Most people think that cryptography is an island in the magical land of make believe. However, cryptography is very real and not as complex as most cree. If you use the Internet, is likely to use cryptography applied in their day to day duties. This can be accessed bank account to recover their monthly balance for the purchase of spare parts for cars from a store or manufacturer. Companies use cryptography to ensure that sensitive data is kept confidential between the parties and the data remains intact. Cryptography is the art of converting messages into a secret code or cipher. This process alters a text message using an algorithm to create a ciphertext / encryption message.
History of Ciphers
cryptography has been in use for thousands of years. In fact, it was in use before 2000 B.C. Egypt in the form of hieroglyphics. The Greeks even uses encryption called Scytale the cipher and was worn as a belt of messengers. The Scytale was designed a combination of a long strip of paper with writing and in a certain size. This strip of leather that wrapped around the staff to decipher the encrypted text. Julius Caesar also uses a cryptographic algorithm called ROT-3. This coding shifts the alphabet three spaces to the right and was very effective in time.
Applied Cryptography
Ok, but how does it affect you? The basic applications of cryptography are to provide confidential (secret data), integrity (protection of intentional or unintentional alteration), and authentication (you demonstrate that you say you are). Some ways to allow even Nonrepudiation services to prove that the message was written, sent or received. Let& 39;s review briefly the most commonly used encryption systems that you can use every day, leaving the trivial details out.
You hear the words and X.509 digital certificates (used in digital signatures) throughout this document. Digital certificates are used in the same way a real signature is used as a verification of approval. The most well-known companies that sell these certificates are as follows:
Verisign - http://www.verisign.com/
thwarted - http://www.thawte.com/
(offered free email electronic personal digital certificates)
Internet traffic (Collection of Web site traffic and e-mail)
HTTPS: Hypertext Transfer Protocol over Secured Socket Layer. Do not mistake HTTPS SSL. It is a misnomer that is spread by those who do not understand SSL. HTTPS uses SSL to create an encrypted tunnel between a client and a server. This lasts throughout the tunnel connecting the site and is most common safety feature on the Internet. This form of encryption is established using a server X.509 certificate that digitally signs the message.
S / mime: Secure Multipurpose Internet Mail Exchange. S / Mime uses two X.509 certificates (also called digital signature) and the two signs and encrypt e-mail. The author digitally signs the e-mail with your private key. Once this happens, the message will be encrypted with the recipient& 39;s public key and sent. When the message reaches the recipient of the message is decrypted with the recipient& 39;s private key, then checked the author using the public key. This ensures that people who use a packet sniffer (a program that allows a person to see the traffic crossing the network) does not see your account information. Customers e-mail, like Netscape Communicator and Microsoft Outlook may use S / Mime with little configuration required.
S-HTTP: HTTP Secured. The benefit of S-HTTP over HTTPS is the fact that each message is encrypted instead of using a tunnel that is vulnerable to a man in the middle and a session hijack attack. Another advantage of S-HTTP is that it allows a client / server encryption authentication
Tunneling (Ensure network traffic)
IPSec: IP security protocol is the most commonly used network encryption for the business world. When most people in the computer industry think about virtual private networks (VPNs) s, which immediately think of IPSec. Companies that need to use IPSec an encrypted tunnel that allows all network traffic to flow through. Unlike SSL, IPSec is not limited to a port. Once the IPSec tunnel has been established, the system should have equal access to the network that would have on the physical location. This offers much more power, but also requires much more general. Another issue is security. The more open the network, is the most vulnerable. This is another reason why VPNs are usually on the outside of a firewall. Vulnerabilities to include IPSec session hijacking, and play attacks.
SSH: Secure Shell provides a terminal as a tunnel that protects data crossing the network and should replace clear text protocols such as Telnet and FTP. This allows you to connect to a server over the Internet securely online and manage remote systems without allowing the rest of the world to see everything they are doing. One of the most popular SSH clients windows is Putty.
SSL: Secure Socket Layer can be used to create a single port / connector virtual private network (VPN) through a server X.509 certificate. The most common use of SSL is the website traffic HTTP or HTTPS. SSL is vulnerable to man in the middle of attack. Anyone can create a CA to distribute certificates, but note that a digital certificate is as reliable as the CA that controls the certificate.
