Protocol Building Block. INTRODUCTION TO PROTOCOL Protocol? ● Def : Series of steps to accomplish a task with two or more parties Cryptographic protocol?

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
Introduction to Signcryption November 22, /11/2004 Signcryption Public Key (PK) Cryptography Discovering Public Key (PK) cryptography has made.
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Protocol Building Blocks 1.Protocols are multi-agent algorithms 2.Agents know protocol 3.Protocol unambiguous, well-defined 4.Protocol complete, action.
1 Chap 1: Introduction Some background –The message is usually represented as M or P (plaintext), the encryption result is usually represented as C (ciphertext).
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Chapter 9 Cryptographic Protocol Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li.
1 CIS 5371 Cryptography 9. Data Integrity Techniques.
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
May 2002Patroklos Argyroudis1 A crash course in cryptography and network security Patroklos Argyroudis CITY Liberal Studies.
IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:
Chapter 4: Intermediate Protocols
Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.
Chapter 2: Protocol Building Blocks
Cryptography, Authentication and Digital Signatures
Public-Key Cryptography CS110 Fall Conventional Encryption.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Chapter 3: Basic Protocols Dulal C. Kar. Key Exchange with Symmetric Cryptography Session key –A separate key for one particular communication session.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Based on Schneier Chapter 5: Advanced Protocols Dulal C. Kar.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.
Using Cryptography for Network Security Common problems: –Authentication - A and B want to prove their identities to one another –Key-distribution - A.
Software Security Seminar - 1 Chapter 5. Advanced Protocols 조미성 Applied Cryptography.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Digital Signatures, Message Digest and Authentication Week-9.
Protocols Chapter 2 Protocol: A series of steps, involving two or more parties, designed to accomplish a task. All parties involved must know the protocol.
1 Needham-Schroeder A --> S: A,B, N A S --> A: {N A,B,K AB,{K AB,A} KBS } KAS A --> B:{K AB,A} KBS B --> A:{N B } KAB A --> B:{N B -1} KAB.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Using Cryptography for Network Security Common problems: –Authentication - A and B want to prove their identities to one another –Key-distribution - A.
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
Introduction to Cryptography Summarized from “ Applied Cryptography, Protocols, Algorithms, and Source Code in C ”, 2nd. Edition, Bruce Schneier, John.
A A E E D D C C B B # Symmetric Keys = n*(n-1)/2 F F
Chapter ADCS CS262/0898/V1 Chapter 3 Applied Cryptography Digital Signature "Vision without action is a daydream. Action without vision is a nightmare"
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
Software Security Seminar - 1 Chapter 4. Intermediate Protocols 발표자 : 이장원 Applied Cryptography.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Software Security Seminar - 1 Chapter 2. Protocol Building Blocks 발표자 : 최두호 Applied Cryptography.
Basics of Cryptography
Key Exchange References: Applied Cryptography, Bruce Schneier
Digital Signatures Reference: Pfleeger , Charles P., Security in Computing, 2nd Edition, Prentice Hall, /7/2019 Ref: Pfleeger96, Ch.4.
Presentation transcript:

Protocol Building Block

INTRODUCTION TO PROTOCOL Protocol? ● Def : Series of steps to accomplish a task with two or more parties Cryptographic protocol? ● Def : protocol that uses cyptography

Dramatis Personae ● Alice : First participant in all the protocols ● Bob : Second participant in all the protocols ● Carol : Participant in the three, four-parties ● Dave : Participant in the four-party protocols ● Trent : Trusted arbitrator ● Eve : Eavesdropper ● Mallory : Malicious active attacker

▲ Arbitrated Protocols AliceBob Trent

▲ Adjudicated Protocols AliceBobTrent 논쟁 발생시

▲ Self-enforcing Protocols AliceBob

▲ Attacks against Protocols ● passive attack - protocol 과 관계없는 사람이 protocol 의 일부 또는 전체를 엿보는 것 ● active attack - attacker 가 자신의 이익을 위해 protocol 의 일부를 가로채서나 다른 것으로 바꾸어서 연락체계를 방해하는 것

※ CHEATER : Someone that may lie during the protocol or not follow the protocol at all (Alice or Bob) ● passive cheater - 더 많은 정보를 습득할 목적으로 하는 cheater ● active cheater - protocol 를 파괴할 목적으로 하는 cheater

COMMUNICATIONS USING SYMMETRIC CRYPTOGRAPHY ▲ Symmetric cryptography ● Alice and Bob agree on a cryptosystem ● Alice and Bob agree on a key ● Alice takes her plaintext message and encypts it using the encyption algorithm and the key ● Alice sends the ciphertext message to Bob ● Bob decrypts the ciphertext message with the same algorithm and key and reads it

▲ Symmetric cryptography 의 문제점 ● Key 가 Alice 와 Bob 사이에 안전하게 분배되어야 한다 ● 사용자가 많아질수록 key 의 개수가 늘어난다 number : n C 2

