Asymmetric Cryptography

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

DIGITAL CERTIFICATES Prof. Ravi Sandhu. 2 © Ravi Sandhu PUBLIC-KEY CERTIFICATES reliable distribution of public-keys public-key encryption sender needs.
Asymmetric Digital Signatures And Key Exchange Prof. Ravi Sandhu.
Asymmetric Encryption Prof. Ravi Sandhu. 2 © Ravi Sandhu PUBLIC KEY ENCRYPTION Encryption Algorithm E Decryption Algorithm D Plain- text Plain- text Ciphertext.
PKI Introduction Ravi Sandhu 2 © Ravi Sandhu 2002 CRYPTOGRAPHIC TECHNOLOGY PROS AND CONS SECRET KEY SYMMETRIC KEY Faster Not scalable No digital signatures.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 ISA 562 Information Systems Theory and Practice 10. Digital Certificates.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Computer Science Public Key Management Lecture 5.
Public Key Model 8. Cryptography part 2.
Chapter 31 Network Security
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Information Security Fundamentals Major Information Security Problems and Solutions Department of Computer Science Southern Illinois University Edwardsville.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
ECE Prof. John A. Copeland fax Office: GCATT Bldg.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
@Yuan Xue 285: Network Security CS 285 Network Security Digital Signature Yuan Xue Fall 2012.
Reviews Rocky K. C. Chang 20 April 2007.
Security Outline Encryption Algorithms Authentication Protocols
Asymmetric-Key Cryptography
Symmetric Cryptography
Key Exchange References: Applied Cryptography, Bruce Schneier
Public-Key Cryptography and Message Authentication
Cryptography Why Cryptography Symmetric Encryption
Cryptography and Network Security
Information Security message M one-way hash fingerprint f = H(M)
B. R. Chandavarkar CSE Dept., NITK Surathkal
Public Key Encryption and Digital Signatures
Cryptography and Security Technologies
Cryptography.
IS3230 Access Security Unit 9 PKI and Encryption
Information Security message M one-way hash fingerprint f = H(M)
Information Security message M one-way hash fingerprint f = H(M)
Digital Signatures Last Updated: Oct 14, 2017.
Cryptography Basics and Symmetric Cryptography
Challenge-Response Authentication
Asymmetric Cryptography
Public-Key Certificates
Secure Electronic Transaction (SET) University of Windsor
Information Security message M one-way hash fingerprint f = H(M)
Security.
Digital Certificates and X.509
Public-Key Cryptography and Message Authentication
The Secure Sockets Layer (SSL) Protocol
Authentication and Authorization Federation
Key Management Network Systems Security
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Public-Key, Digital Signatures, Management, Security
Challenge-Response Authentication
Chapter 3 - Public-Key Cryptography & Authentication
Chapter 29 Cryptography and Network Security
Introduction to Cryptography
Security: Public Key Cryptography
Diffie-Hellman Algorithm
LAB 3: Digital Signature
Presentation transcript:

Asymmetric Cryptography CS 5323 Asymmetric Cryptography Prof. Ravi Sandhu Executive Director and Endowed Chair Lecture 8 ravi.utsa@gmail.com www.profsandhu.com © Ravi Sandhu World-Leading Research with Real-World Impact!

Asymmetric Encryption © Ravi Sandhu World-Leading Research with Real-World Impact!

Public-Key Encryption INSECURE CHANNEL Plain- text Plain- text Ciphertext Encryption Algorithm E Decryption Algorithm D A B B's Public Key B's Private Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 3

Secret-Key Encryption INSECURE CHANNEL Plain- text Plain- text Ciphertext Encryption Algorithm E Decryption Algorithm D A B Secret Key shared by A and B K K SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 4

Public-Key Encryption reduces the key distribution problem to a secure channel for authentic communication of public keys requires authentic dissemination of 1 public key/party scales well for large-scale systems with N parties we need to generate and distribute N public keys © Ravi Sandhu World-Leading Research with Real-World Impact! 5

Known Public-Key Attack confidentiality based on infeasibility of computing B's private key from B's public key key sizes are large (2048 bits and above) to make this computation infeasible © Ravi Sandhu World-Leading Research with Real-World Impact! 6

Speed public key runs 1000 times slower than secret key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times Use public keys to distribute secret keys, use secret keys to protect data © Ravi Sandhu World-Leading Research with Real-World Impact! 7

