Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 3 - Public-Key Cryptography & Authentication

Published byLeonard Jayson Benson Modified over 5 years ago

Similar presentations

Presentation on theme: "Chapter 3 - Public-Key Cryptography & Authentication"— Presentation transcript:

1 Chapter 3 - Public-Key Cryptography & Authentication
Network Security Faisal Ahmad Khan Office: 01, SS Block, BUITEMS

2 Authentication Requirements - must be able to verify that:
1. Message came from the apparent source or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence. Sometimes we would like to provide authentication without encryption (public statements do not need privacy). Still, authentication requires that the sender know something that the forger does not ( a secret key). Conventional encryption can be used, but the sender must share the secret key with the receivers (and keep it secret from others). 2

3 The MAC algorithm is a “cryptographic hash” algorithm.
Key MAC2 The MAC algorithm is a “cryptographic hash” algorithm. Key 3

4 Cryptographic (or Secure) Hash Function, H(x)
(note: 3 main properties are underlined) Can be applied to a block of data “x” of any size (length) an produces a fixed-length output (e.g., 512 bytes), H(x). H(x) is relatively easy to compute. It is computationally infeasible to get x from H(x). For a given H(x), it is computationally infeasible to find y != x such that H(y) = H(x) (collision resistance). [You can not change a given message and get same hash] It is computationally infeasible to find a pair x,y such that H(y) = H(x) (collision resistance). [You can not find any two messages in a generated bunch that have the same hash] 4

5 encryption (digital signature)
Hash Key (a) Using secret-key encryption x x Encrypt Decrypt (b) Using public-key encryption (digital signature) 5

6 Secret Value is added by both parties to message before the “hash,” function is used to get the Message Integrity Check (MIC). It is removed before transmission. MIC MIC It is critical that a forger can not compose a different message that would produce the same MIC value. 6

7 7

8 SHA-1 8 Secure Hash Algorithm 1 -> 160-bit "hash”
So new standards: SHA-256, SHA-512, … , SHA-3 8

9 Public-Key Cryptography
(Public-Private Key) plaintext (data file or message) encryption by key-1 decryption by key-1 ciphertext (stored or transmitted safely) decryption by key-2 encryption by key-2 plaintext (original data or message) 9

10 Encryption using a Public-Key System Bob Alice 10

11 Authentication using a
Public-Key System Bob Alice 11

12 RSA (Rivest, Shamir, and Adleman)
Key length is variable, 2048 bits recommended (2011). The plaintext block ("m") must be less than the key length. Key Generation Choose two large prime numbers, p and q (secret) n = pq, Ø(n) = (p-1)(q-1) Find a number, e, that is relatively prime* to Ø(n) The public key is e and n : (e,n) *no common factors Find d, the multiplicative inverse to e mod Ø(n) (by “Number Theory”: d * e mod Ø(n) = 1) The private key is d and n (d,n), public key is (e,n) Encryption: c = m^e mod n ("m" is message) Decryption: m = c^d mod n ("c" is ciphertext) 12

13 (the plaintext message)
Does RSA Work? (Does D(E(m))=m) c = E(m) =(m ^ e) mod n (the ciphertext) D(c) = (c ^ d) mod n (decryption of c) = m^(e*d) mod n = m^(e*d mod Ø(n)) mod n (Number Theory) = m^(1) mod n = m (the plaintext message) 13

14 Is RSA Secure? To factor a 512-bit number (to find p and q
from n) with the best known technique would take 500,000 MIPs-years In 500 years on a 1000 MIP/s CPU, an eavesdropper can encrypt a list of all possible 512-bit messages (using the Public Key), and compare the corresponding ciphertext to the transmitted ciphertext. If the message is your password, make sure you picked a good one (not in any dictionary). A defense is to add random bits to the message. MIPs - Millions of Instructions per second. 14

15 Diffie-Hellman Technique
Mutual Secret Keys or Public (but not Private) Keys Global Public Elements: q (large prime) and a (a < q) User A’s Key: Select secret Xa (Xa < q) A’s public info is Ya = a^Xa mod q User B’s Key: Select secret Xb (Xb < q) B’s public info is Yb = a^Xb mod q Joint Key = Yb ^Xa mod q (A’s calculation) Ya ^ Xb mod q (B’s calculation) a^(Xa*Xb) mod q (in both cases) No one else knows either Xa or Xb, so they can not find out K since Ya * Yb mod q = a^(Xa + Xb) mod q 15

16 Diffie-Hellman used for a Public-Key System for Encryption
(can not sign messages) + a and q YB + message encrypted with “ K” B has to send “ YB” with message so A can decrypt it. (YA, a,q are A’s Public Key) “Trudie” does not know Xa: Can not read message. Different correspondents (B's) will select different XB's and generate different "public" keys (K's).Must tell A the YB. 16

17 Raw “Certificate” has user name, public key, expiration date, ...
CA Secure Area Generate hash code of Raw Certificate Raw Cert. MIC Hash Encrypt hash code with CA’s private key to form CA’s signature Signed Cert. Signed Certificate Recipient can verify signature using CA’s public key. Certificate Authority generates the “signature” that is added to raw “Certificate” 17

18 Browsers Come With a CA Cert Database
You can add additional certificates from sites you trust. 18

19 The GT CA Certificate 19

Download ppt "Chapter 3 - Public-Key Cryptography & Authentication"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Public Key Cryptography & Message Authentication By Tahaei Fall 2012.

Public Key Cryptography & Message Authentication By Tahaei Fall 2012.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Public Key Cryptography

Public Key Cryptography
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Chapter3 Public-Key Cryptography and Message Authentication.

Chapter3 Public-Key Cryptography and Message Authentication.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.

 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden +46 470 70 86.

1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.

Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.

Similar presentations

Ads by Google