Applied Cryptography Protocol Building Blocks
|
|
- Jonas May
- 6 years ago
- Views:
Transcription
1 Applied Cryptography Protocol Building Blocks Sape J. Mullender Huygens Systems Research Laboratory Universiteit Twente Enschede 1
2 Protocols An algorithm describes a series of steps carried out by a process to accomplish a task. A protocol can be viewed as a description of the communication steps that are carried out by two or more communicating processes to carry out a task, or, if you like, a distributed algorithm. 2
3 Cryptographic Protocols In cryptographic protocols we are concerned with unintended anonymous participants (eavesdroppers or active intruders) which makes it necessary to design the protocols in such a way that Participants learn only what the protocol intends them to learn, Protocol messages provide useful information only to genuine participants Protocol messages are designed so that only genuine participants can generate them 3
4 Arbitrated Protocol Example: buying a house (Dutch protocol). Buyer and seller agree on a trusted third party, the arbitrator. In this example, the arbitrator is a notary public. Buyer gives money to the arbitrator, who keeps it in escrow, The arbitrator verifies seller s title to the house and lets the seller sign the transfer of title to the buyer. The arbitrator then gives the escrowed money to the seller. 4
5 Arbitrated and Adjudicated Protocols Trent Alice Arbitrated Protocol Bob Alice Evidence Bob Evidence Trent Adjudicated Protocol 5
6 Passive and Active Attacks Alice Eve Bob Plaintext Encryption Sender A E(M) = C Ciphertext Decryption Plaintext M Receiver B D(C) = M Mallory Alice Modification Insertion Deletion Replay Bob Plaintext Encryption M Sender A E(M) = C Ciphertext Decryption Plaintext M Receiver B D(C) = M 6
7 Cheaters A malicious participant in a protocol is called a cheater. There are many protocols that defend against cheating. Banking protocols are an obvious example. Passive cheaters run a protocol according to its rules, but try to obtain information they are not supposed to get. Active cheaters abuse protocols in order to mislead other participants. 7
8 Symmetric Cryptography Alice Bob Encryption Decryption Encryption Decryption M Encryption C Decryption M 8
9 Key Issues Keys must be distributed in secret If keys are compromised, all traffic encrypted with that key may be exposed Each pair of principals requires a separate key n principals need n(n 1)/2 keys Key management is really, really important! 9
10 One-way functions One-way functions have many functions in cryptographic algorithms. Given x and a one-way function f, y = f (x) is relatively easy to compute, but given y and f, finding x : y = f (x) is computationally infeasible. 10
11 Computationally Infeasible Cryptographic algorithms rely on the property that it is easy to encrypt or decrypt messages with the appropriate keys, or calculate digests, but very hard to find keys. The RSA public-key cryptosystem, for example, relies on the fact that, given two large prime numbers p, and q, it is easy to compute n = p q, but, given only n, it is very difficult indeed to factor n into its constituents p and q. There are no mathematical proofs for the difficulty of breaking any cryptographic algorithm; in fact, algorithms are broken with frightening regularity. 11
12 One-way Hash Many names: one-way hash function, message digest, fingerprint, cryptographic checksum, message integrity check (MIC), manipulation-detection code. A message digest takes a variable-length string (which could be as large as a whole book) and computes a fixed-length (e.g., 128 bits) one-way function with the property that: given the message digest and, if you like, the string that produced it it is computationally infeasible to produce a different string with the same digest. Hash functions are usually not secret. They are intended to prevent tampering. 12
13 Message Authentication Code A message authentication code (MAC) or data authentication code (DAC) is a message digest of a message and a secret key. If you know the secret key, you can verify the MAC. 13
14 Public-Key Cryptography Alice Bob Encryption Decryption Encryption Decryption M Encryption C Decryption M 14
15 Key Management Note that Eve learns nothing useful from this exchange: she learns Bob s public key, but that key is useless for decrypting Alice s message. Bob s public key is exactly what it says: public. Everybody could put their public key is a database and Alice could get Bob s key from there. The number of keys goes up linearly with the number of principals, not quadratically as in the case of symmetric cryptosystems. 15
16 Symmetric Algorithms in Practice There are many official and unofficial standards for symmetric encryption: DES, Triple-DES, IDEA, RC5, Blowfish,... Symmetric encryption is quite fast: with hardware support, DES runs at 200 MBps; in software, DES will do 2 MBps on a Pentium II at 400 MHz. IDEA is twice as fast. Software Blowfish five times. RC5 is three to four. Triple-DES is three times slower (naturally). DES has a small key: 56 bits. All other useful cryptographic systems have bigger keys. IDEA has a 128-bit key. Standards with keys smaller than 56 bits are only popular with governments for obvious reasons. 16
17 Asymmetric Algorithms in Practice The notion of asymmetric cryptography was invented by Diffie and Hellman in the mid-seventies. The first practical algorithm was invented a few years later by Rivest, Shamir and Adleman. There is now a small set of known algorithms, but RSA remains the best known. With hardware support, speeds of 100 megabytes per second have been achieved; in software, speeds are only a few kilobytes per second (1024-bit key). Keys are much larger for asymmetric encryption. 17
18 Hybrid Cryptosystems Since asymmetric cryptography has more functionality and symmetric encryption is much faster, it is interesting to combine the two: Asymmetric cryptography can be used to authenticate the parties and to agree on a key for a symmetric cryptosystem. That key is then used for the duration of a single session. This has a number of advantages... 18
19 Advantages of Hybrid Cryptoystems The amount of encryption with long-term keys is minimized, thus reducing the probability of compromise of those keys. The session key is used for encrypting the bulk of the data, but it is used only once. If this key is compromised, the damage is limited. One has to be careful what gets encrypted with a publickey system: The attacker knows the (public) encryption key, so, any time the number of different messages is small, an attacker can encrypt each one to see if it encrypts to the encrypted message that was sent. 19
20 Digital Signatures We want to create a digital analogue of the handwritten signature that has the same important properties. It is 1. Authentic: the recipient believes the signer deliberately signed the document. 2. Unforgeable: the signature proves that the signer, and nobody else, signed the document. 3. Single purpose: the signature is attached to the document and cannot be moved to a different one. 4. Unalterable: after it has been signed, the document can no longer be changed. 5. Unrepudiable: after the fact, the signer can not successfully deny having signed the document. 20
21 Digital Signatures with an Arbitrator Trent, the arbitrator is trusted by everyone. What he says is true. Alice shares K AT with Trent; only Alice and Trent know K AT. Bob shares K BT with Trent; only Bob and Trent know K BT. 1. {B needs M} KAT 2. {A says M} KBT Properties: (1) Authentic; (2) Unforgeable; (3) Single purpose; (4) Unalterable; (5) Unrepudiable; 21
22 More Properties of Symmetric Signatures Bob cannot show Alice s signed message to Carol. He has to ask Trent to show it to her: 1. {C needs {A says M} KBT } KBT 2. {A says M} KT C Or, if you like accuracy and complexity: 1. {C needs {A says M}} KBT 2. {{B says A says M} {A oncesaid B needs M} 22
23 Trent is a Liability Trent has to be absolutely trustworthy. If he makes mistakes, no matter how rarely, nobody is going to trust him. And if his database of shared keys should ever be compromised, the world around him would collapse. Trent is in the path of every signed communication. makes Trent a bottleneck. This Replicating Trent may solve that problem, but it makes the problem of making him truly worthy of his trust so much more complicated. It really would be nice if there were something better. 23
24 Signatures with Public-Key Cryptography Some public-key algorithms are almost symmetric they can be used in two directions: anything encrypted with one key can be decrypted with the other. We use this as follows (remember our notation: K is the public key, K 1 is the private key): 1. A says {M} K 1 A 2. {{M} K 1 } K A A =? M Properties: (1) Authentic; (2) Unforgeable; (3) Single purpose; (4) Unalterable; (5) Unrepudiable; 24
25 Timestamps Signed messages without timestamps are vulnerable to replay attacks. Suppose Alice s message was a digital cheque. Bob could then try to cash it multiple times. If Alice s message contained a timestamp remember Logical Clocks? Sequence numbers are timestamps too the bank could (and would) recognize replay attack by keeping track of timestamps. 25
26 Signatures and Digests Public-key encryption is slow. Signing a large message by encrypting it with PK encryption is a time-consuming affair. A practical alternative is to compute a one-way hash of the message and to encrypt that with a secret key instead: 1. A says M {H(M)} K 1 A 2. {{H(M)} K 1 } K A A =? H(M) This works, because one-way hashes are designed such that the probability that an attacker can find a message M such that H(M ) = H(M) is vanishingly small. 26
27 Multiple Signatures With hashes, a document M can easily carry multiple signatures. Each signature is a fixed-length encryption of the message digest, using a different secret key each time: M, {H(M)} K 1 A, {H(M)} KB 1, {H(M)} KC 1 Notation: S A (M) or {M} SA is message M signed by Alice. V A (S A (M))=? M is the verification. 27
28 Repudiation of Digital Signatures Alice signs M and then she conveniently loses her key. When confronted with M and her signature, she denies ever having signed it and points out that she has lost her key. Repudiation is denying something you did. Time stamps help to some extent. In digital payment schemes, nonrepudiation is important. Locking secret keys in tamperproof environments (such as smart cards one day hope to be) helps a lot. 28
29 Signed and Sealed Messages Here s the cryptographic equivalent of signing a letter and putting it into a sealed envelope. 1. E B (S A (M)) 2. V A (D B (E B (S A (M))))=? M 29
30 You could try it the other way round 1. S A (E B (M)) 2. D B (V A (S A (E B (M))))=? M But: 1. S A (E B (M)) 2. S M (E B (M)) [= S M (V A (S A (E B (M))))] Never sign anything you can t read! 30
31 Not a Good Receipt 1. E B (S A (M)) 2. V A (D B (E B (S A (M))))=? M 3. E A (S B (M)) 31
32 Here s why (V = E and S = D) 1. E B (D A (M)) (message for Bob) 2. E B (D A (M)) (literal replay) 3. E M (D B (E B (D A (M)))) = E M (D A (M)) (gibberis 4. E M (D B (E M (D A (M)))) (receipt) 5. D M (E B (D M (E M (D B (E M (D A (M))))))) = M (!) Never, ever, encrypt something you didn t generate yourself! 32
33 A Better Receipt 1. E B (S A (M), N A ) 2. V A (D B (E B (S A (M))))=? M 1. S B (N A, N B ) N A is a random number used as a nonce. Bob adds N B so that he doesn t encrypt something he didn t generate himself. 33
34 Lessons Don t sign something you can t read Don t sign or encrypt something you didn t generate Don t use exactly the same algorithm/key for signing and decrypting Use timestamps or nonces to prevent replay attacks Don t respond to gibberish (and make sure messages you send don t look like gibberish) 34
35 Certificates How does Bob know Alice s public key? Alice could tell Bob, but Mallory could change the message. We need Trent as a universally trusted agent. Trent, in his role of certification authority or key distribution center, constructs messages of the form: S T (T T, Alice s public key is K A ), where T T is Trent s timestamp and T S is, of course, Trent s signature. Trent s messages are certificates, signed and dated statements. Trent can send them when somebody needs them, or he can put them in a database, for others to retrieve. 35
36 Random Numbers Keys and nonces are almost always generated with the help of a random-number generator. If you don t use a good random number generator, it is likely your enemies can guess your keys. It s happened. 36
37 Good random numbers The number of zeroes and ones is approximately equal Half the runs should be of length one, a quarter of length two, etc. A random sequence must not be compressible It must be computationally infeasible to predict the next bit, even knowing the algorithm and all the previous bits (but not the internal state of the generator) 37
38 Using Random Number Devices Devices exist that measure quantom noise in a resistor and convert that to sequences of ones and zeroes. This is about as random as you can get. Some programs use humans as a source of quantum noise: the user is requested to rattle the keyboard; keystrokes and their timings are used to provide a sequence of seeds for a pseudo random-number generator 38
Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings
Key Exchange References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings Outlines Primitives Root Discrete Logarithm Diffie-Hellman ElGamal Shamir s Three Pass
More informationCryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III
Cryptography III Public-Key Cryptography Digital Signatures 2/1/18 Cryptography III 1 Public Key Cryptography 2/1/18 Cryptography III 2 Key pair Public key: shared with everyone Secret key: kept secret,
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationOther Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?
