Kurose & Ross, Chapters (5 th ed.)

Similar documents
ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Encryption. INST 346, Section 0201 April 3, 2018

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

CS Computer Networks 1: Authentication

Ref:

SECURITY IN NETWORKS

SECURITY IN NETWORKS 1

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

14. Internet Security (J. Kurose)

CSC 8560 Computer Networks: Network Security

The Network Security Model. What can an adversary do? Who might Bob and Alice be? Computer Networks 12/2/2009. CSC 257/457 - Fall

Network Security. Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2002.

Lecture 2 Applied Cryptography (Part 2)

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

Computer Communication Networks Network Security

Internet and Intranet Protocols and Applications

Public Key Algorithms

UNIT - IV Cryptographic Hash Function 31.1

Chapter 8. Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2004.

Information Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1

Computer Networks. Wenzhong Li. Nanjing University

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

CS 332 Computer Networks Security

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Chapter 8 Network Security

Welcome to CS 395/495 Internet Security: A Measurement-based Approach

Diffie-Hellman. Part 1 Cryptography 136

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chapter 9. Public Key Cryptography, RSA And Key Management

Chapter 9 Public Key Cryptography. WANG YANG

Chapter 8 Network Security

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Chapter 8 Network Security. Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Chapter 8 Security. Computer Networking: A Top Down Approach

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

1.264 Lecture 28. Cryptography: Asymmetric keys

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Introduction to Cryptography. Vasil Slavov William Jewell College

CSC/ECE 774 Advanced Network Security

CSC 474/574 Information Systems Security

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Computer Networks II

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

David Wetherall, with some slides from Radia Perlman s security lectures.

Network Security. Chapter 8. MYcsvtu Notes.

Chapter 8 Security. Computer Networking: A Top Down Approach. Andrei Gurtov. 7 th edition Jim Kurose, Keith Ross Pearson/Addison Wesley April 2016

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

What did we talk about last time? Public key cryptography A little number theory

Public Key Algorithms

ASYMMETRIC CRYPTOGRAPHY

Overview. Public Key Algorithms I

Number Theory and RSA Public-Key Encryption

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Cryptographic Systems

Lecture 6 - Cryptography

Lecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.

CSE 127: Computer Security Cryptography. Kirill Levchenko

Security: Focus of Control. Authentication

S. Erfani, ECE Dept., University of Windsor Network Security

Background. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

CSC 774 Network Security

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Lecture 1 Applied Cryptography (Part 1)

Chapter 8 Network Security

Cryptography (Overview)

Cryptographic Checksums

Digital Signatures. Luke Anderson. 7 th April University Of Sydney.

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Public Key Algorithms

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

EEC-682/782 Computer Networks I

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Public-key Cryptography: Theory and Practice

Other Topics in Cryptography. Truong Tuan Anh

Key Exchange. Secure Software Systems

Cryptography and Network Security. Sixth Edition by William Stallings

Security: Focus of Control

Topics. Number Theory Review. Public Key Cryptography

Key Establishment and Authentication Protocols EECE 412

CRYPTOGRAPHY & DIGITAL SIGNATURE

System and Network Security

Public Key Cryptography and the RSA Cryptosystem

Password. authentication through passwords

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

CS669 Network Security

Ideal Security Protocol. Identify Friend or Foe (IFF) MIG in the Middle 4/2/2012

ECEN 5022 Cryptography

Chapter 3 Public Key Cryptography

ASYMMETRIC (PUBLIC-KEY) ENCRYPTION. Mihir Bellare UCSD 1

Garantía y Seguridad en Sistemas y Redes

Transcription:

Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and K.W. Ross, All Rights Reserved.

Public Key Cryptography symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if never met )? public key cryptography radically different approach [Diffie- Hellman76, RSA78] sender, receiver do not share secret key public encryption key known to all private decryption key known only to receiver 8-2

Public key cryptography + K B - K B Bob s public key Bob s private key plaintext message, m encryption algorithm ciphertext + K (m) B decryption algorithm plaintext message - + m = K (K (m)) B B 8-3

Public key encryption algorithms Requirements: 1 2.. + - B - + B need K ( ) and K ( ) such that K (K (m)) = m B B given public key K B, it should be impossible to compute - private key K B + RSA: Rivest, Shamir, Adelson algorithm 8-4

Prerequisite: modular arithmetic x mod n = remainder of x when divide by n Facts: [(a mod n) + (b mod n)] mod n = (a+b) mod n [(a mod n) - (b mod n)] mod n = (a-b) mod n [(a mod n) * (b mod n)] mod n = (a*b) mod n Thus (a mod n) d mod n = a d mod n Example: x=14, n=10, d=2: (x mod n) d mod n = 4 2 mod 10 = 6 x d = 14 2 = 196 x d mod 10 = 6 8-5

RSA: getting ready A message is a bit pattern. A bit pattern can be uniquely represented by an integer number. Thus encrypting a message is equivalent to encrypting a number. Example m= 10010001. This message is uniquely represented by the decimal number 145. To encrypt m, we encrypt the corresponding number, which gives a new number (the ciphertext). 8-6

RSA: Creating public/private key pair 1. Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e<n) that has no common factors with z. (e, z are relatively prime ). 4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5. Public key is (n,e). Private key is (n,d). + K B - K B 8-7

RSA: Encryption, decryption 0. Given (n,e) and (n,d) as computed above 1. To encrypt message m (<n), compute c = m e mod n 2. To decrypt received bit pattern, c, compute m = c d mod n Magic happens! m = (m e d mod n) mod n c 8-8

RSA example: Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z). Encrypting 8-bit messages. encrypt: bit pattern m m e c = m e mod n 0000l000 12 24832 17 decrypt: c c d m = c d mod n 17 481968572106750915091411825223071697 12 8-9

Why does RSA work? Must show that c d mod n = m where c = m e mod n Fact: for any x and y: x y mod n = x (y mod z) mod n where n= pq and z = (p-1)(q-1) Thus, c d mod n = (m e mod n) d mod n = m ed mod n = m (ed mod z) mod n = m 1 mod n = m 8-10

RSA: another important property The following property will be very useful later: - + K (K (m)) = m B B use public key first, followed by private key = + - B B K (K (m)) use private key first, followed by public key Result is the same! 8-11

- + Why K (K (m)) = m = K (K (m))? B B + - B B Follows directly from modular arithmetic: (m e mod n) d mod n = m ed mod n = m de mod n = (m d mod n) e mod n 8-12

Why is RSA Secure? suppose you know Bob s public key (n,e). How hard is it to determine d? essentially need to find factors of n without knowing the two factors p and q. fact: factoring a big number is hard. Generating RSA keys have to find big primes p and q approach: make good guess then apply testing rules (see Kaufman) 8-13

Session keys Exponentiation is computationally intensive DES is at least 100 times faster than RSA Session key, K S Bob and Alice use RSA to exchange a symmetric key K S Once both have K S, they use symmetric key cryptography 8-14

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS 8-15

Message Integrity allows communicating parties to verify that received messages are authentic. Content of message has not been altered Source of message is who/what you think it is Message has not been replayed Sequence of messages is maintained let s first talk about message digests 8-16

Message Digests function H( ) that takes as input an arbitrary length message and outputs a fixed-length string: message signature note that H( ) is a many-to-1 function H( ) is often called a hash function large message m H: Hash Function H(m) desirable properties: easy to calculate irreversibility: Can t determine m from H(m) collision resistance: computationally difficult to produce m and m such that H(m) = H(m ) seemingly random output 8-17

Internet checksum: poor message digest Internet checksum has some properties of hash function: produces fixed length digest (16-bit sum) of input is many-to-one but given message with given hash value, it is easy to find another message with same hash value. e.g.,: simplified checksum: add 4-byte chunks at a time: message I O U 1 0 0. 9 9 B O B ASCII format 49 4F 55 31 30 30 2E 39 39 42 D2 42 message I O U 9 0 0. 1 9 B O B ASCII format 49 4F 55 39 30 30 2E 31 39 42 D2 42 B2 C1 D2 AC different messages but identical checksums! B2 C1 D2 AC 8-18

