Lecture 6 - Cryptography

Similar documents
Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

CS Computer and Network Security: Applied Cryptography

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Public Key Algorithms

Public Key Algorithms

Overview. Public Key Algorithms I

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Chapter 9. Public Key Cryptography, RSA And Key Management

Lecture 2 Applied Cryptography (Part 2)

Chapter 9 Public Key Cryptography. WANG YANG

CSC 474/574 Information Systems Security

Number Theory and RSA Public-Key Encryption

Public Key Cryptography

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Module: Cryptography. Professor Patrick McDaniel Fall CSE543 - Introduction to Computer and Network Security

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Kurose & Ross, Chapters (5 th ed.)

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

CIS 4360 Secure Computer Systems Applied Cryptography

Intro to Public Key Cryptography Diffie & Hellman Key Exchange

David Wetherall, with some slides from Radia Perlman s security lectures.

Encryption. INST 346, Section 0201 April 3, 2018

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Lecture 7 - Applied Cryptography

Chapter 3 Public Key Cryptography

Cryptography and Network Security

Cryptographic Systems

Spring 2010: CS419 Computer Security

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Public Key Algorithms

CSC/ECE 774 Advanced Network Security

Computer Security: Principles and Practice

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Key Exchange. Secure Software Systems

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Cryptography and Network Security. Sixth Edition by William Stallings

CS Computer Networks 1: Authentication

Cryptography and Network Security

CS 332 Computer Networks Security

Key Management and Distribution

Diffie-Hellman. Part 1 Cryptography 136

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

CS 6324: Information Security More Info on Key Establishment: RSA, DH & QKD

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Cryptographic Hash Functions

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Encryption 2. Tom Chothia Computer Security: Lecture 3

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?

Other Topics in Cryptography. Truong Tuan Anh

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings

1. Diffie-Hellman Key Exchange

Lecture 6: Overview of Public-Key Cryptography and RSA

Public Key Cryptography

CSE 127: Computer Security Cryptography. Kirill Levchenko

Network Security. Chapter 4 Public Key Cryptography. Public Key Cryptography (4) Public Key Cryptography

CS669 Network Security

Cryptography MIS

n-bit Output Feedback

Digital Signatures. KG November 3, Introduction 1. 2 Digital Signatures 2

Chapter 7 Public Key Cryptography and Digital Signatures

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

18733: Applied Cryptography Anupam Datta (CMU) Basic key exchange. Dan Boneh

Grenzen der Kryptographie

Public Key (asymmetric) Cryptography

PROTECTING CONVERSATIONS

Cryptographic Primitives A brief introduction. Ragesh Jaiswal CSE, IIT Delhi

Security: Cryptography

CS 161 Computer Security

APNIC elearning: Cryptography Basics

CPSC 467: Cryptography and Computer Security

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Public-Key Cryptography

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

ASYMMETRIC (PUBLIC-KEY) ENCRYPTION. Mihir Bellare UCSD 1

CSC 774 Network Security

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Tuesday, January 17, 17. Crypto - mini lecture 1

ASYMMETRIC (PUBLIC-KEY) ENCRYPTION. Mihir Bellare UCSD 1

ASYMMETRIC CRYPTOGRAPHY

CSC 8560 Computer Networks: Network Security

ECEN 5022 Cryptography

Introduction to Cryptography Lecture 7

Public Key Cryptography and RSA

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

CPSC 467b: Cryptography and Computer Security

Computer Security 3/23/18

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017

What did we talk about last time? Public key cryptography A little number theory

Keywords Session key, asymmetric, digital signature, cryptosystem, encryption.

Transcription:

Lecture 6 - Cryptography CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12

Question Setup: Assume you and I donʼt know anything about each other, but we want to communicate securely. We want to establish a key that we can encrypt communication with each other. Q: Is this possible?? 2

Diffie-Hellman Key Agreement The DH paper really started the modern age of cryptography, and indirectly the security community Negotiate a secret over an insecure media E.g., in the clear (seems impossible) Idea: participants exchange intractable puzzles that can be solved easily with additional information. Mathematics are very deep Working in multiplicative group G Use the hardness of computing discrete logarithms in finite field to make secure Things like RSA are variants that exploit similar properties 3

Diffie-Hellman Protocol For two participants p 1 and p 2 Setup: We pick a prime number p and a base g (<p) This information is public E.g., p=13, g=4 Step 1: Each principal picks a private value x (<p-1) Step 2: Each principal generates and communicates a new value y = g x mod p Step 3: Each principal generates the secret shared key z z = y x mod p Where y is the value received from the other party. 4

A protocol run... p=17, g=6 Step 1) Alice picks x=4 Bob picks x=5 Step 2) Alice's y = 6^4 mod 17 = 1296 mod 17 = 4 Bob's y = 6^5 mod 17 = 7776 mod 17 = 7 Step 3) Alice's z = 7^4 mod 17 = 2401 mod 17 = 4 Bob's z = 4^5 mod 17 = 1024 mod 17 = 4 5

Attacks on Diffie-Hellman This is key exchange, not authentication. You really donʼt know anything about who you have exchanged keys with The man in the middle A B Alice and Bob think they are talking directly to each other, but Mallory is actually performing two separate exchanges You need to have an authenticated DH exchange The parties sign the exchanges (more or less) See Schneier for a intuitive description 6

Public Key Cryptography Public Key cryptography Each key pair consists of a public and private component: k + (public key), k - (private key) D( k +, E(k -,p)) = p D( k -, E(k +, p) ) = p Public keys are distributed (typically) through public key certificates Anyone can communicate secretly with you if they have your certificate E.g., SSL-based web commerce 7

RSA (Rivest, Shamir, Adelman) A dominant public key algorithm The algorithm itself is conceptually simple Why it is secure is very deep (number theory) Use properties of exponentiation modulo a product of large primes "A method for obtaining Digital Signatures and Public Key Cryptosystems, Communications of the ACM, Feb., 1978 21(2) pages 120-126. 8

RSA Key Generation Pick two large primes p and q Calculate n = pq Pick e such that it is relatively prime to phi(n) = (q-1)(p-1) Eulerʼs Totient Function d ~= e -1 mod phi(n) or de mod phi(n) = 1 1. p=3, q=11 2. n = 3*11 = 33 3. phi(n) = (2*10) = 20 4. e = 7 GCD(20,7) = 1 Euclid s Algorithm 5. d * 7 mod 20 = 1 d = 3 9

RSA Encryption/Decryption Public key k + is {e,n} and private key k - is {d,n} Encryption and Decryption E(k+,P) : ciphertext = plaintext e mod n D(k-,C) : plaintext = ciphertext d mod n Example Public key (7,33), Private Key (3,33) Data 4 (encoding of actual data) E({7,33},4) = 4 7 mod 33 = 16384 mod 33 = 16 D({3,33},16) = 16 3 mod 33 = 4096 mod 33 = 4 10

Encryption using private key Encryption and Decryption E(k -,P) : ciphertext = plaintext d mod n D(k +,C) : plaintext = ciphertext e mod n E.g., E({3,33},4) = 4 3 mod 33 = 64 mod 33 = 31 D({7,33},19) = 31 7 mod 33 = 27,512,614,111 mod 33 = 4 Q: Why encrypt with private key? 11

The symmetric/asymmetric key tradeoff Symmetric (shared) key systems Efficient (Many MB/sec throughput) Difficult key management Kerberos Key agreement protocols Asymmetric (public) key systems Slow algorithms (so far ) Easy key management PKI - public key infrastructures Webs of trust (PGP) 12

Hash Algorithms (aka crypto checksums) Hash algorithm h() In general algorithmic use, generates succinct representation of some data, fixed output size Used for binning items in collections A funneling algorithm Infinite inputs... Fixed-length outputs Pigeonhole Principle If you have n bins, and n+1 items, at least one bin will contain more than one item Implication: there will be collisions in any hash algorithm i.e., h(x) == h(y), for some infinite number of x and y 13

Hash Algorithms (aka crypto checksums) Hash algorithm Compression of data into a hash value E.g., h(d) = parity(d) Such algorithms are generally useful in programs as used in cryptosystems One-way - (computationally) hard to invert h(), i.e., compute h -1 (y), where y=h(d) Collision resistant hard to find two data x 1 and x 2 such that h(x 1 ) == h(x 2 ) Q: What can you do with these constructs? 14

Birthday Attack A birthday attack is a name used to refer to a class of brute-force attacks. birthday paradox : the probability that two or more people in a group of 23 share the same birthday is >than 50% General formulation function f() whose output is uniformly distributed On repeated random inputs n = { n 1, n 2,,.., n k } Pr(n i = n j ) = 1.2k 1/2, for some 1 <= i,j <= k, 1 <= j < k, i!= j E.g., 1.2(365 1/2 ) ~= 23 Q: Why is resilience to birthday attacks important? 15

Basic truths of cryptography Cryptography is not frequently the source of security problems Algorithms are well known and widely studied Use of crypto commonly is (e.g., WEP) Vetted through crypto community Avoid any proprietary encryption Claims of new technology or perfect security are almost assuredly snake oil 16

Important principles Donʼt design your own crypto algorithm Use standards whenever possible Make sure you understand parameter choices Make sure you understand algorithm interactions E.g. the order of encryption and authentication Turns out that authenticate then encrypt is risky Be open with your design Solicit feedback Use open algorithms and protocols Open code? (jury is still out) 17

Common issues that lead to pitfalls Generating randomness Storage of secret keys Virtual memory (pages secrets onto disk) Protocol interactions Poor user interface Poor choice of key length, prime length, using parameters from one algorithm in another 18

Review: secret vs. public key crypto. Secret key cryptography Symmetric keys, where A single key (k) is used is used for E and D D( k, E(k, p) ) = p All (intended) receivers have access to key Note: Management of keys determines who has access to encrypted data E.g., password encrypted email Also known as symmetric key cryptography Public key cryptography Each key pair consists of a public and private component: k + (public key), k - (private key) D( k -, E(k +, p) ) = p D( k +, E(k, - p) ) = p Public keys are distributed (typically) through public key certificates Anyone can communicate secretly with you if they have your certificate E.g., SSL-base web commerce 19

A really good book on the topic The Code Book, Simon Singh, Anchor Books, 1999. 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback