Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms
|
|
- Claude Gibbs
- 5 years ago
- Views:
Transcription
1 Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology 21 September 2016 rev Egemen K. Çetinkaya
2 Data Integrity Algorithms Outline Hash algorithms (MD5 and SHA) Message authentication algorithms (MAC and HMAC) Digital signature algorithms (DSA) 21 September 2016 MST CPE 5420 Data Integrity Algorithms 2
3 Data Integrity Algorithms Hash Algorithms Hash algorithms Message authentication algorithms Digital signature algorithms 21 September 2016 MST CPE 5420 Data Integrity Algorithms 3
4 A hash function h = H(m) Hash Function Overview accepts a variable-length block of data m as input produces a fixed-size hash value h Main object of hash function is data integrity Hash determines whether or not data has changed 21 September 2016 MST CPE 5420 Data Integrity Algorithms 4
5 Hash Function Properties Easy to compute hash value for any given message Infeasible to generate message that has a given hash a data object that maps to a pre-specified hash result the one-way property Infeasible to modify message without changing hash Infeasible to find different messages with same hash two data objects that map to the same hash result the collision-free property 21 September 2016 MST CPE 5420 Data Integrity Algorithms 5
6 Hash Function Security Requirements Preimage resistant h = H(m), where m is called preimage it should be easy to generate the message it should be difficult to find message from hash value the one-way property Secondary preimage resistant given input m 1 it should be difficult to find another input m 2 such that m 1 m 2 and H(m 1 ) = H(m 2 ) also called weak collision resistant Collusion-free resistant infeasible to find (m 1, m 2 ) pair such that H(m 1 ) = H(m 2 ) also called strong collision-free resistant 21 September 2016 MST CPE 5420 Data Integrity Algorithms 6
7 Hash Algorithm General Operation Each algorithm can be described in two stages: preprocessing hash computation Preprocessing involves: padding a message parsing the padded message into m-bit blocks setting initialization values to be used in hash computation Hash computation involves: generating internal state from the padded message along with functions, constants, and word operations final hash value is used to determine the message digest 21 September 2016 MST CPE 5420 Data Integrity Algorithms 7
8 MD5 Overview MD5 is a message-digest algorithm Algorithm input is a message of arbitrary length Algorithm output is: a 128-bit fingerprint message digest MD5 was published in 1992 as RFC 1321 Attacks showed that it is not collision resistant MD6 is developed in 2008 by Rivest and his team 21 September 2016 MST CPE 5420 Data Integrity Algorithms 8
9 SHA Overview SHA: secure hash algorithm Published by NIST Evolution SHA-0: published in 1993 as SHA SHA-1: published in 1995, obsoleted in 2010, design by NSA SHA-2: published in 2001, designed by NSA SHA-3: latest draft FIPS 202 published in 2014 SHS published in FIPS SHA-2 and SHA-3 has many modes primarily depends on the digest size 21 September 2016 MST CPE 5420 Data Integrity Algorithms 9
10 SHA Modes SHA-0 SHA-1 SHA-2 SHA Digest size Message size Block size Word size No of rounds September 2016 MST CPE 5420 Data Integrity Algorithms 10
11 SHA-3 Algorithm Overview Based on KECCAK algorithm winner of NIST SHA competition Consists of: four cryptographic hash functions: SHA3-224, 256, 384, 512 two extendable-output functions: SHAKE-128, 256 Six functions share the sponge construction structure Sponge functions are a class of algorithms: with finite internal state that take an input bit stream of any length produce an output bit stream of any desired length 21 September 2016 MST CPE 5420 Data Integrity Algorithms 11
12 Data Integrity Algorithms Message Authentication Algorithms Hash algorithms Message authentication algorithms Digital signature algorithms 21 September 2016 MST CPE 5420 Data Integrity Algorithms 12
