1 / 37

Security & Cryptography

Security & Cryptography. Protection vs Security. The protection mechanisms (ACLs, etc) discussed earlier assist us in preventing unauthorized access and use of computer resources what happens if an intruder bypasses the protection mechanisms?

roza
Download Presentation

Security & Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security & Cryptography

  2. Protection vs Security • The protection mechanisms (ACLs, etc) discussed earlier assist us in preventing unauthorized access and use of computer resources • what happens if an intruder bypasses the protection mechanisms? • Cryptography can be used so that an intruder is unable to understand or use information obtained without authorization

  3. Cryptography Terminology • Plaintext (or cleartext) • is the intelligible message • Ciphertext • is the unintelligible message • Encryption and decryption • Are the processes to convert between plaintext and ciphertext • Key • Is the parameter used in an encryption/decryption algorithm

  4. Cryptography Terminology • Cryptosystem • A system for encryption/decryption of information • Symmetric cryptosystem • use the same key for both encryption and decryption • Asymmetric cryptosystem • use the different keys for encryption and decryption • Cryptology • the designing & breaking of cryptosystems • Cryptography • the practice of using cryptosystems for confidentiallity of information • Cryptoanalysis • the breaking cryptosystems

  5. Basic Structure of a Cryptosystem Eve Plaintext M Side Information Break Bob Alice Plaintext M Plaintext M Encrypt Decrypt Ciphertext C Encryption Key Ke Decryption Key Kd

  6. Basic Attacks to Cryptosystems • Cryptosystem attacks are classified based on the amount of side information available to an intruder • Attack classification • ciphertext-only • intruder only has access to the ciphertext • known-plaintext • intruder has access to the ciphertext and considerable amount of plaintext • chosen-plaintext • intruder has access to a chosen plaintext and its corresponding ciphertext

  7. Design Principles for Cryptosystems • Shannon’s principles • Diffusion principle • spread the correlations and dependencies among key and words over the text as much as possible in order to maximize the length of plaintext needed to break the system • Confusion principle • change a piece of information so that ciphertext has no obvious relationship with plaintext • Computational Intractability principle • “every” algorithm for determining a key needed to break cryptosystem is “believed” to require exhaustive search of a very large search space

  8. A Taxonomy of Cryptosystems • Conventional systems • Modern systems • private key systems • public key systems

  9. Conventional Cryptosystems • Conventional cryptosystems are based on substitution ciphers • Caesar’s cipher • E(M) = (M + k) modulo 26 • where M is a letter and k=3 is the key • Simple substitution cipher • E(M) = Key[M] • where Key is an arbitrary permutation of a single alphabet • Vigenere cipher • choose N simple substitution ciphers and encrypt the jth letter using the (j mod N) substitution cipher • One-time pad • encrypt by Xoring message with a key, whose size equals the size of the message

  10. DES • The Data Encryption Standard (DES) is a modern private-key cryptosystem • It is a block cipher that uses two basic operations • permutation, • and substitution • It breaks a message in 64-bit blocks and encrypts/decrypts each block individually • It uses a 56-bit secret key, which is expanded to 64-bits using parity bits

  11. DES • Has three stages • plaintext block undergoes an initial permutation IP • permuted block undergoes for 16 times a complex transformation • A block at the ith iteration is broken into two 32-bit blocks Li & Ri • transformed block undergoes the inverse IP’ of the permutation IP at the 1st stage • DES transformation in the ith iteration, i=1,2,…,16 • K i= Phi(Key, i) 48-bit key of ith iteration • L i = Ri-1 • R i = L i xor F (Ri-1 , K i )

  12. DES • Function F does the following • expands R i into a 48-bits quantity E(R i) by permuting and duplicating some bits of R • Xors E(R i) with K i and partitions the result into eight 6-bit blocks Q1, Q2,…,Q8 • passes each Q j 6-bit block through a separate 6-to-4 bit substitution box • concatenates all transformed 4-bit Q j blocks and then permutes them

  13. DES • Decryption is done by executing the three stages in reverse order and each time using the inverse function/operation • permute cipher text using IP’ • undo the 16 transformations, for i=16,15,…,1, using the same keys K1, K2, …, K16 • R i-1 = R i • L i-1 = R i xor f ( L i , K i ) • permute transformed ciphertext with IP • For added security, block chaining can be used • each plaintext block is Xored with the ciphertext of the previous plaintext block • triple encryption (DES does not form a group) • Rijdael: new private key standard

  14. Public-Key Cryptosystems • Private key cryptosystems requires a secure mechanism for distributing the private keys to communicating parties • Diffie and Hellman proposed public key cryptosystems • public key systems make the encryption key publicly available and keep the decryption key secret • public key systems are based on the computational intractability principle (using problems such as factoring primes, discrete logarithm, knapsack, etc)

  15. Public Key Cryptosystems • public key systems satisfy the following • DSK(EPK(M)) = M for every message M • The encryption and decryption functions E and D are computationally efficient • Knowledge of E, D, and PK (public key) does not compromise SK (secret key) • DPK(ESK(M)) = M for every message M, if message singing/verification is desired

  16. Trapdoor One-Way Functions • One-way functions F • F is invertible and easy to compute • inverting F is computationally intractable, ie given y finding x such that y=F(x) is believed to be computationally infeasible • Trapdoor one-way functions F • y=F(x) can be solved efficiently provided some secret information for F is available • Diffie and Hellman suggested that one way to implement public key systems is to use trapdoor one-way functions

  17. Number Theory Background • GCD Recursion Theorem & the Extended Euclid’s algorithm

  18. Number Theory Background • Euler’s phi function, Euler’s and Fermat’s Theorems

  19. Number Theory Background • The Chinese Remainder Theorem • Origins • Sun-Tsu, circa 100 A.D. considered the problem of finding those integers x that leave remainders 2, 3, and 2 when divided by 3, 5, and 7 respectively (which are of the form x=23+105k). • Its essence

  20. Number Theory Background • A corollary of the Chinese Remainder Theorem states that

  21. RSA • Rivest, Shamir, and Adleman introduced the RSA public-key cryptosystem based on Diffie and Hellman • RSA works as follows

  22. RSA • RSA’s encryption function is • EPK(M) = Me mod n where PK=(e,n) • RSA’s decryption function is • DSK(M) = Md mod n where SK=(d,n) • these two encryption/decryption functions satisfy • DSK(EPK(M)) = M • DPK(ESK(M)) = M • can be computed efficiently given PK or SK • knowledge of PK does not compromise SK

  23. RSA • Correctness of RSA is based on • Fermat’s theorem and on the Chinese Remainder Theorem • Example values for RSA • choose p=5 and q=11 • set n=55 and N=40 • choose d=23 • compute e=7 using the extended Euclid algorithm • encrypt M=8 to 2 using “repeated squaring”

  24. RSA • A more realistic example set of values for RSA (courtesy of Prof. Stephens) • n = 2419753086 4197530864 2125371358 0246913580 2471460971 7 • p = 1555555555 5555555555 560261 • q = 1555555555 5555555555 560497 • e = 512896171 • d = 1955459782 2571725357 3495557871 3933814929 3601459917 1 • sqrt(n) approximately = 1555555555 5555555555 560378 • number of positive integers < n that are relative prime to n is equal to phi(n) • phi(n) = 2419753086 4197530864 2125340246 9135802469 1360348896 0

  25. Authentication • Objective • verify the identity of communicating entities • Authentication services • interactive communication (synchronous) • one-way communication (asynchronous) • signed communication (verifiable conversation by third party) • Potential threats • altering messages • replaying old messages • denial of service • interference with ongoing communication • impersonation

  26. Interactive Communication Protocols • Require an authoritative Authentication Server (AS) for securely distributing conversation keys • Each user registers its secret key with the AS, which is shared only between the AS and the user, and their public key if any • Requirements – use case • Alice wants to communicate with Bob so that • the message is intelligible to Bob, but not Eve • it should be evident that the message was sent by Alice, and that is not a replay of an older message from Alice

  27. Interactive Communication with Private Key Systems • Alice wants to converse with Bob • Denning-Sacco’s modification to handle compromised conversation keys • A message is not a reply attack if |LocalClock-T|<LocalClock’s disrepancy from AS’s clock plus the estimated maximum network delay

  28. Interactive Communication with Public Key Systems • Alice wants to communicate with Bob

  29. One-Way Communication with Private Key Systems • Alice wants to email message M to Bob • Bob should be able to authenticate integrity of Alice’s message even if Alice is not currently available • Eve should not be able to impersonate Alice Protocol is succeptible to playback attacks

  30. One-Way Communication with Public Key Systems • Alice wants to email message M to Bob

  31. Digital Signatures • Must satisfy the following • a user can not forge signatures • sender of signed message can not deny the validity of his signature • receipient can not modify the signature of a signed message

  32. Digital Signatures using Private Key Systems • Alice wants to sign a message to be sent to Bob

  33. Digital Signatures using Public Key Systems • Alice wants to sign a message to be sent to Bob

  34. Kerberos • An authentication system for an open network computing environment where user’s machines are under their complete control and can not be trusted to identify users to network services • Consists of • Client (C) • Kerberos Server (K) • Ticket Granting Server (TGS) • Server (S) • User (U)

  35. Kerberos Phase I: Getting the Initial Ticket • User provides the Client machine his/her identity • Client sends to Kerberos server K the msg • Kerberos server K • Client upon receipt of msg

  36. Kerberos, Phase II: Getting a Server Ticket • User/Client wants to use a network service S • Ticket Granting Server TGS • Client upon receiving msg from TGS

  37. Kerberos, Phase III: Requesting a Service • Client requests service from server S • Service server S upon receipt of the msg

More Related