IBM Americas, ATS, Washington Systems Center
© 2014 IBM Corporation
Intro to Crypto
Greg Boyd ([email protected])
Page 2 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Agenda – Intro To Crypto
Some background
Crypto Functions
–Symmetric algorithms
–Asymmetric algorithms
–Hashes
–Digital Signatures & Certificates
–PIN Support
Upcoming topics
Page 3 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
What is Cryptography?
Cryptography (or cryptology; from Greek κρυπτός, kryptos, "hidden, secret"; and γράφω, gráphō, "Iwrite", or -λογία, -logia, respectively)[1] is thepractice and study of hiding information. In moderntimes cryptography is considered a branch of bothmathematics and computer science and is affiliatedclosely with information theory, computer securityand engineering.
From Wikipedia
Page 4 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Business Requirements
Trust (Integrity)
Confidentiality
–Trade Secrets
–Business transactions
–Privacy (Personal Information)
Accountability/ Auditability
Page 5 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Crypto Functions
Data Confidentiality
– Symmetric – DES/TDES, AES
– Asymmetric – RSA,Diffie-Hellman, ECC
Data Integrity
– Modification Detection
– Message Authentication
– Non-repudiation
Financial Functions
Key Security & Integrity
Page 6 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Data Confidentiality – TDES
Data Key =>
Encrypt EncryptDecryptEncrypted
KeyEncrypted
Key
K E Y
EncryptedKey
Encryption Using Triple-DES outer feedback
8-bytesof key
Page 7 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Data Confidentiality - AES
Rijndael Algorithm
– Block Cipher (16-byte blocks)
– 128-, 192-, 256-bit key length
– 128 bit key=> 3.4x10**38 (340Undecillion)
– 192 bit key=> 6.2x10**57 (6.2Octodecillion)
– 256 bit key=> 1.1x10**77 (almost aGoogol)
– Multiple round
– Four steps per round (Byte substitution,shift row, mix column, add round key)
Image from http://www.esat.kuleuven.ac.be/~rijmen/rijndael
Page 8 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Electronic Codebook (ECB) Mode
Images from Wikipedia
Page 9 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Cipher Block Chaining (CBC) Mode
Images from Wikipedia
Page 10 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Asymmetric Algorithms
Public Key Architecture - PKA
–RSA
–Diffie-Hellman
–Elliptic Curve
ABCD @!&1 ABCD
Public key Private key
Encryption Decryption
Plain text Plain textCipher text
Page 11 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
RSA Public Key Cryptography
Generate 2 prime numbers P = 7 Q = 17
(each over 100 digits long)
Multiply primes to get modulus, N N = 7 x 17 = 119
Select odd number, E, that will E = 5
be the second part of the public key
Public Key (N E) 119 5
Compute second part of private key, D
(P-1) x (Q-1) x (E-1) (7-1) x (17-1) x (5-1) = 384
Add 1 to result 384 + 1 = 385
Divide by E to get D D = 385/5 = 77
Private Key (N D) 119 77
=
Page 12 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Encipher Message ‘SELL’
P = 7; Q = 17; N = 119; E = 5; D = 77
Public Key (N E) 119 5
Private Key (N D) 119 77
Convert characters to numeric 19 5 12 12
E.g. A=1, B=2, C=3 ….
Raise that character value to power E (‘S’ => 19**5 =>) 2476099
Divide by first part Public Key, get the Modulus 2476099 MOD 119 = 66
ePublicKey(S) => 66
ePublicKey(E) => 31
ePublicKey(L) => 3
Ciphertext 66 31 3 3
=
Page 13 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Decipher Message ’66 31 3 3’
P = 7; Q = 17; N = 119; E = 5; D = 77
Public Key (N E) 119 5
Private Key (N D) 119 77
Raise ciphertext to power D 66**77 = 1273160…..
Divide by first half of private key, get the modulus 1273160….. MOD 119 = 19
Convert numeric back to character 19 5 12 12
dPrivateKey(66) => “S”
dPrivateKey(31) => “E”
dPrivateKey(3) => “L”
Plaintext 19 5 12 12 or C’S E L L’
=
Page 14 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
ECC – Why is it important?
Elliptic Curve Support
–ECDSA
–New ECC Master Key
Effective Key Size Security
Symmetric RSA Key ECC Key
Key Size Size Size
80 1024 163
112 2048 224
128 3072 256
192 7680 384
256 15360 512
Image from DeviceForge and other sites
From NIST SP 800-57 Part 1 (Table 2) atwww.nist.gov
Page 15 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Why Asymmetric and Symmetric Keys?
Asymmetric
– plus - its strength, can be used to establish asecret between two parties
– minus – expensive in terms of performance
Symmetric
– plus - less resource intensive
– minus - requires key to be shared securely
=≠
Page 16 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Data Integrity – Modification Detection Code
Has the message changed?
