CSC 474/574 Information Systems Security

Similar documents
Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

CSC 774 Network Security

CSC/ECE 774 Advanced Network Security

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Introduction to Cryptography

Encryption and Forensics/Data Hiding

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

CNT4406/5412 Network Security

APNIC elearning: Cryptography Basics

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

Cryptographic Concepts

2/7/2013. CS 472 Network and System Security. Mohammad Almalag Lecture 2 January 22, Introduction To Cryptography

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Classical Cryptography. Thierry Sans

Security. Communication security. System Security

CSC 474/574 Information Systems Security

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Security: Cryptography

Encryption. INST 346, Section 0201 April 3, 2018

CSE 127: Computer Security Cryptography. Kirill Levchenko

2.1 Basic Cryptography Concepts

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Lecture 1 Applied Cryptography (Part 1)

Public-key Cryptography: Theory and Practice

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Public Key Cryptography

LECTURE 4: Cryptography

CSC 474/574 Information Systems Security

Introduction to Symmetric Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Ref:

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

Cryptography Introduction to Computer Security. Chapter 8

Traditional Symmetric-Key Ciphers. A Biswas, IT, BESU Shibpur

Cryptography MIS

Cryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi

Chapter 9 Public Key Cryptography. WANG YANG

Public Key Algorithms

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

CSC 580 Cryptography and Computer Security

18-642: Cryptography 11/15/ Philip Koopman

Cryptography and Network Security

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Nature Sunday Academy Lesson Plan

Introduction Classical Confidentiality Modern Confidentiality Integrity Authentication

Cryptography Introduction

CIS 4360 Secure Computer Systems Symmetric Cryptography

Cryptography Math/CprE/InfAs 533

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Cryptography Functions

Computer Security: Principles and Practice

Cryptography (Overview)

Lecture IV : Cryptography, Fundamentals

UNIT - IV Cryptographic Hash Function 31.1

Computer Security 3/23/18

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

CRYPTOGRAPHY & DIGITAL SIGNATURE

Introduction to Cryptography. Vasil Slavov William Jewell College

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

Lecture 2. Cryptography: History + Simple Encryption,Methods & Preliminaries. Cryptography can be used at different levels

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Practical Aspects of Modern Cryptography

Worksheet - Reading Guide for Keys and Passwords

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Cryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building

PASSWORDS & ENCRYPTION

CCNA Security 1.1 Instructional Resource

EEC-484/584 Computer Networks

David Wetherall, with some slides from Radia Perlman s security lectures.

Cryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain

Classical Encryption Techniques

Computers and Security

PROTECTING CONVERSATIONS

CSCE 813 Internet Security Symmetric Cryptography

Encryption I. An Introduction

Computer Security CS 526

Cryptography. Intercepting Information Scenario 1. Tuesday, December 9, December 9, Wireless broadcasts information using radio signals

1.264 Lecture 28. Cryptography: Asymmetric keys

Classical Encryption Techniques. CSS 322 Security and Cryptography

Classical Encryption Techniques

Some Stuff About Crypto

Cryptography and Network Security 2. Symmetric Ciphers. Lectured by Nguyễn Đức Thái

S. Erfani, ECE Dept., University of Windsor Network Security

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Data Integrity. Modified by: Dr. Ramzi Saifan

Security Requirements

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Appendix A: Introduction to cryptographic algorithms and protocols

Transcription:

CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that relies on mathematics (number theory, algebra) Process data into intelligible form, reversible, without data loss Usually one-to-one (not compression) CSC 474/574 By Dr. Peng Ning 2

Encryption/Decryption encryption ciphertext decryption key key Plaintext: a message in its original form Ciphertext: a message in the transformed, unrecognized form Encryption: the process that transforms a into a ciphertext Decryption: the process that transforms a ciphertext to the corresponding Key: the value used to control encryption/decryption. CSC 474/574 By Dr. Peng Ning 3 Cryptanalysis Ciphertext only: Analyze only with the ciphertext Example: Exhaustive search until recognizable Smarter ways available Known : Secret may be revealed (by spy, time), thus <ciphertext, > pair is obtained Great for mono-alphabetic ciphers CSC 474/574 By Dr. Peng Ning 4

Cryptanalysis (Cont d) Chosen : Choose text, get encrypted Useful if limited set of messages Chosen ciphertext: Choose ciphertext Get feedback from decryption, etc. CSC 474/574 By Dr. Peng Ning 5 Security of An Encryption Algorithm Unconditionally secure It is impossible to decrypt the ciphertext One-time pad (the key is as long as the ) Computationally secure The cost of breaking the cipher exceeds the value of the encrypted information The time required to break the cipher exceeds the useful lifetime of the information CSC 474/574 By Dr. Peng Ning 6

Secret Keys v.s. Secret Algorithms Security by obscurity We can achieve better security if we keep the algorithms secret Hard to keep secret if used widely Reverse engineering, social engineering Publish the algorithms Security of the algorithms depends on the secrecy of the keys Less unknown vulnerability if all the smart (good) people in the world are examine the algorithms CSC 474/574 By Dr. Peng Ning 7 Secret Keys v.s. Secret Algorithms (cont d) Commercial world Published Wide review, trust Military Keep algorithms secret Avoid giving enemy good ideas Military has access to the public domain knowledge anyway. CSC 474/574 By Dr. Peng Ning 8

Some Trivial Codes Caesar cipher: substitution cipher: Replace each letter with the one 3 letters later A D, B E Captain Midnight Secret Decoder rings: shift variable by n: IBM HAL only 26 possibilities CSC 474/574 By Dr. Peng Ning 9 Some Trivial Codes (Cont d) Mono-alphabetic cipher: generalization, arbitrary mapping of one letter to another 26!, approximately 4 1026 statistical analysis of letter frequencies CSC 474/574 By Dr. Peng Ning 10

Some Trivial Codes (Cont d) Hill Cipher Encryption: C = KP or Decryption: P = K -1 C Problem: Known attack CSC 474/574 By Dr. Peng Ning 11 Some Trivial Codes (cont d) Poly-alphabetic Ciphers A set of related mono-alphabetic substitution rules is used A key determines which particular rule is chosen for a given transformation CSC 474/574 By Dr. Peng Ning 12

Some Trivial Codes (Cont d) All the previous codes are based on substitution Transposition (permutation) Key: 4 3 1 2 5 6 7 Plaintext: A T T A C K P O S T P O N E D U N T I L T W O A M X Y Z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ CSC 474/574 By Dr. Peng Ning 13 Types of Cryptography Number of keys Hash functions: no key Secret key cryptography: one key Public key cryptography: two keys - public, private The way in which the is processed Block cipher: divides input elements into blocks Stream cipher: process one element (e.g., bit) a time CSC 474/574 By Dr. Peng Ning 14

Secret Key Cryptography encryption ciphertext decryption key Same key key Same key is used for encryption and decryption Also known as Symmetric cryptography Conventional cryptography CSC 474/574 By Dr. Peng Ning 15 Secret Key Cryptography (cont d) Basic technique Product cipher: Multiple applications of interleaved substitutions and permutations S P S P S ciphertext key CSC 474/574 By Dr. Peng Ning 16

Secret Key Cryptography (cont d) Ciphertext approximately the same length as Examples Stream Cipher: RC4 Block Cipher: DES, IDEA, AES CSC 474/574 By Dr. Peng Ning 17 Applications of Secret Key Cryptography Transmitting over an insecure channel Challenge: How to share the key? Secure Storage on insecure media Authentication Challenge-response To prove the other party knows the secret key Must be secure against chosen attack Integrity check Message integrity code (MIC) CSC 474/574 By Dr. Peng Ning 18

Public Key Cryptography encryption ciphertext decryption Public key Private key Invented/published in 1975 A public/private key pair is used Public key can be publicly known Private key is kept secret by the owner of the key Much slower than secret key cryptography Also known as Asymmetric cryptography CSC 474/574 By Dr. Peng Ning 19 Public Key Cryptography (Cont d) message Sign Digital signature Verify Yes/No Private key Public key Another mode: digital signature Only the party with the private key can create a digital signature. The digital signature is verifiable by anyone who knows the public key. The signer cannot deny that he/she has done so. CSC 474/574 By Dr. Peng Ning 20

Applications of Public Key Cryptography Data transmission: Alice encrypts m a using Bob s public key e B, Bob decrypts m a using his private key d B. Storage: Can create a safety copy: using public key of trusted person. Authentication: No need to store secrets, only need public keys. Secret key cryptography: need to share secret key for every person to communicate with. CSC 474/574 By Dr. Peng Ning 21 Applications of Public Key Cryptography (Cont d) Digital signatures Sign hash H(m) with the private key Authorship Integrity Non-repudiation: can t do with secret key cryptography Key exchange Establish a common session key between two parties CSC 474/574 By Dr. Peng Ning 22

Hash Algorithms Message of arbitrary length Hash H A fixed-length short message Also known as Message digests One-way transformations One-way functions Hash functions Length of H(m) much shorter then length of m Usually fixed lengths: 128 or 160 bits CSC 474/574 By Dr. Peng Ning 23 Hash Algorithms (Cont d) Desirable properties of hash functions Performance: Easy to compute H(m) One-way property: Given H(m) but not m, it s difficult to find m Weak collision free: Given H(m), it s difficult to find m such that H(m ) = H(m). Strong collision free: Computationally infeasible to find m 1, m 2 such that H(m 1 ) = H(m 2 ) CSC 474/574 By Dr. Peng Ning 24

Applications of Hash Functions Primary application Generate/verify digital signature Message m H H(m) Sign Signature Sig(H(m)) Private key Message m H H(m) Verify Yes/No Signature Sig(H(m)) Public key CSC 474/574 By Dr. Peng Ning 25 Applications of Hash Functions (Cont d) Password hashing Doesn t need to know password to verify it Store H(password+salt) and salt, and compare it with the user-entered password Salt makes dictionary attack more difficult Message integrity Agree on a secrete key k Compute H(m k) and send with m Doesn t require encryption algorithm, so the technology is exportable CSC 474/574 By Dr. Peng Ning 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback