Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public Key Cryptography & Message Authentication By Tahaei Fall 2012.

Published bySharlene Collins Modified over 9 years ago

Similar presentations

Presentation on theme: "Public Key Cryptography & Message Authentication By Tahaei Fall 2012."— Presentation transcript:

1 Public Key Cryptography & Message Authentication By Tahaei Fall 2012

2 Outline Approaches to Message Authentication Secure Hash Functions and HMAC Public-Key Cryptography Principles Public-Key Cryptography Algorithms Digital Signatures Key Management 2

3 Authentication Requirements: must be able to verify that: 1. Message came from apparent source or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence. Protection against active attack (falsification of data and transactions) 3

4 Approaches to Message Authentication Authentication Using Conventional Encryption –Only the sender and receiver should share a key Message Authentication without Message Encryption –An authentication tag is generated and appended to each message Message Authentication Code –Calculate the MAC as a function of the message and the key. MAC = F(K, M) 4

5 5

6 One-way HASH function 6

7 Ideally we would like to avoid encryption, because: –Encryption software is slow –Encryption hardware costs aren’t cheap –Hardware optimized toward large data sizes –Algorithms covered by patents –Algorithms subject to export control 7

8 One-way HASH function Secret value is added before the hash and removed before transmission 8

9 Secure HASH functions Purpose of the HASH function is to produce a ”fingerprint. Properties of a HASH function H : 1.H can be applied to a block of data at any size 2.H produces a fixed length output 3.H(x) is easy to compute for any given x. 4.For any given value h, it is computationally infeasible to find x such that H(x) = h 5.For any given block x, it is computationally infeasible to find with H(y) = H(x). 6.It is computationally infeasible to find any pair (x, y) such that H(x) = H(y) 9

10 Simple Hash Function One-bit circular shift on the hash value after each block is processed would improve 10

11 Other Secure HASH functions 11 SHA-1MD5RIPEMD-160 Digest length160 bits128 bits160 bits Basic unit of processing 512 bits Number of steps80 (4 rounds of 20) 64 (4 rounds of 16) 160 (5 paired rounds of 16) Maximum message size 2 64 -1 bits

12 HMAC(Hash-based MAC) Use a MAC derived from a cryptographic hash code, such as SHA-1. Motivations: –Cryptographic hash functions executes faster in software than encryptoin algorithms such as DES –Library code for cryptographic hash functions is widely available –No export restrictions from the US 12

13 HMAC Structure 13

14 Public-Key Cryptography Principles The use of two keys has consequences in: key distribution, confidentiality and authentication. The scheme has six ingredients (see Figure 3.7) –Plaintext –Encryption algorithm –Public and private key –Ciphertext –Decryption algorithm 14

15 Encryption using Public-Key system 15

16 Authentication using Public-Key System 16

17 Applications for Public-Key Cryptosystems Three categories: –Encryption/decryption: The sender encrypts a message with the recipient’s public key. –Digital signature: The sender ”signs” a message with its private key. –Key echange: Two sides cooperate two exhange a session key 17

18 Requirements for Public-Key Cryptography 1.Computationally easy for a party B to generate a pair (public key KU b, private key KR b ) 2.Easy for sender to generate ciphertext: 3.Easy for the receiver to decrypt ciphertect using private key: 18

19 Requirements for Public-Key Cryptography 4.Computationally infeasible to determine private key (KR b ) knowing public key (KU b ) 5.Computationally infeasible to recover message M, knowing KU b and ciphertext C 6.Either of the two keys can be used for encryption, with the other used for decryption: 19

20 Public-Key Cryptographic Algorithms RSA and Diffie-Hellman RSA - Ron Rives, Adi Shamir and Len Adleman at MIT, in 1977. –RSA is a block cipher –The most widely implemented Diffie-Hellman –Exchange a secret key securely –Compute discrete logarithms 20

21 The RSA Algorithm–Key Generation 1.Select p,q p and q both prime 2.Calculate n = p x q 3.Calculate 4.Select integer e 5.Calculate d 6.Public KeyKU = {e,n} 7.Private keyKR = {d,n} 21

22 The RSA Algorithm - Encryption Plaintext:M<n Ciphertext:C = M e (mod n) 22

23 The RSA Algorithm - Decryption Ciphertext:C Plaintext:M = C d (mod n) 23

24 RSA example 24 Bob chooses p=5, q=7. Then n=35, z=(p-1) (q-1)=24. e=5 (so e, z relatively prime). (d=29 (so ed-1 exactly divisible by z. letter m e c = m mod n e l 12 1524832 17 c m = c mod n d 17 481968572106750915091411825223071697 12 c d letter l encrypt: decrypt:

25 Example of RSA Algorithm 25

26 RSA: Why is that 26 m = (m mod n) e mod n d (m mod n) e mod n = m mod n d ed Useful number theory result: If p, q prime and n = pq, then: x mod n = x mod n yy mod (p-1)(q-1) = m mod n ed mod (p-1)(q-1) = m mod n 1 = m (using number theory result above) (since we chose ed to be divisible by (p-1)(q-1) with remainder 1 )

27 Diffie-Hellman Key Echange 27

28 Diffie-Hellman 28

29 Diffie-Hellman Alice and Bob agree to use a prime number p=23 and base g=5. Alice chooses a secret integer a=6, then sends Bob (g a mod p) –5 6 mod 23 = 8. Bob chooses a secret integer b=15, then sends Alice (g b mod p) –5 15 mod 23 = 19. Alice computes (g b mod p) a mod p –19 6 mod 23 = 2. Bob computes (g a mod p) b mod p –8 15 mod 23 = 2. base g : primitive root of p A primitive root of p is a number r such that any integer a between 1 and p-1 can be expressed by a=r^k mod p, with k a nonnegative integer smaller that p-1. 29

30 Other Public-Key Cryptographic Algorithms Digital Signature Standard (DSS) –Makes use of the SHA-1 –Not for encryption or key echange Elliptic-Curve Cryptography (ECC) –Good for smaller block size –Low confidence level, compared with RSA –Very complex 30

31 Message Authentication Code 31 m s (shared secret) (message) H(. ) H(m+s) public Internet append m H(m+s) s compare m H(m+s) H(. ) H(m+s) (shared secret)

32 MACs in practice MD5 hash function widely used (RFC 1321) –computes 128-bit MAC in 4-step process. –arbitrary 128-bit string x, appears difficult to construct msg m whose MD5 hash is equal to x recent (2005) attacks on MD5 SHA-1 is also used –US standard [ NIST, FIPS PUB 180-1] –160-bit MAC 32

33 Digital Signatures cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator. verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document 33

34 Digital Signatures simple digital signature for message m: Bob “signs” m by encrypting with his private key K B, creating “signed” message, K B (m) 34 Dear Alice Oh, how I have missed you. I think of you all the time! …(blah blah blah) Bob Bob’s message, m public key encryption algorithm Bob’s private key K B - Bob’s message, m, signed (encrypted) with his private key K B - (m)

35 Digital Signatures (more) suppose Alice receives msg m, digital signature K B (m) Alice verifies m signed by Bob by applying Bob’s public key K B to K B (m) then checks K B (K B (m) ) = m. if K B (K B (m) ) = m, whoever signed m must have used Bob’s private key. Alice thus verifies that: üBob signed m. üNo one else signed m. üBob signed m and not m’. non-repudiation: Alice can take m, and signature K B (m) to court and prove that Bob signed m. 35

36 Digital signature = signed MAC 36 large message m H: hash function H(m) digital signature (encrypt) Bob’s private key K B - + Bob sends digitally signed message: Alice verifies signature and integrity of digitally signed message: K B (H(m)) - encrypted msg digest K B (H(m)) - encrypted msg digest large message m H: hash function H(m) digital signature (decrypt) H(m) Bob’s public key K B + equal ?

37 Public Key Certification public key problem: When Alice obtains Bob’s public key (from web site, e-mail, diskette), how does she know it is Bob’s public key, not Trudy’s? solution: trusted certification authority (CA) 37

38 Certification Authorities Certification Authority (CA): binds public key to particular entity, E. E registers its public key with CA. –E provides “proof of identity” to CA. –CA creates certificate binding E to its public key. –certificate containing E’s public key digitally signed by CA: CA says “This is E’s public key.” 38 Bob’s public key K B + Bob’s identifying information digital signature (encrypt) CA private key K CA - K B + certificate for Bob’s public key, signed by CA - K CA (K ) B +

39 Certification Authorities when Alice wants Bob’s public key: –gets Bob’s certificate (Bob or elsewhere). –apply CA’s public key to Bob’s certificate, get Bob’s public key 39 Bob’s public key K B + digital signature (decrypt) CA public key K CA + K B + - K (K ) B +

40 A certificate contains 40 Serial number (unique to issuer) info about certificate owner, including algorithm and key value itself (not shown) r info about certificate issuer r valid dates r digital signature by issuer

41 Key ManagementPublic-Key Certificate Use 41

Download ppt "Public Key Cryptography & Message Authentication By Tahaei Fall 2012."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Cryptography. 8: Network Security8-2 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption.

Cryptography. 8: Network Security8-2 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.
Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Network Security understand principles of network security:

Network Security understand principles of network security:
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)
Chapter3 Public-Key Cryptography and Message Authentication.

Chapter3 Public-Key Cryptography and Message Authentication.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.

Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.
PULIC –KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION.

PULIC –KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION.
Chapter 31 Network Security

Chapter 31 Network Security
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden +46 470 70 86.

1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden

Similar presentations

Ads by Google