ONE-WAY FUNCTIONS ▲ One way function ● x 를 알았을때 f(x) 를 구하기는 쉽지만 f(x) 를 알았을때 x 를 구하기는 어려운 함수 ▲ Example ● 접시를 깨기는 쉬우나 붙이기는 어렵다 127 X

▲ Trapdoor one way function ● one way function type 이지만 어떤 secret information y 를 주었을 때에는 f(x) 를 알았을때 x 를 구하는 것도 쉬워진다 (cryptocraphy 에 사용 )

ONE-WAY HASH FUNCTIONS ▲ One-way hash function ● hash function - x H(x) variable-length fixed-length ● one-way hash function - hash function that works in one direction

COMMUNICATIONS USING PUBLIC-KEY CRYPTOGRAPHY ▲ Public-key cryptography ① using two key : public key, private key ② private key : secret information of trapdoor one way function

● Alice and Bob agree on a public-key crytosystem ● Bob sends Alice his public key ● Alice enrypts her message using Bpb ’ s public key and sends it to Bob ● Bob decrypts Alice ’ s message using his private key ▲ 문제점 ● Symmetric algorithm 에 비해 현저히 느리다 ● encryption key 가 공개되어 있어서 chosen plaintext attack 에 취약하다

▲ Session key(hybrid cryptosystem) - chosen plaintext attack 에 취약한 약점을 방지 ● Bob sends Alice his public key ● Alice generates a random session key, K, encrypts it using Bob ’ s public key, and sendss it to Bob E B (K) ● Bob decrypts Alice ’ s message using his private key to recover the session key, D B (E B (K))=k ● Both of them encrypts their communications using the same session key

▲ Properties of signature ● Authentic ● Unforgeable ● Not reusable ● Not be repudiated ● Unalterable DIGITAL SIGNATURES

▲ Signing document with Symmetric cryptosystem and Arbitrator Trent Ea(M) Eb(M,C) Eb(M,C) Alice Bob Flaw- Time consuming for Trent Trent must be infallible Trent must be completely secure

▲ Signing document with Public-key Ea(M) Alice Bob : Dap(M) and verify the signature If Bob cannot find M, he knows the signature is not valid. Alice adds timestamps to prevent Bob from using M illegally.

▲ Signing documents with Public key And One way hash ftn. Ea(H),M Alice Bob : Dap(H) and produce a one way hash of document If H matches the hash he generated, the signature is valid. Benefit-To save time To sane recipient ’ s storage

▲ Multiple Signatures Alice Bob Sb(H) Sa(H),M Sb(H) Carlo : V(Ha,Hb) (Digital) signature -The bit string attached to the document when signed

▲ Nonrepudiation and Digital signature Alice Bob Sa(Sa(M),Head) St(Sa(M),Head,T) Trent Alice verified the message Trent sent to Bob. If she did not originate the message, she speaks up quickly.

Sa(M) Ebp(Sa(M)) Alice Bob Db(Ebp(Sa(M)))=Sa(M) ->Vap(Sa(M))=M Signature + Public key cryptography =Authenticity of signature + The security of encryption The different key pair for encrypting and signing has advantages – To use keys independently DIGITAL SIGNATURES with ENCRYPTION

▲ Resending the message as a Receipt If Alice get same message, Bob received accurately. Bob should checked the message for accuracy before sending a receipt. Sa(M) Ebp(Sa(M)) Alice Bob Vap(Db(Ebp(Sa(M)))=M Eap(Sb(M)) Vbp(Da(Eap(Sb(M)))

▲ Resending the message as a Receipt Vx = Ex and Sx = Dx Sa(M) Ebp(Sa(M)) Alice Bob Vap(Db(Ebp(Sa(M)))=M Eap(Sb(M)) Vbp(Da(Eap(Sb(M))) Mallory Emp(Db(Em(Da(M))) EbpEm(Da(M)) Em(Da(M))

▲ Foiling the Resend Attack ● Alice signs a message. ● Alice encrypts the message and signature with Bob ’ s public key and sends it to Bob. ● Bob decrypts the message with his private key. ● Bob verifies Alice ’ s signature.

RANDOM AND PSEUDO-RANDOM- SEQUENCE GENERATION ▲ Pseudo-Random Sequence Generator ● 비주기적 (nonperiodic) 으로 되도록 sequence 를 길게 한다. ● It looks random. This means that it passes all statistical tests of randomness.

▲ Cryptographically Secure Pseudo-Random Sequence Generator ● 예측가능하면 공격당할 수 있다. ● It is unpredictable. It must be infeasible to predict what the next random bit will be.

▲ Real Random Sequence Generator ● It cannot be reliably reproduced. If you run the sequence generator twice with the exact same input, you will get two completely un related random sequences.