• Presentations
• Articles

Articles

Cryptographic Methodologies: A Primer on Tactics for Securing Information

By Kevin M. Williams, CISSP

An ancient Chinese proverb says, "Know thy self, know thy enemy" (Tzu, 6th century B.C.). In his treatise The Art of War, Sun Tzu elaborates on this idea as it relates to military strategy:

Sun Tzu's simple, yet eloquently stated idea is as relevant today as it was 2500 years ago. This is the essence of information security.

A key-strategy of warfare is guarding one's secrets from the enemy. Secrets in warfare can be many things; locations of troops, plans of attack, supply routes, etc. By using tactics such as misdirection, deception, disinformation, propaganda, decoys, and camouflage, one can hide the details of your operations. Perhaps one of the most effective tactics is obfuscation, the concealment of meaning in communication. Obfuscation makes the communication confusing and difficult to comprehend by the enemy. On the modern battlefield, this is often achieved with cryptography.

Cryptography is simply the process of hiding information. Modern cryptography utilizes algorithms, also known as ciphers, which are a series of well-defined tasks to obfuscate information. Algorithms convert readable text into unreadable gibberish, which prevents unintended disclosure, and allows interpretation only by the intended recipients. The three core principles of information security are confidentiality, integrity, and availability. Confidentiality prevents the unauthorized disclosure of information; Integrity prevents the unauthorized modification of information; and Availability prevents the disruption of information ((ISC)2, 2006). It is important to understand that cryptography improves confidentiality and integrity at the expense of availability. With cryptography, the harder you make the information to access, the harder it is to modify or disclose that information.

How Cryptography Works

Now that we know we need to obfuscate our information, how do we actually do it? There are many ways to make information unintelligible; you could use a foreign language, you could write it backwards, you could use a proprietary file format, etc. However, these methods simply mask information by keeping secret whatever method was used. Once the method is discovered, then it is relatively easy to unmask the information. In the field of cryptography, this is known as "security through obscurity" (Schneier, 2002). Backwards writing can be read with a mirror, languages can be translated, and file formats can be converted. The security they provide is merely an illusion.

The technical problem with these kinds of methods is the weak mathematics involved in decoding them once the method is no longer secret. For example, let us examine the method of translating the information into another language. There are 6912 documented languages in the history of the world, of which only 4484 are considered "living" languages (Ethologue, 2005). Assuming the translated text is to be read by a modern speaker, you could immediately reduce the language count to one of the 108 major language systems used globally. By further visual inspection, you could easily reduce that count by evaluating the language's writing system, such as Arabic alphabet, Latin alphabet, or logographic (e.g., Chinese, Japanese, Korean). As you can see, this number is very quickly whittled down to a manageable amount.

From a mathematical approach, this is where cryptographic methodologies excel. The obscurity method above just slows down an attacker; they only have to attempt to translate the information in a number of "best guess" languages before they find the right one. However, what if you were able to translate the information into one language, rearrange the words, add extra words, translate it to a second language, and repeat the process multiple times. This would make translation incredibly difficult, if not impossible, due to the amount of time involved in analyzing and guessing the languages. This combination of a predetermined rearrangement, along with the addition of new information into the data stream, creates a strong and repeatable system of securing information.

Essentially, this is how encryption works. Encryption is the process of making the information unintelligible with decryption being the reverse. Encryption is successful because it utilizes computing strength and speed to transform the information by both rearrangement and the interjection of new data, not simply obscuring it. There is no need to keep the method secret, as the actual process is not what makes encryption strong enough to resist attack. The strength relies on the attacker not knowing what order and what new data has been used during the transformation. The decryption becomes practically impossible by generating vast ranges of possible combinations that would require years of brute force guessing to break.

