Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kriptografija sa asimetričnim ključem

Published byJosé Miguel Guillermo Velázquez Álvarez Modified over 6 years ago

Similar presentations

Presentation on theme: "Kriptografija sa asimetričnim ključem"— Presentation transcript:

1 Kriptografija sa asimetričnim ključem
Jelena Ignjatović Symmetric Key Cryptography – Block Ciphers • Common block and key sizes • Electronic code book mode (ECB) • Cipher block chaining mode (CBC) Block Ciphers – Present and Future Standards • Some popular block ciphers (DES, 3DES, IDEA, CAST, Blowfish, RC2, RC5) • Digital Encryption Standard (DES) – rounds of confusion and diffusion • Feistel networks • Triple DES • Advanced Encryption Standard (AES) • AES finalists (MARS, RC6, Twofish, Serpent, Rijndael) Symmetric Key Cryptography – Stream Ciphers • Linear feedback shift registers (LFSRs) • RC4 • Output feedback mode (OFB) – block ciphers used as stream ciphers • Counter mode (CTR) – block ciphers used as streams ciphers Coverage by the textbook "Network Security" • Chapter 3 – Secret Key Cryptography, pp. 59…94 • Chapter 4 – Modes of Operation, pp. 95…115

2 Asimetrični-ključ (javni ključ) šifrovanja
Osnovna ideja: Korisnik ima dva ključa: javni ključ i privatni ključ. Poruka može da bude šifrovana javnim ključem i dešifrovana privatnim ključem koji bi obezbedio sigurnost. Poruka može da bude šifrovana privatnim ključem i dešifrovana javnim ključem koji bi obezbedio autentičnost.

3 Problem distribucije ključeva u gustim mrežama
U gusto-razgranatim mrežama u kojima dosta članova komunicira među sobom, zahteva se određeni broj tajnih ključeva u šifrovanju Kompleksnost algoritama raste kvadratno sa porastom broja učesnika obzirom da u potpuno-zatvorenoj, razgranatoj mreži svakom od n komunikacinih partnera mora da bude sigurno isporučeno (n-1) ključeva.

4 • Uzmimo primer široke komunikacione mreže sa 100 potpuno-razgranatih čvorova gde se ključ svake sesije menja svakog sata što rezultuje zahtevom da se distribuira oko ključeva svaki dan. • Kao što se može videti, distribucija tajnih ključeva se slabo menja sa porastom broja učesnika. Zato su dugo vremena ljudi tražili neku altrnativu za uspostavljanje sigurnih veza. Efikasno rešenje je najzad pronađeno 1976 sa novim konceptom kriptosistema sa javnim ključem.

5 Problem sigurne distribucije ključeva
KAB, KAC, KAD, KAE, KAF KAC, KBC, KCD, KCE, KCF KAB, KBC, KBD, KBE, KBF KAF, KBF, KCF, KDF, KEF KAE, KBE, KCE, KDE, KEF KAD, KBD, KCD, KDE, KDF Alice Bob Carol Dave Edna Fred Key Distribution Problem in Dense Networks • In densely-meshed networks where many parties communicate with each other, the required number of secret keys necessary when using symmetric encryption algorithms increases quadratically with the number of participants since in a fully-meshed network to each of the n communication partners (n-1) keys must be securely delivered. • Take as an example a broadband communications network with 100 fully-meshed nodes were each session key is changed every hour, resulting in a requirement to safely distribute about 240‘000 keys each day. • As can easily be seen, secret key distribution scales very badly with an increasing number of participants. Therefore for a long time people had been looking for alternative ways of establishing secure connections. A very efficient solution was finally found in 1976 with the novel concept of a Public Key Cryptosystem. Sigurna distribucija n2 ključeva Ključevi se moraju razmenjivati na siguran način

6 Sistem distribucije javnog ključa
KA KB KC KD KE Alice Bob Carol Dave Edna Fred javna distribucija n ključeva Ključ se može poslati putem interneta Javni direktorijum Alice : KA Bob : KB Carol : KC Dave : KD Edna : KE Fred : KF Public Key Distribution System • In a Public Key Cryptosystem each user or host possesses a single key pair consisting of a private key which is kept secret by the no and a matching public key which is published in a public directory (usually an LDAP or WWW server). • If a user Alice wants to send an encrypted message to user Bob then Alice encrypts her message with Bob‘s public key KB fetched from the public directory and sends it to Bob. Since Bob is the only one in possession of the matching private key, he alone can decrypt the encrypted message sent to him. • Since only the public key of the recipient is required, with n users only n distinct keys are required. Under the assumption that each user generates her own public/ private key pair locally, no secure channels are required for the distribution of the public keys, since the don‘t contain any secret and must be put into the public domain anyway.

7

8

9

10

11

12

13

14

15

16

17

18 Kriptografija sa javnim ključem
pronalazači Whitfield Diffie i Martin Hellman 1976 Ralph Merkle 1978 Alice Bob PUBKB PRIVKB C = fPUBKB(P) Šifrovanje jednosmernom funkcijom P = f-1PRIVKB(C) Joe P = f-1PUBKB(C) Računanje inverzne funkcije je ekstremno skupo Inventors of Public Key Cryptography • The concept of a Public Key Cryptosystem was invented at around the same time by Whitfield Diffie, Martin Hellman and Ralph Merkle. Whereas the first two researchers published their invention in 1976 and got all the fame, Ralph Merkle had the misfortune that the printing of his paper got delayed by more than a year so that it got published not until Today it is generally recognized that all three scientists are the fathers of public key cryptography. • Recently it became known that already in 1970, James Ellis, at the time working for the British government as a member of the Communications-Electronics Security Group (CESG), formulated the idea of a Public Key Cryptosystem. Several practical algorithms including one variant very similar to RSA and another one identical to the Diffie-Hellman key exchange were discovered within the CESG. Unfortunately the British researchers were not allowed to publish their results due to state security reasons. Basic Principles of Public Key Cryptography • All public key cryptosystems are based on the notion of a one-way function, which, depending on the public key, converts plaintext into ciphertext using a relatively small amount of computing power but whose inverse function is extremely expensive to compute, so that an attacker is not able to derive the original plaintext from the transmitted ciphertext within a reasonable time frame. • Another notion used in public key cryptosystems is that of a trap door which each one-way function possesses and which can only be activated by the legitimate user holding the private key. Using the trapdoor, decryption of the ciphertext becomes easy. • Many public key cryptosystems are based on known hard problems like the factoring of large numbers into their prime factors (RSA) or taking discrete logarithms over a finite field (Diffie-Hellman). Jednosmerne funkcije se obično zasnivaju na dobro poznatim teškim matematičkim problemima Faktorizacije Diskretni logaritamski problem

19 RSA kriptosistem sa javnim ključem
Razvili su ga 1978 Rivest, Shamir and Adleman (RSA) Ovo je najpopularniji kriptosistem sa javnim ključem Zasniva se na matematičkom problemu „faktorizacije celih brojeva“ 143 = 11*13

20 RSA kriptosistem sa javnim ključem Algoritam za generisanje ključa
Korak 1: Slučajno biramo dva velika prosta broja p i q Za maksimalnu sigurnost, biramo p i q približno jednake dužine, od bitova svaki. Korak 2: Računamo proizvod n = p·q Korak 3: Slučajno biramo broj e < (p-1)(q-1) Brojevi e i (p-1)(q-1) moraju biti uzajamno prosti, tj. Ne smeju da imaju zajedničke proste faktore. Korak 4: Računamo jedinstveni inverz d = e-1 mod (p-1)(q-1) Jednakost d·e mod (p-1)(q-1) = 1 može se rešiti korišćenjem Euklidovog algoritma.

21 RSA kriptosistem Primer generisanja ključa
p = 3, q = 11: n = p·q = 33 (p-1)·(q-1) = 2 · 10 = 2 · 2 · 5 = 20 Javni eksponent e mora biti uzajamno prost sa (p-1)·(q-1) , tj. on ne može imati 2 i 5 kao faktore. e d e·d e·d mod 20 Svi mogući izbori eksponenata e i d

22 RSA kriptosistem Javni i privatni ključevi
Javni ključ: moduo n i javni eksponent e n i e se objavljuju u javnom direktorijumu, Privatni ključ: moduo n i privatni eksponent d Privatni eksponent d je tvoj tajni ključ. On može biti zaštićen ili skladištenjem na čip kartici ili na disku uz šifrovanje simetričnom šifrom po tvom izboru. Veliki prosti brojevi p i q koji su korišćeni za generisanje ključa više nisu potrebni i mogu biti izbrisani.

23 RSA kriptosistem Šifrovanje i dešifrovanje
Šifrovanje bloka x otvorenog teksta: y = xe mod n Pošiljalac koristi javni ključ primaoca da šifruje x < n. Dešifrovanje bloka y šifrata: x = yd mod n Primalac koristi privatni ključ da otkrije blok x otvorenog teksta. Bez dokaza: yd = (xe)d = xe·d = xm·(p-1)·(q-1) + 1 = x1 = x (mod n) Šifrovanje i dešifrovanje su simetrične operacije Redosled stepenovanja javnim eksponentom e i privatnim stepenom d može biti promenjen.

24 Generisanje ključeva

25

26

27

28 RSA kriptosistem Primer šifrovanja / dešifrovanja
Šifrovanje javnim ključem n = 33, e = 3 Binarni otvoreni tekst Groupe od 5 Bitova Decimalni plaintext y = x y = x3 mod Dešifrovanje privatnim ključem n = 33, d = 7 Decimalni hipertext x = y x = y7 mod

29 RSA–576 izazova Pokušaj (napor) 576 bitni broj (174 decimalne cifre) Faktorisan 3. decembra posle 3 meseca rešavanja. Linux Cluster: 144 PCs with 400 MHz Pentium II procesori. Urađeno na Universitetu u Bonu, postprerađeno uz podršku BSIa. = ? = *

30 Šifrovanje RSA javnim ključem
Cena: $200,000 Status: Nije faktorisan Decimalne cifre : 617 Suma decimalnih cifara: 2738 Broj izazova Cena ($US) Status Datum prijave Podnosilac RSA-576 $10,000 faktorisano December 3, 2003 J. Franke et al. RSA-640 $20,000 Nije faktorisano RSA-704 $30,000 RSA-768 $50,000 RSA-896 $75,000 RSA-1024 $100,000 RSA-1536 $150,000 RSA-2048 $200,000 Not Factored

31

32

33

34

35

36

37

38

39

Download ppt "Kriptografija sa asimetričnim ključem"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Public Key Algorithms 4/17/2017 M. Chatterjee.

Public Key Algorithms 4/17/2017 M. Chatterjee.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.

Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.
1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.

1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.
Introduction to Public Key Cryptography

Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Andreas Steffen, 17.10.2011, 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.

Andreas Steffen, , 4-PublicKey.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Private Key Algorithms RSA SSL

Private Key Algorithms RSA SSL
Chapter 20 Symmetric Encryption and Message Confidentiality.

Chapter 20 Symmetric Encryption and Message Confidentiality.
1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS 4362 - CIS 5357 Network Security.

1 Lecture 9 Public Key Cryptography Public Key Algorithms CIS CIS 5357 Network Security.

Similar presentations

Ads by Google