1 00:00:00,370 --> 00:00:03,310 In network security, integrity is usually provided through 2 00:00:03,310 --> 00:00:05,390 the use of a hashing function. 3 00:00:05,390 --> 00:00:07,820 Hashing is a one-way cryptographic function 4 00:00:07,820 --> 00:00:09,410 which takes an input and produces 5 00:00:09,410 --> 00:00:12,190 a unique message digest as its output. 6 00:00:12,190 --> 00:00:14,440 Because this function is one-way, there's no way 7 00:00:14,440 --> 00:00:17,520 to determine the original message based on the message hash 8 00:00:17,520 --> 00:00:19,600 or hash digest it's outputted. 9 00:00:19,600 --> 00:00:22,570 The resulting message digest acts like a digital fingerprint 10 00:00:22,570 --> 00:00:24,400 for the original file. 11 00:00:24,400 --> 00:00:26,540 Another unique thing about a hash digest 12 00:00:26,540 --> 00:00:28,400 is that they are always the same length, 13 00:00:28,400 --> 00:00:30,560 regardless of how long your input is. 14 00:00:30,560 --> 00:00:32,660 Whether I input a file containing one word 15 00:00:32,660 --> 00:00:34,500 or a file containing millions of words, 16 00:00:34,500 --> 00:00:36,800 the output will always be the same length based 17 00:00:36,800 --> 00:00:38,400 on the hashing algorithm chosen. 18 00:00:38,400 --> 00:00:42,010 By far, the most commonly-used algorithm is MD5. 19 00:00:42,010 --> 00:00:45,630 The MD5 algorithm creates a 128-bit hash value 20 00:00:45,630 --> 00:00:47,510 that is unique to the input file. 21 00:00:47,510 --> 00:00:49,890 Unfortunately, because the hash value outputted 22 00:00:49,890 --> 00:00:52,870 is only 128 bits long, it can create only 23 00:00:52,870 --> 00:00:55,390 a limited number of unique values, and this can lead 24 00:00:55,390 --> 00:00:59,410 to two files having the exact same resulting hash digest. 25 00:00:59,410 --> 00:01:02,580 When this occurs, this is known as a collision. 26 00:01:02,580 --> 00:01:05,300 Due to the limited number of unique hash values associated 27 00:01:05,300 --> 00:01:07,520 with MD5, a newer algorithm called 28 00:01:07,520 --> 00:01:11,300 the Secure Hash Algorithm, or SHA, was created. 29 00:01:11,300 --> 00:01:15,140 SHA-1, for example, creates a 160-bit hash digest, 30 00:01:15,140 --> 00:01:16,770 which significantly reduces the number 31 00:01:16,770 --> 00:01:18,180 of collisions that occurred. 32 00:01:18,180 --> 00:01:20,010 SHA-2 is a family of hash functions 33 00:01:20,010 --> 00:01:22,280 that contains longer hash digests. 34 00:01:22,280 --> 00:01:26,940 This includes the SHA-224, SHA-256, SHA-348, 35 00:01:26,940 --> 00:01:30,270 and SHA-512 hash functions, each of which has 36 00:01:30,270 --> 00:01:34,830 a digest between 224 bits up to 512 bits. 37 00:01:34,830 --> 00:01:36,840 Each version of SHA performs a different number 38 00:01:36,840 --> 00:01:39,370 of rounds of mathematical computations to create 39 00:01:39,370 --> 00:01:42,880 the hash digest, anywhere from 64 to 80 rounds, 40 00:01:42,880 --> 00:01:45,180 but you don't need to know the specific number of rounds 41 00:01:45,180 --> 00:01:47,590 for each version of SHA on the exam. 42 00:01:47,590 --> 00:01:50,140 SHA-3 is the newest family of hash functions, 43 00:01:50,140 --> 00:01:54,610 and its hash digest can go between 224 bits and 512 bits, 44 00:01:54,610 --> 00:01:56,150 just like SHA-2. 45 00:01:56,150 --> 00:01:58,520 The major increase in security, though, with SHA-3, 46 00:01:58,520 --> 00:02:01,300 is that it uses 120 rounds of computations 47 00:02:01,300 --> 00:02:04,430 to create its message digest for each unique file. 48 00:02:04,430 --> 00:02:06,530 Now, there are other hash functions available 49 00:02:06,530 --> 00:02:08,710 that you may come across in your daily work. 50 00:02:08,710 --> 00:02:11,827 These include things like RIPEMD and HMAC. 51 00:02:11,827 --> 00:02:14,240 RIPEMD is the RACE Integrity Primitive 52 00:02:14,240 --> 00:02:16,220 Evaluation Message Digest. 