Brute force is the process of trying every possible combination of keys until the right one is found. A four-digit ATM PIN number has 10,000 possible combinations (i.e., four digits, each with a value of zero through nine). While 10,000 PIN numbers may be difficult for a person to input, a computer could generate all 10,000 permutations in seconds (Parsons & Oja, 2006, p. 329). The key size is then not only a measure of the possible keys used to encrypt the information, but also a measure of the amount of effort required by an attacker. In modern cryptography, key size is measured in bits (i.e., a binary digit, either zero or one), so for the sample basic algorithm, a 256-bit key should be stronger than a 56-bit key. A 256-bit key would require 5.2 x 10⁵⁷ years to try all 1.15 x 10⁷⁷ possible keys, whereas a 56-bit key would require only 20 hours to try all 72 billion possible keys ((ISC)2, 2006, p. 262).

The huge difference in time and length is due to the exponential growth of keys; an n-bit key has 2ⁿ combinations (i.e., for every bit, it can be zero or one), so doubling the key size actually squares the number of possibilities. A 1-bit key has two possibilities, a 2-bit key has four possibilities, a 3-bit key has eight possibilities, etc. To be precise, there is technically no such thing as unbreakable encryption. While an attacker could theoretically try every possible key, we can make the level of effort involved in breaking it undesirable and impractical.

A core principle of cryptography is that sufficient encryption is achieved once the cost of breaking the encryption, in terms of both time and resources, is more valuable than the encrypted data itself (CompTIA, 2006). For example, if an attacker just wants to compromise someone's web-based email to spread a virus, they are not going to expend a great deal of time and resources attempting to break password encryption. Rather, it is easier for the attacker to try multiple accounts until he finds one with a weak password.

Encryption is accomplished by using algorithms and functions to perform mathematical operations on the information. The three basic cryptographic methods used to protect information are cryptographic hash functions, asymmetric-key algorithms, and symmetric-key algorithms. This paper will examine how encryption and decryption are performed by these three cryptographic methodologies, as well as their basic operational usage and major vulnerabilities.

Symmetric-Key Algorithms

The first cryptographic method we will examine is the symmetric-key algorithm. The symmetry of the algorithm comes from the fact that both parties involved share the same key for both encryption and decryption. It works similar to a physical door where everyone uses a copy of the same key to both lock and unlock the door. A symmetric-key algorithm, just like real doors, requires the distribution and security of shared keys.

This raises the issue of key management, a critical concept in cryptography. Just like the keys to your home, great emphasis must be placed on maintaining and securing cryptographic keys. In their Key Management Guideline, the National Institute of Standards and Technology emphasizes the importance of key management:

In particular, the effective use of symmetric-key algorithms relies heavily on effective key management.

Symmetric-key algorithms work by taking the plaintext message (i.e., the naturally readable information) and combining it with a shared key that is input to the algorithm, which outputs the ciphertext (i.e., the encrypted text). The process works in reverse to decrypt the message. The combined ciphertext and the shared key are input to the algorithm, which outputs the plaintext.

There are two types of symmetric-key algorithms, block ciphers (see Figure 1) and stream ciphers (see Figure 2). The major difference between the two is how much information they encrypt or decrypt at a time. Block ciphers, as the name implies, processes fixed-length groups of bits (i.e., blocks); whereas a stream cipher processes bits one at a time. Due to the larger fixed-length input, block ciphers are generally slower than stream ciphers. Stream ciphers, due to their low processing requirements and flexible input lengths, are often found in hardware implementations. An example of a hardware-based stream cipher would be a secure wireless access point. Both WEP and WPA use the RC4 stream cipher for encrypting communications.

Figure 1. Symmetric - Key Cryptography - Block Cipher

Figure 2. Symmetric-Key Cryptography - Stream Cipher

Besides the obvious vulnerability of securing and managing shared keys, the major attacks against symmetric-key algorithms are known as differential cryptanalysis. Differential cryptanalysis works by examining the changes in ciphertext after encrypting multiple plaintexts. For example, you wish to decrypt a ciphertext that reads ASDF. When you encrypt the plaintext DOGS using the same algorithm, the ciphertext reads ASGH. When you encrypt the plaintext FLOR using the same algorithm, the ciphertext reads NBDF. Thus, you could conclude the plaintext of ASDF may read DOOR by combining the first two characters of the DOGS ciphertext with the last two characters of the FLOR ciphertext.

