Download presentation
Presentation is loading. Please wait.
Published byDebra Fisher Modified over 6 years ago
1
Introduction to Symmetric-key and Public-key Cryptography
2
Overview Cryptography: secure communication over insecure communication channels Three goals Confidentiality Only authorized people can see the message Integrity If the message is tampered by an attacker, we can know Authenticity We can check whether a message is from a given person
3
Brief History of Crypto
2,000 years ago Caesar Cypher: shifting each letter forward by a fixed amount Encode and decode by hand During World War I/II Mechanical era: a mechanical device for encrypting messages After World War II Modern cryptography: rely on mathematics and electronic computers
4
Plaintext and ciphertext
Plaintext is the message before encryption Ciphertext is the encrypted message
5
Modern Cryptography Symmetric-key cryptography
The same secret key is used by both endpoints of a communication Public-key cryptography (or asymmetric cryptography) Two endpoints use different keys
6
Roadmap Symmetric-key cryptography Public-key cryptography
Confidentiality Block cipher Stream cipher Integrity & authenticity HMAC Public-key cryptography Public-key encryption Digital signature
7
Symmetric-key cryptography :Block Cipher
Encrypt/Decrypt messages in fixed size blocks using the same secret key k-bit secret key n-bit plaintext/ciphertext n bits n bits E, D Plaintext Block Ciphertext Block Key k Bits
8
Examples of Block Cipher
DES - Data Encryption Standard (1977) Works on 64 bit block with 56 bit keys Developed by IBM (Lucifer) improved by NSA Brute force attack feasible in 1997 AES – Advanced Encryption Standard (1997) Block size 128 bits Key can be 128, 192, or 256 bits
9
Modes of Operation Block ciphers encrypt fixed size blocks
eg. DES encrypts 64-bit blocks with 56-bit key Need to en/decrypt arbitrary amounts of data NIST SP A defines 5 modes of operation Divide a long message into blocks and encypt each one using a block cipher
10
Stream cipher For a message with a length k
Generate a key with length k This is often a pseudo-random bit stream generated from a master secret key Encryption and decryption are simple Examples RC4 (insecure) ChaCha20-Poly1305
11
Hash functions Properties Variable input size
Fixed output size (e.g., 512 bits) Efficient to compute Pseudo-random (mixes up input well)
12
Cryptographic hash functions
Cryptogtaphic hash functions add conditions Preimage resistance Given h, intractable to find y such that H(y)=h Second preimage resistance Given x, intractable to find y≠x such that H(y)=H(x) Collision resistance Intractable to find x, y such that y≠x and H(y)=H(x)
13
We have a cryptographic hash function crisis
Popular hash function MD5 Thoroughly broken Government standard function SHA-1, SHA-2 Theoretical weaknesses “New” cryptographic hash function SHA-3 Too new to fully evaluate Maybe good enough
14
Message Integrity: Hashed Message Authentication Codes (HMACs)
Goal: provide message integrity and authenticity ex: Protecting public binaries on disk. k k Message m tag Alice Bob Generate tag: tag S(k, m) Verify tag: V(k, m, tag) = `yes’ ?
15
HMAC Most widely used MAC on the Internet. H: hash function.
example: SHA-256; output is 256 bits Building a MAC out of a hash function: Standardized method: HMAC S( k, m ) = H( kopad , H( kipad , m ) ) opad, ipad: fixed strings
16
Public key encryption Def: a public-key encryption system is a triple of algs. (G, E, D) G(): randomized alg. outputs a key pair (pk, sk) E(pk, m): randomized alg. that takes m∈M and outputs c ∈C D(sk, c): det. alg. that takes c∈C and outputs m∈M or ⊥ Consistency: ∀(pk, sk) output by G : ∀m∈M: D(sk, E(pk, m) ) = m
17
Building Block: Trapdoor Functions (TDF)
Def: a trapdoor function over X is a triple of efficient algs. (G, F, F-1) G(): randomized alg. outputs a key pair (pk, sk) F(pk,⋅): deterministic alg. that defines a function X ⟼ Y F-1(sk,⋅): defines a function Y ⟼ X that inverts F(pk,⋅) Security: (G, F, F-1) is secure if F(pk, ⋅) is a “one-way” function: given F(pk, x) and pk it is difficult to find x for all x in X: F-1(sk, F(pk, x) ) = x
18
Example TDF: RSA set N pq (3072 bits 925 digits)
alg. G(): generate two equal length primes p, q set N pq (3072 bits 925 digits) set e = 65537 set d e-1 (mod (N)) pk = (N, e) ; sk = (N, d) RSA(pk, x) : x (xe mod N) Inverting this function is believed to be as hard as factoring N RSA-1(sk, y) : y (yd mod N)
19
Public Key Encryption with a TDF
G(): generate pk and sk E(pk, m): choose random x domain(F) and set k H(x) c0 F(pk, x) , c1 E(k, m) (E: symm. cipher) send c = (c0, c1) D(sk, c=(c0,c1) ): x F-1(sk, c0) , k H(x) , m D(k, c1) c0 c1
20
Digital signature Bind message to author
An author uses its private key to create a signature Signature is different for different message Anyone can verify the signature with the author’s public key It is hard for attackers to forge a signature for a message without knowing the private key
21
Digital Signatures: applications
Software distribution Windows Update File Microsoft’s signature on file
22
Certificates How we can know a public key belongs to the author?
Use certificate A trusted third party issues a digital certificate saying that a public key belongs to the author Widely used in Internet
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.