6.0 - Cryptography and PKI

Question 1

What are Symmetric algoriithms?

Answer 1

Symmetric algorithms have shared secret key. Early cyphers were symmetric, as is the unbreakable one time pad method.

Common Symmetric Algorithms:

• 3DES
• AES
• Blowfish
• Twofish
• RC4

Question 2

What are modes of operation?

Answer 2

In symmetric or block algorithms, mulltiple blocks of identical data can give away the cipher. Modes of Operation are techniques that resolve this issue.

The NIST lists these Modes of Operation:

• Electronic Code Book
• Cipher Block Chaining
• Cipher Feedback Mode
• Output Feedback Mode
• Conter Mode

Question 3

How do Asymmetric Algorithms work?

Answer 3

Asymmetric Algorithms use large numer factoring with a public and a private key (a key pair). This enabled digital signatures and allows secure sending without pre-shared keys.

Question 4

Symmetric vs. Asymmetric encryption?

Answer 4

Symmetric encryption: Faster, requires a means to pre-share the key

Asymmetric encryption: public key can be sent in the clear, more CPU intensive.

Question 5

What purpose do Hashing functions serve?

Answer 5

Hashing functions performa a one-way encryption and can be used for data verification or message authentication.

Common Hash algorithms are:

• MD2, MD4, MD5
• SHA-1, SHA-256, SHA-384, SHA-512

Question 6

This method adds a high-entropy data piece to a low-entropy user data, which makes the hash harder to break.

Answer 6

Salting. The Salt is the extra high-entropy data. This breaks the use of rainbow tables to break password hashes.

Question 7

These are three similar methods that introduce an extra random string into a cypher.

Answer 7

Salting

Initialization Vector

Nonce

Question 8

Describe Elliptic Curve cryptography.

Answer 8

Elliptic Curve cryptography (ECC) uses calculations involved with eliptical curves to encrypt data. This is less processor intensive, so it is popular with low-power devices. Many secure text, email and voice apps on mobile devices use ECC and AES algorithms.

Question 9

What algorithms are weak or deprecated?

Answer 9

Weak or deprecated algorithms include:

• MD5 - manufactured collisions have been achieved.
• SHA-1, soon SAH-256
• DES and 3DES

Question 10

What problem did the Diffie-Hellman key exchange solve?

Answer 10

Diffie-Hellman key exchange allows a key to be passed in the clear, even with all packets intercepted. This is important for the sharing keys in symmetrical encryption.

Question 11

What are the steps in using a digital signature?

Answer 11

Digital signature process:

1. Signature is hashed and the sender keeps a private key
2. Hashed signature is appended to the message and sent
3. Recipient decrypts hash with sender’s public key.

Question 12

Does a digital signature protect the message from interception?

Answer 12

No. Signature only verifies the sender. Other means must be added to assure confidentiality.

Question 13

What is Diffusion in cryptography?

Answer 13

Diffusion states that a single change in the plaintext should result in multiple changes in the ciphertext. This way changes in ciphertext do not reveal the plaintext.

Question 14

What is Confusion in cryptography?

Answer 14

Confusion means that each character of plaintext depends on multiple characters of the ciphertext.

Question 15

What is a Collision?

Answer 15

A Collision is when two different inputs have the same output on the cryptographic function.

This is possible with hashes, which creates the need for salting.

Question 16

What are some examples of Steganography?

Answer 16

Steganography examples:

• Invisible ink
• Hidden tattoos
• Extra data encoded in digital images or video.
• LSB - Least Signficant Bit - the last bit of each color pixel is changed in an image file.

Question 17

What is Obfuscation?

Answer 17

Obfucation is the act of making something unreadable but still useable:

• Mangling code with extra, recursive functions
• Salted Hashes

Question 18

What are the differences betweek Block and Stream Ciphers?

Answer 18

Block vs. Stream Ciphers:

• Speed - stream is faster
• Strength - block is more secure
• Diffusion - block has more diffusion
• Resistance to insertions/modifications - block is better
• Error propagation - block has higher chance of error propagation
• Common Block Algorthims: 3DES, AES
• Common Stream Algorithms: A5, RC4

Question 19

Key strength and key length.

