Et4085 et5085 keamanan jaringan telekomunikasi et4085 et5085 telecommunication network security
Download
1 / 68

ET4085/ET5085 Keamanan Jaringan Telekomunikasi ET4085/ET5085 Telecommunication Network Security - PowerPoint PPT Presentation


  • 53 Views
  • Uploaded on

ET4085/ET5085 Keamanan Jaringan Telekomunikasi ET4085/ET5085 Telecommunication Network Security . Tutun Juhana Telecommunication engineering School of electrical engineering & informatics Institut teknologi bandung http://telecommunication.itb.ac.id/~tutun/ET4085. Cryptography.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' ET4085/ET5085 Keamanan Jaringan Telekomunikasi ET4085/ET5085 Telecommunication Network Security ' - nariko


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Et4085 et5085 keamanan jaringan telekomunikasi et4085 et5085 telecommunication network security

ET4085/ET5085 KeamananJaringanTelekomunikasiET4085/ET5085 Telecommunication Network Security

Tutun Juhana

Telecommunication engineering

School of electrical engineering & informatics

Institut teknologi bandung

http://telecommunication.itb.ac.id/~tutun/ET4085

http://wp.me/P29YQz-k


Cryptography
Cryptography

http://wp.me/P29YQz-k


Definition
Definition

  • Came from Greek cryptography krupto(hidden or secret) and grafh(written)

    • Art of secret writing

http://wp.me/P29YQz-k


Services provided by cryptography

User Authentication

Services Provided by Cryptography

http://wp.me/P29YQz-k


Data Integrity

http://wp.me/P29YQz-k


Data origin authentication

B

A

He can claim that he is A

http://wp.me/P29YQz-k


Non-repudiation of origin

http://wp.me/P29YQz-k


Data confidentiality

  • ?

http://wp.me/P29YQz-k


Friends and enemies alice bob trudy
Friends and enemies: Alice, Bob, Trudy

well-known in network security world

Bob, Alice (lovers!) want to communicate “securely”

Trudy (intruder) may intercept, delete, add messages

http://wp.me/P29YQz-k


Who might bob alice be
Who might Bob, Alice be?

Real-life Bobs and Alices!

Web browser/server for electronic transactions (e.g., on-line purchases)

on-line banking client/server

DNS servers

routers exchanging routing table updates

etc.

http://wp.me/P29YQz-k


The language of cryptography
The language of cryptography

m plaintext message

KA(m) ciphertext, encrypted with key KA

m = KB(KA(m))

symmetric key crypto: sender, receiver keys identical

public-key crypto: encryption key public, decryption key secret (private)

http://wp.me/P29YQz-k


Symmetric key cryptography
Symmetric key cryptography

  • symmetric key crypto: Bob and Alice share known same (symmetric) key: KAB

    • e.g., key is knowing substitution pattern in mono alphabetic substitution cipher

http://wp.me/P29YQz-k


  • substitution cipher: substituting one thing for another

    • monoalphabetic cipher: substitute one letter for another

http://wp.me/P29YQz-k


Deciphering techniques attacks on a cryptosystem
Deciphering techniques (attacks on a cryptosystem)

  • Cipher-text only attack: no clue about contents of message: statistical analysis

  • Known-plaintext attack: trudy has some plaintext for some ciphertext

    • eg, in monoalphabetic cipher, trudy determines pairings for a,l,i,c,e,b,o

  • Chosen-plaintext attack: trudy can get the cyphertext for some chosen plaintext

    • Eg, Trudy masquerades as Alice

http://wp.me/P29YQz-k


Statistical analysis example

A typical distribution of letters in English language text

http://wp.me/P29YQz-k


Suppose we have intercepted the cipher-text below, and it is known to be encrypted using a simple substitution cipher

