Part 1  Cryptography 1 Integrity Part 1  Cryptography 2 Data Integrity  Integrity  detect unauthorized writing (i.e., modification of data)  Example:

Slides:



Advertisements
Similar presentations
ECE454/CS594 Computer and Network Security
Advertisements

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
IS 302: Information Security and Trust Week 4: Asymmetric Encryption
Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 
Chapter 1  Introduction 1 Chapter 1: Introduction.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Sri Lanka Institute of Information Technology
Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
CS470, A.SelcukModes of Operation1 Encrypting with Block Ciphers CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
Chapter 1 Introduction Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (1) Information Security.
S. Muftic Computer Networks Security 1 Lecture 4: Message Confidentiality and Message Integrity Prof. Sead Muftic.
Cryptography, Authentication and Digital Signatures
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Security: An Overview of Cryptographic Techniques /440 With slides from: Debabrata Dash, Nick Feamster, Gregory Kesden, Vyas Sekar and others.
Lecture 4: Using Block Ciphers
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Cryptographic Hash Functions Message Authentication Digital Signatures.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Chapter 1  Introduction 1 Chapter 1: Introduction.
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.
Part 1  Cryptography 1 Chapter 3: Symmetric Key Crypto.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
CS426Fall 2010/Lecture 61 Computer Security CS 426 Lecture 6 Cryptography: Message Authentication Code.
TinySec : Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof :: Naveen Sastry :: David Wagner Presented by Anil Karamchandani 10/01/2007.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Privacy and Integrity: “ Two Essences of Network Security” Presenter Prosanta Gope Advisor Tzonelih Hwang Quantum Information and Network Security Lab,
Presentation Road Map 1 Authenticated Encryption 2 Message Authentication Code (MAC) 3 Authencryption and its Application Objective Modes of Operation.
Identify Friend or Foe (IFF) Chapter 9 Simple Authentication protocols Namibia Angola 1. N 2. E(N,K) SAAF Impala Russian MIG 1 Military needs many specialized.
Dan Boneh Authenticated Encryption CBC paddings attacks Online Cryptography Course Dan Boneh.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.
@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.
The Secure Channel Ramki Thurimella. 2 Secure Channel Properties Roles Alice—Bob (Server—Client) Direction of flow Eve Delete, Insert, or modify data.
Block Cipher Encrypting a large message Electronic Code Book (ECB) message m1 m2 m3 m4 m5 m6 c1 c2 c3 c4 c5 c6 E E E Secret.
Symmetric-Key Cryptography CS 161: Computer Security Prof. Raluca Ada Popa Sept 13, 2016.
CS480 Cryptography and Information Security
Symmetric Cryptography
Computer Communication & Networks
CSCE 715: Network Systems Security
Block Cipher Modes CS 465 Make a chart for the mode comparisons
MAC: Message Authentication Code
Cryptography Basics and Symmetric Cryptography
Security through Encryption
csci5233 computer security & integrity (Chap. 4)
Security Of Wireless Sensor Networks
Block vs Stream Ciphers
Security of Wireless Sensor Networks
Counter Mode, Output Feedback Mode
Secret-Key Encryption
Presentation transcript:

Part 1  Cryptography 1 Integrity

Part 1  Cryptography 2 Data Integrity  Integrity  detect unauthorized writing (i.e., modification of data)  Example: Inter-bank fund transfers o Confidentiality may be nice, integrity is critical  Encryption provides confidentiality (prevents unauthorized disclosure)  Encryption alone does not provide integrity o One-time pad, ECB cut-and-paste, etc.

Message Authentication Code (MAC)  Message Authentication Code ( MAC ) o Used for data integrity o Integrity not the same as confidentiality Part 1  Cryptography 3 plaintext MAC compute

Part 1  Cryptography 4 Computation of MAC  There are two ways of computing MAC.  One way is to compute MAC as CBC residue o That is, compute CBC encryption, saving only final ciphertext block, the MAC  The other way is to use the hash function.(we will cover it ch 5)

Part 1  Cryptography 5 MAC Computation  MAC computation (assuming N blocks) C 0 = E(IV  P 0, K), C 1 = E(C 0  P 1, K), C 2 = E(C 1  P 2, K),… C N  1 = E(C N  2  P N  1, K) = MAC  MAC sent with IV and plaintext  Receiver does same computation and verifies that result agrees with MAC  Note: receiver must know the key K

Part 1  Cryptography 6 Does a MAC work?  Suppose Alice has 4 plaintext blocks  Alice computes C 0 = E(IV  P 0,K), C 1 = E(C 0  P 1,K), C 2 = E(C 1  P 2,K), C 3 = E(C 2  P 3,K) = MAC  Alice sends IV,P 0,P 1,P 2,P 3 and MAC to Bob  Suppose Trudy changes P 1 to X  Bob computes C 0 = E(IV  P 0,K), C 1 = E(C 0  X,K), C 2 = E(C 1  P 2,K), C 3 = E(C 2  P 3,K) = MAC  MAC  That is, error propagates into MAC  Trudy can’t make MAC == MAC without K

Part 1  Cryptography 7 Confidentiality and Integrity  Encrypt with one key, MAC with another key  Why not use the same key? o Send last encrypted block ( MAC ) twice? o This cannot add any security!  Using different keys to encrypt and compute MAC works, even if keys are related o But, twice as much work as encryption alone o Can do a little better  about 1.5 “encryptions”  Confidentiality and integrity with same work as one encryption is a research topic

CBC and CTR(1)  Can we achieve both confidentiality and integrity through the same encryption? o CBC is possible, but CTR is not.  But, the drawback of CBC is o Not possible to do pipelined and parallelized implementation. o So, common method is the composition of CBC with HMAC-SHA1. Part 1  Cryptography 8

CBC and CTR(2)  CTR is possible to do pipelined and parallelized implementation.  But there is no suitable message authentication algorithm.  So, the question is, o Can we encrypt at high speed and provide message authentication that can keep up with our cipher? Part 1  Cryptography 9

Part 1  Cryptography 10 Uses for Symmetric Crypto  Confidentiality o Transmitting data over insecure channel o Secure storage on insecure media  Integrity ( MAC )  Authentication protocols (later…)  Anything you can do with a hash function (upcoming chapter…)