A
Message MDCMessage
Characteristics of a goodhash
– Can’t recreate the message fromthe hash
– Two different messages arestatistically unlikely to generatethe same hash value
Hash Algorithm
Page 17 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Hash Example
SHA1(“The quick brown fox jumps over the lazy dog”)
= A9F1D770 4CA50AC1 504EA60B 12C7AE2D B054AD18
SHA1(“The quick brown fox jumps over the lazy hog”)
= 24120AD2 C337DE18 24E18BF0 C54F0B4F 98592343
Page 18 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Data Integrity – Message Authentication Code
Has the message changed?
A
Message Message
Hash Algorithm
Key
MAC
Page 19 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
AASignature
Algorithm
Signatures
Message
AHash Algorithm
Message Digest Digital Signature
Signatures are a way to securely associatesomeone with the data they send
AASignature
Algorithm
Page 20 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Verisign||GregBoyd||ExpDate||Version||Algorithm ||
Data Integrity – Digital Certificates
GregBoyd
Public Key Private Key
CA
Cert=>Verisign||GregBoyd||ExpDate||Version||Algorithm || ||Digital Signature
Signature Algorithm with
PartnerSignature Algorithm with
CA’s Public Key
Digital Signature?=?
CA’s Private Key
A
A
Page 21 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Financial Services
PIN Generation
PIN Verification
PIN Export/Import
signaturealgorithm
Authentication
Secret PIN
Secret PINcalculating key
Equal/Not equal
Page 22 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Hash and Key LengthsWhy do we care about lengths a of keys and hashes?
– The longer a key the lower the probability to guess the right key
– The longer a hash the lower the probability to guess a matching text for a given hash
– Key and hash sizes that are considered secure change over time
Crypto Cryptography is not security, it is only low probability!? - But “Low” is “V E R Y L O W”!
Key lengths for symmetric keys are not comparable to those of asymmetric keys
E.g. only a “few” numbers out of 21024 1024-bit numbers are valid keys for RSA
154 digitsSHA-512: 2512 different hashes
about 1082number of atoms in the universe
77 digitsAES-256/SHA-256: 2256 different keys/hashes
58 digitsAES-192: 2192 different keys
about 1.2*1057number of atoms in our solar system
about 1.33*1050number of atoms in the earth
38 digitsAES-128: 2128 different keys
1 in 72,057,594,037,927,936DES: 2256 different keys
1 In 176,000,000MegaMillions (March, 2012) @ $640Million
*Chart adapted fromReinhard Buendgen
Page 23 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
System z Encryption Solutions
Key Storage
Encryptionservicemanagement andoptimization
ICSF, RACF, SMF
Encryption hardware accelerationwith every processor
CryptoExpress
CryptoExpress
zAAP(Java)
Tru
ste
dK
ey
Entr
y
System z Encryption Infrastructure
Tamper-resistantencryption processingKeys are not in the clear
GPProcessor
GPProcessor
z/OS
zIIP(IPSec)
Encryption Solutions
IFL(Virtualization,
Linux)
Crypto access
Linux for System z
CKDS
PKDS TKDS
Encryption Facilityfor z/OS
Tape / DiskEncryption
System SSL
DatabaseEncryption
PKI Services
Java
EKMF (KeyManagement)
PerformanceDisaster
Recovery
Master Keys Master Keys
Page 24 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
System z Encryption Solutions
Key Storage
Encryptionservicemanagement andoptimization
ICSF, RACF, SMF
Encryption hardware accelerationwith every processor
CryptoExpress
CryptoExpress
zAAP(Java)
Tru
ste
dK
ey
Entr
y
System z Encryption Infrastructure
Tamper-resistantencryption processingKeys are not in the clear
GPProcessor
GPProcessor
z/OS
zIIP(IPSec)
Encryption Solutions
IFL(Virtualization,
Linux)
Crypto access
Linux for System z
CKDS
PKDS TKDS
Encryption Facilityfor z/OS
Tape / DiskEncryption
System SSL
DatabaseEncryption
PKI Services
Java
EKMF (KeyManagement)
PerformanceDisaster
Recovery
Master Keys Master Keys
Page 25 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
System z Encryption Solutions
Key Storage
Encryptionservicemanagement andoptimization
ICSF, RACF, SMF
Encryption hardware accelerationwith every processor
CryptoExpress
CryptoExpress
zAAP(Java)
Tru
ste
dK
ey
Entr
y
System z Encryption Infrastructure
Tamper-resistantencryption processingKeys are not in the clear
GPProcessor
GPProcessor
z/OS
zIIP(IPSec)
Encryption Solutions
IFL(Virtualization,
Linux)
Crypto access
Linux for System z
CKDS
PKDS TKDS
Encryption Facilityfor z/OS
Tape / DiskEncryption
System SSL
DatabaseEncryption
PKI Services
Java
EKMF (KeyManagement)
PerformanceDisaster
Recovery
Master Keys Master Keys
Page 26 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
System z Encryption Solutions
Key Storage
Encryptionservicemanagement andoptimization
ICSF, RACF, SMF
Encryption hardware accelerationwith every processor
CryptoExpress
CryptoExpress
zAAP(Java)
Tru
ste
dK
ey
Entr
y
System z Encryption Infrastructure
Tamper-resistantencryption processingKeys are not in the clear
GPProcessor
GPProcessor
z/OS
zIIP(IPSec)
Encryption Solutions
IFL(Virtualization,
Linux)
Crypto access
Linux for System z
CKDS
PKDS TKDS
Encryption Facilityfor z/OS
Tape / DiskEncryption
System SSL
DatabaseEncryption
PKI Services
Java
EKMF (KeyManagement)
PerformanceDisaster
Recovery
Master Keys Master Keys
Page 27 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
System z Encryption Solutions
Key Storage
Encryptionservicemanagement andoptimization
ICSF, RACF, SMF
Encryption hardware accelerationwith every processor
CryptoExpress
CryptoExpress
zAAP(Java)
Tru
ste
dK
ey
Entr
y
System z Encryption Infrastructure
Tamper-resistantencryption processingKeys are not in the clear
GPProcessor
GPProcessor
z/OS
zIIP(IPSec)
Encryption Solutions
IFL(Virtualization,
Linux)
Crypto access
Linux for System z
CKDS
PKDS TKDS
Encryption Facilityfor z/OS
Tape / DiskEncryption
System SSL
DatabaseEncryption
PKI Services
Java
EKMF (KeyManagement)
PerformanceDisaster
Recovery
Master Keys Master Keys
Page 28 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
System z Encryption Solutions
Key Storage
Encryptionservicemanagement andoptimization
ICSF, RACF, SMF
Encryption hardware accelerationwith every processor
CryptoExpress
CryptoExpress
zAAP(Java)
Tru
ste
dK
ey
Entr
y
System z Encryption Infrastructure
Tamper-resistantencryption processingKeys are not in the clear
GPProcessor
GPProcessor
z/OS
zIIP(IPSec)
Encryption Solutions
IFL(Virtualization,
Linux)
Crypto access
Linux for System z
CKDS
PKDS TKDS
Encryption Facilityfor z/OS
Tape / DiskEncryption
System SSL
DatabaseEncryption
PKI Services
Java
EKMF (KeyManagement)
PerformanceDisaster
Recovery
Master Keys Master Keys
Page 29 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
References
Cryptography Books
– Bruce Schneier, “Applied Cryptography, Second Edition: Protocols, Algorithms,and Source Code in ‘C’”, Addison Weley Longman, Inc. 1997
– Simon Singh, “The Code Book”, Anchor Books, 1999
– Niels Ferguson, Bruce Schneier, “Practical Cryptography”, Wiley Publishing, Inc.2003
Standards
– http://csrc.nist.gov/ – Computer Security Resource Center of NIST
– http://www.rsa.com/rsalabs/ - Research site for RSA Security
– www.ietf.org – Internet Engineering Task Force
Free Stuff
– www.scmagazine.com/ – SC Magazine
– www.counterpane.com – Bruce Schneier web site with monthly newsletter
Page 30 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
IBM Pubs
ICSF Overview
– z/OS 2.1 SC14-7505
– z/OS 1.13 SA22-7519
ICSF Administrator’s Guide
– z/OS 2.1 SC14-7506
– z/OS 1.13 SA22-7521
ICSF Application Programmer’s Guide
– z/OS 2.1 SC14-7508
– z/OS 1.13 SA22-7522
ICSF System Programmer’s Guide
– z/OS 2.1 SC14-7507
– z/OS 1.13 SA22-7520
Page 31 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
IBM Resources (on the web)
Redbooks – www.redbooks.ibm.com (search on‘crypto’)
– IBM zEnterprise EC12 Configuration Setup, SG24-8034
– IBM zEnterprise EC12 Technical Introduction, SG24-8050
– IBM System EC12 Technical Guide, SG24-8049
ATS TechDocs Website –www.ibm.com/support/techdocs (search on ‘crypto’)
– WP100810 – A Synopsis of System z Crypto Hardware
– WP100647 – A Clear Key / Secure Key /Protected Key Primer
Page 32 of 32
IBM ATS, Washington Systems Center
Intro to Crypto January, 2014 © 2014 IBM Corporation
Questions …