Yesterday's announcement of a SHA-3 "winner" gives me a great intro to talk about yet another important security related standard as part of our cyber security awareness month theme. Crypto standards have been critical to develop secure systems for a couple of reasons:
So what are these standards? Lets break it down into 3 groups: 1 - Symmetric CiphersIn 2001, NIST established the "Advanced Encryption Standard" (AES) [1] . It superseded the DES cipher that was used up to then. AES is also known as "Rijndael" , the name used for this cypher before it became known as AES. The cipher can be used with different length keys depending on the classification of the information. 2 - Asymmetric CiphersAgain referring to NIST [2], there are three standard asymmetric ciphers: DSA: Digital Signature Algorithm Asymmetric Ciphers are much more "expensive" then symmetric ciphers, and require longer keys. As a result, they are usually used to setup symmetric ciphers (like in SSL) or used to encrypt digital signatures. Currently, RSA and DSA are the most commonly used algorithm, but elliptic curve algorithms are getting a lot of attention as they do provide some significant performance advantages. 3 - HashingCryptographic hashes are usually used to prevent tampering with documents. Currently, SHA-2 (Secure Hash Algorithm) is the one that is the recommended standard, but as we learned yesterday, SHA-3 has just been announced. At this point of course, you may have a hard time implementing SHA-3. We will have to wait for it to be included in various libraries. A good cryptographic hash makes it very hard to intentionally create two different messages with the same hash value. These collisions are of course unavoidable is the message is larger then the hash, but it should be hard to find these collisions. The big difference between SHA-1 and SHA-2 is that SHA-2 is a set of different hash function s (SHA-224, 256, 384, 512) which can be used depending on the scenario. FIPS-180 suggests the use of SHA-256 for messages smaller then 264 bits [3]. 4- Where to find the standardsWe probably need a diary about standard bodies as part of this series (maybe tomorrow ;-) ). But just as a quick list of pointers: NIST is probably the best place to look for guidance and details on algorithms. NIST also publishes the "Federal Information Processing Standard" (FIPS) that includes a lot of details on what algorithms to use. Even if you are not US based, or not subject to any of the federal guidance (most private industry is not), you may find that your industry and national standards are closely aligned to the NIST standards. On an international level, ISO (International Organization of Standardization) is coordinating these efforts. The ISO is a member organization with representatives from various national standard bodies (e.g. ANSI in the US). IETF, the Internet Engineering Task Force, covers how these crypto algorithms are used in internet protocols. Below you find links to some of the key standards mentioned here. [1] http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
------ |
Johannes 4072 Posts ISC Handler Oct 4th 2012 |
Thread locked Subscribe |
Oct 4th 2012 8 years ago |
Please do a diary about standard bodies. I have always had a bit of an issue differentiating exactly what different bodies do, even when browsing to their websites and reading the mission statements. Thanks,
Anon |
Anonymous |
Quote |
Oct 4th 2012 8 years ago |
Dear Johannes,
You say "FIPS-180 suggests the use of SHA-256 for messages smaller then 2^64 bits". That should be "FIPS-180 suggests the use of SHA-256 for messages smaller than 64 bits". |
Anonymous |
Quote |
Oct 5th 2012 8 years ago |
As Bruce Schneier says, you are likely to get something wrong, even if following standards; the devil is in the details... You are much better off using off-the-shelf software such as OpenSSL or whatever.
|
Anonymous |
Quote |
Oct 5th 2012 8 years ago |
The good thing about standards is that there are so many of them. When speaking of crypto you also need to know about the Public-Key Cryptography Standards (PKCS) from RSA. And then you can add all the Banking and PKI standards on top.
The Handbook of Applied Cryptography is also an excellent reference (http://cacr.uwaterloo.ca/hac/). For practical purposes google Matasano's and Nate Lawson's old blog post about crypto and all the small details. But don't reinvent the wheel: use existing and proven libraries and APIs when performing crypto. |
Anonymous |
Quote |
Oct 7th 2012 8 years ago |
Sign Up for Free or Log In to start participating in the conversation!