Cryptography Chapter 7 Part 3 Pages 812 to 833
Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation Scalability – N(N-1)/2 secret keys Secure key distribution – Secure courier?
Diffie-Hellman Algorithm First asymmetric Subject to man-in-the-middle attack – Figure 7-20 on page 814
RSA 1978 MIT – Ron Rivest, Adi Shamir, Leonard Adleman De facto asymmetric standard RSA works – Pages 816-7
RSA Security = difficulty in factor large numbers into a product of primes One-way function – Multiplying two primes is easy. Factoring is hard. If someone figures out an efficient way of factoring, RSA would be broken Key exchange protocol for AES
ECC Elliptic Curve Cryptosystem Discete Logarithms of Elliptic Curves Figure 7-21 on page 819 More efficient than RSA Limited processing, storage, power supply and bandwidth devices such as cellular telephones
Hash Algorithms MD-5 – 128-bits – Ron Rivest – Subject to collisions SHA-1 – 160-bits – NSA, NIST
Hash Algorithms SHA-2 – SHA-256, SHA-384, SHA-512 SHA-3 – NIST draft
Message Authentication Code MAC – Figure 7-22a on page 822 – Man-in-the-middle attack – Integrity – Can detect only unintentional modification
HMAC Hash MAC – Figure 7-22b on page 822 – Integrity and data origin authentication CBC-MAC – Figure 7-23 on page 824
Collision Two message produce the same hash value Birthday attack – Same birthday as you > 50%? 253 – Two people with same birthday > 50%? 23 2^(n/2) – SHA-1 (160-bits) 2^80
Digital Signatures Figure 7-24 on page 830 Provides authentication, non-repudiations, and integrity