Answer 19

Larger keys make for stronger encryption, but comparisons across encryption methods are not valid. Some methods, such as 3DES, have only one key length.

Question 20

What is a Session Key?

Answer 20

A Session Key is a symmetric key created for a given communication session. It can be initially transmitted via a key exchange for greater security. This method offers good strength, speed and simplicity.

Question 21

What is an Ephemeral Key?

Answer 21

An Ephemeral Key is generated and used only once. Diffie-Hellman uses an ephemeral key to create perfect forward secrecy.

Question 22

What is a Secret Algorithm?

Answer 22

A Secret Algorithm is when the cryptographic method is kept a secret. For instance, using multiple hash functions. The drawback is limited testing.

Question 23

How does the data state affect encryption?

Answer 23

Data States:

• Data-in-Transit - needs end to end encryption such as TLS or SSL
• Data-at-Rest - can use whole disc encyption or other forms of data encryption. Applies to cloud data as well.
• Data-in-Use - data in the CPU and memory. Suscepible to data-scraping malware.

Question 24

What to look for in a random number generator?

Answer 24

Truely random number generators rarely exist.

Look for a cryptographicaly secure RNG to seed encryption systems.

Question 25

What is Key Stretching?

Answer 25

Key Stretching is adding iterative rounds of computation to a hash function, making it more difficult to brute force.

Question 26

What is a Crypto Service Provider (CSP)?

Answer 26

A Crypto Service Provider (CSP) is a software library of various encoding and decoding functions. Microsoft CryptoAPI (CAPI) is a CSP for windows development.

Question 27

What is a Crypto Module?

Answer 27

A Crypto Module is a hardware or software device that peforms the encryption operations securely within a physical or logical boundary.

Question 28

What is Perfect Foward Secrecy?

Answer 28

Perfect Foward Secrecy is when a public key system can derive new secure keys even when the original key is known. This is imporant to session key generation.

Question 29

How important is Obscurity?

Answer 29

Obscurity - using obtuse names for servers, etc. - is not a fool-proof solution, but it does make the attacker’s job harder.

Question 30

List some common use cases for cryptographic services.

Answer 30

Cryptographic use cases:

• Low power devices - eliptical curve crypto is good
• Low latency systems - stream ciphers are an example
• High resiliency - crypto can help restore system quickly after a disruption
• Supporting Confidentiality - crypt keeps data in the right hands
• Supporting Integrity - crypto keep data from being destroyed during transit
• Supporting Obfuscation - encrypted data is opaque
• Supporting Authentication - session keys, digital signatures
• Supporting Non-repudiation - private key holders need to revoke the key if it is stolen

Question 31

DES

Answer 31

DES (Data Encryption Standard):

• Symmetric Encryption
• Decertified, recertified, then decertified again by the NSA
• Replaced by AES

Question 32

3DES

Answer 32

3DES (Triple DES):

• Symmetric Encryption
• More CPU intensive then DES
• Uses two or three keys - encrypt, decrypt, encrypt again
• Still popular but being eplaced by AES

Question 33

AES

Answer 33

AES (Advanced Encryption Standard):

• Symmetric Encryption
• 128, 192 and 256 bit key sizes
• NIST RFP Finalists: MARS, RC6, Rijndael, Serpent, Twofish (Rigndael was chosen)
• Current gold standard, considered secure and computationally efficient

Question 34

RC4

Answer 34

RC4 (Rivest Cipher):

• Generic term for RC1 - RC6
• Symmetric Encryption
• Stream Cipher
• 8 - 2048 key length, 128 is most common
• Ten times faster then DES
• Need to include weak key detection when implementing

Question 35

Blowfish/Twofish

Answer 35

Bluefish/Twofish:

• Symmetric Encryption
• Finalist for AES
• Available for public use
• Full 16-round version has not been broken
• Twofish is an improvement over Blowfish

Question 36

What is a Cipher Mode?

Answer 36

A Cipher Mode, or mode of operation, deals with identical blocks of ciphertext, which would give away identical blocks of input data.

