Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 7: Confidentiality Using Symmetric Encryption

Published byAlice Adams Modified over 6 years ago

Similar presentations

Presentation on theme: "Chapter 7: Confidentiality Using Symmetric Encryption"— Presentation transcript:

1 Chapter 7: Confidentiality Using Symmetric Encryption
Fall 2002 CS 395: Computer Security

2 Confidentiality using Symmetric Encryption
traditionally symmetric encryption is used to provide message confidentiality consider typical scenario workstations on LANs access other workstations & servers on LAN LANs interconnected using switches/routers with external lines or radio/satellite links consider attacks and placement in this scenario snooping from another workstation use dial-in to LAN or server to snoop use external router link to enter & snoop monitor and/or modify traffic on external links Have many locations where attacks can occur in typical scenarios. Fall 2002 CS 395: Computer Security

3 Fall 2002 CS 395: Computer Security

4 Confidentiality using Symmetric Encryption
have two major placement alternatives link encryption encryption occurs independently on every link implies must decrypt traffic between links requires many devices, but paired keys end-to-end encryption encryption occurs between original source and final destination So no worry about switch security need devices at each end with shared keys Provides measure of authentication (only sender and receiver posses key Fall 2002 CS 395: Computer Security

5 Note: need to decrypt at switch to read routing info Is switch secure?
Fall 2002 CS 395: Computer Security

6 Fall 2002 CS 395: Computer Security

7 Fall 2002 CS 395: Computer Security

8 Traffic Analysis is monitoring of communications flows between parties
useful both in military & commercial spheres can also be used to create a covert channel link encryption obscures header details but overall traffic volumes in networks and at end-points is still visible traffic padding can further obscure flows but at cost of continuous traffic Fall 2002 CS 395: Computer Security

9 Traffic Analysis when using end-to-end encryption must leave headers in clear so network can correctly route information hence although contents protected, traffic pattern flows are not ideally want both at once end-to-end protects data contents over entire path and provides authentication link protects traffic flows from monitoring Fall 2002 CS 395: Computer Security

10 Key Distribution symmetric schemes require both parties to share a common secret key Also, frequent key changes desirable to limit amount of data compromised issue is how to securely distribute this key often secure system failure due to a break in the key distribution scheme This is one of the most critical areas in security systems - on many occasions systems have been broken, not because of a poor encryption algorithm, but because of poor key selection or management. It is absolutely critical to get this right! Fall 2002 CS 395: Computer Security

11 Key Distribution given parties A and B have various key distribution alternatives: A can select key and physically deliver to B third party (trusted intermediary) can select & deliver key to A & B if A & B have communicated previously can use previous key to encrypt a new key if A & B have secure communications with a third party C, C can relay key between A & B Physical delivery (1 & 2) is simplest - but only applicable when there is personal contact between recipient and key issuer. Is fine for link encryption where devices & keys occur in pairs, but does not scale as number of parties who wish to communicate grows. A third party is a trusted intermediary, whom all parties trust, to mediate the establishment of secure communications between them. Must trust intermediary not to abuse the knowledge of all session keys. As number of parties grow, some variant of 4 is only practical solution. Fall 2002 CS 395: Computer Security

12 A Problem of Scale Number of keys needed depends on the number of communicating pairs that must be supported Fall 2002 CS 395: Computer Security

13 Key Distribution Scenario
Avoids replay attack Stallings Fig 7.9. Based on concept of having a “Key Distribution Center” (KDC) which shares a unique key with each party (user). See text for details of steps in distribution process. Fall 2002 CS 395: Computer Security

14 Key Distribution Issues
hierarchies of KDC’s required for large networks, but must trust each other session key lifetimes should be limited for greater security use of automatic key distribution on behalf of users, but must trust system use of decentralized key distribution controlling purposes keys are used for Fall 2002 CS 395: Computer Security

15 Random Numbers many uses of random numbers in cryptography
nonces in authentication protocols to prevent replay session keys public key generation keystream for a one-time pad in all cases its critical that these values be statistically random with uniform distribution, independent unpredictable cannot infer future sequence on previous values Getting good random numbers is important, but difficult. You don't want someone guessing the key you're using to protect your communications because your "random numbers" weren't (as happened in an early release of Netscape SSL). Although have well-defined tests for determining that a sequence of numbers match uniform distribution, there is no such test to "prove“ independence. Rather, use a number of tests to demonstrate that a sequence does not exhibit independence, until the confidence that independence exists is sufficiently strong. Since often use pseudo-random number, must ensure cannot predict future elements of sequence on basis of earlier elements. Fall 2002 CS 395: Computer Security

16 Random Numbers Getting good random numbers is important, but difficult. You don't want someone guessing the key you're using to protect your communications because your "random numbers" weren't (as happened in an early release of Netscape SSL). Although have well-defined tests for determining that a sequence of numbers match uniform distribution, there is no such test to "prove“ independence. Rather, use a number of tests to demonstrate that a sequence does not exhibit independence, until the confidence that independence exists is sufficiently strong. Fall 2002 CS 395: Computer Security

