98-367 Chapter Ten

Chapter 10: Enforcing Confidentiality with Encryption

Topics Covered:

  • Comparing encryption methods
  • Securing email
  • Understanding EFS
  • Exploring BitLocker Drive Encryption
Comparing Encryption Methods

Reminder: algorithm provides mathmatical formula that identifies how data is to be encrypted.
Key is a number that provides randomization for the encryption.

Two categories: symmetric and asymmetric. Also hashing.

Chapter mostly deals with software encryption.

Understanding Symmetric Encryption

Uses single key to encrypt and decrypt data, both parties must know the key and it must be kept secret. Key can be changed frequently
to prevent all data being decrypted if a key is discovered. Larger keys may never use same key twice in lifetime but small keys
might. 16 bit key has 65,536 possible keys. 40 keys has just over 1 trillion. 256 bits has 1 followed by 77 zeros possible combinations.

Common symmetric encryption algorithms:

Advanced Encryption Standard (AES): Quick and efficient, widely used
Data Encryption Standard (DES): Cracked and not recommended for use
3DES (Tripple DES): Designed to improve DES, is slower than AES
International Data Encryption Algorithm (IDEA): Very popular for short period of time, used less because AES is more efficient
Blowfish and Twofish: Strong encryption but less used because AES is far more efficient.

Exploring AES

Picked from 15 competing algorithms by NIST (National Institute of Standards and Technology). Adopted as federal government
standard in 2002. Kerberos, WPA2, Bitlocker all use AES. AES algorithm is published and available to study, so not secret by any means.
Keys used to encrypt data are kept secret. AES can use 128, 194, 256 bit keys. More bits = more possible keys

AES can be brute forced but the amount of time needed makes it not realistic

Understanding Asymmetric Encryption

Also called public key encryption, uses public and private matching keys. Keys are only useful when used by the other pair.
When one is used to encrypt the other can only be used to decrypt. Asymmetric encryption is about 1000 times slower so its great to use
to encrypt the symmetric key and send that so you get best of both worlds.

Using Certificates to Share Public Keys

Certificates are digital files that include several pieces of key data used with cryptography. Good way to share a public key.

Understanding Hashing

Message Digest 5 (MD5) is a popular hashing algorithm that creates 128 bit hashes, will always create a 128 bit hash regardless of what it is hashing.
SHA (Secure Hashing Algorithm) is also very popular and has several versions. If data not modified hash will always be the same, hashes dont use keys
and are one way meaning you cannot derive the contents of what was hashed from the hash output. Hashing important to verify integrity.
Useful for anti virus programs etc and they can compute and check hashes to see if files have changed.

Securing Email

Emails can be encrypted and signed using asymmetric encryption. Can also be used with hashing to ensure integrity and sender of the message.
Also provides non-repudiation, sender cannot deny they sent email if it was signed.

Secure/Multipurpose Internet Mail Extensions (S/MIME) is underlying standard used for most email security. Uses pub, private keys and digital signatures.

Email programs such as outlook can automate encryption/decryption. Can encrypt a key with asymmetric encryption and then encrypt rest of message contents
with encrypted symmetric key. Recipient can decrypt the key then use that key to decrypt message. Outlook can automate this.

Digitally Signing Email

Hash is calculated at the source and at the destination, then compared and if they are the same message has not changed.

Understanding EFS

GPO can be set so users cannot encrypt with EFS.

####### Encrypting and Decrypting Files with EFS

Steps:

Encrypt:

  1. EFS creates symmetric secret key, unique for each file
  2. EFS retrieves the users public key
  3. EFS encrypts the symmetric secret key with users public key
  4. Encrypted symmetric secret key is included in the header of the encrypted file

Decrypt:

  1. Encrypted symmetric key is retrieved from the file
  2. Users private key decrypts the symmetric secret key
  3. EFS decrypts the file with decrypted symmetric secret key

If password for local user is reset (not domain user) the private key associated with the account is lost. Does not occur
if user changes password, only if password is reset by an admin. Also if users private key is ever corrupted files cannot be recovered.

Understanding the Recovery Agent

EFS includes recovery procedure to mitigate risk of data loss.
By default built in administrator is the designated recovery agent (DRA) for EFS. As the DRA an admin can decrypt files.
DRA can be disabled. Have to decided if chance of data theft from DRA account is worse than potential loss of data if private key is lost.

Understanding Behavior When Files are Moved or Copied

Reminder from chapter 4:

  • If you move a file on same partition, origionally assigned permissions are retained
  • Any other time original permissions are lost and only inherited permissions apply

EFS is slightly different, one rule with EFS is that encryption always wins. If C drive is encrypted and a file
is copied or moved off it will still be encrypted. This only works if target volume is also an NTFS drive. FAT32 cant store
headers that contain keys so EFS decrypts it and stores in unencrypted format. If unauthorized user copies to FAT drive it is stored
encrypted without the header so file is impossible to decrypt.

Exploring BitLocker Drive Encryption

BitLocker to go encrypts flash drives, BitLocker encrypts entire volumes within Windows 7, Vista, Server 2008

####### Understanding BitLocker Requirements

Not available by default in Server 2008 or Server 2008 R2, can be added as a feature. BitLocker uses AES to encrypt.
BitLocker can use a Trusted Platform Module (TPM) version 1.2 or a removable storage device to lock and unlock the drive. TPM in a
chip on motherboard that checks hardware on system for suspicious modifiecations and stored and protects key used to unlock volume.
TPM checks boot files, if they pass it releases the key. TPM chip runs software that performs these checks.
Most systems dont have TPM on motherboard and if they do it is usually disabled in BIOS. Removable disk can be used to store the startup key.
Recommended to not store this drive with PC or else can just steal or use both. Can also use following methods to increase security:

  • TPM and a Personal Identification Number (PIN): Must enter PIN at boot time
  • TPM and a USB Flash Drive: USB should be removed after system is booted
  • TPM, PIN and a USB Flash Drive: Inserts USB drive on boot and also enters a PIN
Understanding Recovery Keys

Key can be stored in a file or printed. If additional keys are required just unlock drive and make a copy of recovery key.

Chapter Review Questions:

  1. Name the type of encryption that uses a single key for encryption and decryption
  2. Name the key (or keys) used by asymmetric encryption
  3. Of the following choices, which one provides the strongest symmetric encryption?
    a. RSA
    b. AES
    c. DES
    d. MD5
  4. Of the following choices, which is a one-way hashing function:
    a. RSA
    b. AES
    c. SHA-1
    d. WPA2
  5. You want to provide confidentiality for email. What should you do?
    a. Encrypt it using S/MIME
    b. Digitally Sign It
    c. Encrypt it with BitLocker
    d. Encrypt it with EFS
  6. A user encrypted a file with EFS. The user’s certificate became corrupt and the user can no longer open the file. Who is anyone, can access the file?
    a. The user, with the users password-recovery disk
    b. Ad adminstrator as a designated recovery agent
    c. The user, with a recovery key
    d. Ad administrator, with a recovery key
  7. You have moved an encrypted file from one NTFS partition to another. What is the state of the encryption attribute?
  8. Of the following choices, what does a TPM do?
    a. Secure the key for BitLocker
    b. Secures the key for AES
    c. Secures the key for RSA
    d. Ensures that the private key is publicly available
  9. True or false: You can use BitLocker to encrypt a hard drive even if the system does not have a TPM
  10. True or false: BitLocker To Go can encrypt USB flash drives

Answers:

  1. Symmetric Encryption
  2. Public and Private
  3. B
  4. C
  5. A
  6. B
  7. Still Encrypted
  8. A
  9. True
  10. True

Relevant sections of Certification Exam

Notes