{source} <iframe vheight="3280px" height="400px" width="100%" src="/CryptoLifeCycle/index.htm" ></iframe> {/source}

View this presentation full screen.  

For people wishing to access text from this presentation, here's the outline:

CISSP Study Concepts for Security Engineering and Cryptographic Lifecycle

Robin Basham, using materials from SANS, ISC2,

Effective security management practices

Bell-LaPadula – Confidentiality model

Only deals with confidentiality does not deal with integrity or availability

(NO “I” or “EYE” is CONFIDENTIAL – can’t write to my boss’ level, subordinates who are down can’t read my level)

Based on Government Classification – Unclassified, Sensitive But Unclassified (SBU), Confidential, Secret, Top Secret

A Trusted Subject can violate the *property

Bell-LaPadula Security State Defined by three properties:

Simple Security Property (ss Property) – no reading from lower subject to higher object (No Read Up) I don’t see above my class

The * (star) security Property – No writing from higher subject to lower object (No write Down) I don’t author to a lower level of security

Trusted Subject can violate the star property but not its intent

Strong * property – no reading or writing to another level

Discretionary Security Property – Uses Access Matrix to specify discretionary access control

Remember the hyphen “-” is separation of duties

Writing and Reading Orders - Confidentiality

No read up – it's confidential so I can’t see a command sent to my boss

No write down – I only need to read what my boss sends me. A lower rank can’t see my orders. I can’t change the classification to allow them that access.  We are segregated.

Biba Integrity Model defined by three goals

1.Integrity Data protected from modification by unauthorized users
2.Data protected from unauthorized modification by authorized users
3.Data is internally and externally consistent.

Biba Integrity Model add on to BLP

Lattice-Based uses less than or equal to relation

A lattice structure is a set with a least upper bound (LUB) and a greatest lower bound (GLB)

Lattice represents a set of integrity classes (IC) and an ordered relationship

Lattice = (IC, LUB, GUB)

Integrity – who created this order – who classified this order?

Integrity Axioms

The Simple Integrity Axiom - no reading of lower object from higher subject (No Read Down)

The * (star) Integrity Axiom – No writing from lower subject to higher object (No write Up)

A subject at a lower level of integrity can not invoke a subject at a higher level of integrity

Clark-Wilson Integrity Model (Integrity for Commercial Environments)

Two elements: well-formed transaction and separation of duties.

Developed in 1987 for use in real-world commercial environment

Addresses the three integrity goals

Constrained Data Item (CDI) – A data Item whose integrity is to be preserved

Integrity Verification Procedure (IVP) – confirms that all CDIs have integrity

Transformation Procedure (TP) – transforms a CDI from one integrity state to another integrity state

Unconstrained Data Item – data items outside of the control area of the modeled environment

Requires Integrity Labels

Clark-Wilson Integrity Model

Information Flow Models

Each object and subject are assigned security class and value; info is constrained to flow in directions that are permitted by the security policy.

Based on state machine and consists of objects, state transitions, and lattice (flow policy) states.

Object can be a user

Each object is assigned a security class and value

Information is constrained to flow in the directions permitted by the policy

Non-interference Model

Actions of group A using commands C are not seen by users in Group B using commands D

CISSP Study Concepts for Cryptographic Lifecycle

Algorithm Protocol Governance

Needed Component Parts to an Encryption Strategy

Symmetric for confidentiality (DES, 3DES, IDEA, RC4, AES)

Hashing for integrity (MD4, MD5, RIPEMD, SHA-1, SHA-2)

Asymmetric for authentication (RSA, El Gamal, ECC elliptic curve crypto)

Non-Repudiation is Asymmetric plus Hashing – condition where a message is a hash encrypted with the sender’s private key

Relationship of Encryption to Incidents and Threats

Elements needed for Encryption and Encryption Methods

Symmetric Encryption Systems

DES (Data Encryption Standard)

DES is a block encryption algorithm using 64-bit blocks. It uses a 64 bit key 56 bits of true key and 8 for parity. Characters are put through 16 rounds of transposition and substitution.

Devised in 1972 as a derivation of the “Lucifer” system

DES Describes the DEA (Data Encryption Algorithm)

FIPS PUB 46-1 (1977) and ANSI X3.92 (1981)

64bit blocks, 56-bit key and

16 rounds of transformation

Uses confusion and diffusion for encrypting plain text.

Confusion Conceals statistical connection between ciphertext and plaintext. Uses non-linear substitution boxes (S-Boxes)

Diffusion Spreads the influence of a plain text character over many ciphertext characters.

DES has 4 distinct modes of operation

Key Terms

Symmetric algorithm Encryption method where the sender and receiver use an instance of the same key for encryption and decryption purposes.

Out-of-band method Sending data through an alternate communication channel.

Asymmetric algorithm Encryption method that uses two different key types, public and private. Also called public key cryptography.

Public key Value used in public key cryptography that is used for encryption and signature validation that can be known by all parties.

Private key Value used in public key cryptography that is used for decryption and signature creation and known to the only key owner.

Public key cryptography Asymmetric cryptography, which uses public and private key values for cryptographic functions.

Block cipher Symmetric algorithm type that encrypts chunks (blocks) of data at a time.

Diffusion Transposition processes used in encryption functions to increase randomness.

Confusion Substitution processes used in encryption functions to increase randomness.

Avalanche effect Algorithm design requirement so that slight changes in the input result in drastic changes to the output.

Stream cipher Algorithm type that generates a keystream (random values), which is XORd with plaintext for encryption purposes.

Keystream generator Component of a stream algorithm that creates random values for encryption purposes.

Initialization vectors (IVs) Values that are used with algorithms to increase randomness for cryptographic functions.

Triple DES (3DES)

Encrypting plaintext with one DES key and then encrypting it with a second DES key is no more secure than using a single DES key, therefore, Triple DES is used to obtain stronger encryption

DES-EDE2 2 keys are used. Encrypt with 1, decrypt with 2 and then encrypt with 1 again.

DES-EEE2 2 keys used. Encrypt with 1, encrypt with 2, encrypt with 1.

DES-EEE3 3 keys used. Encrypt with 1, encrypt with 2, encrypt with 3. Most secure, but requires 3 keys.

Advanced Encryption Standard (AES)

Uses Rijndael block cipher, specifies three key sizes; 128, 192 or 256 bit. Choice of key determines encryption level. AES is the government standard for encrypting SBU information. Best suited for hardware encryption.

The number of rounds of transformation is a function of the key size used

256 bit – 14 rounds.

192 bit – 12 rounds.

128 bit – 10 rounds.

Symmetric Algorithms that provide bulk (data) Encryption services only

DES and 3DES


128-bit blocks in 16 rounds. Key lengths can be up to 256 bits.


A block cipher operating on 64-bit blocks with a key length of up to 448 bits. The blocks go through 16 rounds of crypto functions.


Ideas stand for International Data Encryption Algorithm. It operates on 64-bit blocks and uses a 128-bit key. (cont)

Symmetric Algorithms that provide bulk (data) Encryption services only

IDEA (cont)

Performs 8 rounds on 16-bit sub-blocks. Each 64-bit block is divided into 16 smaller blocks and each block has 8 rounds of mathematical functions performed on it.

IDEA is harder to crack than DES for the same key size and is used in PGP.


Block cipher of the variable block length. Key can be 0-2048 bits, blocks can be 32, 64 or 128 bits and the number of rounds can be 0 – 255. Created by Ron Rivest and patented by RSA data.

Asymmetric Encryption Algorithms – Authentication and Public Key Crypto


Defacto standard for public encryption. Invented by Ron Rivest, Adi Shamir, and Leonard Adleman. Developed at MIT. Security comes from the difficulty of factoring large numbers. Public and private key are functions of a pair of large prime numbers. RSA is used in many web browsers with SSL.


Extends Diffie-Hellman to apply to encryption to digital signatures. Based on calculating discrete logarithms in a finite field.

Elliptical Curve Cryptosystem (ECC)

Provides much of the same functionality as RSA Digital signatures, secure key distribution, and encryption. ECC is very resource efficient – ideal for smaller devices. ECC providers higher protection with smaller keys than RSA. An ECC key of 160 bits is equivalent to a 1024-bit RSA key.

Asymmetric Encryption Algorithms

 Public Key Cryptography

Public key cryptography uses asymmetric encryption for key encryption and secret key encryption for data. We use an asymmetric algorithm to encrypt the secret key.


Used for key distribution, NOT encryption, and decryption. Subjects can exchange session keys over a non-secure medium without exposing the keys.


“Secret” key used for one data exchange only. Usually randomly generated then encrypted using public cryptography

Public Key Infrastructure (PKI) – X.509

PKI is an ISO authentication framework that uses public-key

cryptography and X.509 standard protocols.

 PKI provides authentication, confidentiality, non-repudiation and message integrity.

 The PKI infrastructure contains the pieces that will identify the user, distribute and maintain keys, distribute and maintain certificates and allow certificate revocation.

 Each individual taking part in PKI needs a digital signature signed by a CA.

Some well-known Certification Authorities are Entrust and VeriSign. The old method of revocation is handled by the certification revocation list (CRL).

New revocation is via Online Certificate Status Protocol OCSP


PKI is made up of the following entities and functions

Uses for PKI (Public Key Infrastructure)


LDAP is the standard format for accessing certification repositories. Availability and Integrity of LDAP servers is a concern.

ISAKMP Internet Security Association and Key Management Protocol.

IKE ISAKMP, Secure Key Exchange Mechanism (SKEME) and Oakley, combined.

In general

ISAKMP defined the phases for establishing a secure relationship

SKEME describes a secure exchange mechanism

Oakley defined the modes of operation needed to establish a secure connection.

Bad Poodle

Can you match the exploit name to exploited protocol?

Denial-of-Service Attacks

Prevents systems from processing or responding to legitimate traffic

Transmits data packets

Exploits a known fault in an OS, service or application

Results in system crash or CPU at 100%

Distributed reflective denial of service DRDoS

Reflected approach, rather than direct to victim, manipulates traffic so that attack is reflected back to victim from other sources

Example: DNS Poisoning and SMURF

Smurf and Fraggle Attacks

A smurf attack is another type of flood attack, but it floods the victim with Internet Control Message Protocol (ICMP) echo packets instead of with TCP SYN packets. More specifically, it is a spoofed broadcast ping request using the IP address of the victim as the source IP address. Ping uses ICMP to check connectivity with remote systems.

Normally, ping sends an echo request to a single system, and the system responds with an echo reply. However, in a smurf attack the attacker sends the echo request out as a broadcast to all systems on the network and spoofs the source IP address. All these systems respond with echo replies to the spoofed IP address, flooding the victim with traffic.

Smurf amplifier

Smurf attacks take advantage of an amplifying network (also called a smurf amplifier) by sending a directed broadcast through a router. All systems on the amplifying network then attack the victim. However, RFC 2644, released in 1999, changed the standard default for routers so that they do not forward directed broadcast traffic. When administrators correctly configure routers in compliance with RFC 2644, a network cannot be an amplifying network. This limits smurf attacks to a single network. Additionally, it’s becoming common to disable ICMP on firewalls, routers, and even many servers to prevent any type of attacks using ICMP. When standard security practices are used, smurf attacks are rarely a problem today.


Fraggle attacks are similar to smurf attacks. However, instead of using ICMP, a fraggle attack uses UDP packets over UDP ports 7 and 19.

The fraggle attack will broadcast a UDP packet using the spoofed IP address of the victim. All systems on the network will then send traffic to the victim, just as with a smurf attack.

La la, lala lah la, la la la ladi dah (smurf song)


Robots or Zombies, introduced through malware, often browser based

Allows a herder to send instructions to the computer


Gamover Zues GOZ,

CrytoLocker ransomware


Esthost DNS Changer

Ping of Death – Teardrop and Land Attacks


Oversized packets, changes size of packets to over 64KB

Results crash, buffer overflow

Rarely successful today


Fragments traffic so data can’t be put back together

Land Attacks

Sends spoofed SYN packets as both source and destination

SSLv3 is broken

What is SSLv3

Performs a security-related function and applies cryptographic methods, often as sequences of cryptographic primitives.

A protocol describes how the algorithms should be used. A sufficiently detailed protocol includes details about data structures and representations, at which point it can be used to implement multiple, interoperable versions of a program.

What is SSL and how did it get here?

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL', are cryptographic protocols designed to provide communications security over a computer network.

Security protocol (cryptographic protocol or encryption protocol)

Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects:

Key agreement or establishment

Entity authentication

Symmetric encryption and message authentication material construction

Secured application-level data transport

Security protocol (cryptographic protocol or encryption protocol)

Non-repudiation methods

Secret sharing methods

Secure multi-party computation

For example, Transport Layer Security (TLS) is a cryptographic protocol that is used to secure web (HTTP/HTTPS) connections. It has an entity authentication mechanism, based on the X.509 system; a key setup phase, where a symmetric encryption key is formed by employing public-key cryptography; and an application-level data transport function. These three aspects have important interconnections. Standard TLS does not have non-repudiation support.

SSL Client to SSL Server Encryption and Key Exchange

Ring Layer Protection in Computing Systems