UNIVERSITY OF SCIENCE

FACULTY OF ELECTRONICS TELECOMMUNICATIONS

DEPARTMENT OF TELECOMMUNICATIONS NETWORKS

CHAPTER 6

CRYPTOGRAPHY SECURE COMMUNICATIONS

NGUYEN MINH TRI Reference: Cisco Academy, Networking Security v1.0 [Online],
available at: www.netacad.com

NGUYEN MINH TRI - DEPARTMENT OF TELECOMMUNICATIONS - NETWORKS 2

Networking Security

AUTHENTICATION, INTEGRITY, AND CONFIDENTIALITY AUTHENTICATION

To ensure secure communications across both the public and There are two primary methods for validating a source in
network communications: authentication services and data
secure the network infrastructure, including routers, switches, nonrepudiation services.
servers, and hosts. In network communications, authentication can be
There are three primary objectives of accomplished using cryptographic methods.
securing communications:
Data nonrepudiation is a similar service that allows the
Authentication
sender of a message to be uniquely identified. With
Integrity
nonrepudiation services in place, a sender cannot deny having
Confidentiality
been the source of that message.

Nguyen Minh Tri - Department of Telecommunications - Networks 3 Nguyen Minh Tri - Department of Telecommunications - Networks 4
DATA INTEGRITY DATA CONFIDENTIALITY
Data integrity ensures that messages are not altered in transit. Data confidentiality ensures privacy so that only the receiver
With data integrity, the receiver can verify that the received can read the message. This can be achieved through
message is identical to the sent message and that no encryption. Encryption is the process of scrambling data so
manipulation occurred. that it cannot be easily read by unauthorized parties.
When enabling encryption, readable data is called plaintext, or
cleartext, while the encrypted version is called encrypted text
or ciphertext. The plaintext readable message is converted to
ciphertext, which is the unreadable, disguised message.
Decryption reverses the process. A key is required to encrypt
and decrypt a message. The key is the link between the
plaintext and ciphertext.

Nguyen Minh Tri - Department of Telecommunications - Networks 5 Nguyen Minh Tri - Department of Telecommunications - Networks 6

CREATING CIPHER TEXT

The history of cryptography starts in
diplomatic circles thousands of years ago.

encrypted messages to other courts.

Occasionally, other courts not involved in
the communication, attempted to steal
CRYPTOGRAPHY messages sent to a kingdom they
considered an adversary. Not long after,
military commanders started using
encryption to secure messages.

NGUYEN MINH TRI - DEPARTMENT OF TELECOMMUNICATIONS - NETWORKS 7

Nguyen Minh Tri - Department of Telecommunications - Networks 8

TRANSPOSITION CIPHERS TRANSPOSITION CIPHERS
In transposition ciphers, no letters are replaced; they are Another example of a transposition cipher is known as the rail
simply rearranged. An example of this type of cipher is taking fence cipher. In this transposition, the words are spelled out as
the FLANK EAST ATTACK AT DAWN message and if they were a rail fence. They are staggered, some in front,
transposing it to read NWAD TA KCATTA TSAE KNALF. In this some in the middle and some in back, across several parallel
example, the key is to reverse the letters. lines. An example is shown in the figure.

Modern encryption block cipher

algorithms, such as AES and the
legacy 3DES, still use transposition
as part of the algorithm.

Nguyen Minh Tri - Department of Telecommunications - Networks 9 Nguyen Minh Tri - Department of Telecommunications - Networks 10

SUBSTITUTION CIPHERS A MORE COMPLEX SUBSTITUTION CIPHER

Substitution ciphers substitute one letter for another. In their The Vigenère cipher is based on the Caesar cipher, except
simplest form, substitution ciphers retain the letter frequency of that it encrypts text by using a different polyalphabetic key shift
the original message. for every plaintext letter. The different key shift is identified
using a shared key between sender and receiver. The plaintext
message can be encrypted and decrypted using the Vigenère
Cipher Table.

Nguyen Minh Tri - Department of Telecommunications - Networks 11 12

 A MORE COMPLEX SUBSTITUTION CIPHER
To illustrate how the Vigenère Cipher Table works, suppose that a sender
and receiver have a shared secret key composed of these letters:
SECRETKEY. The sender uses this secret key to encode the plaintext
FLANK EAST ATTACK AT DAWN:
The F (FLANK) is encoded by looking at the intersection of column F and
the row starting with S (SECRETKEY), resulting in the cipher letter X.
The L (FLANK) is encoded by looking at the intersection of column L and
the row starting with E (SECRETKEY), resulting in the cipher letter P.
The A (FLANK) is encoded by looking at the intersection of column A and
the row starting with C (SECRETKEY), resulting in the cipher letter C.
The N (FLANK) is encoded by looking at the intersection of column N and
the row starting with R (SECRETKEY), resulting in the cipher letter E.
The K (FLANK) is encoded by looking at the intersection of column K and
the row starting with E (SECRETKEY), resulting in the cipher letter O.

13 Nguyen Minh Tri - Department of Telecommunications - Networks 14

A MORE COMPLEX SUBSTITUTION CIPHER

For example, SECRETKEYSECRETKEYSEC is required to
encode FLANK EAST ATTACK AT DAWN:
Secret key: SECRETKEYSECRETKEYSEC
Plaintext: FLANKEASTATTACKATDAWN
Cipher text: XPCEOXKURSXVRGDKXBSAP

15 Nguyen Minh Tri - Department of Telecommunications - Networks 16

ONE-TIME PAD CIPHERS
Gilbert Vernam was an AT&T Bell Labs
engineer who, in 1917, invented, and
later patented, the stream cipher. He also
co-invented the one-time pad cipher.
Vernam proposed a teletype cipher in
which a prepared key consisting of an
arbitrarily long, non-repeating sequence CRYPTANALYSIS
of numbers was kept on paper tape,
shown in the figure. It was then
combined character by character with the
plaintext message to produce the
ciphertext. NGUYEN MINH TRI - DEPARTMENT OF TELECOMMUNICATIONS - NETWORKS 18

Nguyen Minh Tri - Department of Telecommunications - Networks 17

CRACKING CODE CRACKING CODE

Cryptanalysis is the practice and study of determining the Throughout history, there have been many instances of
meaning of encrypted information (cracking the code), without cryptanalysis:
access to the shared secret key. This is also known as The Vigenère cipher had been absolutely secure until it was
broken in the 19th century by English cryptographer Charles
codebreaking.
Babbage.
Mary, Queen of Scots, was plotting to overthrow Queen Elizabeth I
from the throne and sent encrypted messages to her co-
conspirators. The cracking of the code used in this plot led to the
beheading of Mary in 1587.
The Enigma-encrypted communications were used by the
Germans to navigate and direct their U-boats in the Atlantic.
Polish and British cryptanalysts broke the German Enigma code.
Winston Churchill was of the opinion that it was a turning point in
WWII.
Source: https://www.history.co.uk/articles/cracking-the-code-episode-guide 19 Nguyen Minh Tri - Department of Telecommunications - Networks 20
METHODS OF CRACKING CODE CRACKING CODE EXAMPLE
Brute-force method - The attacker tries every possible key knowing When choosing a cryptanalysis method, consider the Caesar
that eventually one of them will work. cipher encrypted code. The best way to crack the code is to
Ciphertext method - The attacker has the ciphertext of several use brute force. Because there are only 25 possible rotations,
encrypted messages but no knowledge of the underlying plaintext. the effort is relatively small to try all possible rotations and see
Known-Plaintext method - The attacker has access to the ciphertext of which one returns something that makes sense.
several messages and knows something about the plaintext underlying
that ciphertext. A more scientific approach is to
Chosen-Plaintext method - The attacker chooses which data the use the fact that some
encryption device encrypts and observes the ciphertext output. characters in the English
Chosen-Ciphertext method - The attacker can choose different alphabet are used more often
ciphertext to be decrypted and has access to the decrypted plaintext. than others. This method is
Meet-in-the-Middle method - The attacker knows a portion of the called frequency analysis.
plaintext and the corresponding ciphertext.
Nguyen Minh Tri - Department of Telecommunications - Networks 21 Nguyen Minh Tri - Department of Telecommunications - Networks 22