  • LIVITCSWPIYVEWHEVSRIQMXLEYVEOIEWHRXEXIPFEMVEWHKVSTYLXZIXLIKIIXPIJVSZEYPERRGERIM WQLMGLMXQERIWGPSRIHMXQEREKIETXMJTPRGEVEKEITREWHEXXLEXXMZITWAWSQWXSWEXTVEPMRXRSJ GSTVRIEYVIEXCVMUIMWERGMIWXMJMGCSMWXSJOMIQXLIVIQIVIXQSVSTWHKPEGARCSXRWIEVSWIIBXV IZMXFSJXLIKEGAEWHEPSWYSWIWIEVXLISXLIVXLIRGEPIRQIVIIBGIIHMWYPFLEVHEWHYPSRRFQMXLE PPXLIECCIEVEWGISJKTVWMRLIHYSPHXLIQIMYLXSJXLIMWRIGXQEROIVFVIZEVAEKPIEWHXEAMWYEPP XLMWYRMWXSGSWRMHIVEXMSWMGSTPHLEVHPFKPEZINTCMXIVJSVLMRSCMWMSWVIRCIGXMWYMX

  • For this example, uppercase letters are used to denote ciphertext, lowercase letters are used to denote plaintext (or guesses at such), and X~t is used to express a guess that ciphertext letter X represents the plaintext letter t.

  • We could use frequency analysis to help solve the message along the following lines: counts of the letters in the cryptogram show that I is the most common single letter, XL most common bigram, and XLI is the most common trigram. e is the most common letter in the English language, th is the most common bigram, and the is the most common trigram. This strongly suggests that X~t, L~h and I~e. The second most common letter in the cryptogram is E; since the first and second most frequent letters in the English language, e and t are accounted for, We guess that E~a, the third most frequent letter. Tentatively making these assumptions, the following partial decrypted message is obtained.

http://wp.me/P29YQz-k


heVeTCSWPeYVaWHaVSReQMthaYVaOeaWHRtatePFaMVaWHKVSTYhtZetheKeetPeJVSZaYPaRRGaReM WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

  • Using these initial guesses, We can spot patterns that confirm our choices, such as "that". Moreover, other patterns suggest further guesses. "Rtate" might be "state", which would mean R~s. Similarly "atthattMZe" could be guessed as "atthattime", yielding M~i and Z~m. Furthermore, "heVe" might be "here", giving V~r. Filling in these guesses, We get:

  • hereTCSWPeYraWHarSseQithaYraOeaWHstatePFairaWHKrSTYhtmetheKeetPeJrSmaYPassGasei WQhiGhitQaseWGPSseHitQasaKeaTtiJTPsGaraKaeTsaWHatthattimeTWAWSQWtSWatTraPistsSJ GSTrseaYreatCriUeiWasGieWtiJiGCSiWtSJOieQthereQeretQSrSTWHKPaGAsCStsWearSWeeBtr emitFSJtheKaGAaWHaPSWYSWeWeartheStherthesGaPesQereeBGeeHiWYPFharHaWHYPSssFQitha PPtheaCCearaWGeSJKTrWisheHYSPHtheQeiYhtSJtheiWseGtQasOerFremarAaKPeaWHtaAiWYaPP thiWYsiWtSGSWsiHeratiSWiGSTPHharHPFKPameNTCiterJSrhisSCiWiSWresCeGtiWYit

http://wp.me/P29YQz-k


Penjahat WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt#2 melakukan

penyadapan kemudian

Mempelajari ciphertext dari

PIN baru tersebut

Chosen-Plaintext Attack example

PIN di-enkripsi lalu

dikirimkan ke bank

cipher(key,PIN)

Penjahat #1 merubah

PIN yang dimilikinya

(chosen plaintext)

… diulangi untuk beberapa nilai PIN

18

http://wp.me/P29YQz-k


Polyalphabetic encryption
Polyalphabetic encryption WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

The Alberti cipher by Leon Battista Alberti around 1467 was believed to be the first polyalphabetic cipher

But at 750 AD , Abu Yusuf Yaqub ibn Is-haq Al-Kindi, authored a book on cryptology the "Risalah fi Istikhraj al-Mu'amma" (Manuscript for the Deciphering Cryptographic Messages)

Leon Battista Alberti

Abu Yusuf Yaqub ibn Is-haq Al-Kindi

http://wp.me/P29YQz-k


  • n monoalphabetic cyphers, M1,M2,…,Mn WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

  • Cycling pattern:

    • e.g., n=4, M1,M3,M4,M3,M2; M1,M3,M4,M3,M2;

  • For each new plaintext symbol, use subsequent monoalphabetic pattern in cyclic pattern

    • dog: d from M1, o from M3, g from M4

  • Key: the n ciphers and the cyclic pattern

http://wp.me/P29YQz-k


How this Cipher Works? WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

Pick a keyword (for our example, the keyword will be "MEC").

