Cryptography

Cryptography Definition

In its simplest form Cryptography is the writing or solving of codes. Today's Cryptography and Cryptographic systems go far beyond the original concept but still involve writing and solving codes. Cryptography is used to promote strong authentication, perform integrity checks on data, and keep data confidential.

Block Ciphers

To encrypt data, block ciphers and stream ciphers are two options available to a user or application. A stream cipher will encrypt the data one bit at a time using a symmetric key. A block cipher encrypts the data in predefined chunks of data called blocks. This allows the data to be encrypted in a parallel fashion instead of serially as in a stream cipher. Both block and stream ciphers use a symmetric key, which must be used to decrypt the data. Two common block ciphers in use are the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES). DES typically uses block sizes of 56 bits, while AES can use block sizes of 128, 192, or 256 bits. Cyber security professionals should understand and be comfortable explaining and implementing block ciphers within enterprise networks. The NIST SP-800-38A provides methods and techniques for Block Cipher operations.

Key Management

Key management can be one of the most difficult parts of implementing an encryption system. How do you authenticate the person or system you are trying to share data with? Kerberos is one of the systems designed to answer this question. In a Kerberos system, if UserA wants to send a message to UserB, UserA first contacts a Kerberos key server. This server issues a secret key to UserA, KeyAB which has been encrypted with UserB's secret key (KeyB). Both messages have been encrypted using UserA's key, so only UserA can read it. UserA then sends a message to UserB, using UserB's key, called a ticket. UserB decrypts the message, and now the message is only available to UserA and UserB, as well as the Kerberos server. One advantage of Kerberos for key management is that it does not need constant updates to track keys. Keys exchanged between users do not need to be tracked. Once the Kerberos server issues a key it only needs to keep a record of whom the key was issued to. This feature also allows the Kerberos functions to be spread out among many machines.

Public Key Infrastructure

Public Key Infrastructure (PKI) is used to maintain secure communication between systems. PKI defines a set of roles, policies, hardware, software, and procedures needed to create, manage, distribute, use, store and revoke certificates and manage public-key encryption. PKI is used to bind public keys to an identity. This binding is accomplished using a Certificate Authority (CA) to register and issue secure certificates.

Certificate creation usually follows this process:

  • A user or enterprise creates their private and public key (OpenSSL or similar tool used)

  • The CA requests some information from the user or enterprise to verify them

  • A Certificate Signing Request (CSR) using the information and public key is generated

  • The CSR is signed using the private key

  • The CA validates the request and generates the certificate, signing it with its own private key

A form of PKI most users are familiar with is the use of secure certificates in websites, the HTTPS in front of a URL signifies it is using PKI.

Reflection

As a cyber security professional, keeping data safe is paramount. Understanding and implementing cryptography strategies will be one of the largest tasks a leader will undertake. There is a substantial ethical requirement for a cyber security leader to ensure that sensitive data is kept confidential and all appropriate safeguards are put in place. Using all tools available and keeping pace with emerging trends will be crucial to my success as a security professional. Leading organizations through the process of applying cryptography and encryption where appropriate is one of my main takeaways from this course.

Appropriately using encryption to secure data is a complex, multi-part undertaking. There are many products on the market for sale and open source that can adequately protect assets. Knowing which to use in a given situation is one of the largest lessons I learned in this course. Using PKI for our public-facing Internet servers, and Kerberos for our server authentication will allow our clients and customers to feel secure sharing their data.

References

Ferguson, N., Schneier, B. & Kohno, T. (2010). Cryptography Engineering:Design Principles and Practical Applications. Hoboken, NJ: John Wiley &Sons.

NIST. (2017, January 4). Block Cipher Techniques | CSRC. NIST Computer Security Resource Center. Retrieved October 12, 2022, from https://csrc.nist.gov/Projects/block-cipher-techniques

What is PKI? A Public Key Infrastructure Definitive Guide. (n.d.). Keyfactor. Retrieved October 14, 2022, from https://www.keyfactor.com/resources/what-is-pki/