Hash Function Algorithms MD5 hash function widely used (RFC 1321) computes 128-bit message digest in 4-step process. SHA-1 is also used. US standard [NIST, FIPS PUB 180-1] 160-bit message digest 8-19

message message message Message Authentication Code (MAC) s s = shared secret s H( ) H( ) compare Authenticates sender Verifies message integrity No encryption! Also called keyed hash Notation: MD m = H(s m) ; send m MD m 8-20

End-point authentication want to be sure of the originator of the message end-point authentication assuming Alice and Bob have a shared secret, will MAC provide end-point authentication? we do know that Alice created message. but did she send it? 8-21

Playback attack MAC = f(msg,s) Transfer $1M from Bill to Trudy MAC Transfer $1M from Bill to Trudy MAC 8-22

Defending against playback attack: nonce I am Alice R MAC = f(msg,s,r) Transfer $1M from Bill to Susan MAC 8-23

Digital Signatures cryptographic technique analogous to handwritten signatures. sender (Bob) digitally signs document, establishing he is document owner/creator. goal is similar to that of MAC, except now use public-key cryptography verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document 8-24

Digital Signatures simple digital signature for message m: Bob signs m by encrypting with his private key - - K B, creating signed message, K B (m) Bob s message, m Dear Alice Oh, how I have missed you. I think of you all the time! (blah blah blah) Bob - K B Public key encryption algorithm Bob s private key - K B (m) Bob s message, m, signed (encrypted) with his private key 8-25

Digital signature = signed message digest Bob sends digitally signed message: large message m + H: Hash function Bob s private key - K B H(m) digital signature (encrypt) encrypted msg digest - K B (H(m)) Alice verifies signature and integrity of digitally signed message: large message m H: Hash function H(m) Bob s public key + K B equal? encrypted msg digest - K B (H(m)) digital signature (decrypt) H(m) 8-26

Digital Signatures (more) suppose Alice receives msg m, digital signature K B (m) Alice verifies m signed by Bob by applying Bob s + - + - public key K B to K B (m) then checks K B (K B (m) ) = m. + - if K B (K B (m) ) = m, whoever signed m must have used Bob s private key. Alice thus verifies that: Bob signed m. no one else signed m. Bob signed m and not m. Non-repudiation: - Alice can take m, and signature K B (m) to court and prove that Bob signed m. - 8-27

Public-key certification motivation: Trudy plays pizza prank on Bob Trudy creates e-mail order: Dear Pizza Store, Please deliver to me four pepperoni pizzas. Thank you, Bob Trudy signs order with her private key Trudy sends order to Pizza Store Trudy sends to Pizza Store her public key, but says it s Bob s public key. Pizza Store verifies signature; then delivers four pizzas to Bob. Bob doesn t even like Pepperoni 8-28

Certification Authorities Certification authority (CA): binds public key to particular entity, E. E (person, router) registers its public key with CA. E provides proof of identity to CA. CA creates certificate binding E to its public key. certificate containing E s public key digitally signed by CA CA says this is E s public key Bob s identifying information Bob s public + key K B digital signature (encrypt) CA private key K - CA + K B certificate for Bob s public key, signed by CA 8-29

Certification Authorities when Alice wants Bob s public key: gets Bob s certificate (Bob or elsewhere). apply CA s public key to Bob s certificate, get Bob s public key + K B digital signature (decrypt) + K B Bob s public key CA public key K + CA 8-30

Certificates: summary primary standard X.509 (RFC 2459) certificate contains: issuer name entity name, address, domain name, etc. entity s public key digital signature (signed with issuer s private key) Public-Key Infrastructure (PKI) certificates, certification authorities often considered heavy 8-31

Why study computer networks? An interface between theory (algorithms, mathematics) and practice Understanding the design principles of a truly complex system Industry-relevant knowledge Fun! Challenges in teaching computer networks Students feedback

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback