Presentation is loading. Please wait.

Presentation is loading. Please wait.

Class 4 Asymmetric Cryptography and Trusting Internal Components CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

Published byChastity Naomi Chase Modified over 9 years ago

Similar presentations

Presentation on theme: "Class 4 Asymmetric Cryptography and Trusting Internal Components CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman"— Presentation transcript:

1 Class 4 Asymmetric Cryptography and Trusting Internal Components CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman http://www.cis.ksu.edu/~eyv/CIS755_S14/

2 Administrative stuff Quiz on Thursday – Cryptography concepts – Examples… Project due dates posted Schedule always being updated – watch for changes What would you like to see covered? Paper reading and the “huh?” moment

3 Last time: Basic primitives Confidentiality (encryption) – Symmetric (e.g. AES) – Asymmetric (e.g. RSA) Hash functions Integrity and authentication – Symmetric (authentication codes) – Asymmetric (signatures) Random numbers

4 Asymmetric cryptography The idea: base security properties on mathematical statements – Facts or assumptions We need to be familiar with our toolset NEVER BUILD YOUR OWN WHEN SOLUTION EXISTS!!

5 NEVER BUILD YOUR OWN WHEN SOLUTION EXISTS!!!

6 Asymmetric No pre-shared keys Public and secret keys (key pairs) Asymmetric means…? – Non-repudiable Key agreement, e.g. Diffie-Hellman – Not like sending password in the clear Mathematical proof based on conjecture – Variants of conjecture (important)

7 Security (strength) Key size * – Commonly 2 256 for AES, 2 2048 for RSA – What is a [good] key? Underlying cryptosystem/primitives Composition e.g. MAC with broken underlying hash function may not itself be broken

8 Current state of symmetric encryption DES is too weak (56-bit key) 3DES is weak (168-bit keys but only 2 112 security – “meet-in-the-middle” attack) Recent weaknesses in AES: – AES-256 (2 254.4 ) AES-192 (2 189.7 ) AES-128 (2 126.1 ) http://research.microsoft.com/en- us/projects/cryptanalysis/aesbc.pdf

9 Current state of hash functions MD5 is broken – http://www.win.tue.nl/hashclash/ http://www.win.tue.nl/hashclash/ SHA-1 is known to be weak – http://theory.csail.mit.edu/~yiqun/shanote.pdf (2 69 ) http://theory.csail.mit.edu/~yiqun/shanote.pdf – http://eprint.iacr.org/2004/304 (2 106, generalizable) http://eprint.iacr.org/2004/304 – SHA-256 (variant) is even weaker SHA-3 currently in “development” (NIST) – We have a winner: all hail Keccak (SHA-3)! – http://csrc.nist.gov/groups/ST/hash/sha-3/ http://csrc.nist.gov/groups/ST/hash/sha-3/

10 Questions? Trusted component discussion

Download ppt "Class 4 Asymmetric Cryptography and Trusting Internal Components CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman"

Similar presentations

Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.

NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
Class 1 Background, Tools, and Trust CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman

Class 1 Background, Tools, and Trust CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
CMSC 456 Introduction to Cryptography

CMSC 456 Introduction to Cryptography
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
© MMII JW RyderCS 428 Computer Networking1 Basic Internet Security Concepts.

© MMII JW RyderCS 428 Computer Networking1 Basic Internet Security Concepts.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
04-01-98 J.W. Ryder Basic Internet Security Concepts J.W. Ryder

J.W. Ryder Basic Internet Security Concepts J.W. Ryder
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Diffie-Hellman Key Exchange

Diffie-Hellman Key Exchange
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott

Similar presentations

Ads by Google