# Justin Bieber’s Letter On Cryptography

Security can be enforced with scalable network design and cryptography.

Cryptography, and more precisely cipher suites, help achieve the three pillars of computer and network security: confidentiality, integrity and authenticity. They are also called the security Triad.

• Confidentiality is achieved through encryption,
• Integrity is achieved through hash, signatures and MAC,
• Authenticity is achieved through hash, certificates and MAC.

## Encryption

Prior to encrypt and decrypt messages, it is assumed that both the sender and the receiver hold a copy of the encryption key K. They can exchange it by phone, on a CD, on a USB drive,…

The way encryption works is by using the mathematical XOR function (its mathematical symbol is ⊕). A message M is XORed with a key K to produce an encrypted message C. At the receiver, the encrypted message C is XORed with the same key K to reproduce the original message M.

The input of an encryption algorithm is called the plaintext. The output is called the ciphertext. In the figure:

• Mi is the plaintext
• Ci is the ciphertext
• K is the key used for encryption and decryption.

The length of the encryption key -the key length– defines the robustness of a cryptographic system against Brute Force attacks. The longer the key, the longer it takes to reveal it with this kind of attacks. For example, if a key length is 64 bits, then the Brute Force attack will explore all 2 power 64 possible key values -called the keyspace.

However, Brute Force attacks are dependent on processing power. And with the recent technological advancements, these attacks are generating results faster than before.

In practice, systems used in cryptography – cryptosystems in short- use smaller keys such as 128-bit and 256-bit keys.

An algorithm that performs encryption and decryption is called a cipher. There are symmetric and asymmetric ciphers.

## Symmetric ciphers

In cryptography, symmetric ciphers are divided in two types: stream ciphers and block ciphers. Some of the popular symmetric ciphers are DES, 3DES, AES (used in TLS and SRTP), WPA, WPA2, RC4 and Blowfish.

Symmetric ciphers are also called secret-key encryption algorithms, because the robustness of the cryptographic system depends on the secrecy of the key, not on the secrecy of the algorithm.

Symmetric ciphers are fast and are often used to encrypt bulk data at a great speed.

### Stream ciphers

They use the key K to generate a pseudo-random sequence; a key stream. The message M is then XORed to the key stream, to generate the encrypted message C; the ciphertext.

The receiver applies the same pseudo-random sequence to the received ciphertext, using the same key generator and the same encryption key, to regenerate the original message M.

An example of stream ciphers is the One-time Pad, or the Vernam cipher. This cipher is called after its inventor Gilbert Vernam, an AT&T engineer. It has been improved by an officer in the US Army by making the cryptographic key K randomly generated.

One downside of the Vernam cipher: K must be of the same length as M. So if the message M is 5 Kbytes, then the key K must equally be 5 Kbytes long.

With each key K of size k bits and in One-Time Pad algorithms, if a hacker wants to generate the original message M from the encrypted message C, then he has 2 to k possible values of M, since M has the same size as K!

RC4 -Rivest Cipher 4- is another cipher that improved upon the Vernam cipher. It was used in WEP encryption. However, vulnerabilities have been discovered and the cipher is less used nowadays.

### Block ciphers

Instead of generating a single ciphertext, block ciphers in cryptography chunk the plaintext into equally-sized plaintext blocks. To each plaintext block is applied the block cipher to produce ciphertext blocks.

Block ciphers operate in two modes :

• Electronic Code Book (EBC)
• Cipher Block Chaining (CBC)

In EBC mode, each 64-bit plaintext chunk is encrypted with DES to produce a 64-bit ciphertext block. The encryption key is the same used for all the chunks. The risk for a hacker to detect a pattern in ciphertexts is high.

CBC came to mitigate the limitation of ECB. In CBC, each 64-bit cleatext chunk is XORed with the previous 64-bit ciphertext block, except for the initial cleartext block which is XORed with an initialization vector.

