Topics. Key Generation. Applying Cryptography
|
|
- Johnathan Ross
- 6 years ago
- Views:
Transcription
1 Applying Cryptography Topics 1. Key Generation 2. Randomness and Information Theory 3. PRNGs 4. Entropy Gathering 5. Key Storage 6. Cryptographic APIs Key Generation Goal: generate difficult to guess keys Given set of K potential keys, choose one randomly. Equivalent to selecting a random number between 0 and K 1 inclusive. Difficulty: generating random numbers Computer generated numbers are pseudo-random, that is, generated by an algorithm. Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin. John vonneumann 1
2 How can be measure randomness? For a fair coin flip, our uncertainty is 2 results. It could be either heads or tails. The uncertainty of 2 flips would be 2*2 = 4. Logarithmic measure of uncertainty. We feel uncertainties should add, not multiply. Measures uncertainties in bits, instead of raw #s. Uncertainty is log 2 (M), where M is # results. U = log 2 M Information The amount of information in a message is the minimal number of bits needed to encode all possible meanings. Example: day of the week (7 possibilities) Encode in 3 bits 000 Sunday to 110 Saturday, with 111 unused ASCII strings Sunday through Saturday use more bits, but don t encode more information. Information The amount of information in a message is the minimal number of bits needed to encode all possible meanings. Example: day of the week Encode in <3 bits 000 Sunday to 110 Saturday, with 111 unused ASCII strings Sunday through Saturday use more bits, but don t encode more information. In general, if N possible items, log 2 N bits needed. I = log 2 N which is the same formula as for uncertainty, so U = I. 2
3 Information and Probability If the probability of each of the N messages being sent is equal, then p = 1/N. I = log 2 1/p What does 1/p really mean? Let's see: Message: "Coin comes up heads or tails" Probability p=1 Information I = log 2 1/1 = log 2 1 = 0 Message: "Coin comes up heads" Probability p=0.5 Information I = log 2 1/0.5 = log 2 2 = 1 What if probabilities aren t equal? Given a message of N symbols, such that each symbol occurs N i times i=1..m N i = N Our average uncertainty for the string is i=1..m N i (-log 2 (P i )) / i=1..m N i which can be rewritten as - i=1..m N i /N log 2 (P i ) Information I = - i=1..m P i log 2 (P i ) Reduces to original formula if all symbols equiprobable, i.e., P i = 1/M: I = - i=1..m 1/M log 2 (1/M) = 1/M log 2 (M) i=1..m 1 = log 2 (M) 3
4 Information Content of English For random English letters, log bits/letter For large samples of English text, 1.3 bits/letter For bzipped English text, bits/letter Testing for Randomness A byte stream is random if I is approximately 8 bits/byte Compression is a good randomizing function. Cryptography is a good randomizing function. Statistical tests for randomness Zeros occur about as often as ones. Pairs of zeros occur about half as often as single zeros and as often as pairs of ones. PRNGs 1. Determinism and Randomness 2. Seeding the PRNG 3. Linear Congruential 4. CSPNRGs 5. Blum-Blum-Shub 6. Tiny 7. Attacks on PNRGs 4
5 Determinism Computers are deterministic Can t produce true random numbers. Pseudo-random numbers appear to be random to certain statistical tests. Tests can be derived from compression. If you can compress sequence, it s not random. Software generated pseudo-random sequences are periodic and predictable. Seeds Input used to generate initial PR number. Should be computationally infeasible to predict Generate seed from random, not PR, data. Large seed: 32 bits too small; only 2 32 combinations. Sequence is still periodic, but starts from different point for each different seed. Identical sequences produced for identical seeds. Period needs to be large for security. Linear Congruential Generator n k = (an k 1 + b) mod m m Modulus (a large prime integer), maximum period a Multiplier (integer from 2..m-1) b Increment n 0 Sequence initializer (seed) 5
