1 / 14

Symmetric Cryptosystems and Authentication

Symmetric Cryptosystems and Authentication. Secret Key Cryptography. Secret key cryptography involves two functions: encryption: E(key, message) -> enciphered text decryption: D(key, ciphertext) -> message. Secret Key Cryptography. These functions are inverses of each other,

kasa
Download Presentation

Symmetric Cryptosystems and Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Symmetric Cryptosystems and Authentication

  2. Secret Key Cryptography • Secret key cryptography involves two functions: • encryption: E(key, message) -> enciphered text • decryption: D(key, ciphertext) -> message.

  3. Secret Key Cryptography • These functions are inverses of each other, • message = D(key, E(key, message)), or • k{m} to say that message m was encrypted under key k.

  4. Secret Key Cryptography • Uses for secret key cryptography include: • transmitting secret messages in the presence of passive eavesdroppers, • storing information in encrypted form on insecure media, and • authentication (determining who is involved in a given dialogue.) • Note: if you are using encryption to store data on insecure media, most editors work on a decrypted form of data. Thus, they may store temporary unencrypted versions of your data.

  5. Secret Key Cryptography • Authentication is often done with a password. • involves revealing the 'secret' (password) in order to prove one's identity. • In strong authentication • provide proof of identity without revealing the secret. • involves proving knowledge of a secret (key/password) without revealing the secret itself.

  6. Secret Key Cryptography • Suppose we would like user A to prove to user B that A is A without revealing the secret that is the essence of being A, and vice versa. • Thus, we desire a protocol that allows A and B to authenticate themselves to each other. • Assume that there is a shared, secret key: k. • Knowing k is proof of being either A or B.

  7. The desired mutual authentication protocol works as outlined below. The arrows indicate sending a message.

  8. Secret Key Cryptography • There are many subtle errors that can arise when designing cryptographic protocols. • First, note in the above protocol that B sends A two messages in a row. • An obvious optimization might be to combine those messages into one, as well as • having A announce itself and • send a random bit string for B to encrypt at the same time.

  9. Secret Key Cryptography

  10. Secret Key Cryptography • This protocol is susceptible to what is known as a reflection attack. • It is possible for an eavesdropper, T, to convince B that T is A. • T exploits the fact that B seems willing to encrypt challenges. • Therefore, T can pretend to be A as follows:

  11. Secret Key Cryptography

  12. Secret Key Cryptography • After B sends R1 to T, T needs to get it encrypted under k in order to convince B that T is A. • T therefore starts another session, sending R1 which B then returns encrypted. • T now learns the encrypted version of R1 and can convince B that B is communicating with A.

  13. Secret Key Cryptography:There are several possible approaches to repairing the protocol • Use two different keys, one from A to B and another from B to A. This introduces additional keys to keep track of. • Insist that the challenge from the initiator look different from the challenge from the responder. If this holds, then T can never get B to encrypt the 'right thing.' For instance, suppose A generates random even numbers and B generates random odd numbers. Then B would never encrypt a random number that it had generated (as in the above example.)

  14. Secret Key Cryptography:There are several possible approaches to repairing the protocol • Initiator must prove its identity first. This is based on the assumption that the initiator in a protocol is likely to be the attacker. In the above examples, B would respond with a challenge of its own before responding to A's (T's) challenge. The reflection attack in this type of protocol would not work.

More Related