Asymmetric Digital Signatures And Key Exchange Prof. Ravi Sandhu.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

(ENCODING AND DECODING TECHNIQUES)
Symmetric Message Authentication Codes Prof. Ravi Sandhu.
Asymmetric Encryption Prof. Ravi Sandhu. 2 © Ravi Sandhu PUBLIC KEY ENCRYPTION Encryption Algorithm E Decryption Algorithm D Plain- text Plain- text Ciphertext.
PKI Introduction Ravi Sandhu 2 © Ravi Sandhu 2002 CRYPTOGRAPHIC TECHNOLOGY PROS AND CONS SECRET KEY SYMMETRIC KEY Faster Not scalable No digital signatures.
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem.
CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
Public Key Encryption Algorithm
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Attacks on Digital Signature Algorithm: RSA
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
CS470, A.SelcukElGamal Cryptosystem1 ElGamal Cryptosystem and variants CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Public Key Cryptography
Public Encryption: RSA
Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)
Chapter 3 Encryption Algorithms & Systems (Part C)
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
ASYMMETRIC CIPHERS.
1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.
Asymmetric encryption. Asymmetric encryption, often called "public key" encryption, allows Alice to send Bob an encrypted message without a shared secret.
Public Key Model 8. Cryptography part 2.
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
DSA (Digital Signature Algorithm) Tahani Aljehani.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS CIS 5357 Network Security.
Lecture 3.4: Public Key Cryptography IV CS 436/636/736 Spring 2013 Nitesh Saxena.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Improving Encryption Algorithms Betty Huang Computer Systems Lab
Public Key Encryption Terminology RSA Hash functions CSCE Farkas.
Exercises Information Security Course Eric Laermans – Tom Dhaene.
Public-Key Encryption
1 Public-Key Cryptography and Message Authentication.
What is RSA RSA is a system employed to create the encrypted message in which the key used for encryption is different from that used to decrypt. It is.
Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Q: How do Ole and Lena get a shared private key? 1) Lena  LockmasterE keyLena ( ID Lena || ID Ole ) Example (Suppose Lena wants a key to shared with Ole.)
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,
Elliptic Curve Cryptography
Prepared by Dr. Lamiaa Elshenawy
Public Key Algorithms Lesson Introduction ●Modular arithmetic ●RSA ●Diffie-Hellman.
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
Public Key Cryptosystem Introduced in 1976 by Diffie and Hellman [2] In PKC different keys are used for encryption and decryption 1978: First Two Implementations.
Computer Security Lecture 5 Ch.9 Public-Key Cryptography And RSA Prepared by Dr. Lamiaa Elshenawy.
Digital Signature Standard (DSS) US Govt approved signature scheme designed by NIST & NSA in early 90's published as FIPS-186 in 1991 revised in 1993,
DIGITAL SIGNATURE IMPLEMENTATION
DIGITAL SIGNATURE ALGORITHM. The National Institute of Standards and Technology (NIST) has published Federal Information Processing Standard FIPS 186,
Prof. Jk LEE/security1 Secure Encryption Systems 암호화복호화 공통비밀키 암호시스템.
Lecture 3 (Chapter 9) Public-Key Cryptography and RSA Prepared by Dr. Lamiaa M. Elshenawy 1.
Elgamal Public Key Encryption CSCI 5857: Encoding and Encryption.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Information Security and Management 10. Other Public-key Cryptosystems Chih-Hung Wang Fall
Information and Computer Security CPIS 312 Lab 8 1 Asymmetric Key Algorithms RSA Algorithm TRIGUI Mohamed Salim.
1 Introduction to Information Security , Spring 2016 Lecture 4: Applied cryptography: asymmetric Zvi Ostfeld Slides credit: Eran Tromer.
@Yuan Xue 285: Network Security CS 285 Network Security Digital Signature Yuan Xue Fall 2012.
Public Key Cryptosystem
Symmetric Cryptography
Asymmetric Cryptography
Public Key Encryption and Digital Signatures
RSA and El Gamal Cryptosystems
Cryptography Basics and Symmetric Cryptography
Asymmetric Cryptography
The RSA Public-Key Encryption Algorithm
Presentation transcript:

Asymmetric Digital Signatures And Key Exchange Prof. Ravi Sandhu

2 © Ravi Sandhu DIGITAL SIGNATURES Signature Algorithm S Verification Algorithm V Plain- text Yes/No Plaintext + Signature INSECURE CHANNEL A's Private Key A's Public Key RELIABLE CHANNEL A A B B

