ITS 451 – Crypto Basics1 Cryptography. ITS 451 – Crypto Basics2 A simple example… Text: U-M ASCII Encoded: 01010101 00101101 01001101 “Encoding” refers.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Digital Signatures and Hash Functions. Digital Signatures.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Copyright Justin Klein Keane InfoSec Training Encryption.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Computer Security CS 426 Lecture 3
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Public Key Model 8. Cryptography part 2.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Encryption Coursepak little bit in chap 10 of reed.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography, Authentication and Digital Signatures
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Chapter 21 Public-Key Cryptography and Message Authentication.
1 Public-Key Cryptography and Message Authentication.
Network Security David Lazăr.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Chapter 8 – Network Security Two main topics Cryptographic algorithms and mechanisms Firewalls Chapter may be hard to understand if you don’t have some.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
1 Network Security Basics. 2 Network Security Foundations: r what is security? r cryptography r authentication r message integrity r key distribution.
無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.
Lecture 2: Introduction to Cryptography
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.
Computer Security Lecture 5 Ch.9 Public-Key Cryptography And RSA Prepared by Dr. Lamiaa Elshenawy.
1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
BCIS 4630 Fundamentals of IT Security
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.
Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Computer Communication & Networks
Encryption. Encryption Basics • Plaintext - the original message ABCDEFG • Ciphertext - the coded message DFDFSDFSD • Cipher - algorithm for.
Public Key Encryption and Digital Signatures
Chap 6: Security and Protection
Security through Encryption
Security.
Presentation transcript:

ITS 451 – Crypto Basics1 Cryptography

ITS 451 – Crypto Basics2 A simple example… Text: U-M ASCII Encoded: “Encoding” refers to convenient reformatting. No secrecy here. Call it plaintext. Let’s “Encrypt” it, i.e. hide its meaning from nosy 3 rd parties.

ITS 451 – Crypto Basics3 A simple example… Let’s generate 24 random bits, call it a key. –Say, by coin flips. –Tails  1. Heads  For each bit, if the same, result is 0. If they’re different, result is 1. This is the XOR (exclusive OR) function.

ITS 451 – Crypto Basics4 A simple example… _ _ _ _ _ _ _ _ _ _ _ _ The result is an encrypted string. Call it ciphertext. This simple XOR method is unbreakable. –Even by the CIA or NSA or Microsoft. –Even by the most hard working hacker. IF…

ITS 451 – Crypto Basics5 Simple XOR To decrypt, need to know: –That simple XOR is in use. –The key pattern. Strength of the system depends on: –Secrecy of the key

ITS 451 – Crypto Basics6 Encryption Generally, you need to understand the process and have the key. In the Practical Cryptography’s notation: c := E(K e, m)

ITS 451 – Crypto Basics7 Decrypting Undoing the encryption is easy for this simple example Once more: For each bit, if the same, result is 0. If they’re different, result is 1. This is the XOR (exclusive OR) function.

ITS 451 – Crypto Basics8 Decryption Generally, you need to understand the encryption method and have the key. In the Practical Cryptography’s notation: m := D(K e, c) We have assumed the same key is used for encryption and decryption.

ITS 451 – Crypto Basics9 Secrecy of XOR Example? Unbreakable, if: –Key remains secret –Key never reused

ITS 451 – Crypto Basics10 SKE Using the same key for both encryption and decryption is called SKE: –Symmetric Key Encryption –Secret Key Encryption

ITS 451 – Crypto Basics11 SKE – The Whole Thing

ITS 451 – Crypto Basics12 PCs Changed The World Evolution of encryption methods: –Pencil & paper –Machines, e.g. German Enigma –Computers, e.g. PC Computers allow much more sophisticated methods. Internet allows rapid dissemination of information, including computer code, algorithms, commentary, and analysis.

ITS 451 – Crypto Basics13 Kerckhoffs’ Principle Genuine security lies in keeping the key secret, not in keeping the process secret. Why? –Public algorithms have public analysis. –Weaknesses are publicly exposed. Analogous to open source software. This is a machine era notion.

ITS 451 – Crypto Basics14 How can I attack SKE? For any encryption scheme there are two strategies: Brute Force and Analytic Attacks. Brute Force –I know the algorithm, so I just try different keys until I get lucky. –Highly dependent on machine power. »The bigger the “key space” the more tries it takes to get lucky.

ITS 451 – Crypto Basics15 Moore’s Law Often quoted as “Computers double in speed every two years.” –Gordon Moore noted exponential growth in the # of transistors per integrated circuit. –1965 A brute force attack that takes 8 days with current technology will take 4 days in two years…?!? – Practical Cryptography suggests 50-year horizon…

ITS 451 – Crypto Basics16 “Computationally Impractical” You know what to do and can write a program to do it, but the program takes so long to run that it’s effectively useless.

ITS 451 – Crypto Basics17 Analytic Attack Instead of systematically trying all the keys, we attempt to determine the key based on: –The ciphertext –What we know about the plaintext –What we know about the algorithm

ITS 451 – Crypto Basics18 Symmetric Key Encryption

ITS 451 – Crypto Basics19 The Problem with SKE The intended recipient must know the process and have the key. A cracker seeks these, too. The problem, then, is to get the key to the recipient. –Worse if you communicate with many people! The Key Distribution Problem

ITS 451 – Crypto Basics20 Some Key Distribution Solutions “One time pads.” –Run out eventually. Keep using the same key. –Every transmission provides data for crackers. Transmit new keys using old keys. –Or have a special key used only for transmission of new keys.

ITS 451 – Crypto Basics21 Some Key Distribution Solutions Couriers –Can be intercepted/bribed. Algorithmic key construction –Key based on day of month –Key based on readily available data »from newspapers? radio broadcast? Special hardware for key construction

ITS 451 – Crypto Basics22 Gotcha If the key is secret, SKE can be made very secure. –long keys –complex processes Weakness is the necessity to distribute the key.

ITS 451 – Crypto Basics23 SKE & Big Five Attributes of Security Availability – Need to make sure algorithm isn’t too computationally onerous. Integrity – Will mostly handle separately. If key uncompromised & algorithm chosen well: –Confidential – Sure. –Authenticated – Sure. –Non-repudiated – Sure.

ITS 451 – Crypto Basics24 PKE - Public Key Encryption Suppose we could encrypt and decrypt with different, but uniquely corresponding keys. The public key is public – –Hand it out freely –Post it on web – it to your friends The private key is private – –Guard it closely. aka Asymmetric Key Encryption

ITS 451 – Crypto Basics25 PKE, More Formally The ciphertext is based on the recipient’s public key: –c := E(P Bob, m) The decryption process uses the recipient’s private key: –m := D(S Bob, c) This means: –m = D(S Bob, E(P Bob, m)) Always.

ITS 451 – Crypto Basics26 PKE, Graphically

ITS 451 – Crypto Basics27 The Secrecy Here is in the keys. Usually the processes themselves are publicly available. Most commonly used: –RSA »Rivest, Shamir and Adleman

ITS 451 – Crypto Basics28 Message Authentication You can encrypt using either key of the pair. You then decrypt with its partner. If you can decrypt using my public key, the encryption must have been done with my private key. If I can decrypt using my private key, the encryption must have been done with my public key.

ITS 451 – Crypto Basics29 Hash Functions Consider this text: “John went to OSU.” Count the occurrences of the letters. a b c d e f g h i j k l m n

ITS 451 – Crypto Basics30 Another simple example… Text: U-M ASCII Encoded:

ITS 451 – Crypto Basics31 Another simple example… Let’s XOR them sequentially: What’s the connection between “U-M” and ? Let’s call this function H for hash. – = H(“U-M”)

ITS 451 – Crypto Basics32 Another simple example… It’s not unique. –Other strings give as their H value. »Easy to find others. »Note:  There are 2 8 (= 256) 8-bit strings.  There are an infinite number of possible text strings.

ITS 451 – Crypto Basics33 Another simple example… It’s not reversible. –Given , it’s not possible to say “this came from ‘U-M’”. »Easy to find others.

ITS 451 – Crypto Basics34 Suppose H(“U-M”) = MD5(“U-M”) = c57b94ee2455d6932eae85efa2bfc091 This is the MD5 function. –All input strings produce 16-byte output, usually written as hex string. »MD5(451 syllabus) = 86721e e170a413a899a76a –Not unique, but ‘computationally impractical’ to find others. –Not reversible except by trial & error.

ITS 451 – Crypto Basics35 What Good Is It? Error Detection –Transmit block of data, append MD5. –Recipient calculates MD5, compares.

ITS 451 – Crypto Basics36 Suppose We have a document: important, but not necessarily confidential. I do this: –Compute the MD5 digest. –Encrypt the digest with my private PKE key. –Call the result a signature.

ITS 451 – Crypto Basics37 Then you… You get the document & signature. You can… –Compute the MD5 digest of the file. –Decrypt the signature file using my public PKE key, yielding a message digest. –Compare the two. This means… what?

ITS 451 – Crypto Basics38 ITS 453 – Encrypted Communication How, when, where to use encryption methods. –What protocol layer? –What specific encryption techniques? –Solving key distribution problems.

ITS 451 – Crypto Basics39 ITS 453 – Encrypted Communication Basics of encryption, hash functions. –NSA, RSA, etc. PGP: encrypted files / digital signatures Public Key Infrastructure –Trust arrangements –Digital certificates, etc. Authentication –Kerberos WEP / WPA wireless encryption