Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden +46 470 70 86.

Published byLily Terry Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden +46 470 70 86."— Presentation transcript:

1 1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49

2 2 OUTLINE  Approaches to Message Authentication  Secure Hash Functions and HMAC  Public-Key Cryptography Principles  Public-Key Cryptography Algorithms  Digital Signatures  Key Management

3 3 Authentication  Requirements - must be able to verify that: 1. Message came from apparent source or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence.  Protection against active attack (falsification of data and transactions)

4 4 Approaches to Message Authentication  Authentication Using Conventional Encryption  Only the sender and receiver should share a key  Message Authentication without Message Encryption  An authentication tag is generated and appended to each message  Message Authentication Code  Calculate the MAC as a function of the message and the key. MAC = F(K, M)

5 5

6 6 One-way HASH function

7 7  Secret value is added before the hash and removed before transmission.

8 8 Secure HASH Functions  Purpose of the HASH function is to produce a ”fingerprint.  Properties of a HASH function H : 1. H can be applied to a block of data at any size 2. H produces a fixed length output 3. H(x) is easy to compute for any given x. 4. For any given block x, it is computationally infeasible to find x such that H(x) = h 5. For any given block x, it is computationally infeasible to find with H(y) = H(x). 6. It is computationally infeasible to find any pair (x, y) such that H(x) = H(y)

9 9 Simple Hash Function  One-bit circular shift on the hash value after each block is processed would improve the code

10 10 Message Digest Generation Using SHA-1

11 11 SHA-1 Processing of single 512-Bit Block

12 12 Other Secure HASH functions SHA-1MD5RIPEMD-160 Digest length160 bits128 bits160 bits Basic unit of processing 512 bits Number of steps80 (4 rounds of 20) 64 (4 rounds of 16) 160 (5 paired rounds of 16) Maximum message size 2 64 -1 bits

13 13 HMAC  Use a MAC derived from a cryptographic hash code, such as SHA-1.  Motivations:  Cryptographic hash functions executes faster in software than encryption algorithms such as DES  Library code for cryptographic hash functions is widely available  No export restrictions from the US (Not a problem anymore)

14 14 HMAC Structure

15 15 Public-Key Cryptography Principles  The use of two keys has consequences in: key distribution, confidentiality and authentication.  The scheme has six ingredients  Plaintext  Encryption algorithm  Public and private key  Ciphertext  Decryption algorithm

16 16 Encryption using Public-Key System

17 17 Authentication using Public-Key System

18 18 Applications for Public-Key Cryptosystems  Three categories:  Encryption/decryption: The sender encrypts a message with the recipient’s public key.  Digital signature: The sender ”signs” a message with its private key.  Key echange: Two sides cooperate two exhange a session key.

19 19 Requirements for Public-Key Cryptography 1. Computationally easy for a party B to generate a pair (public key KU b, private key KR b ) 2. Easy for sender to generate ciphertext: 3. Easy for the receiver to decrypt ciphertect using private key:

20 20 Requirements for Public-Key Cryptography 4. Computationally infeasible to determine private key (KR b ) knowing public key (KU b ) 5. Computationally infeasible to recover message M, knowing KU b and ciphertext C 6. Either of the two keys can be used for encryption, with the other used for decryption:

21 21 Public-Key Cryptographic Algorithms  RSA and Diffie-Hellman  RSA - Ron Rives, Adi Shamir and Len Adleman at MIT, in 1977.  RSA is a block cipher  The most widely implemented  Diffie-Hellman  Echange a secret key securely  Compute discrete logarithms

22 22 The RSA Algorithm – Key Generation 1. Select p,q p and q both prime 2. Calculate n = p x q 3. Calculate 4. Select integer e 5. Calculate d 6. Public KeyKU = {e,n} 7. Private keyKR = {d,n}

23 23 Example of RSA Algorithm

24 24 The RSA Algorithm - Encryption  Plaintext:M<n  Ciphertext:C = M e (mod n)

25 25 The RSA Algorithm - Decryption  Ciphertext:C  Plaintext:M = C d (mod n)

26 26 Diffie-Hellman Key Exchange

27 27 Other Public-Key Cryptographic Algorithms  Digital Signature Standard (DSS)  Makes use of the SHA-1  Not for encryption or key echange  Elliptic-Curve Cryptography (ECC)  Good for smaller bit size  Low confidence level, compared with RSA  Very complex

28 28 Key Management Public-Key Certificate Use

Download ppt "1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden +46 470 70 86."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Public Key Cryptography & Message Authentication By Tahaei Fall 2012.

Public Key Cryptography & Message Authentication By Tahaei Fall 2012.
Information Security Principles & Applications Topic 4: Message Authentication 虞慧群

Information Security Principles & Applications Topic 4: Message Authentication 虞慧群
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Chapter3 Public-Key Cryptography and Message Authentication.

Chapter3 Public-Key Cryptography and Message Authentication.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
SCSC 455 Computer Security

SCSC 455 Computer Security
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.

Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Similar presentations

Ads by Google