Protocol Building Block

INTRODUCTION TO PROTOCOL Protocol? ● Def : Series of steps to accomplish a task with two or more parties Cryptographic protocol? ● Def : protocol that uses cyptography

Dramatis Personae ● Alice : First participant in all the protocols ● Bob : Second participant in all the protocols ● Carol : Participant in the three, four-parties ● Dave : Participant in the four-party protocols ● Trent : Trusted arbitrator ● Eve : Eavesdropper ● Mallory : Malicious active attacker

▲ Arbitrated Protocols AliceBob Trent

▲ Adjudicated Protocols AliceBobTrent 논쟁 발생시

▲ Self-enforcing Protocols AliceBob

▲ Attacks against Protocols ● passive attack - protocol 과 관계없는 사람이 protocol 의 일부 또는 전체를 엿보는 것 ● active attack - attacker 가 자신의 이익을 위해 protocol 의 일부를 가로채서나 다른 것으로 바꾸어서 연락체계를 방해하는 것

※ CHEATER : Someone that may lie during the protocol or not follow the protocol at all (Alice or Bob) ● passive cheater - 더 많은 정보를 습득할 목적으로 하는 cheater ● active cheater - protocol 를 파괴할 목적으로 하는 cheater

COMMUNICATIONS USING SYMMETRIC CRYPTOGRAPHY ▲ Symmetric cryptography ● Alice and Bob agree on a cryptosystem ● Alice and Bob agree on a key ● Alice takes her plaintext message and encypts it using the encyption algorithm and the key ● Alice sends the ciphertext message to Bob ● Bob decrypts the ciphertext message with the same algorithm and key and reads it

▲ Symmetric cryptography 의 문제점 ● Key 가 Alice 와 Bob 사이에 안전하게 분배되어야 한다 ● 사용자가 많아질수록 key 의 개수가 늘어난다 number : n C 2

ONE-WAY FUNCTIONS ▲ One way function ● x 를 알았을때 f(x) 를 구하기는 쉽지만 f(x) 를 알았을때 x 를 구하기는 어려운 함수 ▲ Example ● 접시를 깨기는 쉬우나 붙이기는 어렵다 127 X

▲ Trapdoor one way function ● one way function type 이지만 어떤 secret information y 를 주었을 때에는 f(x) 를 알았을때 x 를 구하는 것도 쉬워진다 (cryptocraphy 에 사용 )

ONE-WAY HASH FUNCTIONS ▲ One-way hash function ● hash function - x H(x) variable-length fixed-length ● one-way hash function - hash function that works in one direction

COMMUNICATIONS USING PUBLIC-KEY CRYPTOGRAPHY ▲ Public-key cryptography ① using two key : public key, private key ② private key : secret information of trapdoor one way function

● Alice and Bob agree on a public-key crytosystem ● Bob sends Alice his public key ● Alice enrypts her message using Bpb ’ s public key and sends it to Bob ● Bob decrypts Alice ’ s message using his private key ▲ 문제점 ● Symmetric algorithm 에 비해 현저히 느리다 ● encryption key 가 공개되어 있어서 chosen plaintext attack 에 취약하다

▲ Session key(hybrid cryptosystem) - chosen plaintext attack 에 취약한 약점을 방지 ● Bob sends Alice his public key ● Alice generates a random session key, K, encrypts it using Bob ’ s public key, and sendss it to Bob E B (K) ● Bob decrypts Alice ’ s message using his private key to recover the session key, D B (E B (K))=k ● Both of them encrypts their communications using the same session key

▲ Properties of signature ● Authentic ● Unforgeable ● Not reusable ● Not be repudiated ● Unalterable DIGITAL SIGNATURES

▲ Signing document with Symmetric cryptosystem and Arbitrator Trent Ea(M) Eb(M,C) Eb(M,C) Alice Bob Flaw- Time consuming for Trent Trent must be infallible Trent must be completely secure

▲ Signing document with Public-key Ea(M) Alice Bob : Dap(M) and verify the signature If Bob cannot find M, he knows the signature is not valid. Alice adds timestamps to prevent Bob from using M illegally.

▲ Signing documents with Public key And One way hash ftn. Ea(H),M Alice Bob : Dap(H) and produce a one way hash of document If H matches the hash he generated, the signature is valid. Benefit-To save time To sane recipient ’ s storage

▲ Multiple Signatures Alice Bob Sb(H) Sa(H),M Sb(H) Carlo : V(Ha,Hb) (Digital) signature -The bit string attached to the document when signed

▲ Nonrepudiation and Digital signature Alice Bob Sa(Sa(M),Head) St(Sa(M),Head,T) Trent Alice verified the message Trent sent to Bob. If she did not originate the message, she speaks up quickly.

Sa(M) Ebp(Sa(M)) Alice Bob Db(Ebp(Sa(M)))=Sa(M) ->Vap(Sa(M))=M Signature + Public key cryptography =Authenticity of signature + The security of encryption The different key pair for encrypting and signing has advantages – To use keys independently DIGITAL SIGNATURES with ENCRYPTION

▲ Resending the message as a Receipt If Alice get same message, Bob received accurately. Bob should checked the message for accuracy before sending a receipt. Sa(M) Ebp(Sa(M)) Alice Bob Vap(Db(Ebp(Sa(M)))=M Eap(Sb(M)) Vbp(Da(Eap(Sb(M)))

▲ Resending the message as a Receipt Vx = Ex and Sx = Dx Sa(M) Ebp(Sa(M)) Alice Bob Vap(Db(Ebp(Sa(M)))=M Eap(Sb(M)) Vbp(Da(Eap(Sb(M))) Mallory Emp(Db(Em(Da(M))) EbpEm(Da(M)) Em(Da(M))

▲ Foiling the Resend Attack ● Alice signs a message. ● Alice encrypts the message and signature with Bob ’ s public key and sends it to Bob. ● Bob decrypts the message with his private key. ● Bob verifies Alice ’ s signature.

RANDOM AND PSEUDO-RANDOM- SEQUENCE GENERATION ▲ Pseudo-Random Sequence Generator ● 비주기적 (nonperiodic) 으로 되도록 sequence 를 길게 한다. ● It looks random. This means that it passes all statistical tests of randomness.

▲ Cryptographically Secure Pseudo-Random Sequence Generator ● 예측가능하면 공격당할 수 있다. ● It is unpredictable. It must be infeasible to predict what the next random bit will be.

▲ Real Random Sequence Generator ● It cannot be reliably reproduced. If you run the sequence generator twice with the exact same input, you will get two completely un related random sequences.