Asymmetric Cryptography

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Symmetric Message Authentication Codes Prof. Ravi Sandhu.
Asymmetric Digital Signatures And Key Exchange Prof. Ravi Sandhu.
Asymmetric Encryption Prof. Ravi Sandhu. 2 © Ravi Sandhu PUBLIC KEY ENCRYPTION Encryption Algorithm E Decryption Algorithm D Plain- text Plain- text Ciphertext.
Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Public Key Cryptography
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Public Key Model 8. Cryptography part 2.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
Problems with symmetric (private-key) encryption 1) secure distribution of keys 2) large number of keys Solution to both problems: Public-key (asymmetric)
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Chapter 21 Public-Key Cryptography and Message Authentication.
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
CS461/ECE422 Spring 2012 Nikita Borisov — UIUC1.  Text Chapters 2 and 21  Handbook of Applied Cryptography, Chapter 8 
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
1 ISA 562 Information Security Theory & Practice Public Key Cryptosystem Chapter 9 of Bishop ’ s Book.
Computer Security Lecture 5 Ch.9 Public-Key Cryptography And RSA Prepared by Dr. Lamiaa Elshenawy.
Lecture 3 (Chapter 9) Public-Key Cryptography and RSA Prepared by Dr. Lamiaa M. Elshenawy 1.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
@Yuan Xue 285: Network Security CS 285 Network Security Digital Signature Yuan Xue Fall 2012.
최신정보보호기술 경일대학교 사이버보안학과 김 현성.
Reviews Rocky K. C. Chang 20 April 2007.
Public Key Encryption.
Asymmetric-Key Cryptography
Symmetric Cryptography
Key Exchange References: Applied Cryptography, Bruce Schneier
Cryptography Why Cryptography Symmetric Encryption
Asymmetric Cryptography
Public Key Encryption and Digital Signatures
Security.
RSA and El Gamal Cryptosystems
Public-key Cryptography
Cryptography.
Digital Signatures Last Updated: Oct 14, 2017.
Cryptography Basics and Symmetric Cryptography
Cryptography in .Net CS 795.
Authentication by Passwords
Real-world Security of Public Key Crypto
Challenge-Response Authentication
Public-key encryption
Security.
Cryptography: Basics (2)
Public-Key Cryptography and Message Authentication
Key Management Network Systems Security
NET 311 Information Security
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Challenge-Response Authentication
Chapter 3 - Public-Key Cryptography & Authentication
Chapter 29 Cryptography and Network Security
PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9
Introduction to Cryptography
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Security: Public Key Cryptography
The RSA Public-Key Encryption Algorithm
Diffie-Hellman Algorithm
LAB 3: Digital Signature
Presentation transcript:

Asymmetric Cryptography CS 5323 Asymmetric Cryptography Prof. Ravi Sandhu Executive Director and Endowed Chair Lecture 3 ravi.utsa@gmail.com www.profsandhu.com © Ravi Sandhu World-Leading Research with Real-World Impact!

Asymmetric Encryption © Ravi Sandhu World-Leading Research with Real-World Impact!

Public-Key Encryption INSECURE CHANNEL Plain- text Plain- text Ciphertext Encryption Algorithm E Decryption Algorithm D A B B's Public Key B's Private Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 3

Symmetric-Key Encryption INSECURE CHANNEL Plain- text Plain- text Ciphertext Encryption Algorithm E Decryption Algorithm D A B Symmetric Key shared by A and B K K SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 4

Public-Key Encryption reduces the key distribution problem to a secure channel for authentic communication of public keys requires authentic dissemination of 1 public key/party scales well for large-scale systems with N parties we need to generate and distribute N public keys © Ravi Sandhu World-Leading Research with Real-World Impact! 5

Known Public-Key Attack confidentiality based on infeasibility of computing B's private key from B's public key key sizes are large (2048 bits and above) to make this computation infeasible © Ravi Sandhu World-Leading Research with Real-World Impact! 6

Speed public key runs 1000 times slower than symmetric key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times Use public keys to distribute symmetric keys, use symmetric keys to protect data © Ravi Sandhu World-Leading Research with Real-World Impact! 7

RSA Cryptosystem public key is (n,e) private key is d encrypt: C = Me mod n decrypt: M = Cd mod n X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 8

This naive use of RSA is not secure but will suffice for our purposes RSA Cryptosystem public key is (n,e) private key is d encrypt: C = Me mod n decrypt: M = Cd mod n This naive use of RSA is not secure but will suffice for our purposes X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 9

RSA Key Generation choose 2 large prime numbers p and q compute n = p * q pick e relatively prime to (p-1)*(q-1) compute d, e*d = 1 mod (p-1)*(q-1) publish (n,e) keep d private (and discard p, q) X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 10

RSA Key Protection compute d, e*d = 1 mod (p-1)*(q-1) if factorization of n into p*q is known, this is easy to do security of RSA is no better than the difficulty of factoring n into p, q X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 11

Asymmetric Digital Signatures © Ravi Sandhu World-Leading Research with Real-World Impact!

Public-Key Digital Signature INSECURE CHANNEL Plain- text Plaintext + Signature Yes/No Signature Algorithm S Verification Algorithm V A B A's Private Key A's Public Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 13

Compare Public-Key Encryption INSECURE CHANNEL Plain- text Plain- text Ciphertext Encryption Algorithm E Decryption Algorithm D A B B's Public Key B's Private Key SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 14

Compare Symmetric Key MAC INSECURE CHANNEL Plaintext + MAC Plain- text Yes/No MAC Algorithm M Verification Algorithm V A B K K SECURE CHANNEL Confidentiality Integrity © Ravi Sandhu World-Leading Research with Real-World Impact! 15

Digital Signatures in RSA RSA has a unique property, not shared by other public key systems Encryption and decryption commute (Me mod n)d mod n = M encryption (Md mod n)e mod n = M signature Same public key can be use for encryption and signature But not recommended X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 16

Message Digest World-Leading Research with Real-World Impact! © Ravi Sandhu World-Leading Research with Real-World Impact!

Encryption Speed Revisited public key runs 1000 times slower than symmetric key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times Use public keys to distribute symmetric keys, use symmetric keys to protect data © Ravi Sandhu World-Leading Research with Real-World Impact! 18

Digital Signature Speed public key runs 1000 times slower than symmetric key think 2g versus 4g on smartphone This large difference in speed is likely to remain Maybe reduce to 100 times Sign the message digest (or hash) not the message © Ravi Sandhu World-Leading Research with Real-World Impact! 19

no practical limit to size message digest algorithm Message Digest (Hash) M=H-1(m) original message no practical limit to size M message digest algorithm H message digest 256 bit m easy hard m=H(M) © Ravi Sandhu World-Leading Research with Real-World Impact! 20

Desired Characteristics weak hash function difficult to find M' such that H(M')=H(M) given M, m=H(M) try messages at random to find M’ with H(M’)=m 2k trials on average, k=128 to be safe © Ravi Sandhu World-Leading Research with Real-World Impact! 21

Desired Characteristics strong hash function difficult to find any two M and M' such that H(M')=H(M) try pairs of messages at random to find M and M’ such that H(M’)=H(M) 2k/2 trials on average, k=256 to be safe Birthday paradox © Ravi Sandhu World-Leading Research with Real-World Impact! 22

Message Authentication Code Symmetric Encryption Based CBC-MAC MAC has same size as block size of underlying cryptosystem CCM mode Provides confidentiality and integrity Message-Digest Based HMAC Hash the message and a symmetric key MAC has same size as underlying hash function or can truncate Revisiting after discussing message digests © Ravi Sandhu World-Leading Research with Real-World Impact! 23

Asymmetric Key Exchange © Ravi Sandhu World-Leading Research with Real-World Impact!

Diffie-Hellman Key Agreement yA=axA mod p public key yB=axB mod p public key A B private key xA private key xB k = yBxA mod p = yAxB mod p = axA*xB mod p system constants: p: prime number, a: integer X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 25

Diffie-Hellman Key Agreement security depends on difficulty of computing x given y=ax mod p called the discrete logarithm problem X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 26

Public keys need to be authenticated Diffie-Hellman Man-in-the-Middle Attack A B C Public keys need to be authenticated X Not covered in lecture © Ravi Sandhu World-Leading Research with Real-World Impact! 27