# Using Cryptography and TLS with TCPIP for VSE

Document Sample

```					What Mother Never Told You
Don Stoever
Product Development
CSI International
WAVV 2007, Green Bay, WI
Cryptography Fundamentals

 Cryptography is the key building
block for many other security
services
 Without it:
 No privacy
 No authentication
 No integrity

WAVV 2007, Green Bay, WI
Cryptography Fundamentals
   Cryptography algorithms used
to provide:
 Confidentiality
 Authentication
 Integrity

WAVV 2007, Green Bay, WI
Cryptography Fundamentals
   Symmetric algorithms
   Block ciphers – DES, AES, etc
   Asymmetric algorithms
   RSA, Diffie-Hellman
   Digest algorithms
 SHA-256,    SHA-1, MD5
   Digital Signatures
 MAC,   HMAC

WAVV 2007, Green Bay, WI
   Applied Cryptography
   Bruce Schneier
   Considered the bible of crypto…
   RSA Security’s             official   Guide   to
Cryptography
   Steve Burnett + Stephen Pain
   Cracking DES
   Electronic Frontier Foundation
   SSL and TLS Essentials
   Stephen Thomas
   SSL and TLS
   Eric Rescorla Green Bay, WI
WAVV 2007,
Symmetric Encryption
   Same key used for:
   Encryption and Decryption
   Decryption is same code same
keys
   Just different input = encrypted
data
   What if many parties want to
securely communicate? How
many keys do we need? How
manage these
do weWAVV 2007, Green Bay, WI keys?
Symmetric Encryption
   Data encrypted block by block
according to the algorithm and key
   DES uses a 8 byte(64-bit) block
   AES uses a 16 byte(128-bit) block
   DES key sizes
   Single DES uses a 8 byte key, but
   Only 56-bits of the key are used
   Bits 8, 16, 24, 32, 40, 48, 56, and 64 are
ignored...
   56-bit effective strength
   Triple DES uses a 24 byte key
   168-bit effective strength

WAVV 2007, Green Bay, WI
Symmetric Encryption
   AES uses a 16 byte(128-bit) block
   AES Key sizes
   128, 192, or 256 bit key, and
   All bits used(unlike DES which only used
7-bits of each byte)
   AES superior to DES
   More efficient
   More secure?

WAVV 2007, Green Bay, WI
Block Encryption
   How is encryption is actually performed?
   Block by block. Meaning we take a block of data
(64-bits for DES, 128-bits for AES) and encrypt
it using the algorithm and key.
   Repeat that for the full message block by block.
   What are the potential problems of this
approach?
   1. A given cleartext will create the same
cyphertext. That means an attacker can
potentially determine patterns and therefore
analyze the cryptographic system.
   Solution: Cipher Block Chaining
   2. What if I have a data stream that I want to
encrypt or less than the block size?
   Solution: Padding in last block

WAVV 2007, Green Bay, WI
Cipher Block Chaining
   Problem we are trying to address:
   2 identical Plaintext blocks will result in 2 identical
Cyphertext. This may allow an attacker to gather
information on the type of traffic and assist in the
attack of the key.
   So we want 2 identical plaintext to result in 2 different
Cyphertext.
   Basic idea: Instead of encrypting the plaintext,
perform an XOR of the plaintext with the previous
blocks’ Cyphertext. Then encrypt that result.
   Question what do you do for the message’s first
block?
   Answer: Use a predetermined data block to XOR the
first block with it.
   This initial block is known as the “Initialization Vector”
or “IV”

WAVV 2007, Green Bay, WI
Cipher Block Chaining

Cipher Block Chaining (CBC)
m1            m2           m3

IV   (+)           (+)            (+)

E             E              E            Key

c1            c2             c3
The 1st 64-bit message segment isXOR'ed
with an initial vector (I V). Each following
message segment isXOR'ed with the
preceding ciphertext segment.                1
WAVV 2007, Green Bay, WI
WAVV 2007, Green Bay, WI
TripleDES Encrypt of 1 megabyte

600

520
500

400
VSE-VM P390 OS/2

VSE-VM MP3000
300
P30(60mips)
VSE-VM on IBM
200                                              2064(239 mips)

100
42
12
0                    WAVV 2007, Green Bay, WI
Triple-DES Encrypt of 16meg 2048 Times

100000

90000             86016

80000

70000
VM-VSE-Z990
60000                                           Assembler Code
VM-VSE-Z990
50000
Crypto-Assist KMC
40000                                           VM-VSE MP3000
Assembler Code
30000

20000

10000
1036 2
0                WAVV 2007, Green Bay, WI
Triple-DES vs. AES128 Encrypt/Decrypt of
16meg 1000 Times

300
275

250         238

200
z990 KMC Triple-
DES-CBC
150
z990 KMC AES128-
CBC
100

50

0                WAVV 2007, Green Bay, WI
Triple-DES vs. AES128 Encrypt/Decrypt of
16meg 1000 Times

700
610
600

500
z9-109 KMC Triple-
400                                                DES-CBC
z9-109 KMC AES128-
CBC
300   275
z890 KMC Triple-
238
DES-CBC
200

100

0                      WAVV 2007, Green Bay, WI
Asymmetric Encryption
   Most important breakthrough in
crypto science in 4000 years…
   Public Key encryption uses 2 keys
mathematical properties
   One key used to encrypt the other
used to decrypt
   Freely distribute your public key
   Keep private key private

WAVV 2007, Green Bay, WI
Asymmetric Encryption
   Misconceptions
   More secure than symetric
   Depends on key length
   Makes conventional obsolete
   (1000x of DES)
   Key distribution is easy
   Need method to distribute public keys
   Private key must be carefully protected
   Certicate Authorities used, but…
   Future WAVV session on PKI…

WAVV 2007, Green Bay, WI
Asymmetric/Public Key Overview

   Simple concept
(complicated
math theory
behind)
   One key can
encrypt, the
other can
decrypt

WAVV 2007, Green Bay, WI
Asymmetric Cryptography
   It’s computationally easy to generate a
pair of keys
   It’s computationally easy to encrypt
   It’s computationally easy to decrypt
   It is computationally infeasible for an
opponent to derive the private key from
the known public key
   It is computationally infeasible for an
opponent to recover the original message
from the ciphertext knowing only the
public key.

WAVV 2007, Green Bay, WI
Asymmetric RSA Algorithm
   RSA key generation based on RSA
PKCS-1
   Select a positive integer e as its public
exponent
   3 and 65537 are commonly used…
   Randomly select two distinct odd primes p
and q
   (p-1) and e have no common divisors
   (q-1) and e have no common divisors.
   public modulus n shall be product of prime
factors p and q:
   n = pq . 2007, Green Bay, WI
WAVV
   Private exponent is a positive integer d
Asymmetric RSA Algorithm
   RSA encryption process quite simple
   Data formatted into block size of modulous
   64(512), 128(1024), 256(2048) byte block(bit) sizes
   Specific rules used for padding
   Raise the formatted block to the power of the
public exponent
   So for RSA with a 128 byte key
   128*8 = 1024 bits
   Use public exponent to raise a 1024-bit
number to power of 1024 bit exponent
   Public exponent always 3 or 65,537…
   1024 * 1024 = 2048 bit number
   Divide by modulous keep the remainder and
repeat…
WAVV 2007, Green Bay, WI
Asymmetric RSA Algorithm
   RSA decryption also quite simple
   Raise the encrpyted block to the power of the
private exponent
   Private exponent true random 1024-bit
number…
