Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIT 380: Securing Computer Systems

Published byMiranda Turner Modified over 6 years ago

Similar presentations

Presentation on theme: "CIT 380: Securing Computer Systems"— Presentation transcript:

1 CIT 380: Securing Computer Systems
Modern Cryptography CIT 380: Securing Computer Systems

2 CIT 380: Securing Computer Systems
Overview Cryptographic Checksums Hash Functions HMAC Number Theory Review Public Key Cryptography One-Way Trapdoor Functions Diffie-Helman RSA Modern Steganography CIT 380: Securing Computer Systems

3 CIT 380: Securing Computer Systems
Hash Functions Checksum to verify data integrity. Hash Function h: AB Input A: variable length Output B: fixed length “fingerprint” of input Many inputs produce same output. Example Hash Function Sum 32-bit words of message mod 232. CIT 380: Securing Computer Systems

4 Hash Function: ASCII Parity
ASCII parity bit ASCII has 7 bits; 8th bit is for “parity” Even parity: even number of 1 bits Odd parity: odd number of 1 bits Bob receives “ ” as bits. Sender is using even parity; 6 1 bits, so character was received correctly Note: could be garbled, but 2 bits would need to have been changed to preserve parity Sender is using odd parity; even number of 1 bits, so character was not received correctly CIT 380: Securing Computer Systems

5 Cryptographic Checksums
Hash with authentication/integrity protection Cannot obtain original message from hash. Cannot find another message with same hash. Additional Names Message Authentication Code Message Digest CIT 380: Securing Computer Systems

6 CIT 380: Securing Computer Systems
One-Way Function Function f easy to compute, hard to reverse Given x, easy to calculate f(x). Given f(x), hard to compute x. What’s easy and what’s hard? easy: polynomial time hard: exponential time Are there any one-way functions? CIT 380: Securing Computer Systems

7 Cryptographic Checksum Definition
A function h: AB such that: For any x IN A, h(x) is easy to compute. For any y IN B, it is computationally infeasible to find x IN A such that h(x) = y. It is computationally infeasible to find x, x´ IN A such that x ≠ x´ and h(x) = h(x´). CIT 380: Securing Computer Systems

8 CIT 380: Securing Computer Systems
Collisions If x ≠ x´ and h(x) = h(x´), x and x´ collide. Pigeonhole principle: if there are n containers for n+1 objects, then at least one container will have 2 objects in it. Application: suppose n = 5 and k = 3. Then there are 32 elements of A and 8 elements of B, so at least one element of B has at least 4 corresponding elements of A. CIT 380: Securing Computer Systems

9 Hash Function Examples
Input “Cryptography” Output (base64 encoded): MD5 (128-bit) 64ef07ce3e4b420c334227eecb3b3f4c SHA1 (160-bit) b804ec5a0d83d19d8db908572f d09f98 CIT 380: Securing Computer Systems

10 CIT 380: Securing Computer Systems
Keyed Hash Function Hash function + secret key Why? Authentication How? Symmetric encryption algorithm Use last 64 bits of DES in CBC mode. HMAC algorithm Incorporate key into a keyless hash algorithm. Created to avoid export restrictions on encryption algorithms. CIT 380: Securing Computer Systems

11 CIT 380: Securing Computer Systems
HMAC HMAC = Hash Function + Key Inputs: h: keyless cryptographic checksum function that takes data in blocks of b bytes and outputs blocks of l bytes. k: cryptographic key. k´: k modified to be of length b. If short, pad with 0 bytes. If long, hash to length b. CIT 380: Securing Computer Systems

12 CIT 380: Securing Computer Systems
HMAC HMAC-h(k, m) = h(k´  opad || h(k´  ipad || m))  exclusive or || concatenation ipad is repeated b times. opad is repeated b times. Security depends on security of hash function h. CIT 380: Securing Computer Systems

13 Current State of Hash Functions
MD4, MD5, SHA-0 Collisions (2004) SHA-1 Collisions (2005) Effort required is 269 instead of 280. No effective pre-image attacks discovered yet. What’s the impact? Attacker could create two documents. Document A requires payment of $500. Document B requires payment of $50,000. Digital signatures sign MAC, not document. Both documents have same MAC. Use SHA-256 for now. CIT 380: Securing Computer Systems

14 CIT 380: Securing Computer Systems
Number Theory Review Prime Numbers Fundamental Theorem of Arithmetic Greatest Common Divisors Relatively Prime Numbers Modular Inverses Euler’s Totient Function CIT 380: Securing Computer Systems

