previous lecture n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Previous lecture PowerPoint Presentation
Download Presentation
Previous lecture

Loading in 2 Seconds...

play fullscreen
1 / 17

Previous lecture - PowerPoint PPT Presentation


  • 98 Views
  • Uploaded on

Previous lecture. More on hash functions Digital signatures Message Authentication Codes Padding. This lecture. General differences between asymmetric and symmetric cryptography General design of interactive protocols Key exchange Man-in-the-middle. Symmetric vs. asymmetric cryptography.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Previous lecture' - meagan


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
previous lecture
Previous lecture
  • More on hash functions
  • Digital signatures
  • Message Authentication Codes
  • Padding

Mårten Trolin

this lecture
This lecture
  • General differences between asymmetric and symmetric cryptography
  • General design of interactive protocols
  • Key exchange
  • Man-in-the-middle

Mårten Trolin

symmetric vs asymmetric cryptography
Symmetric vs. asymmetric cryptography
  • Asymmetric cryptography has easier key management
  • Why not always use asymmetric cryptography
    • Slower
    • Needs longer keys

Mårten Trolin

when to use what type
When to use what type
  • Symmetric
    • Speed
    • Key size
    • Signature size (MACs)
  • Asymmetric
    • Key distribution
    • Parties with no secure side-channel (for key distribution)

Mårten Trolin

communication with many parties
Communication with many parties
  • Example: Users want to connect securely to web sites
  • There are many web sites
  • There are even more users
  • Impossible for each web site to know all its potential visitors
  • The solution – use public key cryptography
    • What if public key cryptography is too slow?

Mårten Trolin

designing interactive protocols
Designing interactive protocols
  • The web surfer (user) and the web server wishes to exchange large amount of information
  • The user will send a request, and the server will answer (think http!)

TCP/IP

User

Web server

Mårten Trolin

interactive protocols first approach
Interactive protocols – first approach
  • We try with public key cryptography

TCP/IP

User

Web server

User’s public key pu

Server’s public key ps

Request encrypted under ps

Response encrypted under pu

Mårten Trolin

problems with first approach
Problems with first approach
  • Speed
    • Each public key operation takes a significant amount of time. When used on large messages this becomes significant.
    • The server may have to handle several hundred connections simultanously, making encryption slow.
  • Size
    • For encryption the message has to split into smaller messages that can be encrypted.
    • Since public key cryptography is more vulnerable to “weak clear texts” (e.g., small numbers) some padding technique must be used on every block. This makes the cipher text much longer than the clear text.

Mårten Trolin

interactive protocols second approach
Interactive protocols – second approach
  • We try with secret key cryptography

TCP/IP

User

Web server

User and web server decideson a symmetric key k

Request encrypted under k

Response encrypted under k

Mårten Trolin

problems with second approach
Problems with second approach
  • Encryption and decryption is fast, cipher text not much larger than the clear text, but...
  • How does the user and the web server decide on a common secret key?
    • The user and the web server physically exchange data
    • The web server sends the key to the user via a secure off-line channel (registered mail etc.)
  • Feasible only when the number of users is low, and there is time to do key-exchange off-line
    • Possible solution for Internet banking, but not for e-commerce

Mårten Trolin

interactive protocols
Interactive protocols
  • Both the public key and secret key approach has serious problems.
  • What we want – use symmetric cryptography for encryption of the traffic, but avoid the need for complicated off-line key exchange schemes.

Mårten Trolin

key exchange
Key exchange
  • The symmetric key can be sent encrypted under the public key
  • Either party can create the key (or they can create it together)
  • Other techniques for key exchange exist (Diffie-Hellman)

Mårten Trolin

key exchange general idea
Key exchange – general idea

TCP/IP

User(pu, su)

Web server

User’s public key pu

Generates symmetric key k

Symmetric key k encrypted under pu

Decrypts k using su

Communication encrypted under k

Mårten Trolin

key exchange possible enhancements
Key exchange – possible enhancements
  • Both parties can take part in key generation
  • Assuming the length of the symmetric key s is n, the following variants are possible
    • First n / 2 bits of s are created by user, last n / 2 by server
    • User creates n-bit su, server n-bit ss. The key s is computed as s = suss
  • Key exchange should be repeated at regular intervals

Mårten Trolin

man in the middle
Man-in-the-middle
  • Access to the key exchange does not give you any useful information about the key.
  • A person that can modify messages can use this to gain knowledge of the symmetric key.
  • This kind of attack is for obvious reasons known as a man-in-the-middle attack.

Mårten Trolin

slide16

User(pu, su)

Man in the middle(pm, sm)

Web server

User’s public key pu

Replaces pu with his own pm

pm

Generates symmetric key k

Decrypts k using sm and reencrypts using pu

Symmetric key k encrypted under pu

Symmetric key k encrypted under pm

Decrypts k using su

Communication encrypted under k

Mårten Trolin

man in the middle1
Man-in-the-middle
  • After this scheme, the Man-in-the-middle knows the symmetric key k, and can decrypt (or modify) data as he wishes.
  • Different techniques exist to address this problems
    • Public key certificates

Mårten Trolin