Asymmetric-Key Algorithms

Asymmetric-key algorithms work in a similar manner to symmetric-key algorithms, where plaintext is combined with a key, input to an algorithm, and outputs ciphertext. The major difference is the keys used for the encryption and decryption portions are different, thus the asymmetry of the algorithm. The key pair is comprised of a private key and a public key. As the names imply, the public key is made available to everyone, whereas the private key is kept secret. Which key is used for encryption and which key is used for decryption varies depending on the intended use of asymmetric-key algorithm in question.

The two main uses of asymmetric-key algorithms are public-key encryption (see Figure 3) and digital signatures (see Figure 4). Public-key encryption is a method where anyone can send an encrypted message within a trusted network of users. The sender encrypts the message using the receiver's public key, allowing only the receiver to decrypt the message using his or her own private key. Anyone could intercept the encrypted message, but only the receiver can decrypt it. This makes public-key encryption an ideal method for protecting messages sent over unsecured mediums, such as the World Wide Web, where the sender has no control over how a message is routed to the sender.

Figure 3. Asymmetric-Key Cryptography - Public-Key Encryption

Figure 4. Asymmetric-Key Cryptography - Digital Signature

Digital signatures provide a method for ensuring nonrepudiation. Nonrepudiation is the ability to establish that a particular transaction actually occurred and prevents either party from denying the transaction's validity or existence (Schneider, 2006, p. 240). The sender encrypts the message using his or her own private key, allowing anyone to decrypt the message using the sender's public key. The accurate decryption proves that the message came from the sender, as he or she is the only one who has a copy of the corresponding private key. Often, digital signatures are used in conjunction with public-key encryption to assure message integrity.

The biggest vulnerability to asymmetric-key encryption is key management. Along with symmetric-key encryption, a compromised key is very bad, as it could be used to disclose all information encrypted with that key. However, the additional threat faced by asymmetric-key encryption is the risk of an attacker using a compromised private key to send message on the victim's behalf. The message would encrypt and decrypt correctly, so there would be no indication of wrongdoing. In this sense, key management is even more critical in asymmetric-key encryption. Great care should be taken to manage the encryption key lifecycles from issuance, to renewal, and revocation.

Key management in this method is done with the use of digital certificates. Digital certificates are computer files that serve as the equivalent of ID cards (Oz, 2002, p. 689). Certificate authorities, or CAs, are the governing bodies that oversee key management. Individuals and companies request CAs to issue certificates for their use in asymmetric-key cryptography. Certificate issuance usually requires an initial and possible recurring fee from the certificate owner. The certificates contain the owner's personal and contact information, the public key, expiration date, a unique ID, the name and digital signature of the issuing CA (Schneider, 2006, p. 452). It is important that everyone involved use the same reputable CA to ensure interoperability.

Cryptographic Hash Functions

Cryptographic hash functions are a unique subsection of cryptography. Hash functions accept any amount of plaintext as input, which generates a fixed-length ciphertext output (see Figure 5). The output is called a hash value, sometimes known as the digest or checksum. The hash value can act as a type of signature, ensuring the contents of a message or file have not been modified. This is done by comparing the hash value of the message generated before transmission to the hash value generated after transmission. If the values match, then the message has not been modified.

Figure 5. Cryptographic Hash Functions - Variable Input, Fixed Output

While not a true encryption algorithm, hash functions can be used as a type of one-way encryption method (see Figure 6). We will use a very simplified method as an example. Let us take any length number and add its digits together until you arrive at a single digit. If you take the number 1985 and add the digits together, you would get 1 + 9 + 8 + 5 = 23, followed by 2 + 3 = 5. Using this method, 1985 = 5, 100003 = 4, and 12345 = 6. Regardless of how many digits we input, we always end up with the same size output. It is a one-way process since there is no way of reversing the function to arrive at the original number. In the example above, the hash-value of "5" could have originated from many sets of numbers.