   Much slower(100x) than encrypt because exponent
is much larger…
   Same process as encrypt
   Raises 1024-bit number to power of 1024-bit
number
   Divide by modulous keep the remainder and
repeat…
   But remember…
WAVV 2007, Green Bay, WI
Asymmetric RSA Algorithm
   2 to power of 31 VSE addressing
limit(2gig)
   2,147,483,648
   2 to the power of 64
   18,446,744,073,709,551,616
   Each bit doubles the number space…
   2 to power of 1024
   Number size > number of atoms in know
universe
   Lots of primes in this size number space
   RSA based on difficulty of factoring primes…
   Very computationally intensive
WAVV 2007, Green Bay, WI
Asymmetric RSA Algorithm
   Can be speeded up using math
tricks:
 Modular math
 Chinese Remainder Theorem

   But best handled in hardware…

WAVV 2007, Green Bay, WI
RSA 1024-bit Encrypt-Decrypt 1000 times

6000

4966
5000
VSE-VM P390 OS/2

4000

VSE-VM MP3000
P30(60 mips)
3000

VSE-VM on IBM
2000
2064(239 mips) with
PCICA Crypto-
Coprocessor
1000      646

53
0                  WAVV 2007, Green Bay, WI
Cryptography Digest Algorithms
 Basically a hash of any amount
of data
 Also referred to as a
“fingerprint”
   MD5 creates 16 byte digest
 16*8   = 128 bit number
   SHA-1 creates 20 byte digest
 20*8 = 160 bit number
 No collisions

   SHA-256 creates 32 bytes digest
 32*8 = 256 bit number
WAVV 2007, Green Bay, WI
SHA-1 Message Digest of 4k 1000 times

90
80
80

70

60
VSE-VM P390 OS/2
50
VM-VSE-MP3000
P30(60mips)
40
VSE-VM on IBM
2064(239 mips)
30

20

10         5
1
0                  WAVV 2007, Green Bay, WI
SHA-1 Message Digest of 8k 100,000 times

4500
4074
4000

3500

3000

VM-VSE-Z990
2500
Assembler Code
VM-VSE-Z990 using
2000
KLMD

1500

1000
454
500

0                 WAVV 2007, Green Bay, WI
MD5 Message Digest of 4k 1000 times

0
37

5
VSE-VM P390 OS/2
0

5                                          VSE-VM MP3000
22                                     P30(60 mips)
0
VSE-Socket to PC
Crypto Server on
5                                          Intel P3(700mhz)
VSE-VM on IBM
0                                          2064(239 mips)

5
2
0.5
WAVV 2007, Green Bay, WI
0
Cryptography MAC
 MAC or HMAC will mix in a
secret with the hash
 Create a MD5 or SHA hash of
any amount of data + “secret”
 RFC2104
   HMAC: Keyed-Hashing for Message
Authentication

WAVV 2007, Green Bay, WI
Cryptography Digital Signature
   Create a MD5 or SHA-1 hash of any
amount of data…
   PDF document, etc.
   RSA encrypt the hash with my
private key
   Now anyone can use my RSA public
key to
   Verify that I signed it
   Verify it has not be modified

WAVV 2007, Green Bay, WI
Cryptography Fundamentals
   Algorithms must be:
   Secure and Reliable
   Secret Algorithm’s
   Unknown to attackers
   Only creator and his “friends” know
weaknesses
   Back door’s possible
   Public Algorithm’s
   Subject to crypto-analysis
   Attacked with “brute force”
   Known published weaknesses

WAVV 2007, Green Bay, WI
Cryptography Fundamentals
   Secret Algorithm’s
   “Hidden” in hardware or compiled code
   In software could be reverse engineered
   In hardware much harder to analyze but
secrecy can be compromised by:
 Disgruntled employee
 Careless vendor

   If algorithm has a “flaw” data may be
decryptable without the key
   Not subject to analysis that may identify
weakness before deployment
   The only method to guarantee a
algorithm has a weakness is to allow
cryptographic analysts to study it…
WAVV 2007, Green Bay, WI
Secret Algorithms
   Cable/Sat TV Scrambling
 Rely on hardware
encoding/scrambling
 Many places you can find “cheap”
descrambler for sale.
 Manufacturer relies on difficulty to
analyze hardware functions and
reproduce it.

WAVV 2007, Green Bay, WI
Secret Algorithms
   DVD Encoding
   Movie industry spent years developing a
standard for encryption.
   After development they simply released it. Not
for review, but the full product (DVD) that relied
on the standard.
