Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography.

Published byBuddy Martin Modified over 6 years ago

Similar presentations

Presentation on theme: "Cryptography."— Presentation transcript:

1 Cryptography

2 Insecure communications
Sender Snooper Recipient Insecure channel Confidential CSCE Farkas

3 Encryption and Decryption
Ciphertext Plaintext Plaintext Requirements: Confidentiality Authentication Between communicating parties Third-party authentication Non-repudiation Integrity verification Key distribution Secret key (secure distribution) Public key (reliable distribution) CSCE Farkas

4 How can cryptography support these objectives?
Security Objectives Confidentiality Integrity Availability Authenticity Non-repudiation How can cryptography support these objectives? CSCE Farkas

5 Security Objectives Confidentiality: Hiding message/file content
Secret key, public key encryption Integrity: Detecting modification Hash function Availability: Not much – hiding existence of data Authenticity: Verify origin Public key encryption Non-repudiation: Verify activity CSCE Farkas CSCE Farkas 5

6 What makes a good cryptosystem?
A good cryptosystem is one whose security does not depend upon the secrecy of the algorithm. From Bruce Schneier: “Good cryptographers rely on peer review to separate the good algorithms from the bad.'' CSCE Farkas

7 Cryptanalysis Cryptanalyst’s goal: Break message Break key
Break algorithm CSCE Farkas

8 Breakable versus Practically breakable
Unconditionally secure: impossible to decrypt. No amount of ciphertext will enable a cryptanalyst to obtain the plaintext Computationally secure: an algorithm that is not breakable in practice based on worst case scenario Breakable: all algorithms (except one-time pad) are theoretically breakable CSCE Farkas

9 Secret Key Cryptosystem
Plaintext Ciphertext Plaintext Encryption Decryption Sender Recipient K C=E(K,M) M=D(K,C) K needs secure channel CSCE Farkas

10 Secret Key Cryptosystem Vulnerabilities (1
Passive Attacker (Eavesdropper) Obtain and/or guess key and cryptosystem use these to decrypt messages Capture text in transit and try a ciphertext-only attack to obtain plaintext. CSCE Farkas

11 Secret Key Cryptosystem Vulnerabilities
Active Attacker Break communication channel (denial of service) Obtain and/or guess key and cryptosystem and use these to send fake messages CSCE Farkas

12 Inherent Weaknesses of Symmetric Cryptography
Key distribution must be done secretly (difficult when parties are geographically distant, or don't know each other) Need a key for each pair of users n users need n*(n-1)/2 keys If the secret key (and cryptosystem) is compromised, the adversary will be able to decrypt all traffic and produce fake messages CSCE Farkas

13 Compare DES and AES DES AES Date 1976 1999 Block size 64 bits 128 bits
Key length 56 bits 128, 192, 256 bits Encryption Substitution, permutation Substitution, shift, mixing Cryptography Confusion, diffusion Design Open Design rationale Closed Selection process Secret Secret with public comments Source IBM, enhanced by NSA Independent Dutch cryptographers CSCE Farkas

14 Public-Key Encryption
Needed for security: One of the keys must be kept secret Impossible (at least impractical) to decipher message if no other information is available Knowledge of algorithm, one of the keys, and samples of ciphertext must be insufficient to determine the other key CSCE Farkas 14

15 Confidentiality B A Insecure channel B’s private key B’s public key
Ciphertext Plaintext Plaintext Encryption Alg. Decryption Alg. B Recipient A Sender B’s private key B’s public key (need reliable channel) CSCE Farkas 15

16 Signature and Encryption
B A Encrypted Signed Plaintext Signed Plaintext Signed Plaintext Plaintext Plaintext D E D E B’s public key A’s public key B’s private key A’s private key CSCE Farkas 16

17 Non-repudiation Requires notarized signature, involving a third party
Large system: hierarchies of notarization CSCE Farkas 17

18 RSA Med mod n = M mod n Both sender and receiver know n Sender knows e
Only receiver knows d Modulus: Remainder after division, i.e., if a mod n=b then a=c*n+b Need: Find values e,d,n such that Easy to calculate Me, Cd for all M < n Infeasible to determine d give e Med mod n = M mod n CSCE Farkas 18

19 Next Class Review for Final CSCE Farkas

Download ppt "Cryptography."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography, Authentication and Digital Signatures

Cryptography, Authentication and Digital Signatures
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.

CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Public Key Encryption Terminology RSA Hash functions CSCE 522 - Farkas.

Public Key Encryption Terminology RSA Hash functions CSCE Farkas.
1 Public-Key Cryptography and Message Authentication.

1 Public-Key Cryptography and Message Authentication.
Information Security By:-H.M.Patel. Information security There are three aspects of information security Security service Security mechanism Security.

Information Security By:-H.M.Patel. Information security There are three aspects of information security Security service Security mechanism Security.
Lecture 3 Basic Security Concepts cont.. Homework 1. Score: 10 points Due: September 12, 2013 2:00 am via dropbox Last day to submit with 4%/day penalty:

Lecture 3 Basic Security Concepts cont.. Homework 1. Score: 10 points Due: September 12, :00 am via dropbox Last day to submit with 4%/day penalty:

Similar presentations

Ads by Google