1 00:00:00,240 --> 00:00:03,450 Diffie Helman comes in different forms. 2 00:00:03,450 --> 00:00:12,180 Diffie Hellman one is 768 bits in length the film and two it's 1024 bits in length DIFI home and five 3 00:00:12,300 --> 00:00:15,330 is 1536 bits in length. 4 00:00:15,420 --> 00:00:19,410 Once again the longer the key length the more secure. 5 00:00:20,010 --> 00:00:23,940 But the downside is more processing power would be required. 6 00:00:24,980 --> 00:00:32,840 Now just to reiterate asymmetric key algorithms are used in VPN today not for bulking corruption of 7 00:00:32,840 --> 00:00:37,060 data but they help with the establishment of a shared secret. 8 00:00:37,340 --> 00:00:43,750 They're also used for other things like a syndication which I get to talk about in a moment symmetric 9 00:00:43,760 --> 00:00:49,990 key algorithms such as Alias are used for Bolt encryption of data. 10 00:00:50,040 --> 00:00:52,800 So we've covered confidentiality encryption. 11 00:00:52,980 --> 00:00:56,500 Let's look at the second goal which is integrity. 12 00:00:56,700 --> 00:00:59,980 We want to ensure that data has not been tampered with. 13 00:01:00,030 --> 00:01:05,400 In other words we want to know that that data has traversed the internet or other network unchanged 14 00:01:05,550 --> 00:01:06,960 between the two parties. 15 00:01:07,750 --> 00:01:14,560 Data integrity uses algorithms known as hashing algorithms also known as Treptow or message digests 16 00:01:15,480 --> 00:01:23,090 these a one way algorithms unlike encryption algorithms which can be reversed hashing algorithms convert 17 00:01:23,330 --> 00:01:27,160 arbitrary data into a fixed length hash. 18 00:01:27,230 --> 00:01:34,900 An example would be in the five or message digest algorithm 5 which has a fixed length of 128. 19 00:01:34,940 --> 00:01:39,020 That's now to demonstrate hashing. 20 00:01:39,070 --> 00:01:41,870 Notice I can take a piece of arbitrary information. 21 00:01:41,920 --> 00:01:53,090 Let's say my name and I can hash it in this case using schaw Shaugh or secure hash algorithm is more 22 00:01:53,090 --> 00:01:55,230 secure than M.D 5. 23 00:01:55,340 --> 00:02:02,270 This is the hexadecimal very Forshaw and the binary value Forshaw. 24 00:02:02,400 --> 00:02:09,450 Now it is if I change one value for instance making that David 1 and hash it again notice the entire 25 00:02:09,450 --> 00:02:10,810 hash changes. 26 00:02:11,160 --> 00:02:13,160 But notice it's of a fixed length. 27 00:02:14,640 --> 00:02:17,160 I could put a bunch of people's names in there 28 00:02:25,820 --> 00:02:27,600 and hash it again. 29 00:02:27,710 --> 00:02:29,550 Notice the entire hash changes. 30 00:02:29,630 --> 00:02:31,890 But he's of a fixed length. 31 00:02:31,960 --> 00:02:37,280 I could go and copy some text from let's say USA Today. 32 00:02:41,850 --> 00:02:51,320 Arbitrary length. 33 00:02:51,470 --> 00:02:58,380 I could take the Encyclopedia Britannica put it through an empty five hash and come up with 128. 34 00:02:58,410 --> 00:03:01,250 That's. 35 00:03:01,360 --> 00:03:08,870 So for example I could take that USA Today article put it into an empty five hash generator and notice 36 00:03:08,870 --> 00:03:12,110 it will come up with a 128 bit hash value. 37 00:03:12,620 --> 00:03:23,720 Or I could replace that with let's just say my name and it'll come up with a 128 bit hash value ashing 38 00:03:23,960 --> 00:03:27,190 is nonreversible because data is lost. 39 00:03:27,440 --> 00:03:35,150 You cannot take 128 but M.D five hash reverse it and come up with the Encyclopedia Britannica. 40 00:03:35,300 --> 00:03:41,600 But you can take the Encyclopedia Britannica hash it and come up with 128 but value. 41 00:03:41,840 --> 00:03:43,830 Please note that the hash will change. 