Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography.

Similar presentations


Presentation on theme: "Cryptography."— Presentation transcript:

1 Cryptography

2 Insecure communications
Sender Snooper Recipient Insecure channel Confidential CSCE Farkas

3 Encryption and Decryption
Ciphertext Plaintext Plaintext Requirements: Confidentiality Authentication Between communicating parties Third-party authentication Non-repudiation Integrity verification Key distribution Secret key (secure distribution) Public key (reliable distribution) CSCE Farkas

4 How can cryptography support these objectives?
Security Objectives Confidentiality Integrity Availability Authenticity Non-repudiation How can cryptography support these objectives? CSCE Farkas

5 Security Objectives Confidentiality: Hiding message/file content
Secret key, public key encryption Integrity: Detecting modification Hash function Availability: Not much – hiding existence of data Authenticity: Verify origin Public key encryption Non-repudiation: Verify activity CSCE Farkas CSCE Farkas 5

6 What makes a good cryptosystem?
A good cryptosystem is one whose security does not depend upon the secrecy of the algorithm. From Bruce Schneier: “Good cryptographers rely on peer review to separate the good algorithms from the bad.'' CSCE Farkas

7 Cryptanalysis Cryptanalyst’s goal: Break message Break key
Break algorithm CSCE Farkas

8 Breakable versus Practically breakable
Unconditionally secure: impossible to decrypt. No amount of ciphertext will enable a cryptanalyst to obtain the plaintext Computationally secure: an algorithm that is not breakable in practice based on worst case scenario Breakable: all algorithms (except one-time pad) are theoretically breakable CSCE Farkas

9 Secret Key Cryptosystem
Plaintext Ciphertext Plaintext Encryption Decryption Sender Recipient K C=E(K,M) M=D(K,C) K needs secure channel CSCE Farkas

10 Secret Key Cryptosystem Vulnerabilities (1
Passive Attacker (Eavesdropper) Obtain and/or guess key and cryptosystem use these to decrypt messages Capture text in transit and try a ciphertext-only attack to obtain plaintext. CSCE Farkas

11 Secret Key Cryptosystem Vulnerabilities
Active Attacker Break communication channel (denial of service) Obtain and/or guess key and cryptosystem and use these to send fake messages CSCE Farkas

12 Inherent Weaknesses of Symmetric Cryptography
Key distribution must be done secretly (difficult when parties are geographically distant, or don't know each other) Need a key for each pair of users n users need n*(n-1)/2 keys If the secret key (and cryptosystem) is compromised, the adversary will be able to decrypt all traffic and produce fake messages CSCE Farkas

13 Compare DES and AES DES AES Date 1976 1999 Block size 64 bits 128 bits
Key length 56 bits 128, 192, 256 bits Encryption Substitution, permutation Substitution, shift, mixing Cryptography Confusion, diffusion Design Open Design rationale Closed Selection process Secret Secret with public comments Source IBM, enhanced by NSA Independent Dutch cryptographers CSCE Farkas

14 Public-Key Encryption
Needed for security: One of the keys must be kept secret Impossible (at least impractical) to decipher message if no other information is available Knowledge of algorithm, one of the keys, and samples of ciphertext must be insufficient to determine the other key CSCE Farkas 14

15 Confidentiality B A Insecure channel B’s private key B’s public key
Ciphertext Plaintext Plaintext Encryption Alg. Decryption Alg. B Recipient A Sender B’s private key B’s public key (need reliable channel) CSCE Farkas 15

16 Signature and Encryption
B A Encrypted Signed Plaintext Signed Plaintext Signed Plaintext Plaintext Plaintext D E D E B’s public key A’s public key B’s private key A’s private key CSCE Farkas 16

17 Non-repudiation Requires notarized signature, involving a third party
Large system: hierarchies of notarization CSCE Farkas 17

18 RSA Med mod n = M mod n Both sender and receiver know n Sender knows e
Only receiver knows d Modulus: Remainder after division, i.e., if a mod n=b then a=c*n+b Need: Find values e,d,n such that Easy to calculate Me, Cd for all M < n Infeasible to determine d give e Med mod n = M mod n CSCE Farkas 18

19 Next Class Review for Final CSCE Farkas


Download ppt "Cryptography."

Similar presentations


Ads by Google