Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Similar documents
9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

CSC 474/574 Information Systems Security

CSC 774 Network Security

CSC/ECE 774 Advanced Network Security

APNIC elearning: Cryptography Basics

CSE 127: Computer Security Cryptography. Kirill Levchenko

Ref:

Encryption and Forensics/Data Hiding

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Lecture 1 Applied Cryptography (Part 1)

Introduction to Cryptography

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Cryptographic Concepts

Computer Security: Principles and Practice

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security CS 526

Encryption. INST 346, Section 0201 April 3, 2018

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

2.1 Basic Cryptography Concepts

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Winter 2011 Josh Benaloh Brian LaMacchia

Security Requirements

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

CSCI 454/554 Computer and Network Security. Topic 4. Cryptographic Hash Functions

Outline. Hash Function. Length of Hash Image. AIT 682: Network and Systems Security. Hash Function Properties. Question

Outline. AIT 682: Network and Systems Security. Hash Function Properties. Topic 4. Cryptographic Hash Functions. Instructor: Dr.

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Security: Cryptography

Security. Communication security. System Security

18-642: Cryptography 11/15/ Philip Koopman

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

UNIT - IV Cryptographic Hash Function 31.1

1.264 Lecture 28. Cryptography: Asymmetric keys

PROTECTING CONVERSATIONS

2/7/2013. CS 472 Network and System Security. Mohammad Almalag Lecture 2 January 22, Introduction To Cryptography

CIS 4360 Secure Computer Systems Symmetric Cryptography

Cryptography (Overview)

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

Computer Security 3/23/18

CSC 580 Cryptography and Computer Security

Lecture 3: Symmetric Key Encryption

David Wetherall, with some slides from Radia Perlman s security lectures.

Crypto: Symmetric-Key Cryptography

Lecture 4: Symmetric Key Encryption

Cryptography MIS

EEC-682/782 Computer Networks I

Introduction to Symmetric Cryptography

Practical Aspects of Modern Cryptography

n-bit Output Feedback

Cryptography Math/CprE/InfAs 533

Chapter 9 Public Key Cryptography. WANG YANG

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

CSCE 813 Internet Security Symmetric Cryptography

Public Key Cryptography

Lecture 6: Symmetric Cryptography. CS 5430 February 21, 2018

Classical Cryptography. Thierry Sans

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

EEC-484/584 Computer Networks

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

A hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).

Scanned by CamScanner

Cryptanalysis. Ed Crowley

Some Stuff About Crypto

Public-key Cryptography: Theory and Practice

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

Cryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

CS Computer Networks 1: Authentication

Cryptography ThreeB. Ed Crowley. Fall 08

Message Authentication Codes and Cryptographic Hash Functions

Cryptography Functions

Public Key Algorithms

L13. Reviews. Rocky K. C. Chang, April 10, 2015

CS682 Advanced Security Topics

Shared Secret = Trust

Conventional Encryption Principles Conventional Encryption Algorithms Cipher Block Modes of Operation Location of Encryption Devices Key Distribution

Uses of Cryptography

10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms

Cryptography Introduction

18-642: Cryptography

Data Integrity. Modified by: Dr. Ramzi Saifan

S. Erfani, ECE Dept., University of Windsor Network Security

Course Business. Midterm is on March 1. Final Exam is Monday, May 1 (7 PM) Allowed to bring one index card (double sided) Location: Right here

Nature Sunday Academy Lesson Plan

SECURITY IN NETWORKS

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

Cryptography and Network Security Chapter 12. Message Authentication. Message Security Requirements. Public Key Message Encryption

Goals of Modern Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Block Ciphers. Secure Software Systems

Lecture 5. Cryptographic Hash Functions. Read: Chapter 5 in KPS

Unit 8 Review. Secure your network! CS144, Stanford University

Transcription:

Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1

Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2

Encryption/Decryption plaintext encryption ciphertext decryption plaintext key key Plaintext: a message in its original form Ciphertext: a message in the transformed, hidden form Encryption: the process that transforms a plaintext into a ciphertext Decryption: the process that transforms a ciphertext to the corresponding plaintext Key: the value used to control encryption/decryption. 3

Cryptanalysis code breaking, attacking the cipher Difficulty depends on sophistication of the cipher amount of information available to the code breaker Any cipher can be broken by exhaustive trials, but rarely practical 4

Caesar Cipher Replace each letter with the one 3 letters later in the alphabet ex.: plaintext CAT ciphertext FDW plaintext alphabet A B C D E F G H I J K ciphertext alphabet A B C D E F G H I J K Trivial to break 5

Mono-Alphabetic Ciphers Generalized substitution cipher: an arbitrary (but fixed) mapping of one letter to another 26! ( 4.0*10 26 2 88 ) possibilities plaintext alphabet A B C D E F G H I J K ciphertext alphabet A B C D E F G H I J K 6

Attacking Mono-Alphabetic Ciphers Broken by statistical analysis of letter, word, and phrase frequencies of the language Frequency of single letters in English language, taken from a large corpus of text: 7

