CRYPTOGRAPHY. Jakub Laszczyk. June 7th,
|
|
- Lorin Adams
- 5 years ago
- Views:
Transcription
1 CRYPTOGRAPHY Jakub Laszczyk June 7th,
2 Agenda About What is it? And History Part 1 - Hashing Part 2 - Symmetric Keys Part 3 - Asymmetric Keys Conclusion 2
3 About Karman Interactive is a mobile apps services company founded in 2012 now based in Kanata. 3
4 About Jakub Laszczyk - Senior Developer at Karman Interactive 4
5 5
6 What is Cryptography? The design and analysis of protocols that obfuscate data to all except the intended party. 6
7 History Early cryptography was exclusively used for encryption and decryption of messages Spartan Army Julius Caesar 7
8 Caesar s Cipher ABCDEFGHIJKLMNOPQRSTUVWXYZ EFGHIJKLMNOPQRSTUVWXYZABCD ATTACK AT DAWN EXXEGO EX HEAR 8
9 Modern Cryptography Cryptography has evolved to provide more sophisticated message encryption as well as data verification, and authentication. It is a crucial piece of technology that facilitates online activities such as e-commerce, banking, and communication. 9
10 Part 1 Hashing 10
11 What is Hashing? One way functions Deterministic - Same input will always return the output hash(abc) = BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD 11
12 What is Hashing? Outputs are well distributed and unique Input Output abc BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20 015AD abd A52D159F262B2C6DDB724A61840BEFC36EB30C88877A4030B65CBE C9 acb 8E B3BFC2003F791C B0EA035D16379BFEC16B72D376E27 2FA57 12
13 What is Hashing? Should not be reversible! hash(abc) = BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD hash -1(BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD) = undefined 13
14 Source: Plain Text Offenders ( 14
15 Hashing can be used in user authentication Client Server username: jakub password: { "user": "jakub", "pass": "Pa$$word" } username: jakub password: 923D4E08B2B F AA4 C5795D68D29 CF68639BC59 40B21541BCE 99CC98C34 15
16 SALT? Protects against two people using same password Passwords do get reused site to site. Guards against Lookup tables, Rainbow tables 16
17 Best lookup table is Google! 923D4E08B2BF AA4C5795D68D29CF68639BC5940B21541BCE99CC98C34 = Pa$$word 17
18 When generating the SALT don t use your everyday random number generator! Use a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG). Generated CSPRNG are unpredictable C++ std::random_device C# System.Security.Cryptography.RNGCryptoServiceProvider Java java.security.securerandom 18
19 Password: Pa$$word SALT:B4rjhY4g6LblQcqGNkVT6d45pmvZAcI78suhBzAaE0vY1qKsP/7BFo32UohgvTIn9czXKU4 1SZ1ilUeOUdpnOw== SHA-256 (Pa$$wordB4rjhY4g6LblQcqGNkVT6d45pmvZAcI78suhBzAaE0vY1qKsP/7BFo32UohgvTIn9cz XKU41SZ1ilUeOUdpnOw== ) = a066a2bb773b26b cecf0515a cb5af d30377d
20 username Password hash salt jakub a066a2bb773b26b cecf0515a cb 5af d30377d B4rjhY4g6LblQcqGNkVT 6d45pmvZAcI78suhBzAa E0vY1qKsP/7BFo32Uohg vtin9czxku41sz1ilueo UdpnOw== alice edba52ca865f269708d0 08a635d84e15b1b0d6bb 7e15a26dd3a51558d633 2db9 9XodWePFTO2htvi2E85g 4wT0mS1Zm6mYn2Jm6ieX NT1XMmtH96crGB6yiA8f GkSMFskeNFnnrzezMCBh cm79fw== bob 79f54613f1a f828dab11d365c248f7c a66fa649e1cbb6638a9a ec8c uybqzp1h4ok/2crpf7un rj1vxd4il/uc7xrrn8w+ uwgg34z+hp3n4iy6wew/ 1SyqlsOcSN1OqgQWyl4A 4FDDWg== 20
21 Brute Force Need to use key stretching to hash Bcrypt scrypt DON T USE MD5, SHA1, SHA2 21
22 Password: Pa$$word SALT:B4rjhY4g6LblQcqGNkVT6d45pmvZAcI78suhBzAaE0vY1qKsP/7BFo32UohgvTIn9czXKU4 1SZ1ilUeOUdpnOw== scrypt(pa$$wordb4rjhy4g6lblqcqgnkvt6d45pmvzaci78suhbzaae0vy1qksp/7bfo32uohgvt In9czXKU41SZ1ilUeOUdpnOw== ) Difficulties: CPU 16384; Memory 13; Parallelization 19; Output size