Question 37

CBC

Answer 37

CBC (Cipher Block Chaining):

• Cipher Mode of Operation
• Each block is XORed with the previous block
• Cannot be parallelized
• Plaintext can be recovered from two adjacent ciphertext blocks - POODLE attack

Question 38

GCM

Answer 38

GCM (Galios Counter Mode):

• Cipher Mode of Operation
• Adds an authetication function to the ciphertext
• Can be parallelized
• Recoginized by NIST - AES-GCM, GCM, and GMAC

Question 39

ECB

Answer 39

ECB (Electronic Code Block):

• Cipher Mode of Operation
• Simplest mode
• Each block is encrypted separately
• Identical blocks yield identical encrypted blocks
• Not recomended in cryptographic protocols

Question 40

CTR / CTM

Answer 40

CTR (Counter Mode):

• Cipher Mode of Operation
• Uses counter function to generate a nonce this is used for each block encryption
• Can be multithreaded
• Sometimes called CTM
• Considered secure

Question 41

What are the most widely used Cipher Modes?

Answer 41

CBC and CTM/CTR are the most widely used cipher modes.

Question 42

Describe the differences between Symmetric and Asymmetric encryption.

Answer 42

Differences between Symmetric and Asymmetric encryption:

• Asymmetric is based on hard to reverse math problems.
• In Asymmetric, the public key is known
• Asymmetric is slower, and not good for bulk encryption

Question 43

RSA

Answer 43

RSA (named after inventors):

• Asymmetric / PKI Encryption
• Product of two larger primes - best to choose 100 to 200 digit primes, both same number of digits
• 100 times slower than DES, symmetric cipher

Question 44

DSA

Answer 44

DSA (Digital Signature Authentication):

• Asymmetric / PKI crypto
• Includes authenticity and identity of sender
• Sender signs with their private key
• Hash codes for integrity check
• Broke on Sony’s PS3 due to incorrect implementation

Question 45

Diffie-Hellman

Answer 45

Diffie-Hellman:

• Asymmetric crypto
• One of the most common encryption protocols
• Used in key exchange for SSL and TLS
• Also used by SSH and IPSec.
• Can share a secret key between parties who have not contacted each other before
• Gold standard for key exchange

Question 46

DH Groups

Answer 46

Diffie-Hellman Groups determine the strength of the key exchange process. Higher group numbers are more secure, but more CPU intensive

• Group 1 - 768-bit key
• Group 2 - 1024-bit key
• Group 5 - 1536-bit key
• higher numbers also supported

Question 47

DHE

Answer 47

DHE (Diffie-Hellman Ephemeral)

• Temporary key varient of DH, instead of using the same key more than once.

Question 48

ECDH / ECDHE

Answer 48

ECDH (Eliptical Curve Diffie-Hellman)

ECDHE (Eliptical Curve Diffie-Hellman Ephemeral)

DH varients with elipitical curve keys. EDCHE has perfect forward secrecy

Question 49

ECC

Answer 49

ECC (Eliptical Curve Cryptography)

• Asymmetric Crypto
• Good for limited CPU platforms
• Security has been questioned mostly due to lack of analysis.
• ECC and AES are popular with mobile applications.

Question 50

PGP / GPG

Answer 50

PGP (Pretty Good Privacy):

• Asymmetric and symmetric crypto
• Was freeware, now owned by Symantec
• Can be applied to popular email apps, using symmetric and asymmetric protocols
• GPG (Gnu Privacy Guard) is an open-source command-line implementation

Question 51

What are hashing algorithms used for?

Answer 51

Hashing Algorithms are most commonly used to store computer passwords and to ensure message intregrity.

Question 52

MD5

Answer 52

MD (Message Direct):

• Hashing Algorithm
• Not entirely secure
• SHA is a better option

Question 53

SHA

Answer 53

SHA (Secure Hash Algorithm):

• Hash Algorithms
• Set of hashes published by NIST and NSA
• SHA-1 - vulnerable to collission attacks
• SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512) - most commonly used
• SHA-3 - new, not in common use yet

Question 54

HMAC

Answer 54

HMAC (Hashed Message Authentication Code):

MAC is used to determine if message has changed during transmission. HMAC adds authenticity to this integrity check. Can use MD5, SHA or RIPEMD algorithms.

Question 55

RIPEMD

Answer 55

RIPEMD (RACE Integrity Primitives Evaluation Message Digest):

• Hashing function
• Original version has problems with collisions
• Later versions: RIPEMD-160, RIPEMD-256, RIPEMD-320
• Larger keys offer larger output sizes, but do not make the function inherently stronger.

Question 56

What does a key stretching algorithm do?

Answer 56

A key stretching algorithm takes a weak key and makes it stronger against brute force attacks.

CPU intensive, but ok for single-use, such as password lists.

Question 57

BCRYPT

Answer 57

BCRYPT:

• Key Stretching algorithm
• Uses Blowfish cipher and salting
• Makes brute forcing unfeasible

Question 58

PBKDF2

Answer 58

PBKDF2 (Password-Based Key Derivation Function 2):

• Key Stretching algorithm
• Uses Password and salt and applies and HMAC to the input thousands of times.
• Makes brute forcing unfeasible

Question 59

XOR

Answer 59

XOR (Exclusive OR):

• Obfuscation method
• Applies XOR operator to every character given a key
• Reappling the XOR function with the key will remove the cipher.
• Very fast
• Common component of many complex algorithms
• On perfect if the key is as long as the text being encrypted

Question 60

ROT13

Answer 60

ROT13:

• Special case of Caesar cipher, with alphabet shifted 13 characters.
• Since 13 is half of 26, running it a second time decodes the cipher

Question 61

Substitution Ciphers

Answer 61

Substitution Ciphers:

• Character by character substitution, using same cipher for entire message.
• Only 88 bit entropy
• Easy to hack with frequency analysis, due to the structure of language.

Question 62

WEP

Answer 62

WEP (Wired Equivalent Privacy):

• Early 80.11 crypto
• Has been exploited
• 16 million keys, so they are reused
• AirSnort can crack WEP in a couple of hours on a busy WAP

Question 63

WPA

Answer 63

WPA (Wi-Fi Protected Access):

• Wi-Fi crypto
• Flawed WEP algorithm with TKIP
• Key must be manually entered on devices
• No forward secrecy - if attacker gets the key, they can decrypt every packet
• Was a stop-gap until WPA2 arrived

Question 64

WPA2

Answer 64

WPA2 (Wi-Fi Protected Access 2):

• Wi-Fi Crypto
• Uses AES as the encryption protocol, better than RC4 used in WEP and WPA

Question 65

CCMP

Answer 65

CCMP (Counter Mode with CBC-MAC Protocol):

• Specified in 802.11i, an amendment to the 802.11 standards
• Works with AES, but requires new hardware
• Provides message integrity

Question 66

TKIP

Answer 66

TKIP (Temporal Key Integrity Protocol):

• Wi-Fi cryto
• Replaced WEP without needing new hardware
• Stopgap measure
• Mixed a secret root key with IV before the RD4 encryption
• Vulnerable to same attacks as WEP

Question 67

Wi-Fi Cryptographic protocols vs. Authentication protocols?

Answer 67

Cryptographic protocols:

• Encrypts the data
• WEP, TKIP, WPA, WPA2, CCMP

Authentication protocols:

• Authenticates the device
• EAP, PEAP, EAP-FAST, EAP-TLS, EAP-TTLS
• Also IEEE 802.11x and RADIUS

Question 68

EAP

Answer 68

EAP (Extensible Authentication Protocol):

• Wi-Fi framework for authentication methods (not an authenication method itself)
• Supports multiple authentication methods
• Can work with tokens, smart cards, certificates, one-time passwords, and public keys
• Expanded from PPP

Question 69

PEAP

Answer 69

PEAP (Protected EAP):

• Wi-Fi Authentication protocol
• EAP encapsulated in a TLS tunnel
• Widely supported by vendors for use over wireless networks

Question 70

EAP-FAST

Answer 70

EAP-FAST (EAP Flexible Authentication via Secure Tunneling):

• Wi-Fi Authentication protocol
• EAP inside a lightweight tunnel
• Passes a Protected Access Credential (PAC) that used to establish the tunnel.
• Replacement for Cisco LEAP

Question 71

EAP-TLS

Answer 71

EAP-TLS:

• Wi-Fi Authentication Protocol
• Uses client-side certificates, so attacker would need the certificate key
• Popular

Question 72

EAP-TTLS

Answer 72

EAP-TTLS (EAP Tunneled TLS):

• Wi-Fi Authentication Protocol
• Similar to EAP-TLS, but tunnels the client side of the authentication
• Allows for legacy authentication protocols such as POP, CHAP, MS-CHAP and MS-CHAP-V2
• Protects from man-in-the-middle attacks
• Client-side certificates are optional, making it easier to setup than EAP-TLS

Question 73

IEEE 802.1X

Answer 73

IEE 802.1X:

• Authentication standard
• Port-based authentication to a device, such as an edge router
• Often used to authenticate the Wi-Fi device prior to admission to the wireless network
• Used in tandem with a RADIUS server.

