Ref:

Similar documents
Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Kurose & Ross, Chapters (5 th ed.)

Encryption. INST 346, Section 0201 April 3, 2018

The Network Security Model. What can an adversary do? Who might Bob and Alice be? Computer Networks 12/2/2009. CSC 257/457 - Fall

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

CS 332 Computer Networks Security

SECURITY IN NETWORKS

CSC 8560 Computer Networks: Network Security

SECURITY IN NETWORKS 1

14. Internet Security (J. Kurose)

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

Computer Communication Networks Network Security

Welcome to CS 395/495 Internet Security: A Measurement-based Approach

Network Security. Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2002.

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Lecture 1 Applied Cryptography (Part 1)

CS Computer Networks 1: Authentication

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Internet and Intranet Protocols and Applications

Computer Security: Principles and Practice

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

CSE 127: Computer Security Cryptography. Kirill Levchenko

Cryptography Functions

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

APNIC elearning: Cryptography Basics

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

Chapter 8. Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2004.

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Public Key Algorithms

Chapter 8 Security. Computer Networking: A Top Down Approach. Andrei Gurtov. 7 th edition Jim Kurose, Keith Ross Pearson/Addison Wesley April 2016

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Introduction to Cryptography

Cryptographic Concepts

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

UNIT - IV Cryptographic Hash Function 31.1

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Cryptographic Systems

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

PROTECTING CONVERSATIONS

Computer Networks II

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

1.264 Lecture 28. Cryptography: Asymmetric keys

Cryptography (Overview)

Computer Networks. Wenzhong Li. Nanjing University

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Lecture 2 Applied Cryptography (Part 2)

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

CSC 774 Network Security

S. Erfani, ECE Dept., University of Windsor Network Security

COSC : mobility within same subnet. Lecture 26. H1 remains in same IP subnet: IP address can remain same

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

EEC-682/782 Computer Networks I

CSC 474/574 Information Systems Security

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

CS61A Lecture #39: Cryptography

Chapter 9 Public Key Cryptography. WANG YANG

Public-key Cryptography: Theory and Practice

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Cryptography MIS

Information System Architecture Natawut Nupairoj Ph.D. Department of Computer Engineering, Chulalongkorn University

CSC/ECE 774 Advanced Network Security

System and Network Security

CRYPTOGRAPHY & DIGITAL SIGNATURE

Network Security. Chapter 8. MYcsvtu Notes.

Uses of Cryptography

EEC-484/584 Computer Networks

CSC 474/574 Information Systems Security

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

2.1 Basic Cryptography Concepts

Garantía y Seguridad en Sistemas y Redes

More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017

Encryption I. An Introduction

Chapter 4: Securing TCP connections

Chapter 8 Network Security. Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Practical Aspects of Modern Cryptography

Symmetric Cryptography. CS4264 Fall 2016

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

David Wetherall, with some slides from Radia Perlman s security lectures.

Cryptography Math/CprE/InfAs 533

Introduction to Cryptography. Vasil Slavov William Jewell College

Chapter 8 Network Security

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

Classical Cryptography. Thierry Sans

Background. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33

Chapter 8 Security. Computer Networking: A Top Down Approach

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Security: Cryptography

Shared Secret = Trust

Some Stuff About Crypto

Transcription:

Cryptography & digital signature Dec. 2013 Ref: http://cis.poly.edu/~ross/

2 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner Slides: http://cis.poly.edu/~ross/ 2

3 Cryptography issues Confidentiality: only sender, intended receiver should understand message contents sender encrypts message receiver decrypts message End-Point Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection 3

4 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice want to communicate securely Trudy (intruder) may intercept, delete, add messages

5 Who might Bob, Alice be? well, real-life Bobs and Alices! Web browser/server for electronic transactions (e.g., on-line purchases) on-line banking client/server DNS servers routers exchanging routing table updates other examples? 5

6 Simple encryption scheme substitution cipher: substituting one thing for another monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq E.g.: Plaintext: i am bob Ciphertext: s mh nkn Key: the mapping from the set of 26 letters to the set of 26 letters 6

7 The language of cryptography m plaintext message K A (m) ciphertext, encrypted with key K A m = K B (K A (m)) 7

8 Types of Cryptography Crypto often uses keys: Algorithm is known to everyone Only keys are secret Public key cryptography Involves the use of two keys Symmetric key cryptography Involves the use one key Hash functions Involves the use of no keys Nothing secret: How can this be useful? 8

9 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner 9

10 Symmetric key cryptography symmetric key crypto: Bob and Alice share same (symmetric) key: K S e.g., key is knowing substitution pattern in mono alphabetic substitution cipher Q: how do Bob and Alice agree on key value? 10

Prototype function From Kaufman 11 et al 64-bit input 8bits 8bits 8bits 8bits 8bits 8bits 8bits 8bits S 1 S 2 S 3 S 4 S 5 S 6 S 7 S 8 8 bits 8 bits 8 bits 8 bits 8 bits 8 bits 8 bits 8 bits 64-bit intermediate 8-bit to 8-bit mapping Loop for n rounds 64-bit output 11

12 Encrypting a large message Why not just break message in 64-bit blocks, encrypt each block separately? If same block of plaintext appears twice, will give same cyphertext. How about: Generate random 64-bit number r(i) for each plaintext block m(i) Calculate c(i) = K S ( m(i) r(i) ) Transmit c(i), r(i), i=1,2, At receiver: m(i) = K S (c(i)) r(i) Problem: inefficient, need to send c(i) and r(i) 12

Symmetric key crypto: DES 13 DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64-bit plaintext input Block cipher with cipher block chaining How secure is DES? DES Challenge: 56-bit-key-encrypted phrase decrypted (brute force) in less than a day No known good analytic attack making DES more secure: 3DES: encrypt 3 times with 3 different keys (actually encrypt, decrypt, encrypt) 13

AES: Advanced Encryption Standard 14 new (Nov. 2001) symmetric-key NIST standard, replacing DES processes data in 128 bit blocks 128, 192, or 256 bit keys brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES 14

15 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner 15

16 Public Key Cryptography symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if never met )? public key cryptography radically different approach [Diffie- Hellman76, RSA78] sender, receiver do not share secret key public encryption key known to all private decryption key known only to receiver 16

17 Public key cryptography 17

18 Public key encryption algorithms Requirements: 1 2.. + - need K ( ) and K ( ) such that B B - + K (K (m)) = m B B given public key K, B it should be impossible to compute private key - K B + RSA: Rivest, Shamir, Adelson algorithm 18

19 RSA: another important property The following property will be very useful later: - + K (K (m)) = m B B use public key first, followed by private key = + - B B K (K (m)) use private key first, followed by public key Result is the same! 19

20 Cryptography Overview Symmetric Key Cryptography Public Key Cryptography Message integrity and digital signatures References: Stallings Kurose and Ross Network Security: Private Communication in a Public World, Kaufman, Perlman, Speciner 20

Message Integrity 21 Allows communicating parties to verify that received messages are authentic. Content of message has not been altered Source of message is who/what you think it is Message has not been artificially delayed (playback attack) Sequence of messages is maintained Let s first talk about message digests 21

22 Message Digests Function H( ) that takes as input an arbitrary length message and outputs a fixed-length string: message signature Note that H( ) is a many-to-1 function H( ) is often called a hash function large message m Desirable properties: Easy to calculate H: Hash Function H(m) Irreversibility: Can t determine m from H(m) Collision resistance: Computationally difficult to produce m and m such that H(m) = H(m ) Seemingly random output 22

23 Hash Function Algorithms MD5 hash function widely used (RFC 1321) computes 128-bit message digest in 4-step process. SHA-1 is also used. US standard [NIST, FIPS PUB 180-1] 160-bit message digest 23

24 Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator. verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document 24

25 Digital Signatures Simple digital signature for message m: Bob signs m by encrypting with his private - - key K B, creating signed message, K B (m) 25

Digital signature = signed message digest 26 Bob sends digitally signed message: Alice verifies signature and integrity of digitally signed message: equal? 26

Secure e-mail: Authentication and Message Integrity 27 Alice wants to provide sender authentication message integrity. Alice digitally signs message. sends both message (in the clear) and digital signature. 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback