1 / 56

Computer Security: Principles and Practice

Computer Security: Principles and Practice. W Stallings, L Brown Some slides by Dr Lincke Chapter 2. Encryption. Encryption. Text: Computer Security: Principles and Practice, W Stallings, L Brown Chapter 2 Objectives: The student should be able to:

forster
Download Presentation

Computer Security: Principles and Practice

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security: Principles and Practice W Stallings, L Brown Some slides by Dr Lincke Chapter 2 Encryption

  2. Encryption Text: Computer Security: Principles and Practice, W Stallings, L Brown Chapter 2 Objectives: The student should be able to: Define authentication, integrity, confidentiality and non-repudiation. Define plaintext, ciphertext, key, P-box, S-box, session key, digital signature, message digest, hash. Demonstrate operation of a simple substitution cipher, permutation cipher, stream cipher, block cipher, block chaining mode cipher. Describe why chaining is advantageous in block ciphers. Define symmetric versus asymmetric encryption algorithms and describe the differences between the two. Define the advantages of secret key and public key algorithms. Describe their functions in relation to authenticity, non-repudiation, integrity, confidentiality, and speed. Describe two methods of producing a hash. Define whether the following protocols support authentication, non-repudiation, integrity, and/or confidentiality via hashing or a type of encryption: AES, HMAC, DES, MD5, RCS, RSA.

  3. Security is composed of: Secrecy – Access Control Confidentiality Integrity Availability Reliability - Survivability Accuracy - Incorruptibility

  4. Cryptographic Tools • cryptographic algorithms important element in security services • review various types of elements • symmetric encryption • public-key (asymmetric) encryption • digital signatures and key management • secure hash functions • example is use to encrypt stored data

  5. Confidentiality: Unauthorized parties cannot access information (->Secret Key Encryption Authenticity: Ensuring that the actual sender is the claimed sender. (->Public Key Encryption) Integrity: Ensuring that the message was not modified in transmission. (->Hashing) Nonrepudiation: Ensuring that sender cannot deny sending a message at a later time. (->Digital Signature) Data Privacy Bill Confidentiality Joe Bill Authenticity Joe (Actually Bill) Ann Ann Integrity Joe Non-Repudiation Joe Bill Ann Ann

  6. We share a secret Secret Key EncryptionSymmetric Encryption

  7. Encryption – Secret Key Encrypt Ksecret Decrypt Ksecret plaintext plaintext ciphertext P = D(Ksecret, E(Ksecret,P))

  8. Symmetric Encryption

  9. Encryption Stages Substitution Permutation G s v h r a v l u g s v v m x r k s v i v w g v c g h s l f o w y v m l o z i t v i g s z m g s v g v c g l u g s v l i r t r m z o n v h h z t v. CSECT6A EIRAN9E TSTIO2A HHONU5M ASDC1NL

  10. Block Cipher Example Plaintext: 1 1 1 1 0 0 0 0 1 0 1 0 S-Box 0 1 0 1 S-Box Replace key Substitute Transform Or P-Box X-OR Truth Table 0 x 0 = 0 0 x 1 = 1 1 x 0 = 1 1 x 1 = 0 1 1 0 0 S-Box 0 0 1 1 S-Box Substitute Ciphertext:

  11. Electronic Codebook (ECB) • simplest mode • split plaintext into blocks • encrypt each block using the same key • “codebook” because have unique ciphertext value for each plaintext block • not secure for long messages since repeated plaintext is seen in repeated ciphertext

  12. Block Cipher Structure • have a general iterative block cipher structure • with a sequence of rounds • with substitutions / permutations controlled by key • parameters and design features: • block size • key size • number of rounds • subkey generation algorithm • round function complexity • also: fast software en/decrypt, ease of analysis

  13. Cipher Block Chaining (CBC)

  14. Block Chaining Mode:Implementing Diffusion Plaintext: 1 1 1 1 0 0 0 0 1 0 1 0 S-Box 0 1 0 1 S-Box Replace key: 1011.0111 Substitute Transform X-OR Truth Table 0 x 0 = 0 0 x 1 = 1 1 x 0 = 1 1 x 1 = 0 1 1 0 0 S-Box 0 0 1 1 S-Box Substitute Ciphertext: 1 0 1 1 0 1 1 1 To decrypt one segment requires decrypting > 1 section

  15. Feistel Encryption:Implementing Confusion Plaintext: 1 1 1 1 0 0 0 0 1 0 1 0 S-Box 0 1 0 1 S-Box Key Substitute X-OR Truth Table 0 x 0 = 0 0 x 1 = 1 1 x 0 = 1 1 x 1 = 0 0 1 0 1 S-Box Substitute Ciphertext: 0 0 0 0 0 1 0 1 A change in one bit affects multiple bits

  16. Symmetric Encryption Algorithms

  17. Commercial Block Ciphers

  18. DES and Triple-DES • Data Encryption Standard (DES) is the most widely used encryption scheme • uses 64 bit plaintext block and 56 bit key to produce a 64 bit ciphertext block • concerns about algorithm & use of 56-bit key • Triple-DES • repeats basic DES algorithm three times • using either two or three unique keys • much more secure but also much slower

  19. Triple DES (3DES) • first used in financial applications • in DES FIPS PUB 46-3 standard of 1999 • uses three keys & three DES executions: C = E(K3, D(K2, E(K1, P))) • decryption same with keys reversed • use of decryption in second stage gives compatibility with original DES users • effective 168-bit key length, slow, secure • AES will eventually replace 3DES

