Lernkarten

Encrypting a counter to produce a stream cipher

• can be parallelized
• convert a block cipher into a stream

The message is not encrypted, a number is encrypted and uses the random number that comes out to XOR the message.

Standard mode for all encryption cipher (AES)

The problem is before a message can be encrypted the “secret key” must be shared with the communication partners over an insecure channel, this problem is solved with Diffie-Hellman

1. Alice and Bob agree on base parameters.

p = a large prime number, is very big usually 2048-bit or 4096-bit

1. = also a prime number must be a primiteve root of p e.g. 3 is a primiteve root of 7

1. Alice and Bob select numbers as private keys

Alice chooses a private value at random

Bob chooses a private value at random

The private vlaues must be between 1 and . Is a 2048-bit number, which is never told to anyone

1. Alice and Bob each calculate a public key

Alica calculates:

Alica calculates:

The public key is created using and to mathematically hide the private version.

1. The puvlic keys are swapped over the wire

Alice sends the result of the calculation:  

Bob sends the result of the calculation:

1. The private key is combined with the others public key to create the shared “secret key”

Alice computes:  

Bob computes:  

1. The shared secret is usually called the pre-master secret. It’s used to derive session keys

24, Lösungsweg in den Folien 4 S. 53

1. Encryption that only the owner of the public key can read. If you want to send a encrypted message to another network member just take his/her public key and encrypt the data with this key.
2. Signing that must have been performed by the owner of the private key. If you want to trust a server he can send a message encrypted with his private key and you know by encrypting the message with his public key that ist him/her

Discrete Logarithms:

3^29 mod 17 = x   x is easy to determine

3^x mod 17 = 12 x is hard to determine, especially for big numbers, because the solution can only be found with brute force

encryption: 

c(MessageBob)= 893 mod 3127=1384

decryption: 

c(MessageBob) = 1384 13942011 mod 3127 = 89

This is an example from the presentation 5 starting at page 27

• RSA is very weak if encrypting short messages
• Padding is added in short messages, optical asymmetric Encryption padding (OAEP) is the used
• Introduces an IV into the process and then hashes it
• The receiver will have to use the exact same padding to make sure the messages match up
• It’s not common to see encryption done in RSA
• RSA is 1000x slower than symmetric crypto systems

Tom: c(SignatureAlice)= 42^2753 mod 3233=3065

3065^17 mod 3233 = 42 => SignatureAlice=42

Bob: c(SignatureAlice)= 42^2753 mod 3233=3065

3065^17 mod 3233 = 42 => SignatureAlice=42

Alice: c(SignatureAlice)= 42^2753 mod 3233=3065

Lösungsweg Präsi 4 S.34

Signing is encrypting with the private key

RSA is going to become slower because bigger keys will have to be used.

• the main alternative is DSA (Digital Signature Algorithm) which uses
  • DSA only works for signing
  • it acts like RSA but uses mathematics similar to Diffie-Hellman

Takes a message of any length and creates a pseudorandom hash with a fixed length.

Used for Message authentication, Integrity, passwords

A good hash algorithm is fast, but not too fast

Any linput length results in a fixed size hash.

1. it has to be quick but not too quick

2. it has to introduce diffusion => 1 change results in many

3. Given a hash, we can’t reverse it 

4. Given a message and its hash, we can’t find another message that hashes to the same thing  

5. We can’t find any two messages that have the same hash 

MD5: is strong but creates collisions => broken

SHA1 / SHA2: is strong and currently not broken

SHA-2 256 bit or 512 bit

SHA-3 is not better or worser than SHA-2

SHA-2 is to fast a attacker can generate a lot of hashes and compare the outputs to the found password

A good solution for password hashes are the following algorithms

• PBKDF2(Password-Based Key Derivation Function 2)
• bcrypt

works similar to SHA-2 but the process is repeated e.g. 5000 times this makes it 5000 times slower. also these algorithms are hard to run on a GPU which makes it more difficult to parallel create hashes to gues the password.

• Digital signatures
• message tampering is a common attack and with hashes it can be ensured that the message wasn't altered. 
  • The hash of the message is added to the packet the receiver applies the hash function on the content and compares it to the received hash, if both of them are the same it's more likely that the data hasn't been changed

A DNS Zone transfer is a process where one DNS server copys parts of its databse to another DNS. This helps to have more than one server which can answer questions about a zone. The slaves ask for a copy by the master.

A DNS Zone transfer attack, is that you pretend to be a slave an get a copy of the DNS zone records. 

Risk: The zone records, show a lot of internal topology information about the network, if someone wants to subvert (untergraben) the DNS with spoofing (falsche Identität verwenden) and poisoning, this is very helpful.

Offensive Cybersecurity, focus on penetration testing, assume the role of a hacker, show organizations what could be backdoors or exploits, common practice is that they are outside of the organization.

Defensive Cybersecurity, Assessment (Bewertung) of network security, identification of possible vulnerabilities, find ways to defend, change and re-group defence mechanisms to make incidents responses much stronger. They are continuously improving the digital security infrastructure using security audits, log and memory analysis, pcap, risk intelligence data

Reduce risk and support the mission of the organization.

• It is impossible to design a risk-free environment
• Significant risk reduction is possible often with little effort

Process:

• Identifying factors that could damage or disclose data
• Evaluating those factors in light of data value and countermeasure (Gegenmassnahme) cost
• Implementing cost-effective solutions for mitigating(mildern) or reducing risks

• Evaluation, assessment, and the assignment of value for all assets of an organization
• Examining (untersuchen) an environment for risks
• Evaluating each threat event as to its likelihood of occurring and the cost of damage it would cause if it did occur
• Assessing (bewerten) the cost of various countermeasures for each risk and creating a cost benefit report for safeguards to present upper management

reducing risk, implementation of safeguards and countermeasures to eliminate vulnerabilities

moving risk to another entity or organization

risk tolerance, cost/benefit analysis shows that countermeasure costs too much

Deterrence: Abschreckung

security cameras, security guards, instructional signage

selecting alternate options or activities that have less associated risk than the default e.g.: removing the FTP protocol from a server to avoid FTP attacks.

to reject risk or ignore risk. 

• once a countermeasure is implemented the risk that remains is called a residual risk. 

• the way government agencies obtain wiretapping authorizations
• allow authorities to obtain a blanket authorization for a person and then monitor all communications to or from that person under the single warrant.
• ISPs may have to provide the government with a large range of information.

• The new law applies to all organizations that collect data from EU residents or process that information on behalf of someone who collects it.
• The law even applies to organizations that are not based in the EU, if they collect information about EU residents.
• The ability of the EU to enforce this law globally remains an open question
• A data breach notification requirement that mandates that companies inform authorities of serious data breaches within 24 hours
• The creation of centralized data protection authorities in each EU member state
• Provisions that individuals will have access to their own data
• Data portability provisions that will facilitate the transfer of personal information between service providers at the individual’s request
• The “right to be forgotten” that allows people to require companies to delete their information if it is no longer needed

STRIDE is a model of threats

Spoofing: attack with the goal to gain access and target the system with a falsified identity

Tampering: unauthorized change or manipulation of data whether in transit or storage, to falsify communication or alter  static information

Repudiation: The ability of an attacker to deny having performed an action or activity

Information disclosure: the revelation or distribution of private, confidential, or controlled information to external or unauthorized entities.

Denial of Service (DoS): prevents use of a resource, could reduce throughput or introduce latency in order to hamper productive use of a service

Elevation of privilege:  transform a limited use account into an account with greater privileges, powers and access.