   Encryption keys were assigned to manufacturers
and decryption keys based on them were
distributed to all DVD reader manufacturers to
   Two “ooppps” happened:
   A DVD software reader improperly protected one
decryption key and it was made public.
   Several (2 initially I think) “security technologists”
(“SoupaFr0g” and “Canman”) reversed engineered
decoded the encryption algorithm used.

WAVV 2007, Green Bay, WI
Secret Algorithms
   DVD Encoding
   Soon after a software program (DeCSS)
was released that allows one to pull the
decrypted data off the DVD disk and
play/save it like any other multimedia
file.
   What was the movie industry reaction:
Sue them but the damage is done:
nobody can order or afford the recall of
all DVD players!
   Lesson learned: Security by Secrecy
does not work! (Unless you work for
the NSA)
WAVV 2007, Green Bay, WI
Public Algorithms
   The algorithm will be scrutinized by experts and if
after some time, nobody finds a weakness: chances
are: there are none!
   So how do you defeat the encryption? The only
way is by going through and trying all possible
decryption keys! This is called a “Brute Force”
attack.
   How many possible keys exist? It depends on the
length/size of the key.
   40 bits key – 240
   56 bits key – 256
   128 bits key – 2128
   On average you will need to go through ½ the
possible keys. However here is a fun question: how
do you know you found the right key? Can you
identify the plaintext? If it is English (or French for
that matter) it is easy but what if it is a binary file?

WAVV 2007, Green Bay, WI
Public Algorithms
   So how do you protect the secrecy?
   Use a longer key!!!
   However the longer the key, the longer it takes to
encrypt/decrypt the data.
   So we can establish that it will be possible for anybody to
decrypt the data: the problem is not IF they can decrypt it but
HOW LONG will it take to decrypt it!
   Make the “cost” of running a brute force attack longer than the
value of the data. For example:
   If it takes you 4 years to decode a credit card number that has a 2
years expiration, is it worth trying?
   If you need to build a \$10,000.00 decryption machine to decrypt
ordering information that will allow you to hijack \$2,000,000.00
worth of data in 3 months, is it worth it?
   Interesting note: It is believed that, using current technology, one
can build a brute force decoder that is able to decrypt a 56/64 bits
encrypted DES traffic in near real time for less than \$500,000.00.

WAVV 2007, Green Bay, WI
Case Study: Reliable Algorithm
with long key: is it safe?

   If you use an algorithm that has
no known weakness (for
example AES) with a long
enough key (for example 128
bits) you are safe from
eavesdropping. Is that really
true? What could go wrong?

WAVV 2007, Green Bay, WI
Case Study: Reliable Algorithm
with long key: is it safe?

   Case example: Law enforcement vs.
child pornographer.
   In 1998, Law enforcement hired a well
recognized cryptanalyst to apprehend an
individual suspected of transmitting
child pornography.
   After getting a court order to sniff the
traffic, they quickly determined that is
was strongly encrypted. How did they
determine that? Encrypted traffic has
the inherent characteristic of been “very
blend”: no patterns, no interesting
characteristics.
   Large size also gave information on the
type of information transmitted: it was
large.WAVV 2007, Green Bay, WI
Case Study: Reliable Algorithm
with long key: is it safe?

   Case example: Law enforcement vs. child
pornographer.
   So how do you defeat that? One solution would
be to bring in the suspect and interrogate him
hoping he will crack. Or… another way: perform
a search at the destination of the traffic. That is
what they did, they found the destination and on
the computer found the decryption key in plain
view! Then they could decode the traffic and
apprehend the suspect.
   What is the lesson? It does not matter how
large your key is: if it is not protected, it is not
safe!