Write your keyword across the top of the text you want to encipher, repeating it as many times as necessary.

For each letter, look at the letter of the keyword above it (if it was 'M', then you would go to the row that starts with an 'M'), and find that row in the Vigenere table.

Then find the column of your plaintext letter (for example, 'w', so the twenty-third column)

Finally, trace down that column until you reach the row you found before and write down the letter in the cell where they intersect (in this case, you find an 'I' there).

http://wp.me/P29YQz-k


Symmetric stream ciphers
Symmetric: Stream Ciphers WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

  • Combine each byte of keystream with byte of plaintext to get b of ciphertext

  • p(i) = ithunit of message

  • ks(i) = ithunit of keystream

  • c(i) = ithunit of ciphertext

  • c(i) = ks(i) ⊕ p(i)

    • (⊕ = exclusive or)

  • p(i) = ks(i) ⊕ c(i)

http://wp.me/P29YQz-k


Problems with stream ciphers
Problems with stream ciphers WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

  • Known plain-text attack

    • There’s often predictable and repetitive data in communication messages

    • attacker receives some cipher text c and correctly guesses corresponding plaintext m

    • ks = m ⊕ c

    • Attacker now observes c’

    • m’ = (m ⊕ c) ⊕ c’

http://wp.me/P29YQz-k


  • Even easier WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

    • Attacker obtains two ciphertexts, c and c’, generating with same key sequence

    • c ⊕ c’ = m ⊕ m’

    • There are well known methods for decrypting 2 plaintexts given their XOR

http://wp.me/P29YQz-k


  • Integrity problem too WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

    • supppose attacker knows m and c;

    • want to change m to m’

    • c’ = c ⊕ (m ⊕ m’)

    • send c’ to destination

http://wp.me/P29YQz-k


  • Example of stream cipher: WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

    • A5 (for GSM)

    • RC4

http://wp.me/P29YQz-k


Symmetric encryption block ciphers
Symmetric encryption: block ciphers WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt

Message to be encrypted is processed in blocks of bytes (8 or 16).

Block cipher: huge lookup table

Example: 2-bit blocks and 2-bit keys

http://wp.me/P29YQz-k


  • Each column should be a random permutation of all possible output strings

  • If block is 64 bits and key is 56 bits, have 264 rows, 256 columns, 2120 entries

  • Table too big: instead use function that simulates a randomly permuted table

  • c(i) = KAB(m(i)) : encrypt block m(i) using key AB

  • m(i) = KAB(c(i)) : decrypt block c(i) using key AB

  • Problem: if m(i) and m(j) same, c(i) and c(j) same

    • Attacker may be able to guess m(i) from context of message

http://wp.me/P29YQz-k


Block ciphers cipher block chaining
Block ciphers: cipher block chaining output strings

  • Don’t want same plaintext giving same ciphertext

    • Have encryption of current block depend on result of previous block

    • c(i) = KAB( m(i) ⊕ c(i-1) )

    • m(i) = KAB( c(i) ⊕ c(i-1) )

  • How do we encrypt first block?

    • Initialization vector (IV): random block = c(0)

    • IVs do not have to be secret

http://wp.me/P29YQz-k


Symmetric key crypto des
Symmetric key crypto: DES output strings

  • DES: Data Encryption Standard

    • US encryption standard [NIST 1993]

    • 56-bit symmetric key, 64-bit plaintext input

    • Block cipher with cipher block chaining

  • How secure is DES?

