© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Secure IP Telephony Understanding Cryptographic Fundamentals

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v What Is Cryptography? The science of transforming readable messages into an unintelligible form and the later reversal of that process Provides four services: –Data authenticity (proof of source) –Data confidentiality (privacy and secrecy) –Data integrity (detection of unauthorized change) –Data nonrepudiation (nondeniability) Uses encryption and authentication methods

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Was it read by others? Services of Cryptography Love Letter Was it really sent by A? A C B Hate Letter A C B Love Letter A C B Hate Letter Can it be proven that A sent it even if A denies that? A C B Love Letter AuthenticityIntegrity ConfidentialityNonrepudiation Was it modified by others?

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Encryption Overview Provides confidentiality Transforms cleartext into ciphertext (encryption) Only authorized peers can transform ciphertext back to cleartext (decryption) Uses symmetric or asymmetric encryption algorithms and keys Encryption Algorithm Message 8vyaleh31&dk tu.dtrw8743$F ie*nP093h Encryption Key Ciphertext Plaintext (Cleartext) Decryption Algorithm Message Plaintext (Cleartext) Untrusted Network Decryption Key

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Authentication Overview Provides authenticity, integrity, and nonrepudiation Sender adds verification data to the actual data Receiver checks verification data Uses HMACs or digital signatures Add Verification Data Check Verification Data Original Data hr6%2kfe7$a

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Symmetric Encryption

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Symmetric Encryption Same (shared) key encrypts and decrypts Key must be kept secret Fast Algorithms: DES, 3DES, AES, RC4, SEAL, Blowfish Decrypt Encryption and Decryption Key Encrypt

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Symmetric Encryption Considerations Used for bulk data encryption ( , IPsec packets, SRTP, HTTPS) Key management difficult: –Same secret key must be available to both parties –Different key per pair of devices –Keys should be changed frequently

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Symmetric Encryption Example: AES Algorithm developed by Joan Daemen and Vincent Rijmen Publicly announced by NIST in , 192-, or 256-bit key length Much faster and more efficient than 3DES Used in IP telephony to encrypt SRTP (media), signaling, and server-to-server intracluster communication

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Asymmetric Encryption

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Asymmetric Encryption Different keys to encrypt and decrypt Each entity (person, system, phone) owns its pair of keys Only decryption key must be kept secret Slow Algorithm: RSA DecryptEncrypt $1000%3f7&4$1000 Encryption Key Decryption Key

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Asymmetric Encryption Considerations Used for encrypting small amounts of data (for example, to encrypt symmetric keys) Key management simpler than with symmetric encryption keys: –One of the keys can be publicly available. –Each device has one key pair. –Keys can be used for longer periods.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Asymmetric Encryption Example: RSA Algorithm developed by Ron Rivest, Adi Shamir, and Len Adleman in 1977 Public domain since patent expired in 2000 Key length usually from 1024 to 2048 bits RSA can be used for: –ConfidentialityData is encrypted with public key of the receiver –Digital signaturesData is encrypted with private key of the sender

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Hash Functions

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Hash Functions Based on one-way functions Hash arbitrary data into a fixed-length digest (fingerprint) The digest is cryptographically strong: –Impossible to recover hashed data from digest –If data changes a little, fingerprint changes a lot (avalanche effect) Algorithms: MD5, SHA-1 Hash Function e883aa0b24c09... Message ~~~~~~~~~~~~~~ ~~~~~~~~~~~~ ~~~~~~~~~~~ ~~~~~~~~~~~~~ Data of Arbitrary Length Fixed-Length Hash

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Lack of Security in Pure Hashing Only the algorithm has to be known to create a valid hashalgorithms are well known. Attacker changing the data can easily create a new hash. Receiver cannot detect the manipulation. For security, a secret element has to be added to the computation. Hashing Algorithm Data e8F0s31a... Confirm Order Hashing Algorithm e8F0s31a... Hash Digest e8F0s31a... Same Hash Digest?

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Hash-Based Message Authentication Code A secret key is added to the data as input to the hash function. The secret key is known to the sender and to the receiver: –Symmetric nature –Provides authentication and integrity assurance Fast Keyed SHA-1 HMAC is used in IP telephony for signaling and media protection.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Digital Signatures

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Digital Signatures Provide three key security services: –Data authenticity –Data integrity –Nonrepudiation of data Are based on asymmetric cryptographic methods: –Signature-generating key –Signature-verification key Are slower than HMAC: –Not used for real-time traffic –Used for device authentication and exchange of symmetric keys

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Digital Signatures and RSA Digital signatures require a key pair per entity: –One key for creating a signature –The other key to verify the signature RSA can be used for that purpose Application of RSA is reversed compared to RSA data encryption: –Private key used to create the signature (encrypt the data) –Public key used to verify the signature (decrypt the data)

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Digital Signatures Using RSA in Detail RSA Encrypt Purchase Order $100,000 Private Key of Signer Untrusted Network SHA-1 Hash RSA Decrypt SHA-1 Hash 49eD0e3A7c44... Same Hash Digest? Public Key of Signer e10d6200aCe... 49eD0e3A7c44... Purchase Order $100,000 Purchase Order $100,000 Signature

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v Summary Cryptography is the science of transforming cleartext into ciphertext and transforming the ciphertext back into cleartext. Symmetric encryption uses the same key for encryption and decryption. With symmetric encryption, a different key is needed per pair of devices. Asymmetric encryption uses a different key for encryption and decryption. With asymmetric encryption, each device needs a pair of keys. Hashes are one-way functions that can be used to authenticate data if a secret value, shared between the two peers, is added to the input data. Digital signatures sign data by using asymmetric encryption to encrypt fingerprints (hashes) of the data.

© 2006 Cisco Systems, Inc. All rights reserved.CIPT2 v