Opracowanie językowe dr inż. J. Jarnicki Internet Engineering Czesław Smutnicki Discrete Mathematics – Cryptography
CONTENTS DES algorithm Triple-DES algorithm RSA algorithm MD5 algorithm CRC algorithm ssh service
SECURITY IN COMPUTER NETWORKS Cryptography Algorithms with symmetrical keys Algorithms with public (non-symmetrical) keys Digital signature Management of public keys Security of communications Trustworthiness protocols Security of e-mail Security of www Social aspects of computer networks
CRYPTOGRAPHY Introduction: encryption = transformation (bit-after-bit, character-after-character), coding = replacing, open text, algorithm, key, encrypted text, intruder, cryptoanalysis, cryptology Substituting ciphers Transposition ciphers Once-used keys (XOR of data and key) Quantized cryptography: phaeton, polarisation, strigth linear basis, diagonal basis, qubit, once-used key Fundamental rules of cryptography: redundancy, timeliness
ALGORITHMS WITH SYMMETRICAL KEYS P-box, S-box, cascade DES Triple DES AES Encryption modes: coding book, linking of coding blocks, feedback, streaming code, counting method Other coding: IDEA, RC4, RC5, Rijndael, Serpent, Twofish Cryptoanalysis: differential, linear
ALGORITHM WITH SYMMETRICAL KEYS P-box: 8 lines S-box: 3 lines Aggregate (cascade): 12 lines S1 S5 S9 S2 S6 S10 P1 P2 P3 P4 S3 S7 S11 Decoder 8->3 S4 S8 S12 Decoder 3->8 P-box permutation=key cascade: 64 ..256 lines, >18 stages (hardware), >8 (software), 1 stage=iteration=P+S
DES = DATA ENCRYPTION STANDARD open text 64 bits L 32 bits (i-1) P 32 bits (i-1) starting transposition iteration 1 Key 56 bits iteration 2 . L(i) XOR f(P(i-1),K(i)) iteration 16 transposition of 32-bit halves final transposition inverse to starting encrypted data 64 bits L 32 bits (i) P 32 bits (i)
DES cont. L 32 bits (i-1) P 32 bits (i-1) 32 bits 32 bits -> 48 bits indirect key XOR K S-box: in 8 x 6 L(i) XOR f(P(i-1),K(i)) S1 S2 S3 S4 S5 S6 S7 S8 S-box: out 8 x 4 P-box indirect key has been obtained by certain transformation of fundamental key of 56 bits. Applied is so-called whitening operation (additional random keys) L 32 bits (i) P 32 bits (i)
TRIPLE DES 2 keys encryption(K1)-decryption(K2)-encryption(K1)
AES= ADAVANCED ENCRYPTION STANDARD Competition Symmetrical key Public project Keys 128, 192, 256-bits Easily implementable (hardware, software) Free-access licence Rijndael (86), Serpent (59), Twofish (31), RC6 (23), MARS (13)
ALGORYITHM WITH PUBLIC KEYS: RSA Choose two prime numbers p i q Find n=p*q and z=(p-1)*(q-1) Find any d relatively prime with z Find any number e such that (e*d) mod z=1 Public key (e,n) Private key (d,n) Encryption of message P decryption of hiden text C
DIGITAL SIGNATURE Receiver can verify the authentity of Sender signature Sender cannot renege of sending the message with this contents Receiver cannot change the obtained message contents Signature based on symmetric keys (certification institution) Signature based on public keys (secret key theft, changing of secret key) Message shortcut (hashing): MD5, SHA-1,
MANAGEMENT OF PUBLIC KEYS Certificates Standard X.509 Infrastructure of public keys: confidence chain, certfication track, confidence anchors, certificate cancel,
SECURITY OF COMMUNICATION IPsec: transport mode, tunel mode, trafic analysis Firewalls, packet filter, application gateway, DoS attack, DDoS Private virtual networks Security in wireless networks: WEP (RC4), Bluetooth (SAFER+)
TRUSTWORTHINESS PROTOCOLS Trustworthiness on the base of shared secret key Setting shared secret key: key exchange Trustworthiness with the use of key distribution center Trustworthiness based on Kerberos Trustworthiness with the use of public keys
SECURITY OF E-MAIL PGP PEM S/MIME
SECURITY OF WWW Emergences Secure names SSL Security of movable code
SOCIAL ASPECTS OF COMPUTER NETWORKS Privacy protection policy Freedom of a word Intelectual property rigths
Thank you for your attention DISCRETE MATHEMATICS Czesław Smutnicki