Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Part 3: Cryptography u Large Numbers u Random Numbers u Cryptographic Hashes u Symmetric Encryption u Asymmetric Encryption (public keys) u Digital Signatures.

Published byMiles Henderson Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Part 3: Cryptography u Large Numbers u Random Numbers u Cryptographic Hashes u Symmetric Encryption u Asymmetric Encryption (public keys) u Digital Signatures."— Presentation transcript:

1 1 Part 3: Cryptography u Large Numbers u Random Numbers u Cryptographic Hashes u Symmetric Encryption u Asymmetric Encryption (public keys) u Digital Signatures u Digital Certificates u Protocols

2 2 Why Cryptography? u Authenticate humans and devices u Communication is private u Data storage can be made private u Certificates make no use of shared secrets u All the technologies are open, trusted, well known and proven u Software can be “attested” u All known network attacks do not work against cryptographically secure communications  Except Denial of Service

3 3 Cryptography? u Cryptography provides “strong” techniques for  Privacy  Authentication  Non-repudiation  Un-forge-ability u Most cryptography schemes are based on  Cryptographic Hashes  Symmetric encryption  Public Key Encryption  Digital Signatures u Public Key Encryption is the solution to the problem of shared secrets  And much more

4 4 Large Numbers 2 10 1,024 2 20 1,048,576 2 30 1,073,741,824 2 40 1,099,511,627,7761 sec 2 50 1,125,899,906,842,62017 mins 2 60 1,152,921,504,606,850,000291 days 2 70 1,180,591,620,717,410,000,00068 years 2 80 1,208,925,819,614,630,000,000,00069,731 years 2 90 1,237,940,039,285,380,000,000,000,00071,404,104 years 2 100 1,267,650,600,228,230,000,000,000,000,00073,117,802,169 years Time to crack a key, if 1 trillion keys can be tested in 1 sec Total Number of Atoms on Earth: 2^160

5 5 Random Numbers u Cryptographically Secure Random Numbers (CSR)  Can be generated by pseudo-random-number-generators (CSRPRNG) u Two 128 bit random numbers cannot be the same  Will happen once in 10 15 million years (!)  Birthday Paradox: may happen as soon as 10 7 years u Used to generate keys, identifications u Cannot guess random numbers  Ok, maybe 1 in 10 15 million years u One in every “few thousand” numbers are prime

6 6 Cryptographic Hashes u A hash of a document is a fixed sized number (also called message digest) produced by some hashing algorithm (MD5, SHA-1) u No two documents can have the same hash  Surprising, but with high level of confidence  Slight changes in a document causes large changes in the hash u A hash of any data can be used as a “fingerprint” of that data H Document hash

7 7 Hash collisions u Thought to be impossible u Only one known so far for a “good” algorithm  MD5 hash collision

8 8 Symmetric Encryption u Same key for encryption and decryption, E k (E k (m)) = m  Used for privacy u Many “unbreakable” schemes exist  Open algorithms are the best  DES, 3DES, IDEA, AES u Key exchange a major problem (shared secret) E Plaintext: m Ciphertext: E k (m) Key: k m k E

9 9 Asymmetric Encryption u Also known as Public Key Encryption  Different keys for encryption and decryption, E k2 (E k1 (m)) = m  Very varied applications  Key exchange is trivial E m E k1 (m) Public key: k1 m Private key: k2 E Note: k1 and k2 are unrelated, yet related Cannot find k2 if k1 is given But there is only one k2, given a k1 My convention: K1A = Alice’s Public Key, K2A = Alice’s Private Key

10 10 Cryptanalysis u Breaking encryption using many different techniques, rather than “Brute Force” u Known Ciphertext Attack u Known Plaintext Attack u Chosen Plain text attack u Adaptive chosen plaintext attack u Differential Cryptanalysis u Linear Cryptanalysis

11 11 Steganography u Hiding data in data, in some obscure way  LSB of pictures  First letter of each paragraph u Security via obscurity u Has some important advantages, specially when steganography is combined with cryptography By removing all but the last 2 bite of each color component, an almost completely black image results. Making the resulting image 85 times brighter results in the second image

12 12 Kerkhoff’s Principle u Paraphrased, the set of six rules imply: The security of a cryptosystem must depend on the key and not the encryption algorithm. The algorithms must be widely known. u Almost all known situations where the algorithm was kept secret, have been “broken”  Enigma  DVD encryption  GSM encryption  RFID encryption  (not secret, but deployed quickly): WiFi encryption (WEP)

13 13 Pitfalls of Proprietary Algorithms u Proprietary algorithms violate Kerkhoff’s principle, even if the designers did not want to violate the principle u Designers of cryptosystems fail to see its flaws u Even without knowing the cipher, the ciphers are broken u Open standards are very important in cryptography, they algorithms must be scrutinized heavily

14 14 Substitution Ciphers u Substitute a letter with another letter u Caesar Cipher  Mono alphabetic  Very easy to break u Vigenere Cipher  Poly alphabetic  Took 300 years to break  Kasiski Attack  Now we know it is easily breakable Vigenere Cipher Table A B C D E F G H I J K L M N O P A A B C D E F G H I J K L M N O P B B C D E F G H I J K L M N O P Q C C D E F G H I J K L M N O P Q R D D E F G H I J K L M N O P Q R S E E F G H I J K L M N O P Q R S T F F G H I J K L M N O P Q R S T U G G H I J K L M N O P Q R S T U V H H I J K L M N O P Q R S T U V W I I J K L M N O P Q R S T U V W X J J K L M N O P Q R S T U V W X Y K K L M N O P Q R S T U V W X Y Z

15 15 Unbreakable Cipher u Unconditionally secure u Cannot be broken with brute force u ONE TIME PAD u Not practically usable either

16 16 Block and Stream Ciphers u Block Cipher: N bit block of data is encrypted with N bits of key to produce N bits of output  DES, AES, IDEA  Most of the current ciphers u Stream Cipher  Works one bit at a time of plaintext  Good for hardware implementations  RC4, SEAL Encrypter State Machine Plaintext Key Ciphertext Key Ciphertext

17 17 DES u Data Encryption Standard (DES) was created in after a NIST issued RFP in 1973, which culminated in the winner “Lucifer”. Lucifer was modified by NSA to yield DES u Plaintext -> Initial Permutation -> 16 rounds -> final permutation ->Ciphertext u S-BOX: Confusion u P-BOX: Permutation

18 18 DES “Round” LRKey Key’L’R’ P-Box S-Box Expansion shift Compression 5232 48 32 48 PBOX 0: 16 1: 7 2: 20 3: 21 4: 29 5: 12 6: 28 7: 17 8: 1 9: 15 10: 23 11: 26 12: 5 13: 18 14: 31 SBOX 0: 14 1: 4 2: 13 3: 1 4: 2 5: 15 6: 11 7: 8 8: 3 9: 10 10: 6 11: 12 12: 5 13: 9 14: 0

19 19 Crypto Protocols u Cryptographic Protocols are “self enforcing” protocols  As opposed to arbitrated or adjudicated protocols u They are used for:  Privacy,  Integrity,  Authentication,  Non-repudiation,  Access Control,  Anonymity  Time stamping  Voting  Cash  …and much more

20 20 Coin Tossing u Alice and Bob wants to toss a coin, on the telephone u Alice chooses a random number R u Alice sends to Bob an N bit cryptographic hash(R) u Bob guesses even or odd u Alice send Bob R u How does that work?  It does, and there are many more coin toss protocols

21 21 Communication u Symmetric Key Communication u Alice and Bob agrees on a key K u Alice sends Bob a message M encrypted in K using algorithm E A -> B Ek(M) Bob decrypts message: Dk(Ek(M)) = M B->AEk(M) Alice decrypts message: Dk(Ek(M)) = M u How does Alice and Bob exchange K?  “key exchange”

22 22 Key Exchange u Diffie Helman Key Exchange u Public Key based Key exchange u Bob sends the communication key S (session key) to Alice, encrypted in Alice’s public key u No one other than Alice can find the session key  Can be done over insecure networks  Vulnerability: Man in the middle attacks  Solution: Use digital certificates Alice Bob Alice K1A E K1A (S) K1A = Alice’s Public Key, K2A = Alice’s Private Key

23 23 Authentication u Bob sends a challenge to Alice  Challenge = random number u Alice responds with the number, encrypted in Alice’s private key u Bob knows Alice’s public key, hence decrypts the response and finds it’s the same as the random number she sent  No one other than Alice can do this  Alice never exposes the private key u Public Key = User ID u Private Key = Password  NO LEAKAGE POSSIBLE! Alice Bob Alice R E K2A (R)

24 24 RSA u Rivest Shamir Adelman:  Patented in 1983, expired in 2000 u Based on difficulty of factorization Choose two large random prime numbers p and q, Compute n = p*q Compute φ(n) = (p-1)(q-1) Choose an integer e, such that e, is coprime to φ(n) -- e, is released as the public key Compute d, to satisfy (d*e) mod φ(n) = 1 -- d, is kept as the private key

25 25 RSA u Encryption (of message m) (m) e mod n u Decryption (of cipher m’) (m’) e mod n u RSA property ((m) e ) d mod n = m

26 26 Secure Hybrid Communication u Protocol 1 Alice -> Bob:Hello “Alice” Bob -> Alice: “Alice”+”Bob”, E K2B (hash(“Alice”+”Bob”)) u Protocol 2 Alice -> Bob:Hello “Alice” Bob -> Alice:“Bob”, K1B Alice -> Bob:Prove it Bob -> Alice: “Alice”+”Bob”, E K2B (hash(“Alice”+”Bob”)) K1A = Alice’s Public Key, K2A = Alice’s Private Key

27 27 Secure Hybrid Communication u Protocol 3 Alice -> Bob:Hello “Alice” Bob -> Alice:“Bob”, Bob’s Certificate Alice -> Bob:Prove it Bob -> Alice: “Alice”+”Bob”, E K2B (hash(“Alice”+”Bob”)) u Protocol 4 Alice -> Bob:Hello “Alice” Bob -> Alice:“Bob”, Bob’s Certificate Alice -> Bob:Prove it Bob -> Alice: “Alice”+”Bob”, E K2B (hash(“Alice”+”Bob”)) Alice -> Bob:E K1B (KEY) [all communications]: E KEY (message) Discussed later

28 28 Man in the Middle u Without certificates MITM attacks possible on public key protocols u Certificate issuance, verification and Certificate Authority public Key distribution forms the underlying infrastructure of PKI  PKI = Public Key Infrastructure u Web of Trust can also be used u “Certificates” are covered after Digital Signatures

29 29 Digital Signatures u Digital Signatures are like real paper signatures, but much better u Properties include:  Verifiably Authentic (with high degree of confidence)  Unforgeable: Another person cannot sign  Not reusable: Cannot lift signature from one document to another  Unalterable: The signed document cannot be altered  Non repudiable: The person signing cannot claim she did not sign it u Simple Signature Scheme Alice signs a document: E K2A (DOCUMENT) K1A = Alice’s Public Key, K2A = Alice’s Private Key

30 30 Digital Signatures u An electronic document can be signed  E.g. a check via Email! u The document cannot be altered, forged, repudiated u Very powerful technique, much better than paper signatures D = Document Cryptographic Hash of D Signature of H = E K2A (H) DHS

31 31 Digital Certificates u Digital signatures and public key authentication assumes you know a persons public key  How do you know for sure? u A digital certificate is a ID-Card, with a persons identity and public key and a “certificate authority’s” (CA) signature u Can be verified u Provides safe authentication u Safe from most attacks, cannot be forged, cannot be misused Name and Information for Alice Alice’s Public Key Signature of Certificate Authority Digital certificate

32 32 Communication with Certificates u Certificates can be used to determine identity without any attack possibilities  As long as the certificate authority is trusted u Since certificates are PKI based, key exchange is simple u Protocol 4 (from earlier) is used

33 33 Message Authentication Codes u To preserve message integrity u Makes sure no one tampers, or replaces and sender is authenticated on every message E KEY (message, E KEY ( h (message))) Added number of bits is small

34 34 Hierarchical Certificates CA1 Pub Key rCA Sig rCA CA3CA2CA1 Alice Pub Key CA1 Sig Alice CA1 Pub Key rCA Sig

35 35 Attacks on Public Keys u Alice meets Bob and knows his public key u Alice send a random number to Bob for challenge response and Bob encrypts the number using private key and returns u Alice can fool Bob into decrypting documents, signing documents u Alice sends Bob a “good document” u Bob signs and returns u Alice can fool Bob into signing a “bad document”  Birthday Attack

36 36 Birthday “Paradox” There are N people in a room. What is the probability that two people have the same birthday?

37 37 Match Probabilities Choose a number (0..9) Now pick a number at random, what is the probability of getting the chosen number? TryFailSuccess 10.900.1 20.810.19 30.730.27 40.660.34 50.590.41 60.530.47 70.480.52 80.430.57 90.390.61 100.350.65 Pick numbers at random (0..9) What is the probability that you get two numbers with same value? TryFailSuccess 10.90000.1000 20.72000.2800 30.50400.4960 40.30240.6976 50.15120.8488 60.06050.9395 70.01810.9819 80.00360.9964 90.00040.9996 100.00001.0000

38 38 How to do a Birthday Attack u Create a Good Document u Create a Bad Documents u “Perturb” or change the documents a million+ times u Hash them and see if there is a match between a good document and bad document  With 80 bit hashes, chances are quite high  Moral: Use 160bit hashes

39 39 The final PKI lesson u Never encrypt something that was given to you with private key and let others know the result. Change it first. u Never sign something that was given to you. Change it first.

40 40 Other Protocols u Cryptographic Protocols exist for:  Timestamping  Group communication  Group signatures  Secret sharing, secret splitting  Secure multiparty computations  Blinding and “cut and choose”  Coin tossing, card dealing  Secure electronic elections  Digital cash and micropayments  Many more

Download ppt "1 Part 3: Cryptography u Large Numbers u Random Numbers u Cryptographic Hashes u Symmetric Encryption u Asymmetric Encryption (public keys) u Digital Signatures."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies

Cryptographic Technologies
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Similar presentations

Ads by Google