Secret-Key Agreement without Public-Key Cryptography Security Seminars Kulesh Shanmugasundaram.

Slides:

Advertisements

Similar presentations

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

Advertisements

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

Computer Security Key Management

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.

G Robert Grimm New York University Using Encryption for Authentication in Computer Networks.

1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

Authentication System

Remarks on Voting using Cryptography Ronald L. Rivest MIT Laboratory for Computer Science.

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.

RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.

Asymmetric-Key Cryptography Also known as public-key cryptography, performs encryption and decryption with two different algorithms. Each node announces.

Cryptography Data communications and networks Momina Tariq: Ambreen Sohail: Data Communications and Networks.

Cryptography, Authentication and Digital Signatures

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

Public-Key Cryptography CS110 Fall Conventional Encryption.

10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.

Midterm Review Cryptography & Network Security

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Key Management Celia Li Computer Science and Engineering York University.

Network Security David Lazăr.

Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Introduction to Quantum Key Distribution

1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.

1 Introduction The State of the Art in Electronic Payment Systems, IEEE Computer, September 1997.

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

CPS 290 Computer Security Network Tools Cryptography Basics CPS 290Page 1.

Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.

15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.

Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”

ECE509 Cyber Security : Concept, Theory, and Practice Key Management Spring 2014.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.

1 Hello World and Welcome to The simple crypt Key=23 {txzr7c x7Cr 7d~zg{r 7tengc Private-key Cryptography.

Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.

Software Security Seminar - 1 Chapter 4. Intermediate Protocols 발표자 : 이장원 Applied Cryptography.

CHAOS CRYPTOGRAPHY Nathaniel Speiser Physics

1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.

Homework #2 J. H. Wang Oct. 31, 2012.

9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.

Lecture 14 Public Key Cryptography and RSA. Summary principles of public-key cryptography principles of public-key cryptography RSA algorithm, implementation,

1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.

Key distribution Ján Kotrady. Content: What is key distribution? Key agreement and distribution Basic algorithm – Diffie-Hellman Basic attacks – Man in.

Security. Cryptography (1) Intruders and eavesdroppers in communication.

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.

Pertemuan #8 Key Management Kuliah Pengaman Jaringan.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

Software Security Seminar - 1 Chapter 2. Protocol Building Blocks 발표자 : 최두호 Applied Cryptography.

Presentation transcript:

Secret-Key Agreement without Public-Key Cryptography Security Seminars Kulesh Shanmugasundaram

SYN  SYN  Secret-Key Paradigms  Leighton-Micali Scheme  Sensor Networks Perspectives  References  FIN

Secret-Key Sharing  Secret-Key Sharing Paradigms –Public-key framework –Needham-Schroeder framework  Needham-Schroeder framework –Trusted authority T mediates key agreements between Alice and Bob –We know the framework well(?)

Needham-Schroeder  Issues with the scheme 1.Requires trusted authority to be continuously available 2.Exposes arbitrarily many clear-text- cipher-text pairs 3.Requires encryption to provide authentication 4.Security of the scheme depends on advances in number theory

Leighton-Micali Scheme  Properties of the scheme 1.Simple, elegant and easy to implement 2.Depends on ordinary one-way functions 3.Continuous presence of trusted authority is not required 4.Requires computing or storing N 2 k-bit keys, for an N-node network 5.Encryption, authentication in one protocol 6.Compromising nodes, trusted authority doesn’t affect the security…

Leighton-Micali Scheme  One time initialization of protocol –h() denotes a hash function, + denotes xor operation 1. Trusted authority creates two secret master keys 1.Exchange key – K 2.Authentication key – K’ 2. TA assigns two keys for each node 1.Exchange key K i = h(K, i) 2.Authentication key K’ i = h(K’, i) 3. TA computes O(N 2 ) keys for each pair of nodes 1.Exchange key P i,j = h(K j, i) + h(K i, j) 2.Authentication key A i,j = h(K’ i, h(K j,i))

Leighton-Micali Scheme…  Computing Secret-keys 1. Suppose P a,b is pair key for Alice and Bob 2. Alice computes E = P a,b + h(K a, Bob) 3. Alice authenticates the key A a,b = h(K a, E) 4. To decrypt Bob simply computes h(K b, Alice) 5. Done!

Leighton-Micali Scheme…  Security properties of the scheme 1.Unpredictability of individual keys 2.Unpredictability of pair-keys 3.When requesting pair-keys, requestor doesn’t need to authenticate herself 4.No man-in-the-middle 5.This is not a public-key approach

Leighton-Micali Scheme…  Sensor network perspectives… –Simple operations (hash, xor) –Relatively few messages across entities –No need for a trusted authority –Pair-keys can be stored on any or all nodes  Questions –Are hash functions inexpensive? –How to efficiently find pair-keys on nodes?

References  Secret-Key Agreement without Public-Key Cryptography, Tom Leighton, Silvio Micali, Crypto 93

FIN Questions, comments, concerns?