2.3 Privacy and Integrity

Next, we'll review some concepts that are integral to keeping communications on computer networks secure. In particular, we will discuss the roles of encryption and message-integrity algorithms. The distinction between encryption and message-integrity is important, as we'll see later in the discussion of Kerberos encryption types. Those familiar with encryption and message integrity can skip to the next section, which describes the Kerberos-specific terminology.

2.3.1 Encryption

The modern word cryptography is derived from two ancient Greek words, cryptos, which means hidden or secret, and graphein, or writing. Kerberos uses cryptography to provide encryption and decryption of its messages over the network. Therefore, encryption refers to the process of converting a message, or plaintext, into gibberish, which if intercepted, does not reveal the contents of the original message. Governments and corporations have long employed encryption to keep their information secure from prying eyes. The emergence of the Internet, where any network administrator can monitor and read traffic on her network and any traffic passing through her network, has forced software makers to build encryption into every day software programs. Kerberos uses encryption not only to protect the authentication exchanges it sends and receives from snoopers, but also to prevent hackers from creating fake messages.

There are many different ways of encrypting data. These methods are referred to as encryption algorithms, or in Kerberos-speak, encryption types. There are several different encryption types that are supported in Kerberos 5 implementations. The most widely supported encryption type is DES, but work is underway to replace it with Triple DES and the new Advanced Encryption Standard (AES). Another widely used encryption type is the RC4 algorithm, which is used primarily in Microsoft's implementation of Kerberos.

The advantage of moving to stronger encryption algorithms is protection against brute-force cryptanalysis. We'll take a look in more detail about brute-force attacks against the encryption algorithms in Kerberos in Chapter 6.

2.3.2 Message Integrity

While encryption provides privacy, message integrity ensures the recipient that the message was not tampered with during transit. While encryption as it is used in Kerberos gives you message integrity for "free," since only the two end points have the required key to encrypt and decrypt messages, there are specialized message-integrity algorithms that can ensure message integrity without the overhead of encryption. You will see message-integrity algorithms referred to as one-way hashes, or just hashes.

Hashes work as mathematical one-way functions. They take an input message that is arbitrarily long, run it through a mathematical algorithm, and output a fixed size (typically 64-256 bits) message that represents the input. The idea behind the hash function is that while it is easy to calculate the hash output for a given input, it is mathematically hard to go the opposite way and derive an input that produces the same output, hence their "one-way" nature.

A trivial example of a hash function is to add all of the byte values of a message together, and take the sum modulus a maximum number—say, 1024. It is not possible to reconstruct the original input stream from this sum. Another property of a hash algorithm is its cryptographic strength, or the ability for attackers to craft input designed to produce a given hash value. Since the hash value (in this case, the sum of the bytes of the message mod 1024) contains less data than the input stream (this simple example only provides 1025 possible hash values), there are many inputs that will produce a given hash value. These are called collisions, and cryptographically-secure hash algorithms aim to reduce the chance that an attacker can find two inputs that hash to the same value.

Just like there are different encryption algorithms, there are several different message-integrity algorithms commonly used in Kerberos. Ranging from weaker to stronger, the message-integrity algorithms included in the MIT Kerberos distribution include CRC-32, MD5, and the Secure Hash Algorithm (SHA1).