Cryptography

CRYPTOGRAPHY

1

W1-CRYPTOGRAPHY Presented

By

Vishalya Dulam

AVONMORE TERITARY INSTITUTE

CRYPTOGRAPHY

2

INDEX

P.no

Abstract 3

1. Cryptography 3-7

a) Modern Methods of Cryptography 4

(i) DES 4

(ii) DSA 5

b) Usage in I.T Industry 7

2. a) Application of Cryptographic Techniques in Computing 7

b) Cryptography Used in SET on Web Browser 8

c) Cryptography in VPN 9

3. Windows Authentication 9-12

a) Win NT 10

b) Win 2000 10

c) Win Server 2003 11

d) Win Server 2008 11

e) Win Server 2012 12

f) Difference between Integrated Windows Authentication and Logon

Authentication 12

4. Kerberos Protocol 12-14

a) Description of Kerberos Protocol 12

b) Time Synchronization in Kerberos Protocol 14

CRYPTOGRAPHY

3

ABSTRACT:

Primarily Computer Networks are used by University Researchers for sending e-mails and by co-operate

company employees for sharing printers. At this stage there is no problem for security attention. Now-a-

days millions of ordinary citizens using networks for banking, online shopping, e-booking, etc. Due to this

network security became the massive problem. To overcome come this problem many security techniques

are came into existence, in those techniques Cryptography is the one of the important technique for

securing the data or information from the particular source to required destination. These are of many

types and in this report we know about few methods of cryptography and their functioning.

1. CRYPTOGRAPHY:

The word Cryptography comes from the Greek word and it means “Secret Writing”. Cryptography is

a process which encrypts the original data into cipher text by using key and this cipher text is decrypted at

the other end by using key and these keys are called session keys which includes Public and Private Keys.

Protection of Data or Information:

Cryptography protects the data only, owner and other person who got access from owner can view the

data. When the private information is encrypted and transmitted across the internet and stored on a

server, it which allows only required persons to see the data who have key. Cryptography protects data

Confidentially, Integrity,Availability,Authenticity and Non-repudiation

For example, Sender sends plain text to the Receiver, the below diagram describes about the transmitting

of data between sender and receiver. At first, Sender sends the plain text which is encrypted into cipher

text using key is nothing but Encryption and it passes through network at last reaches the proper

destination. Here, at the Receiver cipher text converts into original plain text using key is nothing but

Decryption.

CRYPTOGRAPHY

4

a) MODERN METHODS IN CRYPTOGRAPHY:

Many modern methods are come into existence in cryptography, now discussing two methods of

cryptography and their theory of operation.

(i) Data Encryption Standard (DES):

DES is designed by IBM in 1976 by National Bureau of Standards (NES), which got approval from National

Security Agent (NSA). In the year 2000 DES is used in the standard encryption process later from 2001

AES is replaced by DES.

Theory of Operation:

DES uses a symmetric key for both encryption and decryption of data; it is a one type of algorithm which

takes a fixed length string of 64-bits plain text, it performs a series of complicated operations to convert

the plain text into cipher text of same length at a time. The key is of 64-bits in it 56-bits are meant for

encryption and decryption process, the person who holds this 64-bit key can perform the encryption and

decryption of data. The remaining 8-bits of key are used for the purpose of parity check and later on it is

not used or discarded. Key is transmitted as 8 bytes and each consists of odd parity. 16 rounds are

included in DES process in which 16 intermediate keys is included which carries 48-bits each.

CRYPTOGRAPHY

5

The above diagram the total process consists of three phases and it describes about functioning of initial

permutation on entire DES structure consists of 64-bit block of data and it splits into 32-bit sub blocks

which are passed through rounds as shown in figure. Each round is identical which includes 16 rounds, the

security algorithm is increased and temporary efficiency is decreased. At the 16th round, the 32-bit output

quantities are swapped by using functions which combines the text and the output of final permutation is

64-bit cipher text.

Key Structure:

Initially, 56-bits keys are selected from 64-bits permuted choices, algorithm generates some sub keys.

The below diagram tells about key function and it includes-

1. Key is then splits into two 28-bits and processed alternatively. In each round, both halves are rotated

left by one or two bits and then 48-bit sub key is selected by permuted choice. The 8-bits are used by

parity checker.

2. The key schedule is same for decryption.

Strengths of DES:

DES uses 54 bit key for encryption, there are 256 possible keys. An attack on such number of keys

is impossible.

It is tough to find the weakness of DES.

Weakness of DES:

The purpose using IP and FP not clearly described.

Instead of 64-bits only 56-bits are used.

The designing of cipher have some defects.

(ii) Digital Signal Algorithm (DSA):

DSA is a United States Federal Government standard for digital signatures. It was proposed by the

National Institute of Standards and Technology (NIST) in 1991 for use in their Digital Signature Standard

(DSS), specified in FIPS 186 in 1993.

Theory of Operation:

DSA is one type of asymmetric cryptography where both public and private keys are used for transmitting

the data from sender to receiver. Many organizations across the world use digital systems for transmitting

the electronic data among them in a secured manner.

The below diagram explains life cycle of document which includes digital signature. This technique is

slower but reliable because there no chance for data loss. The main requirement for the organizations is

CRYPTOGRAPHY

6

paper work which is transmitted digitally and the main fundamental principle is to validate the data by

assigning digital signature.

The procedure for digital signature is simple which ensures authenticate of documents transferring

themselves and stored with computer tools. The digital signature of electronic document having the

following requirements:

Authenticity: At the Receiver, it verifies the identity of the sender.

Non-repudiation: The sender can’t delay the signature document.

Integrity: The receiver is unavailable to modify the signed document which is sent by non-

authorized user.

Digital signature is generated based on asymmetric key pair, the private key is used by the owner and it is

not shared used to generate digital signature for specific document, for verification purpose the public key

is used to authenticate the signature. The digital signature consists of three algorithms:

The algorithm generates a pair of key (PK, SK) where PK is public key and SK is secret key, this

key pair is used to sign in the document.

In Signature algorithm, sender sends message ‘m’ and the private key gives signature as ‘x’.

In verifying algorithm, it verifies the incoming data and signature with public key. At this stage it

accepts or rejects the signature.

The document is sign in with private key and its signature verified with public key. Once security is given

to document it is impossible to reconstruct the private key even though both keys are uniquely connected.

Process:

The original data is encrypted by using one way hash function with the user’s privat e key. The following

steps are involved in digital signal processing:

The user send the document or a file which is encrypted using the hash function here 256 bits SHA

is used, when the owner uses private key to sign in then the sign is calculated with come hash

functions, it also generates come control codes on document.

Once the hash get calculated then it is impossible to get it back so the hackers cannot hack the

transmitting documents or file without private key.

On the receiver side, the data is decrypted using same hash algorithm with public key, it also

compares with the new hash and previous hash functions. If they both match then user can sign in

to the document.

CRYPTOGRAPHY

7

The above diagram explains about the hash values and how the data is transmitted between user A and

user B using hash algorithm.

Strengths of DSA:

Reduces the time and cost when compared to other algorithms.

High level of efficiency operations is done.

High data quality with long term storage of files.

Weakness of DSA:

DSA signatures are much shorter than RSA (Rivest-Shamir-Adleman) algorithm, because DSA

signature consist 56-bits and RSA signature consist 2048-bits.

The strength of verifying in DSA is slower when compared to RSA.

b) USAGE IN I.T INDUSTRY:

The Digital Signature Algorithms are used in reputed Organizations and multiple companies with

sub offices, to transfer the confidential information across them with the help of digital signatures.

The Data Encryption Standards are used in bank ATM’s for transactions with help of pin number,

person can perform the transactions; once it matches with the pin already existed in required bank

portals.

Reference: http://www.creativeworld9.com/2011/04/abstract-and-full-paper-on-network_13.html http://www.cs.ust.hk/faculty/cding/COMP364/SLIDES/readdes.pdf http://www.facweb.iitkgp.ernet.in/~sourav/DES.pdf https://www.lri.fr/~fmartignon/documenti/systemesecurite/4-DES.pdf http://www.herongyang.com/Cryptography/DSA-Introduction-What-Is-DSA-Digital-Signature-

Algorithm.html http://en.wikipedia.org/wiki/Digital_Signature_Algorithm http://securityaffairs.co/wordpress/5223/digital-id/what-is-a-digital-signature-fundamental-principles.html 2. a) APPLICATION OF CRYPTOGRAPHIC TECHNIQUES IN COMPUTING:

User Authentication: When the user uses their password on the network for login purpose and then

cryptography authentication techniques are used which gives high security to the password, like

generating one time verification codes here user authentication uses public or private keys.

Hardware and Software Implementation: The hardware devices used in computer like electronic

chips, ROM protected processors are implemented by cryptography and controlled by software,

instead of by passing the data, the software is protected by cryptography techniques it ensures the

hardware and gives correct information.

Transferring Files on Network: Files are transmitted between one user to other on network and

data should be protecting against the attackers. The sender sends the file, it is encrypted and the

encrypted file is sent to receiver. Symmetric key is used it means only one key is used for both

encryption and decryption. To decrypt the file, the system component driver’s users their private

CRYPTOGRAPHY

8

Key to decrypt the symmetric key which is used to encrypt the file, now the encrypted file system

component drivers uses symmetric key to decrypt the file by other user on network.

b) CRYPTOGRAPHY IS USED ON SECURITY ELECTRONIC TRANSACTION (SET) ON THE WEB:

Secured Electronic Transactions (SET) is one type of protocol which is used for the purpose of transactions

on networks which are not secured and these are mainly used in banking sectors for online transactions

done with credit cards.

There are various technologies are used to secure the web browsers as SSL, HTTPS, SSH and IPsec:-

SSL: SSL stands for Socket Secure Layer. SSL is a one type of protocol which consists of

certificates that are used to secure the data transmitting between the user and server, without

certificates if data is transferred then there is a chance to hack the data. The below diagram tells

about the interaction between browser and the server.

When the browser requests the SSL and server responds along with session keys which is encrypted with

SSL public key and sends back to server, now the browser and server start s talking with each other and

the pages are transmitted securely.

HTTPS: HTTPS stands for Hypertext Transfer Protocol over Secure Socket Layer. HTTPS by default

uses port 443.The URL's beginning with HTTPS indicate that the connection is encrypted using SSL.

The below figure tells us about the working of HTTPS and it is implemented by SSL and these SSL

certificates are purchased by HTTPS and installed in web server to identify the type of business

using to encrypt the sensitive data like Credit card information, SSL consists of certificates which

gives permission to communicate securely to its web customers, HTTPS process done in transport

layer.

HTTPS is recognized easily by seeing lock symbol in the security status bar, we can click on it to

view the identity of website. Mainly HTTPS uses SSL certificates for communication purpose to

secure the data from client to server and vice versa.

SSH: SSH stands for Secure Shell, it is a one type of cryptographic network protocol which is used

to transfer the data securely. User can login to the other system under same network as remote

login to transfer the files from one system to other through SSH server. SSH a use automatically

CRYPTOGRAPHY

9

generated public key or private key cryptography to login remote system and encrypts the network

connection then uses the password to login.

IPSEC: IPSEC stands for Internet Protocol Security, it works under network layer to secure the

internet traffic inside the IP. Cryptography technique used to protect the IP packets and the

protection of this packet includes confidentially, authentication and integrity.

c) CRYPTOGRAPHY USED IN VPN:

VPN stands for Virtual Private Network and it is the combination of both public network and private

network. Data transmitting between both the networks can handle by remote user; the data is encrypted

for security purpose. The below diagram tells us about the virtual network.

The encryption techniques used for transferring the data they are:

DTLS: It stands for Datagram Transport Layer Security, these are used in open connect VPN and

solves the problem occurred by SSL.

MPPE: It stands for Microsoft Point-to-Point Encryption; the data is encrypted using point-to-point

protocol. 128-bit key, 56-bit key are supported for encrypting the data. In this the data is not

compressed but the protocol is used as node between the PPP and VPN links.

http://airccse.org/journal/nsa/1111nsa06.pdf http://www.isaca.org/Journal/Past-Issues/2000/Volume-6/Pages/Secure-Electronic-Transaction-SET-

Protocol.aspx http://www.slideshare.net/kagoil235/cryptography-and-ecommerce http://www.slideshare.net/ijnsa/a-secure-electronic-payment-protocol-for-wireless-mesh-

networks?qid=8c68ca76-307f-4992-b506-eed2a2267bcc&v=qf1&b=&from_search=10 http://www.infosecwriters.com/text_resources/pdf/Cryptosystems_SecureWebBrowse rs.pdf https://samsclass.info/122/ppt/ch09.ppt https://www.evsslcertificate.com/ssl/description-ssl.html http://en.wikipedia.org/wiki/Secure_Shell http://en.wikipedia.org/wiki/Virtual_private_network

3. WINDOWS AUTHENTICATION:

Windows authentication is a process to secure the data that is transmitted from client to server on the

network. Once you enable the windows Authentication, the username and password given by the client

are strongly hashed with cryptographic techniques and send on the network for secure browsing. Windows

Authentication is suitable mainly in private networks knows as Intranet by following conditions:

All computers and web servers are being in one domain.

Administrator can confirm every client using same browser like Internet Explorer.

NTLM are not supported by the HTTP proxy connections and mostly they are not required.

CRYPTOGRAPHY

10

a) NT Authentication at Logon:

Compare to other authentication methods, Windows NT authentication method is much complex it

encrypts the username and password, which also held multiple communications between client and server.

Passwords are not transmitted across the network and user credentials are automatically given once the

users log on this are the benefits in Windows NT.

When the user logon to Windows NT with the help of username and password, it requests to LSA which is

responsible by Local Security Authority policy to verify the credentials authentication, it gets permission

from Local SAM (Security Accounts Manager) database and gets access for the tokens to logon. This all

process runs through Win logon. The below figure describes about the logon process of Windows NT.

Protocol Used:

The three different protocols Windows NT they are NetBIOS/NetBEUI, TCP/IP and PPTP. Here a brief

description about TCP/IP.

TCP/IP: It stands for Transfer Control Protocol/ Internet Protocol which is developed by DARPA (Defense

Advanced Research Project Agency) for network connect ions. Users connected to internet using this

protocol in Win NT, without this protocol users can’t connect to internet and it also used as interaction

between the operating system and hardware platforms like router.

b) Windows 2000 Authentication at Logon:

Windows 2000 authenticates is varied whether the user logging from domain or local computer. Domain

Logon: When the user tries to logon on domain the information provided by the user like username and

password are given to domain controller, if the domain have the copy of user then it is validated if not

denied.

Local Computer Logon: When the user tries to logon on local computer then the information provided by

user like user name and password are given to security subsystem of local computer which is operated by

local security database, if the information exist then it is validated if not denied.

Protocols Used:

CRYPTOGRAPHY

11

Different types of protocols are used in windows 2000 for the authentication purpose as listed below:

Password Authentication Protocol (PAP)

Shiva Password Authentication Protocol (SPAP)

Challenge Handshake Authentication Protocol (CHAP)

Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)

Extensible Authentication Protocol (EAP)

c) Windows Server 2003 Authentication at Logon:

In Windows server 2003 all the users should logon to the computer and their identity should be validated

for the authentication and the authorised users will get access to the resources. There are two types of

interactive logon in server 2003 as shown below,

When the user not joined to the active directory domain then they can logon to the unjointed

computer with local account.

When the user joined to the active directory domain then they can log on with local account or

domain account.

Protocols Used:

The protocols used in Windows server 2003 for authentication purpose as listed below;

Kerberos v5

NTLM

SSL/TLS (Secure Socket Layer/Transport Layer Security)

d) Windows Server 2008 Authentication at Logon:

Windows Server 2008 logon process includes security components in windows security compare to

previous Windows servers; these security policies keep the track record of account logons for security

purpose; any organisations can also logon to other systems which are located in sub areas as remote

computers with host servers contains Remote Desktop Protocol(RDP). Logon page interacts with the LSA

(Local Security Authority) to communicate with Remote authentication sources such as Domain Controller.

CRYPTOGRAPHY

12

Protocols Used:

The protocols used in Windows Server 2008 for authentication as listed below;

SSL (Secure Socket Layer)

RDP (Remote Desktop Protocol)

TCP/IP (Transmission Control Protocol/Internet Protocol)

Kerberos V.5 protocol

e) Windows Server 2012 Authentication at Logon:

User should mention login information like username and password to login in windows server 2012 and

these details are used for authentication to user access in local computer under same domain, the

certificates gives access to user to login which are stored in active directory, now the User can also have

access to local network through same domain and get authenticated.

Protocols Used:

The protocols used in Windows Server 2012 for authentication are:

SMB (Server Message Block)

RDP (Remote Desktop Protocol)

f) Difference between Integrated Windows Authentication and Logon Authentication:

http://en.wikipedia.org/wiki/Windows_NT_startup_process http://technet.microsoft.com/en-us/library/hh831360.aspx 4. KERBEROS PROTOCOL:

Kerberos is one type of protocol which is used for providing strong network authentication between the

client and server using symmetric key cryptography. Many protocols are used in Internet for security

purpose because it is an insecure place, but them fails to give security whereas Kerberos protocol gives

strong network security, here client and server using Kerberos to prove their identity.

Integrated Windows Authentication Logon Authentication

1. This type of Authentication is more

secure the username and password given

by user are encrypted with hash

algorithms and sent through the network.

2. Windows Authentication is best for

internet environment because both client

and server are in same domain.

3. It supports two authentication

protocols like Kerberos and NTLM (NT

LAN Manager).

1. This type of Authentication is not secured

because the username and password are not

encrypted.

2. Logon Authentication is used mainly in

Industry to collect username and passwords.

3. It supports SSL for authentication.

CRYPTOGRAPHY

13

a) Description of Kerberos Protocol:

This protocol works as ‘tickets’ for the communication purpose, the below diagram gives brief description

how the protocol works and these even includes Authentication Server (AS) request from the client to get

Ticket Granting Ticket (TGT), the combination of both TGT and AS is nothing but Key Distribution Center

(KDC) which encrypts the users password using secret key and it is controlled by Domain Controller as

shown below,

The description of Kerberos Protocol includes eight steps, now we are going to look those steps with the

help of diagrams:-

Step-1: client sends a request to AS to verify the username and the password is encrypted with security

key.

Step-2: After verifying AS issues to client who includes time stamp and the session having expiry date like

8 hours.

Step-3: In this, request sent back to the client using TGT consist of tickets, as shown below.

Step-4: In this step the authentication is done for the client by submitting the TGT to Ticket Granting

Server (TGS).

Step-5: TGS creates an encrypted key with the time stamp of 8 hours and got permission to the client to

use a ticket.

CRYPTOGRAPHY

14

Step-6: At this step, the client decrypts the ticket and sends acknowledgement (ACK) says that user got

the ticket to TGS.

Step-7: At this stage, the client sends encrypted key to service server as shown below in figure, now in

server it decrypts the key to check the validation of time stamp. If it is validated then service server

directly contacts KDC to get a session between client and the server.

Step-8: At this step, the client checks whether the validation and decrypt s the key, then connection is

initiated between client and server for communication purpose. Now the client is authenticated until the

session expires.

b) TIME SYNCHRONISATION IS IMPORTANT FOR KERBEROS:

The authentication is based on time stamp of tickets in Kerberos protocol and as we discussed

before there is a short life time for tickets which issued by TGT in order to prevent the hackers to

perform any hacking process.

Accurate clock synchronization is there on Kerberos servers, if your clock not synchronized at

certain time intervals then Kerberos shows fatal errors.

If user allows clock on to the server and they themselves makes their network as platform for the

attackers it causes loss in their vulnerability.

Since to overcome these malware activities, time synchronization plays a vital role to provide

security of the Kerberos protocol.

http://tldp.org/HOWTO/Kerberos-Infrastructure-HOWTO/time-sync.html http://en.wikipedia.org/wiki/Kerberos_(protocol)#Description http://web.mit.edu/kerberos/ http://www.slideshare.net/RakeshRajgopal/rakesh-raj?qid=c929c8b1-be01-408c-8de3-

4534487920c7&v=default&b=&from_search=12

CRYPTOGRAPHY

15