15 Fundamental Thm of Arithmetic
Definition: An integer n > 1 is prime if its only factors are 1 and n. Definition: An integer n > 1 that is not prime is composite. Theorem: An integer n > 1 can be written as a product of prime numbers. n = p1a p2b p3c p4d … CIT 380: Securing Computer Systems

16 Greatest Common Divisor
Definition: The greatest common divisor of integers a and b > 0, gcd(a,b) is the largest number that divides both a and b. Definition: Two integers a and b > 0 are relatively prime if gcd(a,b) = 1. Theorem: If n is prime, then every integer from 1 to n-1 is relatively prime to n. CIT 380: Securing Computer Systems

17 CIT 380: Securing Computer Systems
Modular Inverses Multiplicative Inverse: The inverse of a number x is a number x-1 such that xx-1 = 1. Modular Inverse: An integer x-1 such that 1 = (x x-1) mod n There is not always a solution. 2 has no inverse mod 16 A unique solution exists if x and n are relatively prime. CIT 380: Securing Computer Systems

18 Euler Totient Function
Euler’s totient function (n) Number of positive integers less than n and relatively prime to n. Example: (10) = 4 1, 3, 7, 9 are relatively prime to 10 Theorem: If gcd(a,b)=1, (ab) = (a) (b) Note: If n is prime, (n) = n – 1 Result: If a, b prime, (ab) = (a-1)(b-1) CIT 380: Securing Computer Systems

19 Euler’s Totient Theorem
Theorem: If n > 1 and gcd(a,n) = 1, then a(n) mod n = 1. Corollary: If n > 1 and gcd(a,n) = 1, then a(n)-1 mod n is the modular inverse of a mod n. CIT 380: Securing Computer Systems

20 Why do we need PK Cryptography?
Classical cryptography session: Alice and Bob agree on algorithm. Alice and Bob agree on key. Alice encrypts her message with agreed upon algorithm and key. Alice sends ciphertext message to Bob. Bob decrypts ciphertext with same algorithm and key as Alice used. CIT 380: Securing Computer Systems

21 Public Key Cryptography
Two keys Private key known only to owner. Public key available to anyone. Applications Confidentiality: Sender enciphers using recipient’s public key, Receiver deciphers using their private key. Integrity/authentication: Sender enciphers using own private key, Recipient deciphers using sender’s public key. CIT 380: Securing Computer Systems

22 CIT 380: Securing Computer Systems
Requirements It must be computationally easy to encipher or decipher a message given the appropriate key. It must be computationally infeasible to derive the private key from the public key. It must be computationally infeasible to determine the private key from a chosen plaintext attack. CIT 380: Securing Computer Systems

23 One-Way Trapdoor Functions
Trapdoor one-way Function: One-way function whose inverse is easy to calculate only if given a special piece of information. Example: Prime factoring Easy to calculate product. Difficult to calculate prime factors from product. Easy to calculate one prime factor, given others. CIT 380: Securing Computer Systems

24 CIT 380: Securing Computer Systems
Diffie-Hellman Compute a common, shared key Called a symmetric key exchange protocol. Based on discrete logarithm problem Given integers n and g and prime number p, compute k such that n = gk mod p. Solutions known for small p. Computationally infeasible for large p. CIT 380: Securing Computer Systems

25 CIT 380: Securing Computer Systems
Algorithm Shared Constants prime modulus p, integer base g ≠ {0, 1, p–1} Procedure User A(lice) chooses a private key k. Computes public key K = gk mod p. Enciphers user B(ob) public key using own private key to obtain the shared key S. Encrypt msgs w/ symmetric cipher using S key. CIT 380: Securing Computer Systems

26 CIT 380: Securing Computer Systems
Algorithm Alice chooses private key kAlice, computes public key KAlice = gkAlice mod p. To communicate with Bob, Alice computes Kshared = KBobkAlice mod p To communicate with Alice, Bob computes Kshared = KAlicekBob mod p Modular exponentiation ensures SA,B = SB,A. For practical use, p must be very large. CIT 380: Securing Computer Systems

27 CIT 380: Securing Computer Systems
Example Assume p = 53 and g = 17 Alice chooses kAlice = 5 Then KAlice = 175 mod 53 = 40 Bob chooses kBob = 7 Then KBob = 177 mod 53 = 6 Shared key: KBobkAlice mod p = 65 mod 53 = 38 KAlicekBob mod p = 407 mod 53 = 38 CIT 380: Securing Computer Systems

28 CIT 380: Securing Computer Systems
RSA Exponentiation cipher, not just key exchange. Relies on the difficulty of determining the number of numbers relatively prime to a large integer n. CIT 380: Securing Computer Systems

29 CIT 380: Securing Computer Systems
Algorithm Choose two large prime numbers p, q Let n = pq; then (n) = (p–1)(q–1) Choose e < n such that e relatively prime to (n). Compute inverse of e, d ed mod (n) = 1 Public key: (e, n) Private key: d Encipher: c = me mod n Decipher: m = cd mod n For d to decrypt text enciphered with e, we must have (xe)d = x mod n Euler’s theorem asserts that if gcd(x,n) = 1 then x(n) = 1 mod n Thus d * e = 1 mod (n) CIT 380: Securing Computer Systems

30 Example: Confidentiality
Take p = 7, q = 11, so n = 77 and (n) = 60 Alice chooses e = 17, making d = 53 Bob wants to send Alice secret message HELLO ( ) 0717 mod 77 = 28 0417 mod 77 = 16 1117 mod 77 = 44 1417 mod 77 = 42 Bob sends CIT 380: Securing Computer Systems

31 CIT 380: Securing Computer Systems
Example Alice receives Alice uses private key, d = 53, to decrypt message: 2853 mod 77 = 07 1653 mod 77 = 04 4453 mod 77 = 11 4253 mod 77 = 14 Alice translates message to letters to read HELLO No one else could read it, as only Alice knows her private key and that is needed for decryption. CIT 380: Securing Computer Systems

32 Ex: Integrity/Authentication
Take p = 7, q = 11, so n = 77 and (n) = 60 Alice chooses e = 17, making d = 53 Alice wants to send Bob message HELLO ( ) so Bob knows it is what Alice sent (no changes in transit, and authenticated) 0753 mod 77 = 35 0453 mod 77 = 09 1153 mod 77 = 44 1453 mod 77 = 49 Alice sends CIT 380: Securing Computer Systems

33 CIT 380: Securing Computer Systems
Example Bob receives Bob uses Alice’s public key, e = 17, n = 77, to decrypt message: 3517 mod 77 = 07 0917 mod 77 = 04 4417 mod 77 = 11 4917 mod 77 = 14 Bob translates message to letters to read HELLO Alice sent it as only she knows her private key If (enciphered) message’s blocks (letters) altered in transit, would not decrypt properly CIT 380: Securing Computer Systems

34 CIT 380: Securing Computer Systems
Example: Both Alice wants to send Bob message HELLO both enciphered and authenticated (integrity-checked) Alice’s keys: public (17, 77); private: 53 Bob’s keys: public: (37, 77); private: 13 Alice enciphers HELLO ( ): (0753 mod 77)37 mod 77 = 07 (0453 mod 77)37 mod 77 = 37 (1153 mod 77)37 mod 77 = 44 (1453 mod 77)37 mod 77 = 14 Alice sends CIT 380: Securing Computer Systems

35 CIT 380: Securing Computer Systems
Security Services Confidentiality Only the owner of the private key knows it, so text enciphered with public key cannot be read by anyone except the owner of the private key. Authentication Only the owner of the private key knows it, so text enciphered with private key must have been generated by the owner. CIT 380: Securing Computer Systems

36 More Security Services
Integrity Enciphered letters cannot be changed undetectably without knowing private key. Non-Repudiation Message enciphered with private key came from someone who knew it. CIT 380: Securing Computer Systems

37 CIT 380: Securing Computer Systems
Warnings Encipher message in blocks considerably larger than the examples here If 1 character per block, RSA can be broken using statistical attacks (just like classical cryptosystems.) Attacker cannot alter letters, but can rearrange them and alter message meaning. Ex: reverse ciphertext of message ON to get NO CIT 380: Securing Computer Systems

38 CIT 380: Securing Computer Systems
Using gpg Generate a public/private keypair zappa> gpg --gen-key Please select what kind of key you want: (1) DSA and ElGamal (default) (2) DSA (sign only) (4) RSA (sign only) Your selection? 1 Add no-greeting no-secmem-warning to your .gnupg/gpg.conf file. Green’s CPU limit will prevent you from generating a key there. CIT 380: Securing Computer Systems

39 Using gpg: exchanging keys
Giving someone your public key gpg --export --armor your_ _addr Adding someone’s public key to your key ring gpg --import jameskey.pub Confirming that you’ve got their key gpg --fingerprint james Trusting their key gpg –edit-key james > sign CIT 380: Securing Computer Systems

40 CIT 380: Securing Computer Systems
Using gpg: encryption Encryption: Import public key of recipient gpg --output file.gpg --encrypt --armor --recipient file.txt Decryption: gpg --output file.txt --decrypt file.gpg CIT 380: Securing Computer Systems

41 Using gpg: digital signatures
Digitally sign a file using your key gpg --output file.sig --armor --sign file.txt Verify a digital signature gpg --verify file.sig gpg: Signature made Sat Feb 28 14:54: EST using DSA key ID gpg: Good signature from "James Walden CIT 380: Securing Computer Systems

42 CIT 380: Securing Computer Systems
Steganography Hiding messages in another text (the covertext) so that no one except intended recipient knows a message has been sent. Wax Tablets: In ancient times, messages were written in wax poured on top of a stone or wood tablet. Messages were hidden by engraving them in the stone then pouring wax over them. Invisible Ink: Write message using lemon juice on paper. Write covertext in regular ink after dries. Heat to view hidden message. Null Cipher: Hide message in ordinary text, using nth letter of each word, or every nth word of the message. CIT 380: Securing Computer Systems

43 Digital Steganography
Choose a cover medium file. JPEG, MP3, etc. Identify redundant bits in cover medium. Low order bits in image and audio files. Replace subset of redundant data with secret message. Send steganographic file to recipient. CIT 380: Securing Computer Systems

44 JSteg: JPEG Steganography
JPEG image format For each color component, a discrete cosine transform (DCT) transforms successive 8x8 pixel blocks into 64 DCT coefficients. Quantize DCT coefficients. Derek Upham’s JSteg algorithm LSBs of DCT coefficients are redundancy. Modification of a single DCT coef affects all 64 pixels. Frequency domain changes are not visually observable. CIT 380: Securing Computer Systems

45 CIT 380: Securing Computer Systems
Steganalysis Compare steganographic file with original. 100% effective at identifying presence. Original file is “secret key” of steganography. Statistical analysis Inserting high entropy changes histogram of color frequencies in predictable ways. Reduces frequency difference between adjacent colors. Countermeasures Insert less information to reduce impact. Choose DCT coefficients to modify at random. Alternate +/- DCT coefficient value to encode bits. Use parity of groups of DCT LSBs to encode a message. CIT 380: Securing Computer Systems

46 CIT 380: Securing Computer Systems
Key Points Two types of cryptosystems: classical (symmetric) public key (asymmetric) Cryptographic checksums provide integrity check. One-way functions. Keyed hash functions. Public Key Cryptography One-way trapdoor functions. Confidentiality: encipher with public, deciper with private Integrity: encipher with private, decipher with public Steganography Hiding existence of message inside other data. CIT 380: Securing Computer Systems

47 CIT 380: Securing Computer Systems
References Matt Bishop, Introduction to Computer Security, Addison-Wesley, 2005. Cryptography Research, “Hash Collision FAQ,” Paul Garrett, Making, Breaking Codes: An Introduction to Cryptology, Prentice Hall, 2001. Steven Levy, Crypto, Penguin Putnam, 2002. Wenbo Mao, Modern Cryptography: Theory and Practice, Prentice Hall, 2004. Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996. Bruce Schneier, Applied Cryptography, 2nd edition, Wiley, 1996. NIST, FIPS-198a, “The Keyed-Hash Message Authentication Code (HMAC)”, Niels Provos and Peter Honeyman, “Hide and Seek: An Introduction to Steganography,” IEEE Security & Privacy, May/June 2003. John Viega and Gary McGraw, Building Secure Software, Addison-Wesley, 2002. CIT 380: Securing Computer Systems

Download ppt "CIT 380: Securing Computer Systems"

Similar presentations

Public Key Encryptions CS461/ECE422 Fall 2011. Reading Material Text Chapters 2 and 20 Handbook of Applied Cryptography, Chapter 8 –

Public Key Encryptions CS461/ECE422 Fall Reading Material Text Chapters 2 and 20 Handbook of Applied Cryptography, Chapter 8 –
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)

Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
RSA Exponentiation cipher

RSA Exponentiation cipher
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Hash Functions Nathanael Paul Oct. 9, 2002. Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Public Key Cryptography and Cryptographic Hashes CS461/ECE422 Fall 2009.

Public Key Cryptography and Cryptographic Hashes CS461/ECE422 Fall 2009.
CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.

CSCI 172/283 Fall 2010 Public Key Cryptography. New paradigm introduced by Diffie and Hellman The mailbox analogy: Bob has a locked mailbox Alice can.
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.

Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.

Similar presentations

Ads by Google