mid term review n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Mid-term Review PowerPoint Presentation
Download Presentation
Mid-term Review

Loading in 2 Seconds...

play fullscreen
1 / 14

Mid-term Review - PowerPoint PPT Presentation


  • 122 Views
  • Uploaded on

Mid-term Review. Network Security. Secure channel. SSL (and many others: incl. IPSEC) Shared key establishing Trusted party (Kerberos, etc. - to be covered) Public key methods. Diffie-Hellman. RSA N=pq; ed  1 (mod (N)) Public: e,N; Private: d,N Encrypt (m) : c  m e mod N

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Mid-term Review' - drago


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
mid term review

Mid-term Review

Network Security

secure channel
Secure channel
  • SSL (and many others:incl. IPSEC)
  • Shared key establishing
    • Trusted party (Kerberos, etc. - to be covered)
    • Public key methods

Gene Itkis: CS558 Network Security

public key techniques
Diffie-Hellman

RSA

N=pq; ed  1 (mod (N))

Public:e,N;Private:d,N

Encrypt(m): cmemodN

Decrypt(c): mcdmodN

Sign(m): smdmodN

Verify(s,m): sem (modN)

Public Key techniques

p, g

Alice

Bob

a

b

magamod p

mbgbmod p

ma

mb

mbamod p

=gabmod p=

mabmod p

?

shared secret key!

  • Discrete log:
    • Given y,p,b
    • Find x: bxmod p = y
  • Factoring:
    • Given N=pq
    • Find p,q

Gene Itkis: CS558 Network Security

discrete log based schemes
Discrete log based schemes
  • DH, DSS (El-Gamal);
    • Elliptic Curves Cryptography (ECC)
  • Why modulus (p) is so large?
    • Big-step/Little-step attack
    • Pohlig-Hellman attack:
      • Beware of primes p with only small factors φ(p)
      • Safe primes: p=2q+1 for some prime q

Gene Itkis: CS558 Network Security

factoring based
Factoring based
  • RSA
  • Square Roots (=factoring)
    • Rabin (Encryption,Signature)
    • Fiat-Shamir (ID scheme, Signature)

Gene Itkis: CS558 Network Security

world mod n
World mod N
  • How many objects?|Z*N|= (N); for all z Z*N, z (N) mod N=1
  • If N=pq, then (N)= (p-1)(q-1)[If N=p, then (N)= p-1]
  • Blum integers: N=pq, pq3 (mod 4)
  • Thenx(p+1)/4mod p= y; y2x(p+1)/2x(p-1)/2 x±x mod p

Gene Itkis: CS558 Network Security

chinese remainder theorem crt
Chinese Remainder Theorem (CRT)
  • Given y2=x mod p; z2=x mod q; N=pq;Find s: s2=x mod N
  • More generally:Given a,A, b,B;Find x: x=a mod A, x=b mod B
  • Let u, v be s.t. uA=1 mod B, vB=1 modAThen x=uAb+vBa[indeed: x mod A = uAb+vBa = vBa = a; x mod B = uAb+vBa = uAb = b ]
  • How to find u,v?

Gene Itkis: CS558 Network Security

extended gcd inverses
Extended GCD & Inverses
  • Euclid’s GCD algorithm(greatest common divisor):gcd(a,b) = gcd(b, a mod b) =…= c
    • Extended GCD gives in addition x,y:

ax+by=c

  • If gcd(a,b)=1: ax(mod b) =1
    • i.e., x=a–1 in Z*b

Gene Itkis: CS558 Network Security

summary rsa rabin
Summary RSA & Rabin
  • RSA
    • Given p,q; Can compute (N), for N=pq;
    • With Extended GCD, can compute e, d = 1/e mod(N); [ gcd(e, (N)) must be 1 ]
  • Rabin
    • Using Blum integers can compute SQRT mod p,q
    • Using CRT can combine them to SQRT mod N

Gene Itkis: CS558 Network Security

efficiency for all
Efficiency for all
  • Exponentiation: Repetitive Squaring
  • bA mod N takes 1.5 lg A long multiplications
  • Cost of multiplication
    • quadratic in length
  • Optimization: mod N  mod p + mod q +CRT
    • Watch out!

Gene Itkis: CS558 Network Security

attacks on factoring
Attacks on factoring
  • (N), N=> factoring (quadratic equation)
  • Trick:
    • obtain x, s.t. x=0 mod p, x0 mod q
    • gcd(x, N)=p
  • SQRTmodN => Factoring
    • vy2mod N; zSQRTmodN(v)
    • If z  ±y, then x  y-z
  • Computing mod p + mod q + CRT
    • Random error mod p (or mod q) => factoring

Gene Itkis: CS558 Network Security

key establishing
Key Establishing
  • Diffie-Hellman or RSA
    • Watch out for man-in-the-middle attack!!!
      • Authentication (signatures)
      • PKI
      • Remember AKE: authenticated key establishment
  • Beyond AKE
    • Ciphers
    • MACs

Gene Itkis: CS558 Network Security

ciphers
Ciphers
  • Block ciphers
    • DES, AES, 3DES, …
    • Modes of operation: EDE, OFB, CBC, …
  • Stream ciphers
    • Pseudo-random pad

Gene Itkis: CS558 Network Security

later in the course
Later in the course
  • Crypto
    • Hashing
      • MD5, SHA
      • MAC
  • Systems
    • PKI
    • Kerberos - key distribution (symmetric crypto)
    • IPSec - security on another level
    • Firewalls, IDS, etc.

Gene Itkis: CS558 Network Security