David Evans CS551: Security and Privacy University of Virginia Computer Science Lecture 6: Key Exchange The era of “electronic.

Slides:



Advertisements
Similar presentations
Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
Advertisements

Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Cryptography and Network Security Chapter 9
Public Key Algorithms …….. RAIT M. Chatterjee.
OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Public Key Cryptography and the RSA Algorithm
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Introduction to Modern Cryptography Lecture 7 1.RSA Public Key CryptoSystem 2.One way Trapdoor Functions.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
Public Key Algorithms 4/17/2017 M. Chatterjee.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
[[ NET-CENTRIC CAPABILITIES TURBULENCE TECHNICAL OVERVIEW : AUGUST 2007 ]] MATH CAREERS AT NATIONAL SECURITY AGENCY Jill Calhoun May 2010.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
Lecture 6: Public Key Cryptography
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Andreas Steffen, , 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
Rachana Y. Patil 1 1.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Lecture 11: Key Distribution
David Evans CS588: Security and Privacy University of Virginia Computer Science Lecture 12: Non-secret Key Cryptosystems.
Great Theoretical Ideas in Computer Science.
RSA Ramki Thurimella.
Cryptography Dec 29. This Lecture In this last lecture for number theory, we will see probably the most important application of number theory in computer.
David Evans CS200: Computer Science University of Virginia Computer Science Class 36: Public-Key Cryptography If you want.
Midterm Review Cryptography & Network Security
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Chapter 21 Public-Key Cryptography and Message Authentication.
Private-Key Cryptography  traditional private/secret/single key cryptography uses one key  shared by both sender and receiver  if this key is disclosed.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Public-Key Encryption
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Computer and Network Security Rabie A. Ramadan Lecture 6.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
CS461/ECE422 Spring 2012 Nikita Borisov — UIUC1.  Text Chapters 2 and 21  Handbook of Applied Cryptography, Chapter 8 
1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Information Security CS 526
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
The First Ten Years of Public-Key Cryptography Paper by: Whitfield Diffie Presentation by Taotao Zhao.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Public Key Algorithms Lesson Introduction ●Modular arithmetic ●RSA ●Diffie-Hellman.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
CS 4803 Fall 04 Public Key Algorithms. Modular Arithmetic n Public key algorithms are based on modular arithmetic. n Modular addition. n Modular multiplication.
Cryptography issues – elliptic curves Presented by Tom Nykiel.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
MM Clements Cryptography. Last Week Firewalls A firewall cannot protect against poor server, client or network configuration A firewall cannot.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.
David Evans CS588: Security and Privacy University of Virginia Computer Science Lecture 8: Non-secret Key Cryptosystems.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Privacy & Security.
NET 311 Information Security
NET 311 Information Security
Public-Key, Digital Signatures, Management, Security
Lecture 7: Key Distribution
Presentation transcript:

David Evans CS551: Security and Privacy University of Virginia Computer Science Lecture 6: Key Exchange The era of “electronic mail” [Potter1977] may soon be upon us; we must ensure that two important properties of the current “paper mail” system are preserved: (a) messages are private, and (b) messages can be signed. R. Rivest, A. Shamir and L. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, January (The original RSA paper.)

30 Aug 2000University of Virginia CS 5512 Menu PS1 RC6 Proof Challenge (Vic Ludwig) Key Distribution (Greg Lamm) Diffie-Hellman Key Agreement Intro to Public-Key Cryptosystems Return PS1

30 Aug 2000University of Virginia CS 5513 PS1 Problem 2 –Process more interesting than answer Problem 4 –Even a “provably perfect” scheme breaks in practice –Bonus question: any 98 agents obtain no information any 99 agents can determine message key data O(100 * n)

30 Aug 2000University of Virginia CS 5514 RC6 Proof Vic Ludwig

U.S. Army Key Distribution Greg Lamm

30 Aug 2000University of Virginia CS 5516 Two Distribution Schemes –Physically –OTAR Three Types of Distributions –Initial (Staging Area) –Operating Procedures –Compromise (Equipment or Keys) A tactical network (voice/data) can have over 20 keys. – Key Types Transmission Encryption Key (TEK)-128 bit Key Encryption Key (KEK)-128 bit Key Distribution is Technology + People U.S. Army Distribution

