1 / 37

Outline

Outline. Brief review Mainstream crypto-algorithms Symmetric encryption algorithms DES Asymmetric encryption algorithms RSA Merkle-Hellman Other crypto-related techniques Digital signature Digital certificate. Acknowledgements. Charles Pfleedger E. Spafford William A. Stein FOLDOC

nell
Download Presentation

Outline

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Outline • Brief review • Mainstream crypto-algorithms • Symmetric encryption algorithms • DES • Asymmetric encryption algorithms • RSA • Merkle-Hellman • Other crypto-related techniques • Digital signature • Digital certificate CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  2. Acknowledgements • Charles Pfleedger • E. Spafford • William A. Stein • FOLDOC • Sunit Chauhan • Jim Xu, et al. • Shawn Hillis CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  3. Brief Review • Basic Concepts • Encryption • Crypto-system • Symmetric / asymmetric encryption • Cryptographer / crypto-analyst • Crypto-analysis • Breakability CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  4. Brief Review – cont’d • Stream ciphers • Substitution-based ciphers • Mono-alphabetic ciphers: Caesar cipher • Poly-alphabetic ciphers: multiple alphabets • Strengths • Simple • Fast • Low error propagation rate • Weaknesses • Sustainable to frequency-based attacks • Sustainable to pattern-based attacks CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  5. Brief Review – cont’d • Block ciphers • Transposition • Columnar transposition • Double transposition • Fractionated transposition • Strengths • Good diffusion, immune to pattern-based attacks • Weaknesses • Slow • Error propagation rate CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  6. Secure Encryption Systems • Weaknesses of stream and block ciphers • Can be manually broken, although tedious • We will introduce • some “hard” encryption algorithms • Review 3 key, important encryption algs • DES, RSA, M-H • Look at cryptography related techniques CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  7. Sym vs Asym Encryption Algorithms • Symmetric encryption algorithm • Encryption key == decryption key • DES • Asymmetric algorithms • Encryption key != decryption key • Basis of public-key encryption algorithms • RSA, M-H, … CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  8. Data Encryption Standard (DES) • Based on Shannon’s theory of information secrecy • Confusion: info is changed so that output bits have no obvious relation to input bits • Diffusion: spread the effect of one plaintext bits to other cipher-text bits. • History of DES • Developed by US govt for general public use (by National Institute of Standards and Technologies) • Milestones: 1972(CFP) - 1975(IBM) – 1976(NIST) – 2001(AES) • Cracked in 1999 • 56-bit key, Cracked in 22 hours 15 min (1999) • Extensions of DES • Triple-DES, length of key extends to 56*3 • AES, 128, 192, or 256-bit key (2001) CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  9. DES – cont’d • Overview of DES • Repeats 16 cycles of • substitution, for confusion • transposition, for diffusion • Splits data block into 2 pieces: • Scrambles each half independently • Combines key with one half • (key is transformed during each cycle) • Swap 2 halves • Repeat 16 times. CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  10. left right DES – cont’d • Overview of DES – cont’d substitution transposition 16x function F initial phase Plaintext(64bits) inverse initial phase Cipher-text [Shawn Hillis] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  11. DES – cont’d [NPS.Navy] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  12. Right Half Left Half New Right Half Permuted Key + + Key shifted One Cycle in DES Permuted Data New Left Half (Old Right Half) [Pfleeger97] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  13. DES – cont’d • Evaluation • Strengths include • fast • simple • standard • Weaknesses include • weak keys, length of key is only 56bit • number of iterations, only 16 • NSA involvement, trapdoor? CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  14. Public Key Systems (PKS) • Traditional key system (symmetric enc system): • Need a key for every pair of users • N*(N-1)/2 keys, grows exponentially with users • Each user has to keep track of many keys • Public key systems (asymmetric enc system) • Each user only has 2 keys: public and private key • M=D(kPRIV,E(kPUB,M)) • Solid mathematical basis: one way functions: • E: M x Ke -> C and D=E-1: C x Kd -> M • Easy for Kd-holders to compute D, while difficult for others • May publish the public key freely • others can ally encrypt mesgs for A with A’s public key CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  15. Some “Hard” theories • Computational complexity • Is number of steps or arithmetic operations required to solve a computational problem • Polynomial time • NP, Non-deterministic polynomial time • NP-hard • NP-complete • Satisfaction problem • Hamilton’s problem • Cryptographers try to • find encryption algorithms that would require NP-complete algorithms to decrypt CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  16. Some “Hard” theories – cont’d • Basic number theory: • Prime factorization • Primes • 1|p, p|p, no other factors • Euclid’s algorithm • The unsolved prime factorization problem problem • Is there an algorithm which can factor any k-digit number n so quickly that it’s running time is bound by a polynomial function of k • Modular Arithmetic • a = b mod N iff N|(a-b) • Inverses [William A. Stein] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  17. Example PKS • Rivest-Shamir-Adelman (RSA): • Based on number theory • Suspected to be NP-complete, not proven • Merkle-Hellman: • Based on knapsack problem • Proven to be NP-complete CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  18. RSA • The most widely used enc and auth algorithm • In IE, Netscape, Notes, SSH Secure Shell, Quicken, etc. • Proposed in 1977 by • Ronald L. Rivest, MIT, now in MIT • Adi Shamir, MIT, now in Weizmann Institute • Leonard Adleman, MIT, now in USC • Now owned by RSA Security CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  19. RSA – cont’d • Based on prime factorization problem • How RSA works • Create public/private keys • Pick large prime numbers p and q, let n=p*q • Let • all the numbers that is co-prime with n form a group, and the size of that group is (p-1)(q-1) • Select e, s.t. • Solve equation, get d, • Public key is (n,e), private key is (n,d) [William A. Stein] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  20. RSA – cont’d • How RSA works – cont’d • Encrypt/decrypt messages • Encode a phrase into a number • state = 19 + 20*27 + 1*272 + 20*273 + 5*274 • E(x) = xe (mod n) • D(x) = xd (mod n) • Preposition: n,d,e are integers, n is square-free, for each p|n,p-1|de-1, then, for all a, ade = a mod n • D(E(m)) = (me mod n)d mod n = med mod n = m mod n = m [William A. Stein] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  21. RSA – cont’d • Example • Let p=17, q=19, n = 323 • Let e = 95 • Solve 95*x=1 mod 288, d=191 • E(m) = m95 mod n • D(c) = c191 mod n • Suppose we have string “x”, which is 24 • E(“x”) = E(24) = 2495 mod 323 = 294 • D(294) = 294191 mod 323 = 24 = “x” [William A. Stein] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  22. RSA – cont’d • Why is it hard to break RSA? • Keep secret, if you wanna get d, you have to factorized n into p and q • RSA challenge • http://www.rsasecurity.com/rsalabs/challenges/factoring/numbers.html • 8 challenges • Problem: 576 – 2048 digits • Prizes: 10k to 200k dollars [William A. Stein] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  23. RSA – cont’d • Evaluation • Strengths • Algorithm is simple and easy to implement • Supported by RSA Security • Weaknesses • Problem not yet proved to be NP-Complete • Slower than DES CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  24. Merkle-Hellman • Knapsack problem: • Set of positive integers • Target sum • Find subset of integers that equal the target • Proven to be NP-complete. • Encode binary mesg as soln to knapsack problem • Plaintext: 0’s and 1’s • By adding terms corresponding to 1s in plaintext, we can reduce cipher-text to target sum CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  25. Merkle-Hellman – cont’d • Super-increasing sequence: • Each integer is greater than sum of all preceding integers • ak > Sj=1k-1aj • Solution of super-increasing knapsack (e.g., simple knapsack) is easy to find, and unique • Convert simple knapsack