6 LCG Example in Python #!/usr/bin/env python import sys def lcg(x): return a*x % 13 i = 0; li=[] a, x = map(int, sys.argv[1:3]) while(i < 10): x = lcg(x) li.append(str(x)) i += 1 print ", ".join(li) >./prng.py , 4, 8, 2, 11, 4, 8, 2, 11, 4 >./prng.py 6 2 0, 1, 7, 4, 12, 8, 10, 9, 3, 6 Modulus Multiplier Seed Linear Congruential Generator Choice of a critical Many choices of a do not produce a full period. Sequence is permutation of integers 1..m-1 Ex: 2, 6, 7, 11 for m=13 For production LCGs, m= common a = is well studied full period multiplier LCGs are statistically random but predictable, giving away LCG state with each number. LCGs are not cryptographically useful. Secure PRNGs Cryptographically Secure PRNGs: 1. Statistically appear random. 2. Difficult to predict next member of sequence from previous members. 3. Difficult to extract internal state of PRNG from observing output. Similar to stream ciphers. May be re-seeded at runtime, unlike PRNGs. 6
7 Blum Blum Shub x n+1 = x n 2 mod M Blum Number M Product of two large primes, p and q p mod 4 = 3, q mod 4 = 3 Seed Choose random integer x, relatively prime to M. x 0 = x 2 mod M Blum Blum Shub Random Output: LSB of x n+1 Can safely use log 2 M bits. Provably secure Distinguishing output bits from random bits is as difficult as factoring M for large M. Slow Requires arbitrary precision software math libraries. Strong Mixing Functions Strong mixing function: function of 2 or more inputs with each bit of output depending on some nonlinear function of all input bits. Examples: AES, DES, SHA-1, SHA-2 Use on UNIX-based systems: (date; ps gaux) md5 where ps gaux lists all information about all processes on system. 7
8 Attacks on PNRGs Direct Cryptanalytic Distinguish between PRNG output and random output with better than 50% accuracy. Input-Based Use knowledge of PRNG input to predict output. Insert input into PRNG to control output. State Compromise Extension Extend previously successful attack that has recovered internal state to recover either or both. past unknown PRNG outputs future PRNG outputs after additional inputs given to PRNG ASF On-line Gambling Re-seeded PRNG before each shuffle always start with ordered deck. Shuffling Fair: combinations 32-bit seed: 2 32 combinations ms seed: 86,400,000 combinations synchronize time: 200,000 combinations Predict deck based on 5 known cards. ASF PRNG Flaws 1. PRNG algorithm used small seed (32 bits.) 2. Non-cryptographic PRNG used. 3. Seed generated by poor source of randomness. 8
9 Entropy Collection 1. Hardware Solutions 2. Software Solutions 3. Poor Entropy Collection 4. Entropy Estimation Hardware Sources Radioactive Decay Hotbits: 256 bits/s Thermal or Electrical Noise Comscire QNG Model J1000KU, 1 Mbit/s Via Padlock RNG on Via x86 CPUs kbits/s LavaRnd SGI used LavaLite; LavaRnd uses lenscapped digicam up to 200 kbits/s Software Sources Less Secure, More Convenient Software systems can be sufficiently complex to be almost impossible to predict. User Input: Push, don t Pull Record time stamp when keystroke or mouse event occurs. Don t poll most recent user input every.1s Far fewer possible timestamps. 9
10 Software Sources: /dev/random Idea: use multiple random software sources. Store randomness in pool for user requests. Use hash functions (i.e., strong mixing functions) to distill data from multiple sources. /dev/random can use random sources such as CPU load disk seeks kernel interrupts keystrokes network packet arrival times /dev/audio sans microphone Software Sources: /dev/random /dev/random each bit is truly random. blocks unless enough random bits are available. /dev/urandom supplies requested number of bits immediately. reuses current state of pool lower quality randomness. Poor Entropy: Netscape 1.1 SSL encryption generates random 40- or 128-bit session key Netscape 1.1 seeded PRNG with time of day PID and PPID All visible to attacker on same machine. Remote attack broke keys in 30 seconds guessed limited randomness in PID/PPID. packet sniffing can determine time of day. 10
11 Random Number APIs Windows Java rand() insecure PRNG, uses LCG CryptGenRandom() CSRNG CryptGenKey() to securely generate keys java.util.random insecure PRNG java.security.securerandom CSRNG Relies on OS, so SecureRandom can fall back to insecure Random if OS does not provide /dev/random or similar Key Storage Source Code Can use strings to extract from binary. File on Disk Attacker can search disk for files with high entropy, which are likely to contain keys. Encryption of file adds another layer of difficulty, but there must be a key someplace. Registry Attacker can access with regedit. External Device, e.g. smartcards, smartphones, etc. Attacker can obtain PINs or use power analysis attackers to extract keys from device. Key Points 1. Keys generated must be truly random. 1. Test for randomness by measuring information. 2. I = - i=1..m P i log 2 (P i ) 2. Secure PRNGs must have the following qualities: 1. Statistically appear random. 2. Difficult to predict next member of sequence from previous members. 3. Difficult to extract internal state of PRNG from observing output. 3. Algorithmic PRNG techniques: 1. Linear congruential generators: non-crypto. 2. Blum Blum Shub cryptographic PRNG. 4. Computer RNGs: 1. Hardware RNGs: thermal noise, decays. 2. Software RNGs: disk seeks, interrupts. 11
12 References 1. Matt Bishop, Introduction to Computer Security, Addison-Wesley, D. Eastlake, Randomness Recommendations for Security, RFC 1750, Ian Goldberg and David Wagner, Randomness and the Netscape Browser, Doctor Dobbs Journal, Michael Howard and David LeBlanc, Writing Secure Code, 2 nd edition, Microsoft Press, Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, S. K. Park, K. W. Miller, Random number generators: good ones are hard to find, Communications of the ACM, Volume 31 Issue 10, October Tom Schneider, Information Theory Primer, Bruce Schneier, Applied Cryptography, 2 nd edition, Wiley, John Viega and Gary McGraw, Building Secure Software, Addison-Wesley, Joss Visser, Kernel based random number generation in HP-UX 11.00, David Wheeler, Secure Programming for UNIX and Linux HOWTO, HOWTO/index.html,
CSC 482/582: Computer Security. Applying Cryptography
Applying Cryptography Topics 1. Applications of Randomness 2. Defining and Evaluating Randomness 3. Pseudo-Random Number Generators (PRNGs) 4. Cryptographically Secure PRNGs (CSPRNGs) 5. Attacks on PRNGs
More informationA Secured Key Generation Scheme Using Enhanced Entropy
236 A Secured Key Generation Scheme Using Enhanced Entropy M.S. Irfan Ahmed Asst. Professor, VLB Engineering College, Coimbatore E.R. Naganathan Reader, Computer Science Department Alagappa University,
More informationCIT 480: Securing Computer Systems. Hashes and Random Numbers
CIT 480: Securing Computer Systems Hashes and Random Numbers Topics 1. Hash Functions 2. Applications of Hash Functions 3. Secure Hash Functions 4. Collision Attacks 5. Pre-Image Attacks 6. Current Hash
More informationCSC 580 Cryptography and Computer Security
CSC 580 Cryptography and Computer Security Random Bit Generators (Sections 8.1-8.3) February 20, 2018 Overview Today: HW 4 solution discussion Pseudorandom generation - concepts and simple techniques Reminder:
More informationRandomness in Cryptography
Randomness in Cryptography JKU Linz 2007 Randomness in Cryptography 1 Randomness? Randomness in Cryptography 2 The need for randomness Contents 1 Introduction The need for randomness Formal denitions,
More informationChapter 6 Random Number Generation
Chapter 6 Random Number Generation Requirements / application Pseudo-random bit generator Hardware and software solutions [NetSec/SysSec], WS 2007/2008 6.1 Requirements and Application Scenarios Security
More informationNetwork Security. Random Number Generation. Chapter 6. Network Security (WS 2003): 06 Random Number Generation 1 Dr.-Ing G.
Network Security Chapter 6 Random Number Generation Network Security (WS 2003): 06 Random Number Generation 1 Tasks of Key Management (1) Generation: It is crucial to security, that keys are generated
More informationRandom number generation
Cryptographic Protocols (EIT ICT MSc) Dr. Levente Buttyán associate professor BME Hálózati Rendszerek és Szolgáltatások Tanszék Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu, buttyan@crysys.hu
More informationAttack on Sun s MIDP Reference Implementation of SSL
Attack on Sun s MIDP Reference Implementation of SSL Kent Inge Simonsen, Vebjørn Moen, and Kjell Jørgen Hole Department of Informatics, University of Bergen Pb. 7800, N-5020 Bergen, Norway {kentis,moen,kjell.hole}@ii.uib.no
More informationBasic principles of pseudo-random number generators
Basic principles of pseudo-random number generators Faculty of Informatics, Masaryk University Outline PRNGs True-randomness and pseudo-randomness Linear feedback shift registers Cryptographically secure
More informationCPS2323. Symmetric Ciphers: Stream Ciphers
Symmetric Ciphers: Stream Ciphers Content Stream and Block Ciphers True Random (Stream) Generators, Perfectly Secure Ciphers and the One Time Pad Cryptographically Strong Pseudo Random Generators: Practical
More informationTopics. Number Theory Review. Public Key Cryptography
Public Key Cryptography Topics 1. Number Theory Review 2. Public Key Cryptography 3. One-Way Trapdoor Functions 4. Diffie-Helman Key Exchange 5. RSA Cipher 6. Modern Steganography Number Theory Review
More informationPseudo-random number generators
Pseudo-random number generators -- Definition and motivation -- Classification of attacks -- Examples: DSA PRNG and Yarrow-160 (c) Levente Buttyán (buttyan@crysys.hu) Definitions a random number is a number
More informationCOMP4109 : Applied Cryptography
COMP4109 : Applied Cryptography Fall 2013 M. Jason Hinek Carleton University Applied Cryptography Day 11 public-key cryptography Die-Hellman some math some problems 2 how to share a secret? private-key
More informationCryptography and Network Security Chapter 7
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 7 Stream Ciphers and Random Number Generation The comparatively
More informationAnalysis, demands, and properties of pseudorandom number generators
Analysis, demands, and properties of pseudorandom number generators Jan Krhovják Department of Computer Systems and Communications Faculty of Informatics, Masaryk University Brno, Czech Republic Jan Krhovják
More informationPRNGs & DES. Luke Anderson. 16 th March University Of Sydney.
PRNGs & DES Luke Anderson luke@lukeanderson.com.au 16 th March 2018 University Of Sydney Overview 1. Pseudo Random Number Generators 1.1 Sources of Entropy 1.2 Desirable PRNG Properties 1.3 Real PRNGs
More informationCryptography. Dr. Michael Schneider Chapter 10: Pseudorandom Bit Generators and Stream Ciphers
Cryptography Dr. Michael Schneider michael.schneider@h-da.de Chapter 10: Pseudorandom Bit Generators and Stream Ciphers December 12, 2017 h_da WS2017/18 Dr. Michael Schneider 1 1 Random and Pseudorandom
More informationLecture 4: Hashes and Message Digests,
T-79.159 Cryptography and Data Security Lecture 4: Hashes and Message Digests Helsinki University of Technology mjos@tcs.hut.fi 1 Cryptographic hash functions Maps a message M (a bit string of arbitrary
More informationHOWTO: A Simple Random Number Generator for the ATmega1280 Microcontroller under C and TinyOS
HOWTO: A Simple Random Number Generator for the ATmega1280 Microcontroller under C and TinyOS Patrik Fimml Martin Perner Bernhard Petschina May 21, 2015 (v2.0) Contents 1 Introduction 1 1.1 True randomness
More informationPseudorandom Number Generation
Pseudorandom Number Generation Thanks once again to A. Joseph, D. Tygar, U. Vazirani, and D. Wagner at the University of California, Berkeley 1 What Can Go Wrong? An example: This generates a 16 byte (128
More informationAPPENDIX D RANDOM AND PSEUDORANDOM NUMBER GENERATION
APPENDIX D RANDOM AND PSEUDORANDOM NUMBER GENERATION William Stallings D.1 THE USE OF RANDOM NUMBERS... 2 Randomness... 2 Unpredictability... 4 D.2 PSEUDORANDOM NUMBER GENERATORS (PRNGS)... 4 Linear Congruential
More informationLab 1: Cipher Fundamentals
Lab 1: Cipher Fundamentals Objective: The key objective of this lab is to be introduced to some of the fundamental principles involved in cryptography, including the usage of Base-64, hexadecimal, the
More informationLab 1: Cipher Fundamentals
Lab 1: Cipher Fundamentals Objective: The key objective of this lab is to be introduced to some of the fundamental principles involved in cryptography, including the usage of Base-64, hexadecimal, the
More informationT Cryptography and Data Security
T-79.4501 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Stallings: Ch 7.4; 7.3; 10.1 1 The Use
More informationUNIT 9A Randomness in Computation: Random Number Generators Principles of Computing, Carnegie Mellon University - CORTINA
UNIT 9A Randomness in Computation: Random Number Generators 1 Course Announcements We are in the process of setting up the tutoring help system. PS7 is due Wednesday 3/20 in class Midterm 2 (written) is
More informationT Cryptography and Data Security
T-79.159 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Kaufman et al: Ch 11.6; 9.7-9; Stallings:
More informationCryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi
Cryptographic Primitives A brief introduction Ragesh Jaiswal CSE, IIT Delhi Cryptography: Introduction Throughout most of history: Cryptography = art of secret writing Secure communication M M = D K (C)
More informationCryptography. Summer Term 2010
Cryptography Summer Term 2010 Harald Baier Chapter 3: Pseudo Random Bit Generators and Stream Ciphers Contents Random bits and pseudo random bits Stream ciphers Harald Baier Cryptography h_da, Summer Term
More informationRandom and Pseudorandom Bit Generators
Random and Pseudorandom Bit Generators Random bit generators Pseudorandom bit generators Cryptographically Secure PRBG Statistical tests Unpredictable quantities The security of many cryptographic systems
More informationUniversal Fuzzy Statistical Test for Pseudo Random Number Generators (UFST-PRNG)
Universal Fuzzy Statistical Test for Pseudo Random Number Generators (UFST-PRNG) Raad A. Muhajjar, Ph.D. ICCR Scholar, Dept. of Computer Science, Dr. S. Kazim Naqvi, Sr. System Analyst, Centre for IT,
More informationCryptographic Engineering. Steven M. Bellovin October 16,
Cryptographic Engineering Steven M. Bellovin October 16, 2012 1 Cryptographic Engineering Issues Suppose we want to use crypto to protect files. Now what? What to encrypt? Where should keys be stored?
More informationFall 2005 Joseph/Tygar/Vazirani/Wagner Notes 21
CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner Notes 21 Anyone who uses software to produce random numbers is in a state of sin. John von Neumann The generation of random numbers is too
More informationUNIT 9A Randomness in Computation: Random Number Generators
UNIT 9A Randomness in Computation: Random Number Generators 1 Last Unit Computer organization: what s under the hood 3 This Unit Random number generation Using pseudorandom numbers 4 Overview The concept
More informationSecurity. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
More informationPractical Aspects of Modern Cryptography
Practical Aspects of Modern Cryptography Lecture 3: Symmetric s and Hash Functions Josh Benaloh & Brian LaMacchia Meet Alice and Bob Alice Bob Message Modern Symmetric s Setup: Alice wants to send a private
More informationSummary on Crypto Primitives and Protocols
Summary on Crypto Primitives and Protocols Levente Buttyán CrySyS Lab, BME www.crysys.hu 2015 Levente Buttyán Basic model of cryptography sender key data ENCODING attacker e.g.: message spatial distance
More informationRandom-Number Generation
Random-Number Generation Overview Desired properties of a good generator Linear-congruential generators Tausworthe generators Survey of random number generators Seed selection Myths about random number
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Introduction, Randomness, One-Time Pad, Stream Ciphers University of Tartu Spring 2015 1 / 33 Who am I? Arnis Paršovs MSc in Cyber Security Tallinn University of Technology,
More informationCryptography and Network Security Chapter 7. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 7 Fourth Edition by William Stallings Chapter 7 Confidentiality Using Symmetric Encryption John wrote the letters of the alphabet under the letters in its first
More informationCryptographic Engineering
Cryptographic Engineering Last lecture, we touched on some real-world crypto issues, such as how keys get into or out of secure devices Let s look more at real-world cryptographic issues Steven M. Bellovin
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Introduction, Randomness, One-Time Pad, Stream Ciphers University of Tartu Spring 2014 1 / 31 Who am I Arnis Paršovs MSc in Cyber Security Tallinn University of Technology,
More informationTopics. Dramatis Personae Cathy, the Computer, trusted 3 rd party. Cryptographic Protocols
Cryptographic Protocols Topics 1. Dramatis Personae and Notation 2. Session and Interchange Keys 3. Key Exchange 4. Key Generation 5. Cryptographic Key Infrastructure 6. Storing and Revoking Keys 7. Digital
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Introduction, Randomness, One-Time Pad, Stream Ciphers University of Tartu Spring 2017 1 / 34 Who am I? Arnis Paršovs MSc in Cyber Security Tallinn University of Technology,
More informationCPS2323. Block Ciphers: The Data Encryption Standard (DES)
Block Ciphers: The Data Encryption Standard (DES) Content Block Ciphers: Constructing Pseudo Random Permutations using confusion/diffusion A call for an industry standard... and the NSA Lucifer and Feistel
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationCSC 482/582: Computer Security. Security Protocols
Security Protocols Topics 1. Basic Concepts of Cryptography 2. Security Protocols 3. Authentication Protocols 4. Key Exchange Protocols 5. Kerberos 6. Public Key Infrastructure Encryption and Decryption
More informationSecurity: Cryptography
Security: Cryptography Computer Science and Engineering College of Engineering The Ohio State University Lecture 38 Some High-Level Goals Confidentiality Non-authorized users have limited access Integrity
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationBlum-Blum-Shub cryptosystem and generator. Blum-Blum-Shub cryptosystem and generator
BBS encryption scheme A prime p is called a Blum prime if p mod 4 = 3. ALGORITHM Alice, the recipient, makes her BBS key as follows: BBS encryption scheme A prime p is called a Blum prime if p mod 4 =
More informationCryptography for Software and Web Developers
Cryptography for Software and Web Developers Part 4: randomness, hashing, tokens Hanno Böck 2014-05-28 1 / 13 Bad random numbers Random fails Example: Factoring RSA keys Good / bad randomness In security
More informationSUMMARY OF INFORMATION ON EACH COURSE
1. Name of Course Applied Cryptography 2. Course Code TAC 3121 3. Status of Course Specialisation Core for B.IT Security Technology [Applies to (cohort) ] 4. MQF Level/Stage Note : Certificate MQF Level
More informationCS 179: GPU Computing. Lecture 16: Simulations and Randomness
CS 179: GPU Computing Lecture 16: Simulations and Randomness Simulations South Bay Simulations, http://www.panix.com/~brosen/graphics/iacc.400.jpg Exa Corporation, http://www.exa.com/images/f16.png Flysurfer
More informationStream Ciphers. Stream Ciphers 1
Stream Ciphers Stream Ciphers 1 Stream Ciphers Generate a pseudo-random key stream & xor to the plaintext. Key: The seed of the PRNG Traditional PRNGs (e.g. those used for simulations) are not secure.
More informationThe Design and Analysis of a True Random Number Generator in a Field Programmable Gate Array. By Paul Kohlbrenner November 20, 2003
The Design and Analysis of a True Random Number Generator in a Field Programmable Gate Array By Paul Kohlbrenner November 20, 2003 Presentation Organization 1. Thesis goal 2. The need for random bits in
More informationCrypto: Passwords and RNGs. CS 642 Guest Lecturer: Adam Everspaugh
Crypto: Passwords and RNGs CS 642 Guest Lecturer: Adam Everspaugh http://pages.cs.wisc.edu/~ace Topics! Password-based Crypto!! Random Number Generators Symmetric Key Encryption key generation R k Gen
More informationComparative Analysis of SLA-LFSR with Traditional Pseudo Random Number Generators
International Journal of Computational Intelligence Research ISSN 0973-1873 Volume 13, Number 6 (2017), pp. 1461-1470 Research India Publications http://www.ripublication.com Comparative Analysis of SLA-LFSR
More informationCryptography. Dr. Michael Schneider October 10, 2017 h_da WS2017/18 Security Protocols Dr. Michael Schneider 1
Cryptography Dr. Michael Schneider michael.schneider@h-da.de October 10, 2017 h_da WS2017/18 Security Protocols Dr. Michael Schneider 1 1 Formalities 2 Contents, Time Table 3 Literature 4 Announcements
More informationDESIGN AND IMPLEMENTATION OF PSEUDO RANDOM NUMBER GENERATOR USED IN AES ALGORITHM
DESIGN AND IMPLEMENTATION OF PSEUDO RANDOM NUMBER GENERATOR USED IN AES ALGORITHM M.SUNITHA (1), P.S.SUREKHA (2) M.TECH Scholor, VLSI Design, Jyothismathi College of Engineering and Technology (1) ASST.Professor,
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationn-bit Output Feedback
n-bit Output Feedback Cryptography IV Encrypt Encrypt Encrypt P 1 P 2 P 3 C 1 C 2 C 3 Steven M. Bellovin September 16, 2006 1 Properties of Output Feedback Mode No error propagation Active attacker can
More informationInformation Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1
Information Security message M one-way hash fingerprint f = H(M) 4/19/2006 Information Security 1 Outline and Reading Digital signatures Definition RSA signature and verification One-way hash functions
More informationProtocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh
Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols
More informationSide-Channel Attacks on RSA with CRT. Weakness of RSA Alexander Kozak Jared Vanderbeck
Side-Channel Attacks on RSA with CRT Weakness of RSA Alexander Kozak Jared Vanderbeck What is RSA? As we all know, RSA (Rivest Shamir Adleman) is a really secure algorithm for public-key cryptography.
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationWheel of Fortune ANALYZING EMBEDDED OS (CS)PRNGS JOS WETZELS ALI ABBASI
Wheel of Fortune ANALYZING EMBEDDED OS (CS)PRNGS JOS WETZELS ALI ABBASI WHOIS Jos Wetzels 1,2 Researcher, MSc student samvartaka.github.io Ali Abbasi 1,3 Ph.D. candidate http://wwwhome.cs.utwente.nl/~abbasia/
More informationRandomness and the Netscape Browser
Randomness and the Netscape Browser No one was more surprised than Netscape Communications when a pair of computer-science students broke the Netscape encryption scheme. Ian and David describe how they
More informationLecture 7. Random number generation More randomized data structures Skip lists: ideas and implementation Skip list time costs
Lecture 7 Random number generation More randomized data structures Skip lists: ideas and implementation Skip list time costs Reading: Skip Lists: A Probabilistic Alternative to Balanced Trees paper (Pugh);
More informationStudy Guide for the Final Exam
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Handout #22 Professor M. J. Fischer April 30, 2005 1 Exam Coverage Study Guide for the Final Exam The final
More informationCS61B Lecture #32. Last modified: Sun Nov 5 19:32: CS61B: Lecture #32 1
CS61B Lecture #32 Today: Pseudo-random Numbers (Chapter 11) What use are random sequences? What are random sequences? Pseudo-random sequences. How to get one. Relevant Java library classes and methods.
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 19th February 2009 Outline Basics Constructing signature schemes Security of
More informationKey Separation in Twofish
Twofish Technical Report #7 Key Separation in Twofish John Kelsey April 7, 2000 Abstract In [Mur00], Murphy raises questions about key separation in Twofish. We discuss this property of the Twofish key
More informationCyber Security Applied Cryptography. Dr Chris Willcocks
Cyber Security Applied Cryptography Dr Chris Willcocks Introduction 1. Content in this lecture will be examinable 2. This is a single lecture on applied cryptography for computer security. there is an
More informationCOMP4109 : Applied Cryptography
COMP4109 : Applied Cryptography Fall 2013 M. Jason Hinek Carleton University Applied Cryptography Day 2 information security cryptographic primitives unkeyed primitives NSA... one-way functions hash functions
More informationAnalysis of Cryptography and Pseudorandom Numbers
ISSN: 2454-2377 Volume 2, Issue 2, June 2016 Analysis of Cryptography and Pseudorandom Numbers Richa Agarwal Student, M. Tech., Computer Science, Invertis University, Bareilly, India Abstract: With the
More informationData Integrity & Authentication. Message Authentication Codes (MACs)
Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity of messages, even in presence of an active adversary who sends own messages. Alice (sender) Bob (receiver) Fran
More informationInformation Security CS526
Information CS 526 Topic 3 Ciphers and Cipher : Stream Ciphers, Block Ciphers, Perfect Secrecy, and IND-CPA 1 Announcements HW1 is out, due on Sept 10 Start early, late policy is 3 total late days for
More informationSecurity of Pseudo-Random Number Generators With Input
Security of Pseudo-Random Number Generators With Input Damien Vergnaud École normale supérieure INRIA PSL wr0ng April, 30th 2017 (with Yevgeniy Dodis, David Pointcheval, Sylvain Ruhault & Daniel Wichs)
More informationStream Ciphers. Koç ( ucsb ccs 130h explore crypto fall / 13
Stream Ciphers Çetin Kaya Koç http://cs.ucsb.edu/~koc koc@cs.ucsb.edu Koç (http://cs.ucsb.edu/~koc) ucsb ccs 130h explore crypto fall 2014 1 / 13 Block Ciphers Plaintext: M i with M i = n, where n is the
More informationBlack-Box Assessment of Pseudorandom Algorithms
Black-Box Assessment of Pseudorandom Algorithms Derek Soeder Christopher Abad Gabriel Acevedo dsoeder@cylance.com cabad@cylance.com gacevedo@cylance.com Agenda About PRNGs PRNGs by Example Attack Methodology
More informationDavid Wetherall, with some slides from Radia Perlman s security lectures.
David Wetherall, with some slides from Radia Perlman s security lectures. djw@cs.washington.edu Networks are shared: Want to secure communication between legitimate participants from others with (passive
More informationLecture IV : Cryptography, Fundamentals
Lecture IV : Cryptography, Fundamentals Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University Spring 2012 Basic Principles
More informationKey Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature
Key Management Digital signatures: classical and public key Classic and Public Key exchange 1 Handwritten Signature Used everyday in a letter, on a check, sign a contract A signature on a signed paper
More information(In)Security of Java SecureRandom Implementations
(In)Security of Java SecureRandom Implementations M. Cornejo 1 S. Ruhault 2 1 École Normale Supérieure, INRIA, Paris, France 2 DI/ENS, ENS-CNRS-INRIA and Oppida, France Journées Codage et Cryptographie,
More informationGeorge Landon Chao Shen Chengdong Li
George Landon Chao Shen Chengdong Li An Introduction George Landon Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin. John Von Neumann (1951) Introduction
More informationSoftware Security (cont.): Defenses, Adv. Attacks, & More
CSE 484 / CSE M 584 (Autumn 2011) Software Security (cont.): Defenses, Adv. Attacks, & More Daniel Halperin Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationMidterm Exam 2B Answer key
Midterm Exam 2B Answer key 15110 Principles of Computing Fall 2015 April 6, 2015 Name: Andrew ID: Lab section: Instructions Answer each question neatly in the space provided. There are 6 questions totaling
More informationData Integrity & Authentication. Message Authentication Codes (MACs)
Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity of messages, even in presence of an active adversary who sends own messages. Alice (sender) Bob (reciever) Fran
More informationRecurrent Neural Network Models for improved (Pseudo) Random Number Generation in computer security applications
Recurrent Neural Network Models for improved (Pseudo) Random Number Generation in computer security applications D.A. Karras 1 and V. Zorkadis 2 1 University of Piraeus, Dept. of Business Administration,
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 10 David Aspinall School of Informatics University of Edinburgh 10th February 2011 Outline Basics Constructing signature schemes Security of
More informationIntroduction to Elliptic Curve Cryptography
A short and pleasant Introduction to Elliptic Curve Cryptography Written by Florian Rienhardt peanut.@.bitnuts.de Abstract This is a very basic and simplified introduction into elliptic curve cryptography.
More informationLecture 12 Notes Hash Tables
Lecture 12 Notes Hash Tables 15-122: Principles of Imperative Computation (Spring 2016) Frank Pfenning, Rob Simmons 1 Introduction In this lecture we re-introduce the dictionaries that were implemented
More informationFPGA BASED RANDOM NUMBER GENERATION ACCESSED THROUGH ARDUINO
FPGA BASED RANDOM NUMBER GENERATION ACCESSED THROUGH ARDUINO V Raghu Ram 1, T Naveen Kumar 2, G Kishore Naidu 3, K Divya Kanti 4 1,2,3,4 ECE Department, Lendi Institute of Engineering and Technology, (India)
More informationCryptography [Symmetric Encryption]
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Symmetric Encryption] Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,
More informationThe Linux Kernel Cryptographic API
Published on Linux Journal (http://www.linuxjournal.com) The Linux Kernel Cryptographic API By James Morris Created 2003-04-01 02:00 This article provides a brief overview of the new cryptographic API
More informationAn Efficient Stream Cipher Using Variable Sizes of Key-Streams
An Efficient Stream Cipher Using Variable Sizes of Key-Streams Hui-Mei Chao, Chin-Ming Hsu Department of Electronic Engineering, Kao Yuan University, #1821 Jhongshan Rd., Lujhu Township, Kao-Hsiung County,
More informationCS 161 Computer Security
Raluca Popa Spring 2018 CS 161 Computer Security Discussion 3 Week of February 5, 2018: Cryptography I Question 1 Activity: Cryptographic security levels (20 min) Say Alice has a randomly-chosen symmetric
More informationObsoletes: 1750 Category: Best Current Practice June 2005
Network Working Group Request for Comments: 4086 BCP: 106 Obsoletes: 1750 Category: Best Current Practice D. Eastlake, 3rd Motorola Laboratories J. Schiller MIT S. Crocker June 2005 Status of This Memo
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More information