So the output of each encryption step is used as input for the next encryption step.

To decrypt ciphertext blocks, the same method is applied.

WPA2 is an example of a block cipher.

### Message Authentication Code (MAC)

Message Authentication Code (MAC) in the cryptography domain must not be confused with Media Access Control protocols or even Mac Address Protocol.

MAC ensures both integrity and authenticity of the information: it allows to determine if a message has been altered on the network path. And it allows to answer the paranoiac question “is it really you when you pretend it is you?”

This is possible by verifying that the MAC at the sender side is the same at the receiver side.

## Asymmetric ciphers

Asymmetric ciphers are also called public-key algorithms. Two keys are used: a public key and a private key.

The public key is distributed without worrying about its secrecy (hence the word “public”). The public key serves to encrypt the message. The private key is used to decrypt the message.

Let’s suppose Alice wants to send a message to Bob:

• Bob generates a key pair: one public key and one private key,
• Alice uses Bob’s public key to encrypt the message,
• Alice sends the encrypted message. Bob receives it,
• Bob uses his private key to decrypt the message.

Asymmetric ciphers are slower than symmetric ones. RSA (Rivest-Shamir-Adleman), DSA (Digital Signature Algorithm) and AlGamal are all examples of asymmetric ciphers.

## Hybrid cryptosystems

Symmetric ciphers are fast. And asymmetric ciphers are more robust, but slower. So why not combine both?

A combination of symmetric and symmetric ciphers can be used. The encryption key is exchanged in a public-key cryptosystem process. And once the encryption key is correctly received (by the correct destination), it can be used to encrypt user data at high speeds.

## Hashing in cryptography

Let’s define some terms first:

• “Hash” and “hash function” are the same thing.
• “Cryptographic hash” is not the same thing as a hash. Both a hash and a cryptographic hash generate a fixed-length hash value from an input string, no matter what the size of the string is. But, a cryptographic hash is collision-free, i.e. given a message x that has a hash h(x), there can never be a message y where its hash h(y) equals h(x). In other words, there can not be two hashed messages with the same hash value.
• “fingerprint” or “digest”: the output of a hash algorithm

In the figure, we first sent a single-word text “Fox”. Then we sent a sentence. Then we altered the sentence by one character. We clearly see that the digest always has the same size. We also notice that any modification of the original message will produce a completely different fingerprint.

The popular hashes are:

• MD5,
• SHA-1,
• SHA-2

SHA-1 has been defeated years ago. SHA-2 is developed by the US National Security Agency (NSA).

Recently SHA-3 was developed as part of a NIST competition. The algorithm behind SHA-3 is called Keccak, and it was developed by Bertoli & Al.

## Digital Signatures

Digital signature is a mechanism used in cryptography that provides authentication through the use of asymmetric encryption and hashing.

Let’s suppose Alice wants to send data to Bob. The principle is that Alice generates a pair of keys; she uses her private key to encrypt data, and her public key will be used by Bob later (yes it is different from the public-key encryption we saw earlier).

First, the message Alice wants to send is hashed and a fingerprint is produced. Let’s call it Fingerprint_Alice. The fingerprint is encrypted using Alice’s private key. The output of this encryption is the digital signature.

Both the original data and the digital signature are sent in the same message over the network.

Bob receives both the original data and the digital signature:

• He applies a hash function to the original data and generates a fingerprint. Let’s name it Fingerprint_Rec1:
•  He tries to decrypt the digital signature using Alice’s public key. If he succeeds, then Alice is “really” the sender; we say that we achieved authentication, and the one who claims sending the data is really the sender:
• We decrypted the received digital signature with Alice’s public key. We compare the result with Fingerprint_Rec1.
• If there is a match, then we achieved integrity,
• if not, then the message has been altered along the way.

So we see that Digital signature performs both data integrity check and authentication check.

The digital signature process can be implemented using RSA. Yes, RSA is an asymmetric cipher. But when the private key is used for encryption and the public key for decryption, we are creating a digital signature.