13 Message Authentication Overview Mechanism to verify the integrity of a message It ensures data is received as sent, no alterations: modification insertion deletion replay Hash function value of a message is referred a message digest or digest or fingerprint 21 September 2016 MST CPE 5420 Data Integrity Algorithms 13
14 Disclosure: Message Authentication Attacks 1 unauthorized release of message contents Traffic analysis: discovery of the pattern of traffic between parties Masquerade: insertion of messages from a fraudulent source Content modification: insertion, deletion, transposition, and modification 21 September 2016 MST CPE 5420 Data Integrity Algorithms 14
15 Message Authentication Attacks 2 Sequence modification: modification to a sequence of messages between parties Timing modification: delay or replay of messages Source repudiation: denial of transmission of message by source Destination repudiation: denial of receipt of message by destination 21 September 2016 MST CPE 5420 Data Integrity Algorithms 15
16 Message Authentication Symmetric Encryption Egemen K. Çetinkaya Services provided? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 16
17 Message Authentication Symmetric Encryption Egemen K. Çetinkaya Confidentiality and authentication 21 September 2016 MST CPE 5420 Data Integrity Algorithms 17
18 Message Authentication Public-key Encryption Egemen K. Çetinkaya Services provided? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 18
19 Message Authentication Public-key Encryption Egemen K. Çetinkaya Confidentiality and destination repudiation 21 September 2016 MST CPE 5420 Data Integrity Algorithms 19
20 Message Authentication Public-key Encryption Egemen K. Çetinkaya Services provided? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 20
21 Message Authentication Public-key Encryption Egemen K. Çetinkaya Authentication and source repudiation 21 September 2016 MST CPE 5420 Data Integrity Algorithms 21
22 Message Authentication Public-key Encryption Egemen K. Çetinkaya Services provided? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 22
23 Message Authentication Public-key Encryption Egemen K. Çetinkaya Confidentiality, authentication, and non-repudiation 21 September 2016 MST CPE 5420 Data Integrity Algorithms 23
24 Message Authentication Code Overview Message authentication is achieved using a message authentication code (MAC) also known as a keyed hash function Typically, MACs are used between two parties that share a secret key to authenticate information exchange A MAC function: MAC = C(K, M) takes input: a secret key and a data block and outputs: a hash value MACs are similar to encryption but no decryption (irreversible) and only compares 21 September 2016 MST CPE 5420 Data Integrity Algorithms 24
25 Message Authentication MAC Egemen K. Çetinkaya Services provided? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 25
26 Message Authentication MAC Egemen K. Çetinkaya Authentication 21 September 2016 MST CPE 5420 Data Integrity Algorithms 26
27 Message Authentication MAC Egemen K. Çetinkaya Services provided? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 27
28 Message Authentication MAC Confidentiality and authentication authentication tied to plaintext 21 September 2016 MST CPE 5420 Data Integrity Algorithms 28
29 Message Authentication MAC Egemen K. Çetinkaya Services provided? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 29
30 Message Authentication MAC Confidentiality and authentication authentication tied to ciphertext 21 September 2016 MST CPE 5420 Data Integrity Algorithms 30
31 HMAC Overview Keyed-Hashing for Message Authentication MAC mechanism based on crypto hash functions Published in RFC 2104 Can be used with MD5 or SHA-1 latest versions use SHA September 2016 MST CPE 5420 Data Integrity Algorithms 31
32 HMAC Block Sizes HMAC requires a cryptographic hash function and key cryptographic hash function H and a secret key K H to be a cryptographic hash function data is hashed on blocks of data B the byte-length of such blocks, B=64 L the byte-length of hash outputs L=16 for MD5, L=20 for SHA-1 Authentication key K can be of any length up to B the block length of the hash function if K is of length 20 bytes and B=64, then K will be appended with 44 zero bytes 0x00 the minimal recommended length for K is L bytes 21 September 2016 MST CPE 5420 Data Integrity Algorithms 32
