Slide 1

INTRODUCTORY COURSE
BCSE - WHITEHAT
Slide 2

Cryptography
Slide 3

Content

1. Introduction to encryption
2. Methods of encryption
3. Public key infrastructure (PKI) and
digital signature
4. Standards and encryption protocols

Today, with appearance of computer, written documents and important information has been
digitized and handled on the computer, transmitted in an environment defaulted is not safe.
Therefore, requiring a mechanism and solution to protect the safety and private of sensitive and
important information is more and more imperative. Encryption is the solution to solve all
above problems.
Present example in advance, followed by definition
So, What is encryption?
Slide 4

Introduction to encryption
Definition

Hello Mã hóa $%@% Giải mã Hello

(Cyphertext)

Encryption is a field of cryptography

Has obligation to research the algorithm and methods in order to unsure confidentiality and
accuracy of information
By changing original data into other form – invisible and change again to original form (in other
time)
Slide 5

Introduction to encryption
Denifition:
 Sender/Receiver
 Plain text (clear text)
 Cipher text/Cypher text
 Encryption/Decryption
 Key
 Algorithm

Important terms needs to understand when learning about field of encryption, including:
Sender/Receiver: Sender/Receiver shall appear in a communication system with the use of
encryption
Plain text: means document in understandable (readable) manner before encrypting and after
decrypting.
In contrast, Cipher text or ciphertext is documents in a incomprehensible manner
Encryption is an encryption process or a process transferring plain text to corresponding
ciphertext
In contrary to Encryption, Decryption is process transferring the ciphertext to original plain text
Key is a key word used during the encryption and decryption
Algorithm: includes 02 concepts of encryption algorithm and decryption algorithm, is set of
rules associated with the use of keys to switch back and forth between plaintext and ciphertext
These are basic concepts when saying encryption, detailing about the terms shall be clarified
when delving into the next contents of this lecture
Slide 6

Introduction to encryption
Mục đích: mã hóa nhằm đảm bảo:
 Confidentiality: The data is not seen by third
party
 Intergrity: The data is not changed during the
transmission
 Authentication: verify origin of information
 Non-repudiation: is a mechanism ensuring
those who implemented action cannot deny
such action.

As stated from the beginning, encryption is a solution in order to solve the requirements of
security and confidentiality of the data transmitted in the communication session, thus
Basic targets of encryption include:
Confidentiality: encryption ensures that content of data is hidden inside a communication
session or transaction session, not be seen by third party.
Integrity: Encryption ensures that data can only be affected by the competent or not be
intervened to change contents by third party
Accuracy: Encryption helps confirm the source of the information. I would like to give an
example as follows: when the transaction still is only exchanged through paper, the exchange of
documents that Mr. a gives to Mr. b, for the information society using electronic transaction, is
difficult to confirm where information comes from, encryption shall solve this problem
Nonrepudiation: is a mechanism ensuring those who implemented action cannot deny such
action.
Slide 7

Introduction to encryption
For
Gaius Julius Caesar
example:

H E L LO

Plain text H E L LO
Encryption

Cipher text C Z G G J
Decryption

Plain text H E L LO

Let’s see a basic example of encryption

This is a encrypting method known as permutation code or additive code
Be the first mentioned by Gaius Julius Caesar
You can encryption algorithm is relatively simple; a letter of the alphabet is replaced by other
letter under revolving rule of alphabet for 5 times.
Slide 8

Content

1. Definition
2. Methods of encryption
3. Standards and encryption protocols
4. Public key infrastructure (PKI) and
digital signature

Thus, we has had a quick overview about encryption, understood basic concepts inside one
encryption system.
Now, we shall learn together an important part of encryption systems. These are encryption
methods or encryption algorithm.
Slide 9

Methods of encryption
Hash
Symmetric encryption
Asymmetric encryption

Typically, the encryption system is divided into two types: symmetric encryption system (or
private encryption system) and asymmetric encryption system (or public encryption system)
Corresponding to the encryption system is the methods or encryption algorithms, including
Symmetric encryption system algorithms correspond to the private encryption system
Asymmetric encryption system algorithms correspond to public encryption system
Besides, hash algorithms, also known as the hash function used in electronic signatures or
public encryption system.
Slide 10

Methods of encryption
Hash
- Hash transfers head any
chain into chain with fixed
length
- Purpose: use to check
integrity of data

- Feature::
• Is one-way function
• Clashed

First of all, we are going to clarify the concept of hash function together:
Taking a variable length chain, the hash function has obligation to transform such chain into a
fixed-length chain (called a hash value).
As stated, in the electronic communication session, information transmitted in an environment
defaulted is not safe, so how to take part in by parties, namely the sender and the receiver can
ensure the integrity of the information (i.e., ensuring that the information is not altered in
transmission). A hash function is a solution to solve the problem.
Present the example
A hash function is used for the primary purpose: to check the integrity of the data, the data
after processing through the hash algorithm called a hash value. Fixed length of this hash value
depends on the hash algorithm, but not depending on the input data.
Characterization of hash function:
Is a one-dimensional function: i.e., from a hash value cannot infer original text.
Clashed: this nature is caused by activity principles of hash function. Because hash value has
fixed length, space of hash value is finite, at that time, and then there exists the ability to
appear 2 input strings producing 01 hash value.
A strong hash function is generated on the basis of difficult one-dimensional trap problem, in
other words, there has no solution or take a long time to get answers, besides combining with
the full-length hash value to ensure a non-collision of a hash function.
Slide 11

Methods of encryption
Hash:
 Hash will be sent with the
data, the receiver will use
hash algorithm to create
new hash.
 with attached hash value.
Accordingly, verify that
whether data is changed
during the transmission.

We return together to the previous example, after initial processing of hash, the hash shall be
sent with the original.

After receiver have been received the original with its hash value, the receiver shall use the
same hash algorithm with sender to calculate the hash value of document received, and then
compare the hash value attached to the original. Accordingly, we can define whether the data
have been modified during transmission.
Slide 12

Methods of encryption
hash) – (Cont.):
 Some hash algorithms
 MD5 (Message Digest 5): hash value of 128
Methods of encryption
bits
 SHA-1 (Secure Hash Algorithm): hash value
of 160 bits

Currently, there exist a lot of different hash algorithms, however, two algorithms are evaluated
with high reliability to being widely used as MD5 and SHA-1 by ensuring the high non-collision
and decryption or the hash function is a difficult problem.
Slide 13

Methods of encryption
Problems with MD5 and SHA-1
MAC – Message Authentication Code
 HMAC–MD5
 HMAC–SHA-1

MD5 is an improved version of MD4 hash function given by Ronald Rivest in 1991. The hash
function uses the hash value with length of 128bits
SHA-1 is given by National Security Agency in 1995 (the previous version is SHA-0 given in 1993)
and considered to be standard to process Federal information of USA. This hash function uses
the hash value string with length to 160bits.
The decryption of the hash function can be regarded as impossible, SHA-1 is a example, in 2005,
a group of experts at Shandong University (China) declared how to exploit SHA-1 with 2^69 tests
that exploits 200 times as fast as the previous 2^80 tests.
Thus, to complete the implementation of 269 tests will take 1,757 x 8 = 14056 days (~ 38 years
and a half) or the number of computers is necessary to mobilize 331,252 x 8 = 2650016
computers
Slide 14

Methods of encryption
Symmetric encryption
- Using code locks is related equally key key
- Dividing into small types:
+ Stream cipher
+ Lock cipher

The second encryption method is going to be presented which is symmetric encryption method
The symmetric encryption algorithm, also known as private encryption algorithm, but the
algorithm using code locks is related equally together (usually both processes of encryption and
decryption are exactly the same.)
The encryption algorithm can be divided into stream cipher and block cipher
Stream cipher shall encrypt all bits of a message once only
While block cipher splits a message into blocks, each of block contains certain fixed bit, and
then encrypt them into each a separate unit.

Advantages of block cipher

Slide 15

Methods of encryption
Symmetric encryption
 Use the same to encrypt and decrypt
 Types
 DES (Data Encryption Standard): 56 bits key
 3DES (Triple DES ): 168 bits key
 AES (Advanced Encryption Standard): 128, 192, 256
bits key.

 Be able to unlock key by forcing bruce + key

management problems

As presented, block cipher algorithm is belong to the private encryption algorithm, also known
as symmetric encryption algorithm, we use the same a lock for both processes, outstanding
algorithms have been developed such as
DES uses code lock with the length of 56bits
3DES is the extended algorithm of DES used in connection with 03 consecutive DES cycles helps
to increase the security with lock lengths up to 168bits.
Advanced AES data encryption standard is private lock code system allowing to process the
input data block with size of 128 bits, using locks with length of 128, 192 or 256 bits
Because 01 clock used jointly, pp can attack exhaustively -> so, management and lock exchange
are very important problem to be solved.
Slide 16

Encryption algorithm
DES algorithm

- is a encryption algorithm containing input and

output are 64bits
- Lock is 64 bits, but having 8 bits for odd- even
examination, remaining 56bits. Therefore, lock
space is 2^56.
- -Use 16 cycles

16 16

As DES is an example, we shall analyze DES algorithm together for purpose of understanding
way in which a block cipher operates.
In the late 60s, Lucifer code system was given by Horst Feistel. Then, US Standards
Commission agreed to develop it into a data encryption standard and announced on 02.15.1977
DES is a encryption algorithm containing input and output are 64bits
Lock is 64 bits, but having 8 bits for odd- even examination, remaining 56bits. Therefore, lock
space is 2^56.
Slide 17

Encryption algorithm
DES algorithm

Elements::
- subset key
- F function
- Initial Permutation

17 17

Important elements of DES algorithm including:

A set of the subset key: DES uses a multi-table selecting from 56 bits to figure out the subset
keys of k1, k2, ...with the length of 48 bits
F function: It is considered to be the most important component of DES, we shall discuss on this
f function later
Initial Permutation: in fact, it is a cyclical permutation the same as operation way of Ceaser code
as shown above
At each cycle of DES, small stock of Ri shall become the left small stock of the next L (i+ 1) cycle,
and passing f function and a XOR bit with the Li small stock to become the right small block of
the next cycle.
Slide 18

Encryption algorithm

DES algorithm
- f function:

18 18

As mentioned, f function plays an important role in DES; this function appears in each cycle of
DES.
Input is a block of 32 bits, given to extended function of E to get block of 48bits
Then, collected block shall implement XOR bit with small block generated via K generating set.
Result block shall continue passing a S-Box black box to get output of 32 bits, currently, there
exists many disputes about operation of S-Box, it is said that S-Box is key to increase the safe of
DES.
Slide 19

Encryption algorithm
DES algorithm

• Assessment:
- ensure basic principles of a block cipher, including: The
length of key is large enough to ensure that decryption is
a difficult problem, the dependence of code on the
information is a nonlinear.

- Weaknesses: addition and weak key

19 19

DES is considered to be data encryption standard of UAS announced by United States Standards
Committee on February 15th, 1977. DES has ensured basic principles of a block cipher, including:
The length of key is large enough to ensure that decryption is a difficult problem
The dependence of code on the information is a nonlinear, this is guaranteed by operation
manner of f function, particularly is above mentioned E extended function.
Besides, DES has still several limitations such as:
Addition: (x = 010011 with the addition as x’=101100), this makes key space is reduced a haft
compared to key space at normal state.
DES contains 08 weak key pairs, in other words the key when using to encrypt makes code
exactly identical to original information or also known as making the information is exposed DES

Therefore, in fact, one does not use separate DES, normally combines many consecutive times
of DES encryption such as 3DES, or Cipher Block Chaining –CBS, k-bit Cipher Feedback Mode…
Slide 20

Methods of encryption
Asymmetric encryption
Public Private
key key

Among private block ciphers, if we know how to unlock and how to decrypt quickly the
encryption function (multi real time). Besides, the symmetric encryption algorithm in general
always exist weaknesses. It is when the number of user increases, the number of key also
increase, for example, for n users, the number of key that must manage shall be n*(n-1)/2
leading to the difficulty of management. And, this code also cannot be applied in the field of
electronic commerce (as service with the most important demand for encryption in the present)

Therefore, in 1975, Diffie and Hellman, in a study works, proposed ideas on development of
code system operating under new principles, associated to in transmission side as opposed to
transmission pairs.
Slide 21

Methods of encryption
Asymmetric Encryption
Key that uses to encrypt and decrypt is different
 There are 02 types of key
 Private key: keep separately
 Public key: give the publicity
 Meaning
 Encryption
 Digital signatures

The encryption system generated according to this principle is called as asymmetric encryption
system; their basic principle is each user shall own a key pairs (private and public) using for the
encryption and decryption.

Public key encryption system overcomes the limitations of private key encryption system,
increases the safe in key management, and be able to apply to small areas of electronic
commerce such data encryption, supply of digital signatures
Slide 22

Methods of encryption
Asymmetric encryption

We are going to present together on basic operation model of public key encryption system or
asymmetric encryption system:
You can see an example on the slide:
Alice wants to send message to Bob, when
Somehow Alice have to (be able to call directly to Bob, or through competent key manager of
Bob) contact to Bob for purpose of getting public key of Bob (Bob must create his previous key
pairs, of course)..
Alice shall use this key, combining with a public key encryption algorithm to change the message
into cipher text
This cipher text, currently, can transmit on all public transmission, but its confidentiality is still
guaranteed.
When Bob receives the cipher text, he shall use private key stored, combining with decryption
algorithm corresponding to the encryption algorithm that Alice used to decrypt.
Slide 23

Methods of encryption
Asymmetric encryption
 algorithms:
 RSA (Ron Rivest, Adi Shamir, Leonard
Adleman)
 DSA (Digital Signature Standard)
 Diffie-Hellman (W. Diffie and Dr. M. E.
Hellman)

In above example, we has mentioned concepts of encryption algorithm and decryption

algorithm, now, we are going to clarify jointly 02 these concepts,
Both above concepts are part of an encryption algorithm, decryption algorithm must be paired
with encryption algorithm based on the same certain mathematical basis.
In public key encryption algorithm, many algorithms designed and announced, among such
algorithms, RSA algorithm is being used widely in the present.

Besides encryption algorithm, other algorithms such as DAS as algorithm for purpose of
signature and Diffie-Hellman as algorithm for purpose of crating and exchanging the key.
Slide 24

Methods of encryption
 RSA (Ron Rivest, Adi Shamir, Leonard Adleman)
Select p,q prime

Calculating n =p*q
plaintext m
Calculating Φ(n) = (p-1)(q-1)

Select Public Key e

(0< e < Φ(n)) (e< >Φ(n))
e c  me mod n
Code C

Select Private Key d

d  e 1 d m  c d mod n
Original
plaintext m

To the extent of the program, we will learn the operation of the RSA algorithm as the typical
algorithm of public key encryption system,

RSA is an abbreviation of three authors designed it (Ron Rivest, Adi Shamir, Leonard
Adleman).This is the most famous encryption algorithm and also the most practical application.
To install RSA, first, each person uses public key and private key itself by:
Selecting randomly 02 different large prime numbers p and q
Calculating n = p*q, m = (p - 1)*(q - 1)
Selecting an e is smaller m so that e and m is co-prime, e is called encrypting exponent
Finding d inversion of e on m module, d is called the decrypting exponent
Accordingly, we has public key: (e, n)
Private key: (d, p, q)

Use of RSA:
The message is expressed as the number x, the cipher text is calculated by the expression c = x ^
e (mod n)
Decryption process: x = c^d (mod n).

The safe of RSA: The safe of RSA depends on the difficulty of calculating m, this is the problem
analyzing large integer into prime number (a difficult problem in mathematics)

Currently, there have no optimal solution, so RSA is safe in the current period.
To promote RSA, during encryption and decryption, one uses two additional algorithms known
as the extended eclipse algorithm to find the d inverse of e and multiplication algorithm for
multiplying two large integers when calculating c or x.
Slide 25

Content

1. Definition
2. Encryption algorithms
3. Public key infrastructure (PKI) and
digital signature
4. Standards and encryption protocols

Thus, here you have the basic knowledge of encryption.

Slide 26

Public key infrastructure

Digital signature

Before learning public key infrastructure, we shall learn what is digital signature and how do
signing process take place.
In fact, we need to sign a text in case we want reader later to know that such text was approved
or issued by itself. This demand also exists in electronic transactions and electronic signatures
are generated to satisfy it. In some aspects, digital signatures perform a lot better than the real
signature. Electronic signatures are more difficult to fake and it also allows reader text can be
sure that after signing, the text has not been changed.
Looking at the pictures, we shall see the number sign is divided into 2 parts:
Sign and Verify
Sign: Data is initially passed the hash function, and we shall obtain hash value (Summary value).
Then, this data will be encrypted to open private key of sender. => Results of encrypted hash +
public key of sender form 01 element called digital signature. This digital signature is attached to
document that sender wants to send.
Verify: Data signed book shall be divided into two parts by the receiver, one is document and
one is data block of "Digital Signature", the "Digital Signature" will be decrypted with the public
key of the sender obtaining decryption value, this value will be compared with the obtained
value when the document that has been received from the sender passes a respective hash
function. If == means the document has not been changed, otherwise means have been
changed (Meet one-way hash function property)
Thus, one question is how the receiver to verify that such public key belongs to person that the
receiver wants to send?
It is one part of the PKI tasks that we will learn instantly. Safe exchange of public key is taken
responsibility by the PKI system
Slide 27

Is encryption technique enough?

27

Referring again to four problems that should be solved in problem of secure transaction data
safety
• Who is trading? (Authentication)
• Information that is sent has been eavesdropping? (Private)
• The received data has been modified or not? (Integrity)
• Refusing to act made. (Anti-rejection)
Do the safe password measures ensure the confidentiality and integrity of data?
For use of key pair in the transaction process, who will verify that Mr. A is the owner of such key
pair?
And those who receive transaction information received right information from the right
person who they are trading?
It is necessary to have a trusted third-party in order to certify that a pair of keys belongs to an
identical subject.
Slide 28

PKI – Public Key Infrastructure

 Public key infastructure)

 Including security technology, and policies using
encryption and standards that allowing user:
o Verify that public key belongs to who?
o What purposes of public key are?
o Valid time of public key?

