Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos

Published byKory Robbins Modified over 9 years ago

Similar presentations

Presentation on theme: "CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos"— Presentation transcript:

1 CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos elathan@ics.forth.gr

2 Cryptography Elements SSymmetric Encryption -B-Block Ciphers -S-Stream Ciphers AAsymmetric Encryption CCryptographic Hash Functions AApplications CS-457Elias Athanasopoulos2

3 CS-457Elias Athanasopoulos3

4 The need for randomness  Key distribution  Replay attacks (nonces)  Session key generation  Generation of keys for the RSA public-key encryption algorithm  Stream ciphers CS-457Elias Athanasopoulos4

5 Randomness  Uniform distribution - The distribution of bits in the sequence should be uniform; that is, the frequency of occurrence of ones and zeros should be approximately equal.  Independence - No one subsequence in the sequence can be inferred from the others.  Security requirement - Unpredictability CS-457Elias Athanasopoulos5

6 Random Generator Types  True Random Number Generators (TRNGs)  Pseudo-random Number Generators (PRNGs)  Pseudo-random Functions (PRFs) CS-457Elias Athanasopoulos6

7 CS-457Elias Athanasopoulos7

8 TRNGs CS-457Elias Athanasopoulos8

9 PRNGs r = f(seed); CS-457Elias Athanasopoulos9

10 Requirements  Uniformity - Occurrence of a zero or one is equally likely. The expected number of zeros (or ones) is n/2, where n = the sequence length  Scalability - Any test applicable to a sequence can also be applied to subsequences extracted at random. If a sequence is random, then any such extracted subsequence should also be random  Consistency - The behavior of a generator must be consistent across starting values (seeds) CS-457Elias Athanasopoulos10

11 Tests  Frequency test - Determine whether the number of ones and zeros in a sequence is approximately the same as would be expected for a truly random sequence  Runs test - Determine whether the number of runs of ones and zeros of various lengths is as expected for a random sequence  Maurer’s universal statistical test - Detect whether or not the sequence can be significantly compressed without loss of information. A significantly compressible sequence is considered to be non-random CS-457Elias Athanasopoulos11

12 Unpredictability  Forward unpredictability - If the seed is unknown, the next output bit in the sequence should be unpredictable in spite of any knowledge of previous bits in the sequence  Backward unpredictability - It should also not be feasible to determine the seed from knowledge of any generated values. No correlation between a seed and any value generated from that seed should be evident; each element of the sequence should appear to be the outcome of an independent random event whose probability is 1/2 CS-457Elias Athanasopoulos12

13 Seed CS-457Elias Athanasopoulos13

14 Cryptographic PRNGs  Purpose-built algorithms - Designed specifically and solely for the purpose of generating pseudorandom bit streams.  Algorithms based on existing cryptographic algorithms - Cryptographic algorithms have the effect of randomizing input. Indeed, this is a requirement of such algorithms. Three broad categories of cryptographic algorithms are commonly used to create PRNGs:  Symmetric block ciphers - Stream ciphers  Asymmetric ciphers - RSA, compute primes  Hash functions and message authentication codes CS-457Elias Athanasopoulos14

15 Example X n+1 = (aX n + c) mod m Selection of a, c, and m, is very critical:  a=7, c=0, m=32  {7, 17, 23, 1, 7, etc.}  a=5 - {5, 25, 29, 17, 21, 9, 13, 1, 5, etc.}  In theory m should be very large (2^31) CS-457Elias Athanasopoulos15

16 Stream ciphers CS-457Elias Athanasopoulos16

17 CS-457Elias Athanasopoulos17

18 RC4 CS-457Elias Athanasopoulos18 /* Initialization */ for i = 0 to 255 do S[i] = i; T[i] = K[i mod keylen]; /* Initialization */ for i = 0 to 255 do S[i] = i; T[i] = K[i mod keylen]; /* Initial Permutation of S */ j = 0; for i = 0 to 255 do j = (j + S[i] + T[i]) mod 256; Swap (S[i], S[j]); /* Initial Permutation of S */ j = 0; for i = 0 to 255 do j = (j + S[i] + T[i]) mod 256; Swap (S[i], S[j]); /* Stream Generation */ i, j = 0; while (true) i = (i + 1) mod 256; j = (j + S[i]) mod 256; Swap (S[i], S[j]); t = (S[i] + S[j]) mod 256; k = S[t]; /* Stream Generation */ i, j = 0; while (true) i = (i + 1) mod 256; j = (j + S[i]) mod 256; Swap (S[i], S[j]); t = (S[i] + S[j]) mod 256; k = S[t];

19 CS-457Elias Athanasopoulos19

20 CS-457Elias Athanasopoulos20

21 CS-457Elias Athanasopoulos21

22 More maths  Any integer a > 1 can be factored in a unique way as: CS-457Elias Athanasopoulos22

23 CS-457Elias Athanasopoulos23

24 Public-Key Cryptography CS-457Elias Athanasopoulos24

25 Properties  2 keys - Public Key (no secrecy) - Private Key (if stolen everything is lost)  Easy algorithm, but hard to reverse - Y = f(X), easy - X = f -1 (X), computationally hard - Computationally hard means solvable in non- polynomial time CS-457Elias Athanasopoulos25

26 RSA Plaintext = M, cipher = C C = M e mod n M = C d mod n = (M e mod n) d = M ed mod n Public Key = {e, n} Private Key = {d, n} CS-457Elias Athanasopoulos26

27 Euler’s totient function  Written φ(n), and defined as the number of positive integers less than n and relatively prime to n. By convention, φ(1) = 1. CS-457Elias Athanasopoulos27

28 CS-457Elias Athanasopoulos28 Just believe me that this holds! (i.e., φ(pq) =φ(p) φ(q))

29 Euler’s theorem  α, n, relative prime - the only positive integer that evenly divides both of them is 1 CS-457Elias Athanasopoulos29

30 RSA Steps  p, q, two prime numbers - Private  n = pq - n can be public, but recall that it is hard to infer p and q by just knowing n  e is relative prime to φ(n) - Public - Recall φ(n) = (p-1)(q-1)  d from e, and φ(n) - Private CS-457Elias Athanasopoulos30

31 RSA example 1. Select p = 17 and q = 11 2. Then, n = pq = 17×11 = 187. 3. φ(n) = (p-1)(q-1) = 16×10 = 160. 4. Select e relatively prime to φ(n) = 160 and less than φ(n); e = 7. 5. Determine d - de = 1 (mod 160) and d < 160, - The correct value is d = 23, because 23 × 7 = 161 = (1 × 160) + 1; CS-457Elias Athanasopoulos31

32 Computational Aspects  RSA builds on exponents  Intensive operation  Side channels CS-457Elias Athanasopoulos32

33 CS-457Elias Athanasopoulos33

34 How it works? CS-457Elias Athanasopoulos34

35 Integrity and Message Authentication  Integrity - (e.g., download a file) - Message digest  Message Authentication Code (MAC) - Used between two parties that share a secret key to authenticate information exchanged between those parties - Input is a secret key and a data block and the product is their hash value, referred to as the MAC - An attacker who alters the message will be unable to alter the MAC value without knowledge of the secret key CS-457Elias Athanasopoulos35

36 Digital Signatures  The hash value of a message is encrypted with a user’s private key. Anyone who knows the user’s public key can verify the integrity of the message that is associated with the digital signature. CS-457Elias Athanasopoulos36

37 Simple Hash Functions CS-457Elias Athanasopoulos37

38 Essentially based on compression CS-457Elias Athanasopoulos38

39 Requirements CS-457Elias Athanasopoulos39

40 Applications for Hash Functions CS-457Elias Athanasopoulos40  Passwords - Never stored in plain - Server stores only the hash value - Salt (same plain goes to different hash)  Cracking - GPUs - Dictionary attacks

Download ppt "CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
CS457 – Introduction to Information Systems Security Cryptography 1a Elias Athanasopoulos

CS457 – Introduction to Information Systems Security Cryptography 1a Elias Athanasopoulos
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
Stream cipher diagram + + Recall: One-time pad in Chap. 2.

Stream cipher diagram + + Recall: One-time pad in Chap. 2.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Similar presentations

Ads by Google