Secret Key Cryptography

Slides:



Advertisements
Similar presentations
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Advertisements

Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.
Cryptography The science of writing in secret code.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
I-4 security.
Chapter 1 Introduction Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li
Cryptology By Greg Buss Pat Shields Barry Burke. What is Cryptology? Cryptology is the study of “secret writing.” Modern cryptology combines the studies.
Based on Applied Cryptography by Schneier Chapter 1: Foundations Dulal C. Kar.
Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.
Computer Security Cryptography. Cryptography Now and Before  In the past – mainly used for confidentiality  Today –Still used for confidentiality –Data.
Lecture 2: Introduction to Cryptography
Overview of Cryptography & Its Applications
1.1 Introduction to Cryptography. 1.2 Basic Cryptography Cryptography is a deep mathematical subject. Cryptographic protocols provide a cornerstone for.
Computer Security (CS4800)
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
INCS 741: Cryptography Overview and Basic Concepts.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Introduction (Pendahuluan)  Information Security  Criptography.
1 Introduction to Cryptography Chapter-4. Definitions  Cryptography = the science (art) of encryption  Cryptanalysis = the science (art) of breaking.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
CS201 Tech-Talk Two: Cryptography Michael Hsu CSULA.
Network security 1. Security taxonomy Physical security Resource exhaustion - DDoS system/network vulnerabilities Key-based security.
Cryptography Presented By: Yogita Dey Amardeep Kahali Dipanjan Devnagar Minhaajuddin Ahmad Khan ECE4, NIT Securing the Information Age.
Security Protecting information data confidentiality
Cryptography – Test Review
Computer Security Revision Week
Public Key Cryptography
CIT 380: Securing Computer Systems
Asymmetric-Key Cryptography
ISA 400 Management of Information Security
Crypto in information security
Cryptography & Security
What is network security?
Outline Desirable characteristics of ciphers Uses of cryptography
Cryptography.
Introduction Of System Security
Basic Network Encryption
Cryptography.
CSCI-235 Micro-Computer Applications
Outline Desirable characteristics of ciphers Uses of cryptography
Introduction to modern cryptology
Cis 4930 Introduction to cryptography
History of Cryptography
Chapter 3:Cryptography (16M)
مروري برالگوريتمهاي رمز متقارن(كليد پنهان)
Security through Encryption
PART VII Security.
Cryptography: Basics (2)
Intro to Cryptography Hanqiu Peng.
Cryptography and Cryptanalysis
Secret Key Cryptography
Basic Network Encryption
Unit 2: Cryptography & Cryptographic Algorithm
Basic of Modern Cryptography
Computer Security Chapter Two
Modern Cryptography.
Cryptanalysis Network Security.
Symmetric Encryption or conventional / private-key / single-key
Presentation transcript:

Secret Key Cryptography Dr. X Slides adopted by Dr. William Enck, NCSU

Why is crypto useful? Networks designed for data transport, not for data confidentiality or privacy Internet eavesdropping is (relatively) easy Crypto enables: e-commerce and e-banking confidential messaging digital identities protection of personal data electronic voting anonymity

Cryptographic History hide secrets from your enemy ~4000 year old discipline Egyptians’ use of non-standard hieroglyphics Spartans used scytale to perform transposition cipher Italian Leon Battista Alberti (“father of western cryptography”) invents polyalphabetic ciphers in 1466

Enigma German WWII encryption device Used polyalphabetic substitution cipher Broken by Allied forces Intelligence called Ultra Codebreaking at Bletchley Park See original at the International Spy Museum

Terminology cryptosystem: method of disguising (encrypting) plaintext messages so that only select parties can decipher (decrypt) the ciphertext cryptography: the art/science of developing and using cryptosystems cryptanalysis: the art/science of breaking cryptosystems cryptology: the combined study of cryptography and cryptanalysis

What can crypto do? Confidentiality Integrity Authenticity Keep data and communication secret Encryption / decryption Integrity Protect reliability of data against tampering “Was this the original message that was sent?” Authenticity Provide evidence that data/messages are from their purported originators “Did Alice really send this message?”

Cryptography < security Cryptography isn't the solution to security Buffer overflows, worms, viruses, trojan horses, SQL injection attacks, cross- site scripting, bad programming practices, etc. It's a tool, not a solution Even when used, difficult to get right Choice of encryption algorithms Choice of parameters Implementation Hard to detect errors Even when crypto fails, the program may still work May not learn about crypto problems until after they've been exploited

Crypto is really, really, really, really, really hard Task: develop a cryptosystem that is secure against all conceivable (and inconceivable) attacks, and will be for the foreseeable future If you are inventing your own crypto, you’re doing it wrong Common security idiom: “no one ever got fired for using AES”

Some oldies crypto algos Caesar Cipher Substitution cipher Polyalphabetic cipher One time pads

Modern crypto: two flavors of confidentiality Unconditional or probabilistic security: crypto system offers provable guarantees, irrespective of computational abilities of an attacker given ciphertext, the probabilities that bit i of the plaintext is 0 is p and the probability that it is 1 is (1-p) e.g., one-time pad often requires key sizes that are equal to size of plaintext Conditional or computational security: cryptosystem is secure assuming a computationally bounded adversary, or under certain hardness assumptions (e.g., P<>NP) e.g., DES, 3DES, AES, RSA, DSA, ECC, DH, MD5, SHA Key sizes are much smaller (~128 bits) Almost all deployed modern cryptosystems are conditionally secure

Cryptanalysis Goal: learn the key Classifications: ciphertext-only attack: Eve has access only to ciphertext known-plaintext attack: Eve has access to plaintext and corresponding ciphertext chosen-plaintext attack: Eve can choose plaintext and learn ciphertext chosen-ciphertext attack: Eve can choose ciphertext and learn plaintext