1 / 29

Protocol Building Block

Protocol Building Block. INTRODUCTION TO PROTOCOL. Protocol? ● Def : Series of steps to accomplish a task with two or more parties. Cryptographic protocol? ● Def : protocol that uses cyptography. Dramatis Personae ● Alice : First participant in all the protocols

caesar-bartlett
Download Presentation

Protocol Building Block

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Protocol Building Block

  2. INTRODUCTION TO PROTOCOL Protocol? ● Def : Series of steps to accomplish a task with two or more parties Cryptographic protocol? ● Def : protocol that uses cyptography

  3. Dramatis Personae ● Alice : First participant in all the protocols ● Bob : Second participant in all the protocols ● Carol : Participant in the three, four-parties ● Dave : Participant in the four-party protocols ● Trent : Trusted arbitrator ● Eve : Eavesdropper ● Mallory : Malicious active attacker

  4. ▲ Arbitrated Protocols Trent Alice Bob

  5. ▲ Adjudicated Protocols Alice Bob Trent 논쟁 발생시

  6. ▲ Self-enforcing Protocols Alice Bob

  7. ▲ Attacks against Protocols ● passive attack - protocol과 관계없는 사람이 protocol의 일부 또는 전체를 엿보는 것 ● active attack - attacker가 자신의 이익을 위해 protocol의 일부를 가로채서나 다른 것으로 바꾸어서 연락체계를 방해하는 것

  8. ※ CHEATER : Someone that may lie during the protocol or not follow the protocol at all (Alice or Bob) ● passive cheater - 더 많은 정보를 습득할 목적으로 하는 cheater ● active cheater - protocol를 파괴할 목적으로 하는 cheater

  9. COMMUNICATIONS USING SYMMETRIC CRYPTOGRAPHY ▲ Symmetric cryptography ● Alice and Bob agree on a cryptosystem ● Alice and Bob agree on a key ● Alice takes her plaintext message and encypts it using the encyption algorithm and the key ● Alice sends the ciphertext message to Bob ● Bob decrypts the ciphertext message with the same algorithm and key and reads it

  10. ▲ Symmetric cryptography 의 문제점 ● Key가 Alice 와 Bob 사이에 안전하게 분배되어야 한다 ● 사용자가 많아질수록 key의 개수가 늘어난다 number : nC2

  11. ONE-WAY FUNCTIONS ▲ One way function ● x를 알았을때 f(x)를 구하기는 쉽지만 f(x)를 알았을때 x를 구하기는 어려운 함수 ▲ Example ● 접시를 깨기는 쉬우나 붙이기는 어렵다 127 X 107 13589

  12. ▲ Trapdoor one way function ● one way function type이지만 어떤 secret information y를 주었을 때에는 f(x)를 알았을때 x를 구하는 것도 쉬워진다 (cryptocraphy에 사용)

  13. ONE-WAY HASH FUNCTIONS ▲ One-way hash function ● hash function - x H(x) variable-length fixed-length ● one-way hash function - hash function that works in one direction

  14. COMMUNICATIONS USING PUBLIC-KEY CRYPTOGRAPHY ▲ Public-key cryptography ① using two key : public key, private key ② private key : secret information of trapdoor one way function

  15. ● Alice and Bob agree on a public-key crytosystem ● Bob sends Alice his public key ● Alice enrypts her message using Bpb’s public key and sends it to Bob ● Bob decrypts Alice’s message using his private key ▲ 문제점 ● Symmetric algorithm에 비해 현저히 느리다 ● encryption key가 공개되어 있어서 chosen plaintext attack에 취약하다

  16. ▲ Session key(hybrid cryptosystem) - chosen plaintext attack에 취약한 약점을 방지 ● Bob sends Alice his public key ● Alice generates a random session key, K, encrypts it using Bob’s public key, and sendss it to Bob EB(K) ● Bob decrypts Alice’s message using his private key to recover the session key, DB(EB(K))=k ● Both of them encrypts their communications using the same session key

  17. DIGITAL SIGNATURES ▲ Properties of signature ● Authentic ● Unforgeable ● Not reusable ● Not be repudiated ● Unalterable

  18. ▲ Signing document with Symmetric cryptosystem and Arbitrator Trent Ea(M) Eb(M,C) Eb(M,C) Alice Bob Flaw- Time consuming for Trent Trent must be infallible Trent must be completely secure

  19. ▲ Signing document with Public-key Ea(M) Alice Bob: Dap(M) and verify the signature If Bob cannot find M, he knows the signature is not valid. Alice adds timestamps to prevent Bob from using M illegally.

  20. ▲ Signing documents with Public key And One way hash ftn. Ea(H),M Alice Bob: Dap(H) and produce a one way hash of document If H matches the hash he generated, the signature is valid. Benefit-To save time To sane recipient’s storage

  21. ▲ Multiple Signatures Alice Bob Sb(H) Sa(H),M Sb(H) Carlo: V(Ha,Hb) (Digital) signature -The bit string attached to the document when signed

  22. ▲ Nonrepudiation and Digital signature Alice Bob Sa(Sa(M),Head) St(Sa(M),Head,T) Trent Alice verified the message Trent sent to Bob. If she did not originate the message, she speaks up quickly.

  23. DIGITAL SIGNATURES with ENCRYPTION • Sa(M) Ebp(Sa(M)) • Alice Bob • Db(Ebp(Sa(M)))=Sa(M) • ->Vap(Sa(M))=M • Signature + Public key cryptography • =Authenticity of signature + The security of encryption • The different key pair for encrypting and signing has • advantages – To use keys independently

  24. ▲ Resending the message as a Receipt If Alice get same message, Bob received accurately. Bob should checked the message for accuracy before sending a receipt. Sa(M) Ebp(Sa(M)) Alice Bob Eap(Sb(M)) Vap(Db(Ebp(Sa(M)))=M Vbp(Da(Eap(Sb(M)))

  25. ▲ Resending the message as a Receipt Vx = Ex and Sx = Dx Mallory Emp(Db(Em(Da(M))) EbpEm(Da(M)) Em(Da(M)) Sa(M) Ebp(Sa(M)) Alice Bob Eap(Sb(M)) Vap(Db(Ebp(Sa(M)))=M Vbp(Da(Eap(Sb(M)))

  26. ▲ Foiling the Resend Attack ● Alice signs a message. ● Alice encrypts the message and signature with Bob’s public key and sends it to Bob. ● Bob decrypts the message with his private key. ● Bob verifies Alice’s signature.

  27. RANDOM AND PSEUDO-RANDOM-SEQUENCE GENERATION ▲ Pseudo-Random Sequence Generator ● 비주기적(nonperiodic)으로 되도록 sequence를 길게 한다. ● It looks random. This means that it passes all statistical tests of randomness.

  28. ▲ Cryptographically Secure Pseudo-Random Sequence Generator ● 예측가능하면 공격당할 수 있다. ● It is unpredictable. It must be infeasible to predict what the next random bit will be.

  29. ▲ Real Random Sequence Generator ● It cannot be reliably reproduced. If you run the sequence generator twice with the exact same input, you will get two completely un related random sequences.

More Related