BRAND: Asymmetric Encryption


Asymmetric Encryption

Learning Outcomes

After completing these activities you should be able to:



Behold: The World's First Digitally Signed International Agreement The Atlantic

In this lesson we will learn about Asymmetric Encryption (also called Public-Key Encryption). Asymmetric/Public-Key Encryption allows us to establish secure communications even when we have no opportunity to agree on a secret key ahead of time or via another communication channel. This is crucial for secure transactions over the Internet. Who would want to travel to a phyiscal Amazon location to get an encryption key in order to be able to shop securely!!! Additionally, we will discover that asymmetric/public-key encryption will provide us with a mechanism to digitally "sign" files, which gives us the ability to sign documents from anywhere.

Limitations of Symmetric (Secret Key) Encryption


The Problem. The fundamental limitation of symmetric (secret key) encryption is ... how do two parties, who haven't previously communicated, agree on and share an encryption key? Let's call the two parties 'Alice' and 'Bob'. There is a third party, an eavesdropper, who we'll call 'Eve' (generally representing anyone who can intercept traffic). In order for Alice and Bob to communicate securely they need to agree on a secret key. In order to agree on a secret key, they need to be able to communicate securely. In terms of the Pillars of Cyber Security, To provide Confidentiality, a secret key must first be shared. But to initially share the key, you must already have Confidentiality. It's a chicken-and-egg problem.

This problem is especially common in the digital age. We constantly end up at websites with whom we decide we want to communicate securely (like online auction sites) but with whom there is not really an option to communicate "offline" to agree on some kind of secret key. In fact, it's usually all done automatically browser-to-server, and for the browser and server there's not even a concept of "offline" — they only exist online. We need to be able to establish secure communications over an insecure channel. Symmetric (secret key) encryption can't do this for us. So what is the solution? ...

Asymmetric Encryption (Public-Key Cryptography)

Asymmetric encryption is a big topic. It gets used in lots of interesting ways — often in combination with hashing and secret key encryption, as we'll see. You might like to check out this arstechnica.com overview of asymmetric encryption/public-key cryptography and how it's commonly used.

In asymmetric encryption, both communicating parties (i.e. both Alice and Bob) have two keys of their own — just to be clear, that's four keys total. Each party has their own public key, which they share with the world, and their own private key which they ... well, which they keep private, of course, but more than that, which they keep as a closely guarded secret.

The magic of public key cryptography derives from three important points:

Encrypted Communications. In this scenario, Alice encrypts her message with Bob's public key, and Bob decrypts the message with his private key. Alice can rest assured that only Bob can decrypt the message she sends, because she has encrypted it with his public key. Only Bob's private key can correctly decrypt the message.


Note, however, that while this provides a solution to Alice's confidentiality problem (she knows only Bob can read the message), Bob has an authentication problem on his hands. Yes, he's received a message only he could read, and the message claims to have been sent by Alice, but he has no guarantees that it really did come from Alice. Anyone can send a message to Bob using Bob's public key, since it's freely available.

Note: We will discuss what Digital signatures are in another lesson. For the time being think of a public/private key pair and a public-verification/private-signing key pair as two different key pairs constructed in the same way, but being used for different purposes. One is used to encrypt things and the other is used to attempt to bind an identity to the object it encrypts.

Authenticated Communications. In this scenario, Alice will generate a new signing key pair (public-verification key, private-signing key) that acts in a similar manner to what we have already learned above. Alice then encrypts her message with her private-signing key and shares her public-verification key. Bob decrypts the message with Alice's public-verification key. If the message correctly decrypts with Alice's public-verification key, Bob knows that the message could only have been encrypted by someone possessing Alice's private-signing key. This establishes that the message must have been sent by Alice (assuming no one has stolen Alice's private-signing key).


Bob's authentication problem is solved. However, Eve, or anyone else seeing the encrypted message, could decrypt it using Alice's public-verification key, which is freely available, so the message's confidentiality is not guaranteed. Can we combine the first two techniques, and achieve both authentication and confidentiality? Sure!

Confidential and Authenticated Communications. In this scenario, the previous methods are combined. Alice encrypts the message first with her private-signing key, then Bob's public key. Bob decrypts the message, first with his private key, then with Alice's public-verification key. Now, both authentication and confidentiality are achieved!

Real World Implementation of Asymmetic/Public-Key Encryption: RSA (Rivest, Shamir & Adleman) Encryption


xkcd.com/177/

The Security of RSA

Student Asymmetric (Public-Key) Encryption Activity: RSA

RSA Asymmetric / Public-Key Encryption, which we've already covered, is a real-world tool. In fact, it is the most commonly used public-key encryption technique. With RSA you have to worry about key-size and block-size, as we've seen for symmetric (secret key) encryption in the digital world. However, RSA keys have to be much larger that AES keys in order to provide the same level of security. Recall that an RSA key-pair looks like (e,n),(d,n), where e, d, and n are numbers ... very large numbers. When we talk about key size with RSA, we're really referring to the number of bits in n. Today, RSA keys or 2048 or 4096 bits are usually considered secure, and anything less is suspect.

A real-world tool that provides RSA key-pair generation, encryption and decryption is provided as part of the openssl library, which was included in your software install. Here is a summary of some commands for using RSA encryption with openssl:

openssl genrsa -out keypair.pem 2048
Generate 2048-bit RSA keypair and store in file keypair.pem.
openssl rsa -text -in keypair.pem
View (in text and hex) the RSA keypair in file keypair.pem.
openssl rsa -in keypair.pem -pubout -out pubkey.pem
Extract the public key from keypair.pem and save in file pubkey.pem.
openssl rsautl -encrypt -pubin -inkey pubkey.pem -in plain -out cipher
Encrypt the file plain using the public key in file pubkey.pem, store the result in file cipher.
openssl rsautl -decrypt -inkey keypair.pem -in cipher -out plain1
Decrypt the file cipher using the private key in file keypair.pem, store the result in file plain1.

Obviously, the syntax of these openssl commands is a bit daunting. You are not expected to remember it. What you should keep in mind is that openssl provides the exact same functionality as our online RSA demo page, it just does it from the command-line, and with much bigger numbers (which means more security!).

Option Student Activity:

Want to save yourself some time? Accessing the ssh.cyber.usna.edu shell from your Windows laptop requires you to use a symmetric, username/password, combination to authenticate to the server. In this mini-lab, you'll generate asymmetric keys for use by ssh, replacing symmetric authentication and no longer having to type in your domain credentials to access the server.
  1. Open a local cmd shell and generate ssh key pair: ssh-keygen -t rsa -b 4096
          - Use the default configuration when navigating through the wizard
  2. View the public key that was generated: type .ssh\id_rsa.pub
  3. Copy the public key to the server's authorized_keys file: type .ssh\id_rsa.pub |ssh midn.cyber.usna.edu "cat >> .ssh/authorized_keys"
  4. Enter your credentials to access the server and copy the public key to the authorized_keys file.
  5. Verify your asymmetric keys are working by logging into the server: ssh ssh.cyber.usna.edu

References

Schneier, Bruce. 1996. "Applied Cryptography : Protocols, Algorithms, and Source Code in C". Wiley

Department of Defense. 2011. DoDI 8520.02: Public Key Infrastructure (PKI) and Public Key (PK) Enabling. Washington: May 24, 2011.

Department of the Navy Chief Information Officer. 2005. SECNAV M-5239.1: Department of the Navy Information Assurance Program. Washington: November 2005.

Rivest, Shamir, Adleman. 1978. “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems." ACM 21, no. 2 (February): 120-126.