Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 5 Page 1 Advanced Network Security Review of Cryptography: Cryptographic Keys Advanced Network Security Peter Reiher August, 2014.

Published byLesley Grant Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 5 Page 1 Advanced Network Security Review of Cryptography: Cryptographic Keys Advanced Network Security Peter Reiher August, 2014."— Presentation transcript:

1 Lecture 5 Page 1 Advanced Network Security Review of Cryptography: Cryptographic Keys Advanced Network Security Peter Reiher August, 2014

2 Lecture 5 Page 2 Advanced Network Security Outline Properties of keys Certificates

3 Lecture 5 Page 3 Advanced Network Security Introduction It doesn’t matter how strong your encryption algorithm is Or how secure your protocol is If the opponents can get hold of your keys, your security is gone Proper use of keys is crucial to security in computing systems

4 Lecture 5 Page 4 Advanced Network Security Properties of Keys Length Randomness Lifetime Secrecy

5 Lecture 5 Page 5 Advanced Network Security Key Length If your cryptographic algorithm is otherwise perfect, its strength depends on key length Since the only attack is a brute force attempt to discover the key The longer the key, the more brute force required

6 Lecture 5 Page 6 Advanced Network Security Are There Real Costs for Key Length? Generally, more bits is more secure Why not a whole lot of key bits, then? Some encryption done in hardware –More bits in hardware costs more Some software encryption slows down as you add more bits, too –Public key cryptography especially Some algorithms have defined key lengths only If the attack isn’t brute force, key length might not help

7 Lecture 5 Page 7 Advanced Network Security Key Randomness Brute force attacks assume you chose your key at random If attacker learns how you chose your key –He can reduce brute force costs The closer the method chosen approaches true randomness, the better But true randomness is not essential –Need same statistical properties –And non-reproducibility

8 Lecture 5 Page 8 Advanced Network Security Cryptographic Methods Start with a random number Use a cryptographic hash on it If the cryptographic hash is a good one, the new number looks pretty random Produce new keys by hashing old ones Depends on strength of hash algorithm Falls apart if any key is ever broken –Doesn’t have perfect forward secrecy

9 Lecture 5 Page 9 Advanced Network Security Perfect Forward Secrecy A highly desirable property in a cryptosystem It means that the compromise of any one session key will not compromise any other –E.g., don’t derive one key from another using a repeatable algorithm Keys do get divulged, so minimize the resulting damage

10 Lecture 5 Page 10 Advanced Network Security Random Noise Observe an event that is likely to be random –Physical processes (cosmic rays, etc.) –Real world processes (variations in disk drive delay, keystroke delays, etc.) Assign bit values to possible outcomes Record or generate them as needed More formally described as gathering entropy Keys derived with proper use of randomness have good perfect forward secrecy

11 Lecture 5 Page 11 Advanced Network Security Key Lifetime If a good key’s so hard to find, –Why every change it? How long should one keep using a given key?

12 Lecture 5 Page 12 Advanced Network Security Why Change Keys? Long-lived keys more likely to be compromised The longer a key lives, the more data is exposed if it’s compromised The longer a key lives, the more resources opponents can (and will) devote to breaking it The more a key is used, the easier the cryptanalysis on it A secret that cannot be readily changed should be regarded as a vulnerability But what you use a key for may require long lifetime

13 Lecture 5 Page 13 Advanced Network Security Destroying Old Keys Never keep a key around longer than necessary –Gives opponents more opportunities Destroy keys securely –For computers, remember that information may be in multiple places Caches, virtual memory pages, freed file blocks, stack frames, etc. –Real modern attacks based on finding old keys in unlikely places

14 Lecture 5 Page 14 Advanced Network Security Key Secrecy Seems obvious Of course you keep your keys secret However, not always handled well in the real world Particularly with public key cryptography

15 Lecture 5 Page 15 Advanced Network Security Some Problems With Key Sharing Private keys are often shared –Same private key used on multiple machines –For multiple users –Stored in “convenient” places –Embedded in widely distributed executables

16 Lecture 5 Page 16 Advanced Network Security To Make It Clear, PRIVATE KEYS ARE PRIVATE! They are for use by a single user They should never be shared or given away They must never be left lying around in insecure places –Widely distributed executables are insecure –Just because it’s tedious to decipher executables doesn’t mean can’t be done The entire security of PK systems depends on the secrecy of the private key!

