Welcome everyone today's lecture will be devoted to encryption, we will analyze all the main aspects, as well as talking about encryption in general.
I would like to discuss and analyze the fundamentals of encryption, we will study symmetric and asymmetric encryption, and also slightly touch some terms, such as: hashes, SSL, TLS, certificates, data interception using the sslstrip utility and other weaknesses associated with encryption. This is the fundamental knowledge required to select the appropriate security tools to reduce risks from being calculated by
"federals".
Many of you, if we dig a bit deeper, don't have the foggiest idea about their safety and privacy. They can only blindly object things, based on the opinions of other people.
But when it comes to your security and privacy, only You can be the guarantor of your safety, and no one else.
But surely, some smart guys will ask the question: "How can I be the guarantor of my safety if I do not know anything about it?"
One of the principles you should learn is- the principle of planning. All your actions should be clearly planned.
But in order to plan something you need to be competent in this area, to answer your questions, such as: what is it and what is it for?!
In General, encryption consists of 2 components - encryption and decryption.
With the help of encryption, the following information security states are provided:
2. Integrity - encryption is used to prevent information from being changing during the transmission or storage.
1. Privacy - encryption is used to hide information from unauthorized users during transmission or storage.
2. Integrity - encryption is used to prevent information from changing during transmission or storage.
3. Identifiability - encryption is used to authenticate the source of information and to prevent the sender from rejecting the fact that the data was sent by him.
in Order to read the encrypted information, the receiving party needs to have a key and a decoder (a device that implements the decryption algorithm).
BY THE WAY: the idea Of encryption is that the attacker, who is intercepting the encrypted data and not
having a key to it, can neither read or change the transmitted information.
Let's imagine a locked door, in order to find out, what is on the other side of the door, we need to open it with the key from this door.
And in the case of data encryption. Only instead of a closed door, we have an algorithm for encrypting data, and instead of a key from this door, a secret key (password) for decrypting data.
Goals of encryption.
the main purpose of encryption is to store important information in encrypted form.
in general, encryption is used to store important information in unreliable sources and to transmit this information through unprotected communication channels. This type of data transfer represents from itself two mutually reversed processes:
1. Data is encrypted before it is sent over the communication channels or before it is stored.
2. The decryption procedure is used to recover the original data from the encrypted data.
Encryption was originally used only for the transmission of confidential information. Subsequently, the information was encrypted with the purpose of its storage in unreliable sources. Encryption of information, with the purpose of its storage is used as for now, it avoids the need for physical storage of it (usb, ssd disks).
BY THE WAY: we will analyze the examples of encryption methods and after that, you will clearly see the whole point of it, so do not worry about it. (tomorrow)
What are the encryption methods:
1. Symmetric encryption - uses the same key for both encryption and decryption.
2. Asymmetric encryption - uses 2 different keys: one for encryption (which is also called open (public)), the other for decryption (called closed (private)) or vice versa.
These methods solve certain problems and have both advantages and disadvantages. The specific method used, depends on the purpose, for which the information is encrypted.
in order to make the right choice in the approach to encryption, which encryption method to use? And to answer other related questions, you will need to understand what encryption is, as I said earlier.
Based on the infographics above (link), we can visually understand the principle of encryption
- the Sender sends an encrypted message: "Hello, Marfa"
- Attackers intercept this message, but since they do not have a key to decrypt it, they only see a set of characters: "%#&$!"
- The recipient, having the decryption key, can easily read the message sent by the sender in encrypted form, he already sees the text of the sender in its original form: "Hello, Marfa" it is no exaggeration, if we say that encryption is the best tool that we have in our arsenal for protection against hackers and surveillance.
By the way, about the terms:
Encryption is a method of converting human-readable data, called plaintext, into a form that a human cannot read, and this is called ciphertext. This allows you to store or transfer data in unreadable form, because of that information remains confidential and private.
Decryption is a method of converting encrypted text back into human readable text. If you perform a simple Google search, you will see HTTPS and a green lock icon, which means that all the content of the web page is not readable by people who may try to intercept data transmission over the network.
Simply put or symmetric encryption (encryption method is meant 1 of 2 that say)
There are two main components of encryption:
1. The encryption algorithm is publicly known and many, many people have studied it carefully attempting to determine whether the algorithm is strong or weak.
2. Secret key - you can imagine that the secret key is a password and it must be kept secret.
The Algorithm can be represented as a closed door, and the secret key is the key to this door (see Infographic link above).
Symmetric cryptosystems use the same key for encryption and decryption.
Based on the infographic above, let's look at an example, I want to send Marfa some file, but I do not want any 3rd party people to see it. For clarity and ease of use, I decided to encrypt this file with the program 7-Zip.
By this analogous structure sectors/discs are encrypted in VeraCrypt, TrueCrypt, we will also take this for example.
Let's look at the screenshot above:
1. An encryption algorithm is a mathematical process of converting information into a string of data that looks like a random set of characters and letters.
2. A hash function is a conversion of input data, in our case, to an output bit string. The purpose of the function is to ensure integrity and to detect unintended modifications.
3. AES-256 - indicates which algorithm is used (AES) and what block size we have (256), as we can see in 7-Zip there is no possibility to customize the configuration, rather than in VeraCrypt.
4. With the help of the entered password, your key will be generated for the selected encryption algorithm (in our case AES-256), for decryption you will need to specify the decryption algorithm if its possible and enter the password, in our case again.
At the output we get an encrypted archive, which is for unpacking and obtaining information that
is inside, you must enter the decryption key, in simple terms the password.
As you can notice the symmetric block encryption algorithm, Advanced Encryption Standard (AES), was used for encryption.
This algorithm uses only the one key, the key is created using our password (see point 4 for clarity of the conversion)
You can also choose which block size 128/256/512/1024 bits, will be used, in our case there were only 256 bit and 512 bit variants.
BY THE WAY: Imagine a door and a lot of locks on it. It will take you a long time to open or close this door. Same as for algorithms, the higher the bitrate, the stronger the algorithm, but the slower it encrypts and decrypts, you can consider this as the strength of the algorithm.
256/512 bits - this is also the volume of the key space, that is, a digit, denoting the total number of possible different keys that you can obtain using this encryption algorithm.
BY THE WAY: To break a symmetric cipher, it is necessary to go through 2 * N combinations, where N is the key length.
To break the symmetric encryption with a key length of 256 bits, you can create the following number of combinations, which are, possible keys: 2^256 = 1.1579209 e+77 or if you decompose 1.1579209 e * 10^77 when calculating, we get the following number of possible variations (this is a 78-bit number).
2^256 = 11579208923731619542357098500868790785326998466564 0
564039457584007913129639936
If anything, you can check this number there http://kalkulyatoronlajn.ru
Thus, for all those who doubt the safety of the chances of collision 2 ^ 256, there is a number: there is a probability that the collision will have 1-n of more than 1.1579209 e*10^7= 78-bit number (the number which is higher)
All this means that it is extremely difficult to pick up the key, even with the help of very powerful computers, assuming that you used a long and random password when you were generating the key. (about the passwords we will analyze in details tomorrow)
BY THE WAY: we will talk about the passwords separately, what to use, and etc. Together with the programs and why. Don't stop up your brain with all this information at this stage, lets now talk about this..
People and governments are constantly trying to crack encryption algorithms. In this article, I'll give you a list of algorithms that are good and which are not, which ones are amenable to hacking and which ones are currently impossible to crack.
Symmetric encryption Algorithms
1. Data Encryption Standard (DES) is an algorithm for symmetric encryption, developed by IBM and approved by the U.S. government in 1977 as the official standard (FIPS 46-3). The block size for DES is 64 bits.
2. Triple-DES (3DES) is a symmetric block cipher, created in 1978 on the basis of the DES algorithm in order to eliminate the main drawback of the last small key length (56 bits), which can be broken brute-forcing key search.
3. Blowfish is a cryptographic algorithm that implements block symmetric encryption with a variable key length
4. RC4 is a stream cipher, which is widely used in various information security systems in computer networks (for example, in SSL and TLS protocols, WEP and WPA wireless security algorithms).
5. RC5 is a block cipher developed by Ron Rivest of RSA Security Inc. with variable number of rounds, block length and key length. This extends the scope of use and simplifies the transition to a stronger version of the algorithm.
6. RC6 is a symmetric block cryptographic algorithm derived from the RC5 algorithm.
7. Advanced Encryption Standard (AES) - symmetric block encryption algorithm (block size 128 bit, key 128/192/256 bit), adopted as the encryption standard by the us government on the results of the AES competition. This algorithm is well analyzed and is now widely used as it was with its predecessor DES.
Symmetric algorithms are used in most encryption systems that You use daily: HTTPS, Full disk encryption (TrueCrypt, VeraCrypt and others), file Encryption (7-Zip, WinZip and others), Tor, VPN. Symmetric encryption is used almost everywhere
BY THE WAY: Advanced Encryption Standard (AES) is a common standard for symmetric encryption. For maximum protection, use AES-256 where possible. AES is fast and today- it is impossible to crack (assuming that you have a strong password, about this will be below).
2nd type or method, to whom as it is more convenient Asymmetric encryption
Very smart people have invented this encryption using public and private keys and algorithms based on the complexity of certain mathematical problems. I will not go into mathematical details because their understanding is not necessary for your protection.
For the right choice of security tools, you only need to have the basic understanding of algorithms and the strength of algorithms, as well as cryptographic systems that you are going to use.
As we know, the symmetric encryption method uses 1 secret key, whereas asymmetric encryption methods (or public key cryptography) use one key (public) to encrypt information and another key (secret) to decrypt information. These keys are different and cannot be obtained from one another.
Let's solidify this material immediately
Symmetric encryption method - one key, uses the same key for both encryption and decryption.
Asymmetric encryption method - two public keys (public from English) and closed (private from persistent)
so, we have a file for Marfa, which if You remember in the section of symmetric encryption (see Screenshot above) was encrypted using the 7-Zip program using the AES-256 encryption algorithm and a strong password, but how do we get the password to Martha so that she can decrypt the file?
BY THE WAY: the Best way to transfer something and to be sure of the delivery of the information to the specified recipient, is to hand over personally.
But this is not a good idea, because we may simply not know where the addressete is, or he may be so far away that to deliver something "in personal" becomes problematic, or maybe we just need anonymity.
Asymmetric algorithms (using public and private key):
1. RSA (Rivest-Shamir-Adleman) is a public key cryptographic algorithm. This algorithm is very popular, 1 of the most common asymmetric algorithms you'll see, and I'll show you where to look for them and how to use them.
Definition: the cryptographic Stability of this algorithm is based on the complexity of factorization or decomposition of large numbers into the product of Prime factors.
2. ECC (Elliptic curve cryptosystem) - a common and gaining popularity algorithm. This cryptographic system based on elliptic curve cryptography, or ECC. The strength of this algorithm relies on the problem of computing discrete logarithms on elliptic curves.
3. DH (Diffie-Hellman) - Its stability is based on the problem of discrete logarithm in a finite field. Diffie-Hellman is becoming more and more popular because it has a property called "direct secrecy," we'll discuss it later.
4. ElGamal - scheme El-Gamal, and the cryptographic strength of this algorithm is also based on complexity of discrete logarithms in a finite field.
DEFINITION: cryptographic Stability (the ability of a cryptographic algorithm to resist cryptanalysis) - this algorithm is based on the complexity of factorization or decomposition of large numbers of the product of Prime factors
Narrowed with determination, sorry
These asymmetric algorithms helps to solve the problem of key exchange or negotiation, as well as to allow the creation of so-called electronic digital signatures. So potentially we can use public and private keys to send Marfa our private key in a secure way, without the possibility of intercepting its content.
