Network Security (contd.)

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Chapter3 Public-Key Cryptography and Message Authentication.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
PULIC –KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Fall 2002CS 395: Computer Security1 Chapter 11: Message Authentication and Hash Functions.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Information Security -- Part II Public-Key Encryption and Hash Functions Frank Yeong-Sung Lin Information Management Department National Taiwan University.
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Computer and Network Security Rabie A. Ramadan Lecture 6.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
Chapter 11 Message Authentication and Hash Functions.
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
1 Public Key Cryptography. 2 Public Key Cryptography Agenda: Message authentication – authentication codes and hash functions Public key encryption –
Public Key Encryption ● Diffie and Hellman – 1976 Famous Paper: New Directions In Cryptography New Directions In Cryptography ● First revolutionary.
Public Key Cryptography
Web Applications Security Cryptography 1
Public Key Encryption.
Basics of Cryptography
Public-Key Cryptography and Message Authentication
Public-Key Cryptography RSA Rivest-Shamir-Adelmann Public-Key System
Cryptographic Hash Function
CSCE 715: Network Systems Security
Public Key Encryption and Digital Signatures
Message Authentication and Hash Functions
Cryptography and Security Technologies
Basic Network Encryption
Presented by: Dr. Munam Ali Shah
ICS 454 Principles of Cryptography
Message Authentication Codes, Hashes and Message Digests
Message Authentication and Hash Functions
Chapter 11 – Message Authentication and Hash Functions
Introduction to Symmetric-key and Public-key Cryptography
Security.
Cryptography: Basics (2)
Message Authentication and Hash Functions
Public-Key Cryptography and Message Authentication
NETW4005 COMPUTER SECURITY - A
ICS 454 Principles of Cryptography
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Public Key Cryptography
Chapter 3 - Public-Key Cryptography & Authentication
Basic Network Encryption
PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9
Introduction to Cryptography
Security: Integrity, Authentication, Non-repudiation
CRYPTOGRAPHY & NETWORK SECURITY
The RSA Public-Key Encryption Algorithm
Chapter 8 roadmap 8.1 What is network security?
Presentation transcript:

Network Security (contd.) Bijendra Jain (bnj@cse.iitd.ernet.in) 1/1/2019 Tutorial on Network Security: Sep 2003

Lecture 3: Public-key cryptography 1/1/2019 Tutorial on Network Security: Sep 2003

Public-key cryptography Public-key cryptography is not necessarily more secure than private-key cryptography Private-key cryptography is not obsolete—it still is exceptionally useful Distribution of keys in public-key cryptography is not trivial-- Public-key cryptography has attempted to address this issue head-on 1/1/2019 Tutorial on Network Security: Sep 2003

Public-key cryptography Public-key cryptography requires the use of two keys: One for encryption A related one for decryption One key is kept private, while the other is made public Can either key be used for encryption, and the other for decryption: YES, for RSA 1/1/2019 Tutorial on Network Security: Sep 2003

Public-key cryptography: confidentiality Used for Confidentiality: 1/1/2019 Tutorial on Network Security: Sep 2003

Public-key cryptography: confidentiality Used for confidentiality: 1/1/2019 Tutorial on Network Security: Sep 2003

Public-key cryptography: authentication Used for authentication: 1/1/2019 Tutorial on Network Security: Sep 2003

Public-key cryptography: authentication Used for authentication: 1/1/2019 Tutorial on Network Security: Sep 2003

Confidentiality and authentication Used for : 1/1/2019 Tutorial on Network Security: Sep 2003

Public-key cryptography Easy for B to generate keys, (private) KRB and (public) KUB Easy for sender A to encrypt C = EKUB (M), given M and KUB Easy for receiver B to decrypt M = DKRB (C), given C and KRB Given KUB it is infeasible for others to determine KRB Given KUB and ciphertext C it is infeasible for others to decipher M (optionally) encryption and decryption can be applied in any order Function E (or D) is “one-way function with trap-door” The inverse of E (or D) is infeasible, unless additional information (trap-door) is available 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 RSA algorithm Approach first suggested by Diffie and Hellman Invented by Rivest, Shamir, Adleman at MIT, first published in 1978 Algorithms are patented Block cipher, where plaintext is < n Permits any key length typically 128 through 1014 is common 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 RSA algorithm Consider n, and blocks of size k bits s.t. 2k < n  2k+1. Encryption and decryption algorithms: C = Me mod n M = Cd mod n = Med mod n where sender knows public key KU = {e, n} receiver knows private key KR = {d, n} For this to be a public-key crypto system: M = Med mod n for some e, d, n for all M < n Easy to calculate Me mod n, and Cd mod n Infeasible to determine d, given e and n 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 RSA algorithm Key generation Select any prime numbers p, q Compute n = p*q Compute phi = (p-1)*(q-1) Select e, such that 1< e < phi, and gcd(phi, e) = 1 Find d such that ed = 1 mod phi Public key KU = {e, n} Private key KR = {d, n} Encryption, decryption algorithms: for any plaintext M < n C = Me (mod n) M = Cd (mod n) Can be shown that M = Cd mod n = Med mod n 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 RSA: example Let p = 7, q = 17 N = p*q = 119 Phi = (p-1)*(q-1) = 96 Select e = 5 (note e is relatively prime to 96, and < 96) Find d =77 (note d*e = 1 mod 96, and d < 96) KU = {5, 119}, KR = {77, 119} Let M = 19 (note M < 119) Encryption step: C = 19**5 = 2476099 mod 119 = 66 Decryption step: M = 66**77 = 127………. mod 119 = 19 1/1/2019 Tutorial on Network Security: Sep 2003

RSA: computational aspects Computing C = Me (mod n) use the following two properties: 1. A * B mod n = (A mod n)*(B mod n) mod n Or, e.g., 195 mod 119 = (192 mod 119) * (193 mod 119) mod 119 2. A**8 = (A**4)**2 = ((A**2)**2)**2 Or, 19**9 = (19**8)*(19**1) = (((19**2)**2)**2)*(19**1) 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 RSA: key generation Selecting two primes: p, q Should be very large Since M < n = p*q Infeasible to calculate factors p, q of n by exhaustive search Finding large primes Pick a large number randomly, and then test Selecting e, relative prime to phi = (p-1)*(q-1) Pick an e, and test for relative primality Extended Euclid’s algorithm computes gcd, and inverse, d 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 RSA: its strength Brute force Factor n to obtain p and q Then calculate phi = (p-1)*(q-1), and then invert e to obtain d “Factor” n to obtain phi Then invert e to obtain d Progress towards meeting challenges Ciphers using RSA with keys of size up to 431 bits have been deciphered Effort involved was only 500 MIPS-years (1 MIPS machine working for 1 year – a 200 MHz Pentium is 50 MIPS) A 2048 bit RSA is expected to require 1014 MIPS-years Today, and for the near future, consider RSA key size of 1024 to 2048 Additionally consider selecting p and q appropriately, such as p and q are of approx. same length, etc. 1/1/2019 Tutorial on Network Security: Sep 2003

RSA: distribution of public keys Public announcements Directory on the web, where data is secured Public-key authority Certificates 1/1/2019 Tutorial on Network Security: Sep 2003

RSA: distribution of public keys Public announcements Public key is “public” User can share his/her public with others Popular with PGP However, one may even send “false” keys 1/1/2019 Tutorial on Network Security: Sep 2003

RSA: distribution of public keys Publicly accessible directory By a trusted and well known “authority” Individual users “register” their public key using some other means Public keys are secure For instance on the web, or printed directory Individual users control, update their public keys, and do so in a secure manner Weaknesses: Break into the authority’s database Alter the key during communication 1/1/2019 Tutorial on Network Security: Sep 2003

RSA: distribution of public keys Public-key authority Very similar to publicly accessible directory Different: user can request/obtain public key in secure manner Initiator A X, PK authority 1. REQ (KUB, T1) 2. ENCKUX(KUB, REQ (KUB, T1)) Initiator B 4. REQ (KUA, T2) 5. ENCKUX(KUA, REQ (KUA, T2)) 3. ENCKUB(IDA, N1) 6. ENCKUA(IDB, N1, N2) 7. ENCKUB(N2) 1/1/2019 Tutorial on Network Security: Sep 2003

RSA: distribution of public keys Public-key certificates Certificates need not be issued each time Sender provides public key with a certificate Receiver checks the certificate, thereby confirms public key A certificate: Anyone can read, determine the owner’s public key Anyone can verify that certificate is signed by authority Only certificate can create certificate Anyone can check “currency” of certificate 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 RSA: Certificates CERTA = ENCPUX (IDA, KUA, TA, DURA) where PUX is public key of certification authority IDA is user ID KUA is public key of A TA is time of issuance of certificate DURA is the duration for which the certificate is valid 1/1/2019 Tutorial on Network Security: Sep 2003

Lecture 4: Message Authentication 1/1/2019 Tutorial on Network Security: Sep 2003

Message authentication Source of Message Protection against masquerading Integrity of message Protection against modification Integrity of sequence of messages Protection against deletion, addition and re-ordering Integrity of timing Protection against delay and replay 1/1/2019 Tutorial on Network Security: Sep 2003

Using private-key encryption Encrypt message using private-key encryption system Basically provides confidentiality Authentication and Integrity check are difficult, but possible Particularly if it is some bit sequence Use an FCS (frame check sequence), as in TCP Integrity of a sequence of TCP messages can also be ensured Does not provide for non-repudiation 1/1/2019 Tutorial on Network Security: Sep 2003

Using public-key encryption Similar, except that it only provides for authentication Again, the transmitted message must have some structure (FCS, for example) 1/1/2019 Tutorial on Network Security: Sep 2003

Message Authentication Codes Integrity check is not difficult any more Based on private-key encryption Transmitted message in (M, MAC) MAC = CK(M) where: C is MAC algorithm, K is the shared key Provides for message integrity, user authentication, but not non-repudiation 1/1/2019 Tutorial on Network Security: Sep 2003

Message Authentication Codes Algorithm C differs: from encryption in that it is NOT reversible From FCS, etc. in that it is not easy to design a new message with same FCS From use of hash functions, in that encryption and “hashing” is simultaneous Algorithm C is more difficult to crack 1/1/2019 Tutorial on Network Security: Sep 2003

Message authentication codes Authentication based on MAC-- superior since it is efficient Authentication based on appending an FCS, then encrypting FCS is a bad idea, anyway Data sent Message || MAC() K Data sent Message E() K || fcs() 1/1/2019 Tutorial on Network Security: Sep 2003

Message authentication: alternatives Data sent Message || H() E() K Data sent Message || H() E() K 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 Digital Signature Data sent Message || H() E() KR 1/1/2019 Tutorial on Network Security: Sep 2003

Message authentication: alternatives Data sent Message || H() Secret K This approach completely does away with encryption Efficient Strength depends completely on how good is the hashing function 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 MAC codes MAC is also known as cryptographic checksum Transmitted message in (M, MAC) MAC = CK(M) where: C is MAC algorithm, MAC is n bit long M is variable length message K is k-bit shared key MAC requirements: Given M, CK(M) it should be computationally infeasible to obtain M’ s.t. MAC = CK(M) = CK(M’) MAC = CK(M) should be uniformly distributed, or for random M, M’ Prob (CK(M) = CK(M’) = 2-n Similarly if M’ is obtained by carrying out simple transformations 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 MAC Codes 64 bit DAA (Data Authentication Algorithm) is based on DES: O1 = EK(D1) O2 = EK(O1 D2) O3 = EK(O2 D3) … ON = EK(ON-1 DN) 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 Hash functions Data sent Message || H() E() KR Requirements of a hash function: Can be applied to block of data of any size Produces a fixed length digest Easy to compute h = H(M) One-way function: given h, it must be computationally infeasible to compute M such that h = H(M) Weak collision: Given M, it must be computationally infeasible to compute M’ such that H(M’) = H(M) Strong collision: computationally infeasible to find M, M’ such that H(M’) = H(M) 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 Hash functions Simple hash function: O1 = D1 O2 = O1 D2 O3 = O2 D3 … ON = ON-1 DN MD4, MD5 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 MD5 Y0 Y1 … YL IV CV1 HMD5 CV2 CVL-1 CVL Develop in 1992, by Ron Rivest 128 bit hash code Processes 512 bits at a time (add padding bits if necessary) 4 rounds of 16 steps each, involving gcd, and + mod 232 operations 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 MD4 Similar to MD5, developed earlier in 1990 by Ron Rivest 128 bit hash code, processes 512 bits at a time 3 rounds of 16 steps each, involving gcd, and + mod 232 operations faster 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 SHA-1 hash function Developed by NIST in 1995 Based on MD4 160 bit hash Operates on blocks of length 512 bit More secure against brute force attacks Appears to be secure against cryptanalysis MD5 and SHA-1 are equally fast, simple 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 HMAC Truly a MAC Required for IPSec Based on hash functions Any “good” hash function can be used The “IV” can be kept secret (becomes the key) MD5 or SHA-1 can be used 1/1/2019 Tutorial on Network Security: Sep 2003

Tutorial on Network Security: Sep 2003 Thanks 1/1/2019 Tutorial on Network Security: Sep 2003

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.