Download presentation
Presentation is loading. Please wait.
Published byRose Webster Modified over 9 years ago
1
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
2
2 Network Security l Secrecy Keeping information out of the hands of unauthorized users l Nonrepudiation Signature (sender cannot deny and receiver cannot concoct) l Authentication Determining whom you are talking to before further actions l Integrity control How can it be sure that a message received was really the one sent (not modified by intruders)
3
3 Cryptography l Cryptology = cryptography + cryptanalysis Cryptography: devising ciphers Crytoanalysis: breaking ciphers l Encryption and decryption C = E k (P) P = D k (C) D k (E k (P)) = P where P: plain text C: cipher K: key E and D are two-parameter functions
4
Encryption Model The encryption model (for a symmetric-key cipher).
5
5 Cryptography l Kerckhoff’s Principle All algorithms must be public; only the keys are secret l Key Secret and easily changed Length is an issue The longer the key, the higher the cyrptanalysis work factor
6
6 Cryptography l Secrecy = strong but public algorithm + long key l Analogy: combination lock l Two types of cryptography Symmetric-key cryptography Public-key cryptography
7
7 Symmetric-Key Cryptography l Secret keys Used for both encryption and decryption Decryption key is the same as or can be easily derived from encryption key Problem: Must be distributed l Examples DES (Data Encryption Standard) AES (Advanced Encryption Standard)
8
8 Public-Key Cryptography l Use two different keys Public key Private key l Public key Used by entire world to encrypt messages to be sent to that user l Private key Needed by user to decrypt messages l Decryption key could not (or is hard to) be derived from encryption
9
9 Public-Key Cryptography l Requirements D(E(P)) = P It's exceedingly difficult to deduce D from E E cannot be broken by a chosen plaintext attack
10
10 Public-Key Cryptography - Method l A wants to receive secret messages 2 algorithms are devised meeting requirements Encryption algorithm and key, E A, are made public Decryption algorithm is published but decryption key, D A, is secret l B wants to send secret message, P, to A E A (P) is computed by B and then sent to A D A (E A (P)) = P is performed by A
11
11 Public-Key Cryptography - RSA Algorithm l Named after Rivest, Shamir, and Adleman, 2002 Turing Award winners (http://www.acm.org/awards/turing_citat ions/rivest-shamir-adleman.html)http://www.acm.org/awards/turing_citat ions/rivest-shamir-adleman.html l Based on number theory l Method Choose two large primes, p and q Compute n = p q and z = (p - 1)(q - 1) Choose a number, d, relatively prime to z Find an e such that (e d) mod z = 1
12
12 Public-Key Cryptography - RSA Algorithm l Encryption Divide plaintext (bit string) into blocks Each P [0,n) (blocks of k bits, 2 k < n) C = P e mod n l Decryption P = C d mod n l Public key: (e, n) l Private key: (d, n)
13
13 RSA Algorithm - Example Let p = 3, q = 11 n = 33, z = 20 Choose d = 7 e = 3 Public key = (e, n) = (3,33) Private key = (d, n) = (7,33)
14
14 RSA Algorithm l As n and e are known, we could compute z and by factoring n, and d can then be computed … l Why does RSA work? A large number is very difficult to factor E.g., factoring a 500-digit number: 10 25 years l If p and q chosen ~ 2 512 then n ~ 2 1024 Each block could be up to 1024 bits (128 8-bit characters)
15
15 Digital Signatures l Secret-key signatures Random number generated by A, guard against “instant replay” Timestamp, guard against “very old message replay” BB’s “signature” A’s “signature” Big Brother K A : A’s secret key K B : B’s secret key A’s ID
16
16 Digital Signatures l Public-key signatures + secrecy
17
Public-Key Signatures Criticisms of DSS: 1. Too secret 2. Too slow 3. Too new 4. Too insecure
18
18 Digital Signatures l Authentication without secrecy l Message digests (MD) Based on one-way hash function Given P, it’s easy to compute MD(P) Given MD(P), it’s effectively impossible to find P Given P no one can find P’ s.t. MD(P’) = MD(P) A change to the input of even 1 bit produces a very different output
19
l Public-key and MD 19 Digital Signatures Ensure P’s integrity, but not secrecy
20
20 Authentication l Secret-key authentication Random number generated by A, serve as a “challenge” Secret key shared by A and B Random number generated by B
21
21 Authentication l Public-key authentication Proposed session key
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.