53 00:02:16,220 --> 00:02:21,200 It comes in 160-bit, 256-bit, and 320-bit versions. 54 00:02:21,200 --> 00:02:23,410 But the 160-bit version is by far 55 00:02:23,410 --> 00:02:24,860 the most common among these. 56 00:02:24,860 --> 00:02:29,680 It's written as RIPEMD-160 and it's an open-source hashing 57 00:02:29,680 --> 00:02:32,380 algorithm created as a competitor to the SHA family, 58 00:02:32,380 --> 00:02:34,050 but it hasn't really gained the same level 59 00:02:34,050 --> 00:02:35,830 of popularity that SHA has. 60 00:02:35,830 --> 00:02:38,760 Another hashing algorithm is known as the HMAC, 61 00:02:38,760 --> 00:02:41,670 or Hash-based Message Authentication Code. 62 00:02:41,670 --> 00:02:43,810 This is used to check the integrity of a message 63 00:02:43,810 --> 00:02:45,660 and provide some level of assurance 64 00:02:45,660 --> 00:02:47,620 that its authenticity is real. 65 00:02:47,620 --> 00:02:50,530 HMAC actually uses other hashing algorithms to do the work, 66 00:02:50,530 --> 00:02:53,810 though, and it's called something like the HMAC-MD5, 67 00:02:53,810 --> 00:02:57,020 the HMAC-SHA1, or the HMAC-SHA256, 68 00:02:57,020 --> 00:02:59,470 depending on the underlying hash being used. 69 00:02:59,470 --> 00:03:02,060 We already briefly spoke about collisions with hashes, 70 00:03:02,060 --> 00:03:04,240 and while they're uncommon, they are something 71 00:03:04,240 --> 00:03:05,900 that we have to be concerned with. 72 00:03:05,900 --> 00:03:07,690 To prevent a collision from being used to spoof 73 00:03:07,690 --> 00:03:09,590 the integrity of a file or message, 74 00:03:09,590 --> 00:03:12,460 many professionals have turned to digital signatures. 75 00:03:12,460 --> 00:03:14,930 A digital signature's created by hashing a file 76 00:03:14,930 --> 00:03:17,110 and then taking that resulting hash digest 77 00:03:17,110 --> 00:03:19,060 and encrypting it with a private key. 78 00:03:19,060 --> 00:03:22,170 So, if I was going to send an email that is a couple pages long 79 00:03:22,170 --> 00:03:24,530 and I wanted to digitally sign it to make sure you know 80 00:03:24,530 --> 00:03:27,030 that nothing was changed inside that email, 81 00:03:27,030 --> 00:03:28,610 I can run that email message through 82 00:03:28,610 --> 00:03:30,870 a hashing algorithm, like SHA-1. 83 00:03:30,870 --> 00:03:33,850 Then, I take that resulting 160-bit hash 84 00:03:33,850 --> 00:03:36,040 and I encrypt it using my private key. 85 00:03:36,040 --> 00:03:38,180 When I send the email to you, I'm going to attach 86 00:03:38,180 --> 00:03:40,670 the resulting encrypted hash with it as well, 87 00:03:40,670 --> 00:03:42,640 and this is going to prove the integrity of the message 88 00:03:42,640 --> 00:03:44,630 and create non-repudiation. 89 00:03:44,630 --> 00:03:47,400 When your system receives the email, it'll then decrypt 90 00:03:47,400 --> 00:03:49,760 the digital signature using my public key, 91 00:03:49,760 --> 00:03:50,700 which is going to provide you with 92 00:03:50,700 --> 00:03:53,500 that original 160-bit hash digest. 93 00:03:53,500 --> 00:03:55,950 Your system then takes my multiple-page email, 94 00:03:55,950 --> 00:03:57,580 runs it through the SHA-1 algorithm, 95 00:03:57,580 --> 00:04:00,450 and compares your message digest that you calculated 96 00:04:00,450 --> 00:04:03,290 with the one that I sent as part of my digital signature. 97 00:04:03,290 --> 00:04:05,750 If those two things match, then you can be assured 98 00:04:05,750 --> 00:04:08,930 that the email was not modified in-transit between my system 99 00:04:08,930 --> 00:04:12,200 and yours, and this provides us with that integrity check. 100 00:04:12,200 --> 00:04:15,070 Now, since I also encrypted my SHA-1 digest 101 00:04:15,070 --> 00:04:18,000 with my private key, and only I have my private key, 102 00:04:18,000 --> 00:04:20,560 this also assures you that the person who sent the message 103 00:04:20,560 --> 00:04:23,230 is the only person who could've sent you the message. 104 00:04:23,230 --> 00:04:26,050 This provide us with the non-repudiation on the email. 105 00:04:26,050 --> 00:04:28,020 This non-repudiation means I can't claim 106 00:04:28,020 --> 00:04:29,910 that I didn't send the email to you because I'm 107 00:04:29,910 --> 00:04:32,280 the only one who could have because I'm the only person 108 00:04:32,280 --> 00:04:34,160 who has my private key. 109 00:04:34,160 --> 00:04:36,030 For digital signatures to be utilized, 110 00:04:36,030 --> 00:04:39,400 you should use either the Digital Security Algorithm, DSA, 111 00:04:39,400 --> 00:04:42,280 the Rivest-Shamir-Adleman cipher, RSA, 112 00:04:42,280 --> 00:04:46,750 or the Ecliptic Curve Cryptography version of DSA or SHA. 113 00:04:46,750 --> 00:04:48,530 The federal government has decided to use 114 00:04:48,530 --> 00:04:51,160 the Digital Security Standard, called DSS, 115 00:04:51,160 --> 00:04:55,760 which relies upon a 160-bit message digest created by DSA. 116 00:04:55,760 --> 00:04:58,840 Now, most commercial entities rely upon the RSA standard, 117 00:04:58,840 --> 00:05:00,750 though, because it's faster and can be used 118 00:05:00,750 --> 00:05:04,160 for digital signatures, encryption, and key distribution. 119 00:05:04,160 --> 00:05:07,520 Digital signatures have been expanded beyond just email too. 120 00:05:07,520 --> 00:05:10,580 Code signing of our files relies upon the digital signature 121 00:05:10,580 --> 00:05:12,550 for a program or file. 122 00:05:12,550 --> 00:05:15,070 For example, if I created a mobile app and I wanted 123 00:05:15,070 --> 00:05:17,610 to put it into the app store like Google Play 124 00:05:17,610 --> 00:05:20,300 or the Apple App Store, the installer file would have 125 00:05:20,300 --> 00:05:23,520 to be digitally signed and that is called code signed. 126 00:05:23,520 --> 00:05:25,890 Every developer must register with Apple or Google 127 00:05:25,890 --> 00:05:27,860 and they receive a private key. 128 00:05:27,860 --> 00:05:30,200 Just as in the email example I provided earlier, 129 00:05:30,200 --> 00:05:32,480 the application file is hashed and that hash 130 00:05:32,480 --> 00:05:35,220 is encrypted using the developer's private key. 131 00:05:35,220 --> 00:05:37,520 This is known as code signing and ensures 132 00:05:37,520 --> 00:05:39,230 that the installer hasn't been modified 133 00:05:39,230 --> 00:05:42,010 or corrupted since that developer published it. 134 00:05:42,010 --> 00:05:44,250 Now, I know I covered a lot already, 135 00:05:44,250 --> 00:05:46,770 but there are three more hashes that we have to discuss, 136 00:05:46,770 --> 00:05:49,720 and these are all focused around passwords. 137 00:05:49,720 --> 00:05:52,720 In a Windows machine, passwords aren't stored in cleartext, 138 00:05:52,720 --> 00:05:55,270 and they're not even stored in an encrypted format. 139 00:05:55,270 --> 00:05:57,920 No, they're actually stored as hashes. 140 00:05:57,920 --> 00:06:00,290 The original version of this was known as LANMAN, 141 00:06:00,290 --> 00:06:04,020 or the LAN Manager hash, or simply the LM hash. 142 00:06:04,020 --> 00:06:06,830 This was created all the way back in the late 1980s, 143 00:06:06,830 --> 00:06:09,830 even before Windows and T-servers roamed the Earth. 144 00:06:09,830 --> 00:06:12,090 This hash was based on the DES algorithm 145 00:06:12,090 --> 00:06:14,430 and was limited to 14 characters. 146 00:06:14,430 --> 00:06:16,780 Not only is this weak because it used DES, 147 00:06:16,780 --> 00:06:18,610 but it's even worse because Microsoft had 148 00:06:18,610 --> 00:06:21,770 the password broken into two seven-character chunks first 149 00:06:21,770 --> 00:06:23,860 and then one of those was converted to uppercase 150 00:06:23,860 --> 00:06:25,740 and then it was run through the encryption algorithm 151 00:06:25,740 --> 00:06:27,110 to create the hash. 152 00:06:27,110 --> 00:06:29,210 This reduced the number of possible combinations 153 00:06:29,210 --> 00:06:32,220 and lead to decreased security in the LM hash. 154 00:06:32,220 --> 00:06:34,690 Because of this, you should always disable the LM hash 155 00:06:34,690 --> 00:06:38,610 on your modern Windows OS and, by default, it is disabled. 156 00:06:38,610 --> 00:06:40,710 You should leave it that way unless you have some really, 157 00:06:40,710 --> 00:06:43,200 really good reason for allowing it to be used. 158 00:06:43,200 --> 00:06:45,890 To replace the LANMAN hashes, Microsoft created 159 00:06:45,890 --> 00:06:48,460 a replacement known as the NTLM hash, 160 00:06:48,460 --> 00:06:50,910 or NT LAN Manager hash. 161 00:06:50,910 --> 00:06:54,010 This was created to replace the LM hash once NT servers 162 00:06:54,010 --> 00:06:56,370 became popular in the early 1990s, 163 00:06:56,370 --> 00:07:00,920 and it first shipped in 1993, beginning with NT 3.1. 164 00:07:00,920 --> 00:07:02,990 That shows you how old this is. 165 00:07:02,990 --> 00:07:07,280 The NTLM used RC4 instead of DES for the way it created 166 00:07:07,280 --> 00:07:10,990 its hash, so again, something stronger is definitely needed. 167 00:07:10,990 --> 00:07:13,740 On modern Windows machines, like the LM hash, 168 00:07:13,740 --> 00:07:16,580 NTLM is disabled by default. 169 00:07:16,580 --> 00:07:19,600 The final and newest version of password hashing for Windows 170 00:07:19,600 --> 00:07:22,390 is known as NTLM version two. 171 00:07:22,390 --> 00:07:25,050 It relies on the HMAC-MD5 hash, 172 00:07:25,050 --> 00:07:27,790 and is therefore a little bit more difficult to crack. 173 00:07:27,790 --> 00:07:30,690 It's been around since Windows NT version four, 174 00:07:30,690 --> 00:07:32,900 but it's still used by any Windows machines 175 00:07:32,900 --> 00:07:35,620 that don't rely on Kerberos for authentication. 176 00:07:35,620 --> 00:07:38,230 If you're using Kerberos, such as in a domain environment, 177 00:07:38,230 --> 00:07:41,240 then NTLM version two is simply not used. 178 00:07:41,240 --> 00:07:44,740 Now, I know we covered a lot of information about hashes. 179 00:07:44,740 --> 00:07:47,320 For the Security Plus exam, you should remember two 180 00:07:47,320 --> 00:07:49,260 very important things about hashes. 181 00:07:49,260 --> 00:07:52,150 First, hashing is used to ensure integrity. 182 00:07:52,150 --> 00:07:54,260 Any time you see a question that mentions integrity 183 00:07:54,260 --> 00:07:56,390 on the exam, you should instantly be thinking 184 00:07:56,390 --> 00:07:58,900 that the answer has something to do with hashing. 185 00:07:58,900 --> 00:08:01,300 So, for example, if I said Bob wants 186 00:08:01,300 --> 00:08:02,920 to send some data across the network, 187 00:08:02,920 --> 00:08:04,650 but he wants to ensure that it isn't changed 188 00:08:04,650 --> 00:08:05,770 while it's in-transit. 189 00:08:05,770 --> 00:08:07,160 What should Bob do? 190 00:08:07,160 --> 00:08:09,550 Well, the answer's going to be something to do with hashing. 191 00:08:09,550 --> 00:08:11,760 Something like digitally sign the file, 192 00:08:11,760 --> 00:08:13,620 run the file through an MD5 algorithm, 193 00:08:13,620 --> 00:08:15,240 or something like that. 194 00:08:15,240 --> 00:08:17,840 Second, remember that the two most common hashes 195 00:08:17,840 --> 00:08:21,400 in the world are MD5 and the SHA families of hashes, 196 00:08:21,400 --> 00:08:24,300 but MD5 is less secure than SHA. 197 00:08:24,300 --> 00:08:25,640 If you remember those two facts, 198 00:08:25,640 --> 00:08:27,640 you're going to do really well on the exam. 199 00:08:28,641 --> 00:08:30,959 (exciting electronic music)