CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

Slides:



Advertisements
Similar presentations
“Advanced Encryption Standard” & “Modes of Operation”
Advertisements

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Lecture 23 Symmetric Encryption
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
A Cryptography Tutorial Jim Xu College of Computing Georgia Tech
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
CN8816: Network Security1 Confidentiality, Integrity & Authentication Confidentiality - Symmetric Key Encryption Data Integrity – MD-5, SHA and HMAC Public/Private.
1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Lecture 23 Cryptography CPE 401 / 601 Computer Network Systems Slides are modified from Jim Kurose & Keith Ross.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Lecture 4: Using Block Ciphers
Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
CS461/ECE422 Spring 2012 Nikita Borisov — UIUC1.  Text Chapters 2 and 21  Handbook of Applied Cryptography, Chapter 8 
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Lecture 2: Introduction to Cryptography
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
Lecture 23 Symmetric Encryption
+ Security. + What is network security? confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
CS 4803 Fall 04 Public Key Algorithms. Modular Arithmetic n Public key algorithms are based on modular arithmetic. n Modular addition. n Modular multiplication.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Message Authentication Codes CSCI 5857: Encoding and Encryption.
Lecture 9 Overview. RSA Invented by Cocks (GCHQ), independently, by Rivest, Shamir and Adleman (MIT) Two keys e and d used for Encryption and Decryption.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Public Key Encryption and Digital Signatures
PART VII Security.
ADVANCED ENCRYPTION STANDARDADVANCED ENCRYPTION STANDARD
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Presentation transcript:

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics

CS5262 Cryptography Basic assumptions –Message to be encrypted –Algorithms (publicly known) to encrypt/decrypt message –Key (known only to sender/recipient) –Given only algorithms and encrypted message, nobody knows a method to decrypt that is significantly faster than trying all keys Types of attacks –ciphertext only –known plaintext –chosen plaintext Real attacks generally don’t break cryptography! –Don’t pick the lock, tunnel into the vault

CS5263 Secret-Key (Symmetric) Cryptography: Uses Prevent eavesdropping –Must be secure channel for key exchange Secure storage –I have to remember my key Authentication –Challenge/response –Be careful Integrity Check –Checksum on the message –Encrypt the checksum

CS5264 Public Key (Assymetric) Cryptography First published in 1976 (Diffie-Hellman) –More common today: RSA Matched pair of keys –Public key (e) to encrypt –Private key (d) to decrypt For integrity, encrypt checksum with sender’s private key –Only sender’s public key will decrypt properly

CS5265 Public-Key Cryptography: Uses Prevent eavesdropping Authentication Integrity Problem: public key algorithms slow –Solution: Use to share secret key

CS5266 Public Key Cryptography: Non-repudiation Message Integrity Checksum (MAC) can convince Recipient that Sender created message –Message correct, from right source But can’t convince anyone else! –Sender, recipient share key –Either could generate message Public key solves this problem –Private key required to encrypt –Only known to sender

CS5267 Hash Algorithms Transform arbitrarily long message m into (short) fixed-length message h(m) –Must be easy to compute h(m) –Given h(m), hard to find (an) m –Hard to find m 1 and m 2 such that h(m 1 )=h(m 2 ) Uses –Password storage (easy to verify that it is probably correct) –Integrity: Send m, h(m|s) –Storage integrity

CS5268 Cryptographic Algorithms What have you covered? DES –3DES IDEA AES One-time Pad –RC4

CS5269 Cryptography: Algorithms Block encryption: Turn fixed-length block into fixed- length e(block) –Block needs to be large enough to prevent “discovery” of block/e(block) pairs –64 bits seems adequate in practice Goal: appear random –Changing one input bit should change each output bit with probability ½ Approaches: –Substitution: Table mapping input to output –Permutation: Move bits around Do (small) substitutions and permutations in rounds

CS52610 Encrypting More… Electronic Code Book –Obvious: Just encrypt each block –Leaks information –Open to tampering Cipher Block Chaining k-Bit Cipher Feedback Mode k-Bit Output Feedback Mode Counter Mode

CS52611 Cipher Block Chaining Xor first block with 64-bit random before encryption –Send random “in the clear” Xor each block with previous encrypted block before encryption Ensures –Identical blocks different in transmitted message –A repeated message will look different each time Problem: tampering –Tampering with one block makes predictable change in the next –But destroys first block

CS52612 Output Feedback Mode Use DES to generate one-time pad –Start with random value –Encrypt with DES to get pad –m xor pad to encrypt –Encrypt pad to get next pad Fast, resilient, can stream results bit at a time If adversary knows plaintext, ciphertext, can tamper to produce desired result!

CS52613 Cipher Feedback Mode One-time pad like OFB –But use ciphertext, not previous pad, to get new pad Tampering garbles following block –Better than OFB –But not as good as CBC Counter Mode –Increment random before encryption to get next pad

CS52614 Encryption to generate Message Authentication Codes Use CBC –Xor each block with previous cipher –Then encrypt Final block is integrity code –Will change if any block changes, or key changes Requires sending the plaintext message

CS52615 Integrity & confidentiality Idea: Encrypt, then checksum on encrypted message –Requires twice as much encryption! –Can we do better? Solution: Weak checksum then encrypt –Adversary can’t see weak checksum to attack it

CS52616 Hash Algorithms (Message Digest) Transform arbitrarily long message m into (short) fixed-length message h(m) –Must be easy to compute h(m) –Given h(m), hard to find (an) m –Hard to find m 1 and m 2 such that h(m 1 )=h(m 2 ) Goal: h(m) should appear random –Non-trivial to define “appear random”

CS52617 (Strange) Hash Uses Authentication –A sends challenge r A –B responds with h(k|r A ) and r B –A responds with h(k|r B ) Integrity / Message Authentication Code –h(m | k) Generate a one-time pad –h(k | r) gives first block, then h(k | b i-1 ) gives b i Can also generate a hash using symmetric encryption

CS52618 Hashing (MD5): How it Works Basic idea: Continuously update hash value with 512 bit blocks of message –128 bit initial value for hash –Bit operations to “compress” Compression function: Update 128 bit hash with 512 bit block –Pass 1: Based on bits in first word, select bits in second or third word –Pass 2: Repeat, selecting based on last word –Pass 3: xor bits in words –Pass 4: y xor (x or ~z)

CS52619 Public Key Cryptography Public key d, private key e –m = e(d(m)) = d(e(m)) Given d, d(m), hard to find m –same for e, e(m) Given d, hard to find e –same for e, d Most based on modular arithmetic –Modular exponentiation

CS52620 Algorithms: Diffie-Hellman Goal: Two parties agree on common number –E.g., learn shared key Initial: large prime p, g < p –publicly known Each chooses secret T = g s mod p Exchange and repeat –Result is the same

CS52621 Diffie-Helman: Problems Authentication –Am I talking to the right person? Man in the middle –Sets up session with either end

CS52622 Algorithms: RSA (Rivest, Shamir, Adleman) Key generation –Choose primes p,q –Choose e relatively prime to (p-1)(q-1) –Public key –Private key where d = 1/(e mod (p-1)(q-1)) Encrypt: c = m e mod n –Decrypt: m = c d mod n de = 1 mod (p-1)(q-1), so m = (m e ) d mod n Breakable if we can factor (why?)

CS52623 Problems with RSA Probing –If I get e(m), I can check if m=m’ –Solution: random pad Efficiency: Key concepts –x e mod n = (x * x) mod n * x e-1 mod n –x 2(e/2) = left shift of x (e/2) Generating keys expensive –Select large primes –Find e relatively prime to (p-1)(q-1) In practice, e=65537 Any x<n is a valid signature –Also, given a signatures for m1, m2; can compute signature for (some) other messages

CS52624 Public-Key Cryptography Standard Encryption Format –Octal: 0 2 (eight random values) 0 data –Data is typically a “session key” Signature Format –0 1 (64 bits of ones) 0 hash

CS52625 Digital Signature Standard ElGamal-based algorithm –Diffie-Helman style

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.