Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,

Slides:



Advertisements
Similar presentations
Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,
Advertisements

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
1 Introduction to Information Security , Spring 2015 Lecture 7: Applied cryptography: asymmetric Eran Tromer Slides credit: John Mitchell, Stanford.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
ASYMMETRIC CIPHERS.
Computer Science Public Key Management Lecture 5.
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Chapter 31 Network Security
Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Authentication and Authorization Authentication is the process of verifying a principal’s identity (but how to define “identity”?) –Who the person is –Or,
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Cryptography, Authentication and Digital Signatures
Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
IS 302: Information Security and Trust Week 5: Integrity 2012.
EE515/IS523 Think Like an Adversary Lecture 4 Crypto in a Nutshell Yongdae Kim.
Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Chapter 21 Public-Key Cryptography and Message Authentication.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
Chapter 2 Advanced Cryptography (Part C)
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall A: Foundations of Security and Privacy.
Cryptographic Hash Functions and Protocol Analysis
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
Information Security CS 526
Intro to Cryptography Lesson Introduction
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
Cryptography and Network Security Chapter 13
Introduction to Symmetric-key and Public-key Cryptography
Presentation transcript:

Basic Cryptography 1

What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to, security –Predated modern computing In modern computing, crypto is used to remediate deficiencies in the cyber space. 2

Cryptographic Primitives In this course, we do not study the math part of crypto; rather, we use cryptography primitives as “black boxes.” –Need to understand the fundamental properties of the crypto primitives Four primitives: –Cryptographic hash –Symmetric encryption –Asymmetric encryption –Digital signatures 3

Using the crypto primitives Build security protocols –e.g. SSL/TLS Build more complex security systems using the primitives –e.g. PKI 4

Cryptographic Hash Hash function: H(m) = c Variable-length messages, fixed-length checksum Examples: MD5, SHA-1 Properties: 1.Given m, easy to compute H(m) 2.Given c, hard to find m (preimage resistance) 3.Given m, hard to find another m ’ s.t. H(m ’ ) = H(m) (second-preimage resistance) 4.Hard to find m and m ’ s.t. H(m) = H(m ’ ) (collision resistance) 5

Applications of Hash Function Provides integrity guarantee –If the message content is changed, the hash will be different. Hide information –Knowing the hash does not reveal the input message. N.B. Hash is NOT encryption! 6

A simple application A Commitment Scheme –We are having an online “sealed first-price auction” –Everyone submits a bid in a chat-room –There is no trusted third party –Bids may be submitted at different times Requirements: –The bids need to be secret before opening –The bids need to be binding after opening –Use cryptographic hash function to implement such a scheme 7

Using Salt with Hash A salt is a message that is typically concatenated to the Hash function’s input. –Used to increase the input space of the hash –Increase the difficulty of brute-force attacks 8

c =enc(m, K) m=dec(c, K) Properties: 1. Given ciphertext, hard to infer plaintext (ciphertext only attack) 2. Ciphertext and plaintext known, hard to infer key (known-plaintext attack) 3. Access to encryption oracle, hard to infer key (chosen-plaintext attack) 4. Access to decryption oracle, hard to infer key (chosen-ciphertext attack) Symmetric Encryption (Secret-key Encryption) Encryption and decryption use the same key secret key Examples: DES, AES 9 ciphertext plaintext

The key management problem Every pair of communicating parties need to establish a shared key Leads to keys for N parties Typically requires a key-management/key agreement scheme to be used in practice 10

Diffie-Hellman Key Agreement (1976) Alice Bob

Asymmetric Encryption (Public-key Encryption) Encryption and decryption use two different keys: c = enc(m, K pub ) m = dec(c, K priv ) Public key: announce to everyone Private key: known to the owner only Examples: RSA, El-Gamal 12 Every party has a pair of keys: It is hard to infer private key from the public key

Asymmetric Encryption (Public-key Encryption) Properties: 1.Given ciphertext, hard to infer plaintext (ciphertext only attack) 2.Ciphertext and plaintext known, hard to infer private key (known-plaintext attack) 3. Encryption oracle given, hard to infer private key (chosen-plaintext attack) 4. Decryption oracle given, hard to infer private key (chosen-ciphertext attack) 13 By definition of public-key encryption

Using Public-key Crypto Key generation –Creates the key pair –Typically involves pseudo-random number generation Encryption using public-key crypto –Does not need to share keys –Does not need a secure channel to transmit the public key –Much slower than symmetric-key encryption 14 Challenge: how to ensure the correct public key is used?

Using Public Key to Establish a Shared Secret AliceBob C=E(PK B, s) s PK B s=D(SK B, C) Pick a random secret s

Digital Signature Based on public-key crypto. Signing: sig= Sign(m, K priv ) Verification: Verify(sig, K pub, m) = True Properties: 1.Verification of the validity of a digital signature needs only the public key. 2.Only the owner of the corresponding private key can produce a valid signature Examples: RSA, DSA, El-Gamal 16

Applications of Digital Signature Ensuring data authenticity –Sender signs the message, receiver verifies the signature Providing non-repudiation –Digital signature serves as proof that the message is generated by the private-key holder 17

Message Authentication Code 18 Hash with a shared key. tag= MAC(m, K) Properties: 1.Only the holder of the key K can generate a valid MAC tag. Examples: HMAC

Exercise after class Set up public-key based authentication using SSH Play with the various crypto primitives using OpenSSL ( –The command-line tool documentation can be found at ml ml –Openssl should be installed at most Unix systems. 19

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.