17 Lecture 5 Page 17 Advanced Network Security Certificates A ubiquitous form of authentication Generally used with public key cryptography A signed electronic document proving you are who you claim to be Can also verify what your public key is Presentation of the certificate alone serves as authentication of your public key

18 Lecture 5 Page 18 Advanced Network Security Implementation of Public Key Certificates Set up a trusted authority Every user presents his public key to the authority The authority returns a certificate –Containing the user’s public key signed by the authority’s private key

19 Lecture 5 Page 19 Advanced Network Security Checking a Certificate Every user keeps a copy of the authority’s public key When a new user wants to talk to you, he gives you his certificate Decrypt the certificate using the authority’s public key You now have an authenticated public key for the new user Authority need not be checked on-line

20 Lecture 5 Page 20 Advanced Network Security Certification Hierarchies Arrange certification authorities hierarchically Single authority at the top produces certificates for the next layer down And so on, recursively

21 Lecture 5 Page 21 Advanced Network Security Using Certificates From Hierarchies I get a new certificate I don’t know the signing authority But the certificate also contains that authority’s certificate Perhaps I know the authority who signed this authority’s certificate

22 Lecture 5 Page 22 Advanced Network Security Extracting the Authentication Using the public key of the higher level authority, –Extract the public key of the signing authority from the certificate Now I know his public key, and it’s authenticated I can now extract the user’s key and authenticate it

23 Lecture 5 Page 23 Advanced Network Security A Example Give me a certificate saying that I’m Should Alice believe that he’s really ? Alice has never heard of But she has heard of So she uses to check How can prove who he is? Alice gets a message with a certificate Then she uses to check

24 Lecture 5 Page 24 Advanced Network Security Certificates and Trust Ultimately, the point of a certificate is to determine if something is trusted –Do I trust the request enough to perform some financial transaction? So, Trustysign.com signed this certificate How much confidence should I have in the certificate?

25 Lecture 5 Page 25 Advanced Network Security Potential Problems in the Certification Process What measures did Trustysign.com use before issuing the certificate? Is the certificate itself still valid? Is Trustysign.com’s signature/certificate still valid? Who is trustworthy enough to be at the top of the hierarchy?

26 Lecture 5 Page 26 Advanced Network Security Trustworthiness of Certificate Authority How did Trustysign.com issue the certificate? Did it get an in-person sworn affidavit from the certificate’s owner? Did it phone up the owner to verify it was him? Did it just accept the word of the requestor that he was who he claimed to be? Has authority been compromised?

27 Lecture 5 Page 27 Advanced Network Security What Does a Certificate Really Tell Me? That the certificate authority (CA) tied a public/private key pair to identification information Generally doesn’t tell me why the CA thought the binding was proper I may have different standards than that CA

28 Lecture 5 Page 28 Advanced Network Security Showing a Problem Using the Example Alice likes how verifies identity But is she equally happy with how verifies identity? Does she even know how verifies identity? What if uses ‘s lax policies to pretend to be ?

29 Lecture 5 Page 29 Advanced Network Security Another Big Problem Things change –E.g., recent compromise of Adobe private keys One result of change is that what used to be safe or trusted isn’t any more If there is trust-related information out in the network, what will happen when things change?

30 Lecture 5 Page 30 Advanced Network Security Revocation A general problem for keys, certificates, access control lists, etc. How does the system revoke something related to trust? In a network environment Safely, efficiently, etc. Related to revocation problem for capabilities

31 Lecture 5 Page 31 Advanced Network Security Realities of Certificates Multiple trusted authorities, not just one –Most OSes come with set of “pre-trusted” certificate authorities System automatically processes (i.e., trusts) certificates they sign If not signed by one of these, present it to the user –Who always accepts it...

Download ppt "Lecture 5 Page 1 Advanced Network Security Review of Cryptography: Cryptographic Keys Advanced Network Security Peter Reiher August, 2014."

Similar presentations

SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.

NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.

 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.

03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
Database Key Management CSCI 5857: Encoding and Encryption.

Database Key Management CSCI 5857: Encoding and Encryption.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Cryptography 101 Frank Hecker

Cryptography 101 Frank Hecker
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.

Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Lecture 5 Page 1 CS 236 Online Certificates A ubiquitous form of authentication Generally used with public key cryptography A signed electronic document.

Lecture 5 Page 1 CS 236 Online Certificates A ubiquitous form of authentication Generally used with public key cryptography A signed electronic document.

Similar presentations

Ads by Google