Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Published byZoe Elaine Holt Modified over 8 years ago

Similar presentations

Presentation on theme: "CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina."— Presentation transcript:

1 CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina

2 09/14/20102 Key Management Asymmetric encryption helps address key distribution problems Two aspects distribution of public keys use of public-key encryption to distribute secret keys

3 09/14/20103 Distribution of Public Keys Four alternatives of public key distribution Public announcement Publicly available directory Public-key authority Public-key certificates

4 09/14/20104 Public Announcement Users distribute public keys to recipients or broadcast to community at large E.g. append PGP keys to email messages or post to news groups or email list Major weakness is forgery anyone can create a key claiming to be someone else’s and broadcast it can masquerade as claimed user before forgery is discovered

5 09/14/20105 Publicly Available Directory Achieve greater security by registering keys with a public directory Directory must be trusted with properties: contains {name, public-key} entries participants register securely with directory participants can replace key at any time directory is periodically published directory can be accessed electronically Still vulnerable to tampering or forgery

6 09/14/20106 Public-Key Authority Improve security by tightening control over distribution of keys from directory Has properties of directory Require users to know public key for the directory Users can interact with directory to obtain any desired public key securely require real-time access to directory when keys are needed

7 09/14/20107 Public-Key Authority

8 09/14/20108 Public-Key Certificates Certificates allow key exchange without real- time access to public-key authority A certificate binds identity to public key usually with other info such as period of validity, authorized rights, etc With all contents signed by a trusted Public- Key or Certificate Authority (CA) Can be verified by anyone who knows the CA’s public key

9 09/14/20109 Public-Key Certificates

10 09/14/201010 Distribute Secret Keys Using Asymmetric Encryption Can use previous methods to obtain public key of other party Although public key can be used for confidentiality or authentication, asymmetric encryption algorithms are too slow So usually want to use symmetric encryption to protect message contents Can use asymmetric encryption to set up a session key

11 09/14/201011 Simple Secret Key Distribution Proposed by Merkle in 1979 A generates a new temporary public key pair A sends B the public key and A’s identity B generates a session key K s and sends encrypted K s (using A’s public key) to A A decrypts message to recover K s and both use

12 09/14/201012 Problem with Simple Secret Key Distribution An adversary can intercept and impersonate both parties of protocol A generates a new temporary public key pair {KU a, KR a } and sends KU a || ID a to B Adversary E intercepts this message and sends KU e || ID a to B B generates a session key K s and sends encrypted K s (using E’s public key) E intercepts message, recovers K s and sends encrypted K s (using A’s public key) to A A decrypts message to recover K s and both A and B unaware of existence of E

13 09/14/201013 Distribute Secret Keys Using Asymmetric Encryption if A and B have securely exchanged public-keys ?

14 09/14/201014 Problem with Previous Scenario Message (4) is not protected by N 2 An adversary can intercept message (4) and replay an old message or insert a fabricated message

15 09/14/201015 Order of Encryption Matters What can be wrong with the following protocol? A  B:N B  A:E KUa [E KRb [K s ||N]] An adversary sitting between A and B can get a copy of secret key K s without being caught by A and B! Reverse the order of encryption using KR b and encryption using KU a can avoid this attack

16 09/14/201016 Diffie-Hellman Key Exchange First publicly proposed public-key type scheme By Diffie and Hellman in 1976 along with advent of public key concepts A practical method for public exchange of secret key Used in a number of commercial products

17 09/14/201017 Diffie-Hellman Key Exchange Use to set up a secret key that can be used for symmetric encryption cannot be used to exchange an arbitrary message Value of key depends on the participants (and their private and public key information) Based on exponentiation in a finite (Galois) field (modulo a prime or a polynomial) – easy Security relies on the difficulty of computing discrete logarithms (similar to factoring) – hard

18 09/14/201018 Primitive Roots From Euler’s theorem: a ø(n) mod n=1 Consider a m mod n=1, GCD(a,n)=1 must exist for m= ø(n) but may be smaller once powers reach m, cycle will repeat If smallest is m= ø(n) then a is called a primitive root if p is prime and a is a primitive root of p, then successive powers of a “generate” the group mod p Not every integer has primitive roots

19 09/14/201019 Primitive Root Example: Power of Integers Modulo 19

20 09/14/201020 Discrete Logarithms Inverse problem to exponentiation is to find the discrete logarithm of a number modulo p Namely find x where a x = b mod p Written as x=log a b mod p or x=dlog a,p (b) If a is a primitive root of p then discrete logarithm always exists, otherwise may not 3 x = 4 mod 13 has no answer 2 x = 3 mod 13 has an answer 4 While exponentiation is relatively easy, finding discrete logarithms is generally a hard problem

21 09/14/201021 Diffie-Hellman Setup All users agree on global parameters large prime integer or polynomial q α which is a primitive root mod q Each user (e.g. A) generates its key choose a private key (number): x A < q compute its public key: y A = α x A mod q Each user publishes its public key

22 09/14/201022 Diffie-Hellman Key Exchange Shared session key for users A and B is K AB : K AB = α x A. x B mod q = y A x B mod q (which B can compute) = y B x A mod q (which A can compute) K AB is used as session key in symmetric encryption scheme between A and B Attacker needs x A or x B, which requires solving discrete log

23 09/14/201023 Diffie-Hellman Example Given Alice and Bob who wish to swap keys Agree on prime q=353 and α=3 Select random secret keys: A chooses x A =97, B chooses x B =233 Compute public keys: y A =3 97 mod 353 = 40 (Alice) y B =3 233 mod 353 = 248 (Bob) Compute shared session key as: K AB = y B x A mod 353 = 248 97 = 160 (Alice) K AB = y A x B mod 353 = 40 233 = 160 (Bob)

24 09/14/201024 Elliptic Curve Cryptography Majority of public-key crypto (RSA, D-H) use either integer or polynomial arithmetic with very large numbers/polynomials Imposes a significant load in storing and processing keys and messages An alternative is to use elliptic curves Offers same security with smaller bit sizes

25 09/14/201025 Real Elliptic Curves An elliptic curve is defined by an equation in two variables x and y, with coefficients Consider a cubic elliptic curve of form y 2 = x 3 + ax + b where x, y, a, b are all real numbers also define zero point O Have addition operation for elliptic curve geometrically, sum of P+Q is reflection of intersection R

26 09/14/201026 Real Elliptic Curve Example

27 09/14/201027 Finite Elliptic Curves Elliptic curve cryptography uses curves whose variables and coefficients are finite Two families are commonly used prime curves E p (a,b) defined over Z p use integers modulo a prime best in software binary curves E 2 m (a,b) defined over GF(2 m ) use polynomials with binary coefficients best in hardware

28 09/14/201028 Elliptic Curve Cryptography ECC addition is analog of modulo multiply ECC repeated addition is analog of modulo exponentiation Need a “hard” problem equivalent to discrete logarithm Q=kP, where Q, P belong to a prime curve is “easy” to compute Q given k, P but “hard” to find k given Q, P known as the elliptic curve logarithm problem Certicom example: E 23 (9,17)

29 09/14/201029 ECC Diffie-Hellman Can do key exchange analogous to D-H Users select a suitable curve E p (a,b) Select base point G=(x 1, y 1 ) with large order n s.t. nG=O A and B select private keys n A <n, n B <n Compute public keys: P A =n A ×G, P B =n B ×G Compute shared key: K=n A ×P B, K=n B ×P A same since K=n A ×n B ×G

30 09/14/201030 ECC Encryption/Decryption Must first encode any message M as a point on the elliptic curve P m Select suitable curve and point G as in D-H Each user chooses private key n A <n and computes public key P A =n A ×G To encrypt P m : C m ={kG, P m +kP B }, k random To decrypt C m : P m +kP B –n B (kG) = P m +k(n B G)–n B (kG) = P m

31 09/14/201031 ECC Security Relies on elliptic curve logarithm problem Fastest method is “Pollard rho method” Compared to factoring, ECC can use much smaller key sizes than with RSA For equivalent key lengths computations are roughly equivalent Hence for similar security ECC offers significant computational advantages

32 09/14/201032 Comparable Key Sizes 1

33 09/14/201033 Next Class Message authentication Hashing functions Message digests Read Chapters 11 and 12

Download ppt "CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina."

Similar presentations

Key Management Nick Feamster CS 6262 Spring 2009.

Key Management Nick Feamster CS 6262 Spring 2009.
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.

Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
Elliptic Curve Cryptography Jen-Chang Liu, 2004 Adapted from lecture slides by Lawrie Brown Ref: RSA Security ’ s Official Guide to Cryptography.

Elliptic Curve Cryptography Jen-Chang Liu, 2004 Adapted from lecture slides by Lawrie Brown Ref: RSA Security ’ s Official Guide to Cryptography.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Chapter3 Public-Key Cryptography and Message Authentication.

Chapter3 Public-Key Cryptography and Message Authentication.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Introduction to Public Key Cryptography

Introduction to Public Key Cryptography
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Key Management and Diffie- Hellman Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther.

Key Management and Diffie- Hellman Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther.

Similar presentations

Ads by Google