1 / 16

Security: Cryptography

Security: Cryptography. I206 Spring 2012 John Chuang. Some slides adapted from Coulouris, Dollimore and Kindberg; Dave Messerschmidt; Adrian Perrig. Eavesdropping passwords, credit card numbers, etc. Tampering of data Birthday attack Impersonation Replay attack

sienna
Download Presentation

Security: Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security: Cryptography I206 Spring 2012 John Chuang Some slides adapted from Coulouris, Dollimore and Kindberg; Dave Messerschmidt; Adrian Perrig

  2. Eavesdropping passwords, credit card numbers, etc. Tampering of data Birthday attack Impersonation Replay attack Man-in-the-middle attack (e.g., IP address spoofing) Phishing attack Unauthorized access System vulnerabilities Social engineering (e.g., bribe, black-mail) Password guessing (e.g., dictionary attack) Denial-of-Service attack Spam Trojan horses, viruses, worms … Attacks • Wide ranging scope • Some common attacks: John Chuang

  3. Security Properties “CIA” and “AAA” • Confidentiality • Prevents eavesdropping • Integrity • Prevents modification of data • Authentication • Proves your identity to another party; prevents impersonation • Accountability (non-repudiation) • Enables failure analysis; serves as deterrent • Authorization • Prevents misuse • Availability • Safeguards against denial-of-service John Chuang

  4. Cryptography • Cryptographic primitives: • Encryption • Symmetric-key (e.g., DES, AES) • Asymmetric-key (e.g., RSA) • Cryptographic hash (message digest) • e.g., MD5, SHA-1 • Digital signature • e.g., PKCS John Chuang

  5. The Principals • Alice • Bob • Carol • …and… • Eve (eavesdropper -- passive attacker) • Mallory (active attacker -- can intercept, modify, and forward messages) • Trent/Trudy (trusted 3rd party) John Chuang

  6. Eve’s Story http://xkcd.com/177/ John Chuang

  7. Encryption encryption decryption ciphertext plaintext plaintext • Encryption/decryption algorithms are published • Encryption/decryption keys are kept secret • Symmetric cryptography • e-key = d-key • Principals need to share the symmetric key, and keep it secret • Asymmetric (public-key) cryptography • e-key != d-key • One key made public; the other kept private e-key d-key John Chuang

  8. Symmetric Cryptography • Many schemes are available: DES, 3DES, AES, RC4, IDEA, … • In general, the strength of an encryption scheme is a function of the key length (because of exhaustive key search) • Moving target as hardware capabilities improve over time • DES (data encryption standard, 1975) uses 56 bit key length; became vulnerable to exhaustive key search • Replaced in 2002 by AES (advanced encryption standard, 1998) which uses key lengths of 128, 192, or 256 bits John Chuang

  9. document D document D encryption decryption private key public key document D document D encryption decryption public key private key Asymmetric Cryptography • Each principal has public key K and private key K-1 • K-1 is kept secret, and cannot be deduced from K • K is made available to all • Encryption and decryption with K and K-1 are commutative: {{D}K-1}K = {{D}K}K-1 = D • Challenge: how to choose K and K-1? John Chuang

  10. RSA • Algorithm by Rivest, Shamir, Adleman (1977) for generating K and K-1 based on the fact that factoring is hard • RSA key generation: • Choose n, e, d such that: • n=p*q where p and q are two large and distinct prime numbers • e*d = k(p-1)(q-1)+1 where k is a positive integer • Public key: {n,e}; Private key: {n,d} • RSA key lengths 1024 bits or 2048 bits (256 or 512 bits no longer secure) • n and e are published; p, q, and d are kept private • Given document D: • encryption: ciphertext = c = D e (mod n) • decryption: plaintext = D = c d (mod n) John Chuang

  11. Performance • Asymmetric cryptography 3-5 orders of magnitude slower than symmetric cryptography • Use asymmetric cryptography to exchange symmetric key; data encrypted using symmetric cryptography: A  B: {KAB}KB, {D}KAB • Asymmetric cryptography has other important uses as well … John Chuang

  12. Authentication • Based on one or more of the following: • Something you are (e.g., fingerprint, pattern on iris, DNA sample) • Something you know (e.g., password, PIN, mother’s maiden name) • Something you have (e.g., ATM card, Driver’s License, private key K-1) John Chuang

  13. Document D Document D encryption decryption private key public key Digital Signature (Version 0.1) • Alice signs document by encrypting it with her own private key A  B: {D}KA-1 • Bob verifies the signature by decrypting it using A’s public key, i.e., compute D = {{D}KA-1 }KA • Two outcomes: • digital signature provides integrity and accountability (non-repudiation) • Alice is authenticated to Bob. (How?) • There is another problem -- performance John Chuang

  14. Cryptographic Hash/ Message Digest • Hash function maps arbitrary length message D to fixed length digest H(D) • MD5 (128 bit digest) and SHA-1 (160 bit digest) are commonly used • One-way function: given H(D), can't find D • Collision-free: infeasible for attacker to generate D and D' such that H(D) = H(D’) John Chuang

  15. Receiver: Bob Sender: Alice D D compute digest signature signature compute digest verify compute signature signature Alice's Public Key Alice's Private Key Digital Signature (Version 1.0) • A  B: D, {H(D)}KA-1 • Bob: • Computes hash of message, H(D) • “Decrypts” signature: {{H(D)}KA-1 }KA • Verifies H(D) = {{H(D)}KA-1 }KA John Chuang

  16. Summary • So, what have we achieved with digital signatures? • Authentication • Integrity • Non-repudiation (accountability) • Can combine with encryption to provide: • Confidentiality John Chuang

More Related