Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 CS 854 – Hot Topics in Computer and Communications Security Fall 2006 Introduction to Cryptography and Security.

Published byJoel Manning Modified over 9 years ago

Similar presentations

Presentation on theme: "1 CS 854 – Hot Topics in Computer and Communications Security Fall 2006 Introduction to Cryptography and Security."— Presentation transcript:

1 1 CS 854 – Hot Topics in Computer and Communications Security Fall 2006 Introduction to Cryptography and Security

2 2 Slides r based on  Kurose & Ross, Computer networking, Chapter 8  Stallings, Cryptography and Network Security

3 3 Overview r Network security r Symmetric-key encryption r Public-key encryption r Message integrity and authentication r Entity authentication r Key distribution r Computer security

4 4 System Model r Alice and Bob want to communicate “securely” r Trudy may intercept, delete, add, or modify messages secure sender secure receiver channel data, control messages data Alice Bob Trudy

5 5 Aside: Alice & Bob r Alice wants to send a message to Bob r Eve, the eavesdropper (passive) r Mallory, the malicious attacker (active) r Trudy, the intruder (same as Mallory)

6 6 What is secure communication? Confidentiality: only Alice and Bob should see message contents Authentication: Alice and Bob can confirm identity of each other Message Integrity: Alice and Bob can ensure message not altered without detection Nonrepudiation: receiver can prove to third party that sender in fact sent message Traffic Analysis: Alice and Bob hide that they are communicating No Denial of Service: Alice and Bob can communicate

7 7 Threat Model Q: What can a “bad guy” do? A: a lot!  eavesdrop: passively intercept messages  actively insert, modify, or delete messages into connection  impersonation: can fake (spoof) source address in network packet (or any field in packet)  hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place  denial of service: prevent service from being used by others (e.g., by overloading resources)  but (typically) not drop a nuclear bomb on Alice and Bob

8 8 Overview r Network security r Symmetric-key encryption r Public-key encryption r Message integrity and authentication r Entity authentication r Key distribution r Computer security

9 9 The language of cryptography symmetric-key crypto: sender and receiver keys identical and secret public-key crypto: encryption key public, decryption key secret (private) plaintext ciphertext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B

10 10 Symmetric-key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution pattern in mono alphabetic substitution cipher r Q: how do Bob and Alice agree on key value? plaintext ciphertext K A-B encryption algorithm decryption algorithm A-B K plaintext message, m K (m) A-B K (m) A-B m = K ( ) A-B

11 11 Symmetric key cryptography substitution cipher: substituting one thing for another  monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.: Q: How hard to break this simple cipher?:  brute force (how hard?)  other?

12 12 Attacks on encryption schemes Known to attacker (in addition to encryption scheme and ciphertext to be decrypted): r Ciphertext only: nothing else r Known plaintext: plaintext-ciphertext pair(s) r Chosen plaintext: plaintext(s) chosen by attacker and corresponding ciphertext(s) r Chosen ciphertext: ciphertext(s) chosen by attacker and corresponding plaintext(s)

13 13 Block and Stream Ciphers r Block cipher:  operates on fix-sixed blocks at a time today’s ciphers: 128 bits  reversible  plaintext and ciphertext have same size  common key sizes: 128 or 256 bit  Kerckhofs’ principle: structure of cipher is publicly known r Stream cipher:  operates on single bit (byte) at a time

14 14 Symmetric key crypto: DES DES: Data Encryption Standard r US encryption standard [NIST 1993] r 56-bit symmetric key, 64-bit plaintext input r How secure is DES?  DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 months (1997)  no known “backdoor” decryption approach r making DES more secure:  use three keys sequentially (3DES) on each block  slow

15 15 Symmetric key crypto: DES initial permutation 16 identical “rounds” of function application, each using different 48 bits of key, derived from 56-bit key final permutation DES operation From Wikipedia

16 16 DES F-Function r Expansion r Key mixing r Substitution (“S-Box”)  Provides non-linearity r Permutation r All of them together provide diffusion From Wikipedia

17 17 AES: Advanced Encryption Standard r new (Nov. 2001) symmetric-key NIST standard, replacing DES r processes data in 128-bit blocks r iterative, rather than Feistel cipher  operates on entire data block in every round  decryption different from encryption  efficient implementation r 128, 192, or 256 bit keys r brute force decryption (try each key) taking 1 sec on DES takes 149 trillion years for 128-bit AES

18 18 AES From Stallings

19 19 r Block cipher modes enable processing of messages with arbitrary length r Electronic Codebook Mode (ECB) r Don’t use ECB Block Cipher Modes From Wikipedia

20 20 Block Cipher Modes r Cipher Block Chaining Mode (CBC) r Most widely used r IV (Initialization vector)  Does not need to be kept secret  Fixed value, counter, or random? From Wikipedia

21 21 Block Cipher Modes r Counter Mode (CTR) r Block cipher to implement stream cipher  Encryption and decryption are identical r Never reuse key/nonce combination From Wikipedia

22 22 Overview r Network security r Symmetric-key encryption r Public-key encryption r Message integrity and authentication r Entity authentication r Key distribution r Computer security

23 23 Public-Key Cryptography symmetric-key crypto r requires sender, receiver know shared secret key r Q: how to agree on key in first place (particularly if never “met”)? public-key cryptography r radically different approach [Diffie- Hellman76, RSA78] r sender, receiver do not share secret key r public encryption key known to all r private decryption key known only to receiver

24 24 Public key cryptography plaintext message, m ciphertext encryption algorithm decryption algorithm Bob’s public key plaintext message K (m) B + K B + Bob’s private key K B - m = K ( K (m) ) B + B -

25 25 Public key encryption algorithms need K ( ) and K ( ) such that B B.. given public key K, it should be impossible to compute private key K B B Requirements: 1 2 RSA: Rivest, Shamir, Adelman algorithm + - K (K (m)) = m B B - + + -

26 26 RSA: Choosing keys 1. Choose two large prime numbers p, q such that their product has at least 1024 bits 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e<n) such that e, z are relatively prime. 4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5. Public key is (n,e). Private key is (n,d). K B + K B -

27 27 RSA: Encryption, decryption 0. Given (n,e) and (n,d) as computed above 1. To encrypt bit pattern, m, compute c = m mod n e (i.e., remainder when m is divided by n) e 2. To decrypt received bit pattern, c, compute m = c mod n d (i.e., remainder when c is divided by n) d m = (m mod n) e mod n d Magic happens! c

28 28 RSA: Why is that m = (m mod n) e mod n d (m mod n) e mod n = m mod n d ed Useful number theory result: If p,q prime and n = pq, then: x mod n = x mod n yy mod (p-1)(q-1) = m mod n ed mod (p-1)(q-1) = m mod n 1 = m (using number theory result above) (since we chose ed to be divisible by (p-1)(q-1) with remainder 1 )

29 29 RSA: Security r relies on the assumption that there are no algorithms for quickly factoring n into p and q  would allow attacker to compute z=(p-1)(q-1) and d using ed mod z = 1 r but we don’t know whether there exist such fast algorithms…

30 30 RSA: Issues r RSA exponentiation is slow  at least 100 times slower than DES  use hybrid scheme, e.g., AES for encrypting actual data RSA for encrypting corresponding AES session key r RSA can be vulnerable, e.g.,  small d or e  deterministic  timing attacks  do not use your own implementation of RSA

31 31 RSA: another important property The following property will be very useful later: K ( K (m) ) = m B B - + K ( K (m) ) B B + - = use public key first, followed by private key use private key first, followed by public key Result is the same!

32 32 El Gamal r Prime p, random g (< p) r Private key: d Public key: e = g d mod p r Encryption: message m, random r c = (g r, me r ) (mod p) r Decryption: c = (c 1,c 2 ) c 2 /(c 1 d ) = me r /g dr = mg dr /g dr = m r assumes that computing discrete logarithms is hard r probabilistic scheme (ciphertext > plaintext)

33 33 Diffie-Hellman Key Exchange r first published public-key algorithm r Alice and Bob establish joint secret even though Eve is reading all the exchanged messages! r assumption: public prime q, integer n r Alice: Choose secret X A, compute and give Y A to Bob r Bob: Choose secret X B, compute and give Y B to Alice r Joint secret: r Also relies on discrete logarithms problem r Susceptible to man-in-the-middle attack

Download ppt "1 CS 854 – Hot Topics in Computer and Communications Security Fall 2006 Introduction to Cryptography and Security."

Similar presentations

Chapter 8 Network Security

Chapter 8 Network Security
Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,

Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
Cryptography. 8: Network Security8-2 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption.

Cryptography. 8: Network Security8-2 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption.
Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:

Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Authentication Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Authentication Digital Signature Key distribution.
1 Network Security What is network security? Principles of cryptography Authentication Access control: firewalls Attacks and counter measures.

1 Network Security What is network security? Principles of cryptography Authentication Access control: firewalls Attacks and counter measures.
8: Network Security8-1 21 - Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.

8: Network Security Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.
Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.

1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.
CSE401n:Computer Networks

CSE401n:Computer Networks
Network Security understand principles of network security:

Network Security understand principles of network security:
Public Key Cryptography

Public Key Cryptography
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,

8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,
Review and Announcement r Ethernet m Ethernet CSMA/CD algorithm r Hubs, bridges, and switches m Hub: physical layer Can’t interconnect 10BaseT & 100BaseT.

Review and Announcement r Ethernet m Ethernet CSMA/CD algorithm r Hubs, bridges, and switches m Hub: physical layer Can’t interconnect 10BaseT & 100BaseT.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.

Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Similar presentations

Ads by Google