Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation.

Slides:



Advertisements
Similar presentations
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Advertisements

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.
Feb 12, 2002Mårten Trolin1 Applied Cryptography Main goal –Give some practical experience on cryptographic technics used today. –Show how to use existing.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Electronic Transaction Security (E-Commerce)
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 25, 2003Mårten Trolin1 Previous lecture – smart-cards Card-terminal authentication Card-issuer authentication.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Cryptographic Technologies
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
May 21, 2002Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.
Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Introduction to Public Key Cryptography
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
David Froot.  How do we transmit information and data, especially over the internet, in a way that is secure and unreadable by anyone but the sender.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
CIS 450 – Network Security Chapter 8 – Password Security.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography, Authentication and Digital Signatures
Lecture 11: Strong Passwords
Feb 11, 2003Mårten Trolin1 Applied Cryptography Main goal –Give some practical experience on cryptographic technics used today. –Show how to use existing.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
By N.Gopinath AP/CSE Unit: IV Data Compression. Represents an information source (e.g. a data file, a speech signal, an image, or a video signal) as accurately.
Feb 17, 2003Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Lecture 2: Introduction to Cryptography
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
Chapter 9 Public Key Cryptography and RSA. Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender.
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Encryption Encryption: Transforms Message so that Interceptor Cannot Read it –Plaintext (original message) Not necessarily text; Can be graphics, etc.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
ENGR 101 Compression and Encryption. Todays Lecture  Encryption  Symmetric Ciphers  Public Key Cryptography  Hashing.
Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Apr 1, 2003Mårten Trolin1 Previous lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Web Applications Security Cryptography 1
Applied Cryptography Main goal
Previous lecture – smart-cards
e-Health Platform End 2 End encryption
Security.
The Secure Sockets Layer (SSL) Protocol
Presentation transcript:

Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation –PKCS#5

Apr 30, 2002Mårten Trolin2 Today’s program – key generation and distribution Generating keys Distributing keys –Key splitting Master key and derived keys Key lengths –Symmetric keys –Asymmetric keys

Apr 30, 2002Mårten Trolin3 Generating keys Key generation requires a good source of random bits –Bad key material makes system vulnerable to attacks. Has been done in practice. –Hardware generators provide the best source. –For end-user applications - some user interaction can be used (mouse movement, key strokes, etc.) –Using system time for high security requirements is a bad idea! For high-security applications, key generation should take place in a closed environment.

Apr 30, 2002Mårten Trolin4 Distributing symmetric keys Symmetric keys are very sensitive and must be distributed with great care. Depending on how valueable the key is, different approaches are possible. –Send the key to recipient by physically secure means, e.g., by courier, by registered mail etc. –If a common key exists, send the new key encrypted under the common key. –Split the key into components and send the key components with different security officers.

Apr 30, 2002Mårten Trolin5 Key splitting One option for distributing keys with lower risk is to split the key into components and send the parts separately. After generation, the key is split into n parts. To recreate the key, all n parts must be available. Knowledge of less than n parts should give as little help as possible for recreating of keys. How do we do this?

Apr 30, 2002Mårten Trolin6 Splitting into parts of equal length When splitting into parts of equal length, the key of length l is split into n components, each of length l / n. First part consists of bits 1 through (l / n) – 1, second part of bits l / n though 2(l / n) – 1, etc. A disadvantage of this method is that knowledge of several parts reveals parts of the key, and leaves fewer bits for guessing.

Apr 30, 2002Mårten Trolin7 Exclusive-or with random bit strings If we want to distribute an l-bit key k as n components, we first generate (n – 1) l-bit strings u 1, u 2, …, u n – 1. The n’th component is computed as u n = k  u 1  u 2  …  u n – 1, where  denotes bitwise XOR. The basic properties of XOR gives that u 1  u 2  …  u n = k. This method gives higher security, since knowledge of either n – 1 components reveals nothing about the key. –Recall that with the previous method, this knowledge revealed several key bits, making a brute-force attack on the rest easier.

Apr 30, 2002Mårten Trolin8 Distributing keys for asymmetric keys Distributing the public part of asymmetric keys is simple – no special security measures are needed. Distributing keys in certificates makes it easier to prove the owner of the key. If the private part is to be distributed, the same techniques as for symmetric keys can be used.

Apr 30, 2002Mårten Trolin9 Key Derivation Key derivation is a technique to assign individual keys without having to store a key per user. The key information is concentrated into a single master key. Every key is derived from this master key. The individual keys are computed on-the-fly from the master key and user information. EncryptionMaster key User information Individual key

Apr 30, 2002Mårten Trolin10 Session Keys For security reasons it is often a good idea to use different keys for each transaction. Keys used only for one transaction are called session keys. Encryption Individual key Session information Session key

Apr 30, 2002Mårten Trolin11 Key Management – Setup If two systems need to share a common symmetric key, there are several possiblities. –Can be created by system A and transferred to system B. –Can be created by a third party and transferred both to system A and system B. System ASystem B Master Key Key generation

Apr 30, 2002Mårten Trolin12 Zone Master Key – ZMK If the two systems have one common symmetric key, this key can be used to encrypt other keys that are sent between the systems. This key is often called Zone Master Key, ZMK. Once this common key has been established, exchanging further keys is simple.

Apr 30, 2002Mårten Trolin13 Symmetric Key Management – Zone Master Key Configuration system Host system Generation of Zone Master Key Zone Master Key sent as components to host by security officers ZMK Component 1 ZMK Component 2 ZMK Component 3 Components reassembled as the host to give the same key

Apr 30, 2002Mårten Trolin14 Transfer of Zone Master Key When transferring the Zone Master Key, no single person will see the key. Key components are given out only one at the time, so that no one person sees all components. When combining the components, each component is first encrypted. Only when all components are encrypted do the security officers meet and give all components.

Apr 30, 2002Mårten Trolin15 Symmetric Key Management – Key Export System A System B System A and system B shares ZMK Symmetric key encrypted under ZMK and sent KeyZMK Key Symmetric key decrypted at system B Symmetric key generated

Apr 30, 2002Mårten Trolin16 Key length Apart from selecting a good algorithm, the key length to be used must be chosen. When selecting the key length, you need to take into account security requirements and hardware costs. –Longer keys are more secure, but encryption and decryption takes longer time. –How sensitive is the data? Do we need to protect it for twenty seconds, twenty days or twenty years? –Who do we want to protect ourselves against? The causal eaves- dropper, a competing company or a foreign government?

Apr 30, 2002Mårten Trolin17 Symmetric key lengths If the symmetric cipher is good, the only way to break the key is to do exhaustive search. For an n-bit key, this requires 2 n iterations. As of today, 64-bit keys take a few years to crack for someone with enough resources. 128-bit keys are virtually impossible to break, and are likely to stay that way for the foreseeable future. Since encryption and decryption is fast, there is usually no reason to use less than 128 bits.

Apr 30, 2002Mårten Trolin18 Symmetric key lengths The graph below demonstrates how the time necessary to break a key depends on the key length. Time to break Key length

Apr 30, 2002Mårten Trolin19 Asymmetric key lengths For asymmetric systems, there are much more efficient ways than exhaustive search to retrieve the key. –For RSA, factoring the modulus gives the private key. The longest RSA key that is publicly known to have been broken is 512 bits. –Two years ago, this required 30 CPU-years bit keys probably remain secure for the next years. Be very careful with comparisons between strength of symmetric and asymmetric keys!

Apr 30, 2002Mårten Trolin20 Asymmetric keys Asymmetric keys often have a longer life-span than symmetric keys. –Symmetric keys are used for session encryption, which often has to be kept secret only for a limited period. –Asymmetric keys are used for signatures that may have to remain secure for several decades. Analyze the situation and choose the most appropriate solution!