MAKING AND BREAKING SECRET CODES CRYPTANALYSTS

Cryptology is the science of making and breaking secret Cryptanalysis is often used by governments in military and
codes. As shown in the figure, cryptology combines two diplomatic surveillance, by enterprises in testing the strength of
security procedures, and by malicious hackers in exploiting
separate disciplines:
weaknesses in websites.
Cryptography - the development and use of codes
Cryptanalysts are individuals who perform cryptanalysis to crack
Cryptanalysis - the breaking of those codes
secret codes.
There is a symbiotic relationship
While cryptanalysis is often linked to mischievous purposes, it is
between the two disciplines because actually a necessity. It is an ironic fact of cryptography that it is
each makes the other one stronger. impossible to prove that any algorithm is secure. It can only be
National security organizations proven that it is not vulnerable to known cryptanalytic attacks.
employ practitioners of both Therefore, there is a need for mathematicians, scholars, and
disciplines and put them to work security forensic experts to keep trying to break the encryption
against each other. methods.
Nguyen Minh Tri - Department of Telecommunications - Networks 23 Nguyen Minh Tri - Department of Telecommunications - Networks 24
THE SECRET IS IN THE KEYS
In the world of communications and networking,
authentication, integrity, and data confidentiality are
implemented in many ways using various protocols and
algorithms. The choice of protocol and algorithm varies based
on the level of security required to meet the goals of the
network security policy.
The table lists some common cryptographic hashes, protocols, INTEGRITY AND AUTHENTICITY
and algorithms.
Integrity Authenticity Confidentiality
MD5 (legacy) HMAC-MD5 (legacy) 3DES (legacy)
SHA HMAC-SHA-256 AES
NGUYEN MINH TRI - DEPARTMENT OF TELECOMMUNICATIONS - NETWORKS 26
RSA and DSA
Nguyen Minh Tri - Department of Telecommunications - Networks 25

CRYPTOGRAPHIC HASH FUNCTIONS CRYPTOGRAPHIC HASH OPERATION

Hashes are used to verify and ensure data integrity. Hashing is Mathematically, the equation
based on a one-way mathematical function that is relatively h = H(x) is used to explain
easy to compute, but significantly harder to reverse. how a hash algorithm
As shown in the figure, a hash function takes a variable block operates. A cryptographic
of binary data, called the message, and produces a fixed- hash function should have the
length, condensed representation, called the hash. The following properties:
resulting hash is also sometimes called the message digest, The input can be any length.
digest, or digital fingerprint. The output is always a fixed length.
H(x) is relatively easy to compute for any given x.
H(x) is one way and not reversible.
H(x) is collision free, meaning that two different input values will
result in different hash values.
Nguyen Minh Tri - Department of Telecommunications - Networks 27 Nguyen Minh Tri - Department of Telecommunications - Networks 28
MD5 AND SHA ORIGIN AUTHENTICATION
Hash functions are used to ensure the integrity of a message. While hashing can be used to detect accidental changes, it
They help ensure data has not accidentally changed and that cannot be used to guard against deliberate changes that are
what was sent is indeed what was received. made by a threat actor. Therefore, hashing is vulnerable to
There are four well-known hash functions: man-in-the-middle attacks and does not provide security to
transmitted data. To provide integrity against man-in-the-
MD5 with 128-bit digest
middle attacks, origin authentication is also required.
SHA-1
To add origin authentication and integrity assurance, use a
SHA-2
keyed-hash message authentication code (HMAC). HMAC
SHA-3
uses an additional secret key as input to the hash function.

Nguyen Minh Tri - Department of Telecommunications - Networks 29 Nguyen Minh Tri - Department of Telecommunications - Networks 30

ORIGIN AUTHENTICATION ORIGIN AUTHENTICATION

As shown in the figure, an HMAC is
calculated using any cryptographic algorithm
that combines a cryptographic hash function
with a secret key. Hash functions are the As shown in the figure, the sending
basis of the protection mechanism of HMACs. device inputs data (such as Terry
Only the sender and the receiver know the
secret key, and the output of the hash key) into the hashing algorithm and
function now depends on the input data and calculates the fixed-length HMAC
the secret key. Only parties who have access digest. This authenticated digest is
to that secret key can compute the digest of then attached to the message and
an HMAC function. This defeats man-in-the-
sent to the receiver.
middle attacks and provides authentication of
the data origin.
Nguyen Minh Tri - Department of Telecommunications - Networks 31 Nguyen Minh Tri - Department of Telecommunications - Networks 32
ORIGIN AUTHENTICATION ORIGIN AUTHENTICATION
The figure shows how
HMACs are used by Cisco
In the figure, the receiving device removes
the digest from the message and uses the
routers that are configured
plaintext message with its secret key as to use Open Shortest Path
input into the same hashing function. If the First (OSPF) routing
digest that is calculated by the receiving authentication.
device is equal to the digest that was sent, R1 is sending a link state
the message has not been altered. update (LSU) regarding a 1. R1 calculates the hash value using the LSU
message and the secret key.
Additionally, the origin of the message is route to network 2. The resulting hash value is sent with the LSU to
authenticated because only the sender 10.2.0.0/16: R2.
possesses a copy of the shared secret key. 3. R2 calculates the hash value using the LSU and
its secret key. R2 accepts the update if the hash
The HMAC function has ensured the values match. If they do not match, R2 discards
authenticity of the message. the update.
33 Nguyen Minh Tri - Department of Telecommunications - Networks 34

CHARACTERISTICS OF KEY MANAGEMENT

Characteristic Description
Key Generation It was up to Caesar to choose the key of his cipher. The Vigenère cipher key is also chosen by the sender
and receiver. In a modern cryptographic system, key generation is usually automated and not left to the
end user. The use of good random number generators is needed to ensure that all keys are equally
generated so that the attacker cannot predict which keys are more likely to be used.
Key Verification Some keys are better than others. Almost all cryptographic algorithms have some weak keys that should not
be used. With the help of key verification procedures, weak keys can be identified and regenerated to
provide a more secure encryption. With the Caesar cipher, using a key of 0 or 25 does not encrypt the
message, so it should not be used.

KEY MANAGEMENT
Key Exchange Key management procedures should provide a secure key exchange mechanism that allows secure
agreement on the keying material with the other party, probably over an untrusted medium.
Key Storage On a modern multi-user operating system that uses cryptography, a key can be stored in memory. This
presents a possible problem when that memory is swapped to the disk, because a Trojan horse program
installed on the PC of a user could then have access to the private keys of that user.
Key Lifetime Using short key lifetimes improves the security of legacy ciphers that are used on high-speed connections. In
IPsec a 24-hour lifetime is typical. However, changing the lifetime to 30 minutes improves the security of the
algorithms.
NGUYEN MINH TRI - DEPARTMENT OF TELECOMMUNICATIONS - NETWORKS 35 Key Revocation Revocation notifies all interested parties that a certain key has been compromised and should no longer be
and Destruction used. Destruction erases old keys in a manner that prevents malicious attackers from recovering them.
36
KEY LENGTH AND KEYSPACE THE KEYSPACE
Two terms that are used to describe keys are: The keyspace of an algorithm is the set of all possible key
Key length - Also called the key size, this is the measure in bits. values. A key that has n bits produces a keyspace that has
In this course, we will use the term key length. possible key values. By adding one bit to the key, the
Keyspace - This is the number of possibilities that can be keyspace is effectively doubled.
generated by a specific key length.
Almost every algorithm has
As key length increases, the keyspace increases some weak keys in its keyspace
exponentially. The table displays the characteristics of the AES that enable an attacker to break
encryption algorithm. AES Characteristics Description Advanced Encryption Standard
the encryption via a shortcut.
Timeline Official standard since 2001
Type of Algorithm Symmetric
Weak keys show the regularities
Key Size (in bits) 128, 192, and 256
Speed High in encryption.
Time to Crack(assuming a computer 149 trillion years
could try 255 keys per second)
Resource Consumption Low
Nguyen Minh Tri - Department of Telecommunications - Networks 37 Source: https://en.wikipedia.org/wiki/Power_of_two#/media/File:Powers_of_two_cuboids.svg 38

THE KEYSPACE TYPES OF CRYPTOGRAPHIC KEYS

For instance, DES has four keys for which encryption is the Current key lengths can easily make any attack attempt
same as decryption. This means that if one of these weak keys insignificant because it takes millions or billions of years to
is used to encrypt plaintext, an attacker can use the weak key complete the search when a sufficiently long key is used.
to decrypt the ciphertext and reveal the plaintext. With modern algorithms that are trusted, the strength of
The DES weak keys are those that produce 16 identical protection depends solely on the size of the key. Choose the
subkeys. This occurs when the key bits are: key length so that it protects data confidentiality or integrity for
Alternating ones and zeros (0101010101010101) an adequate period of time. Data that is more sensitive and
Alternating F and E (FEFEFEFEFEFEFEFE) needs to be kept secret longer must use longer keys.

E0E0E0E0F1F1F1F1
1F1F1F1F0E0E0E0E

Nguyen Minh Tri - Department of Telecommunications - Networks 39 Nguyen Minh Tri - Department of Telecommunications - Networks 40
CHOICE OF CRYPTOGRAPHIC KEYS
Performance is another issue that can influence the choice of
a key length. An administrator must find a good balance
between the speed and protective strength of an algorithm,
because some algorithms, such as the Rivest, Shamir, and
Adleman (RSA) algorithm, run slowly due to large key lengths.
The estimated funding of the attacker should also affect the
choice of key length. CONFIDENTIALITY
The rule is valid, except for
possible performance reasons. Shorter keys equal faster
processing but are less secure. Longer keys equal slower
processing but are more secure. NGUYEN MINH TRI - DEPARTMENT OF TELECOMMUNICATIONS - NETWORKS 42

Nguyen Minh Tri - Department of Telecommunications - Networks 41

DATA CONFIDENTIALITY SYMMETRIC ENCRYPTION

Symmetric encryption algorithms such as Data Encryption Symmetric algorithms use the same pre-shared key to encrypt
Standard (DES), 3DES, and Advanced Encryption Standard and decrypt data. A pre-shared key, also called a secret key, is
(AES) are based on the premise that each communicating known by the sender and receiver before any encrypted
party knows the pre-shared key. communications can take place.
Data confidentiality can also be ensured using asymmetric
algorithms, including Rivest, Shamir, and Adleman (RSA) and
the public key infrastructure (PKI).

Nguyen Minh Tri - Department of Telecommunications - Networks 43 Nguyen Minh Tri - Department of Telecommunications - Networks 44
 SYMMETRIC ENCRYPTION SYMMETRIC ENCRYPTION
Symmetric encryption algorithms are sometimes classified as Stream ciphers encrypt plaintext one byte or one bit at a time.
either a block cipher or a stream cipher. Stream ciphers are basically a block cipher with a block size of
Block ciphers transform a fixed-length block of plaintext into a one byte or bit. Stream ciphers are typically faster than block
common block of ciphertext of 64 or 128 bits. Common block ciphers because data is continuously encrypted.
ciphers include DES with a 64-bit block size and AES with a
128-bit block size.

Nguyen Minh Tri - Department of Telecommunications - Networks 45 Nguyen Minh Tri - Department of Telecommunications - Networks 46

WELL-KNOWN SYMMETRIC ENCRYPTION ALGORITHMS ASYMMETRIC ENCRYPTION

Symmetric Encryption Algorithms Description
Data Encryption Standard (DES) This is a legacy symmetric encryption algorithm. It uses a short key Asymmetric algorithms, also called public-key algorithms, are
length that makes it insecure for most current uses. designed so that the key that is used for encryption is different
3DES (Triple DES) The is the replacement for DES and repeats the DES algorithm
process three times. It should be avoided if possible as it is
from the key that is used for decryption, as shown in the figure.
scheduled to be retired in 2023. If implemented, use very short key The decryption key cannot, in any reasonable amount of time,
lifetimes.
be calculated from the encryption key and vice versa.
Advanced Encryption Standard (AES) AES is a popular and recommended symmetric encryption algorithm.
It offers combinations of 128-, 192-, or 256-bit keys to encrypt
128, 192, or 256 bit-long data blocks.
Software-Optimized Encryption SEAL is a faster alternative symmetric encryption algorithm to AES.
Algorithm (SEAL) SEAL is a stream cypher that uses a 160-bit encryption key and has
a lower impact on the CPU compared to other software-based
algorithms.
Rivest ciphers (RC) series algorithms This algorithm was developed by Ron Rivest. Several variations have
been developed, but RC4 was the most prevalent in use. RC4 is a
stream cipher that was used to secure web traffic. It has been found
to have multiple vulnerabilities which have made it insecure. RC4
should not be used. 47 Nguyen Minh Tri - Department of Telecommunications - Networks 48
ASYMMETRIC ENCRYPTION ASYMMETRIC ENCRYPTION
Asymmetric Encryption Key Length Description
Algorithm
Examples of protocols that use asymmetric key algorithms
Diffie-Hellman (DH) 512, The Diffie-Hellman algorithm allows two parties to agree on a key that they can use
include: 1024, to encrypt messages they want to send to each other. The security of this algorithm
2048, depends on the assumption that it is easy to raise a number to a certain power, but
Internet Key Exchange (IKE) - This is a fundamental component 3072, difficult to compute which power was used given the number and the outcome.
of IPsec VPNs. 4096
Digital Signature 512 - DSS specifies DSA as the algorithm for digital signatures. DSA is a public key
Secure Socket Layer (SSL) - This is now implemented as IETF Standard (DSS) and 1024 algorithm based on the ElGamal signature scheme. Signature creation speed is similar
standard Transport Layer Security (TLS). Digital Signature to RSA, but is 10 to 40 times slower for verification.
Algorithm (DSA)
Secure Shell (SSH) - This protocol provides a secure remote Rivest, Shamir, and 512 to RSA is for public-key cryptography that is based on the current difficulty of factoring
access connection to network devices. Adleman encryption 2048 very large numbers. It is the first algorithm known to be suitable for signing, as well as
algorithms (RSA) encryption. It is widely used in electronic commerce protocols and is believed to be
Pretty Good Privacy (PGP) - This computer program provides secure given sufficiently long keys and the use of up-to-date implementations.

cryptographic privacy and authentication. It is often used to EIGamal 512 - An asymmetric key encryption algorithm for public-key cryptography which is based
1024 on the Diffie-Hellman key agreement. A disadvantage of the ElGamal system is that
increase the security of email communications. the encrypted message becomes very big, about twice the size of the original
message and for this reason it is only used for small messages such as secret keys.
Elliptic curve techniques 224 or Elliptic curve cryptography can be used to adapt many cryptographic algorithms,
higher such as Diffie-Hellman or ElGamal. The main advantage of elliptic curve
Nguyen Minh Tri - Department of Telecommunications - Networks 49 50
cryptography is that the keys can be much smaller.

ASYMMETRIC ENCRYPTION - CONFIDENTIALITY ASYMMETRIC ENCRYPTION - INTEGRITY

The process can be summarized using the formula: Combining the two asymmetric encryption processes provides
Public Key (Encrypt) + Private Key (Decrypt) = Confidentiality message confidentiality, authentication, and integrity.

When the public key is used to encrypt the data, the private key
must be used to decrypt the data. Only one host has the private
key; therefore, confidentiality is achieved.

Alice wants to send a message to Bob ensuring that only Alice also wants to ensure message authentication and integrity.
Bob can read the document. In other words, Alice wants Authentication ensures Bob that the document was sent by Alice,
Bob then uses his private key to to ensure message confidentiality. Alice uses the public and integrity ensures that it was not modified Alice uses her
decrypt the message. Since Bob is key of Bob to cipher the message. Only Bob will be able private key to cipher a hash of the message. Alice sends the
the only one with the private key, to decipher it using his private key encrypted message with its encrypted hash to Bob.
Alice's message can only be
message using an agreed-upon algorithm. decrypted by Bob and thus
Alice sends the encrypted message to Bob. 51
confidentiality is achieved. Nguyen Minh Tri - Department of Telecommunications - Networks 52
 ASYMMETRIC ENCRYPTION - INTEGRITY DIFFIE-HELLMAN
Diffie-Hellman (DH) is an
was not modified. The received hash is equal to the asymmetric mathematical
Bob uses his private key to decipher the
Additionally, this verifies that Alice is definitely the message. algorithm that allows two
sender of the message because nobody else has
computers to generate an
identical shared secret without
having communicated before.