    • DES Challenge: 56-bit-key-encrypted phrase decrypted (brute force) in less than a day

    • No known good analytic attack

  • making DES more secure:

    • 3DES: encrypt 3 times with 3 different keys (actually encrypt, decrypt, encrypt)

http://wp.me/P29YQz-k


DES operation output strings

initial permutation

16 identical “rounds” of function application, each using different 48 bits of key

final permutation

http://wp.me/P29YQz-k


Aes advanced encryption standard
AES: Advanced Encryption Standard output strings

New (Nov. 2001) symmetric-key NIST standard, replacing DES

processes data in 128 bit blocks

128, 192, or 256 bit keys

brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES

http://wp.me/P29YQz-k


Key distribution center kdc
Key Distribution Center (KDC) output strings

http://wp.me/P29YQz-k


Alice, Bob need shared symmetric key. output strings

KDC: server shares different secret key with each registered user (many users)

Alice, Bob know own symmetric keys, KA-KDC KB-KDC , for communicating with KDC.

http://wp.me/P29YQz-k


Q: How does KDC allow Bob, Alice to determine shared symmetric secret key to communicate with each other?

http://wp.me/P29YQz-k


Public key cryptography
Public Key Cryptography symmetric secret key to communicate with each other?

  • symmetric key crypto

    • requires sender, receiver know shared secret key

    • Q: how to agree on key in first place (particularly if never “met”)?

  • public key cryptography

    • radically different approach [Diffie-Hellman76, RSA78]

    • sender, receiver do not share secret key

    • public encryption key known to all

    • private decryption key known only to receiver

http://wp.me/P29YQz-k


http://wp.me/P29YQz-k symmetric secret key to communicate with each other?


Public key encryption algorithms
Public key encryption algorithms symmetric secret key to communicate with each other?

http://wp.me/P29YQz-k


Rsa choosing keys
RSA: Choosing keys symmetric secret key to communicate with each other?

http://wp.me/P29YQz-k


Rsa encryption decryption
RSA: Encryption, decryption symmetric secret key to communicate with each other?

http://wp.me/P29YQz-k


Rsa example
RSA example symmetric secret key to communicate with each other?

http://wp.me/P29YQz-k


Rsa another important property
RSA: another important property symmetric secret key to communicate with each other?

http://wp.me/P29YQz-k


Rsa is slow
RSA is slow symmetric secret key to communicate with each other?

  • Exponentiation is computationally intensive

  • DES is at least 100 times faster than RSA

  • Session key, KS

    • Bob and Alice use RSA to exchange a symmetric key KS

    • Once both have KS, they use DES

http://wp.me/P29YQz-k


Message authentication
Message Authentication symmetric secret key to communicate with each other?

  • Allows communicating parties to verify that received messages are authentic.

    • Verify content of message has not been altered

    • Source is authentic

    • Message has not been artificially delayed (playback attack)

    • Sequence of messages is maintained

http://wp.me/P29YQz-k


  • Why not use encryption? symmetric secret key to communicate with each other?

    • Often overkill, computationally expensive

    • Broadcast message

  • Let’s first talk about message digests

http://wp.me/P29YQz-k


Message digests
Message Digests symmetric secret key to communicate with each other?

Function H( ) that takes as input an arbitrary length message and outputs a fixed-length strength: “message signature”

Note that H( ) is a many to-1 function

H( ) is often called a “hash function”

http://wp.me/P29YQz-k


  • Desirable properties: symmetric secret key to communicate with each other?

    • Easy to calculate

    • Irreversibility: Can’t determine m from H(m)

    • Collision resistance: Computationally difficult to produce m and m’ such that H(m) = H(m’)

    • Seemingly random output

http://wp.me/P29YQz-k


Hash function algorithms
Hash Function Algorithms symmetric secret key to communicate with each other?

  • MD5 hash function widely used (RFC 1321)

    • computes 128-bit message digest in 4-step process.

    • arbitrary 128-bit string x

      • appears difficult to construct msg m whose MD5 hash is equal to x.

  • SHA-1 is also used.

