outline
Download
Skip this Video
Download Presentation
Outline

Loading in 2 Seconds...

play fullscreen
1 / 44

Outline - PowerPoint PPT Presentation


  • 122 Views
  • Uploaded on

Outline. Overview of Cryptography Symmetric Cipher Classical Symmetric Cipher Modern Symmetric Ciphers (DES and AES) Asymmetric Cipher One-way Hash Functions and Message Digest. Basic Terminology. plaintext - the original message ciphertext - the coded message

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Outline' - alcina


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
outline
Outline
  • Overview of Cryptography
  • Symmetric Cipher
    • Classical Symmetric Cipher
    • Modern Symmetric Ciphers (DES and AES)
  • Asymmetric Cipher
  • One-way Hash Functions and Message Digest
basic terminology
Basic Terminology
  • plaintext - the original message
  • ciphertext - the coded message
  • cipher - algorithm for transforming plaintext to ciphertext
  • key - info used in cipher known only to sender/receiver
  • encipher (encrypt) - converting plaintext to ciphertext
  • decipher (decrypt) - recovering ciphertext from plaintext
  • cryptography - study of encryption principles/methods
  • cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key
  • cryptology - the field of both cryptography and cryptanalysis
classification of cryptography
Classification of Cryptography
  • Number of keys used
    • Hash functions: no key
    • Secret key cryptography: one key
    • Public key cryptography: two keys - public, private
  • Type of encryption operations used
    • substitution / transposition / product
  • Way in which plaintext is processed
    • block / stream
secret key vs secret algorithm
Secret Key vs. Secret Algorithm
  • Secret algorithm: additional hurdle
  • Hard to keep secret if used widely:
    • Reverse engineering, social engineering
  • Commercial: published
    • Wide review, trust
  • Military: avoid giving enemy good ideas
unconditional vs computational security
Unconditional vs. Computational Security
  • Unconditional security
    • No matter how much computer power is available, the cipher cannot be broken
    • The ciphertext provides insufficient information to uniquely determine the corresponding plaintext
    • Only one-time pad scheme qualifies
  • Computational security
    • The cost of breaking the cipher exceeds the value of the encrypted info
    • The time required to break the cipher exceeds the useful lifetime of the info
brute force search
Brute Force Search
  • Always possible to simply try every key
  • Most basic attack, proportional to key size
  • Assume either know / recognise plaintext
outline1
Outline
  • Overview of Cryptography
  • Classical Symmetric Cipher
    • Substitution Cipher
    • Transposition Cipher
  • Modern Symmetric Ciphers (DES and AES)
  • Asymmetric Cipher
  • One-way Hash Functions and Message Digest
requirements
Requirements
  • Two requirements for secure use of symmetric encryption:
    • a strong encryption algorithm
    • a secret key known only to sender / receiver

Y = EK(X)

X = DK(Y)

  • Assume encryption algorithm is known
  • Implies a secure channel to distribute key
block vs stream ciphers
Block vs Stream Ciphers
  • Block ciphers process messages in into blocks, each of which is then en/decrypted
  • Like a substitution on very big characters
    • 64-bits or more
  • Stream ciphers process messages a bit or byte at a time when en/decrypting
  • Many current ciphers are block ciphers, one of the most widely used types of cryptographic algorithms
des data encryption standard
DES (Data Encryption Standard)
  • Published in 1977, standardized in 1979.
  • Key: 64 bit quantity=8-bit parity+56-bit key
    • Every 8th bit is a parity bit.
  • 64 bit input, 64 bit output.

64 bit M

64 bit C

DES

Encryption

56 bits

des top view
DES Top View

56-bit Key

64-bit Input

48-bit K1

Generate keys

Permutation

Initial Permutation

48-bit K1

Round 1

48-bit K2

Round 2

…...