BY THE WAY: once Again, in algorithms using public and private keys, two keys are used, not one, as in symmetric encryption.
the Difference is that asymmetric encryption has a public key that is created to be known to any person, that is, it is the public key, and there is a private key, which should always be kept secret and be private. These keys are mathematically linked and both are generated at the same time. They must be generated simultaneously because they are mathematically related to each other.
Any website that uses HTTPS has public and private keys that are used to exchange a symmetric session key to send you encrypted data. It's a bit like the Zip file we saw. They use these public/private keys and then they need to send another key, the type of key that we use for the Zip file, in order to perform encryption (end-to-end will analyze later)
REMEMBER HOW the LORD's PRAYER AND UNDERSTAND:
If You encrypt with a private key, You need a public key to decrypt!
If You encrypt with a public key, You need a private key to decrypt!
In asymmetric encryption, if the message is encrypted with the 1st key, then the 2nd key is needed to decrypt this message. If you encrypt with a private key, you need the public key to decrypt.
If you encrypt with a public key, you need a private key to decrypt. It is impossible to encrypt and decrypt with the same key, and it is extremely important. For encryption or decryption, you always need related keys.
But why would we encrypt with a public or a private key? What's the difference? What's the point of using them? Why don't we use only one of them?
Especially for you, I drew an infographic to simply and easily explain the usefulness of these keys and how they can be used.
BY THE WAY: In this infographic we are looking at two directions of encryption that are considered, first we will analyze the one with green arrows, and then with red ones.
1 way (green arrows)
The method with green arrows shows that the sender encrypts using the public key of the recipient, Marfa, it means that you need anonymity and confidentiality so that no one can read the message except the recipient.
IMPORTANT: let's Say You encrypt a file using the public key of the recipient. The message can only be decrypted by a person who has a suitable private key, that is, the private key of Martha.
So that we know that these keys are interrelated with one another,we will decode with one and encrypted with another and there is no other way.
the Recipient (Marfa) cannot identify the sender of this message. Since the public (public) key is public and that it is laid out and usually shared, so that anyone can use the public (public) Marfa key for encryption.
When the sender encrypts using the public key of the recipient, the message is confidential and it can only be read by the recipient, who has a private key to decrypt the message, but as I said before, there is no possibility of identifying the sender, provided of course if You do not send there any data for subsequent Identification
2 way (red arrows)
All of the above results in the 2nd method of using open (public) and private (private) keys.
If you encrypt with your own private key, it means that you are interested in authentication. In this case, it is important that the recipient knows that you sent the encrypted message. To do this, you encrypt with your private key. This gives the recipient confidence that the only person who could encrypt this data is the person who owns this private key, Your private key.
EXAMPLE: You are the Creator of some software, but the government is indignant and hinders your activities in every way. Let's simulate the following situation:
Let's say I want to download this software, here is the hash amount of this file, however, if the website is compromised, it means that the attackers could substitute this file for downloading and add a Trojan or something to it, to spy on me, and they could also replace the checksum.
So, this hash doesn't mean anything. It will not detect intentional modification of the file. We need something else to verify that this website, is in fact, the official website of the software.
And here we come to certificates, digital signatures and other means. All these documents are obtained as a result of cryptographic transformation of information using the private key signature and allows you to check the absence of distortion of the information in the electronic document since the formation of the signature (integrity), belonging to the owner of the signature key certificate (authorship), and in the case of successful verification to confirm the signing of the electronic document (non-repudiation)
We will talk About this later. I еhink tomorrow.
Encryption of data, using the private key of the sender, is called the format of the public message, because anyone with a copy of the corresponding public key can decrypt the message.
you Can think of it as if you officially put something on the Internet for public access, and since you encrypted it with your private key, anyone can make sure that it was you who left this message. Privacy or anonymity in this case is not provided, but the authentication of the sender, that is you, is provided.
Next. When different encryption technologies are used in combination, such as those that we have already discussed, since they can all be used in combination and cannot be used individually, they are called cryptographic systems, and cryptosystems can provide you with a range of security tools.
Cryptographic system can provide you with a number of security tools. Among these tools:
1. Confidentiality - the need to prevent leakage (disclosure) of any information.
2. Authentication - authentication procedure, that is, we know that Marfa is really Marfa and no one else.
3. Prevention of failure - which means that if you send an encrypted message later you will not be able to deny this fact.
4. Authenticity - the authenticity of the fact that the message has not been modified in any way.
Examples of cryptosystems are any things that use encryption technology, such as: PGP, BitLocker, TrueCrypt, VeraCrypt, TLS, even BitTorrent, and even 7-Zip which we used to encrypt a file in a symmetric encryption method.
for EXAMPLE: So that we can send our file to Marfa, we can use Marfa's public key to encrypt files, or to transfer anything in encrypted form.
But first, of course, we'll need the public key of Martha, it is enough to obtain it once, in some protected way, it is important, and then we will be able to always send an encrypted messages, available for Martha to read.
PGP is a system that we can use for this purpose, it uses the technology of encryption of messages, files and other information presented in electronic form
DEFINITION: PGP (Pretty Good Privacy) - a computer program, also a library of functions that allows you to perform encryption operations and digital signature of messages, files and other information, presented electronically, including transparent encryption of data on storage devices, such as a hard drive.
For these purposes, we can use Jabber + PGP or OTR, I recommend to read this article, pay particular attention to paragraphs 7 and 8.
Write it down for homework.
By the way on the account of IP who uses there will be an article or in General other servers, they use Sdn that is, it turns out that the IP address of the resource is hidden behind the SDN, that is you, who sends a request it goes through a chain like this YOU - SDN - IP servers
that is, the Sdn is intermediary and the site is tied when working with the domain, it will issue SP Sdn and there will be no connection with the jabber.
But let's go back to encryption. When it comes to cryptography with public and private keys or asymmetric encryption, there are both strengths and weaknesses.
Asymmetric encryption - public and private keys:
1. Better key distribution, since Martha can put her public key right into her signature and anybody will be able to send her encrypted messages or data that only she can read.
2. Scalability - if you use symmetric keys and want to send your file to Martha and, say, 10 other people, you will have to pass your password 10 times. It's completely non- scalable. Asymmetric algorithms have better scalability than symmetric systems.
3. Authentication, prevention of failure - this means that if you sent an encrypted message, then later you will not be able to deny this fact. Since it was encrypted with a private key, your private key
4. Slow - if you look at the length of the message in bits (see screenshot below) after asymmetric algorithms work, you will notice that it is much longer than the symmetric key encryption algorithms, and this is the evidence of how much slower they are.
5. Mathematically-intensive - The longer the bits are, the greater the number of mathematical operations, and therefore the greater the load on the system.
Symmetric encryption - private key:
1. Fastness - if you look at the length of the message in bits (see screenshot below) after running symmetric algorithms, you will notice that it is much smaller than the encryption algorithms with asymmetric keys, and this is the evidence of how much faster they are.
2. Reliable - Look above about AES-256 where was the calculation of the number 2^256 and see for yourself, but there are also 384 / 512 /1024 and more..
For a visual demonstration look at this screenshot below
in Order to fix the material, let's return to the analogy with the number of locks on the closed door. With the open and closed keys on the door there are hanging a lot of locks, so encryption and decryption takes much longer. For the CPU, this is a lot of mathematical operations, which is why there are hybrid systems, or hybrid cryptographic systems.
Public and private keys are used to exchange negotiation keys, and we use symmetric algorithms like AES to encrypt data, thereby extracting the maximum benefit. HTTPS, which uses TLS and SSL, is an example of this type of hybrid system, as is PGP.
Thats all for part 1
