Security and cryptography
1 / 24

Security and Cryptography - PowerPoint PPT Presentation

  • Uploaded on

Security and Cryptography. Security: all issues which make secure communication (information transmission, two (multiple) party interaction) over insecure channels . Cryptography: the science and art of manipulating messages to make them secure. Classical cryptographic techniques.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Security and Cryptography' - cordell

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Security and cryptography
Security and Cryptography

  • Security: all issues which make secure communication (information transmission, two (multiple) party interaction) over insecure channels.

  • Cryptography: the science and art of manipulating messages to make them secure.

  • Classical cryptographic techniques.

  • Along with the development of communication networks and their broad applications, network security is becoming a more serious problem.

  • Thus, call for modern cryptography.

Network threats and attacks















Network threats and attacks



Traffic analysis





Denial of service

Security requirements for transmitting information
Security requirements for transmitting information

  • Privacy or confidentiality: the information should be readable only by the intended receiver. i.e., protect the information from eavesdropping.

  • Integrity: the receiver can confirm that a message has not been altered during transmission, i.e., protect the information from tampering.

  • Authentication: any party (sender or receiver) can verify that the other party is who he or she claims to be, i.e., validate the identity of the other party.

  • Nonrepudiation: the sender can not deny having sent a given message. i.e., if a transaction (e.g., a purchase) has occurred between two parties, the nonrepudiation service can prove that for any party, he/she really performed the transaction him/herself, not by any other person.

Approaches to implementing security

By encryption (and decryption)


Sender: encrypts the message using a key and sends the encrypted message.

Receiver: decrypts the encrypted message using the same key as the

sender’s key or a key derivable from the sender’s key.


By checksum or hash value/message digest.

Sender: computes checksum/hash value/message digest from the message

and sends the message along with the checksum/hash value/message digest.

Receiver: re-computes checksum/hash value/message digest from received message

and compares with the transmitted checksum/hash value/message digest.

Both are transmitted



In some sense, it likes error-detection.

Problem: the attacker, after intercepting the message, modifies the message,

computes the checksum for modified message, and resends them.

Solution: keyed checksum/hash value/message digest.

Message + checksum

are transmitted




Approaches to implementing security (cont.)


Traditional user ID and password.

Modern cryptography based authentication.

--Digital signature.

Undeniable signature, i.e.,


Digital signature + verification protocol + disavowal protocol

Security requirements and their implementation

encryption (and decryption)



checksum or hash value/message digestorMAC.


user ID and password or Digital signature.


Undeniable signature


Intrusion detection and defense


Access control


Log, record, trace, system administration

Q: how to defense Replay attack?

Timestamps and/or sequence numbers.

Classification of cryptosystems
Classification of cryptosystems

  • Secret key systems vs. public key systems

  • Classical vs. modern

    • Classical: secret key systems

      • Shift, Affine, Vigenere, Hill, Permutation (transposition) cipher, Stream cipher

    • Modern:

      • Secret key systems

        • DES, AES, PGM

      • Public key systems

        • RSA, ElGamal, Elliptic Curve

Shift cipher example
Shift cipher--example

  • Suppose a plaintext word: cryptography

  • Change each letter by shifting the letter three position rightward

  • The cipherword is: FUBSWRJUDSKB

Question: if given the above cipherword, how to get original word?

Change each letter by shifting the letter three position leftward.

This kind of cryptosystem is called “Caesar Cipher”

Secret cryptosystem des
Secret cryptosystem--DES

  • Data Encryption Standard (DES)

  • First version in 1975, developed by IBM.

  • A type of iterated cipher.

  • Plaintext block: 64 bits, key: 56 bits, ciphertext block:64 bits.

  • Steps:

    • Initial permutation (IP)

    • 16 rounds of transformations

    • Inverse permutation (IP-1)

Key management and exchange
Key management and exchange

  • Key is the essential part in any cryptosystem, especially in secret key systems.

  • How to distribute/exchange key/keys between two users/any pair of multiple users.

  • Therefore key management and key exchange come into play.

  • Also public key systems appeared.

Why public key cryptography
Why public-key cryptography

  • The two communicants in secret key system require the

  • prior communication of key, using a secure channel.

  • it is very difficult to achieve in practice. Unless the two

  • communicants meet together, phone call, post mail, email

  • etc., are not secure.

  • Suppose there are n users and every pair of users want to

  • communicate. In secret-key system, it is necessary that

  • the total number of keys is n(n-1)/2. Very difficult to

  • management and quite insecure.

  • However, in public-key system, every user selects his/her

  • own private key and public key, and publicizes the public

  • key but keep the private key secret. Quite easy and very secure.

The main problem with public-key system is that it is very slow.

Public key cryptosystem
Public-key cryptosystem

  • Secret-key cryptosystem:

    • eK & dK: dK is the same as or derived from eK.

    • Called symmetric-key cryptosystem.

    • Problem: how to distribute eK & dK to Alice & Bob securely.

  • Public-key cryptosystem:

    • Computationally infeasible to compute dK from eK.

    • Called asymmetric-key cryptosystem.

    • eK is made public, called public key

    • But dK is kept secret, called private key.

Public key system how it works
Public-key system: how it works

  • Everybody selects its own public keyP and private key S, and publicizes P.

  • Therefore Alice has (Pa , Sa), and Bob has (Pb , Sb).

  • Everybody knows Pa, Pb, …

  • Suppose Alice wants to send a message to Bob.

    • Alice encrypts the message with Bob’s public keyPb and sends out.

    • (only) Bob can decrypt the message using his private keySb. Nobody else can.

Rsa cryptosystem
RSA cryptosystem

  • Suppose n=pq, where p and q are big primes.

  • Select (find) a and b, such that ab=1 mod (n).

  • K=(n,p,q,a,b), publicize n,b, but keep p,q,a secret.

  • For any x,yZn , define

    • eK(x)= xb mod n

    • dK(y)= ya mod n

  • Of course, from n,b, it is very difficult to get a (as well as p,q,(n)).

Two party key management
Two party key management

  • By public key cryptosystems:

    • Alice selects a random value k as a key

    • Alice encrypts the key k with Bob’s public key and sends to Bob

    • Bob decrypts the key using his private key

    • Alice and Bob encrypt/decrypt messages using secret key systems such as DES with the key k.

    • This is a typical combination of secret and public key systems.

  • By Diffie-Hellman key agreement

    • Based on Discrete Logarithm Problem

Dlp discrete logarithm problem
DLP (Discrete Logarithm Problem)

  • Suppose p is an odd prime.

  • Zp={0,1,…,p-1} is a finite field.

  • Zp* : the set of integers which are relatively prime to p.

    • {a  Zp| gcd(a, p)=1}={1,…,p-1}

    • it is a cyclic multiplicative group.

  • g is a generator of Zp* ,

    • i.e. , Zp* ={g0 mod p, g1mod p, …, gp-2mod p}.

  • DLP problem

    • Given any a, compute b=g a(mod p) is easy.

    • given any b, find an asuch that b = g a (mod p) is difficult.

  • Denoted as a = log g b. Omit: mod p for simplicity.

Two party diffie hellman dh key exchange
(Two-party) Diffie-Hellman (DH) key exchange

Suppose p and g are publicly known:

g a mod p)

(bg b mod p)


g a



g b

K=(ga) b=g ab

K=(gb) a=g ab

Anyone else can compute g a g b = g a+b but notg ab


  • Cryptology = cryptography + cryptanalysis.

    • Cryptography: devise cryptosystems.

    • Cryptanalysis: break cryptosystems.

Kerckhoff principle and attack levels
Kerckhoff principle and attack levels

  • Kerckhoff principle: the cryptosystem is publicly known, but only the key is secret. Breaking a cryptosystem (i.e., cryptanalysis) means figuring out the key currently used.

  • Attack levels:

    • Ciphertext-only: the attacker possesses a string of ciphertext, y.

    • Known plaintext: the attacker possesses a string of plaintext, x, and the corresponding ciphertext, y.

    • Chosen plaintext: the attacker has obtained temporary access to the encryption machinery. Hence, he can choose a plaintext string, x, and construct the corresponding ciphertext string, y.

    • Chosenciphertext: the attacker has obtained temporary access to the decryption machinery. Hence, he can choose a ciphertext string, y, and construct the corresponding plaintext string, x.

Internet security protocols
Internet security protocols

  • The Internet has implemented a suite of security protocols combining secret-key, public-key, digital signature, message digest, etc.

    • IPSec (IP security): i.e., IP layer / network layer

    • SSL (Secure Socket Layer) & TLS (Transport Layer Security): transport layer

    • SSH (Secure Shell), SFTP, HTTPS, PGP (Pretty Good Privacy): application layer

Ipsec key agreement
IPSec key agreement

Crypto suites I support

Crypto suite I choose

ga mod p

Entity A

Entity B

gb mod p

gab mod p{“Alice”, proof I am Alice}

gab mod p{“Bob”, proof I am Bob}

Ssl position
SSL position

Copied from

Ssl functionality
SSL functionality

  • Server authentication (by public certificate)

  • Client authentication (Optional)

  • Data encryption (by secret key system)

  • Integrity protection by (MAC)

Ssl handshake
SSL handshake

I want to talk, ciphers I support, RC

Certificate (PS), cipher I choose, RS



{S}PS, {keyed hash of handshake MSG}




{keyed hash of handshake MSG}


Data protected by keys derived from K

There are total six keys, three keys (encryption key, IV, integrity key) in each direction.