  20. Advanced Encryption Standard (AES) • needed a better replacement for DES • NIST called for proposals in 1997 • selected Rijndael in Nov 2001 • published as FIPS 197 • symmetric block cipher • uses 128 bit data & 128/192/256 bit keys • now widely available commercially

  21. Advanced Encryption Standard (AES)

  22. Stream Cipher Input: 1 1 1 1 0 0 0 0 1 1 1 Random: 1 0 0 1 0 1 1 0 0 1 1 Ciphertext: 0 1 1 0 0 1 1 0 1 0 0 Random: 1 0 0 1 0 1 1 0 0 1 1 Plaintext: 1 1 1 1 0 0 0 0 1 1 1 Example System: RC4 (SSL/TLS, WEP, WPA)

  23. Block verses Stream Ciphers

  24. Stream Ciphers • processes input elements continuously • key input to a pseudorandom bit generator • produces stream of random like numbers • unpredictable without knowing input key • XOR keystream output with plaintext bytes • are faster and use far less code • design considerations: • encryption sequence should have a large period • keystream approximates random number properties • uses a sufficiently long key

  25. Attacking Symmetric Encryption • cryptanalysis • rely on nature of the algorithm • plus some knowledge of plaintext characteristics • even some sample plaintext-ciphertext pairs • exploits characteristics of algorithm to deduce specific plaintext or key • brute-force attack • try all possible keys on some ciphertext until get an intelligible translation into plaintext

  26. Exhaustive Key Search

  27. You may know my Public Key Public Key EncryptionAsymmetric Encryption

  28. Encryption Joe Encrypt (public) Decrypt (private) Key owner Message, private key Authentication, Non-repudiation Joe Decrypt (public) Encrypt (private) Key owner Digital Signature Public Key Encryption P = D(kPRIV, E(kPUB,P)) P = D(kPUB, E(kPRIV,P))

  29. Public Key Encryption

  30. Public Key Authentication

  31. Public Key Requirements • computationally easy to create key pairs • computationally easy for sender knowing public key to encrypt messages • computationally easy for receiver knowing private key to decrypt ciphertext • computationally infeasible for opponent to determine private key from public key • computationally infeasible for opponent to otherwise recover original message • useful if either key can be used for each role

  32. Public Key Algorithms • RSA (Rivest, Shamir, Adleman) • developed in 1977 • only widely accepted public-key encryption alg • given tech advances need 1024+ bit keys • Diffie-Hellman key exchange algorithm • only allows exchange of a secret key • Digital Signature Standard (DSS) • provides only a digital signature function with SHA-1 • Elliptic curve cryptography (ECC) • new, security like RSA, but with much smaller keys

  33. Encryption Comparison

  34. Verify the data was not modified Secure Hash Functions

  35. Documents with Integrity Questions Applications Integrity Contracts Financial data Non-Repudiation Digital Signature Contracts • Can fraud occur if changes are made? • Was this document modified? • How can I be sure you sent it? • Is encryption necessary? Data Check Sum

  36. Message Authentication • protects against active attacks • verifies received message is authentic • contents unaltered • from authentic source • timely and in correct sequence • may use conventional encryption • only sender & receiver have key needed • or separate authentication mechanisms • append authentication tag to cleartext message

  37. Secure Hash Functions

  38. Simple Hash Functions • a one-way or secure hash function used in message authentication, digital signatures • all hash functions process input a block at a time in an iterative fashion • one of simplest hash functions is the bit-by-bit exclusive-OR (XOR) of each block Ci = bi1bi2 . . . bim • effective data integrity check on random data • less effective on more predictable data • virtually useless for data security

  39. Message Authentication Codes

  40. Secure Hash Functions Message Message H Message H H Compare H H H K K Message Authentication Code H H Message Message H Message H Compare H H E D H K K One Way Hash K Message Message H K Message H H Compare H H H

  41. Public Key Certificates

  42. SHA-512 Structure

  43. Message Digest 5 (MD5) ->128 bit hash for 512-bit blocks Secure Hash Function (SHA) -> SHA-256, SHA-384, SHA-512-> 512 bit hash for1024 bit blocks Hashed Message Auth. Code (HMAC): System treats hash function as black box. Secure Hash Functions SHA-512 Rand Const Msg IV Round 0 Round 1 Round 79 Round 80 Hash

  44. Hash Function Requirements • applied to any size data • H produces a fixed-length output. • H(x) is relatively easy to compute for any given x • one-way property • computationally infeasible to find x such that H(x) = h • weak collision resistance • computationally infeasible to find y ≠ x such that H(y) = H(x) • strong collision resistance • computationally infeasible to find any pair (x, y) such that H(x) = H(y)

  45. Hash Functions • two attack approaches • cryptanalysis • exploit logical weakness in algorithm • brute-force attack • trial many inputs • strength proportional to size of hash code (2n/2) • SHA most widely used hash algorithm • SHA-1 gives 160-bit hash • more recent SHA-256, SHA-384, SHA-512 provide improved size and security

  46. Non-Repudiation: You signed it – it is a contract!!! Digital Signature

  47. Digital EnvelopesEncrypt with symmetric key,Send symmetric key using Public Key

  48. Message AuthWhich of these offer Digital Signature?

  49. Digital Signature:Using Public Key EncryptionEncode with Private KeyDecode with Public Key

  50. 10011010000010111010011010110010101001111000101010101 Are We Secure?Other Issues

More Related