Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Similar documents
Digital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

ASYMMETRIC CRYPTOGRAPHY

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Chapter 9 Public Key Cryptography. WANG YANG

Encryption. INST 346, Section 0201 April 3, 2018

Cryptography and Network Security. Sixth Edition by William Stallings

Public Key Algorithms

CSC 474/574 Information Systems Security

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

Public Key Algorithms

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Public Key Cryptography

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

What did we talk about last time? Public key cryptography A little number theory

Session key establishment protocols

Cryptographic Concepts

Cryptography MIS

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification

Security: Cryptography

Session key establishment protocols

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Password. authentication through passwords

Kurose & Ross, Chapters (5 th ed.)

Applied Cryptography Protocol Building Blocks

Overview. Public Key Algorithms I

CRYPTOGRAPHY & DIGITAL SIGNATURE

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Ref:

CSC/ECE 774 Advanced Network Security

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

L13. Reviews. Rocky K. C. Chang, April 10, 2015

CSC 774 Network Security

Ideal Security Protocol. Identify Friend or Foe (IFF) MIG in the Middle 4/2/2012

Number Theory and RSA Public-Key Encryption

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Security Handshake Pitfalls

Computer Security 3/23/18

Cryptography III Want to make a billion dollars? Just factor this one number!

Network Security. Chapter 8. MYcsvtu Notes.

1.264 Lecture 28. Cryptography: Asymmetric keys

SECURITY IN NETWORKS

CS 161 Computer Security

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

CIS 6930/4930 Computer and Network Security. Topic 6.2 Authentication Protocols

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Introduction to Cryptography. Vasil Slavov William Jewell College

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Authentication Handshakes

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

CS Computer Networks 1: Authentication

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

SECURITY IN NETWORKS 1

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Key Exchange. Secure Software Systems

UNIT - IV Cryptographic Hash Function 31.1

CS3235 Seventh set of lecture slides

CSC 474/574 Information Systems Security

1 Identification protocols

CSC 474/574 Information Systems Security

CSC 8560 Computer Networks: Network Security

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

2.1 Basic Cryptography Concepts

David Wetherall, with some slides from Radia Perlman s security lectures.

Lecture 6 - Cryptography

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

CSE 127: Computer Security Cryptography. Kirill Levchenko

Cryptography (Overview)

Key Establishment and Authentication Protocols EECE 412

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography

KEY AGREEMENT PROTOCOLS. CIS 400/628 Spring 2005 Introduction to Cryptography. This is based on Chapter 13 of Trappe and Washington

Public Key Encryption. Modified by: Dr. Ramzi Saifan

Introduction to Cryptography and Security Mechanisms. Abdul Hameed

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Chapter 9. Public Key Cryptography, RSA And Key Management

ECEN 5022 Cryptography

Strong Password Protocols

Lecture 2 Applied Cryptography (Part 2)

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

14. Internet Security (J. Kurose)

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Network Security Chapter 8

CCNA Security 1.1 Instructional Resource

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Lecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.

Key Establishment. Chester Rebeiro IIT Madras. Stinson : Chapter 10

CS 332 Computer Networks Security

Transcription:

ryptography Goals Protect private communication in the public world and are shouting messages over a crowded room no one can understand what they are saying 1 Other Uses of ryptography Authentication should be able to verify that has created the message Integrity should be able to verify that message has not been modified Non-repudiation cannot deny that she indeed sent the message 2 Other Uses of ryptography How to exchange a secret with someone you have never met, shouting in a room full of people How can someone convince us they know the secret without giving it away How to send encrypted messages to any subset of n people How to encrypt a message so that it can be decrypted only if m out of n people want to decrypt it 3 Basic Problem and Terminology E () message encryption key E () message is encrypted using key ciphertext decryption key D () message is decrypted using key 4 D () If = this is symmetric encryption If this is asymmetric (public key) encryption Why Do We Need a Key? could give a message covertly Let s meet where we meet last year Works only if and know each other well could change the message in a secret way Secret algorithms can be broken In general good cryptography assumes knowledge of algorithm by anyone, secret lies in a key!!! could hide her message in some other text steganography What an Go Wrong? E () Eve D () yphertext-only attack: Eve can attempt either to learn or to learn how to decrypt other messages by observing many ciphertexts 5 6 1

