Advanced Crypto. 2. Public key, private key and key exchange. Author: Prof Bill Buchanan

Similar documents
Chapter 2: Secret Key

Data Loss Prevention 4. Encryption Public/private key. Hashing. Digital Certificates. Disk Encryption. Tunnels.

Advanced Crypto. Author: Prof Bill Buchanan

CSE 127: Computer Security Cryptography. Kirill Levchenko

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

APNIC elearning: Cryptography Basics

Encryption 2. Tom Chothia Computer Security: Lecture 3

Encryption. INST 346, Section 0201 April 3, 2018

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Key Exchange. Secure Software Systems

Basics of Cryptography

The Application of Elliptic Curves Cryptography in Embedded Systems

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Public Key Algorithms

Topics. Number Theory Review. Public Key Cryptography

Intro to Public Key Cryptography Diffie & Hellman Key Exchange

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Winter 2011 Josh Benaloh Brian LaMacchia

Kurose & Ross, Chapters (5 th ed.)

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Symmetric Cryptography. CS4264 Fall 2016

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

Cryptographic Systems

Chapter 6: Digital Certificates Introduction Authentication Methods PKI Digital Certificate Passing

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Chapter 9 Public Key Cryptography. WANG YANG

Presented by: Kevin Hieb May 2, 2005

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Public Key Algorithms

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

Introduction to Cryptographic Systems. Asst. Prof. Mihai Chiroiu

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Cryptography in Lotus Notes/Domino Pragmatic Introduction for Administrators

PGP: An Algorithmic Overview

Jaap van Ginkel Security of Systems and Networks

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

6 Cryptographic Techniques A Brief Introduction

Lecture 20 Public key Crypto. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides from Miller and Bailey s ECE 422

Symmetric, Asymmetric, and One Way Technologies

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Intel R Integrated Performance Primitives. Cryptography Guide. Andrzej Chrzȩszczyk Jakub Chrzȩszczyk

CSC 474/574 Information Systems Security

Network Security. Chapter 4 Public Key Cryptography. Public Key Cryptography (4) Public Key Cryptography

Chapter 9. Public Key Cryptography, RSA And Key Management

Crypto CS 485/ECE 440/CS 585 Fall 2017

Stream Ciphers and Block Ciphers

Encryption Algorithms

PUBLIC KEY CRYPTO. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

Comp527 status items. Crypto Protocols, part 2 Crypto primitives. Bart Preneel July Install the smart card software. Today

Analysis, demands, and properties of pseudorandom number generators

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Ref:

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Public Key Cryptography

Making and Breaking Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

EEC-682/782 Computer Networks I

Lecture 6 - Cryptography

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Lecture 5. Encryption Continued... Why not 2-DES?

Lecture 2 Applied Cryptography (Part 2)

Computer Security 3/23/18

Cryptography. Cryptography is everywhere. German Lorenz cipher machine

Cryptography Functions

Key Management and Distribution

n-bit Output Feedback

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

Diffie-Hellman. Part 1 Cryptography 136

CPSC 467b: Cryptography and Computer Security

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Lecture 4. Encryption Continued... Data Encryption Standard (DES)

Alice in Cyber world

A simple approach of Peer-to-Peer E-Cash system

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

The Design of an Anonymous and a Fair Novel E-cash System

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption

Internet and Intranet Protocols and Applications

Jaap van Ginkel Security of Systems and Networks

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security

EEC-484/584 Computer Networks

CS 332 Computer Networks Security

CSC 774 Network Security

Grenzen der Kryptographie

Overview. Public Key Algorithms I

SECURITY IN NETWORKS 1

Data Encryption Standard (DES)

Cryptography (Overview)

Week 5: Advanced Encryption Standard. Click

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Total No. of Questions : 09 ] [ Total No.of Pages : 02

Public Key (asymmetric) Cryptography

David Wetherall, with some slides from Radia Perlman s security lectures.

Symmetric-Key Cryptography

Transcription:

Advanced Crypto 2. Public key, private key and key exchange. Bob Alice Key Entropy. Key generators. Private key (AES, Twofish, CAST, IDEA, Blowfish, DES, 3DES, RC2, RC4/RC5, Skipjack, Camellia, Affine). Stream or block? ECB/CBC/OFB. Salting. Public key (RSA, DSA, ElGamal). Elliptic curve. Diffie-Hellman. FIPS. http://asecuritysite.com/crypto Eve Trent

Encryption Introduction Intruder Eve Privacy (Private Key) Identity (Public Key) Integrity (Public/Private Key) Bob Alice John John Trent Trusted third party

Encryption Conclusion Encryption Bob Eve Public key Encryption/ Decryption Typical application: Diffie-Hellman used to generate private-key. Public-key used for authentication. Private-key used for encryption. Encryption/ Decryption Key exchange (Diffie-Hellman) Secret key used to encrypt/decrypt (DES/3DES/AES) Communications Channel Used to authenticate (RSA) Encryption/ Decryption Alice Private key Private key Key exchange (Diffie-Hellman) John John Public key Secret key used to encrypt/decrypt (DES/3DES/AES) Public key Used to authenticate (RSA) Private key Private key John John RSA 2048 bits Replace by: ElGamal 160bits Public key

Advanced Crypto 2. Public key, private key and key exchange. Bob Alice Eve Block or stream? Trent http://asecuritysite.com/crypto

RC4. This is a stream encryption algorithm, and is used in wireless communications (such as in WEP) and SSL (Secure Sockets). IV and Key RC4 Pseudo infinite stream (eg 1110000 100) + Cipher stream (eg 1010110 110) Private-key methods The IV (Initiation Vector) gives variation in the output for the same key Ex-OR operator Data stream (eg 0101010. 010) Data stream 0101010 010 Pseudo infinite stream 1110000 100 Cipher stream 1010110 110 + Encryption

Advanced Crypto 2. Public key, private key and key exchange. Bob Alice Eve Private Key Trent http://asecuritysite.com/crypto

Encryption Private key DES AES Blowfish DES (Enc) DES (Dec) DES (Enc) K 1 K 2 K 1 DES. DES encryption algorithm is block cipher and uses a 64-bit block and a 64-bit encryption key. 3DES. DES encryption algorithm is block cipher and uses a 64-bit block and a 64-bit encryption key (of which only 56 bits are actively used in the encryption process). Unfortunately DES has been around for a long time, and the 56-bit version is now easily crackable (in less than a day, on fairly modest equipment). An enhancement, and one which is still fairly compatible with DES, is the 3- DES algorithm. It has three phases, and splits the key into two. Overall the key size is typically 112 bits (2x54 bits - with a combination of the three keys - of which two of the keys are typically the same). The algorithm is EncryptK3( DecryptK2( EncryptK1(message), where K1 and K3 are typically the same (to keep compatibility). Twofish Bruce Schneier created Twofish with a general-purpose private key block cipher encryption algorithm. AES. AES (or Rijndael) is a new block cipher, and is the new replacement for DES, and uses 128- bit blocks with 128, 192 and 256 bit encryption keys. It was selected by NIST in 2001 (after a five year standardisation process). The name Rijndael comes from its Belgium creators: Joan Daemen and Vincent Rijmen. RC2 RC2. RC2. RC2 ("Rivest Cipher") is a block cipher, and is seen as a replacement for DES. It was created by Ron Rivest in 1987, and is a 64- bit block code and can have a key size from 40 bits to 128-bits (in increments of 8 bits). The 40-bit key version is seen as weak, as the encryption key is so small, but is favoured by governments for export purposes, as it can be easily cracked. In this case the key is created from a Key and an IV (Initialisation Vector). The key has 12 characters (96 bits), and the IV has 8 characters (64 bits), which go to make the overall key. Blowfish. Bruce Schneier created Blowfish with a general-purpose private key block cipher encryption algorithm. Blowfish (with CBC). Blowfishcbc. With CBC we split the message into blocks and encrypt each block. The input from the first stage is the IV (Initialisation Vector), and the input to the following stages is the output from the previous stage. In this example we will use Blowfish to encrypt, using CBC. Others Skipjack. Skip jack. Skipjack is a block cipher, using private-key encryption algorithm, and designed by NSA. Camellia. Camillia is a block cipher created by Mitsubishi and NTT. RC4. RC4 is a stream cipher used in WEP (in wireless encryption). Affine. Affine is a stream cipher which uses an equation to encrypt.

Advanced Crypto 2. Public key, private key and key exchange. Bob Alice Eve Key Exchange Trent http://asecuritysite.com/crypto

Encryption Logs Eve Bob A x A y A (x+y) Alice (A x ) y A xy John John

Encryption Logs Eve Random value x A Agreed number Random value y Bob A x A Y Alice A Y A x Private key

Encryption Logs Eve Random value x A Agreed number Random value y Bob A x A Y Alice A Y A x (A Y ) x (A x ) y

Advanced Crypto 2. Public key, private key and key exchange. Bob Alice Eve Public Key Trent http://asecuritysite.com/crypto

Encryption RSA Select two primes (p,q) Next, the n value is calculated. Thus: n = p x q = 11 x 3 = 33 Next PHI is calculated by: PHI = (p-1)(q-1) = 20 e selected so that GCD(e,PHI)=1 Public key: (n,e)

Bob Select two prime numbers: a and b n = a x b e is chosen so that e and (a-1)x(b-1) are relatively prime (no common factor greater than 1) d = e-1 mod [(a-1)x(b-1)] Public-key encryption Public key is now: <e,n> Private key is now: <d,n> Encryption Generating public and private keys

Eve Public key generates two keys: A public key and a private one. These are special in that if one is applied to encrypt, the other can be used to decrypt Public-key Public key are keys which relate to extremely large prime numbers (as it is difficult to factorise large prime numbers). It is extremely difficult to determine a private key from a public key. Public-key encryption Bob Encryption Communications Channel Decryption Alice Public key Public key Private key Private key Encryption

Public-key Public-key encryption Bob Eve Public key Encryption A. Bob creates the message. B. Bob encrypts with Alice s public key and sends Alice the encrypted message C. Alice decrypts with her private key D. Alice receives the message A Hello Communications Channel B Once Bob encrypts the message, the only key which can decrypt it is Alice s private key. Bob and Alice keep their private keys secret. Decryption Alice Public key Encryption Private key H&$d. C D Private key Hello

Using Bob s private key to authenticate himself Message Message MD5 Encrypted MD5 The magic private key Bob s private key Bob Bob s public key Authentication

Bob encrypts the message/hash with Alice s public key Message Message MD5 Encrypted MD5 Bob The magic private key Bob s public key Bob s private key Encrypted Content Alice s public key Alice Authentication Alice s private key

Bob encrypts the message/hash with Alice s public key Message MD5 Message Encrypted MD5 Encrypted Content Bob Bob s private key The magic private key Authentication Bob s public key Encrypted Content Alice s public key Alice s private key Alice

Alice decrypts the message Message MD5 Message Encrypted MD5 Encrypted Content Bob Bob s private key The magic private key Bob s public key Alice Authentication Encrypted Content Message Encrypted MD5 Alice s public key Alice s private key

Alice decrypts the message Message MD5 Message Encrypted MD5 Encrypted Content Bob Bob s private key The magic private key Bob s public key Alice Authentication Encrypted Content Message Encrypted MD5 MD5 (message) MD5 (result) Alice compares the MD5 values. If they are the same Bob sent the message

Advanced Crypto 2. Public key, private key and key exchange. Bob Alice Key Entropy. Key generators. Private key (AES, Twofish, CAST, IDEA, Blowfish, DES, 3DES, RC2, RC4/RC5, Skipjack, Camellia, Affine). Stream or block? ECB/CBC/OFB. Salting. Public key (RSA, DSA, ElGamal). Elliptic curve. Diffie-Hellman. FIPS. http://asecuritysite.com/crypto Eve Trent

Discrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier http://asecuritysite.com @billatnapier Introduction. Encryption: Public/Private Key. Key Exchange. Authentication. Signatures. ElGamal. Alice Bob John John ElGamal Eve Trent

Encryption Napier s logs John John g log(g) g = a.b = log(a)+log(b) = Inverse Log (log(a)+log(b)) ` g log(g) g g log(g) g = a/b = log(a)-log(b) = Inverse Log (log(a)-log(b)) = a x = x.log(a) = Inverse Log (x.log(a)) Eg g = 10 3 log 10 (g) = 3.log 10 (10) g = 10 (3x1) = 1,000

Encryption Discrete Logs John John g = a x mod P For example: a=5, x=3, P=7 g = 5 3 mod 7 = 125 mod 7 = 6 ` x Bob a x y Alice a y (a y ) x (a x ) y a xy a xy

Encryption ElGamal Bob John Y = g x mod p John Extremely difficult to the value of x, and there can be many solutions Eve Eve Y = 3 4 mod 17 -> 13 Alice

Encryption ElGamal Bob First Bob generates a prime number (p) and a number (g) which is between 1 and (p-1): p g x P: G: Bob select a random number (x) which will be his private key: Bob selects a random number(x): He then calculates Y: Bob sends g, p and Y to Alice. Y = g x mod p John Alice John

Alice p g y M (message) John K (random) John a=g k mod P b=y k M mod P a,b Bob

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback