# CS 161 Computer Security

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 Song Spring 2015 CS 161 Computer Security Discussion 11 April 7 & April 8, 2015 Question 1 RSA (10 min) (a) Describe how to find a pair of public key and private key for RSA encryption system. Find two distinct large prime numbers p and q, calculate n = pq, calculate φ(n) = (p 1)(q 1), and determine e, d such that ed 1(mod φ(n)). public key is (e, n), and (d, n) is private key. (b) What is the encryption function? Suppose m is the message. c m e (mod n). c is the ciphertext. (c) What is the decryption function? m c d (mod n). (d) How to use RSA as a digital signature scheme? Signer has the private key and calculates S(m) H(m) d (mod n). Signer sends (m, S(m)) to the verifier who knows the public key (e, n). The verifier determines whether H(m) equals to S(m) e (mod n). If yes, the verifier knows the message was signed by the signer. H is a cryptographic hash function that both the signer and the verifier know. Please see the homework 3 for why we need a hash function. Question 2 Public Key Basics (10 min) Assume Alice and Bob are trying to communicate over an insecure network with public key encryption. Both Alice and Bob have published their public keys on their website. (You can assume they already know each other s correct public key) (a) Alice receives a message: Hey Alice, it s Bob. You owe me 100 bucks. Plz send ASAP. The message is encrypted with Alice s public key. Can she trust it? Page 1 of 6

3 2. E(M), H(E(M)) and 5. E(M), H(M). The other options cannot be decrypted, because Bob cannot invert the hash function H. In this question, we wanted you to consider passive attacks on confidentiality - that is, whether or not Eve can recover M if she eavesdrops on the ciphertext sent by Alice. We did not consider active attacks such as chosen-plaintext or chosen-ciphertext attacks. For option 2, we only work with the encrypted version of the message E(M), which guarantees confidentiality. However, if we allow active attacks on confidentiality, then this may not be secure, as it is possible that an active attack would allow an attacker to recover M from E(M). (For example, CBC mode is vulnerable to an active attack called a padding oracle attack.) Option 5 is a little trickier. Certainly as before Eve cannot recover M from E(M). However, Eve also knows H(M). Since H is a cryptographic hash function, Eve cannot invert H to get M. However, if M is low-entropy (there are only a few likely possibilities of M) then Eve could just compute H(M ) for all of these M and see which ones match the value of H(M) sent by Alice. The question specified that Eve has no partial information about the message - this means that the message M has high entropy (as long as it is sufficiently long) and so the attack will not work. So in this threat model option 5 does have confidentiality. b) Out of the schemes you chose in part a), determine which of the schemes also provide integrity; that is, Bob will be able to detect any tampering with the message that Alice sends. Describe what Bob has to do in order to decrypt the message and make sure that it came from Alice. (Remember, Bob can only use D once and H once.) If you think it will not work, explain why. For any that do not work, what is the vulnerability? Alice Sends to Bob Confidentiality Integrity Decrypt Steps 1. H(E(M)) 2. E(M), H(E(M)) 3. E(H(M)) 4. E(H(M)), H(M) 5. E(M), H(M) Only option 5 provides integrity, for high entropy messages. The idea is that E(M) provides confidentiality, and H(M) cannot be inverted, so the attacker cannot find M. Integrity is guaranteed because since K is used for the first time, Eve Discussion 11 Page 3 of 6 CS 161 Sp 15