23 f28fec53284beae4f09e0c7d6148d49cd14c9e2f1f110fc5c6ba10e8345cf3f4c809c7 b56cd2e6b8dad f184defbe92c77744d80a88f805cd46eb34f898170c4a9d 735fd647e5d7ce310eae2954e105945ae20a ae1f e79610fd36f 7fd8ac40ba7b41d11f2d589a21f9920b45f81494f554b f292f06bfaa5e7e99 928f1df12574eae793e774fb1a7b069559f843a779e7f ff832e0781 c1ac60309e95bc925a b4a2ec7a9b58a6df597a4d7899a814e12ef4ce 7355db5d06d5aaa04644af026f0a0ca8009c83f011f66b869c529e968047bc5d1710 d0cef8eb88bab3b00fbe f98726acc1600ce13bbc8511d939d88b374d930 9d91a712e91a68a6ca1034bc e974c2d057dd766633cdddf16ca d1b8b38fa831b825737ae104043cf9da72dceec60902cde623945bfe0f695fb1d8 d6201f2ecc704179deebf4e25e7bbe7f9992e8c3042b4a0ad0b2d81c92b0b d06579b8729ae12fc3ec a3bbec5dc f3bdb653083c b66 f9b8d2fd2d3f4d0ab235d407e449f49d40e8a0e660945b125ad2faad047a04d b141120de0944a aab8da4950df5031add39fe773db226d7d2bf6c2 0c505945c079bfde9dfd360c8c2e774032ae8feb9291e0d8dca80a51f5d
24 ...086c be50d8f9247eedf06cbf250fa13ecc46075e4edc693ba73c5ce7ca 8df007bb2d9c630ae11d96bec f4c69b939c4b3604b2d0f090b05ab3f1b 30c6fe49f0de7cbd8764feae449af4da9342c5faeee5ba58921e21e35fb83aba4419 d19f583df5a7d174bfd323551ee9fada8db0ef29a76f111420b06d68b5ec de318fe2d8daeaa24af1c7745e2482a564f7f0ca8ddc6b3e72b67fda54a d6d40acfe ab aaca4c e adb03ebf6a5a7a9 ea274697b25f8505f6fb2ba30baaab1d9ded0fc7a578ba82a36c7e0879d6c235d6fc a969b4d5e7d76f9e c0d34b50bdca1170d907f700505cb7a4d0d ae3d9174ce4cb393b3843cff5a7e975c013fe463d4e71d7a3b378fa7fa6ac94e 47cf9964cba8fef1bd18c76c1df795608e676dcef16cbba5ecd2a72a0c55a10ec05a9 8adbdf2319c47033a14e6eccd35e3e8894efd7e0ee0ab6425dacdc7016ad6502fad 0288d7b3cf9166f3ab4dcfdd69658f a718f29eb09bbb0e52dc8a96e2ab32 85a149d10d8619f4c30fb83576ec75ffdb803fd917573ba e226aeec47fcc 0a21bbf707499efe470df395c086fc0b7d0eb735af2c6102e b87204fb989 b46bc603a5bef eddf6d67c5c5c0cbafab09cddcf6d3cbdc19fac1d... 24
25 ...f91f037b333a519e15cc270e2be526ba64cd03bc692a87e554c2c346b16747b35 633eab56a603eef31102b3440a09d78c239dfd3a8631ebed9bc0d918fb9c5193c73 be2ecc05211a1b061c4400d76a0b7283a3b4a1f9958d6fb53c5d120d007a18f28ce 66e24b6611b076c5efc3d34675f6c7c517e969b3fe319f1a9d cc3dff41dc f d21a39c11f960be3f86e993f80f9f9d29fa009edf66eb66efb1caa95a7 a00b77b182b6ce1f6e3cfc9ed7496c99d87ace4e3c6405ed1c318e1ce456355f234 04c0356d149f0db8d6973aea9892d d0f2acbee00ca77180c d f45bcebe7adbb0376cc01d4fd3a0448c0a b0dc a8f8048ebf ad2bc31d239ea2b5fa2d23310eb82dfda666a6c77796d4b2e659f47d75e57 be3107b1266bc3d5b c9d2db eba592d8b8d36e6f53c18eb33f9 bd2199df7103f89cdec548eb94e a0a22b5e88f0a903a467d4f219a69a4f 2e1bebac1e20ef d8b41ab179d87110bbb52eb55e8227b52ae5b5c b5d3f241465fde688f01af0cd2dda93bc cad1f1323d221897e5e4b49 2d01f4e72f27c5f0486f6f2b42cbd8aaf40ec26555be0b287cbd01c023bd27901dda9 c8b39d37a9de601545c5505af6a846fa6aba43144c7e6e7df8768a7fc3d... 25
26 ...d19df070a4aac f5bdb80a377256f70138edfe1baf60ae30f5fadadecf7b bbbbed94052cf de83bc0019fc38edb4ac2c0a517ce4614a931e88b0f df90bb710ef9cbc ecf86d19204b da02f046c a9fb71d9 a549ed48e793408a844cb d7a5b120149edb215d6e1108c acd 83f73cff15ca c22f482b4f27f21a79547b1f6274f00738f1ce99e69be49c4ca 97f7237f60427b6115ca6feb58509f71a3981ac68baffabd0f900ea5fd1ec9c4d4ac21 cd cf612fcba744eac559d388672ed421f13bd0f4a25900c75db2d624f51 95cf6030a8ee88a87b17934daf0d9108bc332d c0a840a340c88e04e87321 d6772fb6d d12c8fda1bcf9ef6f f2a62ce549abc059c16ef97ea427 bb8c e99c4444d d84e16a5fb77c919b35f41d98a90d473b8fe ef96949b0d03d4fd8df2be4aee ae2adf98bf654ec5c65a3f 1796b86b406c adc5a52fc139bca46deeef7c057f2815b06b6d34d212ff98 d084f5d3ae7b7d2f485f24d2fae14af07bc0e51b1be79c5a2d4b312d47dda6664dff9 e722c2cd55e52e9659be09a2868f63a151307aa370597a790a081d7e1ca8d086ad 0fcd637cd4df32bdea a294017e2ae71fdba8461eb9e f2ba97aa e85a069d8ca4c3a487f8f55803cfe109a8f0163abf
27 Test it yourself! 27
