Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Chap 1: Introduction Some background –The message is usually represented as M or P (plaintext), the encryption result is usually represented as C (ciphertext).

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Chap 1: Introduction Some background –The message is usually represented as M or P (plaintext), the encryption result is usually represented as C (ciphertext)."— Presentation transcript:

1 1 Chap 1: Introduction Some background –The message is usually represented as M or P (plaintext), the encryption result is usually represented as C (ciphertext). –C usually has the same length as M or even longer –E(M) = C, D(C) = M –D(E(M)) = M –Can you apply the encryption and decryption algorithm to some random sequence?

2 2 What functionality can the encryption algorithms provide: –Confidentiality –Authentication –Integrity –Non-repudiation

3 3 Introduction Two kinds of cryptographic algorithms –Keep the method secret Good: safe for low security requirement Bad: user group dynamics, proof of correctness, how to communicate with outsider, reverse engineering –Make the algorithm public but keep the key secret Now the encryption/decryption algorithms need the key as a parameter Safety depends on the key only Good: safety analysis can be conducted, have standard implementation (user can setup the key)

4 4 Introduction (cnt’d) Symmetric algorithms –The encryption and decryption key can be calculated from each other easily (most of the time the same). –Block algorithms and stream algorithms DES and XOR operation –Good: efficient and fast, easy to deploy –Bad: key pre-distribution, scalability, broadcast or multicast, proof to third party

5 5 Introduction (cnt’d) Public-key encryption –First appear in 1970’s –Two keys: public key and private key –Private key cannot be derived from public key –Everyone can send a packet to Alice –Only Alice has the private key to recover the packet –If Alice uses the private key to encrypt a message, can be viewed as a digital signature –Strong, scalable, easy for broadcast and multicast, but very slow

6 6 Introduction (cnt’d) Attack to encryption system –Cipher-text only attack The amount of traffic matters –Known plaintext attack: try to get the key or a method to decrypt –Chosen plaintext attack: try to get the key or a method to decrypt –It is not difficult to have the 2 nd or 3 rd type of attack Key point –Keep the cost to break the system higher than the gain of the information

7 7 Introduction (cnt’d) Can you always break an encryption system? –One time pad –Brute-force attack: Try every possible key –Make it impossible in practical world How much energy required to flip a bit in the memory, and how much memory we are generating per year. Real example at NASA How much aluminum is needed to store 1TB data, and how much aluminum do we have on the Earth.

8 8 Introduction (cnt’d) Several old fashion encryption algorithms –Substitution ciphers Replace a character in the plaintext with another character Replace a multi-char group with another multi-char group Example: Caesar cipher Try to figure out the length of the key –Transposition ciphers Shuffle the order of characters The frequency of characters does not change –XOR and one-time pad: Many good properties of XOR If the random bits repeat in cycle, it is dangerous Synchronization at both side is always a problem

9 9 Vigenère Cipher Like Caesar cipher, but use a longer key Example –Message THE BOY HAS THE BALL –Key VIG ( right shift 21, 8, 6 times, then start again ) –Encipher using Caesar cipher for each letter: key VIG VIG VIG VIG VIGV plain THE BOY HAS THE BALL cipher OPKWWE CIY OPK WIRG

10 10

11 11 Chap 2: Building blocks There are hundreds of security related protocols, fortunately, only a limited number of building blocks are involved Secure blocks may construct not-secure protocols How to organize these blocks shows the skills of the researchers Security protocols: –Prevent eavesdroppers –Prevent or detect cheaters

12 12 Building blocks (cnt’d) Classification of protocols –Arbitrated Protocols Example: Buying a used car from a stranger Good: simple, everyone feels safe Bad: how to find the Trusted Third Party (TTP) on the network, who will pay the cost, bottleneck at TTP, single point of failure

13 13 Building blocks (cnt’d) Classification of protocols –“Judge” Involved Protocols TTP get in only when disagreement arise Similar to the difference between prevention and detection Good: avoid the bottleneck Bad: still need to keep the TTP, and need to keep evidence now

14 14 Building blocks (cnt’d) Classification of protocols –Self enforced protocols The best group of protocols If one party wants to cheat, the other party can detect and abort the procedure Good: avoid the bottleneck Bad: usually more complicated and more overhead

15 15 Block 1: one way functions One way function is easy to calculate in one direction, but not the other. –Given x, easy to get f(x) –Given f(x), even f() is known, still not easy to get a x that satisfies f(x) Trap door one way function –Given x, easy to calculate f(x) –Given f(x), difficult to get x –Given f(x) and a secret y, easy to get x –Think about asymmetric encryption

16 16 Block 1: one way hash function Map a variable-length input string to a fixed length string: fingerprint the file –Easy to get Hash(x) when giving x –Almost impossible to find a x that satisfies Hash(x) –Almost impossible to find two files x and x’ to have the same hash value –Minor change in x, large changes in Hash(x) Since the hash value is shorter, we have conflict: –We can easily rule out files, but not guarantee this is the origin file –Still good enough in courts, like DNA tests

17 17 Block 1: one way hash function Usage of hash function –Timestamp a file and prove that you are the creator (can be used to timestamp the homework) –MD5 values of the downloaded files –A commitment that cannot be easily changed –Verify the integrity of the files in a file system Security problems: how and where to save the hash values Use a secret key k, do not store k on the computer, use Hash(x, k) to prevent change on the computer: usually called MAC code (message authentication code)

18 18 Block 2: communication using symmetric crypto algorithms Steps: (1) Alice and Bob agree on a key k and an encryption algorithm (2) Alice calculates E_k (message) and sends the cipher text to Bob (3) Bob decrypts the message and gets the plaintext Problems –How to determine the key: must in a secret place –How to convince other people it is from Alice instead of Bob –Number of keys increases fast, not scalable

19 19 Block 3: communication using asymmetric crypto algorithms First appeared in 1976, proposed by Diffie and Hellman Two keys: public key and private key, it is almost impossible to get private key from public key. A certain kind of trap door one way functions: private key is the secret Steps: (1)Alice and Bob agree on a public key encryption algorithm (2)Bob sends his public key to Alice (3) Alice calculates E_pubB (message) and sends the cipher text to Bob (4) Bob decrypts the message with the private key and gets the plaintext

20 20 Block 3: communication using asymmetric crypto algorithms Solve the problem in symmetric crypto methods: the key can be transferred in public More scalable, easy for multicast New problems: –How can we make sure it is Bob’s public key Trusted Third Party Certificate for the public key –How to guarantee the sender’s identity Some story about public key –NSA says it is unnecessary –But claims credit for it

21 21 Hybrid crypto systems Symmetric methods are fast, easy to implement, but require special attention during key distribution Asymmetric methods are slow, but more secure –Careful about the forward search attack Hybrid: –Using asymmetric method to distribute key –Using symmetric method to encrypt data

22 22 Communication using hybrid crypto systems Steps (1)Bob sends Alice his public key (2)Alice encrypts the session key with this public key and sends to Bob (3)Both Alice and Bob know the session key and can use it for data traffic Open question: why should B trust A’s capabilities to generate keys?

23 23 Merkle’s puzzle Make the life of an eavesdropper difficult –The receiver can randomly choose one message –The eavesdropper has to try almost all of them

24 24 Block 4: Digital signature Signature by symmetric encryption: –TTP will get involved –Who should store the encrypted messages? –How to send to a third party: through TTP again Signature with asymmetric encryption –Using the private key for signature –If the signature is like “I owe Bob $100”, a timestamp should also be included in the signature to avoid replay attack.

25 25 Never ever sign a random message or something you cannot see the plaintext

26 26 Block 5: Random number Pseudo random numbers: –Usually will repeat after a long sequence –Must long enough Real random numbers: –Lava lamp –Earthquake strength or interval

27 27 Dual encryption Let’s assume that everyone in the network has a public-private key pair. Alice wants to send a message to Bob and convince that it is from Alice. Two possible format: which is better??

28 28 Dual encryption Answer: –Alice should first sign the message, then use Bob’s public key to encrypt the packet Reason 1: If Alice’s private key is the outer layer, everyone with Alice’s public key will be able to decrypt it. Reason 2: never sign a random string that you do not know what it is (Example of RSA) –Two pair of public-private keys for everyone: one for encryption, one for digital signature

Download ppt "1 Chap 1: Introduction Some background –The message is usually represented as M or P (plaintext), the encryption result is usually represented as C (ciphertext)."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.

Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.

Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
ITIS 6167/8167: Network and Information Security Weichao Wang.

ITIS 6167/8167: Network and Information Security Weichao Wang.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Similar presentations

Ads by Google