4 cannot know a plaintext-ciphertext pair, and so if she replaces E(M) with some C, she cannot know D(C), and so she cannot compute H(D(C)). She might be able to make small modifications to M to create E(M ) by messing with E(M), but since she does not know M she still cannot compute H(M ). However, if we expand our threat model to also allow Eve to have partial information about the message, then we lose the guarantee of integrity. For example, if Eve knows what the message M is (so her partial information is knowledge of the message itself), then she can modify E(M) to get E(M ) where she knows M, and then she can compute H(M ). Why can Eve modify E(M) to get E(M )? Because the encryption algorithm does not provide integrity. In fact, on HW3 you will show how to modify E(M) to get E(M ) for some encryption schemes. Option 2 is bad because Eve could replace the message with (x, H(x)) for a random x, and Alice wouldn t realize that the message was not from Bob. Bob will see a gibberish message D(x), but he will still believe it is from Alice, which is a failure of integrity. It doesn t make sense to talk about the integrity of the other options - since Bob can t read the message, it doesn t matter how Eve tampers with the ciphertext. Alice Sends to Bob Confidentiality Integrity Decrypt Steps 1. H(E(M)) yes?? no H 1 2. E(M), H(E(M)) yes no D(C), can t check integrity 3. E(H(M)) yes?? no H 1 4. E(H(M)), H(M) yes?? no H 1 5. E(M), H(M) yes yes D(C), H(D(C)) = H(M) c) If Alice and Bob use these schemes to send many messages, the schemes become vulnerable to a replay attack. In a replay attack, Eve remembers a message that Alice sent to Bob, and some time later sends the exact same message to Bob, and Bob will believe that Alice sent the message. How might Alice and Bob redesign the scheme to prevent or detect replay attacks? Send E(M), H(M), but make sure that M has a unique identifier that both Alice and Bob know (similar to TCP sequence numbers). This prevents the replay attack because Bob will realize that he is getting the same message twice and will throw away the second one. It is important that the identifier is inside the encryption function E and the hash function H, because the identifier needs to have integrity (otherwise Eve could simply Discussion 11 Page 4 of 6 CS 161 Sp 15

5 change the identifier to what it needs to be and then send the same message). Question 4 Diffie-Hellman Basics (10 min) Recall that in a Diffie-Hellman key exchange, there are values a, b, g and p. Alice computes g a mod p and Bob computes g b mod p. (a) Which of these values are publicly known and which must be kept private? g and p are publicly known. Implementations of Diffie-Hellman often have carefully picked values of g and p which are known to everyone. Alice and Bob must keep a and b secret respectively. (b) Assume Eve has tapped into the network between Alice and Bob. Eve can only view the traffic, she cannot change it. Alice and Bob perform the Diffie-Hellman key exchange and have agreed on a shared symmetric key K. However, Bob accidentally sent his b over the network in plain text. If Eve viewed all traffic since the beginning of the exchange, can she figure out what K is? Yes, this will be very easy for Eve. Assuming Eve realizes that Bob sent b in plain text, she can use the value A = g a mod p which Alice sent to calculate K = A b mod p. (c) Assume Mallory has tapped into the network but has managed to not only view the traffic but also intercept and modify it. Alice and Bob perform Diffie-Hellman to agree on a shared symmetric key K. After the exchange, Bob gets the feeling something went wrong and calls Alice. He compares his value of K to Alice s and realizes that they are different. Explain how Mallory could know Bob s K b and Alice s K a and how she could use this secretly rewrite traffic between them. Mallory is performing a man-in-the-middle attack on Alice and Bob. One way to think about this is that Mallory pretends to be Bob when she talks to Alice, and Mallory also pretends to be Alice when she talks to Bob. In this way, both Alice and Bob are unknowingly talking to Mallory. Mallory can then decrypt/encrypt the traffic in both directions and modify it however she wishes to. More technically, when Alice sends A = g a mod p to Bob, Mallory intercepts this (preventing it from going to Bob), and sends back to Alice: M = g c mod p. Now when Alice sends a message to Bob, she uses K bad = M a mod p which Discussion 11 Page 5 of 6 CS 161 Sp 15

6 Question 5 Mallory knows as K bad = A c mod p. Mallory can then decrypt all messages sent from Alice. She can also send messages to Alice which Alice thinks are from Bob. Mallory then does the same trick to Bob, and she has finished her man-in-the-middle attack. TLS (10 min) (a) In TLS, what security properties are achieved, and what components of the TLS protocol enable these properties? Confidentiality - communication is encrypted using session keys. Integrity - TLS uses MACs to prevent message tampering. One-way authentication - Signed certificates provide a means of authenticating the server. (b) Recall that in practice, TLS as used on the web typically only provides one-way authentication that is, when communicating securely over the web, only the server is required to authenticate themselves, and not the client. Why is TLS usually used this way? One reason is that it is rather inconvenient for the average user to have to set up their own client certificate. Websites would not want to block users who haven t set up a client certificate. Another reason is that in many cases, the server doesn t care who is connecting to it, since it s providing a service over the web that anyone can use. A user certainly cares that they are connecting to the correct server; a server likely expects connections from many clients, so it may not need or want to authenticate them all. (c) How else might a web server authenticate a user? (if the user is not authenticated by TLS) Servers often authenticate the user by requiring them to establish a username and password with the site. That way, once a secure TLS connection has been established, the server knows which of its users it is communicating with. A final note: do not hesitate to ask for help! Our office hours exist to help you. Please visit us if you have any questions or doubts about the material. Discussion 11 Page 6 of 6 CS 161 Sp 15

### CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

### CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

### Overview of Public-Key Cryptography

CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows

### Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

### The mathematics of cryptology

The mathematics of cryptology Paul E. Gunnells Department of Mathematics and Statistics University of Massachusetts, Amherst Amherst, MA 01003 www.math.umass.edu/ gunnells April 27, 2004 What is Cryptology?

### Practice Questions. CS161 Computer Security, Fall 2008

Practice Questions CS161 Computer Security, Fall 2008 Name Email address Score % / 100 % Please do not forget to fill up your name, email in the box in the midterm exam you can skip this here. These practice

### Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a

### Outline. Cryptography. Bret Benesh. Math 331

Outline 1 College of St. Benedict/St. John s University Department of Mathematics Math 331 2 3 The internet is a lawless place, and people have access to all sorts of information. What is keeping people

### Massachusetts Institute of Technology Handout 13 6.857: Network and Computer Security October 9, 2003 Professor Ronald L. Rivest.

Massachusetts Institute of Technology Handout 13 6.857: Network and Computer Security October 9, 2003 Professor Ronald L. Rivest Quiz 1 1. This quiz is intended to provide a fair measure of your understanding

### Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

### SECURITY IN NETWORKS

SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

### Client Server Registration Protocol

Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

### CIS 5371 Cryptography. 8. Encryption --

CIS 5371 Cryptography p y 8. Encryption -- Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: All-or-nothing secrecy.

### CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

### Digital Signatures. Prof. Zeph Grunschlag

Digital Signatures Prof. Zeph Grunschlag (Public Key) Digital Signatures PROBLEM: Alice would like to prove to Bob, Carla, David,... that has really sent them a claimed message. E GOAL: Alice signs each

### Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

### CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher

### Lecture 6 - Cryptography

Lecture 6 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 Question 2 Setup: Assume you and I don t know anything about

### Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead

### Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

### Basics of Cryptography

Basics of Cryptography What is Cryptography? Cryptography is an applied branch of mathematics In some situations it can be used to provide Confidentiality Integrity Authentication Authorization Non-repudiation

### CS 392/681 - Computer Security

CS 392/681 - Computer Security Module 3 Key Exchange Algorithms Nasir Memon Polytechnic University Course Issues HW 3 assigned. Any lab or course issues? Midterm in three weeks. 8/30/04 Module 3 - Key

Authentication Types Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4:

### CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

### Chapter 10. Network Security

Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

### Lecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads

CS 7880 Graduate Cryptography October 15, 2015 Lecture 10: CPA Encryption, MACs, Hash Functions Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Chosen plaintext attack model of security MACs

### Message Authentication Codes

2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

### Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Outline CSc 466/566 Computer Security 8 : Cryptography Digital Signatures Version: 2012/02/27 16:07:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian

### 2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application

### Public Key Cryptography Overview

Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic

### Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

### Computer Security: Principles and Practice

Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

### Network Security. HIT Shimrit Tzur-David

Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

### Secure File Transfer Using USB

International Journal of Scientific and Research Publications, Volume 2, Issue 4, April 2012 1 Secure File Transfer Using USB Prof. R. M. Goudar, Tushar Jagdale, Ketan Kakade, Amol Kargal, Darshan Marode

### Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection

### CS3235 - Computer Security Third topic: Crypto Support Sys

Systems used with cryptography CS3235 - Computer Security Third topic: Crypto Support Systems National University of Singapore School of Computing (Some slides drawn from Lawrie Brown s, with permission)

### Authentication in WLAN

Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing

### RSA Attacks. By Abdulaziz Alrasheed and Fatima

RSA Attacks By Abdulaziz Alrasheed and Fatima 1 Introduction Invented by Ron Rivest, Adi Shamir, and Len Adleman [1], the RSA cryptosystem was first revealed in the August 1977 issue of Scientific American.

### The Mathematics of the RSA Public-Key Cryptosystem

The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through

### CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data

### Chapter 17. Transport-Level Security

Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

### CRYPTOGRAPHY IN NETWORK SECURITY

ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

### Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it

### CIS 433/533 - Computer and Network Security Public Key Crypto/ Cryptographic Protocols

CIS 433/533 - Computer and Network Security Public Key Crypto/ Cryptographic Protocols Professor Kevin Butler Winter 2010 Computer and Information Science Key Distribution/Agreement Key Distribution is

### CS 161 Computer Security Spring 2010 Paxson/Wagner MT2

CS 161 Computer Security Spring 2010 Paxson/Wagner MT2 PRINT your name:, (last) SIGN your name: (first) PRINT your class account login: cs161- Your T s name: Your section time: Name of the person sitting

### Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

### The application of prime numbers to RSA encryption

The application of prime numbers to RSA encryption Prime number definition: Let us begin with the definition of a prime number p The number p, which is a member of the set of natural numbers N, is considered

### CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC

### Public Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography

Public Key Cryptography c Eli Biham - March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known a-priori to all the users, before they can encrypt

### Cryptographic Hash Functions Message Authentication Digital Signatures

Cryptographic Hash Functions Message Authentication Digital Signatures Abstract We will discuss Cryptographic hash functions Message authentication codes HMAC and CBC-MAC Digital signatures 2 Encryption/Decryption

### Software Tool for Implementing RSA Algorithm

Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key

### Module 7 Security CS655! 7-1!

Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed

### Signature Schemes. CSG 252 Fall 2006. Riccardo Pucella

Signature Schemes CSG 252 Fall 2006 Riccardo Pucella Signatures Signatures in real life have a number of properties They specify the person responsible for a document E.g. that it has been produced by

### YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is

### Authenticated encryption

Authenticated encryption Dr. Enigma Department of Electrical Engineering & Computer Science University of Central Florida wocjan@eecs.ucf.edu October 16th, 2013 Active attacks on CPA-secure encryption

### Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

Network Security #10 Parts modified from Computer Networking: A Top Down Approach Featuring the Internet, 2nd edition. Jim Kurose, Keith Ross, Addison-Wesley, 2002. 1 Overview Encryption Authentication

### Cryptography and Network Security

Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of

### CS 772. Network Security: Concepts, Protocols and Programming Fall 2008 Final Exam Time 2 & 1/2 hours Open Book & Notes.

CS 772 Network Security: Concepts, Protocols and Programming Fall 2008 Final Exam Time 2 & 1/2 hours Open Book & Notes Name: Login: Question 1: A. Considering mod 5 arithmetic, determine all possible:

### SFWR ENG 4C03 - Computer Networks & Computer Security

KEY MANAGEMENT SFWR ENG 4C03 - Computer Networks & Computer Security Researcher: Jayesh Patel Student No. 9909040 Revised: April 4, 2005 Introduction Key management deals with the secure generation, distribution,

### Savitribai Phule Pune University

Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

### PKI-based cryptosystems

PKI-based cryptosystems Authentication Symmetric encryption is a relatively lightweight method to protect confidentiality in transit Public key cryptography can be used to transmit the session key But:

### Overview of Symmetric Encryption

CS 361S Overview of Symmetric Encryption Vitaly Shmatikov Reading Assignment Read Kaufman 2.1-4 and 4.2 slide 2 Basic Problem ----- ----- -----? Given: both parties already know the same secret Goal: send

### SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION September 2010 (reviewed September 2014) ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK NETWORK SECURITY

### Message authentication and. digital signatures

Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation

### Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication

### Network Security. Mobin Javed. October 5, 2011

Network Security Mobin Javed October 5, 2011 In this class, we mainly had discussion on threat models w.r.t the class reading, BGP security and defenses against TCP connection hijacking attacks. 1 Takeaways

### Principles of Network Security

he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy

### Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

### Fundamentals of Computer Security

Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A Message From Our Sponsors Fundamentals System/Network Security, crypto How do things work Why How to design secure

### Chapter 7: Network security

Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

### Digital signatures. Informal properties

Digital signatures Informal properties Definition. A digital signature is a number dependent on some secret known only to the signer and, additionally, on the content of the message being signed Property.

### Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

### SECURITY TRENDS-ATTACKS-SERVICES

SECURITY TRENDS-ATTACKS-SERVICES 1.1 INTRODUCTION Computer data often travels from one computer to another, leaving the safety of its protected physical surroundings. Once the data is out of hand, people

### Secure Sockets Layer

SSL/TLS provides endpoint authentication and communications privacy over the Internet using cryptography. For web browsing, email, faxing, other data transmission. In typical use, only the server is authenticated

### 1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.

1 Digital Signatures A digital signature is a fundamental cryptographic primitive, technologically equivalent to a handwritten signature. In many applications, digital signatures are used as building blocks

### CS558. Network Security. Boston University, Computer Science. Midterm Spring 2014.

CS558. Network Security. Boston University, Computer Science. Midterm Spring 2014. Instructor: Sharon Goldberg March 25, 2014. 9:30-10:50 AM. One-sided handwritten aid sheet allowed. No cell phone or calculators

### Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

### An Introduction to Cryptography and Digital Signatures

An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through

### Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

### Introduction to Cryptography CS 355

Introduction to Cryptography CS 355 Lecture 30 Digital Signatures CS 355 Fall 2005 / Lecture 30 1 Announcements Wednesday s lecture cancelled Friday will be guest lecture by Prof. Cristina Nita- Rotaru

Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

### Introduction. Digital Signature

Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology

### Message Authentication Codes. Lecture Outline

Message Authentication Codes Murat Kantarcioglu Based on Prof. Ninghui Li s Slides Message Authentication Code Lecture Outline 1 Limitation of Using Hash Functions for Authentication Require an authentic

### Midterm 2 exam solutions. Please do not read or discuss these solutions in the exam room while others are still taking the exam.

CS 161 Computer Security Spring 2010 Paxson/Wagner MT2 Solns Midterm 2 exam solutions Please do not read or discuss these solutions in the exam room while others are still taking the exam. CS 161, Spring

### Cryptography and Network Security Digital Signature

Cryptography and Network Security Digital Signature Xiang-Yang Li Message Authentication Digital Signature Authentication Authentication requirements Authentication functions Mechanisms MAC: message authentication

### Cryptography in AllJoyn

Cryptography in AllJoyn Greg Zaverucha Software Engineer, Microsoft 10 November 2015 AllSeen Alliance 1 Agenda 1. Review of AllJoyn security features 2. Authentication and security protocols 3. Comparison

### Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.

CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 09-1 Overview Key exchange Session vs. interchange

### Three attacks in SSL protocol and their solutions

Three attacks in SSL protocol and their solutions Hong lei Zhang Department of Computer Science The University of Auckland zhon003@ec.auckland.ac.nz Abstract Secure Socket Layer (SSL) and Transport Layer

### Learning Objectives. attacks. 2. Describe the common security practices of businesses of

E-Commerce Security Learning Objectives 1. Document the trends in computer and network security attacks. 2. Describe the common security practices of businesses of all sizes. 3. Understand the basic elements

### Symmetric Key cryptosystem

SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single

### Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public

### Security in Distributed Systems. Network Security

Security in Distributed Systems Introduction Cryptography Authentication Key exchange Computer Science Lecture 18, page 1 Network Security Intruder may eavesdrop remove, modify, and/or insert messages

### EXAM questions for the course TTM4135 - Information Security May 2013. Part 1

EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

### Authentication requirement Authentication function MAC Hash function Security of

UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

### Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond

### Computer Networks - CS132/EECS148 - Spring 2013 --------------------------------------------------------------------------

Computer Networks - CS132/EECS148 - Spring 2013 Instructor: Karim El Defrawy Assignment 5 Deadline : May 30th 9:30pm (hard and soft copies required) --------------------------------------------------------------------------

### Chapter 9 Key Management 9.1 Distribution of Public Keys 9.1.1 Public Announcement of Public Keys 9.1.2 Publicly Available Directory

There are actually two distinct aspects to the use of public-key encryption in this regard: The distribution of public keys. The use of public-key encryption to distribute secret keys. 9.1 Distribution

### A Probabilistic Quantum Key Transfer Protocol

A Probabilistic Quantum Key Transfer Protocol Abhishek Parakh Nebraska University Center for Information Assurance University of Nebraska at Omaha Omaha, NE 6818 Email: aparakh@unomaha.edu August 9, 01