RSA Cryptosystem public key is (n,e) private key is d encrypt: C = Me mod n decrypt: M = Cd mod n © Ravi Sandhu World-Leading Research with Real-World Impact! 8

This naïve use of RSA is not secure but will suffice for our purposes RSA Cryptosystem public key is (n,e) private key is d encrypt: C = Me mod n decrypt: M = Cd mod n This naïve use of RSA is not secure but will suffice for our purposes © Ravi Sandhu World-Leading Research with Real-World Impact! 9

RSA Key Generation choose 2 large prime numbers p and q compute n = p * q pick e relatively prime to (p-1)*(q-1) compute d, e*d = 1 mod (p-1)*(q-1) publish (n,e) keep d private (and discard p, q) © Ravi Sandhu World-Leading Research with Real-World Impact! 10

RSA Key Protection compute d, e*d = 1 mod (p-1)*(q-1) if factorization of n into p*q is known, this is easy to do security of RSA is no better than the difficulty of factoring n into p, q © Ravi Sandhu World-Leading Research with Real-World Impact! 11

Asymmetric Digital Signatures © Ravi Sandhu World-Leading Research with Real-World Impact!

Public-Key Digital Signature INSECURE CHANNEL Plain- text Plaintext + Signature Yes/No Signature Algorithm S Verification Algorithm V A B A's Private Key A's Public Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 13

Compare Public-Key Encryption INSECURE CHANNEL Plain- text Plain- text Ciphertext Encryption Algorithm E Decryption Algorithm D A B B's Public Key B's Private Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 14

Compare Symmetric Key MAC INSECURE CHANNEL Plaintext + MAC Plain- text Yes/No MAC Algorithm M Verification Algorithm V A B K K © Ravi Sandhu World-Leading Research with Real-World Impact! 15

Digital Signatures in RSA RSA has a unique property, not shared by other public key systems Encryption and decryption commute (Me mod n)d mod n = M encryption (Md mod n)e mod n = M signature Same public key can be use for encryption and signature But not recommended © Ravi Sandhu World-Leading Research with Real-World Impact! 16

Message Digest World-Leading Research with Real-World Impact! © Ravi Sandhu World-Leading Research with Real-World Impact!

Encryption Speed Revisited public key runs 1000 times slower than secret key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times Use public keys to distribute secret keys, use secret keys to protect data © Ravi Sandhu World-Leading Research with Real-World Impact! 18

Digital Signature Speed public key runs 1000 times slower than secret key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times Sign the message digest (or hash) not the message © Ravi Sandhu World-Leading Research with Real-World Impact! 19

no practical limit to size message digest algorithm Message Digest (Hash) M=H-1(m) original message no practical limit to size M message digest algorithm H message digest 256 bit m easy hard m=H(M) © Ravi Sandhu World-Leading Research with Real-World Impact! 20

Desired Characteristics weak hash function difficult to find M' such that H(M')=H(M) given M, m=H(M) try messages at random to find M’ with H(M’)=m 2k trials on average, k=128 to be safe © Ravi Sandhu World-Leading Research with Real-World Impact! 21

Desired Characteristics strong hash function difficult to find any two M and M' such that H(M')=H(M) try pairs of messages at random to find M and M’ such that H(M’)=H(M) 2k/2 trials on average, k=256 to be safe Birthday paradox © Ravi Sandhu World-Leading Research with Real-World Impact! 22

Message Authentication Code Symmetric Encryption Based CBC-MAC MAC has same size as block size of underlying cryptosystem CCM mode Provides confidentiality and integrity Message-Digest Based HMAC Hash the message and a secret key MAC has same size as underlying hash function or can truncate Revisiting after discussing message digests © Ravi Sandhu World-Leading Research with Real-World Impact! 23

Asymmetric Key Exchange © Ravi Sandhu World-Leading Research with Real-World Impact!

Diffie-Hellman Key Agreement yA=axA mod p public key yB=axB mod p public key A B private key xA private key xB k = yBxA mod p = yAxB mod p = axA*xB mod p system constants: p: prime number, a: integer © Ravi Sandhu World-Leading Research with Real-World Impact! 25

Diffie-Hellman Key Agreement security depends on difficulty of computing x given y=ax mod p called the discrete logarithm problem © Ravi Sandhu World-Leading Research with Real-World Impact! 26

Public keys need to be authenticated Diffie-Hellman Man-in-the-Middle Attack A B C Public keys need to be authenticated © Ravi Sandhu World-Leading Research with Real-World Impact! 27

Public-Key Certificates © Ravi Sandhu World-Leading Research with Real-World Impact!

Public-Key Certificates authenticated distribution of public-keys public-key encryption sender needs public key of receiver public-key digital signatures receiver needs public key of sender public-key key agreement both need each other’s public keys © Ravi Sandhu World-Leading Research with Real-World Impact! 29

ISSUER (Certificate Authority) SUBJECT PUBLIC KEY INFO X.509v1 Certificate VERSION SERIAL NUMBER SIGNATURE ALGORITHM ISSUER (Certificate Authority) VALIDITY SUBJECT SUBJECT PUBLIC KEY INFO SIGNATURE © Ravi Sandhu World-Leading Research with Real-World Impact! 30

X.509v1 Certificate 1 1234567891011121314 RSA+SHA-3, 2048 C=US, S=TX, O=UTSA, OU=CS 1/1/17-12/31/18 C=US, S=TX, O=UTSA, OU=CS, CN=Ravi Sandhu RSA, 2048, xxxxxxxxxxxxxxxxxxxxxxxxx SIGNATURE © Ravi Sandhu World-Leading Research with Real-World Impact! 31

Certificate Trust how to acquire public key of the issuer to verify signature whether or not to trust certificates signed by the issuer for this subject prefix rule is not universally applicable © Ravi Sandhu World-Leading Research with Real-World Impact! 32

X.509v1 Certificate 1 1234567891011121314 RSA+SHA-3, 2048 C=US, S=VA, O=GMU, OU=ISE 1/1/17-12/31/18 C=US, S=TX, O=UTSA, OU=CS, CN=Ravi Sandhu RSA, 2048, xxxxxxxxxxxxxxxxxxxxxxxxx SIGNATURE © Ravi Sandhu World-Leading Research with Real-World Impact! 33

SET CA Hierarchy Root Brand Brand Brand Geo-Political Bank Acquirer Customer Merchant © Ravi Sandhu World-Leading Research with Real-World Impact! 34

Certificate Revocation Lists (CRLs) SIGNATURE ALGORITHM ISSUER LAST UPDATE NEXT UPDATE REVOKED CERTIFICATES SIGNATURE SERIAL NUMBER REVOCATION DATE © Ravi Sandhu World-Leading Research with Real-World Impact! 35

X.509 Certificates X.509v1 X.509v2 X.509v3 very basic adds unique identifiers to prevent against reuse of X.500 names X.509v3 adds many extensions can be further extended © Ravi Sandhu World-Leading Research with Real-World Impact! 36

X.509v3 Innovations distinguish various certificates signature, encryption, key-agreement identification info in addition to X.500 name internet names: email addresses, host names, URLs issuer can state policy and usage ok for casual email but not for signing checks extensible proprietary extensions can be defined and registered attribute certificates to enable attribute-based authorization © Ravi Sandhu World-Leading Research with Real-World Impact! 37

X.509v2 CRL Innovations CRL distribution points indirect CRLs delta CRLs revocation reason push CRLs © Ravi Sandhu World-Leading Research with Real-World Impact! 38

General Hierarchical Structure Z X Y Q R S T A C E G I K M O a b c d e f g h i j k l m n o p © Ravi Sandhu World-Leading Research with Real-World Impact!

General Hierarchical Structure with Added Links Z X Y Q R S T A C E G I K M O a b c d e f g h i j k l m n o p © Ravi Sandhu World-Leading Research with Real-World Impact!

Top-Down Hierarchical Structure Z X Y Q R S T A C E G I K M O a b c d e f g h i j k l m n o p © Ravi Sandhu World-Leading Research with Real-World Impact!

Forest of Hierarchies World-Leading Research with Real-World Impact! © Ravi Sandhu World-Leading Research with Real-World Impact!

Multiple Root CA’s Plus Intermediate CA’s X S T Q R A C E G I K M O a b c d e f g h i j k l m n o p Model on the web today © Ravi Sandhu World-Leading Research with Real-World Impact!

Certificate Triangle Revisit from L5 on ABAC User (Identity) Attributes Public-keys + Secured secrets Revisit from L5 on ABAC © Ravi Sandhu World-Leading Research with Real-World Impact!