## Certificates

We saw in digital signatures that the (public,private) key pair is used to sign messages; a client uses a server’s private key to sign the message and the server uses his public key to verify the signature. But there is a problem: what if the client received a private key from another host pretending to be the server? This is a Man-In-The-Middle attack, where the attacker promotes himself as the server, and the client signs messages using the attacker’s private key. The attacker then verifies the message with his public key, before sending any data he wants to the real server.

What the client needs to have is a cryptography mechanism that proves that the server is legitimate, even before exchanging signed documents. This is done with certificates.

Certificates -aka digital certificates- are another cryptography method to provide authenticity. A certificate is digital document that proves the trustworthiness of a host.  For the host to be legitimate on the Internet, it must have a digital certificate that had been issued by a third-party trusted entity called the Certificate Authority (CA). There are many CAs in the world.

A certificate contains information such as:

• the server name,
• the Certificate Authority name who issued the certificate,
• the validity of the certificate: each certificate has a “valid from… to…” line
• the hash algorithm
• the digital signature algorithm.

Digital certificates leverage digital signature and hash.

Protocols such as SSH and HTTPS use digital certificates. When you access secure websites or enter payment areas within a website (with HTTPS), a certificate verification occurs between the client (the Internet browser) and the server. The Internet browser checks the certificate trust chain (the trust hierarchy up to the CA), the validity of the certificate …and that’s all done because Internet browsers come with pre-built lists of CA.

You must have seen the certificate error on your web browser at least a couple of times. That’s mainly due to a mis-configured security feature that has to do with certificates. One common example is an expired certificate. I once had that case when the certificates installed on our production CUCM servers expired, and Firefox blocked web access to them because of this.

## Verifying certificates in a Windows computer

Windows stores a list of cryptography certificates issued by CAs. To view them, do Run –> certmgr.msc

You’ll find all the digital certificates here: personal certificates, trusted CA certificates,…

To get more information about a particular certificate, double-click on it and go to the Details tab. For example, we can read the hex value of the public key below:

## Transport Layer Security (TLS)

TLS is a popular protocol in cryptography that succeeded SSL. It operates above the Transport layer.

TLS chunks data into data records. A data record can have a size bigger than a TCP segment. So there is no one-to-one mapping between data records and TCP segments.

By the way, TLS provides a compression feature.

### TLS protocol flow

Having both a TLS client and a TLS server, the TLS process starts when the client sends a Client_Hello packet. It includes the list of supported ciphers (varies with the type and OS of the client host) and a random number.

The server replies with a Server_Hello packet and its digital certificate. The certificate contains the public key that will be used by the TLS client later. Then he sends a ServerHello_Done message.

[box type=”note” align=”aligncenter” ] Here, the server is authenticating himself to the client, by sending his digital certificate. The server can also optionally authenticate the client by asking it for its certificate to (a Certificate_Request packet). But for simplicity purposes, we’ll assume only the server sends the certificate. [/box]

The TLS client produces a pre-master key and encrypts it with the server’s public key. He is now ready to change the cipher and then notices the server that he has finished.

The server receives the encrypted pre-master key and decrypts it with its private key. He noticed that the client asked him to change ciphers (which means the client has generated a symmetric key). So he replies back and generates the symmetric key as well.

At this point, communication can start and get encrypted at the same time with the symmetric cipher.

Another great explanation of TLS is made by John Wagnon from F5 DevCentral. Watch below:

Summary

In this tutorial, we learned:

• Basic terms in cryptography
• Symmetric and asymmetric ciphers
• How cryptosystems help ensure confidentiality, integrity and authenticity
• What encryption is and how it works
• What hashing is and how it works
• What MAC algorithms are and how they work
• What digital signatures are and how they work
• What certificates are and what their purpose is.

References

Ads generate tiny amounts of money that could help me pay hosting services for this blog.