WAVV 2007, Green Bay, WI
IETF Standards
   RFC1321 The MD5 Message-Digest
Algorithm
   RFC2104 HMAC: Keyed hashing for
message authentication
   RFC2202 Test Cases for HMAC-MD5
and HMAC-SHA-1
   RFC1113 Universal Printable
Character encoding
   RFC2459 Internet x509v3 PKI
certificates
   Internet draft HTTP over TLS
WAVV 2007, Green Bay, WI
FIPS Standards
   PUB 46-3 Data Encryption Standard
(DES)
   PUB 81 DES Modes of Operation
Standard(AES)
   PUB 180-1 Secure Hash Standard
(SHA-1)
   http://www-
08.nist.gov/cryptval/des.htm
   http://csrc.nist.gov/pki/nist_crypto/
welcome.htmlGreen Bay, WI
WAVV 2007,
Fundamentals Books you
must have…
   Applied Cryptography
   Bruce Schneier
   Considered the bible or crypto…
   RSA Security’s             official   Guide   to
Cryptography
   Steve Burnett + Stephen Pain
   Cracking DES
   Electronic Frontier Foundation
   SSL and TLS Essentials
   Stephen Thomas
   SSL and TLS
   Eric Rescorla Green Bay, WI
WAVV 2007,
WAVV 2007, Green Bay, WI
CSI Cryptography Products
 SSL for VSE
 SecureFTP
 HFS
 Dr. Crypto

WAVV 2007, Green Bay, WI
CSI Cryptography Products
   SSL for VSE
 Feature of TCP/IP
 Allows secure connections
 Provides API to many crypto
algorithms
   SecureFTP
   Allows secure FTP sessions

WAVV 2007, Green Bay, WI
CSI Cryptography Products
   HFS Encrypted file system
   DEFINE
FILE,DLBL=HFSTST,PUBLIC=HFSTST,
   TYPE=HFS,RECFM=S,LRECL=4096,
   CIPHER=SDESCBC-
SHA1,CIPHERKEY=SEEDSAMP
   CIPHER=KEYMASTER,CIPHERKEY=CIAL
HFSK
   CIPHER=TDESCBC-
SHA1,CIPHERKEY=CIALHFSK
   CIPHER=TDESCBC-
NULL,CIPHERKEY=CIALHFSK
WAVV 2007, Green Bay, WI
   CIPHER=SDESCBC-
CSI Cryptography Products
   Dr. Crypto
 Encrypted tape files
 DES, Triple-DES
 AES with z ICF facility
 User definable key stored in Epic
catalog
 Working on keymaster for non-
Epic

WAVV 2007, Green Bay, WI
Questions

WAVV 2007, Green Bay, WI
CSI WAVV Sessions
“What is PNET?”
─ Ken Meyer, Sunday, 8:00 A.M. (Room B-1/B-2)

   “Entrée ─ Uncut and Unrated (24 x 7 Widescreen Version)”
─ Tim Kessler, Sunday, 9:15 A.M. (Room A4)

   “VSAM Performance Part 1”
─ John Mycroft, Sunday, 10:30 A.M. (Room B-1/B-2)

   “CSI TCP/IP Update”
─ Ed Franks, Sunday, 10:30 A.M. (Room A-1)

   “What’s All the Buzz About Data-Miner”
─ John Mycroft, Sunday, 5:30 P.M. (Room A-4)

   “TCP/IP Performance for TCP/IP for VSE”
─ John Rankin, Monday, 9:15 A.M. (Room B-1/B-2)

WAVV 2007, Green Bay, WI
CSI WAVV Sessions
   “VSAM Performance Part 2”
─ John Mycroft, Monday, 10:30 A.M. (Room A-2)

   “CSI Green Bay (Moderated by Jon Henderson)”
─ CSI Management Team, Monday, 3:00 P.M. (Room A4)

   “VSE Internals”
─ Ken Meyer, Monday, 3:00 P.M. (Room B-1/B-2)

   “Tuning Myths”
─ Ken Meyer, Monday, 4:15 P.M. (Room B-1/B-2)

   “Tuning Myths”
─ Ken Meyer, Monday, 5:30 P.M. (Room B-1/B-2)

WAVV 2007, Green Bay, WI
Thank you…
   Enjoy the rest of WAVV!

WAVV 2007, Green Bay, WI

```
DOCUMENT INFO
Shared By:
Categories:
Stats:
 views: 14 posted: 5/29/2010 language: English pages: 54