Download presentation
Presentation is loading. Please wait.
Published byGeorge Stephens Modified over 9 years ago
1
Andy’s Basic Crypto Course (ABC) Part 1 - Introduction
2
Today ▪ Intro ▪ Security Properties (CIA) ▪ The building blocks of cryptography ▪ Basic Crypto-System and assumptions
3
Intro ▪ Why should I care? – Importance to your job – Importance to you – Ubiquity and hence relevance to most IT ▪ Standard disclaimer – The limitations of a “crypto-only” approach.
4
Aims of the course ▪ Emphasis on being a “knowledgeable user” of cryptography : – Not concerned with cryptanalysis of ciphers, difficult mathematical analysis – Not aiming to make you an “expert” – I certainly am not – What are the building blocks – and what security properties do they provide. ▪ Basic understanding of the building blocks: – Symmetric cryptography ▪ Cipher Choice – sensible default choices ▪ Modes of operation and trials/tribulations of those – Asymetric Cryptography ▪ Principles of key pairs and asymmetric operations and pitfalls ▪ PKI – What it is and what is isn’t – Some stuff about HSMs, Key management – Walkthrough of some commonly deployed security protocols and mistakes.
5
Security Properties Confidentiality First thing people think of with regards cryptography “Someone without the key can’t see”. Integrity Contents weren’t modified Usually linked to “Authenticity” control Authenticity The source of the data is who we expect it to be It can’t have been forged.
6
A Basic Cryptosystem Alice wants to send a message to Bob such that nobody else (Eve the eavesdropper for example) can see it. What do Alice and Bob have to agree on ?
7
What to assume about the “bad guy” ▪ You need to be pessimistic! ▪ Assume the know which ciphers you used ▪ Assume they know which software you used ▪ Assume they have access to all of your cipher-text ▪ Assume the have some of your plaintext messages ▪ Two absolute no-go things: – “proprietary” algorithms or modes of operation – Laugh at the vendor and walk away. – Reliance on the attacker not knowing something other than the key
8
Symmetric Cryptography ▪ The symmetry applies to the key – same key to Encrypt and Decrypt ▪ Cipher ▪ Modes – Block – Stream
9
ECB ▪ Take one block at a time ▪ Apply the cipher to encrypt that block ▪ Append the results into the ciphertext ▪ The decryption is the exact opposite (remember – with the same key).
10
ECB – Example in Java. ▪ Cryptographic operations tend to operate on binary data – hence – Beware charsets and the like in java (in C you have char* yay). ▪ Note that we had to select a way of padding out plaintext to a multiple of the block size (pkcs5) – seams innocuous – but isn’t! We’ll see examples of a “padding attack” later! try { String plaintext="Mary Had a Little Lamb"; Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding","SunJCE"); SecretKeySpec secretKeySpec= new SecretKeySpec("deadbeefdeadbeef".getBytes(), "AES"); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec); byte[] encrypted = cipher.doFinal(plaintext.getBytes()); } catch (Exception e) { Logger.getLogger(CryptoWeek1.class.getName()).log(Level.SEVERE, null, e); }
11
Why you should rarely if ever use ECB ▪ Original on the left ▪ Encrypted image contents on the right ▪ Clearly there is more to it !!!!!! ▪ Generally ECB only used in key derivation operations – never used on data.
12
Optional Homework ▪ Read up on the problem we just saw with ECB mode ▪ Using a language of your choice write a simple program which encrypts and decrypts a file using ECB mode ▪ If you wish to – read up on why ECB is potentially dangerous.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.