into Hard knapsack • Pick super-increasing sequence S of m integers • S =[s1, s2,.., sm] • Choose multiplierwand modulusn, n > Sj=1m-1si • Choose n to be prime • Replace everysjin simple knapsack with term: • hi= w* si mod n • Hard knapsack: H =[h1, h2,.., hm] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  26. Merkle-Hellman - cont’d • Merkle-Hellman is Public key cryptosystem • Each user has public key: • Set of integers of a knapsack problem • Each user has private key • Set of integers for corresponding superincreasing knapsack • Contribution: design of technique to convert super-increasing knapsack into a regular one. • Change numbers in non-obvious, reversible way. CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  27. Merkle-Hellman - cont’d • Encryption alg starts with binary message • P = [p1, p2,.., pk] • Divide message into blocks of m bits, • P0 = [p1, p2,.., pm], P1 = [p1, p2,.., p2m], • Value of m is number of terms in simple or hard knapsack • Encipherment of message P is sequence of targets • Each target is sum of some of the terms of the hard knapsack H • Terms selected correspond to 1 bits in Pi, • Piserves as selection vector for elts of H • Each term of ciphertext isPi * H CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  28. Merkle-Hellman - cont’d • Decryption: • Legitimate recipient knows simple knapsack and values of w and n • H = w * S mod n • C = H * P = w* S* P mod n • To decipher, multiply C by w-1 • w-1 * C = w-1 * H * P = w-1 * w * S * P = S * P mod n • Weaknesses: • How easy is it to determine w or n from H? CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  29. Merkle-Hellman – cont’d • Example • S= [1,2,4,9]; H= [15,13,9,16], • w= 15, n= 17, m = 4; hi= w* si mod n • P = 0100101110100101 • Encode with H as follows: • P = 0100 1011 1010 0101 • [0,1,0,0] * [15,13,9,16] = 13 • [1,0,1,1] * [15,13,9,16] = 40 • [1,0,1,0] * [15,13,9,16] = 24 • [0,1,0,1] * [15,13,9,16] = 29 • Encrypted message as integers: 13,40,24,29, • Public knapsack H = [15,13,9,16] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  30. Evaluation of PKS • Strengths • Harder to break • Easier to manage keys • Weaknesses • Slower • Dependent upon NP-computational theory CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  31. Crypto-related Techniques • Digital signatures • Digital certificates CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  32. Digital Signatures • Digital signature proves integrity of message • by signing the message using PK techniques • How digital signatures work? • The sender • sends M, S=E(hash(M), private) • Message digest functions • MD2, MD4, and MD5 from RSA Security • SHA and SHA-1 from US government • The receiver • compares E(S, public) with hash(M) • M is considered genuine if they match [Jim Xu, et al.] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  33. Digital Signatures – cont’d • Assumption: • it is very rare that two different messages have the same digest CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  34. Digital Certificates • Digital certificates are • frameworks for identification information, and bind identities with public keys • Digital certificates provide foundation for • identification • authentication • non-repudiation [Sunit Chauhan] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  35. Digital Certificates – cont’d • How digital certificates work? • Let a third party, trusted by both sender and receiver, prove the binding of sender and its public key. • Need a hierarchy of trusted certificate authorities (CAs) • Everybody trust root CA • Root CA prove the trustworthiness of a hierarchy of other CAs CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  36. Digital Certificates – cont’d • Example digital certificate • X509 v3 certificate format • Version • Certificate Serial Number • Signature Algorithm Identifier • Issuer Name • Validity Period • Subject Name • Subject Public Key Information • Optional Fields [Chauhan] CSE870: Advanced Software Engineering: Cheng (Sp 2003)

  37. Summary • Symmetric-key encryption algorithms • DES • Public-key encryption algorithms • RSA, Merkel-Hellman • PKS based techniques • Digital signature • Digital certificate CSE870: Advanced Software Engineering: Cheng (Sp 2003)

More Related