Figure 6. Cryptographic Hash Functions - "One-Way" Encryption

This brings up the topic of collisions, the main defect associated with hash functions. Collisions occur when two different plaintext inputs generate the same hash value (Sedgewick, 2003, p. 599). Using the previous adding method, not only is 1985 = 5, but also 104 =5 and 2345 = 5. This becomes a major issue when a hash function is used to perform a critical task, such as password validation. Many systems will avoid storage of passwords by instead saving the hash values of password. The system then compares the hash value of the password used during login to the known-good stored values. If an attacker could find a different password that generated the same hash value, then the system could be tricked into allowing access.

Like symmetric and asymmetric key algorithms, key size plays a big factor in the security of a hash function. A larger key sizes means the attacker has to contend with more key combinations. For example, MD5 generates 128-bit hash values that can have 3.4 x 10^38 possible combinations. SHA-1 generates 160-bit hash values that are four billion times larger than MD5 (Friedl, 2005). These astronomical numbers are why attackers concentrate on discovering collisions as opposed to brute-force guessing.

Recommendations

So which is the best method for securing your information? The answer is all of them, depending of course on when and how you use them. As with any defense, a key task is choosing which encryption method is best suited for a particular situation. You would most likely not use public-key encryption to secure the contents of a hard drive, just as you would not use a hash function to encrypt real-time communications. You should choose the right method for the right function, taking speed, strength, and usability into consideration. Some situations may even call for a combination of encryption methods. You may use one method to transmit the encryption keys that are then used by a second, different method to encrypt the message. This is known as a hybrid cryptosystem, which uses the best traits of its components to make up for the weakness of others (Soohyun, Kwak, & Won, 2003).

For the greatest level of security, cryptography should be used in conjunction with other information security defenses to establish what is known as defense in depth. Defense in depth integrates the abilities of people, operations, and technology to establish multilayer, multidimensional protection (Ashley & Jackson, 1999, p. 3). A good analogy is to think of the defenses of a castle. Castles have moats and drawbridges, walls and ramparts, plus all the inhabitants fighting to keep out invaders. Any single defense can be countered, but the mixture of varying types of defense makes the overall fortification secure. Information security layers, including cryptography, should also be as robust and not rely on any single style of protection.

Resources

(ISC)2. (2006). The (ISC)2 CISSP CBK Review Seminar V5.0 Student Manual. Boston, MA, USA: Pearson Custom Publishing.

Ashley, B. K., & Jackson, G. L. (1999). IANewsletter. Defense Information Systems Agency. Falls Church, VA: Information Assurance Technology Analysis Center.

Barker, E., Barker, W., Burr, W., Polk, W., & Smid, M. (2007). SP 800-57 Part 1, Recommendation for Key Management - Part 1: General (Revised). National Institute of Standards and Technology, Computer Security. Gaithersburg, Maryland: United States Department of Commerce.

CompTIA. (2006). CompTIA Security+ Certification Student Manual. (J. VanStean, Ed.) Boston, MA, USA: Course Technology.

Ethologue. (2005). Languages of the World. (J. Raymond G. Gordon, Editor) Retrieved Nov 02, 2007, from Ethologue.com: http://www.ethologue.com

Friedl, S. (2005, May 09). An Illustrated Guide to Cryptographic Hashes. Retrieved Nov 03, 2007, from Unixwiz.net: http://www.unixwiz.net/techtips/iguide-crypto-hashes.html

Oz, E. (2002). Management Information Systems (Third ed.). Boston, MA, USA: Course Technology.

Parsons, J. J., & Oja, D. (2006). Computer Concepts (Eighth ed.). Boston, MA, USA: Course Technology.

Schneider, G. (2006). Electronic Commerce (Sixth Annual ed.). Boston, MA, USA: Course Technology.

Schneier, B. (2002, May 15). Secrecy, Security, and Obscurity, http://www.schneier.com/crypto-gram-0205.html#1. Retrieved Nov 09, 2007, from Schneier.com.

Sedgewick, R. (2003). Algorithms in Java (Third ed.). Boston, MA, USA: Pearson Education.

Soohyun, O., Kwak, J., & Won, D. (2003, Feb). An Efficient Hybrid Cryptosystem Providing Authentication for Sender’S Identity. (H.-K. Kahng, Ed.) Information Networking , 745. Tzu, S. (6th century B.C.). The Art of War. Wu, China.