Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Slides:



Advertisements
Similar presentations
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Advertisements

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Sri Lanka Institute of Information Technology
Making “Good” Encryption Algorithms
CMSC 414 Computer (and Network) Security Lecture 5 Jonathan Katz.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
CS Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Lecture 23 Symmetric Encryption
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
IT 221: Classical and Modern Encryption Techniques Lecture 2: Classical and Modern Encryption Techniques For Educational Purposes Only Revised: September.
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Cryptography Week-6.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Lecture 2 Overview.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.
CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Chapter 20 Symmetric Encryption and Message Confidentiality.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Lecture 4 Page 1 CS 136, Fall 2014 More on Cryptography CS 136 Computer Security Peter Reiher October 14, 2014.
Lecture 4 Page 1 CS 136, Fall 2012 More on Cryptography CS 136 Computer Security Peter Reiher October 9, 2012.
Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.
Elementary Cryptography  Concepts of encryption  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public key) Encryption (RSA)(RSA)
Lecture 3 Page 1 Advanced Network Security Review of Cryptography Advanced Network Security Peter Reiher August, 2014.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Lecture 2: Introduction to Cryptography
Chapter 3 Encryption Algorithms & Systems (Part D)
Lecture 23 Symmetric Encryption
Cracking the DES Encryption
COMP 424 Lecture 04 Advanced Encryption Techniques (DES, AES, RSA)
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Lecture 2 Page 1 CS 236, Spring 2008 More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1.1 Introduction to Cryptography. 1.2 Basic Cryptography Cryptography is a deep mathematical subject. Cryptographic protocols provide a cornerstone for.
Lecture 5 Page 1 CS 236 Online Public Key Encryption Systems The encrypter and decrypter have different keys C = E(K E,P) P = D(K D,C) Often, works the.
Lecture 3 Overview. Ciphers The intent of cryptography is to provide secrecy to messages and data Substitutions – ‘hide’ letters of plaintext Transposition.
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Outline Desirable characteristics of ciphers Stream and block ciphers
Outline Desirable characteristics of ciphers Stream and block ciphers
Cryptography Much of computer security is about keeping secrets
Public Key Encryption Systems
Outline Desirable characteristics of ciphers Uses of cryptography
Outline Desirable characteristics of ciphers Stream and block ciphers
Outline Desirable characteristics of ciphers Uses of cryptography
Lecture 3: Symmetric Key Encryption
Outline Desirable characteristics of ciphers Stream and block ciphers
Outline Desirable characteristics of ciphers Stream and block ciphers
مروري برالگوريتمهاي رمز متقارن(كليد پنهان)
Cryptography II Jagdish S. Gangolly School of Business
Security through Encryption
Outline Using cryptography in networks IPSec SSL and TLS.
Outline Desirable characteristics of ciphers Stream and block ciphers
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Presentation transcript:

Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Lecture 5 Page 2 CS 236 Online Outline Desirable characteristics of ciphers Uses of cryptography Symmetric and asymmetric cryptography Digital signatures Secure hashes and hash chains

Lecture 5 Page 3 CS 236 Online Desirable Characteristics of Ciphers Well matched to requirements of application –Amount of secrecy required should match labor to achieve it Freedom from complexity –The more complex algorithms or key choices are, the worse

Lecture 5 Page 4 CS 236 Online More Characteristics Simplicity of implementation –Seemingly more important for hand ciphering –But relates to probability of errors in computer implementations Errors should not propagate

Lecture 5 Page 5 CS 236 Online Yet More Characteristics Ciphertext size should be same as plaintext size Encryption should maximize confusion –Relation between plaintext and ciphertext should be complex Encryption should maximize diffusion –Plaintext information should be distributed throughout ciphertext

Lecture 5 Page 6 CS 236 Online Uses of Cryptography What can we use cryptography for? Lots of things –Secrecy –Authentication –Prevention of alteration

Lecture 5 Page 7 CS 236 Online Cryptography and Secrecy Pretty obvious Only those knowing the proper keys can decrypt the message –Thus preserving secrecy Used cleverly, it can provide other forms of secrecy

Lecture 5 Page 8 CS 236 Online Cryptography and Authentication How can I prove to you that I created a piece of data? What if I give you the data in encrypted form? –Using a key only you and I know Then only you or I could have created it –Unless one of us told someone else the key...

Lecture 5 Page 9 CS 236 Online Some Limitations on Cryptography and Authentication If both parties cooperative, cryptography can authenticate –Problems with non-repudiation, though What if three parties want to share a key? –No longer certain who created anything –Public key cryptography can solve this problem What if I want to prove authenticity without secrecy?

Lecture 5 Page 10 CS 236 Online Cryptography and Non- Alterability Changing one bit of an encrypted message completely garbles it –For many forms of cryptography If a checksum is part of encrypted data, that’s detectable If you don’t need secrecy, can get the same effect –By encrypting only the checksum

Lecture 5 Page 11 CS 236 Online Cryptography and Zero- Knowledge Proofs With really clever use, cryptography can be used to prove I know a secret –Without telling you the secret Seems like magic, but it can work Basically, using multiple iterations of cryptography in very clever ways

Lecture 5 Page 12 CS 236 Online Symmetric and Asymmetric Cryptosystems Symmetric - the encrypter and decrypter share a secret key –Used for both encrypting and decrypting Asymmetric – encrypter has different key than decrypter

Lecture 5 Page 13 CS 236 Online Description of Symmetric Systems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations

Lecture 5 Page 14 CS 236 Online Advantages of Symmetric Key Systems +Encryption and authentication performed in a single operation +Well-known (and trusted) ones perform faster than asymmetric key systems +Doesn’t require any centralized authority Though key servers help a lot

Lecture 5 Page 15 CS 236 Online Disadvantage of Symmetric Key Systems –Encryption and authentication performed in a single operation Makes signature more difficult –Non-repudiation hard without servers –Key distribution can be a problem –Scaling

Lecture 5 Page 16 CS 236 Online Scaling Problems of Symmetric Cryptography K1K1 K1K1 K2K2 K2K2 K3K3 K3K3 K4K4 K4K4 K5K5 K5K5 K6K6 K6K6 How many keys am I going to need to handle the entire Internet????

Lecture 5 Page 17 CS 236 Online Sample Symmetric Key Ciphers The Data Encryption Standard The Advanced Encryption Standard There are many others

Lecture 5 Page 18 CS 236 Online The Data Encryption Standard Probably the best known symmetric key cryptosystem Developed in 1977 Still much used –Which implies breaking it isn’t trivial But showing its age

Lecture 5 Page 19 CS 236 Online History of DES Created in response to National Bureau of Standards studies Developed by IBM Analyzed, altered, and approved by the National Security Agency Adopted as a federal standard One of the most widely used encryption algorithms

Lecture 5 Page 20 CS 236 Online Overview of DES Algorithm A block encryption algorithm –64 bit blocks Uses substitution and permutation –Repeated applications 16 cycles worth 64 bit key –Only 56 bits really used, though

Lecture 5 Page 21 CS 236 Online More On DES Algorithm Uses substitutions to provide confusion –To hide the set of characters sent Uses transpositions to provide diffusion –To spread the effects of one plaintext bit into other bits Uses only standard arithmetic and logic functions and table lookup Performs 16 rounds of substitutions and permutations –Involving the key in each round

Lecture 5 Page 22 CS 236 Online Is DES Secure? Apparently, reasonably NSA alterations believed to have increased security against differential cryptanalysis Some keys are known to be weak with DES –So good implementations reject them To date, only brute force attacks have publicly cracked DES

Lecture 5 Page 23 CS 236 Online Key Length and DES Easiest brute force attack is to try all keys –Looking for a meaningful output Cost of attack proportional to number of possible keys Is 2 56 enough keys? Not if you seriously care –Cracked via brute force in 1998 –Took lots of computers and time –But computers keep getting faster...

Lecture 5 Page 24 CS 236 Online Does This Mean DES is Unsafe? Depends on what you use it for Takes lots of compute power to crack On the other hand, computers will continue to get faster And motivated opponents can harness vast resources Increasingly being replaced by AES

Lecture 5 Page 25 CS 236 Online The Advanced Encryption Standard A relatively new cryptographic algorithm Intended to be the replacement for DES Chosen by NIST –Through an open competition Chosen cipher was originally called Rijndael –Developed by Dutch researchers –Uses combination of permutation and substitution

Lecture 5 Page 26 CS 236 Online Increased Popularity of AES Gradually replacing DES –As was intended Various RFCs describe using AES in IPSEC FreeS/WAN IPSEC (for Linux) includes AES Some commercial VPNs use AES Various Windows AES products available –Used for at least some purposes in Vista

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.