# CRYPTOGRAPHIC PRIMITIVES AN INTRODUCTION TO THE THEORY AND PRACTICE BEHIND MODERN CRYPTOGRAPHY

Save this PDF as:

Size: px
Start display at page:

Download "CRYPTOGRAPHIC PRIMITIVES AN INTRODUCTION TO THE THEORY AND PRACTICE BEHIND MODERN CRYPTOGRAPHY"

## Transcription

1 CRYPTOGRAPHIC PRIMITIVES AN INTRODUCTION TO THE THEORY AND PRACTICE BEHIND MODERN CRYPTOGRAPHY

2 Robert Sosinski Founder & Engineering Fellow

3 Known as "America's Cryptologic Wing", is the only Air Force wing that supports the National Security Agency, Air Intelligence Agency and the entire United States Air Force (USAF) with cryptologic intelligence. ~ wikipedia.org

4 AGENDA Definition: what cryptography is and is not The Basics: making your first algorithm Cryptographic Attacks: break your first code Symmetric Encryption: one key goes both ways Message Digests: many sizes in, one size out Asymmetric Encryption: two keys go many ways Randomness: don t just pick a number Summary: bringing everything together Questions: should be a couple

5 WHAT IS CRYPTOGRAPHY?

6 WHAT IS CRYPTOGRAPHY? Cryptology hidden or secret Graphic writing or text Cryptography hidden text

7 WHAT IS CRYPTOGRAPHY? The study and practice of securing communication in the presence of adversaries. Cryptography is a tool that can help provide: Confidentiality: adversary cannot read Integrity: adversary cannot change Authenticity: recipient can trust Acknowledged: sender cannot repudiate

8 GETTING PRIMITIVE Cryptography has many disciplines, known as cryptographic primitives Encryption and Decryption One-Way Functions (Hash, Digest) Authentication Digital Signatures Entropy and Randomness

9 MAKING (OR BREAKING) THE SYSTEM Combining multiple cryptographic primitives together makes a cryptographic system SSL and TLS PGP and GnuPG SSH and VPN SFTP and FTPS OAuth and SAML Even Bitcoin

10 LET S MAKE AND BREAK YOUR VERY FIRST CODE Let s make a basic cryptographic algorithm and see how it fares

11 OUR ENCRYPTION ALGORITHM P Plaintext F Function (XOR) C Ciphertext K Key

12 OUR DECRYPTION ALGORITHM C Ciphertext F Function (XOR) P Plaintext K Key

13 CIPHER AND DECIPHER A A K \n \n K A

14 CIPHER AND DECIPHER Z z K K z

15 PLAIN TEXT ATTACK! A \n K z K

16 ENSURING KEY PROTECTION A good cryptographic algorithm protects the key

17 CRYPTANALYSIS Cryptology hidden or secret Analysis untie or loosen Cryptanalysis untie secrets

18 CRYPTOGRAPHIC ATTACKS Known Plaintext Attacks Attacker knows the plaintext associated with the ciphertext. Encrypting information already made public Using the same signature for all recipients Chosen Plaintext Attacks Attacker has the message sender encrypt plaintext of his choosing, and gets access to the corresponding ciphertext Gardening during WWII with minesweeper ships Sending queries to a system and matching their output

19 SYMMETRIC ENCRYPTION Stream Ciphers Each plaintext character is encrypted with a different key character. Benefits are increased speed Block Ciphers A block of plaintext is manipulated, often several times, with a different block of key material. Benefits are increased security

20 A5/1 USED IN GSM PHONES

21 HARDENING THE ALGORITHM Confusion Finding the relationship between the a key and ciphertext should be as complex and involved as possible. The key should be protected from exposure even when an attacker has large amounts of ciphertext to analyze. Diffusion The statistical structure of plaintext should be dissipated over the bulk of ciphertext. Changing 1 bit of plaintext should change 50% of the overall ciphertext structure (an avalanche).

22 MIXING THINGS UP WITH S&P NETWORKS Substitution Take one unique set of input bits and returns another completely different set output bits Adds confusion to a cryptographic algorithm Permutation Take one unique set of input bits and returns the same set of output bits, however with different ordering Adds diffusion to a cryptographic algorithm

23 PRODUCT CIPHERS Block Ciphers that also have the following criteria: Operate on a fixed size block of text (e.g. 128bit) Utilizes a specific key size (e.g. 128bit, 192bit, 256 bit) Undergo multiple rounds of encryption (rounds) Keys are expanded via a key schedule Each round of encryption performs: Substitution: adding confusion Permutation: adding diffusion Key Mixing: encrypting data Expansion and reduction

24 KEY EXPANSION K Key Key Expander (E) EK Expanded Key KS Key Schedule Rotation Permutation

25 ROUNDS OF ENCRYPTION Input Block PT1 Block PT2 Block PT3 Block PT4 Cipher Text CT F F F F KS1 KS2 KS3 KS4

26 EACH ROUND OF ENCRYPTION IS PROCESSED Input Block PTx Substitution SBOX Permutation PBOX XOR Output Block PTx+1 KSx

27 PERMUTATION BOX - P Input Block PTx Permutation PBOX Output Block PTx

28 SUBSTITUTION BOX - S Permutation PBOX 6

29 DES - DATA ENCRYPTION STANDARD Developed in 1976 by IBM Selected by the National Bureau of Standards 64 Bit key, although really only 56 Bits, as every 8 th Bit is used for error-checking purposes 64 Bit block and 16 Rounds of processing Often used three times, known as Triple DES Not secure since 1999, use AES instead You can learn more by reading FIPS46-3

30 KEY SCHEDULE AND ROUNDS

31 FEISTEL NETWORK

32 AES - ADVANCED ENCRYPTION STANDARD Known as Rijndael, it was developed by Belgian cryptographers Vincent Rijmen and Joan Daemen during the AES competition Selected by the NIST to deprecate DES in 2001 Supports a 128, 192, or 256 Bit Key 128 Bit block, that performs 10, 12, or 14 rounds When you need to use symmetric encryption, you should probably use AES You can learn more by reading FIPS 197

33 a b c d e f c 77 7b f2 6b 6f d b fe d7 ab ca 82 c9 7d fa f0 ad d4 a2 af 9c a4 72 c0 20 b7 fd f f7 cc 34 a5 e5 f1 71 d c7 23 c a e2 eb 27 b c 1a 1b 6e 5a a0 52 3b d6 b3 29 e3 2f d1 00 ed 20 fc b1 fb 6a cb be 39 4a 4c 58 cf 60 d0 ef aa fb 43 4d f9 02 7f 50 3c 9f a a3 40 8f 92 9d 38 f5 bc b6 da ff f3 d3 80 cd 0c 13 ec 5f c4 a7 7e 3d 64 5d f dc 22 2a ee b8 14 de 5e 0b db a0 e0 32 3a 0a c c2 d3 ac e4 79 b0 e7 c8 37 d6 8d d5 4e a9 6c 56 f4 ea 65 7a ae 08 c0 ba e 1c a6 b4 c6 c8 dd 74 1f 4b bd 8b 8a d0 70 3e b f6 0e b9 86 c1 1d 94 e0 e1 f d9 8e 94 9b 1e 87 e9 ce df f0 8c a1 89 0d bf e d 0f b0 54 bb 16

34 SUB BYTES

35 SHIFT ROWS

36 MIX COLUMNS

38 CIPHER MODES When the amount of plaintext exceeds the block size of an algorithm, a cipher mode must be used ECB - Electronic Code Book Message is divided into blocks and encrypted CBC - Cipher Block Chaining Each block is XORed with previous block Counter Generates a key stream by incrementing a counter or making a nonce (number used once)

39 ELECTRONIC CODE BOOK

40 QUALITY OF ENCRYPTION ECB Before After

41 CIPHER BLOCK CHAINING

42 QUALITY OF ENCRYPTION CBC Before After

43 COUNTER

44 ONE WAY FUNCTIONS Cryptographic Digests, also known as Hashing Functions or One-Way Functions: 1. A variable length input (Pre Image) relates deterministically to a fixed length output (Digest) 2. The process of computing a pre image to a digest should be computationally easy 3. The process of inversely relating a digest to the it s corresponding pre image should be extremely difficult and computationally expensive

45 DIGESTS AT WORK P1 D1 P2 Function D2 P3 D3

46 TYPES OF DIGEST FUNCTIONS Any Block Cipher: Such as AES or DES MD5: Machine Digest (version 5) SHA1: Secure Hashing Algorithm) SHA2: 224 Bit through 512 Bit Whirlpool: Made by the designers of AES RIPEMD160: Designed in the open

47 WHEN TO USE DIGESTS Generating unique fingerprints for complex pre images Giving each multi-gigabyte video a unique id Compiling multiple data points into a single opaque Concealing pre images while preserving relationships Storing passwords securely in a database Storing personally identifiable information as an opaque Verifying data integrity Digest large files before and after transmission; if both digests match, then the file is not corrupt. Send the digest though a different medium then the file, if both digests match, then the file was not modified.

48 MESSAGE AUTHENTICATION CODES PI Pre Image Hash Function MAC Key or Salt

49 WHEN TO USE MACS More secure digests Using a unique Salt before digesting password Verifying authenticity If the MAC of the received file matches the MAC sent with the file, then the sender can be authenticated Verifying data integrity Any modification of the data by an adversary while in transit will result in an different MAC Key Recycling Having two keys, a Key Encryption Key and Transmission Key. When you digest both, the resulting output is the key.

50 ASYMMETRIC ENCRYPTION Two different, but mathematically linked keys (one public, one private) that secure data when used in pairs. Benefits: Key Exchange can be performed within a system that is compromised by an adversary. Keys can be used to encrypt or to sign data. Drawbacks: Key Generation is computationally expensive Encryption is slow and relies on integer factorization Not possible to use ciphering modes

51 PUBLIC / PRIVATE ENCRYPTION

52 SHARED SECRET

53 RSA The first practicable public-key cryptographic algorithm. Invented by Ron Rivest, Adi Shamir, and Leonard Adleman Published in 1977, used in many cryptosystems including SSL, SSH and PGP/GnuPG Typical Key Sizes are from 1024 through 4096 Relies on the mathematical difficulty of factoring the product of two prime numbers RSA have been broken with key sizes of 768 bits and lower, 768 was broken on December 12 th 2009

54 GENERATING RSA KEYS 1. Pick two large, random prime numbers; called p and q p = 11 q = 5 2. Multiply p and q to calculate the RSA modulus; called n n = p * q n = 11 * 5 n = Calculate the Totient of the RSA modulus; called z z = (p - 1 ) * (q - 1) z = (11-1) * (5-1) z = 10 * 4 z = 40

55 GENERATING RSA KEYS CONTINUED 4. Select a co-prime for z for your public key; called e 1 < e < z and gcd(e, z) = 1 e = 7 5. Find the multiplicative inverse of e mod z by extended Euclidian algorithm for your private key; called d e * d mod z = 1 7 * d mod 40 = 1 d = 23

56 PUBLIC AND PRIVATE KEY The Public Key is the modulus n and exponent e pub = (n, e) pub = (55, 7) The Private Key is the modulus n and exponent d pri = (n, d) pri = (55, 23) p 11 q 5 n 55 z 40 e 7 d 23 You can now share your Public Key with everyone, however must ensure that your Private Key stays a closely held secret.

57 ENCRYPTING DATA WITH RSA 1. Choose an integer value for the message; m where 0 <= m < n m = Solve for the ciphered message; c with the exponent e and modulus n c = m^e mod n c = 42^7 mod 55 c = 48 p 11 q 5 n 55 z 40 e 7 d 23 pub (55,7) pri (55,23)

58 DECRYPTING DATA WITH RSA 1. Solve for the plaintext message; m with the exponent d and modulus n m = c^d mod n m = 48^23 mod 55 m = 42 p 11 q 5 n 55 z 40 e 7 d 23 pub (55,7) pri (55,23) m 42 c 48

59 HOW TO USE RSA Transmit Keying Material 1. Randomly choose a key for a symmetric algorithm 2. Encrypt the key with an RSA public key and transmit 3. Utilize the symmetric cipher for transmitting data Digitally Sign Documents 1. Digest the document into a smaller fingerprint 2. Encrypt the digest with the senders RSA private key 3. Recipient decrypts the signature with the senders public key 4. Match the digests of the received document with the signature

60 DIFFIE-HELLMAN KEY EXCHANGE Instead of generating a key that can encrypt or sign data, generates material that allows two parties to generate a shared secret for use by symmetric algorithms. Invented by Whitfield Diffie and Martin Hellman in 1976 Key generation is faster, as only one large prime number is needed and the process is simpler As keys are quicker to generate, they can be once per transmission session; aiding in Forward Security By itself cannot be used to digitally sign documents, but is used by other cryptosystems that do so

61 GENERATING A SHARED SECRET 1. Both parties choose a shared prime number; p and base; g p = 23 g = 5 2. Both parties generate a secret integer; a and b a = 6 b = The A side calculates their public transport; A A = g^a mod p A = 5^6 mod 23 A = 8

62 GENERATING A SHARED SECRET CONTINUED 4. The B side calculates their public transport; B B = g^b mod p B = 5^15 mod 23 B = The A side calculates the secret key; s s = B^a mod p s = 19^6 mod p s = 2 p 23 g 5 a 6 b 15 A 8 B 19 s 2 6. The B side calculates the same secret key; s s = A^b mod p s = 8^15 mod p s = 2

63

64 OTHER ASYMMETRIC ALGORITHMS ElGamal Optimized for encrypting data due to being probabilistic A plaintext message can produce multiple ciphertexts Based off of the Diffie-Hellman key exchange protocol DSA - Digital Signature Algorithm Optimized for securely producing digital signatures Is a variant of ElGamal and is used in PGP and GnuPG Chosen by NIST as the Digital Signature Standard

65 LAST BUT NOT LEAST, SOMETHING RANDOM Creating proper cryptographic keys high levels of entropy 1. If there is a pattern used to generate a key, then the pattern, and thus the key, can be guessed 2. If there are a limited number of keys, the surface area for an attack is smaller, and the impact is larger 3. If an attacker controls the random generator, then the attacker controls key generation 4. Randomness is very hard to obtain with computers, so we often we settle with pseudo-randomness 5. Finding pseudo-random prime numbers is very costly

66 GETTING RANDOM DATA /dev/random! High Quality and High Cost Will block if entropy pool is empty /dev/urandom! Medium Quality and Low Cost Will digest new data if pool is empty

67 SUMMARY The Basics: what cryptography is at a fundamental level Symmetric Encryption: fast and well understood algorithms Digest Functions: great for fingerprints and opaque tokens Asymmetric Encryption: important part of any crypto system Randomness: hard to generate but very important to have

68 CONDENSED SUMMARY Understanding your tools lets you make make more secure systems

69 QUESTIONS Robert Sosinski

### Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.7

Written By: Adam Berent Advanced Encryption Standard by Example V.1.7 1.0 Preface The following document provides a detailed and easy to understand explanation of the implementation of the AES (RIJNDAEL)

### Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.5

Written By: Adam Berent Advanced Encryption Standard by Example V.1.5 1.0 Preface The following document provides a detailed and easy to understand explanation of the implementation of the AES (RIJNDAEL)

### Visa Smart Debit/Credit Certificate Authority Public Keys

CHIP AND NEW TECHNOLOGIES Visa Smart Debit/Credit Certificate Authority Public Keys Overview The EMV standard calls for the use of Public Key technology for offline authentication, for aspects of online

### Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

### Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

### Computer Security: Principles and Practice

Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

### 7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

### Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

Kommunikationssysteme (KSy) - Block 8 Secure Network Communication Part II II Public Key Cryptography Dr. Andreas Steffen 2000-2001 A. Steffen, 28.03.2001, KSy_RSA.ppt 1 Secure Key Distribution Problem

### IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

### Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice

Cryptography some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) modern secret key cryptography DES, AES public key cryptography RSA, digital signatures cryptography in practice

### EXAM questions for the course TTM4135 - Information Security May 2013. Part 1

EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

### CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

### CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

### Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

### Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

### KALE: A High-Degree Algebraic-Resistant Variant of The Advanced Encryption Standard

KALE: A High-Degree Algebraic-Resistant Variant of The Advanced Encryption Standard Dr. Gavekort c/o Vakiopaine Bar Kauppakatu 6, 41 Jyväskylä FINLAND mjos@iki.fi Abstract. We have discovered that the

### Cryptography and Network Security

PART-A Questions 1. Name the aspects to be considered of information security. 2. What is meant by deciphering? 3. What are the two different uses of public key cryptography related to key distribution?

### CRYPTOGRAPHY IN NETWORK SECURITY

ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

### 159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication

### Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 3 Symmetric Cryptography General Description Modes of ion Data ion Standard (DES)

### CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

### 1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?

### Network Security. Omer Rana

Network Security Omer Rana CM0255 Material from: Cryptography Components Sender Receiver Plaintext Encryption Ciphertext Decryption Plaintext Encryption algorithm: Plaintext Ciphertext Cipher: encryption

### Cryptography and Network Security Block Cipher

Cryptography and Network Security Block Cipher Xiang-Yang Li Modern Private Key Ciphers Stream ciphers The most famous: Vernam cipher Invented by Vernam, ( AT&T, in 1917) Process the message bit by bit

### Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

### Basics of Cryptography

Basics of Cryptography What is Cryptography? Cryptography is an applied branch of mathematics In some situations it can be used to provide Confidentiality Integrity Authentication Authorization Non-repudiation

### Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths

NIST Special Publication 800-131A Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths Elaine Barker and Allen Roginsky Computer Security Division Information

### Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...

### Cryptography and Network Security

Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard

### Lecture 9 - Network Security TDTS41-2006 (ht1)

Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,

### Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond

### SECURITY IN NETWORKS

SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

### Public Key Cryptography and RSA. Review: Number Theory Basics

Public Key Cryptography and RSA Murat Kantarcioglu Based on Prof. Ninghui Li s Slides Review: Number Theory Basics Definition An integer n > 1 is called a prime number if its positive divisors are 1 and

### Rijndael Encryption implementation on different platforms, with emphasis on performance

Rijndael Encryption implementation on different platforms, with emphasis on performance KAFUUMA JOHN SSENYONJO Bsc (Hons) Computer Software Theory University of Bath May 2005 Rijndael Encryption implementation

### Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,

### Authentication requirement Authentication function MAC Hash function Security of

UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

### Public Key Cryptography Overview

Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 1630-1830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic

### Cryptography & Network Security

Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security

### Cryptography and Network Security Chapter 12

Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 12 Message Authentication Codes At cats' green on the Sunday he

### Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

### Center for Internet Security. INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO

INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Private and Public Key Cryptography and Ransomware December 2014 Authored by:ted Fischer (CIS) Security Operations

### Properties of Secure Network Communication

Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,

### An Introduction to digital signatures

An Introduction to digital signatures This document is an extract from the book Ecommerce - Legal Issues authored by Rohas Nagpal. This book is available as courseware for the Diploma in Cyber Law and

### Public Key (asymmetric) Cryptography

Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,

### AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes

### Network Security. HIT Shimrit Tzur-David

Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

### Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead

### Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

### Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Network Security Chapter 8 Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security

### Overview of Symmetric Encryption

CS 361S Overview of Symmetric Encryption Vitaly Shmatikov Reading Assignment Read Kaufman 2.1-4 and 4.2 slide 2 Basic Problem ----- ----- -----? Given: both parties already know the same secret Goal: send

### Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?

### The Data Encryption Standard (DES)

The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric

### Lecture 9: Application of Cryptography

Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

### Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:

### Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

### Enhancing Advanced Encryption Standard S-Box Generation Based on Round Key

Enhancing Advanced Encryption Standard S-Box Generation Based on Round Key Julia Juremi Ramlan Mahmod Salasiah Sulaiman Jazrin Ramli Faculty of Computer Science and Information Technology, Universiti Putra

### A Novel Approach to combine Public-key encryption with Symmetric-key encryption

Volume 1, No. 4, June 2012 ISSN 2278-1080 The International Journal of Computer Science & Applications (TIJCSA) RESEARCH PAPER Available Online at http://www.journalofcomputerscience.com/ A Novel Approach

### Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

### lundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal

Symmetric Crypto Pierre-Alain Fouque Birthday Paradox In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal N=365, about 23 people are

### CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email

CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure

### Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 3 Block Ciphers and the Data Encryption Standard All the afternoon

### Symmetric Key cryptosystem

SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single

### Cryptography & Digital Signatures

Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.

### Cryptography and Network Security

Cryptography and Network Security Fifth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared

### AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

HYBRID RSA-AES ENCRYPTION FOR WEB SERVICES AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES Kalyani Ganesh

### The Mathematics of the RSA Public-Key Cryptosystem

The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through

### Evaluation of the RC4 Algorithm for Data Encryption

Evaluation of the RC4 Algorithm for Data Encryption Allam Mousa (1) and Ahmad Hamad (2) (1) Electrical Engineering Department An-Najah University, Nablus, Palestine (2) Systems Engineer PalTel Company,

### Overview of Public-Key Cryptography

CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows

### Network Security Technology Network Management

COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission

### CIS433/533 - Computer and Network Security Cryptography

CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and

### Developing and Investigation of a New Technique Combining Message Authentication and Encryption

Developing and Investigation of a New Technique Combining Message Authentication and Encryption Eyas El-Qawasmeh and Saleem Masadeh Computer Science Dept. Jordan University for Science and Technology P.O.

### Chapter 8. Network Security

Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who

### USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security

### Cryptography and Network Security Digital Signature

Cryptography and Network Security Digital Signature Xiang-Yang Li Message Authentication Digital Signature Authentication Authentication requirements Authentication functions Mechanisms MAC: message authentication

### Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public

### CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher

### SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,

### Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Principles of Public Key Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter : Security on Network and Transport

### Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

### CrypTool. www.cryptool.de www.cryptool.com www.cryptool.org. Claudia Eckert / Thorsten Clausius Bernd Esslinger / Jörg Schneider / Henrik Koy

CrypTool A free software program for creating awareness of IT security issues for learning about and obtaining experience of cryptography for demonstrating encryption algorithms and analysis procedures

### Overview. SSL Cryptography Overview CHAPTER 1

CHAPTER 1 Secure Sockets Layer (SSL) is an application-layer protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through

### Lecture 5 - Cryptography

CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/

### Application Layer (1)

Application Layer (1) Functionality: providing applications (e-mail, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number

### Digital Signature For Text File

Digital Signature For Text File Ayad Ibrahim Abdulsada Dept. of Computer Science, College of Education, University of Basrah, Basrah, Iraq. E-mail: mraiadibraheem@yahoo.com Abstract: Digital signatures

### Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Network Security Security Crytographic algorithms Security Services Secret key (DES) Public key (RSA) Message digest (MD5) privacy authenticity Message integrity Secret Key Encryption Plain text Plain

### Chapter 7: Network security

Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

### Savitribai Phule Pune University

Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

### Split Based Encryption in Secure File Transfer

Split Based Encryption in Secure File Transfer Parul Rathor, Rohit Sehgal Assistant Professor, Dept. of CSE, IET, Nagpur University, India Assistant Professor, Dept. of CSE, IET, Alwar, Rajasthan Technical

### CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY Varun Gandhi 1 Department of Computer Science and Engineering, Dronacharya College of Engineering, Khentawas,

### CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

### The Advanced Encryption Standard (AES)

The Advanced Encryption Standard (AES) Conception - Why A New Cipher? Conception - Why A New Cipher? DES had outlived its usefulness Vulnerabilities were becoming known 56-bit key was too small Too slow

### CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1

CSCI-E46: Applied Network Security Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 Welcome to CSCI-E46 Classroom & Schedule 53 Church Street L01 Wednesdays,

### Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide

### The Misuse of RC4 in Microsoft Word and Excel

The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft

### CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data

### Cryptography Lecture 8. Digital signatures, hash functions

Cryptography Lecture 8 Digital signatures, hash functions A Message Authentication Code is what you get from symmetric cryptography A MAC is used to prevent Eve from creating a new message and inserting

### An Introduction to Cryptography as Applied to the Smart Grid

An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric