Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security (contd.)

Published byMaurice Powell Modified over 5 years ago

Similar presentations

Presentation on theme: "Network Security (contd.)"— Presentation transcript:

1 Network Security (contd.)
Bijendra Jain 1/1/2019 Tutorial on Network Security: Sep 2003

2 Lecture 3: Public-key cryptography
1/1/2019 Tutorial on Network Security: Sep 2003

3 Public-key cryptography
Public-key cryptography is not necessarily more secure than private-key cryptography Private-key cryptography is not obsolete—it still is exceptionally useful Distribution of keys in public-key cryptography is not trivial-- Public-key cryptography has attempted to address this issue head-on 1/1/2019 Tutorial on Network Security: Sep 2003

4 Public-key cryptography
Public-key cryptography requires the use of two keys: One for encryption A related one for decryption One key is kept private, while the other is made public Can either key be used for encryption, and the other for decryption: YES, for RSA 1/1/2019 Tutorial on Network Security: Sep 2003

5 Public-key cryptography: confidentiality
Used for Confidentiality: 1/1/2019 Tutorial on Network Security: Sep 2003

6 Public-key cryptography: confidentiality
Used for confidentiality: 1/1/2019 Tutorial on Network Security: Sep 2003

7 Public-key cryptography: authentication
Used for authentication: 1/1/2019 Tutorial on Network Security: Sep 2003

8 Public-key cryptography: authentication
Used for authentication: 1/1/2019 Tutorial on Network Security: Sep 2003

9 Confidentiality and authentication
Used for : 1/1/2019 Tutorial on Network Security: Sep 2003

10 Public-key cryptography
Easy for B to generate keys, (private) KRB and (public) KUB Easy for sender A to encrypt C = EKUB (M), given M and KUB Easy for receiver B to decrypt M = DKRB (C), given C and KRB Given KUB it is infeasible for others to determine KRB Given KUB and ciphertext C it is infeasible for others to decipher M (optionally) encryption and decryption can be applied in any order Function E (or D) is “one-way function with trap-door” The inverse of E (or D) is infeasible, unless additional information (trap-door) is available 1/1/2019 Tutorial on Network Security: Sep 2003

11 Tutorial on Network Security: Sep 2003
RSA algorithm Approach first suggested by Diffie and Hellman Invented by Rivest, Shamir, Adleman at MIT, first published in 1978 Algorithms are patented Block cipher, where plaintext is < n Permits any key length typically 128 through 1014 is common 1/1/2019 Tutorial on Network Security: Sep 2003

12 Tutorial on Network Security: Sep 2003
RSA algorithm Consider n, and blocks of size k bits s.t. 2k < n  2k+1. Encryption and decryption algorithms: C = Me mod n M = Cd mod n = Med mod n where sender knows public key KU = {e, n} receiver knows private key KR = {d, n} For this to be a public-key crypto system: M = Med mod n for some e, d, n for all M < n Easy to calculate Me mod n, and Cd mod n Infeasible to determine d, given e and n 1/1/2019 Tutorial on Network Security: Sep 2003

13 Tutorial on Network Security: Sep 2003
RSA algorithm Key generation Select any prime numbers p, q Compute n = p*q Compute phi = (p-1)*(q-1) Select e, such that 1< e < phi, and gcd(phi, e) = 1 Find d such that ed = 1 mod phi Public key KU = {e, n} Private key KR = {d, n} Encryption, decryption algorithms: for any plaintext M < n C = Me (mod n) M = Cd (mod n) Can be shown that M = Cd mod n = Med mod n 1/1/2019 Tutorial on Network Security: Sep 2003

14 Tutorial on Network Security: Sep 2003
RSA: example Let p = 7, q = 17 N = p*q = 119 Phi = (p-1)*(q-1) = 96 Select e = 5 (note e is relatively prime to 96, and < 96) Find d =77 (note d*e = 1 mod 96, and d < 96) KU = {5, 119}, KR = {77, 119} Let M = 19 (note M < 119) Encryption step: C = 19**5 = mod 119 = 66 Decryption step: M = 66**77 = 127………. mod 119 = 19 1/1/2019 Tutorial on Network Security: Sep 2003

15 RSA: computational aspects
Computing C = Me (mod n) use the following two properties: 1. A * B mod n = (A mod n)*(B mod n) mod n Or, e.g., 195 mod 119 = (192 mod 119) * (193 mod 119) mod 119 2. A**8 = (A**4)**2 = ((A**2)**2)**2 Or, 19**9 = (19**8)*(19**1) = (((19**2)**2)**2)*(19**1) 1/1/2019 Tutorial on Network Security: Sep 2003