28

Full definition of PKI as follows: PKI is a secure infrastructure, including: objects of hardware and
software, people, policies, and procedures that need to create, management, storage,
distribution and retrieval of digital certificates, using public key encryption system to provide
security services for online transactions. - According to wikipedia.
However, we can summarize briefly like this:
PKI is a system to give each person one (or some) public key and answer three questions about
the public key: whose is key? What are its functions? Expire date? So, the public key of each
person will be attached to a person's digital certificate and is created, distributed and managed
by the PKI system.
Slide 29

PKI – Public Key Infrastructure

Trust an certain “object”
Trust model
CA: Certificate Authority
Public Key Infrastructure: sender,
receiver, CA,..v.v

29

So, when using PKI infrastructure, we will have to trust the third party issuing such certificate.
Model believing the third party is called “Trust model”
Composition issuing digital certificate is called CA: Certificate Authority
And as we have mentioned, a PKI as 1 infrastructure architecture containing components: ... we
will learn instantly
Slide 30

PKI – Public Key Infrastructure

Basic elements of 1 PKI system
 CA: Create digital certificates
 RA: Receive registration
 CRL: Store list of certificate revoked
 OCSP Server: provide information on
online certificate status
 End Entity

30

The basic components of one system PKI include:

CA:
– Create, issue and revoke digital certificates. Create and issue the CRL.
– Manage all aspects (lifetime) of the digital certificate after issuance.
RA:
– Perform management tasks (on behalf of the end user to initialize the processes of issuance
and revocation of certificates,)
– Perform tasks related to the registration of last entity (individual identification)
Client
– Users, devices, using digital certificates - relying party
– Owner owns digital certificate (subscriber) - end entity.
– Software (fat-client, thin client, applet, DLL, library…).
Slide 31

PKI – Public Key Infrastructure

PKI

CA:
– Create, issue and revoke digital certificates. Create and issue the CRL.
– Manage all aspects (lifetime) of the digital certificate after issuance.
RA:
– Perform management tasks (on behalf of the end user to initialize the processes of issuance
and revocation of certificates,)
– Perform tasks related to the registration of last entity (individual identification)
Client
– Users, devices, using digital certificates - relying party
– Owner owns digital certificate (subscriber) - end entity.
– Software (fat-client, thin client, applet, DLL, library…).
Slide 32

PKI – Public Key Infrastructure

Models of PKI

Public Key Infrastructure - PKI is a secure infrastructure of network, using public key encryption
system to provide security services for online transactions.
· PKI provides a framework for implementing safe services (security) based on public key
encryption system.
· Same as above is some popular PKI models
§ The first is 1 CA and end user model
§ The second model is stratified CA
Slide 33

Certificate?
 Data structure containing information of owner
such as full name, email

 Link with a key pair (Public/Private key).

 Divide into many types corresponding to the

standard: X.509, SPKI certificate, …

We have understood what is a PKI infrastructure?, what is its function?, what are components
like? etc. But there is one concept that we have not mentioned. It is a digital certificate? Also
known as Certificate. What is it? How to generate it by CA? And what standards must comply
with?
Digital certificate is a data structure containing information of owner such as the owner's full
name, email, ... and an important component of which is the public key of certificate holders,
this component is very important because it helps others can check their signature.
Based on the standardized data structure of a certificate, the certificate is divided into several
categories that correspond to the standards such as X.509 public-key certificate, SPKI
certificate,..
Slide 34

Certificate X.509 ?
- Data structure signed by CA in accordance
with X. 509 standard
- Indentification information for a certain
person, organization and equipment

X509 digital certificate standard is widely used

It is a data structure signed by the CA according to X.509 standard
The information contained in a certificate is to identify a certain user, an organization or a
device
Slide 35

Certificate X.509 ?

 Subject distinguisded name (DN): Identify user

 Public key corresponding to object who granted Certificate.
 Version X509
 Serialnumber: identify only to Certificate.
 Issuer DN: Identify Authority who grants this Certificate (CA)
 Digital Signature of CA.
 Certificate information on algorithm using to sign on Certificate
 In addtion, there has some other information

We have understood what is a PKI infrastructure?, what is its function?, what are components
like? etc. But there is one concept that we have not mentioned. It is a digital certificate? Also
known as Certificate. What is it? How to generate it by CA? And what standards must comply
with?
Digital certificate is a data structure containing information of owner such as the owner's full
name, email, ... and an important component of which is the public key of certificate holders,
this component is very important because it helps others can check their signature.
Based on the standardized data structure of a certificate, the certificate is divided into several
categories that correspond to the standards such as X.509 public-key certificate, SPKI certificate,

X509 digital certificate standard is widely used

It is a data structure signed by the CA according to X.509 standard
The information contained in a certificate is to identify a certain user, an organization or a
device
Digital certificates shall be issued by the CA in case users register with such CA (mentioned
above). CA is responsible for managing the lifetime of each certificate issued by them. The
lifetime of a certificate includes the following stages:
Create
Revoke
Renew
Change
Suspend/restore
Slide 36

PKI – Public Key Infrastructure

Lifecycle of digital certificates
 Create a new
 Revoke
 Renew
 Change
 Suspend/restore

Creation process is completed in CA. If the public key is not generated by the CA, the public key
must be safely transferred to the CA to put on the certificate. When the pair of keys and
certificates that have been created, they must be appropriately distributed to subscriber.
Distribution of keys and certificates depends on several factors: location of key generation, use
purpose of the certificate, and the constraints on the function or policy.
Revoke: concluding a certificate (and the corresponding private key) is no longer valid and is
included in the CRL. ... reasons: doubting the disclosure the private key, changing the job status
Renew / Change key: is the process automatically generating a new key pair and issuing
respective certificate in case the legal key pair is about to expire.
Suspend/restore: is usually recovery, and then granting entirely new certificate, but now PKI
technology has developed the protocol allowing to suspend/restore temporarily the key pair:
CMP, XKMS
Slide 37

Content

1. Definition
2. Encryption algorithms
3. Public key infrastructure (PKI) and
digital signature
4. Standard and encryption protocols

The next, we are going to learn about: standards and encryption protocols being used widely
Slide 38

Ptotocols
Layer 2:L2F, PPTP, L2TP
Layer 3: IPSec
Layer 4: SSL
Layer 7: HTTS, SSL,
S/MIME

Some basic protocols in the OSI layers:

Layer 2:L2F, PPTP, L2TP
Layer 3: IPSec
Layer 4: SSL
Layer 7: HTTS, SSL, S/MIME
Slide 39

Routing protocol of 3rd layer : IPSec

Followed by routing of 3rd layer: IPSec

Slide 40

Function of IPSec.