WEP: Wired Equivalent Privacy. This algorithm uses either a 40-bit or 128 bit key (24 bits used for the initialization vector) key. Most of the devices also allow a wireless access point to filter MAC addresses to increase access controls on the device. WEP is vulnerable and has been exploited by criminal hackers (crackers), while wardriving since WEP has beaten the market. Some of the most popular tools used for wardriving are: Airopeek - a packet sniffer Airsnort WiFi - a WEP encryption key recovery tool Kismet - 802.11 layer2 a wireless network detector Netstumbler - 802.11 layer2 a wireless network detector
WPA: Wi - Fi Protected Access is a new rule that exceed the old WEP technology in the near future. WPA uses a Pre-Shared Key (PSK) for networks Soho, and extensible authentication protocol for other wired / wireless networks for authentication. Some cryptoanalysts claimPSK is a weakness due to the fact that a cracker can access the key and the key brute force until it is known. The encryption system used is Temporal Key Integrity Protocol (TKIP). TKIP ensures more privacy and data integrity through a temporary key instead ofthe traditional static key. Most people welcome this technology during the less secure access WEP.
File (Ensure individual files)
stenography: stenography is the art of hiding messages or files to other media such as a file. JPG image O. MPG video. You can add these data in bits without using file which can be seen using a hex editor. Stenography is the easiest way to hide a message, but is by far the least reliable. Security darkness is like a padlock on the door of a car. It is only intended to keep people honest honest.
PGP: Pretty Good Privacy is a free program that was created by Philip Zimmermann in 1991 and was the first widely accepted system of public key. PGP is a suite of encryption tools used to encrypt the data and various types of traffic. PGP can be used for S / Mime and digital signature of a message. PGP uses a ring of confidence which enables the community to trust a certificate rather than a hierarchy of Certification Authority (CA) to verifythe user identification. More information can be found at http://web.mit.edu/network/pgp.html
Personal/Freeware: This can be downloaded from MIT for free.
Diffie-Hellman
CAST 128-bit encryption
SHA-1 hash function
Commercial: PGP Software Developer Kit (SDK) 3.0.3 has received Federal information processing Standards (FIPS) 140-2 level 1 validation National Institute of Standards and Technology (NIST).
RSA key exchange ideas
encryption MD5 hashing
CryptoAPI function: cryptography Microsoft component that enables developers to encrypt data. Microsoft has also developed an ActiveX control called CAPICOM even allow access to the script of CryptoAPI.
Each encryption model is vulnerable to an attack or another. Below is a list of attack techniques that are used by cryptoanalysts to break the keys used to protect the messages
Ciphertext-Only: This is the easiest start, but more difficult to succeed. The attacker recover the text data encryption through listening to network traffic. Once the key has been saved, the cracker can attempt to brute force the message until it resembles something legible.
Known-Plain Text: This is the assumption that the cracker having both the text and the associated text Encryption of one or more messages. In WWII, the Japanese relied on cryptography, but had a weakness formal messaging. These messages were able to break because the ciphertext began and ended with the same message. Part of the text was known and cryptoanalysts were able to decipher the message using the familiar text-Text method.
Chosen Plan: Like the know-text attack, but the attacker can choose to encrypt the text. An attacker can assume the identity of another person and send a message to the objective needs to be encrypted. Since the text is chosen target and sends the encrypted message, the text is elected attack successful.
Chosen-ciphertext: The cryptoanalyst is chosen by the ciphertext and has access to decipher the plaintext.
Birthday paradox: This attack is successful when a hash value of a text coincides with the hash value of a text completely different. This anomaly is proved mathematically among 23 people, there are 23 * 22 / 2 = 253 pairs, each of which is a possible candidate for match.
Brute-Force: This form of attack is applied to go through every possible solution or combination until the answer lies. This is the most resource and time intensive method attack
Dictionary: The attacker compares the hash values with objective values hash of commonly used passwords. Dictionary files can be downloaded from the Internet hundreds of sites.
Man-in-the-Middle: The attacker intercepts messages between two parties without a goal, either knowing that the link between them has been compromised. This allows the attacker to modify the message will.
Replay: Replay attacks are simply a repetition of the data captured in an attempt to deceive the target that allows the unauthorized access.
Back in the cyber cafe, if Janet connected to a server Web secured by SSL to do their banking online and used S / mime to send private email, the cyber thief who have never had a chance to see his unmentionables.
About the author: Jeremy Martin CISSP, ISSMP, ISSAP, CIS , CEH, CCNA, Network +, A + Sr. Information System Security Consultant Pluss Corporation - http://www.pluss.net information security - http://www.infosecwriter.com (requires Flash)
(800) 835-9609 / (406) 892-8600
Member From
Becca - Business espionage controls and countermeasures Association
ISAC Information System Audit and Control Association
(ISC) - international information systems security certification Consortium
ISSA - Information System Security Association
OISSG - Open information systems security Group
yen NTE - Network executives youth
Bookmark it:
No comments:
Post a Comment