UCB Security Jean Walrand EECS. UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management.

Slides:



Advertisements
Similar presentations
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Advertisements

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Session 4 Asymmetric ciphers.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Public Key Algorithms …….. RAIT M. Chatterjee.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 9 Cryptographic Protocol Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li.
Public Key Algorithms 4/17/2017 M. Chatterjee.
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Diffie-Hellman Key Exchange
CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
Computer Science Public Key Management Lecture 5.
Public Key Model 8. Cryptography part 2.
Andreas Steffen, , 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
8. Data Integrity Techniques
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
I-4 security.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Cryptography, Authentication and Digital Signatures
1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS CIS 5357 Network Security.
Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
EE515/IS523 Think Like an Adversary Lecture 4 Crypto in a Nutshell Yongdae Kim.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
CS461/ECE422 Spring 2012 Nikita Borisov — UIUC1.  Text Chapters 2 and 21  Handbook of Applied Cryptography, Chapter 8 
Network Security David Lazăr.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●
CS 4803 Fall 04 Public Key Algorithms. Modular Arithmetic n Public key algorithms are based on modular arithmetic. n Modular addition. n Modular multiplication.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
1 The RSA Algorithm Rocky K. C. Chang February 23, 2007.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Asymmetric-Key Cryptography
Computer Communication & Networks
Public-key Cryptography
Asymmetric Cryptography
Chapter 29 Cryptography and Network Security
Presentation transcript:

UCB Security Jean Walrand EECS

UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management Identification

UCB Threats AgainstTypeProtection ComputersPhysical Infection Intrusion Physical security (lock) Virus detection Firewall, passport control UsersIdentity Privacy Signature, password, watermark Encryption, relay DocumentsIntegrity Confidentiality Message authentication code Encryption

UCB Cryptography Basic Mechanism: P -> [ E(.) ] -> C -> [D(.)] -> P Plaintext Encryption function Cyphertext: Sent (Encrypted Text) Decryption function

UCB Cryptography (continued) Basic Mechanism (continued) : P -> [ E(.) ] -> C -> [D(.)] -> P D(.) is the inverse of E(.) E(.) should be a “one-way function” Easy to compute Hard to invert: - Looking at E(P) it should be hard to get P - Looking at many E(P), it should be hard to figure out the function D(.), or - Knowing many pairs (P, E(P)), it should be hard to figure out the function D(.)

UCB Cryptography (continued) Secret Key: E(.) = E(.; K), D(.) = D(.; K) where K is a shared secret: Key distribution AliceBob C PP E(., K)D(., K) K

UCB Cryptography (continued) Secret Key - EXAMPLE 1: One-Time PAD: C = P + K (addition bit-by-bit modulo 2, no carry) K = random string of bits (50% = 0, 50% = 1) If used only once, this is a perfect code! (C is perfectly random and no information about P.) Application: Top Secret transmissions. K is stored in a CD-ROM that is delivered securely ahead of time.

UCB Cryptography (continued) Secret Key: EXAMPLE 2: Data Encryption Standard - DES Key K DES Algorithm P C Algorithm is known, but the key is secret K = 40 bits => Weak 56 bits => Marginal 128 bits => Safe

UCB Cryptography (continued) Note: Modes of Encryption

UCB Cryptography (continued) Public Key: Bob: use E(.; Bob) to talk to me. Only Bob knows D(.; Bob). Trapdoor one-way function. Example: Rivest-Shamir-Adleman: p, q prime; n = pq; z = (p-1)(q-1) and e coprime; d s.t. ed = 1 mod z. If P in {0, 1,..., n-1} and C = P^e mod n, then C^d mod n = P. (e, n) public. (d, n) private. Finding d from (e, n) is believed to be hard.

UCB Cryptography (continued) Hashing: H(P) short (e.g., 160 bits). Hard to find P and P' s.t. H(P) = H(P').

UCB Security Systems Integrity: Alice sends P*H(P) where H(P) is protected by a. Authentic channel. b. Message Authentication Code: Note that E(H(P); K) with K secret may not be secure. For instance, Z = H(P)+R is not secure since then Eve can compute H(P) from P and R from Z + H(P) and then Eve can send P' and H(P')+R. Secure: H(K2*H(K1*P)) where K1 and K2 are secret to Alice and Bob, since Eve cannot compute H(K1*P').

UCB Security Systems (continued) Integrity (continued) : Alice sends P*H(P) where H(P) is protected by c. Digital Signature. Alice sends C = D(P; Alice) and Bob recovers P = E(C; Alice). However, if Eve constructs C' and computes P' = E(C'; Alice), Bob will think that Alice sent D(P'; Alice). Instead, Alice should send D(P*H(P); Alice) because it is unlikely that Eve can find some C' so that E(C'; Alice) has the form P'*H(P') for some P'.

UCB Security Systems (continued) Key Management: To share a secret K: a. Hand-delivery b. Encrypt and distribute K using some other secret key (e.g., Kerberos) Shared Key with Kerberos.; Get Loggin Key; Get Session Key. c. Use a public key to distribute secret key K (e.g., PGP)

UCB Security Systems (continued) d. Public key agreement: Diffie-Hellman: Alice and Bob agree on public (z, p). Alice chooses a and Bob chooses b. Alice computes A = z^a mod p and sends it to Bob. Bob computes A^b mod p. Bob computes B = z^b mod p and sends it to Alice. Alice computes B^a mod p. One can show that A^b mod p = B^a mod p = z^(ab) mod p =: K. Indeed: A = z^a + mp so that A^b = (z^a + mp)^b =... = z^(ab) mod p. However, D-H is not robust to a "person-in-the-middle" attack: Imagine Eve gets in the middle and plays the role of Alice. Solution: Signing the exchange: Alice sends A to Bob and Bob sends B to Alice. Alice signs (A, B) and sends it to Bob; Bob signs (A, B) and sends it to Alice. Eve cannot fake these signatures.

UCB Security Systems (continued) Identification: Bob wants to ascertain the identity of Alice. a. Passwords: Alice has a secret password K and sends (Alice, K). Bob maintains H(K) to verify Alice. However: can be intercepted. b. Challenge/Response: Bob sends string X to Alice who computes f(X, K) where K is a secret that Alice and Bob share. However, Bob must know K. c. Public Key: Bob chooses X and sends E(X; Alice) to Alice who computes X and sends it back to Bob. d. Digital signature: Bob sends X to Alice who signs it and returns it to Bob.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.