CSC 774 Network Security

Similar documents
CSC/ECE 774 Advanced Network Security

CSC 474/574 Information Systems Security

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Encryption and Forensics/Data Hiding

Cryptographic Concepts

CSC 474/574 Information Systems Security

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security: Principles and Practice

Encryption. INST 346, Section 0201 April 3, 2018

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Introduction to Cryptography

UNIT - IV Cryptographic Hash Function 31.1

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Security. Communication security. System Security

Security: Cryptography

(2½ hours) Total Marks: 75

CSE 127: Computer Security Cryptography. Kirill Levchenko

Lecture 1 Applied Cryptography (Part 1)

APNIC elearning: Cryptography Basics

Cryptographic Checksums

Public Key Algorithms

Cryptography and Network Security

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

CSC 474/574 Information Systems Security

CIS 6930/4930 Computer and Network Security. Final exam review

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Network Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Ref:

Cryptographic Systems

CSC 474/574 Information Systems Security

Kurose & Ross, Chapters (5 th ed.)

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Public-key Cryptography: Theory and Practice

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

2.1 Basic Cryptography Concepts

L13. Reviews. Rocky K. C. Chang, April 10, 2015

CS Computer Networks 1: Authentication

Study Guide for the Final Exam

Chapter 9 Public Key Cryptography. WANG YANG

T Cryptography and Data Security

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

Public Key Algorithms

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

Verteilte Systeme (Distributed Systems)

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Introduction to Cryptography. Vasil Slavov William Jewell College

Data Security and Privacy. Topic 14: Authentication and Key Establishment

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

1.264 Lecture 28. Cryptography: Asymmetric keys

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

PROTECTING CONVERSATIONS

Appendix A: Introduction to cryptographic algorithms and protocols

From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005

Public Key Cryptography

Information Security CS 526

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

David Wetherall, with some slides from Radia Perlman s security lectures.

Lecture 2 Applied Cryptography (Part 2)

Introduction and Overview. Why CSCI 454/554?

Cryptography MIS

Introduction. Trusted Intermediaries. CSC/ECE 574 Computer and Network Security. Outline. CSC/ECE 574 Computer and Network Security.

Spring 2010: CS419 Computer Security

Message authentication

CRYPTOGRAPHY & DIGITAL SIGNATURE

Other Topics in Cryptography. Truong Tuan Anh

Winter 2011 Josh Benaloh Brian LaMacchia

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

T Cryptography and Data Security

Practical Aspects of Modern Cryptography

CIS 4360 Secure Computer Systems Symmetric Cryptography

CSC 8560 Computer Networks: Network Security

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

14. Internet Security (J. Kurose)

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

CPSC 467b: Cryptography and Computer Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

Authentication Handshakes

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Security: Focus of Control. Authentication

SECURITY IN NETWORKS

Transcription:

CSC 774 Network Security Topic 2. Review of Cryptographic Techniques CSC 774 Dr. Peng Ning 1 Outline Encryption/Decryption Digital signatures Hash functions Pseudo random functions Key exchange/agreement/distribution CSC 774 Dr. Peng Ning 2

Encryption/Decryption encryption ciphertext decryption key key Plaintext: a message in its original form Ciphertext: a message in the transformed, unrecognized form Encryption: the process that transforms a into a ciphertext Decryption: the process that transforms a ciphertext to the corresponding Key: the value used to control encryption/decryption. CSC 774 Dr. Peng Ning 3 Cryptanalysis Ciphertext only: Analyze only with the ciphertext Example: Exhaustive search until recognizable Smarter ways available Known : Secret may be revealed (by spy, time), thus <ciphertext, > pair is obtained Great for mono-alphabetic ciphers CSC 774 Dr. Peng Ning 4

Cryptanalysis (Cont d) Chosen : Choose text, get encrypted Useful if limited set of messages Chosen ciphertext: Choose ciphertext Get feedback from decryption, etc. CSC 774 Dr. Peng Ning 5 Secret Key Cryptography encryption ciphertext decryption key Same key key Same key is used for encryption and decryption Also known as Symmetric cryptography Conventional cryptography CSC 774 Dr. Peng Ning 6

Secret Key Cryptography (cont d) Basic technique (block cipher) Product cipher: Multiple applications of interleaved substitutions and permutations S P S P S ciphertext key CSC 774 Dr. Peng Ning 7 Secret Key Cryptography (cont d) Basic technique (stream cipher) key Pseudo random number generator 001010100101001110011 Bitwise 101011101101001110011 ciphertext 100001001000000000000 CSC 774 Dr. Peng Ning 8