28 Part 1 - Conclusion One way functions are deterministic, unique, and irreversible Applications - authentication, data integrity checking Use key stretching algorithms and SALT if hashing passwords 28
29 Part 2 Symmetric Key 29
30 Symmetric Key Symmetric key Same secret key is used to encrypt and decrypt data. Algorithm is fast Twofish, Serpent, AES (Rijndael) Three steps to encrypting and decrypting Initialization vector Secret key Mode 30
31 IV - Initialization vector Random number that is used with the secret key to further scramble the data and makes it harder for a potential hacker to decrypt the data by searching for patterns within the data Must be random otherwise it may expose data 31
32 Modes CBC, ECB, CFB, CTR, etc... 32
33 Modes CBC, ECB, CFB, CTR, etc... Source: Wikipedia ( 33
34 Modes CBC, ECB, CFB, CTR, etc... Source: Wikipedia ( 34
35 Modes CBC, ECB, CFB, CTR, etc... Source: Wikipedia ( 35
36 Source: Wikipedia ( 36
37 Modes Example of a image encryption using ECB mode 37
38 Modes Example of a image encryption using CBC mode 38
39 Sample outputs of Twofish mode: CBC, secret: 628f2ba97aa e85a069, message: hello! +3+Tj8agQk6R1jVItAYnwvaS1CHo0H75coXsvarCbaY= 2vKtmQqMC/Qybd3EJ3TCjEmxj3/rGowEy40ZntXtkB0= DUSngM5WwE6XzjbxDKes/ZCB2VYz3Ljgxb+Tu27xlhQ= ncolnkex762ny6kxmdw4agxodbl3xrpflvdlavwzksm= LchkwbogGTlQwngCK6nKOJovY4oNGsWLiPqMLDJ/MCM= Try it yourself
40 Mode Counter Source: Wikipedia ( 40
41 Plaintext message: Factorio tonight? Plaintext message: Factorio tonight? Plaintext message: Factorio tonight? 41
42 Since the same key is used for encrypting and decrypting how to establish this shared secret? 42
43 Part 3 Asymmetric Key 43
44 Asymmetric Key Public key you generate and share which will then be used for encrypting messages Private key you keep secret and you use to decrypt a message Very easy to establish secure communication with someone on the other side of the world Algorithm is slow and input that can be encrypted is limited by size! 44
45 Asymmetric Key 45
46 Asymmetric Key TNYq/OTHEhIkpdoizIM7mxFQtXU EAvUs/IvoipNZbugmTcHX0IgvBs/r F8+KvVFB= 46
47 The fox has moved 47
48 Asymmetric Key - RSA Example Encrypt Decrypt cipher = message e mod n message = cipher d mod n 48
49 RSA private and public keys are generated via a 5 step process starting with 2 prime numbers p = 611,543 q = 313,777 You would discard these prime numbers after generating your keys! 49
50 Public Key Select two large prime numbers p = 611,543; q = 313,777 Calculate n = (p - 1)(q - 1) = 191,888,127,911 Find a number for e such that 1 < e < n and is a coprime of n (e = 17) Public key: (n = 191,888,127,911, e = 17) 50
51 Private Key Using Extended Euclidean Algorithm calculate d using p, q, and e. ed = 1 mod (p - 1)(q - 1) ed = 1 mod 191,888,127,911 d = 39,506,188,769 (KEEP SECRET) Private Key: (n = 191,888,127,911, d = 39,506,188,769) 51
52 message = HELLO H E L L O ,562,633 52
53 My public key e = 17; n = 191,888,127,911 cipher = message e mod n cipher = 151,562,633 cipher = 17 mod 191,888,127,911 97,222,580,177 53
54 97,222,580, STX (Start of Text) C } â a Transmit: C}âa 54
55 message = cipher d mod n message = 97,222,580, mod 191,888,127,911 message = 44,507,164,191!= 151,562,633 (HELLO) 55
56 Private key d = 39,506,188,769; n = 191,888,127,911 message = cipher d mod n message = 97,222,580,177 39,506,188,769 mod 191,888,127,911 message = 151,562,633 HELLO 56
57 I can respond to the sender with a message that is encrypted using my private key. The receiver would use my public key to decrypt. This is amazing! 57
58 In practice the private and public keys used are way larger For example the latest prime number found in 2017 and was 23,249,425 digits long! Factoring the product of 2 large integers is hard for a computer 58
59 RSA Factoring Challenge - $200,000 (USD) RSA-2048:
60 Send me an -----BEGIN PUBLIC KEY----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFNzreP8Y35BrrnP40j0 zu0cuic4fyqitzv88k1dgmpf+iaptlk42dnc2bcy4emwg64tgo/mp3e+rusef5go jlonc38s9kxiucckjyrmfyf17so3bufahrkm2/rmmolqjjs5/omcxhpiuhgrv553 Y1cBhgrOAEC/KV3Fas7gpIPtanOPaPLT/t6hu5sHQAARZ6k4DowUY8pWebapWueQ mqjjz5p+1e+odcbef/7i81dpbsycunsmjvyhj/urnwbk/aiaflsegs2oxw7u4cx9 i1jy/mcshvresufguuo27pq1jwu38dgdlt2uclk6ty1flmjwgjfay304ho4mpaqv rwidaqab -----END PUBLIC KEY----- Linux/mac OpenSSL: Windows OpenSSL: 60
61 Conclusion Thank you! Questions? 61
9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationCRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext
CRYPTOLOGY CRYPTOGRAPHY KEY MANAGEMENT CRYPTANALYSIS Cryptanalytic Brute-Force Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext 58 Types of Cryptographic Private key (Symmetric) Public
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationPROTECTING CONVERSATIONS
PROTECTING CONVERSATIONS Basics of Encrypted Network Communications Naïve Conversations Captured messages could be read by anyone Cannot be sure who sent the message you are reading Basic Definitions Authentication
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationSecurity: Cryptography
Security: Cryptography Computer Science and Engineering College of Engineering The Ohio State University Lecture 38 Some High-Level Goals Confidentiality Non-authorized users have limited access Integrity
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationCS 161 Computer Security. Week of September 11, 2017: Cryptography I
Weaver Fall 2017 CS 161 Computer Security Discussion 3 Week of September 11, 2017: Cryptography I Question 1 Activity: Cryptographic security levels (20 min) Say Alice has a randomly-chosen symmetric key
More informationIntroduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell
Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell 1 Cryptography Merriam-Webster Online Dictionary: 1. secret writing 2. the enciphering and deciphering
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationIntroduction to Cryptography in Blockchain Technology. December 23, 2018
Introduction to Cryptography in Blockchain Technology December 23, 2018 What is cryptography? The practice of developing protocols that prevent third parties from viewing private data. Modern cryptography
More informationThe question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Block Ciphers (AES) University of Tartu Spring 2017 1 / 17 Block Ciphers Properties: Deterministic Without the key plaintext cannot be found Valid plaintext-ciphertext
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationCS682 Advanced Security Topics
CS682 Advanced Security Topics Lecture 2 Applied Cryptography Elias Athanasopoulos eliasathan@cs.ucy.ac.cy 2 The Need for Cryptography People had always secrets Ordinary applications are based on secrecy
More informationAuthentication CHAPTER 17
Authentication CHAPTER 17 Authentication Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources. getting entrance
More information1.264 Lecture 28. Cryptography: Asymmetric keys
1.264 Lecture 28 Cryptography: Asymmetric keys Next class: Anderson chapters 20. Exercise due before class (Reading doesn t cover same topics as lecture) 1 Asymmetric or public key encryption Receiver
More informationRef:
Cryptography & digital signature Dec. 2013 Ref: http://cis.poly.edu/~ross/ 2 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References:
More informationCNT4406/5412 Network Security
CNT4406/5412 Network Security Introduction to Cryptography Zhi Wang Florida State University Fall 2014 Zhi Wang (FSU) CNT4406/5412 Network Security Fall 2014 1 / 18 Introduction What is Cryptography Mangling
More informationThere are numerous Python packages for cryptography. The most widespread is maybe pycrypto, which is however unmaintained since 2015, and has
1 There are numerous Python packages for cryptography. The most widespread is maybe pycrypto, which is however unmaintained since 2015, and has unpatched buffer-overflow vulnerabilities. New projects should
More informationEncryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationIntroduction to Symmetric Cryptography
Introduction to Symmetric Cryptography Tingting Chen Cal Poly Pomona 1 Some slides are from Dr. Cliff Zou. www.cs.ucf.edu/~czou/cis3360-12/ch08-cryptoconcepts.ppt Basic Cryptography Private Key Cryptography
More informationIntroduction Classical Confidentiality Modern Confidentiality Integrity Authentication
Cryptography Introduction Classical Confidentiality Modern Confidentiality Integrity Authentication Introduction Cryptography in the Real World Cryptography is the process of writing or reading secret
More informationBasics of Cryptography
Basics of Cryptography (1) Introduction Expectation Level one: know what they are, what they can achieve, and how to use them as tools. Level two: know how they work, how secure they are, and how to analyze
More informationCryptography [Symmetric Encryption]
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography [Symmetric Encryption] Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 5 More About Block Ciphers ver. November 26, 2010 Last modified 10-2-17
More informationCryptographic methods
Cryptographic methods Contents Concepts and Principles History of encryption Modern cryptography Symmetric key cryptography Public key cryptography Key agreement protocols Hash functions, digital signature
More informationOutline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Department of Electrical and Computer Engineering Cleveland State University wenbing@ieee.org Outline Review
More informationASYMMETRIC CRYPTOGRAPHY
ASYMMETRIC CRYPTOGRAPHY CONTENT: 1. Number Theory 2. One Way Function 3. Hash Function 4. Digital Signature 5. RSA (Rivest-Shamir Adleman) References: 1. Applied Cryptography, Bruce Schneier 2. Cryptography
More informationBlock cipher modes. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 75
Block cipher modes Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 75 Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 76 Block cipher modes Block ciphers (like
More informationCryptography Functions
Cryptography Functions Lecture 3 1/29/2013 References: Chapter 2-3 Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner Types of Cryptographic Functions Secret (Symmetric)
More informationLecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
More informationEncryption 2. Tom Chothia Computer Security: Lecture 3
Encryption 2 Tom Chothia Computer Security: Lecture 3 This Lecture Counter Mode (CTR) enryption Diffie Helleman key exchange Public Key Encryption RSA Signing Combining public and symmetric key encryption
More informationPractical Aspects of Modern Cryptography
Practical Aspects of Modern Cryptography Lecture 3: Symmetric s and Hash Functions Josh Benaloh & Brian LaMacchia Meet Alice and Bob Alice Bob Message Modern Symmetric s Setup: Alice wants to send a private
More informationCS61A Lecture #39: Cryptography
Announcements: CS61A Lecture #39: Cryptography Homework 13 is up: due Monday. Homework 14 will be judging the contest. HKN surveys on Friday: 7.5 bonus points for filling out their survey on Friday (yes,
More informationDataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.
Submitted by SPYRUS, Inc. Contents DT5000 and DT6000 Technology Overview...2 Why DT5000 and DT6000 Encryption Is Different...3 Why DT5000 and DT6000 Encryption Is Different - Summary...4 XTS-AES Sector-Based
More informationSolutions to exam in Cryptography December 17, 2013
CHALMERS TEKNISKA HÖGSKOLA Datavetenskap Daniel Hedin DIT250/TDA351 Solutions to exam in Cryptography December 17, 2013 Hash functions 1. A cryptographic hash function is a deterministic function that
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationSome Stuff About Crypto
Some Stuff About Crypto Adrian Frith Laboratory of Foundational Aspects of Computer Science Department of Mathematics and Applied Mathematics University of Cape Town This work is licensed under a Creative
More information02. Usable Encryption. Blase Ur and Mainack Mondal March 28 th, 2018 CMSC / 33210
02. Usable Encryption Blase Ur and Mainack Mondal March 28 th, 2018 CMSC 23210 / 33210 1 This World of Ours 2 Encryption: A crash course 3 Encryption basics Putting information in code so that unauthorized
More informationPublic Key Algorithms
Public Key Algorithms CS 472 Spring 13 Lecture 6 Mohammad Almalag 2/19/2013 Public Key Algorithms - Introduction Public key algorithms are a motley crew, how? All hash algorithms do the same thing: Take
More informationComputational Security, Stream and Block Cipher Functions
Computational Security, Stream and Block Cipher Functions 18 March 2019 Lecture 3 Most Slides Credits: Steve Zdancewic (UPenn) 18 March 2019 SE 425: Communication and Information Security 1 Topics for
More informationIntroduction to Cryptography. --- Foundations of computer security ---
Introduction to Cryptography --- Foundations of computer security --- Related Chapters Cryptography CHAPTER 2, A Cryptography Primer CHAPTER 37, Data Encryption CHAPTER 39, Public Key Infrastructure CHAPTER
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationCryptographic hash functions and MACs
Cryptographic hash functions and MACs Myrto Arapinis School of Informatics University of Edinburgh October 05, 2017 1 / 21 Introduction Encryption confidentiality against eavesdropping 2 / 21 Introduction
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationCOMP 250. Lecture 27. hashing. Nov. 10, 2017
COMP 250 Lecture 27 hashing Nov. 10, 2017 1 RECALL Map keys (type K) values (type V) Each (key, value) pairs is an entry. For each key, there is at most one value. 2 RECALL Special Case keys are unique
More informationEEC-682/782 Computer Networks I
EEC-682/782 Computer Networks I Lecture 23 Wenbing Zhao wenbingz@gmail.com http://academic.csuohio.edu/zhao_w/teaching/eec682.htm (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB
More informationUses of Cryptography
Uses of Cryptography What can we use cryptography for? Lots of things Secrecy Authentication Prevention of alteration Page 1 Cryptography and Secrecy Pretty obvious Only those knowing the proper keys can
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More informationn-bit Output Feedback
n-bit Output Feedback Cryptography IV Encrypt Encrypt Encrypt P 1 P 2 P 3 C 1 C 2 C 3 Steven M. Bellovin September 16, 2006 1 Properties of Output Feedback Mode No error propagation Active attacker can
More informationEEC-484/584 Computer Networks
EEC-484/584 Computer Networks Lecture 23 wenbing@ieee.org (Lecture notes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of last lecture Introduction to
More informationGlenda Whitbeck Global Computing Security Architect Spirit AeroSystems
Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems History 2000 B.C. Egyptian Hieroglyphics Atbash - Hebrew Original alphabet mapped to different letter Type of Substitution Cipher
More informationCSC/ECE 774 Advanced Network Security
Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;
More informationComputer Security. 10. Exam 2 Review. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 10. Exam 2 Review Paul Krzyzanowski Rutgers University Spring 2017 March 23, 2018 CS 419 2017 Paul Krzyzanowski 1 Question 1(a) Suppose you come across some old text in the form GEPPQ
More informationCryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL
Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Transpositional Ciphers-A Review Decryption 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Encryption 1 2 3 4 5 6 7 8 A G O O D F R I E N D I S A T R E
More informationPresented by: Kevin Hieb May 2, 2005
Presented by: Kevin Hieb May 2, 2005 Governments National Finances National Security Citizens Companies Data Loss Monetary Loss Individuals Identity Theft Data Loss Networks Firewalls Intrusion Detection
More informationIntroduction to Cryptography and Security Mechanisms. Abdul Hameed
Introduction to Cryptography and Security Mechanisms Abdul Hameed http://informationtechnology.pk Before we start 3 Quiz 1 From a security perspective, rather than an efficiency perspective, which of the
More informationLecture 6: Symmetric Cryptography. CS 5430 February 21, 2018
Lecture 6: Symmetric Cryptography CS 5430 February 21, 2018 The Big Picture Thus Far Attacks are perpetrated by threats that inflict harm by exploiting vulnerabilities which are controlled by countermeasures.
More informationSecurity. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification
ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification Hossen Asiful Mustafa Introduction Entity Authentication is a technique designed to let one party prove the identity of another
More informationStream Ciphers and Block Ciphers
Stream Ciphers and Block Ciphers Ruben Niederhagen September 18th, 2013 Introduction 2/22 Recall from last lecture: Public-key crypto: Pair of keys: public key for encryption, private key for decryption.
More informationCryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi
Cryptographic Primitives A brief introduction Ragesh Jaiswal CSE, IIT Delhi Cryptography: Introduction Throughout most of history: Cryptography = art of secret writing Secure communication M M = D K (C)
More informationCS 111. Operating Systems Peter Reiher
Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources Operating Systems Peter Reiher Page 1 Outline Basic concepts in computer security Design principles for security
More informationDouble-DES, Triple-DES & Modes of Operation
Double-DES, Triple-DES & Modes of Operation Prepared by: Dr. Mohamed Abd-Eldayem Ref.: Cryptography and Network Security by William Stallings & Lecture slides by Lawrie Brown Multiple Encryption & DES
More informationCryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes Fall 2016 Adam (Ada) Lerner lerner@cs.washington.edu Thanks
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationInformation Security CS526
Information CS 526 Topic 3 Ciphers and Cipher : Stream Ciphers, Block Ciphers, Perfect Secrecy, and IND-CPA 1 Announcements HW1 is out, due on Sept 10 Start early, late policy is 3 total late days for
More informationCryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain
Cryptography Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar Submitted by:- Hardeep Gaurav Jain Cryptography Cryptography, a word with Greek origins, means "secret writing." However, we use the term
More informationEncryption Details COMP620
Encryption Details COMP620 Encryption is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government It s hard to think of a more
More informationComputer Security CS 526
Computer Security CS 526 Topic 4 Cryptography: Semantic Security, Block Ciphers and Encryption Modes CS555 Topic 4 1 Readings for This Lecture Required reading from wikipedia Block Cipher Ciphertext Indistinguishability
More informationAssignment 9 / Cryptography
Assignment 9 / Cryptography Michael Hauser March 2002 Tutor: Mr. Schmidt Course: M.Sc Distributed Systems Engineering Lecturer: Mr. Owens CONTENTS Contents 1 Introduction 3 2 Simple Ciphers 3 2.1 Vignère
More informationGarantía y Seguridad en Sistemas y Redes
Garantía y Seguridad en Sistemas y Redes Tema 2. Cryptographic Tools Esteban Stafford Departamento de Ingeniería Informá2ca y Electrónica Este tema se publica bajo Licencia: Crea2ve Commons BY- NC- SA
More informationEncryption of cardholder information. Torbjörn Lofterud Cybercom Sweden East AB.
