Kriptografija sa asimetričnim ključem

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Web Security for Network and System Administrators1 Chapter 4 Encryption.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Lecture 23 Symmetric Encryption
Public Key Algorithms 4/17/2017 M. Chatterjee.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.
1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Andreas Steffen, , 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Private Key Algorithms RSA SSL
Chapter 20 Symmetric Encryption and Message Confidentiality.
1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS CIS 5357 Network Security.
Midterm Review Cryptography & Network Security
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:
Darci Miyashiro Math 480 April 29, 2013
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Cryptography & Network Security : Topic Seminar Description & Analysis Madhava.N 1RV06SCN05 2 nd Semester M.Tech CNE RVCE RSA ALGORITHM.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
Lecture 23 Symmetric Encryption
PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 Principles Applications Requirements RSA Algorithm Description.
CS 4803 Fall 04 Public Key Algorithms. Modular Arithmetic n Public key algorithms are based on modular arithmetic. n Modular addition. n Modular multiplication.
Introduction to Pubic Key Encryption CSCI 5857: Encoding and Encryption.
최신정보보호기술 경일대학교 사이버보안학과 김 현성.
Reviews Rocky K. C. Chang 20 April 2007.
Public Key Cryptosystem
Asymmetric-Key Cryptography
Privacy & Security.
Public Key Encryption Systems
What is network security?
Public Key Encryption and Digital Signatures
Public-Key Cryptography and RSA
RSA and El Gamal Cryptosystems
Public-key Cryptography
Public Key Encryption and the RSA Algorithm
Basic Network Encryption
Private Key Algorithms Key Exchange Protocols SSL
Real-world Security of Public Key Crypto
مروري برالگوريتمهاي رمز متقارن(كليد پنهان)
Asymmetric Cryptography
PART VII Security.
NET 311 Information Security
ADVANCED ENCRYPTION STANDARDADVANCED ENCRYPTION STANDARD
Appendix 5: Cryptography p
MSIT 543 Cryptography Concepts and Techniques How RSA Encryption Works
NET 311 Information Security
Public-Key, Digital Signatures, Management, Security
Basic Network Encryption
PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9
Introduction to Cryptography
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Modern Cryptography.
Public Key Encryption Systems
Secure Diffie-Hellman Algorithm
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Presentation transcript:

Kriptografija sa asimetričnim ključem Jelena Ignjatović Symmetric Key Cryptography – Block Ciphers • Common block and key sizes • Electronic code book mode (ECB) • Cipher block chaining mode (CBC) Block Ciphers – Present and Future Standards • Some popular block ciphers (DES, 3DES, IDEA, CAST, Blowfish, RC2, RC5) • Digital Encryption Standard (DES) – rounds of confusion and diffusion • Feistel networks • Triple DES • Advanced Encryption Standard (AES) • AES finalists (MARS, RC6, Twofish, Serpent, Rijndael) Symmetric Key Cryptography – Stream Ciphers • Linear feedback shift registers (LFSRs) • RC4 • Output feedback mode (OFB) – block ciphers used as stream ciphers • Counter mode (CTR) – block ciphers used as streams ciphers Coverage by the textbook "Network Security" • Chapter 3 – Secret Key Cryptography, pp. 59…94 • Chapter 4 – Modes of Operation, pp. 95…115

Asimetrični-ključ (javni ključ) šifrovanja Osnovna ideja: Korisnik ima dva ključa: javni ključ i privatni ključ. Poruka može da bude šifrovana javnim ključem i dešifrovana privatnim ključem koji bi obezbedio sigurnost. Poruka može da bude šifrovana privatnim ključem i dešifrovana javnim ključem koji bi obezbedio autentičnost.

Problem distribucije ključeva u gustim mrežama U gusto-razgranatim mrežama u kojima dosta članova komunicira među sobom, zahteva se određeni broj tajnih ključeva u šifrovanju. Kompleksnost algoritama raste kvadratno sa porastom broja učesnika obzirom da u potpuno-zatvorenoj, razgranatoj mreži svakom od n komunikacinih partnera mora da bude sigurno isporučeno (n-1) ključeva.

• Uzmimo primer široke komunikacione mreže sa 100 potpuno-razgranatih čvorova gde se ključ svake sesije menja svakog sata što rezultuje zahtevom da se distribuira oko 240.000 ključeva svaki dan. • Kao što se može videti, distribucija tajnih ključeva se slabo menja sa porastom broja učesnika. Zato su dugo vremena ljudi tražili neku altrnativu za uspostavljanje sigurnih veza. Efikasno rešenje je najzad pronađeno 1976 sa novim konceptom kriptosistema sa javnim ključem.

Problem sigurne distribucije ključeva KAB, KAC, KAD, KAE, KAF KAC, KBC, KCD, KCE, KCF KAB, KBC, KBD, KBE, KBF KAF, KBF, KCF, KDF, KEF KAE, KBE, KCE, KDE, KEF KAD, KBD, KCD, KDE, KDF Alice Bob Carol Dave Edna Fred Key Distribution Problem in Dense Networks • In densely-meshed networks where many parties communicate with each other, the required number of secret keys necessary when using symmetric encryption algorithms increases quadratically with the number of participants since in a fully-meshed network to each of the n communication partners (n-1) keys must be securely delivered. • Take as an example a broadband communications network with 100 fully-meshed nodes were each session key is changed every hour, resulting in a requirement to safely distribute about 240‘000 keys each day. • As can easily be seen, secret key distribution scales very badly with an increasing number of participants. Therefore for a long time people had been looking for alternative ways of establishing secure connections. A very efficient solution was finally found in 1976 with the novel concept of a Public Key Cryptosystem. Sigurna distribucija n2 ključeva Ključevi se moraju razmenjivati na siguran način

Sistem distribucije javnog ključa KA KB KC KD KE Alice Bob Carol Dave Edna Fred javna distribucija n ključeva Ključ se može poslati putem interneta Javni direktorijum Alice : KA Bob : KB Carol : KC Dave : KD Edna : KE Fred : KF Public Key Distribution System • In a Public Key Cryptosystem each user or host possesses a single key pair consisting of a private key which is kept secret by the no and a matching public key which is published in a public directory (usually an LDAP or WWW server). • If a user Alice wants to send an encrypted message to user Bob then Alice encrypts her message with Bob‘s public key KB fetched from the public directory and sends it to Bob. Since Bob is the only one in possession of the matching private key, he alone can decrypt the encrypted message sent to him. • Since only the public key of the recipient is required, with n users only n distinct keys are required. Under the assumption that each user generates her own public/ private key pair locally, no secure channels are required for the distribution of the public keys, since the don‘t contain any secret and must be put into the public domain anyway.

Kriptografija sa javnim ključem pronalazači Whitfield Diffie i Martin Hellman 1976 Ralph Merkle 1978 Alice Bob PUBKB PRIVKB C = fPUBKB(P) Šifrovanje jednosmernom funkcijom P = f-1PRIVKB(C) Joe P = f-1PUBKB(C) Računanje inverzne funkcije je ekstremno skupo Inventors of Public Key Cryptography • The concept of a Public Key Cryptosystem was invented at around the same time by Whitfield Diffie, Martin Hellman and Ralph Merkle. Whereas the first two researchers published their invention in 1976 and got all the fame, Ralph Merkle had the misfortune that the printing of his paper got delayed by more than a year so that it got published not until 1978. Today it is generally recognized that all three scientists are the fathers of public key cryptography. • Recently it became known that already in 1970, James Ellis, at the time working for the British government as a member of the Communications-Electronics Security Group (CESG), formulated the idea of a Public Key Cryptosystem. Several practical algorithms including one variant very similar to RSA and another one identical to the Diffie-Hellman key exchange were discovered within the CESG. Unfortunately the British researchers were not allowed to publish their results due to state security reasons. Basic Principles of Public Key Cryptography • All public key cryptosystems are based on the notion of a one-way function, which, depending on the public key, converts plaintext into ciphertext using a relatively small amount of computing power but whose inverse function is extremely expensive to compute, so that an attacker is not able to derive the original plaintext from the transmitted ciphertext within a reasonable time frame. • Another notion used in public key cryptosystems is that of a trap door which each one-way function possesses and which can only be activated by the legitimate user holding the private key. Using the trapdoor, decryption of the ciphertext becomes easy. • Many public key cryptosystems are based on known hard problems like the factoring of large numbers into their prime factors (RSA) or taking discrete logarithms over a finite field (Diffie-Hellman). Jednosmerne funkcije se obično zasnivaju na dobro poznatim teškim matematičkim problemima Faktorizacije Diskretni logaritamski problem

RSA kriptosistem sa javnim ključem Razvili su ga 1978 Rivest, Shamir and Adleman (RSA) Ovo je najpopularniji kriptosistem sa javnim ključem Zasniva se na matematičkom problemu „faktorizacije celih brojeva“ 143 = 11*13

RSA kriptosistem sa javnim ključem Algoritam za generisanje ključa Korak 1: Slučajno biramo dva velika prosta broja p i q Za maksimalnu sigurnost, biramo p i q približno jednake dužine, od 512-1024 bitova svaki. Korak 2: Računamo proizvod n = p·q Korak 3: Slučajno biramo broj e < (p-1)(q-1) Brojevi e i (p-1)(q-1) moraju biti uzajamno prosti, tj. Ne smeju da imaju zajedničke proste faktore. Korak 4: Računamo jedinstveni inverz d = e-1 mod (p-1)(q-1) Jednakost d·e mod (p-1)(q-1) = 1 može se rešiti korišćenjem Euklidovog algoritma.

RSA kriptosistem Primer generisanja ključa p = 3, q = 11: n = p·q = 33 (p-1)·(q-1) = 2 · 10 = 2 · 2 · 5 = 20 Javni eksponent e mora biti uzajamno prost sa (p-1)·(q-1) , tj. on ne može imati 2 i 5 kao faktore. e d e·d e·d mod 20 3 7 21 1 7 3 21 1 9 9 81 1 11 11 121 1 13 17 221 1 17 13 221 1 19 19 361 1 Svi mogući izbori eksponenata e i d

RSA kriptosistem Javni i privatni ključevi Javni ključ: moduo n i javni eksponent e n i e se objavljuju u javnom direktorijumu, Privatni ključ: moduo n i privatni eksponent d Privatni eksponent d je tvoj tajni ključ. On može biti zaštićen ili skladištenjem na čip kartici ili na disku uz šifrovanje simetričnom šifrom po tvom izboru. Veliki prosti brojevi p i q koji su korišćeni za generisanje ključa više nisu potrebni i mogu biti izbrisani.

RSA kriptosistem Šifrovanje i dešifrovanje Šifrovanje bloka x otvorenog teksta: y = xe mod n Pošiljalac koristi javni ključ primaoca da šifruje x < n. Dešifrovanje bloka y šifrata: x = yd mod n Primalac koristi privatni ključ da otkrije blok x otvorenog teksta. Bez dokaza: yd = (xe)d = xe·d = xm·(p-1)·(q-1) + 1 = x1 = x (mod n) Šifrovanje i dešifrovanje su simetrične operacije Redosled stepenovanja javnim eksponentom e i privatnim stepenom d može biti promenjen.

Generisanje ključeva

RSA kriptosistem Primer šifrovanja / dešifrovanja Šifrovanje javnim ključem n = 33, e = 3 Binarni otvoreni tekst 0101001001001011010011 ... Groupe od 5 Bitova 01010 01001 00101 10100 ... Decimalni plaintext 10 9 5 20 y = x3 1000 729 125 8000 y = x3 mod 33 10 3 26 14 Dešifrovanje privatnim ključem n = 33, d = 7 Decimalni hipertext 10 3 26 14 x = y7 107 2187 267 147 x = y7 mod 33 10 9 5 20

RSA–576 izazova Pokušaj (napor) 576 bitni broj (174 decimalne cifre) Faktorisan 3. decembra 2003. posle 3 meseca rešavanja. Linux Cluster: 144 PCs with 400 MHz Pentium II procesori. Urađeno na Universitetu u Bonu, postprerađeno uz podršku BSIa. 18819881292060796383869723946165043980716356 33794173827007633564229888597152346654853190 60606504743045317388011303396716199692321205 734031879550656996221305168759307650257059 = ? = 39807508642406493739712550055038649119906436 2342526708406385189575946388957261768583317 * 47277214610743530253622307197304822463291469 5302097116459852171130520711256363590397527

Šifrovanje RSA javnim ključem Cena: $200,000 Status: Nije faktorisan Decimalne cifre : 617 25195908475657893494027183240048398571429282126204 03202777713783604366202070759555626401852588078440 69182906412495150821892985591491761845028084891200 72844992687392807287776735971418347270261896375014 97182469116507761337985909570009733045974880842840 17974291006424586918171951187461215151726546322822 16869987549182422433637259085141865462043576798423 38718477444792073993423658482382428119816381501067 48104516603773060562016196762561338441436038339044 14952634432190114657544454178424020924616515723350 77870774981712577246796292638635637328991215483143 81678998850404453640235273819513786365643912120103 97122822120720357 Suma decimalnih cifara: 2738 Broj izazova Cena ($US) Status Datum prijave Podnosilac RSA-576 $10,000 faktorisano December 3, 2003 J. Franke et al. RSA-640 $20,000 Nije faktorisano   RSA-704 $30,000 RSA-768 $50,000 RSA-896 $75,000 RSA-1024 $100,000 RSA-1536 $150,000 RSA-2048 $200,000 Not Factored

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.