Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

Published byMerryl Chandler Modified over 8 years ago

Similar presentations

Presentation on theme: "CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009."— Presentation transcript:

1 CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009

2 Cryptographic Security Security Goals Consider the following security risks that could face two communicating entities in an unprotected environment: CS 5204 – Fall 2009 2 AB C could view the secret message by eavesdropping on the communication. Loss of privacy/confidentiality C m (1)

3 Cryptographic Security CS 5204 – Fall 2009 3 AB C could alter/corrupt the message, or the message could change while in transit. If B does not detect this, then we have Loss of Integrity C m AB C m Or it could send a massage to B pretending to be A If B cannot verify the source entity of the information then we lack authentication (2) (3)

4 Cryptographic Security CS 5204 – Fall 2009 4 AB m A might repudiate having sent m to B Hence, some possible goals for communication : Privacy/confidentiality - information not disclosed to unauthorized entities Integrity - information not altered deliberately or accidentally Authentication - validation of identity of source of information Non-repudiation – Sender should not be able to deny sending a message (4)

5 Cryptographic Security What is Cryptography Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, authentication, and non-repudiation. CS 5204 – Fall 2009 5

6 Cryptographic Security What is a cryptographic system composed of? Plaintext: original message or data (also called cleartext) Encryption: transforming the plaintext, under the control of the key Ciphertext: encrypted plaintext Decryption: transforming the ciphertext back to the original plaintext Cryptographic key: used with an algorithm to determine the transformation from plaintext to ciphertext, and v.v. CS 5204 – Fall 2009 6 (encryption) (encryption key) C PP (decryption) SenderReceiver (decryption key)

7 Cryptographic Security Attack classification CS 5204 – Fall 2009 7 (encryption) (key) C P Ciphertext Alone attack: The attacker has available only the intercepted cryptogram C. From C, try to find P or (even better) the key.

8 Cryptographic Security Attack classification CS 5204 – Fall 2009 8 (encryption) (key) CiCi PiPi Known Plaintext attack: The attacker knows a small amount of plaintext (P i ) and its ciphertext Equivalent (C i ). C i+1 P i+1 Attacker tries to find key or to infer P i+1 (next plaintext)

9 Cryptographic Security Attack classification CS 5204 – Fall 2009 9 Chosen Plaintext attack: The attacker can choose plaintext (P i ) and obtain its ciphertext (C i ). A careful selection of (P i ) would give a pair of (P i, C i ) good for analyzing Enc. Alg. + key and in finding Pi+1 (next plaintext of sender) (encryption) (key) CiCi PiPi C i+1 P i+1

10 Cryptographic Security CS 5204 – Fall 2009 10 Forms of Cryptosystems Private Key (symmetric) : A single key ( K) is used for both encryption and decryption and must be kept secret. Key distribution problem ­ a secure channel is needed to transmit the key before secure communication can take place over an unsecure channel. (encryption) (K)(K) C MM (decryption) SenderReceiver (K)(K) E K (M) = C D K (C) = M

11 Cryptographic Security Forms of Cryptosystems Public Key (asymmetric): The encryption procedure (key) is public while the decryption procedure (key) is private. Each participant has a public key and a private key. May allow for both encryption of messages and creation of digital signatures.

12 Cryptographic Security CS 5204 – Fall 2009 12 Forms of Cryptosystems Public Key (asymmetric): Requirements: 1. For every message M, encrypting with public key and then decrypting resulting ciphertext with matching private key results in M. 2. Encryption and Decryption can be efficiently applied to M 3. It is impractical to derive decryption key from encryption key. (encryption) (public key of Receiver) C MM (decryption) SenderReceiver (private key of Receiver)

13 Cryptographic Security CS 5204 – Fall 2009 13 Combining Public/Private Key Systems Public key encryption is more expensive than symmetric key encryption For efficiency, combine the two approaches (2) Use symmetric key for encrypting subsequent data transmissions (1) (2) AB (1)Use public key encryption for authentication; once authenticated, transfer a shared secret symmetric key

14 Cryptographic Security Rivest­Shamir­Adelman (RSA) Method Named after the designers: Rivest, Shamir, and Adleman Public-key cryptosystem and digital signature scheme. Based on difficulty of factoring large integers  For large primes p & q, n = pq  Public key e and private key d calculated CS 5204 – Fall 2009 14

15 Cryptographic Security RSA Key Generation CS 5204 – Fall 200915 1. Let p and q be large prime numbers, randomly chosen from the set of all large prime numbers. 2. Compute n = pq. 3. Choose any large integer, d, so that: GCD( d, ϕ (n)) = 1 (where ϕ (n) = (p­1)(q­1) ) 4. Compute e = d -1 (mod ϕ (n)). 5. Publish n and e. Keep p, q and d secret. Every participant must generate a Public and Private key: Note: Step 4 can be written as: Find e so that: e x d = 1 (modulo ϕ (n)) If we can obtain p and q, and we have (n, e), we can find d

16 Cryptographic Security CS 5204 – Fall 200916 Rivest­Shamir­Adelman (RSA) Method A M e mod n C d mod n Encryption Key for user B (B’s Public Key) Decryption Key for user B (B’s PrivateKey) C (e, n)(d, n) Assume A wants to send something confidentially to B: A takes M, computes C = M e mod n, where (e, n) is B’s public key. Sends C to B B takes C, finds M = C d mod n, where (d, n) is B’s private key B MM + Confidentiality

17 Cryptographic Security CS 5204 – Fall 200917 RSA Method Example: 1. p = 5, q = 11 and n = 55. (p­1)x(q­1) = 4 x 10 = 40 2. A valid d is 23 since GCD(40, 23) = 1 3. Then e = 7 since: 23 x 7 = 161 modulo 40 = 1 in other words e = 23 -1 (mod 40) = 7

18 Cryptographic Security Digital Signatures Based on RSA CS 5204 – Fall 200918 In RSA algorithm the encryption and decryption operations are commutative: ( m e ) d = ( m d ) e = m We can use this property to create a digital signature with RSA.

19 Cryptographic Security CS 5204 – Fall 2009 19 Digital Signatures (Public Key) Public Key System: sender, A: (E A : public, D A : private) receiver, B: (E B : public, D B : private) A signs the message m using its private key, the result is then encrypted with B’s public key, and the resulting ciphertext is sent to B: C= E B (D A (M)) B receives ciphertext C decrypts it using its private key The result is then encrypted with the senders public key (A’s public key) and the message m is retreived M = E A (D B (C))

20 Cryptographic Security Hashing CS 5204 – Fall 2009 20 A one-way hash function h is a public function h (which should be simple and fast to compute) that satisfies three properties: 1.A message m of arbitrary length must be able to be converted into a message digest h(m) of fixed length. 2.It must be one-way, that is given y = h(m) it must be computationally infeasible to find m. 3.It must be collision free, that is it should be computationally infeasible to find m1 and m2 such that h(m1) = h(m2). Examples: MD5, SHA-1

21 Cryptographic Security Hash Function CS 5204 – Fall 2009 21 …M… H (M) Hash Function H Message of arbitrary lengthFixed length output

22 Cryptographic Security Producing Digital Signatures CS 5204 – Fall 2009 22 Step 1: A produces a one-way hash of the message. Step 2: A encrypts the hash value with its private key, forming the signature. Step 3: A sends the message and the signature to B. Hash Function Encryption Algorithm Digital Signature A’s private key message digest Message H (M) Sig A M

23 Cryptographic Security Verifying Digital Signature CS 5204 – Fall 2009 23 Hash Function Decryption Algorithm Digital Signature received sender’s (A’s) public key message digest H (M’) H (M) Compare Sig A M’ H (M’) Message received Step 4: B forms a one-way hash of the message. Step 5: B uses A’s public key to decrypt the signature and obtain the sent hash. Step 6: compare the computed and sent hashes

24 Cryptographic Security Security of Digital Signatures CS 5204 – Fall 2009 24 If the hashes match then we have guaranteed the following: Integrity: if m changed then the hashes would be different Authenticity & Non-repudiation: A is who sent the hash, as we used A’s public key to reveal the contents of the signature A cannot deny signing this, nobody else has the private key. If we wanted to further add confidentiality, then we would encrypt the sent m + signature such that only B could reveal the contents (encrypt with B’s public key) Satisfies the requirements of a Digital Signature Possible problem: If signing modulus > encrypting modulus -> Reblocking Problem

25 Cryptographic Security CS 5204 – Fall 2009 25 Secure Communication (Public Key) B A Handshaking If B sees the same nonce at a later time, then it should suspect a replay attack. E PKA (I A, I B ) E PKB, (I A, A) E PKB (I B ) I A, I B are “nonces” nonces can be included in each subsequent message PKB: public key of B; PKA: public key of A; C E PKB (I B )

26 Cryptographic Security CS 5204 – Fall 2009 26 Questions?

Download ppt "CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Cryptographic Security CS5204 – Operating Systems1.

Cryptographic Security CS5204 – Operating Systems1.
Asymmetric-Key Cryptography

Asymmetric-Key Cryptography
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Cryptographic Technologies

Cryptographic Technologies
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Similar presentations

Ads by Google