3 © Ravi Sandhu COMPARE PUBLIC KEY ENCRYPTION Encryption Algorithm E Decryption Algorithm D Plain- text Plain- text Ciphertext INSECURE CHANNEL B's Public Key B's Private Key RELIABLE CHANNEL A A B B

4 © Ravi Sandhu DIGITAL SIGNATURES IN RSA RSA has a unique property, not shared by other public key systems Encryption and decryption commute (M e mod n) d mod n = Mencryption (M d mod n) e mod n = Msignature Same public key can be use for encryption and signature

5 © Ravi Sandhu EL GAMAL AND VARIANTS encryption only signature only 1000s of variants including NISTs DSA

6 © Ravi Sandhu NIST DIGITAL SIGNATURE STANDARD System-wide constants p bit prime q160 bit prime divisor of p-1 g g = h ((p-1)/q) mod p, 1<h<p-1 El-Gamal variant separate algorithms for digital signature and public-key encryption

7 © Ravi Sandhu NIST DIGITAL SIGNATURE STANDARD to sign message m: private key x choose random r compute v = (g r mod p) mod q compute s = (m+xv)/k mod q signature is (s,v,m) to verify signature: public key y compute u1 = m/s mod q compute u2 = v/s mod q verify that v = (g u1 *y u2 mod p) mod q

8 © Ravi Sandhu NIST DIGITAL SIGNATURE STANDARD signature does not repeat, since r will be different on each occasion if same random number r is used for two messages, the system is broken message expands by a factor of 2 RSA signatures do repeat, and there is no message expansion

9 © Ravi Sandhu DIFFIE-HELLMAN KEY AGREEMENT A A B B y A =a x A mod p public key private key x A private key x B y B =a x B mod p public key k = y B x A mod p = y A x B mod p = a x A * x B mod p system constants: p: prime number, a: integer

10 © Ravi Sandhu DIFFIE-HELLMAN KEY ESTABLISHMENT security depends on difficulty of computing x given y=a x mod p called the discrete logarithm problem

11 © Ravi Sandhu MAN IN THE MIDDLE ATTACK A A C C B B

12 © Ravi Sandhu CURRENT GENERATION PUBLIC KEY SYSTEMS RSA (Rivest, Shamir and Adelman) the only one to provide digital signature and encryption using the same public-private key pair security based on factoring ElGamal Encryption public-key encryption only security based on digital logarithm DSA signatures public-key signature only one of many variants of ElGamal signature security based on digital logarithm

13 © Ravi Sandhu CURRENT GENERATION PUBLIC KEY SYSTEMS DH (Diffie-Hellman) secret key agreement only security based on digital logarithm ECC (Elliptic curve cryptography) security based on digital logarithm in elliptic curve field uses analogs of ElGamal encryption DH key agreement DSA digital signature

14 © Ravi Sandhu ELLIPTIC CURVE CRYPTOGRAPHY mathematics is more complicated than RSA or Diffie-Hellman elliptic curves have been studied for over one hundred years computation is done in a group defined by an elliptic curve

15 © Ravi Sandhu ELLIPTIC CURVE CRYPTOGRAPHY 160 bit ECC public key is claimed to be as secure as 1024 bit RSA or Diffie-Hellman key good for small hardware implementations such as smart cards

16 © Ravi Sandhu ELLIPTIC CURVE CRYPTOGRAPHY ECDSA: Elliptic Curve digital signature algorithm based on NIST Digital Signature Standard ECSVA: Elliptic Curve key agreement algorithm based on Diffie-Hellman ECES: Elliptic Curve encryption algorithm based on El-Gamal

17 © Ravi Sandhu PKCS STANDARDS de facto standards initiated by RSA Data Inc.

18 © Ravi Sandhu MESSAGE DIGEST message digest algorithm original message no practical limit to size message digest 128 bit/160 bit easyhard

19 © Ravi Sandhu MESSAGE DIGEST for performance reasons sign the message digest not the message one way function m=H(M) is easy to compute M=H -1 (m) is hard to compute

20 © Ravi Sandhu DESIRED CHARACTERISTICS weak hash function difficult to find M' such that H(M')=H(M) given M, m=H(M) try messages at random to find M with H(M)=m 2 k trials on average, k=80 to be safe

21 © Ravi Sandhu DESIRED CHARACTERISTICS strong hash function difficult to find any two M and M' such that H(M')=H(M) try pairs of messages at random to find M and M such that H(M)=H(M) 2 k/2 trials on average, k=128 to be safe k=160 is better

22 © Ravi Sandhu CURRENT GENERATION MESSAGE DIGEST ALGORITHMS MD5 (Message Digest 5) 128 bit message digest falling out of favor SHA (Secure Hash Algorithm) 160 bit message digest slightly slower than MD5 but more secure