48-bit K16

Round 16

Swap 32-bit halves

Swap

Final Permutation

Permutation

64-bit Output

des summary
DES Summary
  • Simple, easy to implement:
    • Hardware/gigabits/second, software/megabits/second
  • 56-bit key DES may be acceptable for non-critical applications but triple DES (DES3) should be secure for most applications today
  • Supports several operation modes (ECB CBC, OFB, CFB) for different applications
avalanche effect
Avalanche Effect
  • Key desirable property of encryption alg
  • Where a change of one input or key bit results in changing more than half output bits
  • DES exhibits strong avalanche
strength of des key size
Strength of DES – Key Size
  • 56-bit keys have 256 = 7.2 x 1016 values
  • Brute force search looks hard
  • Recent advances have shown is possible
    • in 1997 on a huge cluster of computers over the Internet in a few months
    • in 1998 on dedicated hardware called “DES cracker” by EFF in a few days ($220,000)
    • in 1999 above combined in 22hrs!
  • Still must be able to recognize plaintext
  • No big flaw for DES algorithms
des replacement
DES Replacement
  • Triple-DES (3DES)
    • 168-bit key, no brute force attacks
    • Underlying encryption algorithm the same, no effective analytic attacks
    • Drawbacks
      • Performance: no efficient software codes for DES/3DES
      • Efficiency/security: bigger block size desirable
  • Advanced Encryption Standards (AES)
    • US NIST issued call for ciphers in 1997
    • Rijndael was selected as the AES in Oct-2000
slide17
AES
  • Private key symmetric block cipher
  • 128-bit data, 128/192/256-bit keys
  • Stronger & faster than Triple-DES
  • Provide full specification & design details
  • Evaluation criteria
    • Security: effort to practically cryptanalysis
    • Cost: computational efficiency and memory requirement
    • Algorithm & implementation characteristics: flexibility to apps, hardware/software suitability, simplicity
outlines
Outlines
  • Symmetric Cipher
    • Classical Symmetric Cipher
    • Modern Symmetric Ciphers (DES and AES)
  • Asymmetric Cipher
  • One-way Hash Functions and Message Digest
private key cryptography
Private-Key Cryptography
  • Private/secret/single key cryptography uses one key
  • Shared by both sender and receiver
  • If this key is disclosed communications are compromised
  • Also is symmetric, parties are equal
  • Hence does not protect sender from receiver forging a message & claiming is sent by sender
public key cryptography
Public-Key Cryptography
  • Probably most significant advance in the 3000 year history of cryptography
  • Uses two keys – a public & a private key
  • Asymmetric since parties are not equal
  • Uses clever application of number theoretic concepts to function
  • Complements rather than replaces private key crypto
public key cryptography1
Public-Key Cryptography
  • Public-key/two-key/asymmetric cryptography involves the use of two keys:
    • a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures
    • a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures
  • Asymmetric because
    • those who encrypt messages or verify signatures cannot decrypt messages or create signatures
public key characteristics
Public-Key Characteristics
  • Public-Key algorithms rely on two keys with the characteristics that it is:
    • computationally infeasible to find decryption key knowing only algorithm & encryption key
    • computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known
    • either of the two related keys can be used for encryption, with the other used for decryption (in some schemes)
  • Analogy to delivery w/ a padlocked box
public key cryptosystems
Public-Key Cryptosystems
  • Two major applications:
    • encryption/decryption (provide secrecy)
    • digital signatures (provide authentication)
rsa rivest shamir adleman
RSA (Rivest, Shamir, Adleman)
  • The most popular one.
  • Support both public key encryption and digital signature.
  • Assumption/theoretical basis:
    • Factoring a big number is hard.
  • Variable key length (usually 1024 or 2048 bits).
  • Variable plaintext block size.
    • Plaintext must be “smaller” than the key.
    • Ciphertext block size is the same as the key length.
is rsa secure
Is RSA Secure?
  • Factoring 512-bit number is very hard!
  • But if you can factor big number n then given public key <e,n>, you can find d, hence the private key by:
    • Knowing factors p, q, such that, n= p*q
    • Then ø(n) =(p-1)(q-1)
    • Then d such that e*d = 1 mod ø(n)
  • Threat
    • Moore’s law
    • Refinement of factorizing algorithms
  • For the near future, a key of 1024 or 2048 bits needed
symmetric des vs public key rsa
Symmetric (DES) vs. Public Key (RSA)
  • Exponentiation of RSA is expensive !
  • AES and DES are much faster
    • 100 times faster in software
    • 1,000 to 10,000 times faster in hardware
  • RSA often used in combination in AES and DES
    • Pass the session key with RSA
    • SSL/TLS handshaking
outline2
Outline
  • History of Security and Definitions
  • Overview of Cryptography
  • Symmetric Cipher
    • Classical Symmetric Cipher
    • Modern Symmetric Ciphers (DES and AES)
  • Asymmetric Cipher
  • One-way Hash Functions and Message Digest
confidentiality authenticity
Confidentiality => Authenticity ?
  • Symmetric cipher ?
    • Shared key problem
    • Plaintext has to be intelligible/understandable
  • Asymmetric cipher?
    • Too expensive
    • Plaintext has to be intelligible/understandable
    • Desirable to cipher on a much smaller size of data which uniquely represents the long message
hash functions
Hash Functions
  • Condenses arbitrary message to fixed size

h = H(M)

  • Usually assume that the hash function is public and not keyed
  • Hash used to detect changes to message
  • Can use in various ways with message
  • Most often to create a digital signature
requirements for hash functions
Requirements for Hash Functions
  • Can be applied to any sized message M
  • Produces fixed-length output h
  • Is easy to compute h=H(M) for any message M
  • Given h is infeasible to find x s.t. H(x)=h
    • One-way property
  • Given x is infeasible to find y s.t. H(y)=H(x)
    • Weak collision resistance
  • Is infeasible to find any x,y s.t. H(y)=H(x)
    • Strong collision resistance
how many bits for hash
How Many Bits for Hash?
  • m bits, takes 2m/2 to find two with the same hash
  • 64 bits, takes 232 messages to search (doable)
  • Need at least 128 bits
general structure of secure hash code
General Structure of Secure Hash Code
  • Iterative compression function
    • Each f is collision-resistant, so is the resulting hashing
md5 message digest version 5
MD5: Message Digest Version 5

input Message

Output 128 bits Digest

  • Until recently the most widely used hash algorithm
    • in recent times have both brute-force & cryptanalytic concerns
  • Specified as Internet standard RFC1321
secure hash algorithm
Secure Hash Algorithm
  • Developed by NIST, specified in the Secure Hash Standard (SHS, FIPS Pub 180), 1993
  • SHA is specified as the hash algorithm in the Digital Signature Standard (DSS), NIST
general logic
General Logic
  • Input message must be < 264 bits
    • not really a problem
  • Message is processed in 512-bit blocks sequentially
  • Message digest is 160 bits
  • SHA design is similar to MD5, a little slower, but a lot stronger
sha 1 verses md5
SHA-1 verses MD5
  • Brute force attack is harder (160 vs 128 bits for MD5)
  • A little slower than MD5 (80 vs 64 steps)
    • Both work well on a 32-bit architecture
  • Both designed as simple and compact for implementation
  • Cryptanalytic attacks
    • MD4/5: vulnerability discovered since its design
    • SHA-1: no until recent 2005 results raised concerns on its use in future applications
revised secure hash standard
Revised Secure Hash Standard
  • NIST have issued a revision FIPS 180-2 in 2002
  • Adds 3 additional hash algorithms
  • SHA-256, SHA-384, SHA-512
    • Collectively called SHA-2
  • Designed for compatibility with increased security provided by the AES cipher
  • Structure & detail are similar to SHA-1
  • Hence analysis should be similar, but security levels are rather higher
what is rsa
What Is RSA?
  • To generate key pair:
    • Pick large primes (>= 256 bits each) p and q
    • Let n = p*q, keep your p and q to yourself!
    • For public key, choose e that is relatively prime to ø(n) =(p-1)(q-1), let pub = <e,n>
    • For private key, find d that is the multiplicative inverse of e mod ø(n),i.e., e*d = 1 mod ø(n), let priv = <d,n>
rsa example
RSA Example
  • Select primes: p=17 & q=11
  • Computen = pq =17×11=187
  • Computeø(n)=(p–1)(q-1)=16×10=160
  • Select e : gcd(e,160)=1; choose e=7
  • Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23×7=161= 10×160+1
  • Publish public key KU={7,187}
  • Keep secret private key KR={23,17,11}
how does rsa work
How Does RSA Work?
  • Given pub = <e, n> and priv = <d, n>
    • encryption: c = me mod n, m < n
    • decryption: m = cd mod n
    • signature: s = md mod n, m < n
    • verification: m = se mod n
  • given message M = 88 (nb. 88<187)
  • encryption:

C = 887 mod 187 = 11

  • decryption:

M = 1123 mod 187 = 88

ad