Introduction to security goals and usage of cryptographic algorithms

Slides:



Advertisements
Similar presentations
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Advertisements

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Introduction to Public Key Cryptography
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Cryptography, Authentication and Digital Signatures
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Lecture 2: Introduction to Cryptography
Intro to Cryptography Lesson Introduction
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Cryptography – Test Review
CS/ECE 578 Cyber-Security Dr. Attila Altay Yavuz
Cryptography: an overview
Cryptography: an overview
Basics of Cryptography
CIT 380: Securing Computer Systems
ISA 400 Management of Information Security
IT443 – Network Security Administration Instructor: Bo Sheng
Computer Communication & Networks
Vocabulary Big Data - “Big data is a broad term for datasets so large or complex that traditional data processing applications are inadequate.” Moore’s.
Privacy & Security.
Cryptography Reference: Network Security
Cryptography Reference: Network Security
Cryptographic Hash Function
e-Health Platform End 2 End encryption
Encryption. Encryption Basics • Plaintext - the original message ABCDEFG • Ciphertext - the coded message DFDFSDFSD • Cipher - algorithm for.
CSCE 715: Network Systems Security
Public-key Cryptography
Encryption
Basic Network Encryption
Cryptography.
Presented by: Dr. Munam Ali Shah
NET 311 Information Security
Campbell R. Harvey Duke University and NBER
Security through Encryption
CS/ECE 478 Network Security Dr. Attila Altay Yavuz
Campbell R. Harvey Duke University and NBER
The Secure Sockets Layer (SSL) Protocol
Cryptography: an overview
Chapter 4 Cryptography / Encryption
Cryptography a Presentation Prepared by Vytautas Kondratas.
Cryptography Reference: Network Security
Lecture 10: Network Security.
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Chapter 29 Cryptography and Network Security
Basic Network Encryption
Basic of Modern Cryptography
Security: Integrity, Authentication, Non-repudiation
Basics Of Symmetric Encryption
Introduction to Cryptography
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
How to Use Charm Crypto Lib
Presentation transcript:

Introduction to security goals and usage of cryptographic algorithms By Jyh-haw Yeh

Security Goals Privacy: hiding confidential information. Data integrity: ensure data is origin and not forged. Authentication: ensure who you “talk” to is really the person he/she claimed. Authorization: authorize who should access what objects with what access privileges (read, write, execute, access right delegation, etc). Availability: services/resources are available at the time users make requests.

Cryptographic Algorithms and Usage Encryption: E(message) = cipher; D(cipher) = Message Symmetric (secret) key algorithm: both parties share a secret key Both Alice and Bob share a secret key Alice uses the key to encrypt the message and sends the cipher to Bob Bob uses the same secret key to decrypt the message Asymmetric (public key) key algorithm: both parties have their own (public, private) key pair Both Alice and Bob have a (public, private) key pair Alice uses Bob’s public key to encrypt a message and send the cipher to Bob Bob can use his own private key to decrypt the message Question: What security goal(s) can be achieved?

Cryptographic Algorithms and Usage Keyed Hash: H(key|message) = digest Many to one mapping One-way function (not reversible) Change a bit in the input, then the output will be very different Given a message, hard to find a message with the same digest Hard to find two messages with the same digest Communication scenario, assume Alice and Bob share a secret key K Alice computes H(K|message) = digest Alice sends both the message and the digest to Bob Team discussion: If Bob would like to ensure the message he received is original and not forged, what actions he needs to do? Question: What security goal(s) can be achieved?

Cryptographic Algorithms and Usage Signature: usually use asymmetric key algorithm to sign a message. Alice uses her private key to sign a message and everybody can use Alice’s public key to recover the message from the signature. Not knowing someone’s private key, you can not forge his/her signatures Communication scenario Alice uses her private key to sign a message Alice sends the message along with her signature to Bob Team discussion: What actions Bob needs to do to verify Alice’s signature? What security goal(s) can be achieved?

Cryptographic Algorithms and Usage Challenge and response: Alice and Bob share a secret key K in advance. Alice sends a message {I’m Alice} to Bob. Bob sends a challenge {E(1234, K)} to Alice. Alice sends the response {1234} and her own challenge {E(9876, K)} to Bob. Bob sends the response {9876} to Alice. What security goal(s) can be achieved?

Cryptographic Algorithms and Usage For challenge & response, Try to describe the C&R back-and-forth messages between Alice and Bob if using a public key cryptographic algorithm, assuming both Alice and Bob know each other’s public key? Try to describe the C&R back-and-forth messages between Alice and Bob if using a cryptographic hash algorithm, assuming Alice and Bob share a secret key?

Security principles Question: using appropriate cryptographic algorithms in applications to achieve security goals without having to know the details of how these algorithms implemented, which security principle(s) applies to this crypto-algorithm usage?

Legendary Cipher: Pigpen Code

Legendary Cipher: Pigpen Code Well-known “encryption” algorithm without secret key. Not cryptographically strong! What’s the pigpen code for “goodfeel”? Activity: form teams with only two members each team. Send a short cipher to your teammate for decryption (decipher).

Legendary Cipher: Caesar Cipher (A Substitution Cipher) Rot1 to Rot25 for the lower case alphabets. For example, in Rot 2, a -> c, b->d, c->e …y->a, z->b. Well-known encryption algorithm with a secret key. Not cryptographically strong! Question: what is the encryption key? Question: what is the Rot2 cipher for “goodfeel”? Activity: Agree with a secret key with your teammate (1-25). Send a short cipher to your teammate for decryption (decipher)

Legendary Cipher: Random Cipher Agree with your teammate a random one-time pad first. For example, a random permutation of the lower case alphabets. The encryption/decryption algorithm: mapping each char to the corresponding char in the permutation. For example Question: what is the encryption key? Question: Not secure, why not? a b c d e f g …. y z p l r k m v h

Secure Random Cipher The random cipher can be cryptographically secure if It is a bit-wise one-time pad and Two parties are able to securely agree on the one-time pad with enough length

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.