Cisco® CCNA Security Exam Notes : Cryptography Concepts

1. Security Concepts

1.3 Cryptography Concepts

Hashing is used for data integrity that is ensuring that the data is not compromised. The three most popular types of hashes are as follows:

1. Message digest 5 (MD5): This creates a 128-bit digest.

2. Secure Hash Algorithm 1 (SHA-1): This creates a 160-bit digest.

3. Secure Hash Algorithm 2 (SHA-2): Options include a digest between 224 bits and 512 bits.

Among the two hashing algorithms (MD5, 124 bit and SHA1 160 bit) SHA1 provides a stronger hashing algorithm.

The following are true about encryption algorithms:

1. AES (Advanced Encryption Standard) is more secure than DES or 3DES.

2. AES is a symmetric block cipher that can encrypt (encipher) or decrypt (decipher) information

3. AES is based on Rijndael algorithm

4. PGP (Pretty Good Privacy) can use Diffie-Hellman or RSA algorithms, but not AES or DES.

A transform set specifies one or two IPSec security protocols (either Encapsulation Security Protocol or Authentication Header or both) and specifies which algorithms to use with the selected security protocol.

A cryptographic hash function is a "one-way" operation. It is practically not possible to deduce the input data that had produced the output hash.

Hash Algorithms: Hash algorithms produce a hash of a message and encrypt it. They use a mathematical formula for hashing, and it is extremely difficult to tamper with the message and still produce the same hash. Basically, Hashing enable a recipient to check whether a message is received intact without being tampered by a third party.

SHA (Secure Hashing Algorithms): There are several Secure Hashing Algorithms and they primarily differ in the hash length. They are SHA-1, SHA-256, SHA-384 and SHA-512. In SHA-1 the bit length is 160 bits, in SHA-256 it is 256 bits, for SHA-384, 384 bits and in SHA-512 it is 512 bits.

MD2, MD4, MD5 (Message Digest Series Algorithms): These are another type of hash algorithms. These algorithms were developed by Rivest. All three algorithms take a message of arbitrary length and produce a 128-bit message digest. MD2 is meant for 8 bit machines and MD4, MD5 are suitable for 32 bit machines. These algorithms are primarily used for digital signature applications.

Examples of acceptable transform combinations are:

1. ah-md5-hmac

2. esp-des

3. esp-3des and esp-md5-hmac

4. ah-sha-hmac and esp-des and esp-sha-hmac

5. comp-lzs

It is very important to know the distinction between Hashing, Digital signature, and Encryption.

Hashing produces a small footprint (basically, signature) of the original message. It is used to verify the integrity of a message. Hash is generated by a formula in such a way that it is extremely unlikely that some other text will produce the same hash value. In other words, Hash used to ensure that transmitted messages have not been tampered with. Hashing ensures that the message is not tampered with, during transit or storage. Note that Hashing not necessarily encode or encrypt a message.

A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message. A digital signature can be used with encrypted or even un-encrypted message. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real. Digital signature ensures that the sender cannot repudiate having sent the message at a future date.

Typically, the sender generates a hash of the message, encrypts it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message (by using the same formula that was used to produce the Hash by the sender), and compares the two hashes. If they're the same, there is a very high probability that the message was transmitted intact.

Encryption is used to translate a message in to secret code. To read an encrypted file, you must have access to a secret key that enables you to decrypt it. Encrypted data is referred to as cipher text. Encryption ensures that the message cannot be read by any person who do not have matching key to decode the coded message

To define a transform set, use the command:

crypto ipsec transform-set transform-set-name transform1 [transform2 [transform3]]

where transform1, transform2 and transform3 are the allowable transforms.

Example: crypto ipsec transform-set newer esp-3des esp-sha-hmac

The following are authentication algorithms that could be used with the crypto ipsec transform-set command:

ah-md5-hmac - AH with the MD5 (HMAC variant) authentication algorithm

ah-sha-hmac - AH with the SHA (HMAC variant) authentication algorithm

esp-md5-hmac - ESP with the MD5 (HMAC variant) authentication algorithm

esp-sha-hmac - ESP with the SHA (HMAC variant) authentication algorithm

The following are the encryption algorithms:

esp-des - ESP with the 56-bit DES encryption algorithm

esp-3des - ESP with the 168-bit DES encryption algorithm (3DES or Triple DES)

esp-null - Null encryption algorithm

To create the Public/Private key pair used by SSH, the following command sequence is used.

Hostname other than the default "router" needs to be configured first before issuing the command crypto key generate rsa. You also need to configure the domain name before issuing the crypto key generate command.

The correct sequence of commands would be:

hostname Frisco

ip domain-name cisco.com

crypto key generate rsa

The following is a sample output from the "show ssh" command:

Router# show ssh

show ssh command output

Strong Encryption scheme

DES: DES is an old "data encryption standard" from the seventies. Its key size is too short for proper security (56 effective bits; this can be brute-forced). Also, DES uses 64-bit blocks, which raises some potential issues when encrypting several gigabytes of data with the same key.

3DES reuses DES implementations by cascading three instances of DES (with distinct keys). 3DES is believed to be secure up to at least "2112" security (which is quite a lot, and quite far in the realm of "not breakable with today's technology"). But it is very slow, especially in software.

AES: The Advanced Encryption Standard (AES), also known by its original name Rijndael is the successor of DES as standard symmetric encryption algorithm for US federal organizations and worldwide. AES accepts keys of 128, 192 or 256 bits, uses 128-bit blocks, and is efficient in both software and hardware. It was selected through an open competition involving hundreds of cryptographers during several years. Basically, you cannot have better than that.

Note that AES is a symmetric cryptographic algorithm, while RSA is an asymmetric (or public key) cryptographic algorithm. Encryption and decryption is done with a single key in AES, while you use separate keys (public and private keys) in RSA.

AES, the Advanced Encryption Standard is a symmetric block algorithm. AES is used to encrypt data. Both the sender and received need to have the key to encrypt and decrypt the data respectively. It is "symmetric" because the key allows for both encryption and decryption.

SHA isn't encryption, it's a one-way hash function. AES (Advanced_Encryption_Standard) is a symmetric encryption standard. You use SHA functions to take a large document and compute a "digest" (also called "hash") of the input. It's important to realize that this is a one-way process. Any alteration to the document will produce a different hash, and you can easily recognize that the document had been tampered as the reproduced hash is different from the original hash value. It is impossible to reproduce the original hash after altering the document. In other words, "hash" positively identifies if a received document is altered or not.

1. Peer IP addresses: Implemented by Crypto map

2. Traffic to encrypt: Implemented by Crypto ACL,

3. Encryption method: Transform set, which is referred to in the crypto map

4. Hashing (HMAC) method: Transform set, which is referred to in the crypto map

5. Perfect Forward Secrecy (PFS) - Crypto map

Message Authentication Codes (MACs): MAC also called "keyed hashes", are used to verify the authenticity of a message. Let us say, Jane (the sender of a message) and Mike (the recipient) share a secret key. Jane uses the message and the key to compute the MAC, and sends the MAC along with the message. When Mike receives the message, he computes the MAC, and then checks to see if his MAC matches Jane's. If it does, then he knows the message is from Jane and that nobody has changed it since she sent it.

images/pin-icon.png

A certificate revocation list (CRL) is a list of certificates, which have been revoked, and are no longer valid.

PKI:In cryptography, X.509 is a standard for a public key infrastructure (PKI) and Privilege Management Infrastructure (PMI). X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.

In public key infrastructure:

1. A key is required to encode/decode a message, and the security of a message depends on the security of key.

2. A cipher text is the encoded message, and

3. A certificate is a digitally signed document by a trusted authority.

Public Key Infrastructure consists of two important certificates:

1. Root certificates - Identifies the Certificate Authority, CA, and

2. Identity certificates, which identify devices such as servers and other devices that want to participate in PKI.

Configuring PKI on gateway router

The command crypto map <map name> command is given at the interface level. The correct sequence is:

Router1(config)# interface GigabitEthernet 1/0

Router1(config-if)# crypto map MyCmap -1

Router1(config-if)# exit

Certificate Revocation List (CRL): It is a list of certificates with their serial numbers that had been revoked by the CA for whatsoever reason. Usually, the reasons are like expiry of the certificate (the time limit for validity of the certificate has expired) or that the private key has been compromised, and a new certificate had been issued, etc. A CRL could be accessed by several protocols, including LDAP and HTTP. A CRL could also be obtained via SCEP. Simple Certificate Enrolment Protocol (SCEP) is a protocol used for enrolment and other Public Key Infrastructure (PKI) operations

Online Certificate Status Protocol (OSCP): Here, a client sends a request to find the status of a certificate and gets a response without having to know the complete list of revoked certificates

The Public-Key Cryptography Standards (in short, referred to as PKCS) are specifications produced by RSA Laboratories in cooperation with secure systems developers worldwide. Contributions from the PKCS series have become part of many formal and de facto standards, including ANSI X9 documents, PKIX, SET, S/MIME, and SSL.

PKCS #1: Provides standards for implementing RSA algorithm-based public key cryptographic encryption schemes and digital signature schemes with appendix.

PKCS #3: Describes a method for implementing Diffie-Hellman key agreement, whereby two parties can agree upon a secret key that is known only to them (and, in particular, is not known to an eavesdropper listening to the dialogue by which the parties agree on the key). This secret key can then be used, for example, to encrypt further communications between the parties.

PKCS #7: Describes Cryptographic Message Syntax (CMS): CMS defines the syntax that is used to digitally sign, digest, authenticate, or encrypt arbitrary message content.

PKCS #10: Certification Request Syntax Standard

PKCS #12: Personal Information Exchange Syntax Standard. PKCS #12 v1.0 describes transfer syntax for personal identity information, including private keys, certificates, miscellaneous secrets, and extensions.

Simple Certificate Enrollment Protocol (SCEP): SCEP is a protocol used for enrollment and other Public Key Infrastructure (PKI) operations. SCEP is not an Open Standard, and only Cisco devices and a few others support it.

You could easily configure SCEP using ASDM. Enrollment and usage of SCEP generally follows this work flow:

1. Obtain a copy of the Certificate Authority (CA) certificate and validate it.

2. Generate a CSR and send it securely to the CA.

3. Poll the SCEP server in order to check whether the certificate was signed.

4. Re-enroll as necessary in order to obtain a new certificate prior to the expiration of the current certificate.

5. Retrieve the CRL as necessary.

The following are the important components of Public Key Infrastructure (PKI):

Public Key Infrastructure

The user needs to make a phone call to the CA to confirm the Public key of the root certificate.

1. show crypto isakmp sa detail - See the details for the IKE Phase 1 tunnel that is in place

2. show crypto ipsec sa detail - See the details for the IKE Phase 2 tunnels that are in place. There is one inbound Security Association (SA) and one outbound. They both have different SA numbers used for tracking these sessions.

3. show crypto engine connections active - Command provides stats to verify if the encryption and decryption is working.

4. show crypto map - Provides the details of the crypto map, and where it is applied, showing the contents of the IKE Phase 2 transform sets, the current peer and other information.

Identifying a signature in a single packet

Atomic signatures can match on a single packet, as compared to a string of packets. Service signature engine examines the application layer service and the string micro engine examines one or more packets (multiple packets) for any malicious content.

Symmetric and Asymmetric algorithm

Two main types of encryption are asymmetric encryption (also called public-key encryption) and symmetric encryption.

A symmetric algorithm is one which uses the same key for encryption and decryption. Examples of symmetric algorithm are DES, 3DES, AES, and IDEA.

An asymmetric algorithm is one which uses different keys for encryption and decryption.

Examples of asymmetric algorithm are RSA, and Diffie-Hellman.

RSA signatures provide a stronger method for authentication compared to PSK. Note that 3DES is not an authentication protocol but it is used for encryption. DH is used for key exchange.

Public key cryptography: Uses a pair of mathematically related cryptographic keys. If one key is used to encrypt information, then only the related key can decrypt that information. If you know one of the keys, you cannot easily calculate what the other one is. As a result, in a public key system you have the following:

A public key: This is something that you make public - it is freely distributed and can be seen by all users.

A corresponding (and unique) private key: This is something that you keep secret - it is not shared amongst users. Your private key enables you to prove, unequivocally, that you are who you claim to be.

The Public Key used for Encryption

Another person uses your public encryption key when they want to send you confidential information. The information to be sent is encrypted using your public key*. You can provide your public key to the sender, or it can be retrieved from the directory in which it is published.

Note: In normal practice, the actual information being sent is encrypted using a secret key algorithm (symmetric cryptography). Symmetric algorithms are much faster than public/private key algorithms (asymmetric cryptography). A random key (the session key) is generated, and it is used with the symmetric algorithm to encrypt the information. The public key is then used to encrypt that key and both are sent to the recipient.

The Private Key used for Decryption

A private key is used to decrypt information that has been encrypted using its corresponding public key. The person using the private key can be certain that the information it is able to decrypt must have been intended for them, but they cannot be certain who the information is from.

Note: In normal practice the private key is used to decrypt the session key, and that key is used to decrypt the actual information rather than the private key decrypting all the information.

The Private Key for Signature

If the sender wishes to prove to a recipient that they are the source of the information (perhaps they accept legal responsibility for it) they use a private key to digitally sign a message (a digital signature). Unlike the handwritten signature, this digital signature is different every time it is made. A unique mathematical value, determined by the content of the message, is calculated using a 'hashing' or 'message authentication' algorithm, and then this value is encrypted with the private key - creating the digital signature for this specific message. The encrypted value is either attached to the end of the message or is sent as a separate file together with the message. The public key corresponding to this private key may also be sent with the message, either on its own or as part of a certificate.

Note: Anyone receiving information protected simply by a digital signature can check the signature and can read and process the information. Adding a digital signature to information does not provide confidentiality.

Consider the command,

Router(config-isakmp)# group 14

In the above command, group 14 specifies the Diffie-Hellman (DH) group identifier.

By default, DH group 1 is used.

1- 768-bit DH (No longer recommended.)

2 -1024-bit DH (No longer recommended)

5 -1536-bit DH (No longer recommended)

14 - Specifies the 2048-bit DH group.

15 - Specifies the 3072-bit DH group.

16 - Specifies the 4096-bit DH group.

19 - Specifies the 256-bit elliptic curve DH (ECDH) group.

20 - Specifies the 384-bit ECDH group.

24 - Specifies the 2048-bit DH/DSA group.

The group chosen must be strong enough (have enough bits) to protect the IPsec keys during negotiation. A generally accepted guideline recommends the use of a 2048-bit group after 2013 (until 2030). Group 14 or higher (where possible) can be selected to meet this guideline. Even if a longer-lived security method is needed, the use of Elliptic Curve Cryptography is recommended, but group 15 and group 16 can also be considered.

Previous   Contents   Next