1. CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz

2. Administrative items I  No final project  Instead, 5 (more difficult) homeworks –Work in teams of two students –Email TAs if you need a partner –All students expected to work on each portion of the homework  First homework out

3. Administrative items II  JCE tutorial: Tuesday at 5:30. Room to be announced.

4. Everything you wanted to know about cryptography * *But perhaps were afraid to ask…

5. Caveat  Everything I present will be (relatively) informal –But I will try not to say anything that is an outright lie…  Cryptography is about precise definitions, formal models, and rigorous proofs of security (which we will not cover here) –If you want more details, take CMSC 456!

6. Attacks  Crypto deals primarily with three goals: –Confidentiality –Integrity (of data) –Authentication (of resources, people, systems)  Other goals also considered –E.g., non-repudiation –E-cash (e.g., double spending) –General secure multi-party computation

7. Security through obscurity?  Always assume full details of crypto protocols and algorithms are public –Only secret information is a key  “Security through obscurity” is a bad idea…

8. Private- vs. public-key  For many security goals, there are two types of cryptographic algorithms –Private-key / shared-key / symmetric-key / secret-key –Public-key

9. Private-key cryptography  The parties communicating share a completely random and secret key –Main point: key is not known to an attacker –This key must be shared (somehow) before they communicate  All “classical” cryptosystems are private- key based  Can also be used for secure storage

10. Private-key cryptography  For confidentiality: –Private-key (symmetric-key) encryption  For data integrity: –Message authentication codes –(sometimes called cryptographic checksums)

11. Public-key cryptography  One party (Alice) generates both a public key and a private key (or secret key)  The public key is published; the private key is kept secret –An attacker knows the public key!  The other communicating party (Bob) need not have any key of his own; knows Alice’s key  Techniques for this first developed in the 70’s

12. Public-key cryptography  For confidentiality: –Public-key encryption  For data integrity: –Digital signatures

13. To review…  Confidentiality: –Private-key encryption (schemes) –Public-key encryption (schemes)  Integrity: –Message authentication (codes) –Digital signature (schemes)  We will discuss authentication later

14. Private- vs. public-key I  Disadvantages of private-key –Need to securely share a key If you can share a key securely, why not just share the message itself? What if not possible? Need to know with whom you wish to communicate in advance! –O(n 2 ) keys needed for point-to-point channels in an n-party network

15. Private- vs. public-key II  Why study private-key at all? –Private-key is much more efficient (3 orders of magnitude) –Public-key crypto is “harder” to get right Needs stronger assumptions, more math –Can combine private-key with public-key to get the best of both worlds (for encryption)

16. Private- vs. public-key III  More disadvantages of public-key crypto –Public-key crypto still requires secure distribution and binding of public keys (PKI) May (sometimes) be just as hard as sharing a key –Not clear with whom you are communicating (for public-key encryption)

17. In more detail…  Alice and Bob share a key K –Must be shared securely –Must be completely random –Must be kept completely secret from attacker –We don’t discuss (for now) how they do this  Plaintext - encryption - ciphertext - decryption  Decryption must recover the message!  We have not yet said anything about security…