Cryptography and Authentication

Download Report

Transcript Cryptography and Authentication

Cryptography and
Authentication Lab
ECE4112
Group4
Joel Davis
Scott Allen Quinn
Outline






Introduction
Cryptography Basics
Sample of Cryptography Protocols
Authentication Basics
Authentication Methods
Lab Walkthrough
Introduction



Cryptography is the method of message secrecy
Cryptography has been applied since the early
day of computers for military and other types of
data security
With the spread of the Internet and the ease of
data acquisition cryptography has become more
important and more widely used.
Cryptography Basics






Key- A key is a piece of information that controls the algorithm in
cryptographic cipher.
Weak Key- A Weak Key is a key that when inputted into an encryption
algorithm makes the algorithm act in an undesired way (i.e. easily crack
able).
Asymmetric Key Cryptography- Asymmetric key cryptography is
encryption methods in which two distinct keys are used.
Symmetric Key Cryptography- Symmetric algorithms are ones in which
the keys for encrypting and decrypting the data are the same or very
closely related.
Block Cipher- A block cipher is a symmetric key encryption in which the
operations are performed on fixed lengths of bits called blocks.
Stream Cipher- A stream cipher is a cipher in which each plaintext
character is encrypted one at a time with the transformations varying for
each successive character.
Samples of Cryptography Protocols






AES (Advanced Encryption Standard) - AES is a block encryption
standard that superseded DES. It is a 128bit encryption standard that is
used by the U.S. government and widely used by other systems including
WPA2 and SSH.
Diffie-Hellman- The Diffie-Hellman key exchange protocol is a protocol
that allows to parties to setup a shared secure key without prior knowledge
of either group.
IPSEC- IPSEC is a suite of protocols that help authenticate, setup public
keys, and encrypt streams of IP traffic.
MD5- Not considered secure anymore, MD5 is a widely used hash
algorithm that is also often used for file integrity checking.
RC4- Is one of the most widely used stream ciphers. It is used by both
SSL and WEP to encrypt data.
SSH (Secure Shell) – SSH is a public key algorithm used to authenticate
and secure connections between systems.
Samples of Cryptography Protocols



WEP (Wired Equivalent Privacy) – WEP is part of the
802.11 standard that tries to protect the wireless signal from
eavesdropping. Soon after implementation its security was
breached due to its use of the RC4 cipher.
WPA (Wi-Fi Protected Access) – WPA was an intermediate
step in the creation of 802.11i. Because of the security risk
the WPA standard was rolled out while the 802.11i standard
was being finalized.
WPA2 (802.11i) – WPA2 is the full implementation of the
802.11i protocol. WPA2 uses the AES block cipher algorithm
instead of the RC4 stream cipher that is used in the WEP and
WPA.
Authentication Basics




Provides trust on networks
Describes identity and data security
Transactions require one-side or twosided authentication
Accountability is provided by Certificate
Authorities and governments
Certificates


Used to sign items
Issued by certificate authorities


Trusted third parties
Certificate can be trusted as long as CA is not
compromised
Digital Signatures



Provides authentication for documents
and communication
S/MIME used for email communication
Secure XML specifications provide XML
formatted documents with security.
Windows CardSpace




Microsoft developed framework for ID
Set of ID cards in the CardSpace
provides necessary claims
Secure data is not actually stored on
your computer
Novel idea, but it may not be used
widely
Directory Services

Provide a central database for network
user’s information



One set of credentials for the entire network
Easier for administration
Standard set of protocols for accessing
the information


Kerberos
LDAP
Lab Layout

Prelab


Section 1


Go to the NSA’s CryptoKids website and learn some basic
encryption techniques to gain experience with basic
cryptography.
Small database of common cryptography terms and
methods
Section 2

Gets some hands on experience with a handful of
programs that encrypt and decrypt data with the methods
described in section 1.
Lab Layout

Section 3


Authentication basics, defining certificates,
signing, Windows CardSpace, and directory
services.
Section 4


Use an email certificate to sign and encrypt
communication
Create a Windows CardSpace card and test it
References









http://blogs.zdnet.com/microsoft/?p=151
http://msdn2.microsoft.com/enus/netframework/aa663320.aspx
http://www.comodo.com/products/certificate_services/email_c
ertificate.html
http://www.wikipedia.org/
http://www.dia.unisa.it/research/grace/demo.html
http://www.slavasoft.com/hashcalc/index.htm
http://www.codeproject.com/useritems/Simple_Cryptographer
.asp
http://www.profactor.at/~wstoec/rsa.html
http://www-cs-students.stanford.edu/~tjw/jsbn/rsa.html