2 A
is basically a way to ensure
that an electronic document (e-mail,
spreadsheet, text file, etc.) is
.
Authentic means that you know who created
the document and you know that
since that person
created it.
x
2 xigital signatures rely on certain types of
to ensure authentication.
Encryption is the process of taking all the data
that one computer is sending to another and
it into a form that only the other
computer will be able to .
Authentication is the process of verifying that
information is coming from a
.
These two processes work hand in hand for
digital signatures.
x
x
2 0ne of the most common digital signature
mechanisms, the x
x is the basis of the x
(x ), a U. .
Government document.
2 x A lets one person with a secret key "sign" a
document, so that others with a matching
public key can verify it must have been signed
only by the holder of the secret key.
x
2 xigital signatures depend on
,
which are computations done on a
message. They are called "one-way" because
there is no known way (without infeasible
amounts of computation) to find a message with
a given hash value.
2 n other words, a hash value can be determined
for a given message, but it is not known to be
possible
with
.
x
2 £ash functions are similar to the scrambling
operations used in symmetric key encryption,
except that there is no decryption key: the
operation is irreversible. The result has a fixed
length, which is 160 bits in the case of the
ecure £ash Algorithm ( £A) used by x A.
£
2 The key in public-key encryption is based on a
. This is a value that is computed from
a base
using a .
Essentially, the hash value is a summary of the
original value.
2 The important thing about a hash value is that it
is to derive the original input
number without knowing the
the hash value. £ere's a simple example:
£
24
Birthday Attack
2 f 23 people are in the room, what is the
chance that they all have different birthdays?
365 x364 x363 x363 x 361 x360 x . . .343
365 365 365 365 365 365 365
= 49%
o there͛s a 51% chance that two of them have
the same birthday
25
Birthday Attack
2 f there are N possible hash values,
Îou͛ll find collisions when you have calculated 1.2
x sqrt(N) values
2 £A-1 uses a 160-bit key
Theoretically, it would require 280 computations
to break
£A-1 has already been broken, because of other
weaknesses
26
Mathematical Attacks
2 Properties of the algorithm are attacked by
using mathematical computations
2 Categories
Ciphertext-only attack
2 The attacker has the ciphertext of several messages but
not the plaintext
2 Attacker tries to find out the key and algorithm used to
encrypt the messages
2 Attacker can capture ciphertext using a sniffer program
such as Ethereal or Tcpdump
27
Mathematical Attacks
2 Categories
Known plaintext attack
2 The attacker has messages in both encrypted form and
decrypted forms
2 This attack is easier to perform than the ciphertext-only
attack
2 ëooks for patterns in both plaintext and ciphertext
Chosen-plaintext attack
2 The attacker has access to plaintext and ciphertext
2 Attacker has the ability to choose which message to
encrypt
28
Mathematical Attacks
2 Categories (continued)
Chosen-ciphertext attack
2 The attacker has access to the ciphertext to be
decrypted and to the resulting plaintext
2 Attacker needs access to the cryptosystem to perform
this type of attack
29
Brute Xorce Attack
2 An attacker tries to guess passwords by
attempting every possible combination of
letters
Requires lots of time and patience
Password-cracking programs that can use brute
force
2 John the Ripper
2 Cain and Abel
2 0phcrack
Also uses memory to save time ʹ ͞Rainbow tables͟
30
Man-in-the-Middle Attack
31
xictionary Attack
2 Attacker uses a dictionary of known words to
try to guess passwords
There are programs that can help attackers run a
dictionary attack
2 Programs that can do dictionary attacks
John the Ripper
Cain and Abel
32
Replay Attack
2 The attacker captures data and attempts to
resubmit the captured data
The device thinks a legitimate connection is in
effect
2 f the captured data was logon information,
the attacker could gain access to a system and
be authenticated
2 Most authentication systems are resistant to
replay attacks
33
Password Cracking
2 Password cracking is illegal in the United
tates
t is legal to crack your own password if you forgot
it
2 Îou need the hashed password file
/etc/passwd or /etc/shadow for *N
The AM database in Windows
2 Then perform dictionary or brute-force attacks
on the file
34
Password cracking programs
2 John the Ripper
2 £ydra (T£C)
2 E PECT
2 ë0phtcrack
2 Pwdump3v2
2 0phcrack does it all for you ʹ gathering the
AM database and cracking it
35