Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security – Additional material.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
Session 4 Asymmetric ciphers.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 9 – Public Key Cryptography and RSA Private-Key Cryptography  traditional private/secret/single key cryptography uses one key  shared by both.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Dr. Kalpakis CMSC 621, Advanced Operating Systems. Fall 2003 URL: Security & Cryptography.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.
Dr. Kalpakis CMSC 621, Advanced Operating Systems. Security & Cryptography.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Chapter 12 Cryptography (slides edited by Erin Chambers)
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
The RSA Algorithm Rocky K. C. Chang, March
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Prime Numbers Prime numbers only have divisors of 1 and self
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
I-4 security.
RSA Ramki Thurimella.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Network Security Lecture 17 Presented by: Dr. Munam Ali Shah.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS CIS 5357 Network Security.
Midterm Review Cryptography & Network Security
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Cryptography Part 1: Classical Ciphers Jerzy Wojdyło May 4, 2001.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
NEW DIRECTIONS IN CRYPTOGRAPHY Made Harta Dwijaksara, Yi Jae Park.
PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 PUBLIC-KEY CRYPTOGRAPHY AND RSA – Chapter 9 Principles Applications Requirements RSA Algorithm Description.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Encryption CS110: Computer Science and the Internet.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Computer Security Lecture 5 Ch.9 Public-Key Cryptography And RSA Prepared by Dr. Lamiaa Elshenawy.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Lecture 3 (Chapter 9) Public-Key Cryptography and RSA Prepared by Dr. Lamiaa M. Elshenawy 1.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Asymmetric-Key Cryptography
CH15 –Security & Crypto.
PART VII Security.
Introduction to Cryptography
Presentation transcript:

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security – Additional material

CMSC 421, Fall Protection vs Security The protection mechanisms assist us in preventing unauthorized access and use of computer resources what happens if an intruder bypasses the protection mechanisms? Cryptography can be used so that an intruder is unable to understand or use information obtained without authorization

CMSC 421, Fall Cryptography Terminology Plaintext (or cleartext) is the intelligible message Ciphertext is the unintelligible message Encryption and decryption Are the processes to convert between plaintext and ciphertext Key Is the parameter used in an encryption/decryption algorithm

CMSC 421, Fall Cryptography Terminology Cryptosystem A system for encryption/decryption of information Symmetric cryptosystem use the same key for both encryption and decryption Asymmetric cryptosystem use the different keys for encryption and decryption Cryptology the designing & breaking of cryptosystems Cryptography the practice of using cryptosystems for confidentiallity of information Cryptoanalysis the breaking cryptosystems

CMSC 421, Fall Basic Structure of a Cryptosystem EncryptDecrypt Break Encryption Key K e Decryption Key K d Plaintext M Ciphertext C Plaintext M Side Information Alice Bob Eve

CMSC 421, Fall Basic Attacks to Cryptosystems Cryptosystem attacks are classified based on the amount of side information available to an intruder Attack classification ciphertext-only intruder only has access to the ciphertext known-plaintext intruder has access to the ciphertext and considerable amount of plaintext chosen-plaintext intruder has access to a chosen plaintext and its corresponding ciphertext

CMSC 421, Fall Design Principles for Cryptosystems Shannon’s principles Diffusion principle spread the correlations and dependencies among key and words over the text as much as possible in order to maximize the length of plaintext needed to break the system Confusion principle change a piece of information so that ciphertext has no obvious relationship with plaintext Computational Intractability principle “every” algorithm for determining a key needed to break cryptosystem is “believed” to require exhaustive search of a very large search space

CMSC 421, Fall A Taxonomy of Cryptosystems Conventional systems Modern systems private key systems public key systems

CMSC 421, Fall Conventional Cryptosystems Conventional cryptosystems are based on substitution ciphers Caesar’s cipher E(M) = (M + k) modulo 26 where M is a letter and k=3 is the key Simple substitution cipher E(M) = Key[M] where Key is an arbitrary permutation of a single alphabet Vigenere cipher choose N simple substitution ciphers and encrypt the jth letter using the (j mod N) substitution cipher One-time pad encrypt by Xoring message with a key, whose size equals the size of the message

CMSC 421, Fall DES The Data Encryption Standard (DES) is a modern private-key cryptosystem It is a block cipher that uses two basic operations permutation, and substitution It breaks a message in 64-bit blocks and encrypts/decrypts each block individually It uses a 56-bit secret key, which is expanded to 64-bits using parity bits

CMSC 421, Fall DES Encryption has three stages plaintext block undergoes an initial permutation IP permuted block undergoes for 16 times a complex transformation transformed block undergoes the inverse IP’ of the permutation IP at the 1st stage Decryption is done by executing the three stages in reverse order and each time using the inverse function/operation For added security, block chaining can be used each plaintext block is Xored with the ciphertext of the previous plaintext block triple encryption (DES does not form a group)

CMSC 421, Fall Public-Key Cryptosystems Private key cryptosystems requires a secure mechanism for distributing the private keys to communicating parties Diffie and Hellman proposed public key cryptosystems public key systems make the encryption key publicly available and keep the decryption key secret public key systems are based on the computational intractability principle (using problems such as factoring primes, discrete logarithm, knapsack, etc)

CMSC 421, Fall Public Key Cryptosystems public key systems satisfy the following D SK (E PK (M)) = M for every message M The encryption and decryption functions E and D are computationally efficient Knowledge of E, D, and PK (public key) does not compromise SK (secret key) D PK (E SK (M)) = M for every message M, if message signing/verification is desired

CMSC 421, Fall Trapdoor One-Way Functions One-way functions F F is invertible and easy to compute inverting F is computationally intractable, ie given y finding x such that y=F(x) is believed to be computationally infeasible Trapdoor one-way functions F y=F(x) can be solved efficiently provided some secret information for F is available Diffie and Hellman suggested that one way to implement public key systems is to use trapdoor one-way functions

CMSC 421, Fall Number Theory Background GCD Recursion Theorem & the Extended Euclid’s algorithm

CMSC 421, Fall Number Theory Background Euler’s phi function, Euler’s and Fermat’s Theorems

CMSC 421, Fall Number Theory Background The Chinese Remainder Theorem Origins Sun-Tsu, circa 100 A.D. considered the problem of finding those integers x that leave remainders 2, 3, and 2 when divided by 3, 5, and 7 respectively (which are of the form x=23+105k). Its essence

CMSC 421, Fall Number Theory Background A corollary of the Chinese Remainder Theorem states that

CMSC 421, Fall RSA Rivest, Shamir, and Adleman introduced the RSA public-key cryptosystem based on Diffie and Hellman RSA works as follows

CMSC 421, Fall RSA RSA’s encryption function is E PK (M) = M e mod n where PK=(e,n) RSA’s decryption function is D SK (M) = M d mod n where SK=(d,n) these two encryption/decryption functions satisfy D SK (E PK (M)) = M D PK (E SK (M)) = M can be computed efficiently given PK or SK knowledge of PK does not compromise SK

CMSC 421, Fall RSA Correctness of RSA is based on Fermat’s theorem and on the Chinese Remainder Theorem Example values for RSA choose p=5 and q=11 set n=55 and N=40 choose d=23 compute e=7 using the extended Euclid algorithm encrypt M=8 to 2 using “repeated squaring”

CMSC 421, Fall RSA A more realistic example set of values for RSA (courtesy of Prof. Stephens) n = p = q = e = d = sqrt(n) approximately = number of positive integers < n that are relative prime to n is equal to phi(n) phi(n) =

CMSC 421, Fall Authentication Objective verify the identity of communicating entities Authentication services interactive communication (synchronous) one-way communication (asynchronous) signed communication (verifiable conversation by third party) Potential threats altering messages replaying old messages denial of service interference with ongoing communication impersonation

CMSC 421, Fall Interactive Communication Protocols Require an authoritative Authentication Server (AS) for securely distributing conversation keys Each user registers its secret key with the AS, which is shared only between the AS and the user, and their public key if any Requirements – use case Alice wants to communicate with Bob so that the message is intelligible to Bob, but not Eve it should be evident that the message was sent by Alice, and that is not a replay of an older message from Alice

CMSC 421, Fall Interactive Communication with Private Key Systems Alice wants to converse with Bob

CMSC 421, Fall Interactive Communication with Public Key Systems Alice wants to communicate with Bob

CMSC 421, Fall One-Way Communication with Private Key Systems Alice wants to message M to Bob Bob should be able to authenticate integrity of Alice’s message even if Alice is not currently available Eve should not be able to impersonate Alice Protocol is susceptible to playback attacks

CMSC 421, Fall One-Way Communication with Public Key Systems Alice wants to message M to Bob

CMSC 421, Fall Digital Signatures Must satisfy the following a user can not forge signatures sender of signed message can not deny the validity of his signature receipient can not modify the signature of a signed message

CMSC 421, Fall Digital Signatures using Private Key Systems Alice wants to sign a message to be sent to Bob

CMSC 421, Fall Digital Signatures using Public Key Systems Alice wants to sign a message to be sent to Bob

CMSC 421, Fall Kerberos An authentication system for an open network computing environment where user’s machines are under their complete control and can not be trusted to identify users to network services Consists of Client (C) Kerberos Server (K) Ticket Granting Server (TGS) Server (S) User (U)

CMSC 421, Fall Kerberos Phase I: Getting the Initial Ticket User provides the Client machine his/her identity Client sends to Kerberos server K the msg Kerberos server K Client upon receipt of msg

CMSC 421, Fall Kerberos, Phase II: Getting a Server Ticket User/Client wants to use a network service S Ticket Granting Server TGS Client upon receiving msg from TGS

CMSC 421, Fall Kerberos, Phase III: Requesting a Service Client requests service from server S Service server S upon receipt of the msg

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.