16 Tutorial on Network Security: Sep 2003
RSA: key generation Selecting two primes: p, q Should be very large Since M < n = p*q Infeasible to calculate factors p, q of n by exhaustive search Finding large primes Pick a large number randomly, and then test Selecting e, relative prime to phi = (p-1)*(q-1) Pick an e, and test for relative primality Extended Euclid’s algorithm computes gcd, and inverse, d 1/1/2019 Tutorial on Network Security: Sep 2003

17 Tutorial on Network Security: Sep 2003
RSA: its strength Brute force Factor n to obtain p and q Then calculate phi = (p-1)*(q-1), and then invert e to obtain d “Factor” n to obtain phi Then invert e to obtain d Progress towards meeting challenges Ciphers using RSA with keys of size up to 431 bits have been deciphered Effort involved was only 500 MIPS-years (1 MIPS machine working for 1 year – a 200 MHz Pentium is 50 MIPS) A 2048 bit RSA is expected to require 1014 MIPS-years Today, and for the near future, consider RSA key size of 1024 to 2048 Additionally consider selecting p and q appropriately, such as p and q are of approx. same length, etc. 1/1/2019 Tutorial on Network Security: Sep 2003

18 RSA: distribution of public keys
Public announcements Directory on the web, where data is secured Public-key authority Certificates 1/1/2019 Tutorial on Network Security: Sep 2003

19 RSA: distribution of public keys
Public announcements Public key is “public” User can share his/her public with others Popular with PGP However, one may even send “false” keys 1/1/2019 Tutorial on Network Security: Sep 2003

20 RSA: distribution of public keys
Publicly accessible directory By a trusted and well known “authority” Individual users “register” their public key using some other means Public keys are secure For instance on the web, or printed directory Individual users control, update their public keys, and do so in a secure manner Weaknesses: Break into the authority’s database Alter the key during communication 1/1/2019 Tutorial on Network Security: Sep 2003

21 RSA: distribution of public keys
Public-key authority Very similar to publicly accessible directory Different: user can request/obtain public key in secure manner Initiator A X, PK authority 1. REQ (KUB, T1) 2. ENCKUX(KUB, REQ (KUB, T1)) Initiator B 4. REQ (KUA, T2) 5. ENCKUX(KUA, REQ (KUA, T2)) 3. ENCKUB(IDA, N1) 6. ENCKUA(IDB, N1, N2) 7. ENCKUB(N2) 1/1/2019 Tutorial on Network Security: Sep 2003

22 RSA: distribution of public keys
Public-key certificates Certificates need not be issued each time Sender provides public key with a certificate Receiver checks the certificate, thereby confirms public key A certificate: Anyone can read, determine the owner’s public key Anyone can verify that certificate is signed by authority Only certificate can create certificate Anyone can check “currency” of certificate 1/1/2019 Tutorial on Network Security: Sep 2003

23 Tutorial on Network Security: Sep 2003
RSA: Certificates CERTA = ENCPUX (IDA, KUA, TA, DURA) where PUX is public key of certification authority IDA is user ID KUA is public key of A TA is time of issuance of certificate DURA is the duration for which the certificate is valid 1/1/2019 Tutorial on Network Security: Sep 2003

24 Lecture 4: Message Authentication
1/1/2019 Tutorial on Network Security: Sep 2003

25 Message authentication
Source of Message Protection against masquerading Integrity of message Protection against modification Integrity of sequence of messages Protection against deletion, addition and re-ordering Integrity of timing Protection against delay and replay 1/1/2019 Tutorial on Network Security: Sep 2003

26 Using private-key encryption
Encrypt message using private-key encryption system Basically provides confidentiality Authentication and Integrity check are difficult, but possible Particularly if it is some bit sequence Use an FCS (frame check sequence), as in TCP Integrity of a sequence of TCP messages can also be ensured Does not provide for non-repudiation 1/1/2019 Tutorial on Network Security: Sep 2003

27 Using public-key encryption
Similar, except that it only provides for authentication Again, the transmitted message must have some structure (FCS, for example) 1/1/2019 Tutorial on Network Security: Sep 2003

28 Message Authentication Codes
Integrity check is not difficult any more Based on private-key encryption Transmitted message in (M, MAC) MAC = CK(M) where: C is MAC algorithm, K is the shared key Provides for message integrity, user authentication, but not non-repudiation 1/1/2019 Tutorial on Network Security: Sep 2003

29 Message Authentication Codes
Algorithm C differs: from encryption in that it is NOT reversible From FCS, etc. in that it is not easy to design a new message with same FCS From use of hash functions, in that encryption and “hashing” is simultaneous Algorithm C is more difficult to crack 1/1/2019 Tutorial on Network Security: Sep 2003

30 Message authentication codes
Authentication based on MAC-- superior since it is efficient Authentication based on appending an FCS, then encrypting FCS is a bad idea, anyway Data sent Message || MAC() K Data sent Message E() K || fcs() 1/1/2019 Tutorial on Network Security: Sep 2003

31 Message authentication: alternatives
Data sent Message || H() E() K Data sent Message || H() E() K 1/1/2019 Tutorial on Network Security: Sep 2003

32 Tutorial on Network Security: Sep 2003
Digital Signature Data sent Message || H() E() KR 1/1/2019 Tutorial on Network Security: Sep 2003

33 Message authentication: alternatives
Data sent Message || H() Secret K This approach completely does away with encryption Efficient Strength depends completely on how good is the hashing function 1/1/2019 Tutorial on Network Security: Sep 2003

34 Tutorial on Network Security: Sep 2003
MAC codes MAC is also known as cryptographic checksum Transmitted message in (M, MAC) MAC = CK(M) where: C is MAC algorithm, MAC is n bit long M is variable length message K is k-bit shared key MAC requirements: Given M, CK(M) it should be computationally infeasible to obtain M’ s.t. MAC = CK(M) = CK(M’) MAC = CK(M) should be uniformly distributed, or for random M, M’ Prob (CK(M) = CK(M’) = 2-n Similarly if M’ is obtained by carrying out simple transformations 1/1/2019 Tutorial on Network Security: Sep 2003

35 Tutorial on Network Security: Sep 2003
MAC Codes 64 bit DAA (Data Authentication Algorithm) is based on DES: O1 = EK(D1) O2 = EK(O1 D2) O3 = EK(O2 D3) ON = EK(ON-1 DN) 1/1/2019 Tutorial on Network Security: Sep 2003

36 Tutorial on Network Security: Sep 2003
Hash functions Data sent Message || H() E() KR Requirements of a hash function: Can be applied to block of data of any size Produces a fixed length digest Easy to compute h = H(M) One-way function: given h, it must be computationally infeasible to compute M such that h = H(M) Weak collision: Given M, it must be computationally infeasible to compute M’ such that H(M’) = H(M) Strong collision: computationally infeasible to find M, M’ such that H(M’) = H(M) 1/1/2019 Tutorial on Network Security: Sep 2003

37 Tutorial on Network Security: Sep 2003
Hash functions Simple hash function: O1 = D1 O2 = O1 D2 O3 = O2 D3 ON = ON-1 DN MD4, MD5 1/1/2019 Tutorial on Network Security: Sep 2003

38 Tutorial on Network Security: Sep 2003
MD5 Y0 Y1 YL IV CV1 HMD5 CV2 CVL-1 CVL Develop in 1992, by Ron Rivest 128 bit hash code Processes 512 bits at a time (add padding bits if necessary) 4 rounds of 16 steps each, involving gcd, and + mod 232 operations 1/1/2019 Tutorial on Network Security: Sep 2003

39 Tutorial on Network Security: Sep 2003
MD4 Similar to MD5, developed earlier in 1990 by Ron Rivest 128 bit hash code, processes 512 bits at a time 3 rounds of 16 steps each, involving gcd, and + mod 232 operations faster 1/1/2019 Tutorial on Network Security: Sep 2003

40 Tutorial on Network Security: Sep 2003
SHA-1 hash function Developed by NIST in 1995 Based on MD4 160 bit hash Operates on blocks of length 512 bit More secure against brute force attacks Appears to be secure against cryptanalysis MD5 and SHA-1 are equally fast, simple 1/1/2019 Tutorial on Network Security: Sep 2003

41 Tutorial on Network Security: Sep 2003
HMAC Truly a MAC Required for IPSec Based on hash functions Any “good” hash function can be used The “IV” can be kept secret (becomes the key) MD5 or SHA-1 can be used 1/1/2019 Tutorial on Network Security: Sep 2003

42 Tutorial on Network Security: Sep 2003
Thanks 1/1/2019 Tutorial on Network Security: Sep 2003

Download ppt "Network Security (contd.)"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Chapter3 Public-Key Cryptography and Message Authentication.

Chapter3 Public-Key Cryptography and Message Authentication.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
PULIC –KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION.

PULIC –KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION.
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden +46 470 70 86.

1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester 2008-2009 ITGD 2202 University of Palestine.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Fall 2002CS 395: Computer Security1 Chapter 11: Message Authentication and Hash Functions.

Fall 2002CS 395: Computer Security1 Chapter 11: Message Authentication and Hash Functions.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.

BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.

Similar presentations

Ads by Google