ryptography Goals Protect private communication in the public world and are shouting messages over a crowded room no one can understand what they are saying 1 Other Uses of ryptography Authentication should
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationASYMMETRIC CRYPTOGRAPHY
ASYMMETRIC CRYPTOGRAPHY CONTENT: 1. Number Theory 2. One Way Function 3. Hash Function 4. Digital Signature 5. RSA (Rivest-Shamir Adleman) References: 1. Applied Cryptography, Bruce Schneier 2. Cryptography
More informationKurose & Ross, Chapters (5 th ed.)
Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and
More informationKey Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature
Key Management Digital signatures: classical and public key Classic and Public Key exchange 1 Handwritten Signature Used everyday in a letter, on a check, sign a contract A signature on a signed paper
More informationCSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography Outline 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms
Public Key Cryptography Kurose & Ross, Chapters 8.28.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) AddisonWesley, April 2009. Copyright 19962010,
More informationOutline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography 1. Introduction 2. RSA Outline 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationOutline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)
Outline AIT 682: Network and Systems Security 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard Topic 5.2 Public Key Cryptography Instructor: Dr. Kun Sun 2 Public Key
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationChapter 9: Key Management
Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #9-1 Overview Key exchange Session vs. interchange
More informationPublic Key Algorithms
Public Key Algorithms 1 Public Key Algorithms It is necessary to know some number theory to really understand how and why public key algorithms work Most of the public key algorithms are based on modular
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationApplied Cryptography Basic Protocols
Applied Cryptography Basic Protocols Sape J. Mullender Huygens Systems Research Laboratory Universiteit Twente Enschede 1 Session keys It is prudent practice to use a different key for each session. This
More informationWhat did we talk about last time? Public key cryptography A little number theory
Week 4 - Friday What did we talk about last time? Public key cryptography A little number theory If p is prime and a is a positive integer not divisible by p, then: a p 1 1 (mod p) Assume a is positive
More informationUNIT - IV Cryptographic Hash Function 31.1
UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service
More informationkey distribution requirements for public key algorithms asymmetric (or public) key algorithms
topics: cis3.2 electronic commerce 24 april 2006 lecture # 22 internet security (part 2) finish from last time: symmetric (single key) and asymmetric (public key) methods different cryptographic systems
More information14. Internet Security (J. Kurose)
14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More informationComputer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationKey Establishment and Authentication Protocols EECE 412
Key Establishment and Authentication Protocols EECE 412 1 where we are Protection Authorization Accountability Availability Access Control Data Protection Audit Non- Repudiation Authentication Cryptography
More informationThe Design of an Anonymous and a Fair Novel E-cash System
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 2, Number 2 (2012), pp. 103-109 International Research Publications House http://www. ripublication.com The Design of
More informationPublic Key Algorithms
CSE597B: Special Topics in Network and Systems Security Public Key Cryptography Instructor: Sencun Zhu The Pennsylvania State University Public Key Algorithms Public key algorithms RSA: encryption and
More informationCS 161 Computer Security
Popa & Wagner Spring 2016 CS 161 Computer Security Discussion 5 Week of February 19, 2017 Question 1 Diffie Hellman key exchange (15 min) Recall that in a Diffie-Hellman key exchange, there are values
More informationCryptographic Checksums
Cryptographic Checksums Mathematical function to generate a set of k bits from a set of n bits (where k n). k is smaller then n except in unusual circumstances Example: ASCII parity bit ASCII has 7 bits;
More informationA simple approach of Peer-to-Peer E-Cash system
A simple approach of Peer-to-Peer E-Cash system Mr. Dharamvir, Mr. Rabinarayan Panda Asst. Professor, Dept. of MCA, The Oxford College of Engineering Bangalore, India. Abstract-With the popularization
More information2.1 Basic Cryptography Concepts
ENEE739B Fall 2005 Part 2 Secure Media Communications 2.1 Basic Cryptography Concepts Min Wu Electrical and Computer Engineering University of Maryland, College Park Outline: Basic Security/Crypto Concepts
More informationProtocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh
Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols
More informationCS Computer Networks 1: Authentication
CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores
More informationData Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II
Data Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II Hello and welcome to today's lecture on secured communication.
More informationChapter 9 Public Key Cryptography. WANG YANG
Chapter 9 Public Key Cryptography WANG YANG wyang@njnet.edu.cn Content Introduction RSA Diffie-Hellman Key Exchange Introduction Public Key Cryptography plaintext encryption ciphertext decryption plaintext
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 11 October 4, 2017 CPSC 467, Lecture 11 1/39 ElGamal Cryptosystem Message Integrity and Authenticity Message authentication codes
More informationIntroduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell
Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell 1 Cryptography Merriam-Webster Online Dictionary: 1. secret writing 2. the enciphering and deciphering
More informationCS61A Lecture #39: Cryptography
Announcements: CS61A Lecture #39: Cryptography Homework 13 is up: due Monday. Homework 14 will be judging the contest. HKN surveys on Friday: 7.5 bonus points for filling out their survey on Friday (yes,
More informationProtecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets
Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures MIS5206 Week 11 Identity and Access Control Week 10 continued Cryptography, Public Key Encryption and
More informationLecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005
Lecture 30 Security April 11, 2005 Cryptography K A ciphertext Figure 7.3 goes here K B symmetric-key crypto: sender, receiver keys identical public-key crypto: encrypt key public, decrypt key secret Symmetric
More informationChapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations; and can add,
More informationGrenzen der Kryptographie
Microsoft Research Grenzen der Kryptographie Dieter Gollmann Microsoft Research 1 Summary Crypto does not solve security problems Crypto transforms security problems Typically, the new problems relate
More informationIssues. Separation of. Distributed system security. Security services. Security policies. Security mechanism
Module 9 - Security Issues Separation of Security policies Precise definition of which entities in the system can take what actions Security mechanism Means of enforcing that policy Distributed system
More informationRef:
Cryptography & digital signature Dec. 2013 Ref: http://cis.poly.edu/~ross/ 2 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References:
More informationNETWORK SECURITY & CRYPTOGRAPHY
Assignment for IT Applications in Management Project On NETWORK SECURITY & CRYPTOGRAPHY Course Instructor Submitted By: Mr. ANIL KUMAR ROHIT BARVE 2013240 Section E PGDM 2013-15 Table of Contents Chapter
More informationBasic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline
CSC/ECE 574 Computer and Network Security Topic 2. Introduction to Cryptography 1 Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationComputer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography
Chapter 7: Network security 15-441 Computer Networking Network Security: Cryptography, Authentication, Integrity Foundations: what is security? cryptography authentication message integrity key distribution
More informationSpring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 7 Topic: Key exchange protocols Material: Class handout (lecture7_handout.pdf) Chapter 2 in Anderson's book. Today s agenda Key exchange basics
More informationInformation Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1
Information Security message M one-way hash fingerprint f = H(M) 4/19/2006 Information Security 1 Outline and Reading Digital signatures Definition RSA signature and verification One-way hash functions
More informationVerteilte Systeme (Distributed Systems)
Verteilte Systeme (Distributed Systems) Lorenz Froihofer l.froihofer@infosys.tuwien.ac.at http://www.infosys.tuwien.ac.at/teaching/courses/ VerteilteSysteme/ Security Threats, mechanisms, design issues
More informationChapter 13. Digital Cash. Information Security/System Security p. 570/626
Chapter 13 Digital Cash Information Security/System Security p. 570/626 Introduction While cash is used in illegal activities such as bribing money laundering tax evasion it also protects privacy: not
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More information0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationDigital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)
Message Authentication Code (MAC) Key-dependent one-way hash function Only someone with a correct key can verify the hash value Easy way to turn one-way hash function into MAC is to encrypt hash value
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 19th February 2009 Outline Basics Constructing signature schemes Security of
More informationECEN 5022 Cryptography
Introduction University of Colorado Spring 2008 Historically, cryptography is the science and study of secret writing (Greek: kryptos = hidden, graphein = to write). Modern cryptography also includes such
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.5 Public Key Algorithms CSC 474/574 Dr. Peng Ning 1 Public Key Algorithms Public key algorithms covered in this class RSA: encryption and digital signature
More informationDigital Signatures. Luke Anderson. 7 th April University Of Sydney.
Digital Signatures Luke Anderson luke@lukeanderson.com.au 7 th April 2017 University Of Sydney Overview 1. Digital Signatures 1.1 Background 1.2 Basic Operation 1.3 Attack Models Replay Naïve RSA 2. PKCS#1
More informationComputer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
More informationIntroduction to Cryptography. Vasil Slavov William Jewell College
Introduction to Cryptography Vasil Slavov William Jewell College Crypto definitions Cryptography studies how to keep messages secure Cryptanalysis studies how to break ciphertext Cryptology branch of mathematics,
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 10 David Aspinall School of Informatics University of Edinburgh 10th February 2011 Outline Basics Constructing signature schemes Security of
More informationLecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that
More informationModule: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security
CMPSC443 - Introduction to Computer and Network Security Module: Cryptographic Protocols Professor Patrick McDaniel Spring 2009 1 Key Distribution/Agreement Key Distribution is the process where we assign
More informationCSC 774 Network Security
CSC 774 Network Security Topic 2. Review of Cryptographic Techniques CSC 774 Dr. Peng Ning 1 Outline Encryption/Decryption Digital signatures Hash functions Pseudo random functions Key exchange/agreement/distribution
More informationMore on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017
More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017 Page 1 Outline Desirable characteristics of ciphers Stream and block ciphers Cryptographic modes Uses of cryptography Symmetric
More informationSecurity: Cryptography
Security: Cryptography Computer Science and Engineering College of Engineering The Ohio State University Lecture 38 Some High-Level Goals Confidentiality Non-authorized users have limited access Integrity
More informationCS 161 Computer Security
Paxson Spring 2017 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that any academic misconduct will be reported
More informationCryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL
Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Transpositional Ciphers-A Review Decryption 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Encryption 1 2 3 4 5 6 7 8 A G O O D F R I E N D I S A T R E
More informationDiffie-Hellman. Part 1 Cryptography 136
Diffie-Hellman Part 1 Cryptography 136 Diffie-Hellman Invented by Williamson (GCHQ) and, independently, by D and H (Stanford) A key exchange algorithm o Used to establish a shared symmetric key Not for
More informationKey Exchange. Secure Software Systems
1 Key Exchange 2 Challenge Exchanging Keys &!"#h%&'() & & 1 2 6(6 1) 2 15! $ The more parties in communication, the more keys that need to be securely exchanged " # Do we have to use out-of-band methods?
More informationCSC/ECE 774 Advanced Network Security
Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;
More informationBackground. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33
Background Network Security - Certificates, Keys and Signatures - Dr. John Keeney 3BA33 Slides Sources: Karl Quinn, Donal O Mahoney, Henric Johnson, Charlie Kaufman, Wikipedia, Google, Brian Raiter. Recommended
More informationCSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography
CSCI 454/554 Computer and Network Security Topic 2. Introduction to Cryptography Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationOverview. Public Key Algorithms I
Public Key Algorithms I Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@csc.lsu.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc4601-04/ Louisiana State
More informationEEC-484/584 Computer Networks
EEC-484/584 Computer Networks Lecture 23 wenbing@ieee.org (Lecture notes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of last lecture Introduction to
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2017 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA
More informationOutline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing
Outline CSCI 454/554 Computer and Network Security Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues Topic 2. Introduction to Cryptography 2 Cryptography Basic Concepts
More informationISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)
Outline ISA 662 Internet Security Protocols Some Math Essentials & History Asymmetric signatures and key exchange Asymmetric encryption Symmetric MACs Lecture 2 ISA 662 1 2 Beauty of Mathematics Demonstration
More informationICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification
ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification Hossen Asiful Mustafa Introduction Entity Authentication is a technique designed to let one party prove the identity of another
More informationCS 161 Computer Security
Paxson Spring 2013 CS 161 Computer Security 3/14 Asymmetric cryptography Previously we saw symmetric-key cryptography, where Alice and Bob share a secret key K. However, symmetric-key cryptography can
More information1 Identification protocols
ISA 562: Information Security, Theory and Practice Lecture 4 1 Identification protocols Now that we know how to authenticate messages using MACs, a natural question is, how can we use MACs to prove that
More informationAuthentication Part IV NOTE: Part IV includes all of Part III!
Authentication Part IV NOTE: Part IV includes all of Part III! ECE 3894 Hardware-Oriented Security and Trust Spring 2018 Assoc. Prof. Vincent John Mooney III Georgia Institute of Technology NOTE: THE FOLLOWING
More informationCCNA Security 1.1 Instructional Resource
CCNA Security 1.1 Instructional Resource Chapter 7 Cryptographic Systems 2012 Cisco and/or its affiliates. All rights reserved. 1 Explain how cryptology consists of cryptography (encoding messages) and
More informationCryptography III Want to make a billion dollars? Just factor this one number!
Cryptography III Want to make a billion dollars? Just factor this one number! 3082010a0282010100a3d56cf0bf8418d66f400be31c3f22036ca9f5cf01ef614de2eb9a1cd74a0c344b5a20d5f80df9a23c89 10c354821aa693432a61bd265ca70f309d56535a679d68d7ab89f9d32c47c1182e8a14203c050afd5f1831e5550e8700e008f2
More informationApplied Cryptography and Computer Security CSE 664 Spring 2018
Applied Cryptography and Computer Security Lecture 13: Public-Key Cryptography and RSA Department of Computer Science and Engineering University at Buffalo 1 Public-Key Cryptography What we already know
More informationn-bit Output Feedback
n-bit Output Feedback Cryptography IV Encrypt Encrypt Encrypt P 1 P 2 P 3 C 1 C 2 C 3 Steven M. Bellovin September 16, 2006 1 Properties of Output Feedback Mode No error propagation Active attacker can
More informationCS 161 Computer Security
Paxson Spring 2017 CS 161 Computer Security Discussion 6 Week of March 6, 2017 Question 1 Password Hashing (10 min) When storing a password p for user u, a website randomly generates a string s (called
More informationL7: Key Distributions. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L7: Key Distributions Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 9/16/2015 CSCI 451 - Fall 2015 1 Acknowledgement Many slides are from or are
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationSecurity. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
More informationCrypto-systems all around us ATM machines Remote logins using SSH Web browsers (https invokes Secure Socket Layer (SSL))
Introduction (Mihir Bellare Text/Notes: http://cseweb.ucsd.edu/users/mihir/cse207/) Cryptography provides: Data Privacy Data Integrity and Authenticity Crypto-systems all around us ATM machines Remote
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More information