks. Attacks are designed to leverage weaknesses in both implementation and logic in many cases. However one thing that should always be kept in mind is that no matter how strong or well designed a system may be, it will always be vulnerable to those with enough computing power, time, and determination.

The first type of attack we’ll look at is the one most commonly seen in movies, books, and other media: the brute-force attack. A brute-force attack works by trying every possible combination of codes, symbols, and characters in an effort to find the right one. DES is vulnerable to brute-force attacks, whereas Triple-DES encryption is very resistant to brute-force attacks due to the time and power involved to retrieve a key; see Table 3.1.

TABLE 3.1 Cracking times for 40- and 56-bit keys

Budget 40-bit key 56-bit key
Regular User 1 week 40 years
Small Business 12 minutes 556 days
Corporation 24 seconds 19 days
Large Multinational 0.005 seconds 6 minutes
Government 0.0002 seconds 12 seconds

In addition to a brute-force attack, other methods designed to recover a key include:

Ciphertext-only Attack The attacker has some sample of ciphertext but lacks the corresponding plaintext or the key. The goal is to find the corresponding plaintext in order to determine how the mechanism works. Ciphertext-only attacks tend to be the least successful based on the fact that the attacker has very limited knowledge at the outset.

Known Plaintext Attack The attacker possesses the plaintext and ciphertext of one or more messages. The attacker will then use this acquired information to determine the key in use. This attack shares many similarities with brute-force attacks.

Chosen Plaintext Attack The attacker is able to generate the corresponding ciphertext to deliberately chosen plaintext. Essentially, the attacker can “feed” information into the encryption system and observe the output. The attacker may not know the algorithm or the secret key in use.

Chosen Ciphertext Attack The attacker is able to decrypt a deliberately chosen ciphertext into the corresponding plaintext. Essentially, the attacker can “feed” information into the decryption system and observe the output. The attacker may not know the algorithm or the secret key in use.

Another type of successful attack involves not even cracking the key but simply recording some traffic and replaying it later. This type of attack requires that the attacker record network traffic through sniffing and then retransmit the information later or extract the key from the traffic.

Another related attack is the man-in-the-middle (MITM) attack, which is carried out when the attacker gets between two users with the goal of intercepting and modifying packets. Consider that in any situation in which attackers can insert themselves in the communications path between two users, the possibility exists that the information can be intercepted and modified.

Do not forget that social engineering can be effective in attacking cryptographic systems. End users must be trained to protect sensitive items such as private cryptographic keys from unauthorized disclosure. Attackers are successful if they have obtained cryptographic keys, no matter how the task was accomplished. If they can decrypt sensitive information, it is “game over” for the defender. Social engineering attacks can take many forms, including coercing a user to accept a self-signed certificate, exploiting vulnerabilities in a web browser, or taking advantage of the certificate approval process to receive a valid certificate and apply it to the attacker’s own site.

Applications of Cryptography

Cryptography can be applied in communication of data and information, which we will see in the form of IPSec, SSL, and PGP. In this section we will examine these applications and see how cryptography fits in.

IPSec

Internet Protocol Security (IPSec) is a set of protocols designed to protect the confidentiality and integrity of data as it flows over a network. The set of protocols is designed to operate at the Network layer of the OSI model and process packets according to a predefined group of settings.

Some of the earliest mechanisms for ensuring security worked at the Application layer of the OSI model. IPSec is a new technology that works at the Network layer of the OSI model and has proven to be more successful than many of the previous methods. IPSec has been widely adopted not only because of its tremendous security benefits, but also because of its ability to be implemented without major changes to individual computer systems. IPsec is especially useful for implementing virtual private networks and for remote user access through dial-up connection to private networks.

IPSec provides two mechanisms for protecting information: Authentication Header and Encapsulating Security Payload. The two modes differ in what they provide:

  • Authentication Header (AH) provides authentication services and provides a way to authenticate the sender of data.
  • Encapsulating Security Payload (ESP) provides a means to authenticate information as well as encrypt the data.

The information associated with each of these services is inserted into the packet in a header that follows the IP packet header. Separate key protocols, such as the ISAKMP/Oakley protocol, can be selected.

The following steps show you how to create an IPSec Negotiation policy on Computer A:

  1. On Computer A, click Start image All Programs image Administrative Tools, and then select Local Security Policy.
  2. Right-click the IP Security Policies on the Local Computer node, and then choose Create IP Security Policy.
  3. On the Welcome screen of the IP Security Policy Wizard, click Next.
  4. In the Name field, type Secure21. In the Description field, type Policy to encrypt FTP, and then click Next.
  5. On the Default Response Rule Authentication Method screen, choose the option Use This String To Protect The Key Exchange (Preshared Key) and type password.
  6. On the Completing The IP Security Policy Wizard screen, ensure that Edit Properties is selected, and then click Finish.
  7. In the Secure21 Properties dialog box, click Add.
  8. On the Welcome To The Create IP Security Rule Wizard screen, click Next.
  9. On the Tunnel EndPoint screen, click This Rule Does Not Specify A Tunnel. Click Next.
  10. On the Network Type screen, click All Network Connections, and then click Next.
  11. On the IP Filter List screen, click Add.
  12. In IP Filter List dialog box that appears, type Link1986, and then click Add.
  13. On the Welcome screen of the IP Filter Wizard, click Next.
  14. In the Description field, type 21 IPSec Filter. Click Next.
  15. On the IP Traffic Source screen, click Any IP Address, and then click Next.
  16. On the IP Traffic Destination screen, click Any IP Address, and then click Next.
  17. On the IP Protocol Type screen, click TCP in the drop-down list, and then click Next.
  18. On the Protocol Port screen, select From This Port, type 21 in the text box, select To Any Port, and then click Next.
  19. On the Completing The IP Filter Wizard screen, click Finish, and then click OK.
  20. In the IP Filter list, select Link1986, and then click Next.
  21. In the Filter Action dialog box, click Add.
  22. In the Filter Action Wizard dialog box, click Next.
  23. In the Filter Action Name dialog box, type Secure21Filter, and then click Next.
  24. In the Filter Action General Options dialog box, select Negotiate Security, and then click Next.
  25. On the Communicating With Computers That Do Not Support IPsec screen, select Do Not Allow Unsecured Communications, and then click Next.
  26. On the IP Traffic Security screen, select Integrity and Encryption, and then click Next.
  27. On the Completing The IP Security Filter Action Wizard screen, click Finish.
  28. In the Filter Action dialog box, select Secure21Filter, and then click Next.
  29. In the Authentication Method dialog box, select Use This String To Protect The Key Exchange (Preshared Key), type password, and then click Next.
  30. On the Completing The Security Rule Wizard screen, click Finish.
  31. In the Secure21 Properties dialog box, click OK.

Once you’ve created the policy you must activate it, so let’s do that.

On Computer A:

  1. Click Start image All Programs image Administrative Tools image Local Security Policy.
  2. Select the Local Computer node image IP Security Policies, and in the right pane right-click the Secure21 policy and click Assign.

On Computer B:

  1. In the Local Security Policy Microsoft Management Console (MMC) console, on the Local Computer node right-click IP Security Policies, select All Tasks, and then click Export Policies.
  2. In the Save As dialog box, type C:\IPSecPolicy\IPsecurityPolicy21.ipsec, and then click Save. You must then save the IPSec policy.

Import the security policy to a Windows machine.

Next, configure a Security Association rule in the Windows Firewall with Advanced Security MMC:

  1. On Computer A, click Start image Administrative Tools image Windows Firewall With Advanced Security.
  2. Select and then right-click Connection Security Rules, and then click New Rule.
  3. In the New Connection Security Rule Wizard, select Server-To-Server, and then click Next.
  4. On the Endpoints screen, select Any IP Address for both options, and then click Next.
  5. On the Requirements screen, select Require Authentication For Inbound And Outbound Connections, and then click Next.
  6. On the Authentication Method screen, select Preshared Key, type password in the text box, and then click Next.
  7. On the Profile screen, verify that the Domain, Private, and Public options are selected, and then click Next.
  8. In the Name text box, type Secure Server Authentication Rule, and then click Finish.
  9. Perform steps 1–8 on Computer B.

Pretty Good Privacy

Pretty Good Privacy (PGP) is another application of cryptographic technologies. Using public key encryption, PGP is one of the most widely recognized cryptosystems in the world. PGP has been used to protect the privacy of e-mail, data, data storage, and other forms of communication such as instant messaging.

PGP was designed to provide the privacy and security measures that are not currently present in many forms of online communication. The e-mail or instant message travels to the destination or recipient in this encrypted form. The recipient will use PGP to decrypt the message back into plaintext.

The PGP system is a simple but innovative mechanism that uses a process similar to the public and private key system we explored earlier in this chapter. The key pair consists of a public key and a private key; the public key encrypts messages, and the private key decrypts them.

A PGP user can also use their private key to digitally sign outgoing mail so that the recipient knows the mail originated from the named sender. A third party would not have access to the private key, so the digital signature authenticates the sender.

Sensitive data files stored on your hard drive or on removable media can also be protected using PGP. You can use your public key to encrypt the files and your private key to decrypt them. Some versions also allow the user to encrypt an entire disk. This is especially useful for laptop users in the event the laptop is lost or stolen.

Secure Sockets Layer (SSL)

Another important mechanism for securing information is the Secure Sockets Layer (SSL). The SSL protocol was developed by Netscape in the mid-1990s and rapidly became a standard mechanism for exchanging data securely over insecure channels such as the Internet.

When a client connects to a location that requires an SSL connection, the server will present the client with a digital certificate that allows the client to identify the server. The client makes sure the domain name matches the name on the CA and that the CA has been generated by a trusted authority and bears a valid digital signature.

Once the handshake is completed, the client will automatically encrypt all information that is sent to the server before it leaves the computer. Encrypted information will be unreadable en route. Once the information arrives at the secure server, it is decrypted using a secret key. If the server sends information back to the client, this information will also be encrypted on the server end before being transmitted.

Summary

In this chapter we covered many components of cryptography and discussed the importance of each. With a firm grasp of the science of cryptography, you will be able to progress into the area of pen testing and IT much further than you could without such knowledge.

Exam Essentials

Know the purpose of cryptography. Cryptography is designed to protect both the integrity and confidentiality of information; though the mechanism may vary, the goal is the same.

Understand symmetric versus asymmetric cryptography. Know why symmetric and asymmetric are suitable for some applications and unsuitable for others.

Know your applications. Understand why cryptography works and how it can be applied to any given situation and which processes are well suited to a given situation.

Know your tools and terms. The CEH exam is drenched with terms and tool names that will eliminate even the most skilled test taker because they simply don’t know what the question is talking about. Familiarize yourself with all the key terms, and be able to recognize the names of the various tools on the exam.

Review Questions

  1. Symmetric cryptography is also known as __________.

    1. Shared key cryptography
    2. Public key cryptography
    3. Hashing
    4. Steganography
  2. Which of the following manages digital certificates?

    1. Hub
    2. Key
    3. Public key
    4. Certification authority
  3. Asymmetric encryption is also referred to as which of the following?

    1. Shared key
    2. Public key
    3. Hashing
    4. Block
  4. Which of the following best describes hashing?

    1. An algorithm
    2. A cipher
    3. Nonreversible
    4. A cryptosystem
  5. A message digest is a product of which kind of algorithm?

    1. Symmetric
    2. Asymmetric
    3. Hashing
    4. Steganography
  6. A public and private key system differs from symmetric because it uses which of the following?

    1. One key
    2. One algorithm
    3. Two keys
    4. Two algorithms
  7. A public key is stored on the local computer by its owner in a __________.

    1. Hash
    2. PKI system
    3. Smart card
    4. Private key
  8. Symmetric key systems have key distribution problems due to __________.

    1. Number of keys
    2. Generation of key pairs
    3. Amount of data
    4. Type of data
  9. What does hashing preserve in relation to data?

    1. Integrity
    2. Confidentiality
    3. Availability
    4. Repudiation
  10. Which of the following is a common hashing protocol?

    1. MD5
    2. AES
    3. DES
    4. RSA
  11. Which of the following best describes PGP?

    1. A symmetric algorithm
    2. A type of key
    3. A way of encrypting data in a reversible method
    4. A key escrow system
  12. SSL is a mechanism for which of the following?

    1. Securing stored data
    2. Securing transmitted data
    3. Verifying data
    4. Authenticating data
  13. Which system does SSL use to function?

    1. AES
    2. DES
    3. 3DES
    4. PKI
  14. In IPSec, encryption and other processes happen at which layer of the OSI model?

    1. Level 1
    2. Level 2
    3. Level 3
    4. Level 4
  15. In IPSec, what does Authentication Header (AH) provide?

    1. Data security
    2. Header security
    3. Authentication services
    4. Encryption
  16. In IPSec, what does Encapsulating Security Payload (ESP) provide?

    1. Data security
    2. Header security
    3. Authentication services
    4. Encryption
  17. At what point can SSL be used to protect data?

    1. On a hard drive
    2. On a flash drive
    3. On Bluetooth
    4. During transmission
  18. Which of the following does IPSec use?

    1. SSL
    2. AES
    3. DES
    4. PKI
  19. Who first developed SSL?

    1. Netscape
    2. Microsoft
    3. Sun
    4. Oracle
  20. IPSec uses which two modes?

    1. AH/ESP
    2. AES/DES
    3. EH/ASP
    4. AES/ESP