The new shared key is never actually exchanged between the

sender and receiver. However, because both parties know it, the
key can be used by an encryption algorithm to encrypt traffic
between the two systems.

Nguyen Minh Tri - Department of Telecommunications - Networks 53 Nguyen Minh Tri - Department of Telecommunications - Networks 54

EXAMPLE DIFFIE-HELLMAN
The simplest and the original implementation of the protocol Diffie-Hellman uses different DH groups to determine the
uses the multiplicative group of integers modulo p, where p is strength of the key that is used in the key agreement process.
prime, and g is a primitive root modulo p. The higher group numbers are more secure but require
additional time to compute the key.
Alice Bob
Known Unknown Known Unknown The following identifies the DH groups supported by Cisco IOS
p = 23 p = 23 Software and their associated prime number value:
g=5 g=5 DH Group 1: 768 bits

a=6 b b = 15 a DH Group 2: 1024 bits

DH Group 5: 1536 bits
A = 5a mod 23 B = 5b mod 23
DH Group 14: 2048 bits
A = 56 mod 23 = 8 B = 515 mod 23 = 19
DH Group 15: 3072 bits
B = 19 A=8
DH Group 16: 4096 bits
s = Ba mod 23 s = Ab mod 23
s = 196 mod 23 = 2 s = 815 mod 23 = 2 55 Nguyen Minh Tri - Department of Telecommunications - Networks 56
 DIGITAL SIGNATURE OVERVIEW
Digital signatures are a mathematical technique used to
provide authenticity, integrity, and nonrepudiation.
The following are characteristics of digital signatures:
Authentic - The signature cannot be forged and provides proof
that the signer, and no one else, signed the document.
PUBLIC KEY CRYPTOGRAPHY WITH Unalterable - After a document is signed, it cannot be altered.
DIGITAL SIGNATURES Not reusable - The document signature cannot be transferred to
another document.
Non-repudiated - The signed document is considered to be the
same as a physical document.

NGUYEN MINH TRI - DEPARTMENT OF TELECOMMUNICATIONS - NETWORKS 57

Nguyen Minh Tri - Department of Telecommunications - Networks 58

DIGITAL SIGNATURE OVERVIEW DIGITAL SIGNATURES FOR CODE SIGNING

Digital signatures are commonly used in the following two Executable files are wrapped in a digitally signed envelope,
situations: code signing and digital certificates. which allows the end user to verify the signature before
There are three Digital Signature Standard (DSS) algorithms that installing the software.
are used for generating and verifying digital signatures:
Digitally signing code provides several assurances about the
Digital Signature Algorithm (DSA) - DSA is the original standard for
generating public and private key pairs, and for generating and code.
verifying digital signatures. The code is authentic and is actually sourced by the publisher.
Rivest-Shamir Adelman Algorithm (RSA) - RSA is an asymmetric The code has not been modified since it left the software
algorithm that is commonly used for generating and verifying digital publisher.
signatures.
The publisher undeniably published the code. This provides
Elliptic Curve Digital Signature Algorithm (ECDSA) - ECDSA is a
newer variant of DSA and provides digital signature authentication nonrepudiation of the act of publishing.
and non-repudiation with the added benefits of computational
efficiency, small signature sizes, and minimal bandwidth.
Nguyen Minh Tri - Department of Telecommunications - Networks 59 Nguyen Minh Tri - Department of Telecommunications - Networks 60
DIGITAL SIGNATURES FOR CODE SIGNING DIGITAL SIGNATURES FOR DIGITAL CERTIFICATES
This executable file was downloaded The Digital Signature Details window A digital certificate is used to
from the internet. The file contains a reveals that the file was signed by
software tool from Cisco Systems. Cisco Systems, Inc in October of 2019. authenticate and verify that a user
who is sending a message is who
they claim to be. Digital certificates
can also be used to provide
confidentiality for the receiver with
the means to encrypt a reply.