Encryption of cardholder information Cybercom Sweden East AB 8/13/11 1 torbjorn.lofterud@cybercomgroup.com Information security consultant at Cybercom Sweden AB QSA PA-QSA PFI 8/13/11 2 PCI DSS Common
More informationRefresher: Applied Cryptography
Refresher: Applied Cryptography (emphasis on common tools for secure processors) Chris Fletcher Fall 2017, 598 CLF, UIUC Complementary reading Intel SGX Explained (ISE) Victor Costan, Srini Devadas https://eprint.iacr.org/2016/086.pdf
More informationNIST Cryptographic Toolkit
Cryptographic Toolkit Elaine Barker ebarker@nist.gov National InformationSystem Security Conference October 16, 2000 Toolkit Purpose The Cryptographic Toolkit will provide Federal agencies, and others
More informationPASSWORDS & ENCRYPTION
PASSWORDS & ENCRYPTION Villanova University Department of Computing Sciences D. Justin Price Fall 2014 CRYPTOGRAPHY Hiding the meaning of a message from unintended recipients. Open source algorithms are
More informationBreakingVault SAP DataVault Security Storage vulnerabilities
BreakingVault SAP DataVault Security Storage vulnerabilities Technical details Author: Fernando Russ (fruss@onapsis.com) Sr. Researcher Abstract: This document describes a series of vulnerabilities found
More informationIntroduction to Cryptography
Introduction to Cryptography 1 2 Definition process data into unintelligible form, reversibly, without data loss typically digitally usually one-to-one in size $ compression analog cryptography: voice
More informationCryptography: Symmetric Encryption [continued]
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography: Symmetric Encryption [continued] Fall 2016 Ada (Adam) Lerner lerner@cs.washington.edu Thanks to Franzi Roesner, Dan Boneh, Dieter Gollmann,
More informationCSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography Outline 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationCIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm
CIS 4360 Introduction to Computer Security Fall 2010 WITH ANSWERS in bold Name:.................................... Number:............ First Midterm Instructions This is a closed-book examination. Maximum
More informationCrypto for Hackers. Eijah. v1.00 August 7 th, 2015
Crypto for Hackers Eijah v1.00 August 7 th, 2015 Hello World Shall we play a game? Joshua/WOPR Who am I? Founder Programmer Hacker 4 Last year at Defcon Saving Cyberspace by Reinventing File Sharing We
More informationDigital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)
Message Authentication Code (MAC) Key-dependent one-way hash function Only someone with a correct key can verify the hash value Easy way to turn one-way hash function into MAC is to encrypt hash value
More informationPublic Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA
Public Key Cryptography, OpenPGP, and Enigmail Cryptography is the art and science of transforming (encrypting) a message so only the intended recipient can read it Symmetric Cryptography shared secret
More informationA hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 5 5.1 A hash function is an efficient function mapping binary strings of arbitrary length to binary strings of fixed length (e.g. 128 bits), called the hash-value
More informationEncryption I. An Introduction
Encryption I An Introduction Reading List ADO and SQL Server Security A Simple Guide to Cryptography Protecting Private Data with the Cryptography Namespaces Using MD5 to Encrypt Passwords in a Database
More informationConventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution
Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation
More informationHow many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block?
Homework 1. Come up with as efficient an encoding as you can to specify a completely general one-to-one mapping between 64-bit input values and 64-bit output values. 2. Token cards display a number that
More informationCyber Security Applied Cryptography. Dr Chris Willcocks
Cyber Security Applied Cryptography Dr Chris Willcocks Introduction 1. Content in this lecture will be examinable 2. This is a single lecture on applied cryptography for computer security. there is an
More information