DTAC 2BDE BSA 45 CSB DREAR DMAIN 1-62 ADA Staging Area Key Distribution Close Connectivity Static Environment Data/Voice Network Key Distributed – Physically Test OTAR

DTAC 2BDE BSA 45 CSB DREAR DMAIN 1-62 ADA Tactical Network Key Distribution Dispersed Connectivity Dynamic Environment Data/Voice Network Key Distributed – OTAR

30 Aug 2000University of Virginia CS 5519 DTAC NCS 1-27 SCOUTS 1-27 TOC 1-14 SCOUTS 1-14 TOC AVN TOC 2d BDE ALT NCS 2d BDE TOC 45 CSG MAIN DREAR 45 CSG FWD AVN FARP FM Key Distribution Dispersed Connectivity NCS issues key distribution by SOP

30 Aug 2000University of Virginia CS Key Distribution Problems NCS ALT NCS TEK 1 damaged TEK 2 TEK 1 Multiple Key Distributors Issuing a second key at the staging area Good for compromise Bad if it is not the same (only testing TEK 1) Labeling Keys with name rather than code Key Training, Handling and Protection

30 Aug 2000University of Virginia CS Public-Key Cryptosystems

30 Aug 2000University of Virginia CS Public-Key Cryptosystems Distributing secret keys is hard and expensive Can two people communicate securely without having to meet first and establish a key?

30 Aug 2000University of Virginia CS Trust a Third Party Keys “R” Us knows K A, K B... Alice Bob E (“Bob”, K A ) E (K AB, K A ) E (K AB, K B ) E (M, K AB ) Generates random K AB E (“Alice” || K AB, K B )

30 Aug 2000University of Virginia CS Merkle’s Puzzles Ralph Merkle [1974] Alice generates 2 20 messages: “This is puzzle x. The secret is y.” ( x and y are random numbers) Encrypts each message using symmetric cipher with a different key. Sends all encrypted messages to Bob

30 Aug 2000University of Virginia CS Merkle’s Puzzles, cont. Bob chooses random message, performs brute-force attack to recover plaintext and key k Bob sends x (clear) to Alice Alice and Bob use k to encrypt messages

30 Aug 2000University of Virginia CS Is this secure? Alice: symmetric cipher DES ~2 55 expected brute force work to break DES Eve: has to break the 2 20 to find which one matches x. ~ 2 19 * 2 55 expected work Alice and Bob change keys frequently enough since it is less work to agree to a new key

30 Aug 2000University of Virginia CS Birth of Public Key Cryptosystems 1969 – ARPANet born: 4 sites –Whitfield Diffie starts thinking about strangers sending messages securely 1974 – Whitfield Diffie gives talk at IBM lab –Audience member mentions that Matrin Hellman (Stanford prof) had spoke about key distribution That night – Diffie starts driving 5000km to Palo Alto Diffie, Hellman and Ralph Merkle work on key distribution problem

30 Aug 2000University of Virginia CS We stand today on the brink of a revolution in cryptography. Diffie and Hellman, “New Directions in Cryptography”, IEEE Transactions on Information Theory, November 1976.

30 Aug 2000University of Virginia CS Secret Paint Mixing Analogy due to Simon Singh, The Code Book. AliceBob Yellow paint (public) Alice’s Secret Color Bob’s Secret Color C A = Yellow + Purple C B = Yellow + Red K = Yellow + Red + Purple K = Yellow + Purple + Red Eve

30 Aug 2000University of Virginia CS Diffie-Hellman Key Agreement 1.Choose public numbers: q (large prime number),  (generator mod q ) 2.A generates random X A and sends B: Y A =  X A mod q. 3.B generates random X B and sends A: Y B =  X B mod q. 4.A calculates secret key: K = (Y B ) X A mod q. 5.B calculates secret key: K = (Y A ) X B mod q.

30 Aug 2000University of Virginia CS What’s a generator?  is a generator mod q if for all 0  n < q, there is some 1  m < q such that  m = n mod q Is m unique? –Yes: Proof by counting. Discrete logarithm: given , n, and q find 0  m < q such that  m = n mod q.

30 Aug 2000University of Virginia CS Example What is a generator for q = 11 ? 2 1  = 64   = 128   = 256  = 16  = 512  = 32  = 1024  11 1 If q is prime, there must be a generator.

30 Aug 2000University of Virginia CS Diffie-Hellman Example 1.Choose public numbers: q (large prime number),  (generator mod q ): q = 11,  = 2 2.A generates random X A and sends B: Y A =  X A mod q. X A = 4, Y A = 2 4 mod 11 = 16 mod 11 = 5 3.B generates random X B and sends A: Y B =  X B mod q. X B = 6, Y B = 2 6 mod 11 = 64 mod 11 = 9 Example from Tom Dunigan’s notes:

30 Aug 2000University of Virginia CS Diffie-Hellman Example, cont. q = 11,  = 2 X A = 4, Y A = 5 X B = 6, Y B = 9 4.A calculates secret key: K = (Y B ) X A mod q. K = 9 4 mod 11 = 6561 mod 11 = 5. 5.B calculates secret key: K = (Y A ) X B mod q. K = 5 6 mod 11 = mod 11 = 5.

30 Aug 2000University of Virginia CS Is it magic? Things to Prove: 1.They generate the same keys: K = (Y B ) X A mod q = (Y A ) X B mod q 2.An eavesdropper cannot find K from any transmitted value: q, , Y A, Y B

30 Aug 2000University of Virginia CS Keys Agree Prove K = (Y B ) X A mod q = (Y A ) X B mod q. (Y B ) X A mod q(Y A ) X B mod q = (  X B mod q) X A mod q = (  X A mod q) X B mod q = (  X B ) X A mod q = (  X A ) X B mod q =  X B X A mod q =  X A X B mod q QED. Stallings: “by the rules of modular arithmetic”

30 Aug 2000University of Virginia CS Modular Exponentiation (a mod q) b mod q = a b mod q (7 mod 6) 2 mod 6 = 7 2 mod mod 6 = 49 mod 6 Proof by example?

30 Aug 2000University of Virginia CS Modular Exponentiation First prove: (a * b) mod q = (a mod q) * (b mod q) mod q Then, by induction, (a mod q) b mod q = a b mod q since a b = a * a b-1 and a 1 = a.

30 Aug 2000University of Virginia CS Modular Arithmetic (a * b) mod n = x x + (n * d0) = a * b x = a * b – (n * d0) a mod n = y  y = a – (n * d1) b mod n = z  z = b – (n * d2) (a mod n) * (b mod n) mod n = (a – (n * d1)) * (b – (n * d2)) mod n = (a * b + (a * (n * d2) – b * (n * d1) + (n * d1)(n * d2)) mod n = a * b mod n (all terms with n * are 0 mod n )

30 Aug 2000University of Virginia CS Secure from Eavesdropper An eavesdropper cannot find K from any transmitted value: q, , Y A, Y B K = (Y B ) X A mod q = (Y A ) X B mod q To find K without X A or X B we need to find x and y such that (Y B ) x mod q = (Y A ) y mod q Finding discrete logarithms is (probably) hard! (More on this later...)

30 Aug 2000University of Virginia CS Diffie-Hellman Use SSL Cisco encrypting routers Sun secure RPC etc...

30 Aug 2000University of Virginia CS Public-Key Cryptography Same paper introduced concept of Public-Key Cryptography Private algorithm: E Public algorithm: D Identity: E (D (m)) = D (E (m)) = m Secure: cannot determine E from D But didn’t know how to find suitable E and D

30 Aug 2000University of Virginia CS Who really invented public-key cryptography? General Communications Headquarters, Cheltenham (formed from Bletchley Park after WWII) 1969 – James Ellis asked to work on key distribution problem Secure telephone conversations by adding “noise” to line Late 1969 – idea for PK, but function

30 Aug 2000University of Virginia CS RSA & Diffie-Hellman Asks Clifford Cocks, Cambridge mathematics graduate, for help He discovers RSA (four years early) Then (with Malcolm Williamson) discovered Diffie-Hellman Kept secret until 1997! NSA claims they had it even earlier

30 Aug 2000University of Virginia CS Charge Next time: –Rivest, Shamir, Adelman: First solution to finding suitable E and D Identity: E (D (m)) = D (E (m)) = m Secure: cannot determine E from D Read the paper! –Go somewhere appropriate –Identify 2 questionable statements in the paper

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.