Ciphertext Only Attacks Ex.: attacker can intercept encrypted communications, nothing else Breaking the cipher: analyze patterns in the ciphertext provides clues about the encryption method/key 8

Known Plaintext Attacks Ex.: attacker intercepts encrypted text, but also has access to some of the corresponding plaintext (definite advantage) Makes some codes (e.g., mono-alphabetic ciphers) very easy to break 9

Chosen Plaintext Attacks Ex.: attacker can choose any plaintext desired, and intercept the corresponding ciphertext Allows targeted code breaking (choose exactly the messages that will reveal the most about the cipher) 10

Secret Keys vs Secret Algorithms Security by obscurity We can achieve better security if we keep the algorithms secret Hard to keep secret if used widely Reverse engineering, social engineering Publish the algorithms Security of the algorithms depends on the secrecy of the keys Less unknown vulnerability if all the smart (good) people in the world examine the algorithms 11

Outline Basic concepts in cryptography system Secret key cryptography Public key cryptography Hash functions 12

Secret Key Cryptography plaintext encryption ciphertext decryption plaintext key Same key key Same key is used for encryption and decryption Also known as Symmetric cryptography Conventional cryptography 13

Secret Key Cryptography Stream cipher Block cipher Converts one input plaintext block of fixed size k bits to an output ciphertext block of k bits DES, IDEA, AES, AES Selected from an open competition, organized by NSA Joan Daemen and Vincent Rijmen (Belgium) Block size=128 bits, Key Size= 128/192/256 bits 14

Key Size Keys should be selected from a large potential set, to prevent brute force attacks Secret key sizes 40 bits were considered adequate in 70 s 56 bits used by DES were adequate in the 80 s 128 bits are adequate for now If computers increase in power by 40% per year, need roughly 5 more key bits per decade to stay sufficiently hard to break 15

Public Key Cryptography plaintext encryption ciphertext decryption plaintext Public key Private key A public/private key pair is used Public key can be publicly known Private key is kept secret by the owner of the key Much slower than secret key cryptography Also known as asymmetric cryptography Another mode: digital signature 16

Public Key Cryptography plaintext Sign ciphertext Verify plaintext Private key Public key Digital signature Only the party with the private key can create a digital signature. The digital signature is verifiable by anyone who knows the public key. The signer cannot deny that he/she has done so. 17

Public Key Cryptography It must be computationally easy to generate a public / private key pair hard to determine the private key, given the public key It must be computationally easy to encrypt using the public key easy to decrypt using the private key hard to recover the plaintext message from just the ciphertext and the public key 18

Symmetric vs Asymmetric Symmetric algorithms are much faster In the order of a 1000 times faster Symmetric algorithms require a shared secret Impractical if the communicating entities don t have another secure channel Both algorithms are combined to provide practical and efficient secure communication E.g., establish a secret session key using asymmetric crypto and use symmetric crypto for encrypting the traffic 19

Outline Basic concepts in cryptography system Secret key cryptography Public key cryptography Hash functions 20

Cryptographic Hash Functions Message of arbitrary length Hash A fixed-length short message Also known as Message digest One-way transformation One-way function Hash Length of H(m) much shorter than length of m Usually fixed lengths: 128 or 160 bits 21

Properties of Crypto Hashes Consider a hash function H Performance: Easy to compute H(m) One-way property: Given H(m) but not m, it s computationally infeasible to find m Weak collision resistance (free): Given H(m), it s computationally infeasible to find m such that H(m ) = H(m). Strong collision resistance (free): Computationally infeasible to find m 1, m 2 such that H(m 1 ) = H(m 2 ) 22

Crypto Hash Applications File / Message integrity Check if a downloaded file is corrupted Detect if a file has been changed by someone after it was stored Compute a hash H(F) of file F openssl dgst -md5 filename 23

Crypto Hash Applications Password verification Password cannot be stored in plaintext In a hashed format Linux: /etc/passwd, /etc/shadow cat /etc/shadow 24

Crypto Hash Applications User authentication Alice wants to authenticate herself to Bob Assuming they already share a secret key K Alice Bob computes Y=H(R K) time verifies that Y=H(R K) 25

MD5 (128 bits) Modern Hash Functions Previous versions (i.e., MD2, MD4) have weaknesses. Broken; collisions published in August 2004 Too weak to be used for serious applications SHA (Secure Hash Algorithm) Weaknesses were found SHA-1 (160 bits) Broken, but not yet cracked Collisions in 2 69 hash operations, much less than the brute-force attack of 2 80 operations Results were circulated in February 2005, and published in CRYPTO 05 in August 2005 SHA-256, SHA-384, SHA-512 26

Electronic Code Book (ECB) Plaintext M 1 M 2 M 3 M 4 128 128 128 46 + padding Key E E E E 128 128 128 128 Ciphertext C 1 C 2 C 3 C 4 27

Cipher Block Chaining (CBC) M 1 M 2 M 3 M 4 Initialization Vector Key 128 128 128 46 + padding E E E E 128 128 128 128 C 1 C 2 C 3 C 4 28

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback