Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Slides:



Advertisements
Similar presentations
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Advertisements

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Encryption and Forensics/Data Hiding. 2 Cryptography Background See: For more information.
Information Security Principles & Applications Topic 4: Message Authentication 虞慧群
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Announcements: 1. HW6 due now 2. HW7 posted Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Introduction to Public Key Cryptography
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
I-4 security.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Basics Credit: Prof. Dr. Peng Ning Network.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography, Authentication and Digital Signatures
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Network Security David Lazăr.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
Cryptographic Hash Functions and Protocol Analysis
Lecture 2: Introduction to Cryptography
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Intro to Cryptography Lesson Introduction
Computer and Network Security - Message Digests, Kerberos, PKI –
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
CS/ECE 578 Cyber-Security Dr. Attila Altay Yavuz
CS/ECE Network Security Dr. Attila Altay Yavuz
IT443 – Network Security Administration Instructor: Bo Sheng
Basic Network Encryption
CS/ECE 478 Network Security Dr. Attila Altay Yavuz
Basic Network Encryption
Presentation transcript:

Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques

Computer Science CSC 774Dr. Peng Ning2 Outline Encryption/Decryption Digital signatures Hash functions –One-way hash chain –Merkle hash tree Pseudo random functions Key exchange/agreement/distribution

Computer Science CSC 774Dr. Peng Ning3 plaintext encryption ciphertext decryption plaintext key Encryption/Decryption Plaintext: a message in its original form Ciphertext: a message in the transformed, unrecognized form Encryption: the process that transforms a plaintext into a ciphertext Decryption: the process that transforms a ciphertext to the corresponding plaintext Key: the value used to control encryption/decryption.

Computer Science CSC 774Dr. Peng Ning4 Cryptanalysis Ciphertext only: –Analyze only with the ciphertext –Example: Exhaustive search until “recognizable plaintext” –Smarter ways available Known plaintext: –Secret may be revealed (by spy, time), thus pair is obtained –Great for mono-alphabetic ciphers

Computer Science CSC 774Dr. Peng Ning5 Cryptanalysis (Cont’d) Chosen plaintext: –Choose text, get encrypted –Useful if limited set of messages Chosen ciphertext: –Choose ciphertext –Get feedback from decryption, etc.

Computer Science CSC 774Dr. Peng Ning6 plaintext encryption ciphertext decryption plaintext key Same key Secret Key Cryptography Same key is used for encryption and decryption Also known as –Symmetric cryptography –Conventional cryptography

Computer Science CSC 774Dr. Peng Ning7 Secret Key Cryptography (cont’d) Basic technique (block cipher) –Product cipher: –Multiple applications of interleaved substitutions and permutations plaintext SPSPS ciphertext … key

Computer Science CSC 774Dr. Peng Ning8 Secret Key Cryptography (cont’d) Basic technique (stream cipher) plaintext key Pseudo random number generator … … Bitwise  ciphertext …

Computer Science CSC 774Dr. Peng Ning9 Secret Key Cryptography (cont’d) Cipher-text approximately the same length as plaintext Examples –Stream Cipher: RC4 –Block Cipher: DES, IDEA, AES

Computer Science CSC 774Dr. Peng Ning10 plaintext encryption ciphertext decryption plaintext Public keyPrivate key Public Key Cryptography Invented/published in 1975 A public/private key pair is used –Public key can be publicly known –Private key is kept secret by the owner of the key Much slower than secret key cryptography Also known as –Asymmetric cryptography

Computer Science CSC 774Dr. Peng Ning11 message Sign Digital signature Verify Yes/No Private keyPublic key Public Key Cryptography (Cont’d) Another mode: digital signature –Only the party with the private key can create a digital signature. –The digital signature is verifiable by anyone who knows the public key. –The signer cannot deny that he/she has done so.

Computer Science CSC 774Dr. Peng Ning12 Public Key Cryptography (Cont’d) Example algorithms –RSA –DSA –Diffie-Hellman

Computer Science CSC 774Dr. Peng Ning13 Message of arbitrary length Hash H A fixed-length short message Hash Algorithms Also known as –Message digests –One-way transformations –One-way functions –Hash functions Length of H(m) much shorter then length of m Usually fixed lengths: 128 or 160 bits

Computer Science CSC 774Dr. Peng Ning14 Hash Algorithms (Cont’d) Desirable properties of hash functions –Performance: Easy to compute H(m) –One-way property: Given H(m) but not m, it is computationally infeasible to find m –Weak collision free: Given H(m), it is computationally infeasible to find m’ such that H(m’) = H(m). –Strong collision free: Computationally infeasible to find m 1, m 2 such that H(m 1 ) = H(m 2 ) Example algorithms –MD5 –SHA-1 –SHA-256

Computer Science CSC 774Dr. Peng Ning15 Applications of Hash Functions Primary application –Generate/verify digital signature Message m H H(m) Sign Private key Signature Sig(H(m)) Message m H H(m) Verify Public key Signature Sig(H(m)) Yes/No

Computer Science CSC 774Dr. Peng Ning16 Applications of Hash Functions (Cont’d) Password hashing –Doesn’t need to know password to verify it –Store H(password+salt) and salt, and compare it with the user-entered password –Salt makes dictionary attack more difficult Message integrity –Agree on a secrete key k –Compute H(m|k) and send with m –Doesn’t require encryption algorithm, so the technology is exportable

Computer Science CSC 774Dr. Peng Ning17 Applications of Hash Functions (Cont’d) Authentication –Give H(m) as an authentication token –Later release m

Computer Science CSC 774Dr. Peng Ning18 K i =F(K i+1 ), F: hash function K4K4 F K3K3 F K2K2 F K1K1 F K0K0 F K n = R F commitment One-Way Hash Chain Used for many network security applications –Example: S/Key Good for authentication of the hash values

Computer Science CSC 774Dr. Peng Ning19 Merkle Hash Tree A binary tree over data values –For authentication purpose The root is the commitment of the Merkle tree –Known to the verifier. Example –To authenticate m 2, send (m 2, m 3,m 01,m 47 ) –Verify m 07 = h(h(m 01 ||h(m 2 ||m 3 )||m 47 )

Computer Science CSC 774Dr. Peng Ning20 Pseudo Random Generator Definition –A cryptographically secure pseudorandom bit generator is an efficient algorithm that will expand a random n-bit seed to a longer sequence that is computationally indistinguishable from a truly random sequence. Theorem [Levin] –A one-way function can be used to construct a cryptographically secure pseudo-random bit generator.

Computer Science CSC 774Dr. Peng Ning21 Pseudo Random Functions Definition –A cryptographically secure pseudorandom function is an efficient algorithm that given an n-bit seed s, and an n-bit argument x, returns an n-bit string f s (x) such that it is infeasible to distinguish f s (x) for random seed s from a truly random function. Theorem [Goldreich, Goldwasser, Micali] –Cryptographically secure pseudorandom functions can be constructed from cryptographically secure pseudorandom bit generators.

Computer Science CSC 774Dr. Peng Ning22 Key Agreement Establish a key between two or among multiple parties –Classical algorithm Diffie-Hellman

Computer Science CSC 774Dr. Peng Ning23 Key Exchange Key exchange –Between two parties –A special case of key agreement –Use public key cryptography Examples: RSA, DH –Use symmetric key cryptography Usually requires a pre-shared key

Computer Science CSC 774Dr. Peng Ning24 Key Distribution Involves a (trusted) third party to help establish keys. Based on –Symmetric key cryptography, or –Public key cryptography

Computer Science CSC 774Dr. Peng Ning25 Center-Based Key Management Key Distribution Center (KDC) –Communication parties depend on KDC to establish a pair-wise key. –The KDC generates the cryptographic key –Pull based Alice communicates with the KDC before she communicates with Bob –Push based Alice communicates with Bob, and it’s Bob’s responsibility to contact the KDC to get the pair-wise key.

Computer Science CSC 774Dr. Peng Ning26 Center-Based Key Management (Cont’d) Key Translation Center (KTC) –Similar to KDC –Difference One of the participants generates the cryptographic key KTC only translates and forwards it to the other participant.

Computer Science CSC 774Dr. Peng Ning27 An Example of KDC: Kerberos Keberos Authentication Server (AS) Ticket-Granting Server (TGS) Server 1. Request TGT 2. TGT + session key 3. Request SGT 4. Ticket + session key 5. Request service 6. Server authenticator

Computer Science CSC 774Dr. Peng Ning28 When Public Key Cryptography is Used Need to authenticate public keys Public key certificate –Bind an identity and a public key together –Verify the authenticity of a party’s public key

Computer Science CSC 774Dr. Peng Ning29 Attacks Replay attacks Man-in-the-middle attacks Resource clogging attacks Denial of service attacks Meet-in-the-middle attacks Dictionary attacks Others specific to protocols

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.