What an Go Wrong? What an Go Wrong? E () D () E () D () Eve allory Known-plaintext attack: Eve can attempt to learn how to decrypt messages by observing many ciphertexts for known messages hosen-plaintext attack: allory can feed chosen messages into encryption algorithm and look at resulting ciphertexts. Thus she can attempt to learn either encryption key, decryption key or messages that produce. Assumption is that extremely few messages can produce same. 7 8 What an Go Wrong? What an Go Wrong? E () D () E () D () allory Adaptive-chosen-plaintext attack: allory can feed chosen messages into encryption algorithm and look at resulting ciphertexts, gain some knowledge or establish a hypothesis, then feed new to gain more knowledge or test the hypothesis. Thus she can attempt to learn either encryption key or how to decrypt messages. 9 allory an-in-the-middle attack: allory can substitute messages allory can modify messages so that they have different meaning so that they are scrambled allory can drop messages allory can replay messages to, or the third party 10 What an Go Wrong? E () Eve D () Brute-force atack: Eve has caught a ciphertext and will try every possible key to try to decrypt it. This can be made infinitely hard by choosing a large keyspace. One-time Pad ipher with infinite key ombine letters from the message with the letters from an infinite key, randomly generated Never reuse the key Key needs to be generated using a very good RNG (to avoid any patterns) This is the only cipher that cannot be broken Sender and receiver must be perfectly synchronized 11 12 2

Symmetric Key Encryption and have never met before and they want to communicate and agree on a secret key encrypts the message with the secret key, using substitution and transposition methods, and a few other tricks reverses the process to decrypt the message 13 What an Go Wrong? Eve could listen to shared key exchange and learn the key allory could learn the key and replace it with her own (man-in-the-middle attack) allory could prevent and from completing the protocol So how do and exchange shared key? 14 Exchanging a Shared Key can send a key by courier to and may have a mutual friend Trent: They both trust Trent They have already set up secret keys with Trent sends message to Trent with secret key for communication with, encrypts the message with the key she shares with Trent Trent decrypts the message, encrypts it with the key he shares with For n participants, there are keys Use Diffie-Hellman key exchange n* or ( n public-key! 1) cryptography 2 15 Diffie-Hellman Key Exchange and agree on g and large n chooses random number a and sends to g a mod n chooses random number b and sends to g b mod n takes s message and calculates g ab mod n does the same; now they both know a secret 16 Public Key ryptography Everyone has two keys: Public key that everyone knows Private key that only he knows Encryption algorithm and key properties ensure that DK 2( E( )) = creates a secret key, encrypts it with s public key and sends it off decrypts the message with his private key They could even communicate this way but it s slow 17 One-Way Functions Functions such that computing f(x), given x is easy, but computing x given f(x) is hard Hard means that it would take all computers on Earth millions of years to do it But for decryption we need to be able to calculate x given f(x): Trapdoor one-way function: There is a secret y such that given f(x) and y it is easy to compute x Example: Factorization of a large number is hard. Selecting two large primes, multiplying them and obtaining a large number is easy. Knowing a large number and one factor, it is easy to get another factor. 18 3

Public Key rypto (RSA) reated by Ron Rivest, Adi Shamir, and Leonard Adleman hoose two prime numbers p and q of equal length hoose public key e relatively prime to (p-1)*(q-1) this means that e and (p-1)*(q-1) have no common divisors alculate d which is inverse of e mod (p-1)*(q-1) d * e =1mod ((p -1)*(q -1)) Public Key rypto (RSA) Publish e and p*q, remember d Encryption: e E ( ) = mod (p*q) Decryption: d de D( ) = mod ( p*q) = mod ( p* q) = 19 20 ommon Practice Public-key cryptography is about 1500 times slower than symmetric cryptography Use public-key cryptography to exchange the shared key ontinue to communicate using symmetric cryptography 21 One-Way Hash Functions Take a variable-length input and produce fixedlength output (hash value or message digest) h = H ( ) The idea is to fingerprint Given easy to compute h Given h very hard to compute One-bit change in changes many bits in h Good one-way hash function is collision-free: given it is very hard to find such that H()=H( ) One-way hash function is public 22 essage Authentication ode (A) Key-dependent one-way hash function Only someone with a correct key can verify the hash value Easy way to turn one-way hash function into A is to encrypt hash value with symmetric algorithm Digital Signatures Proof of authorship or agreement with contents of a document Signature is authentic (noone but could have signed a document with her signature) Signature is unforgeable Signature is not reusable Signed document in unalterable Signature cannot be repudiated 23 24 4

Public-Key Signatures encrypts the document with her private key Sends the signed document to who decrypts it with her public key This signature is reusable, can take the same message and claim he received it multiple times add timestamps Signing the whole document with public key is slow sign a hash of the document produced by one-way hash function 25 Digital Signatures and Encryption ombining digital signatures with public-key cryptography we gain security and authenticity first signs the message (or message digest) with her private key: SA() encrypts the signed message with s public key: EB(SA()) decrypts the message with his private key: DB(EB(SA())) = SA() verifies s signature V A (S A()) = 26 Digital Signatures and Encryption Only can decrypt the message (security) and he knows that has sent the message (authenticity) If encrypted message digest he can also verify that the message has not been changed If added timestamps he can also verify that the message has not been replayed Revisiting ryptography Goals Protect private communication in the public world (Symmetric and public key cryptography) and are shouting in a crowded room No guest can understand what they are saying Authentication (Digital signatures) can verify that has created the message Integrity (essage digests) can verify that message has not been modified Non-repudiation (Digital sig. + timestamps) cannot deny that she indeed sent the message 27 28 Revisiting ommon Practices and exchange symmetric key using: Public-key encryption If they first send each other public keys, allory can do man-in-the-middle attack If they obtain public keys from a database, allory can poison public-key database with bad keys Diffie-Hellman key exchange allory can do man-in-the-middle attack an-in-the-iddle Attack on Key Exchange to her public key Pub(A) allory captures this and sends to Pub() sends to his public key Pub(B) allory captures this and sends to Pub() Now and correspond through allory who can read all their messages 29 30 5

Key Exchange with Interlock Protocol First four steps are the same to her public key Pub(A) allory captures this and sends to Pub() sends to his public key Pub(B) allory captures this and sends to Pub() encrypts a message in Pub() but sends half to allory cannot recover this message and duplicate it This works if allory cannot mimic s and s messages 31 Delayed Key Exchange and need not exchange keys directly to communicate generates a random session key K She obtains s public key from a database and encrypts K with that E B(K) She sends both the message encrypted with K, E K() and a key E B(K) to This is how most real-world protocols work 32 Authentication How does prove her identity? When she logs on When she sends messages to Authentication on Log-on inputs her password, computer verifies this against list of passwords If computer is broken into, hackers can learn everybody s passwords Use one-way functions, store the result for every valid password Perform one-way function on input, compare result against the list 33 34 Authentication on Log-on Hackers can compile a list of frequently used passwords, apply one-way function to each and store them in a table dictionary attack Host adds random salt to password, applies one-way function to that and stores result and salt value 35 Authentication on Log-on SKEY will have different password each time she logs on To set-up the system, enters random number R Host calculates x 0=f(R), x 1=f(f(R)), x 2=f(f(f(R))),..., x 100 keeps this list, host sets her password to x 101 logs on with x 100, host verifies f(x 100)=x 101, resets password to x 100 Next time logs on with x 99 36 6

Authentication on Log-on Someone sniffing on the network can learn the password Host keeps a file of every user s public key Users keep their private keys When attempts to log on, host sends her a random number R encrypts R with her private key and sends to host Host can now verify her identity by decrypting the message and retrieving R Authentication and Key Exchange wants to exchange keys with How can she be sure that she is talking to? How is this solved in the real world? gets his ID from a trusted authority government, DV shows his ID to 37 38 Arbitrated Key Exchange Trent will play the role of trusted authority He will arbitrate key exchange and guarantee for s and s identity 39 Key Exchange with Digital Signatures Trent signs both s and s public keys he generates public-key certificate When they receive keys they verify the signature Everyone has Trent s public key allory cannot impersonate or because his key is signed as allory s ertificate usually contains more than the public key Name, network address, organization Trent is known as ertificate Authority (A) 40 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback