Various Attacks on Cryptosystems slides (c) 2012 by Richard Newman.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Web security: SSL and TLS
“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Sri Lanka Institute of Information Technology
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Cryptography & Security Presented April 16, 2010 By Dave Stycos, Zocalo Data Systems.
1 ITNS and CERIAS CISSP Luncheon Series: Cryptography Presented by Addam Schroll, CISSP.
Cryptography.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
Attacks on Digital Signature Algorithm: RSA
Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Chapter 3 – Block Ciphers and the Data Encryption Standard Jen-Chang Liu, 2004 Adopted from lecture slides by Lawrie Brown.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Session 6: Introduction to cryptanalysis part 1. Contents Problem definition Symmetric systems cryptanalysis Particularities of block ciphers cryptanalysis.
Lecture 23 Symmetric Encryption
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Public Key Model 8. Cryptography part 2.
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Cryptography: RSA & DES Marcia Noel Ken Roe Jaime Buccheri.
Crypto Bro Rigby. History
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
A Survey of Authentication Protocol Literature: Version 1.0 Written by John Clark and Jeremy Jacob Presented by Brian Sierawski.
Based on Bruce Schneier Chapter 7: Key Length Dulal C. Kar.
Cracking DES Cryptosystem A cryptosystem is made of these parts: Two parties who want to communicate over an insecure channel An encryption algorithm that.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Cryptography Chapter 7 Part 2 Pages 781 to 812. Symmetric Cryptography Secret Key Figure 7-10 on page 782 Key distribution problem – Secure courier Many.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Chapter 9: Algorithms Types and Modes Dulal C. Kar Based on Schneier.
Encryption Types & Modes Chapter 9 Encryption Types –Stream Ciphers –Block Ciphers Encryption Modes –ECB - Electronic Codebook –CBC - Cipher Block Chaining.
Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.
Modes of Usage Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) 11 Coming up: Modes of.
Public / Private Keys was a big year… DES: Adopted as an encryption standard by the US government. It was an open standard. The NSA calls it “One.
CS426Fall 2010/Lecture 61 Computer Security CS 426 Lecture 6 Cryptography: Message Authentication Code.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Software Security Seminar - 1 Chapter 10. Using Algorithms 조미성 Applied Cryptography.
Lecture 23 Symmetric Encryption
1 Symmetric key cryptography: DES DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64 bit plaintext input How secure.
Cipher Transmission and Storage Modes Part 2: Stream Cipher Modes CSCI 5857: Encoding and Encryption.
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
หัวข้อบรรยาย Stream cipher RC4 WEP (in)security LFSR CSS (in)security.
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
Cryptography and Security Fall 2009 Steve Lai
Security through Encryption
PART VII Security.
One time pad & Many Time pad
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Presentation transcript:

Various Attacks on Cryptosystems slides (c) 2012 by Richard Newman

Cryptosystem Basics Symmetric vs. asymmetric (Public Key) – Symmetric – any party with key can encrypt/decrypt/sign Requires key to verify signature! Key distribution main issue Usually requires IV (initialization vector) – Asymmetric – public and private keys not the same Can verity signature without being able to forge Can encrypt without being able to decrypt – Implementation details always an issue Block vs. Stream – Padding in blocks – Stream must be OTP – reuse is fatal! Rotate key and use unique IV

Cryptosystem Attacks Goal is to obtain key, or at least decipher (or sign) message What attacker gets – Ciphertext only – Ciphertext and plaintext – Chosen ciphertext and its plaintext – Chosen plaintext and its ciphertext Protocol – Actual use of cipher suite in system – May provide clues or even access to attacker Implementation – Improper generation of “random” numbers – Insufficient key rotation – Distinguishable feedback – Reduction of key strength Message semantics and confusion Guess verification Oracles

Cryptosystem Attacks Message semantics and confusion – Replay of authentic message taken to mean something else – Application of wrong cipher suite to authentic message Guess verification – On-line vs. off-line – Speed of brute force attack System attack – Differential resource usage – Fault injection Oracles – Differential responses to different types of errors in protocol – Silent failure usually safest

RSA Challenge Brute force attack on 56-bit key DES message – Recognizable plaintext (ASCII) – each byte's MSB is 0 – Off-line, ciphertext-only attack – Partition keyspace in massively parallel attack – Each unit tests range of keyspace on first block If all 8 MSBs are 0 in 8-character block, then viable – Viable keys are tested against second block, etc. Each time have 1/256 chance of passing at random Loading key often much slower than decrypting block – Special hardware EFF machine to crack fast (few days) for $250K Can use botnet to do same

SSL Attacks Improper random number generation – Depended on implementation – “Random” keys generated using hash of time of day, etc. – Small (relatively) keyspace can be brute-forced Vaudenay attack on CBC with n-n padding – See next slide BEAST attack – Browser attack on CBC in SSL3.0/TLS1.0

Vaudenay Attack on CBC Implementations responded differently to padding error Last n bytes (0<n<=8) all have value n to pad For a CBC block, send previous block (as IV) and see if pad error If not, chances are really good last byte is a 1 Modify last byte of “IV” until no padding error reported Then modify last byte to make a “2”, and work on next to last byte Continue until all bytes known from how IV had to be changed Max of 256 tries per byte, times 8, is 2K tries per block

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.