Nguyen Minh Tri - Department of Telecommunications - Networks 61 62

DIGITAL SIGNATURES FOR DIGITAL CERTIFICATES

When Alice receives the digital signature,
the following process occurs:
1.
order confirmation with the digital

2.
AUTHORITIES AND
step reveals the assumed hash value of THE PKI TRUST SYSTEM
the sending device.
3.
received document, without its signature,
and compares this hash to the decrypted
signature hash. If the hashes match, the
NGUYEN MINH TRI - DEPARTMENT OF TELECOMMUNICATIONS - NETWORKS 64
document is authentic.
Nguyen Minh Tri - Department of Telecommunications - Networks 63
 PUBLIC KEY MANAGEMENT PUBLIC KEY INFRASTRUCTURE
When establishing an asymmetric connection between two PKI is needed to support large-scale distribution and
hosts, the hosts will exchange their public key information. identification of public encryption keys. The figure shows the
An SSL certificate is a digital certificate that confirms the main elements of the PKI.
identity of a website domain. To implement SSL on your
website, you purchase an SSL certificate for your domain from
an SSL Certificate provider.
The trusted third party does an in-depth investigation prior to
the issuance of credentials. After this in-depth investigation,
the third-party issues credentials (i.e., digital certificate) that
are difficult to forge. From that point forward, all individuals
who trust the third party simply accept the credentials that the
third-party issues.

Nguyen Minh Tri - Department of Telecommunications - Networks 65 Nguyen Minh Tri - Department of Telecommunications - Networks 66

PUBLIC KEY MANAGEMENT THE PKI AUTHORITIES SYSTEM

The next figure shows how the CAs, especially those that are outsourced, issue certificates
elements of the PKI interoperate: based on classes which determine how trusted a certificate is.
Bob has received his digital The class number is determined by how rigorous the
certificate from the CA. This
procedure was that verified the identity of the holder when the
certificate is used whenever Bob
certificate was issued. The higher the class number, the more
communicates with other parties.
trusted the certificate.
Bob communicates with Alice.
Class Description
0 Used for testing in situations in which no checks have been performed.
digital certificate, she 1 Used by individuals who require verification of email.
communicates with the trusted 2 Used by organizations for which proof of identity is required.
3 Used for servers and software signing. Independent verification and checking of identity
and authority is done by the certificate authority.
4 Used for online business transactions between companies.
Nguyen Minh Tri - Department of Telecommunications - Networks 67 5 Used for private organizations or government security. 68
THE PKI TRUST SYSTEM THE PKI TRUST SYSTEM
PKIs can form different topologies of trust.
The simplest is the single-root PKI
topology.
As shown in the figure, a single CA, called
the root CA, issues all the certificates to the
end users, which are usually within the
same organization. The benefit to this
approach is its simplicity. However, it is
difficult to scale to a large environment
because it requires a strictly centralized Cross-certified CA Hierarchical CA
administration, which creates a single point
of failure.
Nguyen Minh Tri - Department of Telecommunications - Networks 69 Nguyen Minh Tri - Department of Telecommunications - Networks 70

INTEROPERABILITY OF DIFFERENT PKI VENDORS

Interoperability between a PKI and its
supporting services, such as Lightweight
Directory Access Protocol (LDAP) and X.500
directories, is a concern because many CA QUESTIONS & ANSWERS
vendors have proposed and implemented
proprietary solutions instead of waiting for
standards to develop. Nguyen Minh Tri
To address this interoperability concern, the Email: [email protected]
IETF published the Internet X.509 Public Key Department of Telecommunications Networks
Infrastructure Certificate Policy and Certification Faculty of Electronics Telecommunications

Practices Framework (RFC 2527). The X.509 University of Science Vietnam National University Ho Chi Minh City

version 3 (X.509 v3) standard defines the 72

format of a digital certificate.

Nguyen Minh Tri - Department of Telecommunications - Networks 71