Question 74

RADIUS Federation

Answer 74

RADIUS Federation:

There are a few world-wide Federated RADIUS schemes, such as EDUROAM, which allows users to connect at education facilities worldwide.

Only EAP methods with certificates can be used, as the connection will be tunneled.

Question 75

Wi-Fi Method: PSK

Answer 75

PSK (Pre-shared Key):

• Typical for home routers
• WPA or WPA2
• Key of 20 random characters or longer is safe

Question 76

Wi-Fi Method: Enterprise

Answer 76

Enterprise Wi-Fi:

• Uses IEEE 802.1X and RADIUS authentication
• Uses usernames and passwords
• Can provide Network Access Control (NAC), and multiple random keys instead of a single PSK

Question 77

Wi-Fi Method: Open

Answer 77

Open Wi-Fi:

• Not truly authentication, but sharing of a secret key based on the SSID.
• Key is a random number for use during that session.

Question 78

WPS

Answer 78

WPS (Wi-Fi Protected Setup):

• Wi-Fi Security Standard
• Eight-digit PIN
• Easy to use
• Popular on home and small business networks
• Can be brute forced

Question 79

Captive Portals

Answer 79

Captive Portals:

• Wi-Fi security method
• Browser point to a webpage for authentication
• Popular on public hotspots

Question 80

What is a Certificate Authority?

Answer 80

A Certificate Authority takes the information from the registering authority (RA) and creates a certificate for a user. They combine the user’s public key with the certificate. The certificate is then digitally signed with the CA’s private key.

Question 81

What is an Intermediate CA?

Answer 81

An Intermediate Certficate Authority uses the CA as a reference and can transfer trust between different CAs.

Question 82

How does certificate revocation work?

Answer 82

Once a certificate is deemed to be compromized, (or if the individual has left the company in the case of an in-house PKI), the certificate is revoked by the CA. This is permanent for security reasons.

A good PKI system will check for revocation before trusting a certificate.

The individual requesting revocation must be authenticated themselves, to avoid fraud. Also a user cannot request their own revocation.

Question 83

What is a CRL?

Answer 83

The CRL (Certificate Revocation List):

• Lists all revoked certificates for that CA.
• It is stored in a publicly accessable directory.
• Signed with its own certificate
• Can only be modified by the CA
• How often the CRL is updated is determined by the CA and listed in their Certification Practices Statement (CPS)

Question 84

How are CRL files updated?

Answer 84

The CRL file can be pushed to a local PKI periodically, or the CRL can be requested (pulled) by an individual user.

Delta CRLs can also be pushed after the initial CRL is received, for less data transfer.

An online service can also be used to check for revoked certificates. These requests use OCSP (Online Certficate Status Protocol).

Question 85

What is a CSR?

Answer 85

A CSR (Certificate Signing Request) is the request to a CA needed to generate a certificate. It will contain and public key and other information.

Question 86

What does a Certificate contain?

Answer 86

Under the X.509 standard, version 3, certificates contain the following fields:

• Version Number - V3 currently
• Subject - the person or network device that the certificate verifies
• Public Key
• Issuer
• Serial Number
• Validity - dates of use
• Signature algorithm
• Extensions - free text for added functionality

Question 87

Public vs. Private key

Answer 87

Public Key:

• Is attached to the message it protects.
• Can be shared freely

Private Key:

• Is the other half of the asymmetric encryption
• Must be protected. Rarely leaves the CA that created it.

Question 88

What are Object Identifiers (OID)

Answer 88

Each extenstion, or optional field, in a certificate has an ID or OID, along with a critical or noncritical indication.

The system must reject a certificate if it encounters a critical extension it does not recognize or cannot process.

