Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr. Kalpakis CMSC 621, Advanced Operating Systems. Fall 2003 URL: Security & Cryptography.

Published byVeronica Page Modified over 9 years ago

Similar presentations

Presentation on theme: "Dr. Kalpakis CMSC 621, Advanced Operating Systems. Fall 2003 URL: Security & Cryptography."— Presentation transcript:

1 Dr. Kalpakis CMSC 621, Advanced Operating Systems. Fall 2003 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Security & Cryptography

2 CMSC 621, Fall 2003 2 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Protection vs Security The protection mechanisms (ACLs, etc) discussed earlier assist us in preventing unauthorized access and use of computer resources what happens if an intruder bypasses the protection mechanisms? Cryptography can be used so that an intruder is unable to understand or use information obtained without authorization

3 CMSC 621, Fall 2003 3 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Cryptography Terminology Plaintext (or cleartext) is the intelligible message Ciphertext is the unintelligible message Encryption and decryption Are the processes to convert between plaintext and ciphertext Key Is the parameter used in an encryption/decryption algorithm

4 CMSC 621, Fall 2003 4 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Cryptography Terminology Cryptosystem A system for encryption/decryption of information Symmetric cryptosystem use the same key for both encryption and decryption Asymmetric cryptosystem use the different keys for encryption and decryption Cryptology the designing & breaking of cryptosystems Cryptography the practice of using cryptosystems for confidentiallity of information Cryptoanalysis the breaking cryptosystems

5 CMSC 621, Fall 2003 5 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Basic Structure of a Cryptosystem EncryptDecrypt Break Encryption Key K e Decryption Key K d Plaintext M Ciphertext C Plaintext M Side Information Alice Bob Eve

6 CMSC 621, Fall 2003 6 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Basic Attacks to Cryptosystems Cryptosystem attacks are classified based on the amount of side information available to an intruder Attack classification ciphertext-only intruder only has access to the ciphertext known-plaintext intruder has access to the ciphertext and considerable amount of plaintext chosen-plaintext intruder has access to a chosen plaintext and its corresponding ciphertext

7 CMSC 621, Fall 2003 7 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Design Principles for Cryptosystems Shannon’s principles Diffusion principle spread the correlations and dependencies among key and words over the text as much as possible in order to maximize the length of plaintext needed to break the system Confusion principle change a piece of information so that ciphertext has no obvious relationship with plaintext Computational Intractability principle “every” algorithm for determining a key needed to break cryptosystem is “believed” to require exhaustive search of a very large search space

8 CMSC 621, Fall 2003 8 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 A Taxonomy of Cryptosystems Conventional systems Modern systems private key systems public key systems

9 CMSC 621, Fall 2003 9 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Conventional Cryptosystems Conventional cryptosystems are based on substitution ciphers Caesar’s cipher E(M) = (M + k) modulo 26 where M is a letter and k=3 is the key Simple substitution cipher E(M) = Key[M] where Key is an arbitrary permutation of a single alphabet Vigenere cipher choose N simple substitution ciphers and encrypt the jth letter using the (j mod N) substitution cipher One-time pad encrypt by Xoring message with a key, whose size equals the size of the message

10 CMSC 621, Fall 2003 10 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 DES The Data Encryption Standard (DES) is a modern private-key cryptosystem It is a block cipher that uses two basic operations permutation, and substitution It breaks a message in 64-bit blocks and encrypts/decrypts each block individually It uses a 56-bit secret key, which is expanded to 64-bits using parity bits

11 CMSC 621, Fall 2003 11 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 DES Has three stages plaintext block undergoes an initial permutation IP permuted block undergoes for 16 times a complex transformation A block at the ith iteration is broken into two 32-bit blocks Li & Ri transformed block undergoes the inverse IP’ of the permutation IP at the 1st stage DES transformation in the ith iteration, i=1,2,…,16 K i = Phi(Key, i) 48-bit key of ith iteration L i = R i-1 R i = L i xor F (R i-1, K i )

12 CMSC 621, Fall 2003 12 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 DES Function F does the following expands R i into a 48-bits quantity E(R i ) by permuting and duplicating some bits of R Xors E(R i ) with K i and partitions the result into eight 6-bit blocks Q 1, Q 2,…,Q 8 passes each Q j 6-bit block through a separate 6-to-4 bit substitution box concatenates all transformed 4-bit Q j blocks and then permutes them

13 CMSC 621, Fall 2003 13 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 DES Decryption is done by executing the three stages in reverse order and each time using the inverse function/operation permute cipher text using IP’ undo the 16 transformations, for i=16,15,…,1, using the same keys K 1, K 2, …, K 16 R i-1 = R i L i-1 = R i xor f ( L i, K i ) permute transformed ciphertext with IP For added security, block chaining can be used each plaintext block is Xored with the ciphertext of the previous plaintext block triple encryption (DES does not form a group) Rijdael: new private key standard

14 CMSC 621, Fall 2003 14 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Public-Key Cryptosystems Private key cryptosystems requires a secure mechanism for distributing the private keys to communicating parties Diffie and Hellman proposed public key cryptosystems public key systems make the encryption key publicly available and keep the decryption key secret public key systems are based on the computational intractability principle (using problems such as factoring primes, discrete logarithm, knapsack, etc)

15 CMSC 621, Fall 2003 15 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Public Key Cryptosystems public key systems satisfy the following D SK (E PK (M)) = M for every message M The encryption and decryption functions E and D are computationally efficient Knowledge of E, D, and PK (public key) does not compromise SK (secret key) D PK (E SK (M)) = M for every message M, if message singing/verification is desired

16 CMSC 621, Fall 2003 16 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Trapdoor One-Way Functions One-way functions F F is invertible and easy to compute inverting F is computationally intractable, ie given y finding x such that y=F(x) is believed to be computationally infeasible Trapdoor one-way functions F y=F(x) can be solved efficiently provided some secret information for F is available Diffie and Hellman suggested that one way to implement public key systems is to use trapdoor one-way functions

17 CMSC 621, Fall 2003 17 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Number Theory Background GCD Recursion Theorem & the Extended Euclid’s algorithm

18 CMSC 621, Fall 2003 18 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Number Theory Background Euler’s phi function, Euler’s and Fermat’s Theorems

19 CMSC 621, Fall 2003 19 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Number Theory Background The Chinese Remainder Theorem Origins Sun-Tsu, circa 100 A.D. considered the problem of finding those integers x that leave remainders 2, 3, and 2 when divided by 3, 5, and 7 respectively (which are of the form x=23+105k). Its essence

20 CMSC 621, Fall 2003 20 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Number Theory Background A corollary of the Chinese Remainder Theorem states that

21 CMSC 621, Fall 2003 21 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 RSA Rivest, Shamir, and Adleman introduced the RSA public-key cryptosystem based on Diffie and Hellman RSA works as follows

22 CMSC 621, Fall 2003 22 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 RSA RSA’s encryption function is E PK (M) = M e mod n where PK=(e,n) RSA’s decryption function is D SK (M) = M d mod n where SK=(d,n) these two encryption/decryption functions satisfy D SK (E PK (M)) = M D PK (E SK (M)) = M can be computed efficiently given PK or SK knowledge of PK does not compromise SK

23 CMSC 621, Fall 2003 23 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 RSA Correctness of RSA is based on Fermat’s theorem and on the Chinese Remainder Theorem Example values for RSA choose p=5 and q=11 set n=55 and N=40 choose d=23 compute e=7 using the extended Euclid algorithm encrypt M=8 to 2 using “repeated squaring”

24 CMSC 621, Fall 2003 24 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 RSA A more realistic example set of values for RSA (courtesy of Prof. Stephens) n = 2419753086 4197530864 2125371358 0246913580 2471460971 7 p = 1555555555 5555555555 560261 q = 1555555555 5555555555 560497 e = 512896171 d = 1955459782 2571725357 3495557871 3933814929 3601459917 1 sqrt(n) approximately = 1555555555 5555555555 560378 number of positive integers < n that are relative prime to n is equal to phi(n) phi(n) = 2419753086 4197530864 2125340246 9135802469 1360348896 0

25 CMSC 621, Fall 2003 25 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Authentication Objective verify the identity of communicating entities Authentication services interactive communication (synchronous) one-way communication (asynchronous) signed communication (verifiable conversation by third party) Potential threats altering messages replaying old messages denial of service interference with ongoing communication impersonation

26 CMSC 621, Fall 2003 26 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Interactive Communication Protocols Require an authoritative Authentication Server (AS) for securely distributing conversation keys Each user registers its secret key with the AS, which is shared only between the AS and the user, and their public key if any Requirements – use case Alice wants to communicate with Bob so that the message is intelligible to Bob, but not Eve it should be evident that the message was sent by Alice, and that is not a replay of an older message from Alice

27 CMSC 621, Fall 2003 27 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Interactive Communication with Private Key Systems Alice wants to converse with Bob Denning-Sacco’s modification to handle compromised conversation keys A message is not a reply attack if |LocalClock-T|<LocalClock’s disrepancy from AS’s clock plus the estimated maximum network delay

28 CMSC 621, Fall 2003 28 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Interactive Communication with Public Key Systems Alice wants to communicate with Bob

29 CMSC 621, Fall 2003 29 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 One-Way Communication with Private Key Systems Alice wants to email message M to Bob Bob should be able to authenticate integrity of Alice’s message even if Alice is not currently available Eve should not be able to impersonate Alice Protocol is succeptible to playback attacks

30 CMSC 621, Fall 2003 30 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 One-Way Communication with Public Key Systems Alice wants to email message M to Bob

31 CMSC 621, Fall 2003 31 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Digital Signatures Must satisfy the following a user can not forge signatures sender of signed message can not deny the validity of his signature receipient can not modify the signature of a signed message

32 CMSC 621, Fall 2003 32 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Digital Signatures using Private Key Systems Alice wants to sign a message to be sent to Bob

33 CMSC 621, Fall 2003 33 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Digital Signatures using Public Key Systems Alice wants to sign a message to be sent to Bob

34 CMSC 621, Fall 2003 34 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Kerberos An authentication system for an open network computing environment where user’s machines are under their complete control and can not be trusted to identify users to network services Consists of Client (C) Kerberos Server (K) Ticket Granting Server (TGS) Server (S) User (U)

35 CMSC 621, Fall 2003 35 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Kerberos Phase I: Getting the Initial Ticket User provides the Client machine his/her identity Client sends to Kerberos server K the msg Kerberos server K Client upon receipt of msg

36 CMSC 621, Fall 2003 36 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Kerberos, Phase II: Getting a Server Ticket User/Client wants to use a network service S Ticket Granting Server TGS Client upon receiving msg from TGS

37 CMSC 621, Fall 2003 37 URL: http://www.csee.umbc.edu/~kalpakis/Courses/621 Kerberos, Phase III: Requesting a Service Client requests service from server S Service server S upon receipt of the msg

Download ppt "Dr. Kalpakis CMSC 621, Advanced Operating Systems. Fall 2003 URL: Security & Cryptography."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security – Additional material.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security – Additional material.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Similar presentations

Ads by Google