33 HMAC Inner and Outer Pads Involves two fixed and different strings: inner pad (ipad) and outer pad (opad) ipad = the Byte 0x36 repeated B times opad = the Byte 0x5C repeated B times HMAC function is: H(K opad, H(K ipad, m)) 21 September 2016 MST CPE 5420 Data Integrity Algorithms 33
34 HMAC Operation HMAC function is: H(K opad, H(K ipad, m)) 1. Append zeros to end of K to create a B byte string 2. XOR B byte string computed in step (1) with ipad 3. Append (concatenate) stream of data (m) to 1. B byte string resulting from step (2) 4. Apply H to the stream generated in step (3) 5. XOR B byte string computed in step (1) with opad 6. Append the H result (4) to the B byte string from (5) 7. Apply H to stream generated in (6) and output result 21 September 2016 MST CPE 5420 Data Integrity Algorithms 34
35 Data Integrity Algorithms Digital Signature Algorithms Hash algorithms Message authentication algorithms Digital signature algorithms 21 September 2016 MST CPE 5420 Data Integrity Algorithms 35
36 Digital Signatures Overview The hash value is encrypted with a user s private key Anyone who knows the user s public key can verify the integrity of the message An attacker who wishes to alter the message would need to know the user s private key 21 September 2016 MST CPE 5420 Data Integrity Algorithms 36
37 Digital Signatures Algorithms Elgamal digital signature schemes Schnorr digital signature schemes Digital Signature Algorithm (DSA) Elliptic Curve Digital Signature Algorithm (ECDSA) RSA Probabilistic Signature Scheme (RSA-PSS) 21 September 2016 MST CPE 5420 Data Integrity Algorithms 37
38 Digital Signatures Generic Digital Signature Process Signature is generated with sender s private key Receiver verifies signature with sender s public key 21 September 2016 MST CPE 5420 Data Integrity Algorithms 38
39 Digital Signatures Generic Digital Signature Process Signature is generated with sender s private key Receiver verifies signature with sender s public key 21 September 2016 MST CPE 5420 Data Integrity Algorithms 39
40 Digital Signatures Properties It must verify author and date and time of signature It must authenticate contents at the time of signature digital signature function includes authentication function It must be verifiable by third parties to resolve disputes 21 September 2016 MST CPE 5420 Data Integrity Algorithms 40
41 Key-only attack Known message attack Digital Signatures Attacks Generic chosen message attack Directed chosen message attack Adaptive chosen message attack 21 September 2016 MST CPE 5420 Data Integrity Algorithms 41
42 Total break Universal forgery Selective forgery Existential forgery Digital Signatures Forgeries 21 September 2016 MST CPE 5420 Data Integrity Algorithms 42
43 Digital Signatures Requirements Signature must be a bit pattern that depends on the message being signed Signature must use information unique to sender to prevent both forgery and denial It must be relatively easy to produce signature It must be easy to recognize and verify the signature It must be infeasible to forge signature either by constructing new message for an existing signature by constructing a fraudulent signature for a given message It must be practical to retain signature in storage 21 September 2016 MST CPE 5420 Data Integrity Algorithms 43
44 Digital Signature Algorithms ElGamal Digital Signature Scheme uses of the private key for encryption Scheme uses the public key for decryption Global elements are a prime number q and α α is a primitive root of q Use private key for encryption (signing) Uses public key for decryption (verification) 21 September 2016 MST CPE 5420 Data Integrity Algorithms 44