    • US standard [NIST, FIPS PUB 180-1]

    • 160-bit message digest

http://wp.me/P29YQz-k


Message authentication code mac
Message Authentication Code (MAC) symmetric secret key to communicate with each other?

http://wp.me/P29YQz-k


Digital signatures
Digital Signatures symmetric secret key to communicate with each other?

Cryptographic technique analogous to handwritten signatures.

sender (Bob) digitally signs document, establishing he is document owner/creator.

verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document

http://wp.me/P29YQz-k


http://wp.me/P29YQz-k symmetric secret key to communicate with each other?


http://wp.me/P29YQz-k symmetric secret key to communicate with each other?


Digital signature standard
Digital Signature Standard symmetric secret key to communicate with each other?

http://wp.me/P29YQz-k


Certification authorities
Certification Authorities symmetric secret key to communicate with each other?

  • Certification authority (CA): binds public key to particular entity, E.

  • E (person, router) registers its public key with CA.

    • E provides “proof of identity” to CA.

    • CA creates certificate binding E to its public key.

    • certificate containing E’s public key digitally signed by CA

      • CA says “this is E’s public key”

http://wp.me/P29YQz-k


  • When Alice wants Bob’s public key: symmetric secret key to communicate with each other?

    • gets Bob’s certificate (Bob or elsewhere).

    • apply CA’s public key to Bob’s certificate, get Bob’s public key

http://wp.me/P29YQz-k


Certificates summary
Certificates: summary symmetric secret key to communicate with each other?

  • Primary standard X.509 (RFC 2459)

  • Certificate contains:

    • Issuer name

    • Entity name, address, domain name, etc.

    • Entity’s public key

    • Digital signature (signed with issuer’s private key)

http://wp.me/P29YQz-k


End point authentication
End-point authentication symmetric secret key to communicate with each other?

Goal: Bob wants Alice to “prove” her identity to him

Protocol ap1.0: Alice says “I am Alice”

http://wp.me/P29YQz-k


Goal: Bob wants Alice to “prove” her identity to him symmetric secret key to communicate with each other?

Protocol ap1.0: Alice says “I am Alice”

http://wp.me/P29YQz-k


End point authentication another try
End-point authentication: another try symmetric secret key to communicate with each other?

Protocol ap2.0: Alice says “I am Alice” in an IP packet containing her source IP address

http://wp.me/P29YQz-k


Protocol ap2.0: Alice says “I am Alice” in an IP packet containing her source IP address

http://wp.me/P29YQz-k


End point authentication another try1
End-point authentication: another try containing her source IP address

Protocol ap3.0: Alice says “I am Alice” and sends her secret password to “prove” it.

http://wp.me/P29YQz-k


Protocol ap3.0: Alice says “I am Alice” and sends her secret password to “prove” it.

http://wp.me/P29YQz-k


End point authentication yet another try
End-point authentication: yet another try secret password to “prove” it.

Protocol ap3.1: Alice says “I am Alice” and sends her encrypted secret password to “prove” it.

http://wp.me/P29YQz-k


Protocol ap3.1: Alice says “I am Alice” and sends her encrypted secret password to “prove” it.

http://wp.me/P29YQz-k


End point authentication yet another try1
End-point authentication: yet another try encrypted secret password to “prove” it.

Goal: avoid playback attack

Nonce: number (R) used only once-in-a-lifetime

ap4.0: to prove Alice “live”, Bob sends Alice nonce, R. Alice must return R, encrypted with shared secret key

http://wp.me/P29YQz-k


End point authentication ap5 0
End-point authentication: ap5.0 encrypted secret password to “prove” it.

ap4.0 requires shared symmetric key

can we authenticate using public key techniques?

ap5.0: use nonce, public key cryptography

http://wp.me/P29YQz-k


Ap5 0 security hole
ap5.0: security hole encrypted secret password to “prove” it.

Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice)

http://wp.me/P29YQz-k


Ap5 0 security hole1
ap5.0: security hole encrypted secret password to “prove” it.

Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice)

http://wp.me/P29YQz-k


ad