17 Natural Random Noise best source is natural randomness in real world
find a regular but random event and monitor do generally need special h/w to do this eg. radiation counters, radio noise, audio noise, thermal noise in diodes, leaky capacitors, mercury discharge tubes etc starting to see such h/w in new CPU's problems of bias or uneven distribution in signal have to compensate for this when sample and use best to only use a few noisiest bits from each sample Fall 2002 CS 395: Computer Security

18 Published Sources a few published collections of random numbers
Rand Co, in 1955, published 1 million numbers generated using an electronic roulette wheel has been used in some cipher designs cf Khafre earlier Tippett in 1927 published a collection issues are that: these are limited too well-known for most uses Fall 2002 CS 395: Computer Security

19 Pseudorandom Number Generators (PRNGs)
algorithmic technique to create “random numbers” although not truly random can pass many tests of “randomness” Fall 2002 CS 395: Computer Security

20 Linear Congruential Generator
common iterative technique using: Xn+1 = (aXn + c) mod m given suitable values of parameters can produce a long random-like sequence suitable criteria to have are: function generates a full-period generated sequence should appear random efficient implementation with 32-bit arithmetic note that an attacker can reconstruct sequence given a small number of values Fall 2002 CS 395: Computer Security

21 Using Block Ciphers as Stream Ciphers
can use block cipher to generate numbers use Counter Mode Xi = EKm[i] use Output Feedback Mode Xi = EKm[Xi-1] ANSI X9.17 PRNG uses date-time + seed inputs and 3 triple-DES encryptions to generate new seed & random Fall 2002 CS 395: Computer Security

22 Blum Blum Shub Generator
based on public key algorithms use least significant bit from iterative equation: Choose two large primes, p and q with p=q=3 (mod 4) Let n = pq, and choose random s relatively prime to n Produce random sequence of bits Bi as follows: Fall 2002 CS 395: Computer Security

23 Blum Blum Shub Generator
unpredictable, passes next-bit test security rests on difficulty of factoring N is unpredictable given any run of bits slow, since very large numbers must be used too slow for cipher use, good for key generation Fall 2002 CS 395: Computer Security

24 Next-Bit Test A pseudorandom number generator passes the next-bit test if there is not a polynomial time algorithm that, on input of the first k bits of an output sequence, can predict the (k+1)st bit with probability significantly greater than ½. I.e. Given the first k bits, there is not a practical programming algorithm that can allow you to predict the next bit with probability greater than ½. Fall 2002 CS 395: Computer Security

25 Summary have considered:
use of symmetric encryption to protect confidentiality need for good key distribution use of trusted third party KDC’s random number generation Fall 2002 CS 395: Computer Security

Download ppt "Chapter 7: Confidentiality Using Symmetric Encryption"

Similar presentations

Network Security. Confidentiality Using Symmetric Encryption John wrote the letters of the alphabet under the letters in its first lines and tried it.

Network Security. Confidentiality Using Symmetric Encryption John wrote the letters of the alphabet under the letters in its first lines and tried it.
Applied Cryptography (Public key) Part I. Let’s first finish “Symmetric Key” before talking about public key John wrote the letters of the alphabet under.

Applied Cryptography (Public key) Part I. Let’s first finish “Symmetric Key” before talking about public key John wrote the letters of the alphabet under.
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.

Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
1 Pertemuan 07 Enkripsi Simetrik Kontemporer Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 07 Enkripsi Simetrik Kontemporer Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Stream cipher diagram + + Recall: One-time pad in Chap. 2.

Stream cipher diagram + + Recall: One-time pad in Chap. 2.
Confidentiality using Symmetric Encryption traditionally symmetric encryption is used to provide message confidentiality consider typical scenario –workstations.

Confidentiality using Symmetric Encryption traditionally symmetric encryption is used to provide message confidentiality consider typical scenario –workstations.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Cryptography1 CPSC 3730 Cryptography Chapter 7 Confidentiality Using Symmetric Encryption.

Cryptography1 CPSC 3730 Cryptography Chapter 7 Confidentiality Using Symmetric Encryption.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Cryptography and Network Security Chapter 7

Cryptography and Network Security Chapter 7
Cryptography and Network Security Chapter 7 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Modified – Tom Noack, UPRM.

Cryptography and Network Security Chapter 7 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Modified – Tom Noack, UPRM.
1 Confidentiality Cryptography & Network Security H. Yoon Confidentiality Using Conventional Encryption Where should cryptographic functionality be located?

1 Confidentiality Cryptography & Network Security H. Yoon Confidentiality Using Conventional Encryption Where should cryptographic functionality be located?
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 2007.12. 4 ELSEVIER Mar. 2006.

KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 ELSEVIER Mar
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings.

Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings.
Cryptography and Network Security (CS435)

Cryptography and Network Security (CS435)
Symmetric and Asymmetric Ciphers. Symmetric Encryption  or conventional / private-key / single-key  sender and recipient share a common key  all classical.

Symmetric and Asymmetric Ciphers. Symmetric Encryption  or conventional / private-key / single-key  sender and recipient share a common key  all classical.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 20 Symmetric Encryption and Message Confidentiality.

Chapter 20 Symmetric Encryption and Message Confidentiality.

Similar presentations

Ads by Google