45 Digital Signature Algorithms NIST Digital Signature Published by NIST as FIPS standard 186 FIPS-186-0: 1993 FIPS-186-1: 1996 FIPS-186-2: 2000 FIPS-186-3: 2009 FIPS-186-4: 2013 Makes use of the Secure Hash Algorithm (SHA) The latest version incorporates DSA based on: RSA elliptic curve cryptography 21 September 2016 MST CPE 5420 Data Integrity Algorithms 45
46 Digital Signatures Algorithms RSA Approach The hash code is encrypted using public-key encryption with the sender s private key this provides authentication It also provides a digital signature only sender could have produced the encrypted hash code 21 September 2016 MST CPE 5420 Data Integrity Algorithms 46
47 Digital Signatures Algorithms DSA Approach Hash code is provided as input to signature function along with a random number k The signature function also depends on: sender s private key a global public key 21 September 2016 MST CPE 5420 Data Integrity Algorithms 47
48 Digital Signatures Algorithms RSA vs. DSA Approach Egemen K. Çetinkaya 21 September 2016 MST CPE 5420 Data Integrity Algorithms 48
49 Data Integrity Algorithms What are the differences and similarities? Hash function? MAC? DS? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 49
50 Data Integrity Algorithms What are the differences and similarities? 21 September 2016 MST CPE 5420 Data Integrity Algorithms 50
51 References and Further Reading [KPS2002] Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 2nd edition, Prentice Hall, [S2017] William Stallings, Cryptography and Network Security: Principles and Practice, 7th edition, Prentice Hall, September 2016 MST CPE 5420 Data Integrity Algorithms 51
52 References and Further Reading Historic: MD2: RFC 1329, MD4: RFC 1320, MD5: RFC 1321 MD6: Draft SHS: FIPS SHS: FIPS SHA: RFC 6234 HMAC: RFC 2104, RFC 6151 DSS: FIPS Attacks on hash functions: RFC September 2016 MST CPE 5420 Data Integrity Algorithms 52
53 End of Foils 21 September 2016 MST CPE 5420 Data Integrity Algorithms 53
Spring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security MAC, HMAC, Hash functions and DSA Vinod Ganapathy Lecture 6 Message Authentication message authentication is concerned with: protecting the integrity of a message validating
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 13 Digital Signatures To guard against the baneful influence exerted by strangers is therefore an elementary dictate of savage
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard
Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Next Topic in Cryptographic Tools Symmetric key encryption Asymmetric key encryption Hash functions and
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationUnit III. Chapter 1: Message Authentication and Hash Functions. Overview:
Unit III Chapter 1: Message Authentication and Hash Functions Overview: Message authentication is a mechanism or service used to verify the integrity of a message. Message authentication assures that data
More informationDigital Signature. Raj Jain
Digital Signature Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationThe most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who
1 The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who exchange messages from any third party. However, it does
More informationSecurity Requirements
Message Authentication and Hash Functions CSCI 454/554 Security Requirements disclosure traffic analysis masquerade content modification sequence modification timing modification source repudiation destination
More informationCryptographic Hash Functions. Rocky K. C. Chang, February 5, 2015
Cryptographic Hash Functions Rocky K. C. Chang, February 5, 2015 1 This set of slides addresses 2 Outline Cryptographic hash functions Unkeyed and keyed hash functions Security of cryptographic hash functions
More informationRef:
Cryptography & digital signature Dec. 2013 Ref: http://cis.poly.edu/~ross/ 2 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References:
More information1. Digital Signatures 2. ElGamal Digital Signature Scheme 3. Schnorr Digital Signature Scheme 4. Digital Signature Standard (DSS)
Digital Signature Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 13-1 1. Digital Signatures 2.
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Network Access Control
Introduction to Network Security Missouri S&T University CPE 5420 Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology cetinkayae@mst.edu
More informationCryptography and Network Security Chapter 12. Message Authentication. Message Security Requirements. Public Key Message Encryption
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 12 Message Authentication Codes At cats' green on the Sunday he took the message from
More informationDigests Requirements MAC Hash function Security of Hash and MAC Birthday Attack MD5 SHA RIPEMD Digital Signature Standard Proof of DSS
UNIT III AUTHENTICATION Digests Requirements MAC Hash function Security of Hash and MAC Birthday Attack MD5 SHA RIPEMD Digital Signature Standard Proof of DSS Authentication Requirements Disclosure Release
More informationCS408 Cryptography & Internet Security
CS408 Cryptography & Internet Security Lecture 18: Cryptographic hash functions, Message authentication codes Functions Definition Given two sets, X and Y, a function f : X Y (from set X to set Y), is
More informationLecture 5. Cryptographic Hash Functions. Read: Chapter 5 in KPS
Lecture 5 Cryptographic Hash Functions Read: Chapter 5 in KPS 1 Purpose CHF one of the most important tools in modern cryptography and security CHF-s are used for many authentication, integrity, digital
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationMessage Authentication Codes and Cryptographic Hash Functions
Message Authentication Codes and Cryptographic Hash Functions Readings Sections 2.6, 4.3, 5.1, 5.2, 5.4, 5.6, 5.7 1 Secret Key Cryptography: Insecure Channels and Media Confidentiality Using a secret key
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution
Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University
More informationData Integrity. Modified by: Dr. Ramzi Saifan
Data Integrity Modified by: Dr. Ramzi Saifan Encryption/Decryption Provides message confidentiality. Does it provide message authentication? 2 Message Authentication Bob receives a message m from Alice,
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationS. Erfani, ECE Dept., University of Windsor Network Security
4.11 Data Integrity and Authentication It was mentioned earlier in this chapter that integrity and protection security services are needed to protect against active attacks, such as falsification of data
More informationMessage Authentication and Hash function 2
Message Authentication and Hash function 2 Concept and Example 1 SHA : Secure Hash Algorithm Four secure hash algorithms, SHA-11, SHA-256, SHA-384, and SHA-512. All four of the algorithms are iterative,
More informationKALASALINGAM UNIVERSITY
KALASALINGAM UNIVERSITY (Kalasalingam Academy of Research and Education) DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CLASS NOTES CRYPTOGRAPHY AND NETWOTK SECURITY (CSE 405) Prepared by M.RAJA AP/CSE
More informationDigital Signatures. Luke Anderson. 7 th April University Of Sydney.
Digital Signatures Luke Anderson luke@lukeanderson.com.au 7 th April 2017 University Of Sydney Overview 1. Digital Signatures 1.1 Background 1.2 Basic Operation 1.3 Attack Models Replay Naïve RSA 2. PKCS#1
More informationCryptography and Network Security Chapter 13. Digital Signatures & Authentication Protocols
Cryptography and Network Security Chapter 13 Digital Signatures & Authentication Protocols Digital Signatures have looked at message authentication but does not address issues of lack of trust digital
More informationMessage authentication codes
Message authentication codes Martin Stanek Department of Computer Science Comenius University stanek@dcs.fmph.uniba.sk Cryptology 1 (2017/18) Content Introduction security of MAC Constructions block cipher
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationCryptographic Hash Functions
Cryptographic Hash Functions Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 34 Cryptographic Hash Functions A hash function provides message integrity and authentication
More informationCryptographic Hash Functions. William R. Speirs
Cryptographic Hash Functions William R. Speirs What is a hash function? Compression: A function that maps arbitrarily long binary strings to fixed length binary strings Ease of Computation: Given a hash
More informationCryptography. Summer Term 2010
Summer Term 2010 Chapter 2: Hash Functions Contents Definition and basic properties Basic design principles and SHA-1 The SHA-3 competition 2 Contents Definition and basic properties Basic design principles
More informationUNIT III 3.1DISCRETE LOGARITHMS
UNIT III Discrete Logarithms Computing discrete logs Diffie-Hellman key exchange ElGamal Public key cryptosystems Hash functions Secure Hash - MD5 Digital signatures RSA ElGamal Digital signature scheme.
More information06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security
1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security Dr. L. Christofi 1 0. Overview As the knowledge of computer networking and protocols has become more widespread, so the threat of
More informationKurose & Ross, Chapters (5 th ed.)
Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and
More informationContents Digital Signatures Digital Signature Properties Direct Digital Signatures
Contents Digital Signatures... 197 Digital Signature Properties... 198 Direct Digital Signatures... 198 199...قابلداوری Arbitrated Digital Signatures Arbitrated Digital Signature Technaiques... 200 Authentication
More informationMessage authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:
Message authentication and secure hashing Why message authentication To prevent against: Masquerade/impersonation Modification of message content Modification of message sequence Acceptance of replayed/delayed
More informationUNIT - IV Cryptographic Hash Function 31.1
UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service
More informationUnit 8 Review. Secure your network! CS144, Stanford University
Unit 8 Review Secure your network! 1 Basic Problem Internet To first approximation, attackers control the network Can snoop, replay, suppress, send How do we defend against this? Communicate securely despite
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationCryptography and Network Security Chapter 13. Fourth Edition by William Stallings. Lecture slides by Lawrie Brown
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 13 Digital Signatures & Authentication Protocols To guard against the baneful influence
More informationLecture 5. Cryptographic Hash Functions. Read: Chapter 5 in KPS
Lecture 5 Cryptographic Hash Functions Read: Chapter 5 in KPS 1 Purpose CHF one of the most important tools in modern cryptography and security In crypto, CHF instantiates a Random Oracle paradigm In security,
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationUNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 10 Digital Signatures Israel Koren ECE597/697 Koren Part.10.1 Content of this part
More informationCS 645 : Lecture 6 Hashes, HMAC, and Authentication. Rachel Greenstadt May 16, 2012
CS 645 : Lecture 6 Hashes, HMAC, and Authentication Rachel Greenstadt May 16, 2012 Reminders Graded midterm, available on bbvista Project 3 out (crypto) Hash Functions MAC HMAC Authenticating SSL Man-in-the-middle
More informationHash Function. Guido Bertoni Luca Breveglieri. Fundations of Cryptography - hash function pp. 1 / 18
Hash Function Guido Bertoni Luca Breveglieri Fundations of Cryptography - hash function pp. 1 / 18 Definition a hash function H is defined as follows: H : msg space digest space the msg space is the set
More informationJaap van Ginkel Security of Systems and Networks
Jaap van Ginkel Security of Systems and Networks November 17, 2016 Part 3 Modern Crypto SSN Modern Cryptography Hashes MD5 SHA Secret key cryptography AES Public key cryptography DES Presentations Minimum
More informationCSCI 454/554 Computer and Network Security. Topic 4. Cryptographic Hash Functions
CSCI 454/554 Computer and Network Security Topic 4. Cryptographic Hash Functions Hash function lengths Outline Hash function applications MD5 standard SHA-1 standard Hashed Message Authentication Code
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationOutline. Hash Function. Length of Hash Image. AIT 682: Network and Systems Security. Hash Function Properties. Question
Hash function lengths Outline AIT 682: Network and Systems Security Topic 4. Cryptographic Hash Functions Instructor: Dr. Kun Sun Hash function applications MD5 standard SHA-1 standard Hashed Message Authentication
More informationOutline. AIT 682: Network and Systems Security. Hash Function Properties. Topic 4. Cryptographic Hash Functions. Instructor: Dr.
AIT 682: Network and Systems Security Topic 4. Cryptographic Hash Functions Instructor: Dr. Kun Sun Hash function lengths Outline Hash function applications MD5 standard SHA-1 standard Hashed Message Authentication
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationAppendix A: Introduction to cryptographic algorithms and protocols
Security and Cooperation in Wireless Networks http://secowinet.epfl.ch/ Appendix A: Introduction to cryptographic algorithms and protocols 2007 Levente Buttyán and Jean-Pierre Hubaux symmetric and asymmetric
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationNetwork and System Security
Network and System Security Lecture 5 2/12/2013 Hashes and Message Digests Mohammad Almalag 1 Overview 1. What is a cryptographic hash? 2. How are hashes used? 3. One-Way Functions 4. Birthday Problem
More informationCOMP4109 : Applied Cryptography
COMP4109 : Applied Cryptography Fall 2013 M. Jason Hinek Carleton University Applied Cryptography Day 2 information security cryptographic primitives unkeyed primitives NSA... one-way functions hash functions
More informationSymmetric, Asymmetric, and One Way Technologies
Symmetric, Asymmetric, and One Way Technologies Crypto Basics Ed Crowley Fall 2010 1 Topics: Symmetric & Asymmetric Technologies Kerckhoff s Principle Symmetric Crypto Overview Key management problem Attributes
More informationח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms
Public Key Cryptography Kurose & Ross, Chapters 8.28.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) AddisonWesley, April 2009. Copyright 19962010,
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationData Integrity & Authentication. Message Authentication Codes (MACs)
Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity of messages, even in presence of an active adversary who sends own messages. Alice (sender) Bob (receiver) Fran
More informationCryptographic Systems
CPSC 426/526 Cryptographic Systems Ennan Zhai Computer Science Department Yale University Recall: Lec-10 In lec-10, we learned: - Consistency models - Two-phase commit - Consensus - Paxos Lecture Roadmap
More informationPrincess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)
Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content
More informationDeploying a New Hash Algorithm. Presented By Archana Viswanath
Deploying a New Hash Algorithm Presented By Archana Viswanath 1 function? Hash function - takes a message of any length as input - produces a fixed length string as output - termed as a message digest
More informationHashes, MACs & Passwords. Tom Chothia Computer Security Lecture 5
Hashes, MACs & Passwords Tom Chothia Computer Security Lecture 5 Today s Lecture Hashes and Message Authentication Codes Properties of Hashes and MACs CBC-MAC, MAC -> HASH (slow), SHA1, SHA2, SHA3 HASH
More informationA hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 5 5.1 A hash function is an efficient function mapping binary strings of arbitrary length to binary strings of fixed length (e.g. 128 bits), called the hash-value
More informationSlides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013
Digital Signatures Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013 Digital Signatures Diagram illustrating how to sign a message Why do we use a one-way hash? How does a collision
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 12 Hash Algorithms Each of the messages, like each one he had ever read of Stern's commands,
More informationECE 646 Lecture 11. Hash functions & MACs. Digital Signature. message. hash. function. Alice. Bob. Alice s public key. Alice s private key
ECE 646 Lecture 11 Hash functions & MACs Digital Signature Alice Message Signature Message Signature Bob Hash function Hash function Hash value Public key algorithm yes Hash value 1 Hash value 2 no Public
More informationMessage Authentication and Hash function
Message Authentication and Hash function Concept and Example 1 Approaches for Message Authentication Encryption protects message against passive attack, while Message Authentication protects against active
More informationSRI VENKATESWARA COLLEGE OF ENGINEERING
COURSE DELIVERY PLAN - THEORY Page 1 of 6 Department of Information Technology B.E/B.Tech :IT/CS Regulation:2013 LP: CS6701 Rev. No: 01 Date: 30.06.2017 Sub. Code / Sub. Name : CS6701 CRYPTOGRAPHY & NETWORK
More informationA hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 8 Hash Functions 8.1 Hash Functions Hash Functions A hash function is an efficient function mapping binary strings of arbitrary length to binary strings of fixed
More informationChapter 6. New HASH Function. 6.1 Message Authentication. Message authentication is a mechanism or service used for verifying
Chapter 6 New HASH Function 6.1 Message Authentication Message authentication is a mechanism or service used for verifying the integrity of a message. Message authentication assures that the data received
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationCryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL
Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Transpositional Ciphers-A Review Decryption 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Encryption 1 2 3 4 5 6 7 8 A G O O D F R I E N D I S A T R E
More informationROEVER ENGINEERING COLLEGE Elambalur,Perambalur DEPARTMENT OF CSE NP UNIT-I
1.List out the features of x.25 ROEVER ENGINEERING COLLEGE Elambalur,Perambalur-621212 DEPARTMENT OF CSE NP UNIT-I * Call control packets, used for setting up and clearing virtual circuits, are carried
More informationIntroduction to Cryptography. Lecture 6
Introduction to Cryptography Lecture 6 Benny Pinkas page 1 1 Data Integrity, Message Authentication Risk: an active adversary might change messages exchanged between Alice and Bob M Alice M M M Bob Eve
More informationIntroduction to Software Security Hash Functions (Chapter 5)
Introduction to Software Security Hash Functions (Chapter 5) Seong-je Cho Spring 2018 Computer Security & Operating Systems Lab, DKU Sources / References Textbook, Chapter 5. An Illustrated Guide to Cryptographic
More informationSecurity: Cryptography
Security: Cryptography Computer Science and Engineering College of Engineering The Ohio State University Lecture 38 Some High-Level Goals Confidentiality Non-authorized users have limited access Integrity
More informationISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)
Outline ISA 662 Internet Security Protocols Some Math Essentials & History Asymmetric signatures and key exchange Asymmetric encryption Symmetric MACs Lecture 2 ISA 662 1 2 Beauty of Mathematics Demonstration
More informationIntegrity of messages
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 106 Integrity of messages Goal: Ensure change of message by attacker can be detected Key tool: Cryptographic hash function Definition
More informationEEC-682/782 Computer Networks I
EEC-682/782 Computer Networks I Lecture 23 Wenbing Zhao wenbingz@gmail.com http://academic.csuohio.edu/zhao_w/teaching/eec682.htm (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB
More informationNetwork Working Group Request for Comments: 2085 Category: Standards Track NIST February HMAC-MD5 IP Authentication with Replay Prevention
Network Working Group Request for Comments: 2085 Category: Standards Track M. Oehler NSA R. Glenn NIST February 1997 Status of This Memo HMAC-MD5 IP Authentication with Replay Prevention This document
More informationSummary on Crypto Primitives and Protocols
Summary on Crypto Primitives and Protocols Levente Buttyán CrySyS Lab, BME www.crysys.hu 2015 Levente Buttyán Basic model of cryptography sender key data ENCODING attacker e.g.: message spatial distance
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,
More informationKey Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings
Key Exchange References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings Outlines Primitives Root Discrete Logarithm Diffie-Hellman ElGamal Shamir s Three Pass
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 10 David Aspinall School of Informatics University of Edinburgh 10th February 2011 Outline Basics Constructing signature schemes Security of
More informationOther Topics in Cryptography. Truong Tuan Anh
Other Topics in Cryptography Truong Tuan Anh 2 Outline Public-key cryptosystem Cryptographic hash functions Signature schemes Public-Key Cryptography Truong Tuan Anh CSE-HCMUT 4 Outline Public-key cryptosystem
More informationIntroduction to Cryptography. Vasil Slavov William Jewell College
Introduction to Cryptography Vasil Slavov William Jewell College Crypto definitions Cryptography studies how to keep messages secure Cryptanalysis studies how to break ciphertext Cryptology branch of mathematics,
More informationENEE 459-C Computer Security. Message authentication
ENEE 459-C Computer Security Message authentication Data Integrity and Source Authentication Encryption does not protect data from modification by another party. Why? Need a way to ensure that data arrives
More informationLecture 4: Authentication and Hashing
Lecture 4: Authentication and Hashing Introduction to Modern Cryptography 1 Benny Applebaum Tel-Aviv University Fall Semester, 2011 12 1 These slides are based on Benny Chor s slides. Some Changes in Grading
More informationCSC/ECE 774 Advanced Network Security
Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;
More informationThe question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the
More informationP2_L8 - Hashes Page 1
P2_L8 - Hashes Page 1 Reference: Computer Security by Stallings and Brown, Chapter 21 In this lesson, we will first introduce the birthday paradox and apply it to decide the length of hash, in order to
More informationBetriebssysteme und Sicherheit. Stefan Köpsell, Thorsten Strufe. Modul 5: Mechanismen Integrität
Betriebssysteme und Sicherheit Stefan Köpsell, Thorsten Strufe Modul 5: Mechanismen Integrität Disclaimer: large parts from Mark Manulis, Dan Boneh, Stefan Katzenbeisser Dresden, WS 17/18 Reprise from
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 19th February 2009 Outline Basics Constructing signature schemes Security of
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More information