• IPSec is not a protocol

• Psec creates a secure tunnel through the Internet to transmit the data
stream.

Some basic functions of IPSec:

- IPSec is not a protocol
- IPsec creates a secure tunnel through the Internet to transmit the data stream.
Slide 41

Protocol frame of IPSec

Some major protocols are encouraged to use when working with IPSec.
IP Security Protocol (IPSec)
+ AH (Authentication Header)
+ ESP (Encapsulation Security Payload)
Encryption of Message
+ DES (Data Encryption Standard)
+ 3 DES (Triple DES)
Integrity of Message
+ HMAC (Hash – ased Message Authentication Code)
+ MD5 (Message Digest 5)
+ SHA-1 (Secure Hash Algorithm -1)
Peer Authentication
+ Rivest, Shamir, and Adelman (RSA) Digital Signatures
+ RSA Encrypted Nonces
Key Management
+ DH (Diffie- Hellman)
+ CA (Certificate Authority)
Security Association
+ IKE (Internet Key Exchange)
+ ISAKMP (Internet Security Association and Key Management Protocol)
Slide 42

Major protocol of IPSec

• AH: Allow verifying and checking the data integrity of the IP packets
transmitting between the two systems. AH: It is a means to verify
whether the data has been changed upon transmitting. Because AH
does not provide the ability to encrypt the data, the data are
transmitted as plaintext.
• ESP: As a security protocol allows encrypting data, verifies origin of
data, checks integrity of data. ESP ensures the confidentiality of
information through encryption at the IP layer. All the ESP flow is
encrypted between the two systems.

Major protocol of IPSec:

AH: Allow verifying and checking the data integrity of the IP packets transmitting between the
two systems. AH: It is a means to verify whether the data has been changed upon transmitting.
Because AH does not provide the ability to encrypt the data, the data are transmitted as
plaintext.
ESP: As a security protocol allows encrypting data, verifies origin of data, checks integrity of
data. ESP ensures the confidentiality of information through encryption at the IP layer. All the
ESP flow is encrypted between the two systems.
Slide 43

Operation of IPSec

• Step 1- Enabling the capacity needs to be protected

• Step 2 – IKE Phase 1
• Step 3 – IKE Phase 2
• Step 4 – Encrypted tunnel of IPSec
• Step 5 – Ending the tunnel

Operational steps of IPSec

Step 1- Enabling the capacity needs to be protected
Step 2 – IKE Phase 1
Step 3 – IKE Phase 2
Step 4 – Encrypted tunnel of IPSec
Step 5 – Ending the tunnel
Slide 44

Step 1: Enabling the capacity needs to be protected

Step 1: Enabling the capacity needs to be protected

Identifying which capacity should be protected as part of the security policy (Security Policy) of
a VPN network. Policy is used to determine which capacity should be protected and unprotected
(the capacity in a clear text form without protection). The policy will later be made at the
interface of each IPSec partner.
For each packet of data input and output will have three choices: Use IPSec, for over IPSec, or
cancel the data plan. For every packet is protected by IPSec, the system administrator must
specify the security services used for such packet. The database, security policies specify the
IPSec protocols, nodes, and the algorithms used for capacity flow.
For example, Access Control Lists – ACLs of the router used for knowing which capacity should
be encrypted. ALCS is defined by the command line.
For example: - Permit command: Identifying the capacity must be encrypted.
- Deny command: Identifying the capacity must be sent under unencrypted form.
When discovering the capacity that must be protected, an IPSec partner will enable the next
step: Agree an exchange of IKE Phase 1.
Slide 45

Step 2: IKE Phase 1:

Step 2: IKE Phase 1:

1) The basic purpose of IKE Phase 1 is to agree the IKE policies, verify equal partners, and
establish a secure channel between the partners. IKE Phase 1 has two modes: Main mode and
Aggressive mode.
2) Main mode has 3 two-way exchanges between the creator and the receiver :
- The first exchange - The cipher and verification (used to protect the exchange of IKE
information) will be agreed between the partners.
- The second exchange - Use DH exchange to create the shared private keys, exchange of
random numbers (nonces) to confirm the identity of each partner. Shared private key is used to
generate all other encryption and verification keys.
- The third exchange- Verify identity each other (Partner verification). Main result of the main
mode is a safe communication for the subsequent exchange of the two partners.
3) Aggressive mode less implements exchange than Main mode (lesser packet, of course).
Almost everything is implemented in the first exchange: agreement of IKE policies; generate of
DH public key; and a identify packet, can be used to determine identity through a third party.
The receiver sends back necessary everything to complete the exchange. Finally the creator
confirms the exchange.
Slide 46

Step 3: IKE Phase 2:

Step 3: IKE Phase 2:

1) The purpose of IKE Phase 2 is to agree the IPSec security parameters used to secure IPSec
tunnel.
2) IKE Phase 2 implements the following functions:
Agree the IPSec security parameters, and IPSec transform sets.
Establish IPSec Security Associations.
Periodically renegotiate IPSec SAs to ensure the security of the tunnel.
Implement an additional DH exchange (whereas the SA and the new key are generated
increasing the security of the tunnel).
Slide 47

Step 4 – Encrypted tunnel of IPSec

Step 4 – Encrypted tunnel of IPSec

After IKE Phase 2 was completed and quick mode has established IPSec SA security associations,
capacity between Host A and Host B shall exchange through a secure tunnel. Capacity is
encrypted and decrypted according to the algorithm specified in the IPSec SA.
Slide 48

Step 5: Ending the tunnel

Step 5: Ending the tunnel

The IPSec SA Security Associations are ended when deleted or expired. An SA expires when the
time shown that it has expired or a certain number of certain bytes transmitted through the
tunnel. When the SA ends, the keys are canceled. Then, the new IPSec SA needs establish, a
new IKE Phase 2 will be made, and if necessary will agree a new IKE Phase 1. A successful
agreement will create SA and new key. The new SA is established before the expiry of the old SA
to ensure the continuity of the flow of information.
Slide 49

Routing protocol of the 4th, layer : SSL

For 4th layer, we have SSl protocol

Slide 50

Why do use SSL?:

Today, the security of information is an important factor to decide the survival of an

organization, a company or a business.

The transmission of sensitive information on the internet is not secure because:

- You cannot always be sure that you are exchanging information with right object.
- Packet can be blocked, so the data can be read furtively by 3rd object, commonly
known as the attacker.
- If the attacker can block data, the attacker can modify the data before sending it to
the receiver

50

1) With the rapid development of technology has brought many benefits to users, but also
poses an urgent need for confidentiality and security. And SSL is currently the best solution to
meet those needs, and it is regarded as "the last shield" in the security of electronic commerce.

2) SSL solves the above problems. SSL solves the first problem by allowing one option, each
exchange party can be sure of the identity of the partners in one process called authentication.
Once the parties are authenticated, SSL provides one encrypted connection between two
parties to transmit securely messages. The encryption during the process of information
exchange between two sides provides the privacy, so it solves the second problem. Encryption
algorithm used with SSL including the encryption hash functions include similar to 1 checksum.
It ensures that data is not changed during transmission. Encryption hash function solves the 3 rd
problem, and the integrity of data. Please pay attention that, both authentication and
encryption are optional, and depend on the cipher suites (encoders) negotiated between two
objects.
Slide 51

SSL/TLS
 TLS (Transport Layer Security ) and SSL are 2 protocols providing the
ability to security for data on the transmission
• SSL is a previous version of TLS. More specifically, SSL 3.0 is the basis of TLS
1.0, and therefore, occasionally known as SSL 3.1.
 TLS 1.0 is safer than its previous version - SSL 3.0 - negligible. However, later
versions of TLS - 1.1 and 1.2 are a lot safer, and have overcome many
loopholes in SSL 3.0 and TLS 1.0.

Relationship of SSL and TLS

TLS (Transport Layer Security) and SSL are 2 protocols providing the ability to encryption and
authentication between the application and the server in case the data is passed through an
insecure network environment. SSL and TLS terms are often used interchangeably each other or
used together (SSL/TLS), but in fact, SSL is a previous version of TLS. More specifically, SSL 3.0 is
the basis of TLS 1.0, and therefore, occasionally known as SSL 3.1.
TLS 1.0 is safer than its previous version - SSL 3.0 - negligible. However, later versions of TLS - 1.1
and 1.2 are a lot safer, and have overcome many loopholes in SSL 3.0 and TLS 1.0.
Slide 52

Kiến trúc SSL

SSL Change
SSL Handshake
Cypher SSL Aler Protocol HTTP
Protocol
Spec Protocol

SSL Recore Protocol

TCP

IP

This is Structure of SSL:

Slide 53

SSL HandsShake Protocol

53

The first is: SSL HandsShake Protocol

Slide 54

Giai đoạn 1 – Thiết lập khả năng bảo mật

Client Server

Client Hello

( SSL Version, Session ID,CipherSuite,

Compression Method,etc )

Server Hello
( SSL Version, Session ID,CipherSuite,
Compression Method,etc )

Stage 1 - Setting up security capabilities:

1) This phase is used to initiate a logical connection and set security capabilities which will link
to it. The exchange is initiated by the client by sending a client_hello message with the following
parameters:
Version: The last version SSL which the client knows.
Session ID: The length of a session ID can change. Other session ID = 0 means that the client
wants to update the parameters of an existing connection or create a new connection on this
session. SessionID = 0 indicates that the client wants to establish a new connection on a new
session
CipherSuite: Here is one list that contains the translation of the encryption algorithms
supported by the client, refer to under the descending order. Each element in the list (each
encoder) defines both a exchange key and a CipherSpec
Compression Method: Here is a list of the compressed methods that the client supports.
2) After sending the client_ hello message, the client waits for receiving the server_hello
message that contains the same parameter with the client_hello message. For server_hello
message, attached agreements are applied. Version field containing the lower version is
recommended by the client. If the SessionID field of the client is different from 0, the same
value shall used by the server, in contrary, the SessionID field of server contains the value of a
new session. CipherSuite field containing the encoder is selected by the server from the client's
proposal. Compression field containing compressed method is selected by the server from the
client's proposal.
3) Common key exchange method:
RSA: Private key is encrypted with RSA public key of the receiver. A public-key certificate for the
receiver’s key must be made available.
Fixed Diffie-Hellman: Here is the Diffie-Hellman key exchange in the certificate of server
containing the public parameters of Diffie-Hellman signed by the Certificate Authority (CA). This
means public key certificate contains the Diffie-Hellman public key parameters. Client contains
available such Diffie-Hellman public key parameters in the certificate if client authentication is
required, or in a message of key exchange. This method results in a fixed private key between
two points, based on DiffieHellman calculations, using the fixed public key.
Ephemeral Diffie-Hellman: The method used to generate „ephemeral‟ key (temporary, 1 time) -
temporary key. In this case, Diffie-Hellman public key are exchanged, signed to use the private
key of RSA or DSS of sender. Receiver can use the corresponding public key to verify the
signature. Certificate is used to authenticate the public key. This is the the most guaranteed
among three Diffie-Hellman choices because it is the result of temporary and authentication key
Slide 55

Giai đoạn 2 – Xác thực server và trao đổi

khóa
Client Server
Client Hello Server Hello
( SSL Version, Session ID,CipherSuite,
Compression Method,etc )

( SSL Version, Session ID,CipherSuite,

Compression Method,etc )
Certificate
Certificate
Request
Server Key
Exchange

Server Hello
Done

Stage 2 – Authentication of server and key exchange

1) Certificate: The server sends 01 certificate or 01 certificate chain to the client. On basis, 1
certificate chain can only start with the public key certificate of the server, and end with an
original certificate from the competent authority. This message is optional, but it is used
whenever in case the authentication of server is required.
2) Certificate request: if the server needs to authenticate the client, it shall send a request to
the client for purpose of certificate consideration. Among internet applications, this message is
rarely sent.
3) Server key exchange: server can send a message of the Server Key Exchange to the client. If it
is not certified, a certificate which can be used only to verify the digital signatures or using key
exchange algorithm based on token Foritezza (KEA). Obviously, this notice is not required if the
site certificate includes a certified RSA public key that can be used in the encryption. In addition,
a non-anonymous server can optionally request a personal certificate to authenticate the client.
Therefore, it sends a CertificateRequest notice to the client. This notice contains a list of
certificates required that is classified in order of priority of the server, and a list of the
distinguished name to the acceptable CA.
4) Server Hello Done: server tells the client that it completed the initial negotiation message.
Slide 56

Giai đoạn 3 – Xác thực Client và trao đổi khóa

Client Server
Certificate

Client Key
Exchange

Certificate
Verify

Change
cipher spec
Finished
Change
cipher spec

Finished

Stage 3 - Client authentication and key exchange

1) Certificate: Client will verify whether the server provided a valid certificate, if requested and
check whether the parameters of server_hello were accepted. In case of satisfaction, the client
shall return a message or more to server. If the server requires a certificate, the client begins
this phase by sending one certificate message. If there has no any a valid certificate, the client
sends a alternative no_certificate warning.
2) Client Key Exchange: client sends a Client Key Exchange notice that its form depends on the
algorithm to each key selected by the server:
If RSA is used for verifying the server and exchanging key, the client shall create a main key of 48
byte, encrypting it with the public key that is found in the site certificate or temporary RSA key
from Key Exchange Server notice and send the results back to the server in the Client Key
Exchange notice. In turn, the server uses the corresponding private key to decrypt the private
key.
If the token Fortezza is used for exchanging key, the client derives token encryption key (TEK) by
using KEA. KEA of the client uses the public key from the server certificate with individual
parameters in the client's token. The client sends the general parameters that are necessary for
the server to create TEK, using its own parameters. It generates a private key, covers it by using
the TEK and sends the results with some initialized vectors to the server as part of the Client Key
Exchange notice. In turn, the server can decrypt the private key in an appropriate manner. This
key exchange algorithm is not widely used.
3) Certificate verify: This message is sent when the client submits certificate as stated above. Its
goal is to enable the server to complete the client authentication process. When this message is
used, the client sends information with digital signature created by using encryption hash
function. When the server decrypts this information with the public key of the client, the server
can authenticate the client.
4) Finally, the client completes by sending a Change CipherSpec notice and a respective Finished
notice to the server. The Finished notice is always sent immediately after the CipherSpec
Change notice to confirm that the process of key exchange and authentication was successful. In
fact, the Finished notice is the first notice which is protected by the negotiated algorithm and
the session key. It can only be created and verified if these keys are installed properly on both
sides. It does not require the acknowledgment of Finished notice; the side can start sending
encrypted immediately data after sending the Finished notice. The implementation of SSL
Handshake Protocol is completed by requiring the server sends a CipherSpec Change notice and
a respective Finished notice to the client.

After the setting up of SSL is complete, a secure connection is established between the client
and server. This connection can now be used for sending the application data which is covered
by the SSL Record Protocol.
Slide 57

SSL Change Cypher Spec Protocol

- SSL Change Cipher Spec Protocol is the simplest protocol of

the three characterized protocols of the SSL that uses SSL
Record Protocol. This protocol consists of a single message 1
byte with value as 1.
- The main purpose of this message aims to generate the next
state to assign to the current state, and the current state
update the encoder to use on this connection.

57

The next, SSL Change Cipher Spec Protocol in SSL:

SSL Change Cipher Spec Protocol is the simplest protocol of the three characterized protocols of
the SSL that uses SSL Record Protocol. This protocol consists of a single message 1 byte with
value as 1.
The main purpose of this message aims to generate the next state to assign to the current state,
and the current state update the encoder to use on this connection.
Slide 58

SSL Aler Protocol

- The Alert SSL protocol is used to transmit the warning associated
with the terminal of other side. Like other applications using
SSL, alert messages compressed and encrypted are indicated by
the current state.
- Each message in this protocol consists of 2 bytes. The first byte
keeps warning value (1) or danger (2) to notify the strict of the
message.
- In case of danger, SSL disables immediately connection. The
connection with other sessions may still continue but this
session shall not create further any other connection. The
second byte contains a code indicating characterized warning.

58

The next, the SSL Alert Protocol in SSL:

The Alert SSL protocol is used to transmit the warning associated with the terminal of other
side. Like other applications using SSL, alert messages compressed and encrypted are indicated
by the current state.
Each message in this protocol consists of 2 bytes. The first byte keeps warning value (1) or
danger (2) to notify the strict of the message.
In case of danger, SSL disables immediately connection. The connection with other sessions may
still continue but this session shall not create further any other connection. The second byte
contains a code indicating characterized warning.
1) Dangerous message:
unexpected_message: inappropriate message.
bad_record_mac: incorrect MAC.
decompression_failure: extracting receives inappropriate input (eg be able to extract larger than
maximum length allowed).
handshake_failure: sender cannot negotiate an acceptable set of security parameters given the
options available.
illegal_parameter: a field in a handshake message is beyond the range or inconsistent with
other fields
2) The rest of the warning is as follows:
close_notify: notify to the receiver that the sender will not send any more messages in this
connection. Each group is required to send a close_notify to warn before ending the section of a
connection.
no_certificate: can be sent to response for a certificate request if there has no any appropriate
certificate available.
bad_certificate: The received certificate is not valid (eg containing a unverified signature).
unsupported_certificate: certificate type received is not supported.
certificate_revoked: certificate has been revoked by the supplier.
certificate_expired: registration of certificate has expired.
certificate_unknown: some unknown problems arising during the settlement of the certificate
makes it unacceptable
Slide 59

SSL Recore Protocol

SSL Record Protocol provides two services for SSL connection:

- Confidentiality: Handshake Protocol defines 1 shared private key, this key is used to
encrypt the SSL data convention.
- Message integrity: Handshake Protocol also defines 1 shared secret key, this key is
used to form the MAC (message authentication code).