42 00:03:43,850 --> 00:03:51,590 As I've demonstrated if any part of the input value changes so with hashing we can take data of arbitrary 43 00:03:51,590 --> 00:03:55,890 length put it through an empty five or char hash. 44 00:03:55,890 --> 00:04:04,980 In this case it's M.D five and come up with a fixed 128 but ash Valley you cannot take the 128 bit hash 45 00:04:04,980 --> 00:04:09,500 value and reverse the process and come up with the original data. 46 00:04:10,360 --> 00:04:16,410 It is a one way function or trapdoor function. 47 00:04:16,410 --> 00:04:20,870 There are various hashing algorithms that can be used M.D 5 once again is 128. 48 00:04:20,880 --> 00:04:24,290 That's M-B 5 is not recommended today. 49 00:04:24,360 --> 00:04:32,310 In networking environments Shaw one is 160 Betson length shot to these 256 or Sabran 12 bits in length 50 00:04:33,180 --> 00:04:37,170 and Shaugh 3 is scheduled for release in 2012. 51 00:04:37,530 --> 00:04:43,080 Just be aware that there are various hashing algorithms once again shot to is what's recommended in 52 00:04:43,080 --> 00:04:44,960 today's networking environments. 53 00:04:46,390 --> 00:04:56,170 So as an example if Peter wanted to send data to sirra in sharing confidentiality and integrity the 54 00:04:56,170 --> 00:04:57,430 following would happen. 55 00:04:58,790 --> 00:05:06,410 Peter's private information that no one else except Sarah should read is encrypted firstly with an encryption 56 00:05:06,440 --> 00:05:08,760 algorithm like a yes. 57 00:05:08,810 --> 00:05:14,180 Now in this case we're assuming that a shared secret or shaid key has been derived. 58 00:05:14,480 --> 00:05:21,670 So assuming that that's happened Peter can encrypt the data using a symmetric key algorithm like a s. 59 00:05:21,890 --> 00:05:26,300 So the kid text information is encrypted into ciphertext. 60 00:05:26,300 --> 00:05:36,440 This provides confidentiality Petah then takes being corrupted text will ciphertext and hashes it with 61 00:05:36,440 --> 00:05:44,410 a hashing algorithm like Shawa M.D. 5 which comes up with a fixed length hash. 62 00:05:44,420 --> 00:05:46,550 This will ensure data integrity. 63 00:05:46,830 --> 00:05:54,270 Because if any part of the date is changed remember the hash will also change. 64 00:05:54,490 --> 00:06:03,100 So Peter takes the clear text encrypted with an algorithm like s to come up with ciphertext he hashes 65 00:06:03,100 --> 00:06:06,500 that encrypted text and comes up with a hash. 66 00:06:07,000 --> 00:06:15,760 Even a pin is the hash to the encrypted ciphertext and sends it to Sarah. 67 00:06:15,850 --> 00:06:22,120 Sarah upon receipt of the data in this case the encrypted ciphertext wants to make sure that the data 68 00:06:22,120 --> 00:06:27,790 hasn't been tampered with before going through all the effort of decrypting the text. 69 00:06:27,990 --> 00:06:36,990 So Sarah will take the encrypted text and hash it herself to come up with a M.D five Wilshaw hash. 70 00:06:37,150 --> 00:06:44,720 She will then compare the hash that she derived with the hash appended to the encrypted data. 71 00:06:45,220 --> 00:06:54,380 Only if the hashes are the same as she bother decrypting the text now if the hashes are the same. 72 00:06:54,440 --> 00:06:57,900 It means that the data hasn't changed in transit. 73 00:06:58,130 --> 00:07:05,660 If the hashes are the same Saraa can decrypt the data by reversing the ace encryption knowing that the 74 00:07:05,660 --> 00:07:08,690 data hasn't been tampered with. 75 00:07:08,700 --> 00:07:18,650 However that being said what stops Joe hacker receiving the data changing it so manipulating the data 76 00:07:18,860 --> 00:07:27,080 before it reaches Cerra encrypting it with a yes hashing that fake data with let's say Shaw and appending 77 00:07:27,110 --> 00:07:33,820 a new hash to the data and then transmitting it to Sarah. 78 00:07:33,960 --> 00:07:40,440 Sarah has no way of knowing that the data has been manipulated because when she reverses the process 79 00:07:40,650 --> 00:07:48,570 by hashing this new data the hash will be the same as Joe Hakas hash that he appended to the new data. 80 00:07:49,020 --> 00:07:57,310 So to combat that what Pete needs to do is use something called hash message into question code or SCHMOCK 81 00:07:57,910 --> 00:07:59,280 and there are two variants of this. 82 00:07:59,280 --> 00:08:03,680 You have a schmuck M.D 5 and H Mac Shaw. 83 00:08:03,960 --> 00:08:08,260 And what PD needs to do is take the data of arbitrary lengths. 84 00:08:08,280 --> 00:08:15,800 In other words the data that he wants to send to Sarah Plus a secret key that only Sarah and he knows 85 00:08:16,640 --> 00:08:26,610 and now hash those two values with the five or Shaw to get the hash that will combat Joe hacker from 86 00:08:26,610 --> 00:08:28,280 manipulating the data. 87 00:08:28,440 --> 00:08:37,620 Because Joe hacker won't know what the secret key is that Peter and Sirah are using in combination with 88 00:08:37,620 --> 00:08:43,850 the hashing algorithm Joe hacker will not know what the secret key is. 89 00:08:43,930 --> 00:08:51,310 So when he hashes the data Sarah will know that the data has been manipulated because of the hash that 90 00:08:51,310 --> 00:08:57,730 she derives will not be the same hash seru will be taking the encrypted data. 91 00:08:58,550 --> 00:09:06,380 In combination with the secret key and hashing those two together to come up with her hash Joe hacker 92 00:09:06,380 --> 00:09:08,890 will not know what the secret key is. 93 00:09:08,900 --> 00:09:17,390 So when Joe hacker hashes the data he's hash will not be the same as the new hash that Sarah derives 94 00:09:18,080 --> 00:09:21,500 and she will therefore know that the data has been tampered with. 95 00:09:22,350 --> 00:09:26,640 Only Peter and Sarah know what that secret key is not. 96 00:09:26,670 --> 00:09:34,120 Joe hacker say he can not successfully manipulate the data and derive the same hash fairly. 97 00:09:34,200 --> 00:09:40,960 Thus data integrity is provided with a smack in combination with M.D 5 and Shaw. 98 00:09:41,100 --> 00:09:44,510 The third goal to accomplish is authentic cation. 99 00:09:44,570 --> 00:09:51,500 Now authentication is knowing that data received is the same data that was sent and that the claim sender 100 00:09:51,590 --> 00:09:53,890 is in fact the actual sender. 101 00:09:54,350 --> 00:09:56,620 Now we've already spoken about integrity. 102 00:09:56,630 --> 00:10:02,060 Now we are looking at a thing to Kading appear to make sure that there are actually who they say they 103 00:10:02,060 --> 00:10:03,510 are. 104 00:10:03,510 --> 00:10:08,960 This goes beyond validating the source attempting to access a service sharing initial logging. 105 00:10:09,000 --> 00:10:13,560 You should also validate that the source has not been replaced by an attacking host. 106 00:10:13,560 --> 00:10:19,200 In the course of the conversation which is known as session highjacking you want to make sure that the 107 00:10:19,200 --> 00:10:25,050 person that you are talking to is the person that they say they are and that they haven't been replaced 108 00:10:25,230 --> 00:10:26,150 by a hacker. 109 00:10:26,970 --> 00:10:33,420 They are two types of authentication so we could have sent Akkad wrote a one to rodded to using either 110 00:10:33,420 --> 00:10:40,230 appreciate key which is a secret key value entered into each peer manually and is used to indicate the 111 00:10:40,230 --> 00:10:41,060 pier. 112 00:10:41,580 --> 00:10:47,620 Or we could use RSA signatures which encrypt the hash with a private key. 113 00:10:47,730 --> 00:10:50,880 So firstly appreciate key in this example. 114 00:10:50,880 --> 00:10:54,600 Peter needs to be authenticated by Sarah. 115 00:10:54,840 --> 00:11:02,380 In this case Peter it takes a Diffie Helman shape key that they derived the pre-shared key that was 116 00:11:02,380 --> 00:11:09,080 agreed upon with Sarah which should have been done out of band and other information relating to OPSEC 117 00:11:09,460 --> 00:11:16,960 and he hashes that with either M.D Feibel Shaw and he attaches the hash to a packet with his identification 118 00:11:16,960 --> 00:11:23,230 information which may be the IP address or hostname that is used for the VPN. 119 00:11:23,590 --> 00:11:32,190 Sarah can then hash a local copy of the information which includes the agreed upon pre-shared key and 120 00:11:32,190 --> 00:11:42,040 derive and in the final shall Hesh she can then compay her locally derived hash with the hash that you 121 00:11:42,040 --> 00:11:44,590 received from Peter. 122 00:11:44,810 --> 00:11:51,960 If they the same she knows that Peter has the same pre-shared key as she does and she can any indicate 123 00:11:52,000 --> 00:11:58,820 Peter if the hashes are different she knows Peter does not have the correct pre-shared key and therefore 124 00:11:58,820 --> 00:12:01,280 the VPN is not set up. 125 00:12:01,320 --> 00:12:07,980 The second option is to use digital signatures digital signatures have multiple advantages including 126 00:12:07,980 --> 00:12:15,330 the automatic exchange of keys without the need of programming static authentication keys on multiple 127 00:12:15,330 --> 00:12:16,740 devices. 128 00:12:16,740 --> 00:12:19,500 This allows for scalability. 129 00:12:19,660 --> 00:12:25,140 The key L'anse are also a lot greater appreciate keys should be changed on a regular basis. 130 00:12:25,390 --> 00:12:27,550 And in reality that often doesn't happen. 131 00:12:28,510 --> 00:12:32,740 Another advantage of digital signatures is non repudiation. 132 00:12:32,740 --> 00:12:39,490 Which means you can not deny being involved in a conversation because you're the only person that has 133 00:12:39,700 --> 00:12:41,790 your private key. 134 00:12:42,010 --> 00:12:50,950 So the way it works is pita in this example takes a Diffie Hellman shaky and other information and hashes 135 00:12:50,950 --> 00:12:54,360 it in a very similar way to pre-shared keys. 136 00:12:54,520 --> 00:12:57,730 But notice the preset key is not in this list. 137 00:12:57,730 --> 00:13:06,610 That hash is now signed with Peter's private key and remember that Peter is the only person that has 138 00:13:06,610 --> 00:13:11,390 that private key that creates what's called a digital signature. 139 00:13:11,700 --> 00:13:18,630 So a digital signature is created when information is encrypted with a private key. 140 00:13:18,630 --> 00:13:24,510 Please remember that if something is encrypted with someone's private key only that person's public 141 00:13:24,510 --> 00:13:28,190 key can decrypted peed in our sins. 142 00:13:28,250 --> 00:13:36,350 That information to Sarah Sarah takes the received signature from Peter and decrypts it with Peter's 143 00:13:36,350 --> 00:13:40,310 public key which he had previously received from Peter. 144 00:13:40,820 --> 00:13:44,800 That will result in the original hash that Peter created. 145 00:13:45,260 --> 00:13:53,450 Sarah Not takes the same information that she has locally and hashes it herself to derive her own hash 146 00:13:53,960 --> 00:13:56,100 of the various parameters. 147 00:13:56,210 --> 00:13:58,660 She then compares the two hashes. 148 00:13:58,970 --> 00:14:04,110 If say the same she knows firstly that PETA has all the correct information. 149 00:14:04,340 --> 00:14:12,890 She also knows that this information could only have come from PETA because only PETA's public key can 150 00:14:12,890 --> 00:14:16,680 decrypt something encrypted with Peter's private key. 151 00:14:17,210 --> 00:14:23,360 So the digital signature proves that the information came from Peter and that all of this information 152 00:14:23,360 --> 00:14:24,270 is correct. 153 00:14:25,220 --> 00:14:28,470 She has thus been able to think Akkad Peter. 154 00:14:28,770 --> 00:14:33,150 Now the reverse will happen for both pre-shared keys and digital signatures. 155 00:14:33,150 --> 00:14:35,020 Peter Will authentic syndicate Sarah. 156 00:14:35,220 --> 00:14:41,910 So there's mutual two way into question either by using pre-shared keys or by using digital signatures.