Question 89

Why have an offline CA?

Answer 89

A CA that is only used periodically may be kept offline except when needed for added security. Other requests such as CRL and validation can be moved to second authority.

Question 90

What is Stapling?

Answer 90

Extra information, such as OCSP responder info, can be submitted along with a certificate request to avoid additional fetches. This is Stapling.

Question 91

What is Pinning?

Answer 91

Pinning is the process of associating a host with a previously provided certificate or public key.

This is useful with mobile applications that cross networks often, and travel to untrusted networks.

Pinning avoids the user of DNS, it related security issues.

This technique is called key continuity. Safe as long as an attacker did not witness the initial contact. The certificate or the public key can be pinned.

Question 92

Define some trust models.

Answer 92

Trust models:

• Hierarchical: Root CA > Intermediate CAs > Leaf CAs > users and devices. Root CA is the ultimate trust anchor. Many steps to follow certificate path.
• Peer-to-Peer: CAs will cross-certify each other. Difficult to scale.
• Hybrid: Multiple hierachical trusts that are cross-certified to each other, sometimes through a bridge CA. Good for multiple companies what want to establish trust with each other.

Question 93

What is Key Escrow

Answer 93

Key Escrow:

• A third party, often government, keeps a second copy of your private key.
• Under court order, they can see all of your communications.
• Also used by corporations, in case the user is unavailable
• Key escrow outside of your organization creates a possible security issue

Question 94

What is Certificate Chaining?

Answer 94

The certificate chain, is the chain of trust from the CA’s Root Certificate, down to the user’s certificate. Each certificate in the chain should be verified.

Question 95

What are the four main types of certificates?

Answer 95

Types of certificates:

• End-Entity
• CA - self-signed at root or issued by higher CA
• Cross-Certification
• Policy - controls policy info to PKI clients in high-security situations

Question 96

What is a Wildcard Certificate?

Answer 96

A Wildcard Certificate authenticates and entire entity: *.example.com instead of just one individual at the entity.

Question 97

What is the SAN field used for in a certificate?

Answer 97

The SAN (Subject Alternative Name) is a field/extension in a certificate that can be used for:

• Machine: The FQDN
• User: the User Principal Name (UPN)
• SSL: can indicate multiple domains across which the certificate is valid

Question 98

What is a code signing certificate?

Answer 98

A Code Signing Certificate certifies the authenticity of a piece of code.

Question 99

What is a Self-Signed Certificate?

Answer 99

A Self-Signed Certificate has no greater authority of trust. An internal corporate PKI would have a self-signed certificated on the root CA.

Question 100

What is a Machine/Computer Certificate?

Answer 100

A Machine or Computer Certificate is used in Active Directory to identify the PC. This is an end-entity certificate.

Question 101

E-Mail and Certificates

Answer 101

Specialized certificates are often issued for email. These are end-entity certificates.

Question 102

User Certificates

Answer 102

User Certficates are used for EFS encryption, email, and client authentication.

Question 103

Root Certificates

Answer 103

Root Certificates:

• Initial basis of trust
• Issued and signed by CA
• Can be chained in a trust structure
• Different vendors (MS, Apple, etc.) have differing lists of trusted root certificates.

Question 104

Domain Validation

Answer 104

Domain Validation:

• A low-trust means of validation to demonstrate control over a DNS domain
• Used for TLS
• Little assurance that the identity has not been spoofed
• Extended Validation is better

Question 105

Extended Validation

Answer 105

Extended Validation (EV):

• Better method of Domain Validation
• Used on HTTPS sites and apps
• Better validation before certificate is issued by CA

Question 106

List Certificate Formats

Answer 106

Certificate Formats:

• DER - can contain only a single certificate
• PEM - Most common. Can contain multiple certificates, including a certficate chain.
• CER - Used for website SSL Certificates. Microsoft alternative to CRT
• CRT - used on Unix systems
• KEY - used for public or private PKCS#8 keys
• PFX - PKCS#12 file - stores server cert, intermediate cert and private key in one file. Used to import and export certificates and private keys in Windows.
• P12 - Alternative extension for PKCS#12
• P7B - PKCS#7 - stores certs and chain certs, not the private key. Used in Windows and Java Tomcat.