Download presentation

Presentation is loading. Please wait.

Published byKayla Tree Modified about 1 year ago

1
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: http://www.csee.umbc.edu/~kalpakis/Courses/421 Security – Additional material

2
CMSC 421, Fall 2008 2 Protection vs Security The protection mechanisms assist us in preventing unauthorized access and use of computer resources what happens if an intruder bypasses the protection mechanisms? Cryptography can be used so that an intruder is unable to understand or use information obtained without authorization

3
CMSC 421, Fall 2008 3 Cryptography Terminology Plaintext (or cleartext) is the intelligible message Ciphertext is the unintelligible message Encryption and decryption Are the processes to convert between plaintext and ciphertext Key Is the parameter used in an encryption/decryption algorithm

4
CMSC 421, Fall 2008 4 Cryptography Terminology Cryptosystem A system for encryption/decryption of information Symmetric cryptosystem use the same key for both encryption and decryption Asymmetric cryptosystem use the different keys for encryption and decryption Cryptology the designing & breaking of cryptosystems Cryptography the practice of using cryptosystems for confidentiallity of information Cryptoanalysis the breaking cryptosystems

5
CMSC 421, Fall 2008 5 Basic Structure of a Cryptosystem EncryptDecrypt Break Encryption Key K e Decryption Key K d Plaintext M Ciphertext C Plaintext M Side Information Alice Bob Eve

6
CMSC 421, Fall 2008 6 Basic Attacks to Cryptosystems Cryptosystem attacks are classified based on the amount of side information available to an intruder Attack classification ciphertext-only intruder only has access to the ciphertext known-plaintext intruder has access to the ciphertext and considerable amount of plaintext chosen-plaintext intruder has access to a chosen plaintext and its corresponding ciphertext

7
CMSC 421, Fall 2008 7 Design Principles for Cryptosystems Shannon’s principles Diffusion principle spread the correlations and dependencies among key and words over the text as much as possible in order to maximize the length of plaintext needed to break the system Confusion principle change a piece of information so that ciphertext has no obvious relationship with plaintext Computational Intractability principle “every” algorithm for determining a key needed to break cryptosystem is “believed” to require exhaustive search of a very large search space

8
CMSC 421, Fall 2008 8 A Taxonomy of Cryptosystems Conventional systems Modern systems private key systems public key systems

9
CMSC 421, Fall 2008 9 Conventional Cryptosystems Conventional cryptosystems are based on substitution ciphers Caesar’s cipher E(M) = (M + k) modulo 26 where M is a letter and k=3 is the key Simple substitution cipher E(M) = Key[M] where Key is an arbitrary permutation of a single alphabet Vigenere cipher choose N simple substitution ciphers and encrypt the jth letter using the (j mod N) substitution cipher One-time pad encrypt by Xoring message with a key, whose size equals the size of the message

10
CMSC 421, Fall 2008 10 DES The Data Encryption Standard (DES) is a modern private-key cryptosystem It is a block cipher that uses two basic operations permutation, and substitution It breaks a message in 64-bit blocks and encrypts/decrypts each block individually It uses a 56-bit secret key, which is expanded to 64-bits using parity bits

11
CMSC 421, Fall 2008 11 DES Encryption has three stages plaintext block undergoes an initial permutation IP permuted block undergoes for 16 times a complex transformation transformed block undergoes the inverse IP’ of the permutation IP at the 1st stage Decryption is done by executing the three stages in reverse order and each time using the inverse function/operation For added security, block chaining can be used each plaintext block is Xored with the ciphertext of the previous plaintext block triple encryption (DES does not form a group)

12
CMSC 421, Fall 2008 12 Public-Key Cryptosystems Private key cryptosystems requires a secure mechanism for distributing the private keys to communicating parties Diffie and Hellman proposed public key cryptosystems public key systems make the encryption key publicly available and keep the decryption key secret public key systems are based on the computational intractability principle (using problems such as factoring primes, discrete logarithm, knapsack, etc)

13
CMSC 421, Fall 2008 13 Public Key Cryptosystems public key systems satisfy the following D SK (E PK (M)) = M for every message M The encryption and decryption functions E and D are computationally efficient Knowledge of E, D, and PK (public key) does not compromise SK (secret key) D PK (E SK (M)) = M for every message M, if message signing/verification is desired

14
CMSC 421, Fall 2008 14 Trapdoor One-Way Functions One-way functions F F is invertible and easy to compute inverting F is computationally intractable, ie given y finding x such that y=F(x) is believed to be computationally infeasible Trapdoor one-way functions F y=F(x) can be solved efficiently provided some secret information for F is available Diffie and Hellman suggested that one way to implement public key systems is to use trapdoor one-way functions

15
CMSC 421, Fall 2008 15 Number Theory Background GCD Recursion Theorem & the Extended Euclid’s algorithm

16
CMSC 421, Fall 2008 16 Number Theory Background Euler’s phi function, Euler’s and Fermat’s Theorems

17
CMSC 421, Fall 2008 17 Number Theory Background The Chinese Remainder Theorem Origins Sun-Tsu, circa 100 A.D. considered the problem of finding those integers x that leave remainders 2, 3, and 2 when divided by 3, 5, and 7 respectively (which are of the form x=23+105k). Its essence

18
CMSC 421, Fall 2008 18 Number Theory Background A corollary of the Chinese Remainder Theorem states that

19
CMSC 421, Fall 2008 19 RSA Rivest, Shamir, and Adleman introduced the RSA public-key cryptosystem based on Diffie and Hellman RSA works as follows

20
CMSC 421, Fall 2008 20 RSA RSA’s encryption function is E PK (M) = M e mod n where PK=(e,n) RSA’s decryption function is D SK (M) = M d mod n where SK=(d,n) these two encryption/decryption functions satisfy D SK (E PK (M)) = M D PK (E SK (M)) = M can be computed efficiently given PK or SK knowledge of PK does not compromise SK

21
CMSC 421, Fall 2008 21 RSA Correctness of RSA is based on Fermat’s theorem and on the Chinese Remainder Theorem Example values for RSA choose p=5 and q=11 set n=55 and N=40 choose d=23 compute e=7 using the extended Euclid algorithm encrypt M=8 to 2 using “repeated squaring”

22
CMSC 421, Fall 2008 22 RSA A more realistic example set of values for RSA (courtesy of Prof. Stephens) n = 2419753086 4197530864 2125371358 0246913580 2471460971 7 p = 1555555555 5555555555 560261 q = 1555555555 5555555555 560497 e = 512896171 d = 1955459782 2571725357 3495557871 3933814929 3601459917 1 sqrt(n) approximately = 1555555555 5555555555 560378 number of positive integers < n that are relative prime to n is equal to phi(n) phi(n) = 2419753086 4197530864 2125340246 9135802469 1360348896 0

23
CMSC 421, Fall 2008 23 Authentication Objective verify the identity of communicating entities Authentication services interactive communication (synchronous) one-way communication (asynchronous) signed communication (verifiable conversation by third party) Potential threats altering messages replaying old messages denial of service interference with ongoing communication impersonation

24
CMSC 421, Fall 2008 24 Interactive Communication Protocols Require an authoritative Authentication Server (AS) for securely distributing conversation keys Each user registers its secret key with the AS, which is shared only between the AS and the user, and their public key if any Requirements – use case Alice wants to communicate with Bob so that the message is intelligible to Bob, but not Eve it should be evident that the message was sent by Alice, and that is not a replay of an older message from Alice

25
CMSC 421, Fall 2008 25 Interactive Communication with Private Key Systems Alice wants to converse with Bob

26
CMSC 421, Fall 2008 26 Interactive Communication with Public Key Systems Alice wants to communicate with Bob

27
CMSC 421, Fall 2008 27 One-Way Communication with Private Key Systems Alice wants to email message M to Bob Bob should be able to authenticate integrity of Alice’s message even if Alice is not currently available Eve should not be able to impersonate Alice Protocol is susceptible to playback attacks

28
CMSC 421, Fall 2008 28 One-Way Communication with Public Key Systems Alice wants to email message M to Bob

29
CMSC 421, Fall 2008 29 Digital Signatures Must satisfy the following a user can not forge signatures sender of signed message can not deny the validity of his signature receipient can not modify the signature of a signed message

30
CMSC 421, Fall 2008 30 Digital Signatures using Private Key Systems Alice wants to sign a message to be sent to Bob

31
CMSC 421, Fall 2008 31 Digital Signatures using Public Key Systems Alice wants to sign a message to be sent to Bob

32
CMSC 421, Fall 2008 32 Kerberos An authentication system for an open network computing environment where user’s machines are under their complete control and can not be trusted to identify users to network services Consists of Client (C) Kerberos Server (K) Ticket Granting Server (TGS) Server (S) User (U)

33
CMSC 421, Fall 2008 33 Kerberos Phase I: Getting the Initial Ticket User provides the Client machine his/her identity Client sends to Kerberos server K the msg Kerberos server K Client upon receipt of msg

34
CMSC 421, Fall 2008 34 Kerberos, Phase II: Getting a Server Ticket User/Client wants to use a network service S Ticket Granting Server TGS Client upon receiving msg from TGS

35
CMSC 421, Fall 2008 35 Kerberos, Phase III: Requesting a Service Client requests service from server S Service server S upon receipt of the msg

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google