Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security – Additional material.

Similar presentations


Presentation on theme: "Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security – Additional material."— Presentation transcript:

1 Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security – Additional material

2 CMSC 421, Fall Protection vs Security The protection mechanisms assist us in preventing unauthorized access and use of computer resources what happens if an intruder bypasses the protection mechanisms? Cryptography can be used so that an intruder is unable to understand or use information obtained without authorization

3 CMSC 421, Fall Cryptography Terminology Plaintext (or cleartext) is the intelligible message Ciphertext is the unintelligible message Encryption and decryption Are the processes to convert between plaintext and ciphertext Key Is the parameter used in an encryption/decryption algorithm

4 CMSC 421, Fall Cryptography Terminology Cryptosystem A system for encryption/decryption of information Symmetric cryptosystem use the same key for both encryption and decryption Asymmetric cryptosystem use the different keys for encryption and decryption Cryptology the designing & breaking of cryptosystems Cryptography the practice of using cryptosystems for confidentiallity of information Cryptoanalysis the breaking cryptosystems

5 CMSC 421, Fall Basic Structure of a Cryptosystem EncryptDecrypt Break Encryption Key K e Decryption Key K d Plaintext M Ciphertext C Plaintext M Side Information Alice Bob Eve

6 CMSC 421, Fall Basic Attacks to Cryptosystems Cryptosystem attacks are classified based on the amount of side information available to an intruder Attack classification ciphertext-only intruder only has access to the ciphertext known-plaintext intruder has access to the ciphertext and considerable amount of plaintext chosen-plaintext intruder has access to a chosen plaintext and its corresponding ciphertext

7 CMSC 421, Fall Design Principles for Cryptosystems Shannon’s principles Diffusion principle spread the correlations and dependencies among key and words over the text as much as possible in order to maximize the length of plaintext needed to break the system Confusion principle change a piece of information so that ciphertext has no obvious relationship with plaintext Computational Intractability principle “every” algorithm for determining a key needed to break cryptosystem is “believed” to require exhaustive search of a very large search space

8 CMSC 421, Fall A Taxonomy of Cryptosystems Conventional systems Modern systems private key systems public key systems

9 CMSC 421, Fall Conventional Cryptosystems Conventional cryptosystems are based on substitution ciphers Caesar’s cipher E(M) = (M + k) modulo 26 where M is a letter and k=3 is the key Simple substitution cipher E(M) = Key[M] where Key is an arbitrary permutation of a single alphabet Vigenere cipher choose N simple substitution ciphers and encrypt the jth letter using the (j mod N) substitution cipher One-time pad encrypt by Xoring message with a key, whose size equals the size of the message

10 CMSC 421, Fall DES The Data Encryption Standard (DES) is a modern private-key cryptosystem It is a block cipher that uses two basic operations permutation, and substitution It breaks a message in 64-bit blocks and encrypts/decrypts each block individually It uses a 56-bit secret key, which is expanded to 64-bits using parity bits

11 CMSC 421, Fall DES Encryption has three stages plaintext block undergoes an initial permutation IP permuted block undergoes for 16 times a complex transformation transformed block undergoes the inverse IP’ of the permutation IP at the 1st stage Decryption is done by executing the three stages in reverse order and each time using the inverse function/operation For added security, block chaining can be used each plaintext block is Xored with the ciphertext of the previous plaintext block triple encryption (DES does not form a group)

12 CMSC 421, Fall Public-Key Cryptosystems Private key cryptosystems requires a secure mechanism for distributing the private keys to communicating parties Diffie and Hellman proposed public key cryptosystems public key systems make the encryption key publicly available and keep the decryption key secret public key systems are based on the computational intractability principle (using problems such as factoring primes, discrete logarithm, knapsack, etc)

13 CMSC 421, Fall Public Key Cryptosystems public key systems satisfy the following D SK (E PK (M)) = M for every message M The encryption and decryption functions E and D are computationally efficient Knowledge of E, D, and PK (public key) does not compromise SK (secret key) D PK (E SK (M)) = M for every message M, if message signing/verification is desired

14 CMSC 421, Fall Trapdoor One-Way Functions One-way functions F F is invertible and easy to compute inverting F is computationally intractable, ie given y finding x such that y=F(x) is believed to be computationally infeasible Trapdoor one-way functions F y=F(x) can be solved efficiently provided some secret information for F is available Diffie and Hellman suggested that one way to implement public key systems is to use trapdoor one-way functions

15 CMSC 421, Fall Number Theory Background GCD Recursion Theorem & the Extended Euclid’s algorithm

16 CMSC 421, Fall Number Theory Background Euler’s phi function, Euler’s and Fermat’s Theorems

17 CMSC 421, Fall Number Theory Background The Chinese Remainder Theorem Origins Sun-Tsu, circa 100 A.D. considered the problem of finding those integers x that leave remainders 2, 3, and 2 when divided by 3, 5, and 7 respectively (which are of the form x=23+105k). Its essence

18 CMSC 421, Fall Number Theory Background A corollary of the Chinese Remainder Theorem states that

19 CMSC 421, Fall RSA Rivest, Shamir, and Adleman introduced the RSA public-key cryptosystem based on Diffie and Hellman RSA works as follows

20 CMSC 421, Fall RSA RSA’s encryption function is E PK (M) = M e mod n where PK=(e,n) RSA’s decryption function is D SK (M) = M d mod n where SK=(d,n) these two encryption/decryption functions satisfy D SK (E PK (M)) = M D PK (E SK (M)) = M can be computed efficiently given PK or SK knowledge of PK does not compromise SK

21 CMSC 421, Fall RSA Correctness of RSA is based on Fermat’s theorem and on the Chinese Remainder Theorem Example values for RSA choose p=5 and q=11 set n=55 and N=40 choose d=23 compute e=7 using the extended Euclid algorithm encrypt M=8 to 2 using “repeated squaring”

22 CMSC 421, Fall RSA A more realistic example set of values for RSA (courtesy of Prof. Stephens) n = p = q = e = d = sqrt(n) approximately = number of positive integers < n that are relative prime to n is equal to phi(n) phi(n) =

23 CMSC 421, Fall Authentication Objective verify the identity of communicating entities Authentication services interactive communication (synchronous) one-way communication (asynchronous) signed communication (verifiable conversation by third party) Potential threats altering messages replaying old messages denial of service interference with ongoing communication impersonation

24 CMSC 421, Fall Interactive Communication Protocols Require an authoritative Authentication Server (AS) for securely distributing conversation keys Each user registers its secret key with the AS, which is shared only between the AS and the user, and their public key if any Requirements – use case Alice wants to communicate with Bob so that the message is intelligible to Bob, but not Eve it should be evident that the message was sent by Alice, and that is not a replay of an older message from Alice

25 CMSC 421, Fall Interactive Communication with Private Key Systems Alice wants to converse with Bob

26 CMSC 421, Fall Interactive Communication with Public Key Systems Alice wants to communicate with Bob

27 CMSC 421, Fall One-Way Communication with Private Key Systems Alice wants to message M to Bob Bob should be able to authenticate integrity of Alice’s message even if Alice is not currently available Eve should not be able to impersonate Alice Protocol is susceptible to playback attacks

28 CMSC 421, Fall One-Way Communication with Public Key Systems Alice wants to message M to Bob

29 CMSC 421, Fall Digital Signatures Must satisfy the following a user can not forge signatures sender of signed message can not deny the validity of his signature receipient can not modify the signature of a signed message

30 CMSC 421, Fall Digital Signatures using Private Key Systems Alice wants to sign a message to be sent to Bob

31 CMSC 421, Fall Digital Signatures using Public Key Systems Alice wants to sign a message to be sent to Bob

32 CMSC 421, Fall Kerberos An authentication system for an open network computing environment where user’s machines are under their complete control and can not be trusted to identify users to network services Consists of Client (C) Kerberos Server (K) Ticket Granting Server (TGS) Server (S) User (U)

33 CMSC 421, Fall Kerberos Phase I: Getting the Initial Ticket User provides the Client machine his/her identity Client sends to Kerberos server K the msg Kerberos server K Client upon receipt of msg

34 CMSC 421, Fall Kerberos, Phase II: Getting a Server Ticket User/Client wants to use a network service S Ticket Granting Server TGS Client upon receiving msg from TGS

35 CMSC 421, Fall Kerberos, Phase III: Requesting a Service Client requests service from server S Service server S upon receipt of the msg


Download ppt "Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security – Additional material."

Similar presentations


Ads by Google