GS: Chapter 3 Encryption, Authentication and Java Cryptography

1 / 27

GS: Chapter 3 Encryption, Authentication and Java Cryptography - PowerPoint PPT Presentation

GS: Chapter 3 Encryption, Authentication and Java Cryptography. Cryptography & Java. Encryption Authentication Java Cryptography. Encryption. Encryption Basics: An algorithm ( or cipher) and a key are required in order to encrypt or decrypt messages. Example: the Caesar cipher (p.34)

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

PowerPoint Slideshow about 'GS: Chapter 3 Encryption, Authentication and Java Cryptography' - athalia

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

GS: Chapter 3Encryption, Authentication and Java Cryptography

csci5931 Web Security

Cryptography & Java
• Encryption
• Authentication
• Java Cryptography

csci5931 Web Security

Encryption
• Encryption Basics:
• An algorithm (or cipher) and a key are required in order to encrypt or decrypt messages.
• Example: the Caesar cipher (p.34)
• A symmetric, stream cipher
• Exercise: Encrypt “DDAY” using Caesar cipher (5).
• Q: What is the algorithm?
• Q: What is the key?
• Q: How would the cipher be decrypted?

csci5931 Web Security

Encryption
• Symmetric Encryptions:
• Both the encrypter and the decrypter share the same key.
• Key space: The set of possible keys that work with a cipher; determined by the number of bits used in the cipher.
• The larger the key space is, the more secure the encryption will be.
• Each additional bit added to the key length doubles its security.

csci5931 Web Security

Encryption
• Symmetric Encryptions:
• Two types of symmetric ciphers: block ciphers and stream ciphers.
• Examples of symmetric encryptions:
• DES (Data Encryption Standard) & TripleDES: block ciphers
• Blowfish: a faster and more secure replacement of DES
• RC4 (Rivest’s Code 4): a stream cipher
• AES (Advanced Encryption Standard): a block cipher

csci5931 Web Security

Encryption
• Limitations of Symmetric Encryptions:
• Key distribution can be a vulnerability.
• If the key is exposed, the encrypted message and all future communication using the same key will suffer the eavesdropping attack.
• Key management problems: distribution, update, revoking

csci5931 Web Security

Encryption
• Asymmetric Encryptions:
• Also known as ‘public key encryption’
• Messages encrypted with the public key can only be decrypted by the corresponding private key.
• The public key can be made known to the public, but the private key is kept as secret and only known to the owner of the key.
• Examples of asymmetric encryption algorithms:
• Merkel Hellman Knapsacks
• El Gamal

csci5931 Web Security

Encryption
• Limitations of asymmetric Encryptions:
• Asymmetric encryption requires much larger keys than symmetric encryption.
• A 1024-bit asymmetric key ~= a 128-bit symmetric key
• Why?
• Asymmetric encryption is much slower (~ 1000 times slower) than symmetric encryption.
• It is subject to man-in-the-middle attack.

Solution? Digital certificates (Ch. 6)

csci5931 Web Security

Encryption
• Session-key Encryption
• A session-key is a symmetric key that is used to encrypt the plaintext message. The session key itself is encrypted using a public key.
• Sender:

C = Spub ( S ) + Sencrypt (message)  Recipient

• Recipient:

Spriv ( Spub (S) ) S

Sdecrypt (Sencrypt (message))  message

• Alternatively, the session key may be assigned an expiration time and be used over several sessions.

csci5931 Web Security

Encryption
• Examples of Session-key Encryption
• PGP (Pretty Good Privacy):

Originally (1991) used to encrypt e-mail using session-key encryption

Supports RSA, TripleDES, etc.

http://www.pgp.com/

• S/MIME (Secure/MIME):

Invented by RSA to secure e-mail

Backed by Microsoft, RSA, and AOL

• SSL/TLS (Secure Socket Layer/Transport Layer Security): Ch. 9

Originally an attempt to secure TCP/IP traffic using encryptions

csci5931 Web Security

Encryption
• Key Agreement Algorithm
• A key agreement algorithm takes the private and the public keys of two distinct parties (Apriv + Bpub or Apub + Bpriv) and generates a common shared secret key, which is then used to generate a session key. See the diagram on p.41.
• Diffie-Hellman Key Agreement Algorithm: The first ever public key encryption
• Allows two parties to independently generate the shared key; The session key is never transmitted.
• References:

See http://www.apocalypse.org/pub/u/seven/diffie.html

IETF RFC2631: http://www.ietf.org/rfc/rfc2631.txt

csci5931 Web Security

Encryption
• Strength of Encryption Algorithms
• Two factors:

The algorithm used +

The size of the key space

• See the tables comparing symmetric ciphers (p.42) and asymmetric ciphers (p.43)

csci5931 Web Security

Alternative Data-hiding Methods
• Steganography: hiding messages inside another message or in a picture.

See “Steganography: Hidden Data”. By Deborah Radcliff. ComputerWorld. June 10, 2002.

• Elliptic Curve Cryptography (ECC): based on the elliptic curve logarithm problem; a more efficient public key encryption (faster, smaller key size)

An intro: http://world.std.com/~dpj/elliptic.html

csci5931 Web Security

Authentication
• The process of determining the authenticity of a message or user.
• Methods:
• Message Digest
• a check value generated from a document, usually generated by a hash function
• to prove that the data in the document has not been tampered with.
• Commonly used for password authentication (i.e., one-way authentication)
• Examples: MD4, MD5, SHA (secure hash algorithm)
• Any problem? Man-in-the-middle attack Why?

csci5931 Web Security

Authentication Methods
• MAC (Message Authentication Codes)
• A message digest created with a key
• Typically used for data verification in a context where a secure connection is already available.
• Example: SSL uses MACs to verify the data received, using a secret key that is exchanged at the beginning of the session.
• Example MACs:
• HmacMD5 (Hashing MAC using MD5)
• HmacSHA1 (Hashing MAC using SHA-1)

csci5931 Web Security

Authentication Methods
• Digital Signatures
• Based on public key encryption
• Computed with a person’s private key and verified with the person’s public key
• An example of creating a digital signature: p.48
• The sender applies a message digest algorithm to get a message digest (md) out of the message to be sent.
• The message digest is then encrypted by the person’s private key. The ciphertext is the digital signature (ds).
• To check the digital signature:
• The recipient applies the digest algorithm to get a message digest (md-2).
• The recipient decrypts the ds using the sender’s public key.
• The output from step 2 is verified against md-2.

csci5931 Web Security

Authentication Methods
• Digital Certificates
• Purpose: To authenticate a person’s public key
• “Vouching”: one party certifies that another party’s identity is authentic. e.g., passport, id cards
• A digital certificate for A is A’s public key plus some identifying information, signed by the private key of a certification authority (CA) verifying A’s identity.
• Other example usage of certificates:
• To authenticate a host/server (e.g., SSL certificates)
• To sign and encrypt e-mail

csci5931 Web Security

Authentication Methods
• Digital Certificates (Cont.)
• Certificates are often chained. That is, a CA may be authenticated by a root CA.
• The top CA of a certificate chain must be self-signed.
• Verisign has been accepted as the top CA.
• Example of certificate chaining: Both Internet Explorer and Netscape Communicator include certificates from Verisign in their install. So when the browser makes an SSL connection to a server, if the server presents a certificate that is signed by Verisign, the server’s certificate will be automatically accepted.

csci5931 Web Security

Cryptanalysis
• The practice of analyzing and breaking cryptography
• Mehtods:
• Brute force attack versus the key space
• Common cryptanalytic tools: Frequency distribution, Digram/trigram study, IC, Repeated patterns, Probable letters
• 4 cryptanalytic cases:
• Ciphertext only  Ciphertext-only attack
• Full or partial plaintext
• Known plaintext attack
• Probable plaintext analysis
• Ciphertext of any plaintext  Chosen plaintext attack
• Algorithm + Ciphertext  Chosen ciphertext attack

csci5931 Web Security

Key Management (storage)
• A dilemma: Keys must be securely stored while allowing users easy access when necessary.
• A typical solution is to encrypt the stored keys with passwords and then protect the storage with the OS access control.
• A key storage is an attractive target for attack.
• The smart card solution: A smart card stores a private key and a certificate, which can be used to encrypt and/or decrypt information.
• An example of smart card solution: See Protection of Keys (RSA vs nCipher)

csci5931 Web Security

Cryptographical Protocols
• Cryptographical protocols determine the exact order and way in which each algorithm must be used in order to maximize security.
• Examples of protocols:
• Distribution of keys,
• Certificates, Digital signatures,
• Key escrow,
• Mental poker,
• Electronic voting,
• oblivious transfer, contract signing,
• certified mail

csci5931 Web Security

JCA/JCE
• Java Cryptography Architecture (JCA) is part of the Java 2 run-time environment.  java.security.*
• JCE (Java Cryptography Extension), on the other hand, is an extension to the JCA. JCE adds encryption and decryption APIs to the JCA.  java.crypto.*
• Major classes defined in JCA:

MessageDigest, Signature, KeyPairGenerator, KeyFactory, CertificateFactory, KeyStore, AlgorithmParameters, AlgorithmParameterGenerator, SecureRandom, …

csci5931 Web Security

JCA/JCE
• A cryptographic service provider implements various cryptographic algorithms.
• See page 54 for a list of algorithms implemented in the SUN provider (sun.security.provider.Sun), Java 2 (v1.2).
• A second provider, the RSAJCA provider (com.sun.rsajca.Provider) is shipped with JDK v1.3, to provide RSA-specific cryptos.

csci5931 Web Security

JCA
• An example of using MessageDigest in the JCA:
• Get an instance of a message digest.

MessageDigest myMessageDigest =

MessageDigest.getInstance (“MD5”);

Or MessageDigest myMessageDigest =

MessageDigest.getInstance (“MD5”,”Sun”);

• Add data to be digested.

myMessageDigest.update (myData);

• Get the digest.

byte [ ] signatureBytes =

myMessageDigest.digest ( );

csci5931 Web Security

JCE
• Major JCE classes:

Cipher, KeyAgreement, KeyGenerator, MAC, SecretKey, SecretKeyFactory

• JCE needs to be separately downloaded and installed if you have JDK older than v1.4.  For JDK1.4 or higher, JCE is an integrated component.
• See http://java.sun.com/products/jce/index-14.html for more details.

csci5931 Web Security

JCE
• Installation of JCE security provider
• Sample programs: http://nas.cl.uh.edu/yang/teaching/csci5931webSecurity/JCE%20provider.htm
• Visit http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html and download all the sample programs from the book.

csci5931 Web Security

Next
• Symmetric Encryption (GS: 4)
• Asymmetric Encryption (GS: 5)

csci5931 Web Security