SSL Record Protocol:

SSL Record Protocol provides two services for SSL connection:
Confidentiality: Handshake Protocol defines 1 shared private key, this key is used to encrypt the
SSL data convention.
Message integrity: Handshake Protocol also defines 1 shared secret key, this key is used to form
the MAC (message authentication code).
Slide 60

Operation of SSL Record Protocol

Applied data

Divide layer

Compression

Add MAC

Mã hóa

Gắn SSL Record header:

Finally, the activity of the SSL Record Protocol:

Figure shows the entire operatiDion of the SSL Record Protocol. SSL Record Protocol receives
one application message that is about to be transmitted, divides data into many blocks,
compresses optional data, apply to MAC, encrypt, add to the header, and transfer results
obtained in a TCP segment. Received data is decrypted, checked, extracted, rearranged and
distributed to users at higher layers.
The first step is the fragmentation. Each message of upper layer is fragmented into blocks, each
block is 2 ^ 14 bytes (16384 bytes) or less.
2) Next, the compression is applied optionally. The compression is no loss of information and
does not makes the length of the content become more than 1024 bytes (of course, it is
desirable to compress data rather than expand data. However, with short block may, by
convention format, compression algorithms actually make output longer than input)> In SSLv3
(as well as the current version of TLS), no compression algorithm is specified, so the
compression algorithm is defaulted as null.
3) The next processing step is the calculation of MAC (message authentication code) on the
compressed data. To implement this process, we need to use 1 shared secret key.
4) The final step of SSL Record Protocol processing is addition of a header, including the
following items:
Content Type (8 bit): upper layer protocol is used to handle attached fragmentation.
Major Version (8 bit): indicates the maximum SSL version used. For example, SSLv3, this value is
3.
Minor Version (8 bit) : indicates the minimum version used. For example, SSLv3, this value is 0.
Compressed Length (16 bit) : length in bytes of plaintext fragmentation (or length in bytes of
compressed fragmentation if compression is used) The largest values is 2 ^ 14 + 2048.
Slide 61

SSL Application: Security Solutions for

Web site
Upon implementing SSL, there are two types of certificates that can be
used are:
• Certificates for Web server.
• Certificates for Web client.

 Select provider certificate SSL for Web server

• A private CA is built to grant certificate to internal Web server
• A commercial CA is selected to grant certificate to Web server of
organizations

61

SSL Application: Security Solutions for Web site

Upon implementing SSL, there are two types of certificates that can be used are:
Certificates for Web servers: If a Web server wants to apply the SSL, it must have this certificate
type. It is used to encrypt the pre-master key that the Web client sent to the Web server and
help to verify the identity of the Web server, so that the Web client can believe that that is not
the fake Web server drawn up by attacker. Certificate of Web server must include Server
Authentication OID in extension the Enhanced Key Usage.
Certificates for Web client: If when a Website requires user who connects to such Website must
be authenticated, the Web client can use this type of certificate. Although the SSL connection
does not force it, it helps to increase the security of Web server in case authenticated users are
(their Web client has been installed this type of certificate) connected to it. The certificate of
Web client must include the Client Authentication OID in the extension Enhanced Key Usage.
Select those who grants SSL certificate to the Web server
Normally, a private CA is built to grant the certificate to the internal Web server in case:
Organizations must comply with security policies and certificate policies as they set out.
Meanwhile, a certificate issued by a commercial CA (such as Verisign) requires organizations to
follow set of instructions in CPS of such CA.
Organizations want to reduce the cost of buying a certificate from the commercial CA because
the Web server needs only to accept connections from the reliable employees and the other
partners are enough. In this case, the required employees and partners must believe and install
of the organization’s CA certificates.
Normally, a commercial CA selected to grant the certificate to the organization's Web server in
case:
Organizations do not want to implement a PKI infrastructure internally to reduce costs for the
design, implementation and management of CA and certificates.
Organizations use website to sell goods and provide services through the Internet to many
different customers, and the commercial CA has been trusted certainly by most of Web client.
Therefore, this gives the convenience and security of electronic transactions.
Organizations want to implement an EV certificate (Extended Validation), so that the Web
browser's address bar will change into the green and the name of the organization shall appear
in the left. This implies that the commercial CA spent more resources and time to verify that
those who own the SSL certificate of website is exactly representative of the organization.
Therefore, EV certificate is always more expensive than the normal certificates.
Slide 62

Routing protocol of the 7th layer:

HTTPS

Finally, the application layer protocol of 7th layer protocol: HTTPS

Slide 63

Characteristics of HTTPS:

• HTTPS stands for "Hypertext Transfer Protocol Secure". It is a combination

of HTTP protocol and SSL security protocol or TLS protocol that allows
exchanging information securely on the Internet. HTTPS protocol is often
used in sensitive transactions that need high security.
• Operate in port 443

Characteristics of HTTPS:
HTTPS stands for "Hypertext Transfer Protocol Secure". It is a combination of HTTP protocol and
SSL security protocol or TLS protocol that allows exchanging information securely on the
Internet. HTTPS protocol is often used in sensitive transactions that need high security.
Operate in port 443
Supply of service must ensure the following elements:
Confidentiality: use encryption method to ensure that messages exchanged between the client
and server are not read by others.
Integrity: use hashing method, so that both client and server can believe that message received
by them is not lost or amended.
Authenticity: use digital certificates to help the client can trust that server/website being visited
by them is the server/website that they want to visit, and not been tampered with.
Slide 64

Operation of Client-Server via HTTPS

Operation of Client-Server via HTTPS

Slide 65

Modes of operation:

Client Server
Client Send Request
URL với https://
Send Certificate

Client Send Cer of CA

Server to CA

Send Symmetic
key

Modes of operation:
1. The client sends a request to a secure page (URL begins with https: //)
2. Server shall return its certificate to the client.
3. Client sends this certificate to the CA (which is recorded on the certificate) to verify.
Assuming that the certificate has been authenticated and still is valid or the client access
intentionally, although Web browser warned the client not to trust this certificate (because the
form is the self-signed SSL certificate or certificate expires, information of the certificate is not
true ...), then, the following step 4 shall happens.
4. Client generates itself any symmetric encryption key, and then use the public key (of the
certificate) to encrypt this symmetric key and send to the server.
5. Server uses the private key (corresponding to the public key in the above certificate) to
decrypt the above symmetric key.
6. Then, both server and client use this symmetric key to encrypt/decrypt messages during the
communication session.
And of course, the symmetric key is randomly generated and may be different in each session
with the server. Other than encryption, hashing mode will be used to ensure the Integrity of
messages exchanged.