Secret Key Cryptography (cont d) Cipher-text approximately the same length as Examples Stream Cipher: RC4 Block Cipher: DES, IDEA, AES CSC 774 Dr. Peng Ning 9 Public Key Cryptography encryption ciphertext decryption Public key Private key Invented/published in 1975 A public/private key pair is used Public key can be publicly known Private key is kept secret by the owner of the key Much slower than secret key cryptography Also known as Asymmetric cryptography CSC 774 Dr. Peng Ning 10

Public Key Cryptography (Cont d) message Sign Digital signature Verify Yes/No Private key Public key Another mode: digital signature Only the party with the private key can create a digital signature. The digital signature is verifiable by anyone who knows the public key. The signer cannot deny that he/she has done so. CSC 774 Dr. Peng Ning 11 Public Key Cryptography (Cont d) Example algorithms RSA, DSA Diffie-Hellman CSC 774 Dr. Peng Ning 12

Hash Algorithms Message of arbitrary length Hash H A fixed-length short message Also known as Message digests One-way transformations One-way functions Hash functions Length of H(m) much shorter then length of m Usually fixed lengths: 128 or 160 bits CSC 774 Dr. Peng Ning 13 Hash Algorithms (Cont d) Desirable properties of hash functions Performance: Easy to compute H(m) One-way property: Given H(m) but not m, it s difficult to find m Weak collision free: Given H(m), it s difficult to find m such that H(m ) = H(m). Strong collision free: Computationally infeasible to find m 1, m 2 such that H(m 1 ) = H(m 2 ) Example algorithms MD5 SHA-1 CSC 774 Dr. Peng Ning 14

Applications of Hash Functions Primary application Generate/verify digital signature Message m H H(m) Sign Signature Sig(H(m)) Private key Message m H H(m) Verify Yes/No Signature Sig(H(m)) Public key CSC 774 Dr. Peng Ning 15 Applications of Hash Functions (Cont d) Password hashing Doesn t need to know password to verify it Store H(password+salt) and salt, and compare it with the user-entered password Salt makes dictionary attack more difficult Message integrity Agree on a secrete key k Compute H(m k) and send with m Doesn t require encryption algorithm, so the technology is exportable CSC 774 Dr. Peng Ning 16

Applications of Hash Functions (Cont d) Authentication Give H(m) as an authentication token Later release m CSC 774 Dr. Peng Ning 17 Pseodu Random Generator Definition A cryptographically secure pseudorandom bit generator is an efficient algorithm that will expand a random n-bit seed to a longer sequence that is computationally indistinguishable from a truly random sequence. Theorem [Levin] A one-way function can be used to construct a cryptographically secure pseudo-random bit generator. CSC 774 Dr. Peng Ning 18

Pseudo Random Functions Definition A cryptographically secure pseudorandom function is an efficient algorithm that given an n-bit seed s, and an n-bit argument x, returns an n-bit string f s (x) such that it is infeasible to distinguish f s (x) for random seed s from a truly random function. Theorem [Goldreich, Goldwasser, Micali] Cryptographically secure pseudorandom functions can be constructed from cryptographically secure pseudorandom bit generators. CSC 774 Dr. Peng Ning 19 Key Exchange/Agreement/Distribution Key exchange Between two parties A special case of key agreement Key agreement Between two or among multiple parties Classical algorithm Diffie-Hellman Key distribution Involves a (trusted) third party to help establish keys. CSC 774 Dr. Peng Ning 20

Center-Based Key Management Key Distribution Center (KDC) Communication parties depend on KDC to establish a pair-wise key. The KDC generates the cryptographic key Pull based Alice communicates with the KDC before she communicates with Bob Push based Alice communicates with Bob, and it s Bob s responsibility to contact the KDC to get the pair-wise key. CSC 774 Dr. Peng Ning 21 Center-Based Key Management (Cont d) Key Translation Center (KTC) Similar to KDC Difference One of the participants generates the cryptographic; KTC only translates and forwards it to the other participant. CSC 774 Dr. Peng Ning 22

An Example of KDC: Kerberos 1. Request TGT 2. TGT + session key 3. Request SGT 4. Ticket + session key Keberos Authentication Server (AS) Ticket-Granting Server (TGS) 5. Request service 6. Server authenticator Server CSC 774 Dr. Peng Ning 23 Certificate-Based Key Distribution Public key certificate Bind an identity and a public key together Verify the authenticity of a party s public key Key transfer Transfer a locally generated pair-wise key to a remote entity Key exchange (agreement) Both communication parties generate a key cooperatively. Example: Diffie-Hellman key exchange CSC 774 Dr. Peng Ning 24

Attacks Replay attacks Man-in-the-middle attacks Resource clogging attacks Denial of service attacks Meet-in-the-middle attacks Dictionary attacks Others specific to protocols CSC 774 Dr. Peng Ning 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback