Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010"

Transcription

1 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall

2 Introduction to Cryptography What is cryptography? Types of cryptography Attacks on cryptosystem Early ciphers SKC, PKC, Hash Security notions 2

3 What Is Cryptography? Cryptography is the art of secret writing Traditional use: encryption Cryptographic systems: algorithm+secret Cryptology: cryptography+cryptanalysis 3

4 Types of Cryptography Operations used to transform plaintext to ciphertext: - Substitution: each element in plaintext is mapped into another element - Transposition: elements in plaintext are rearranged Number of keys used: - Single-key: secret-key cryptography - Two-key: public-key cryptography - Zero-key: hash functions The way plaintext is processed: - Block cipher: input & output in blocks - Stream cipher: input & output in bits 4

5 Conventional Cryptography: Symmetric Encryption Plaintext: original message Encryption algorithm: substitutions/transpositions Secret key: independent of plaintext and algorithm Ciphertext: depends on plaintext and key, appears random Decryption algorithm: reverse of encryption 5

6 Attacking Cryptosystems Cryptanalysis: attempts to deduce the plaintext and/or the key being used, with knowledge of the nature of the algorithm + general characteristics of plaintext + some sample plaintext-ciphertext pairs Brute-force attack: attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. On average, half of all possible keys must be tried to achieve success. 6

7 Types of Cryptanalytic Attacks 7

8 Brute-force Attacks Average Time Required for Exhaustive Key Search 8

9 Early Ciphers: Substitution Substitution: letters of plaintext are replaced by other letters or by numbers or symbols, involves replacing plaintext bit patterns with ciphertext bit patterns Caesar cipher Captain Midnight Secret Decoder Rings Monoalphabetic cipher Hill cipher Polyalphabetic cipher (Vigenere) One-time pad 9

10 Caesar Cipher Replacing each letter of the alphabet with the letter three places further down the alphabet, e.g., Captain Midnight Secret Decoder Ring (slightly enhanced): If a numerical value is assigned to each letter, for each plaintext letter p, the ciphertext letter C=E(k, p)=(p+k) mod 26 where k takes on the value in [1,25]: Subject to brute-force attack: simply try all 25 possible k 10

11 Monoalphabetic Cipher The "cipher" line can be any permutation of the 26 alphabetic characters, 26! or around 4x10 26 possible keys: Is it secure enough to resist cryptanalysis? Consider: By exploiting the regularities of the language and counting letter frequencies: The following can be recovered: 11

12 Hill Cipher Takes m successive plaintext letters and substitutes for them m ciphertext letters The substitution is determined by m linear equations in which each character is assigned a numerical value (a = 0, b = 1... z = 25) For example: m = 3 for plaintext paymoremoney and encryption key we have ciphertext: LNSHDLEWMTRW 12

13 Polyalphabetic Cipher Use different monoalphabetic substitutions as one proceeds through the plaintext message Vigenere cipher: best known polyalphabetic cipher. The set of related monoalphabetic substitution rules consists of the 26 Caesar ciphers, with shifts of 0 through 25. For keyword deceptive and plaintext we are discovered save yourself, the encryption works as: Vulnerable to cryptanalysis: the key and plaintext share the same language regularities and frequency distribution of letters. Solutions? 13

14 One-time Pad Use a random key that is as long as the message so that the key need not be repeated The key is used to encrypt and decrypt a single message, and then is discarded Perfectly secure: unbreakable because it produces random output (from the random key) that bears no statistical relationship to the plaintext Drawbacks: large quantities of random keys needed, key distribution and protection (both sender and receiver) 14

15 Early Ciphers: Transposition Different from substituting a ciphertext symbol for a plaintext symbol Transposition cipher: performs some sort of permutation/rearrangement on plaintext letters Cryptanalysis is straightforward: a transposition cipher has the same letter frequency as plaintext Can be made more secure by performing more than one stage of transposition (result is not easily reconstructed) 15

16 Rail Fence Cipher Simplest transposition cipher Plaintext is written down as a sequence of diagonals and then read off as a sequence of rows Plaintext: Ciphertext: Trivial to attack 16

17 Double Transposition A more complex scheme: permute the order of the columns with a key Double transposition: more than one permutation, number the above plaintext letters 1-28 and after the first permutation we have After the 2 nd permutation? 17

18 Secret Key Cryptography (SKC) Aka: conventional cryptography, symmetric cryptography Use a single key Ciphertext about the same length as plaintext Examples: Captain Midnight code, monoalphabetic cipher, DES, AES, RC4 plaintext encryption shared secret key ciphertext ciphertext decryption plaintext 18

19 SKC Applications Transmitting over an insecure channel Secure storage on insecure media Authentication: Integrity check: message authentication code (MAC), aka, message integrity check (MIC) 19

20 Public Key Cryptography (PKC) Aka: asymmetric cryptography, invented in 1970s Use two keys: a public key known to everyone, a private key kept secret to the owner Encryption/decryption: encryption can be done by everyone using the recipient s public key, decryption can be done only by the recipient with his/her private key encryption plaintext ciphertext pub B ( puba, pri A) ( pubb, prib) pri B ciphertext decryption plaintext 20

21 PKC Applications Everything that SKC does can be done by PKC Transmitting over an insecure channel Secure storage over insecure media Authentication Key exchange: establish a shared session key with PKC 21

22 PKC Applications (Cont d) Digital signature: non-repudiation plaintext sign Signed message pri A ( puba, pri A) ( pubb, prib) pub A Signed message verify True or false 22

23 Hash Functions Aka: message digests, one-way transformations Take a message m of arbitrary length (transformed into a string of bits) and computes from it a fixed-length (short) number h(m) Properties: - easy-to-compute: for any message m, it is relatively easy to compute h(m) - non-reversible: given h(m), there is no way to find an m that hashes to h(m) except trying all possibilities of m - computationally infeasible to find m and m such that h(m)=h(m ) and m!=m 23

24 Applications of Hash Functions Password hashing Message integrity: keyed hash File fingerprint Downline load security Digital signature efficiency 24

25 Security Notions Unconditionally secure: ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext is available. Perfectly secure, unlimited power of adversary Provably secure: under the assumption of well-known hard mathematical problem, e.g., factoring large numbers, discrete logarithm problem Computationally secure: if cost of breaking the cipher exceeds the value of the encrypted information, or time required to break the cipher exceeds the useful lifetime of the information, practical security 25

26 Cryptography vs. Steganography Cryptography conceals the context of message Steganography conceals the existence of message, useful when the fact of secret communication should be concealed - an arrangement of words/letters of the overall message spells out the hidden message - character marking: selected letters overwritten in pencil, not visible unless the paper is held at an angle to bright light - invisible ink: substances used for writing but leave no visible trace until heat or some chemical is applied to the paper - pin punctures: small pin punctures on selected letters are not visible unless the paper is held up in front of a light Drawbacks of steganography: high overhead to hide a relatively few bits of information, becomes worthless once the system is discovered (can make insertion depend on key) 26

27 Reading Assignments [Kaufman] Chapter 2 27

uses same key for encryption, decryption classical, conventional, single-key encryption

uses same key for encryption, decryption classical, conventional, single-key encryption CEN 448 Security and Internet Protocols Chapter 2 Classical Encryption Techniques Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University

More information

Cryptography & Network Security

Cryptography & Network Security Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Xiang-Yang Li Introduction The art of war teaches us not on the likelihood of the enemy s not coming, but on our own readiness to receive him; not on the chance of his

More information

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0 APNIC elearning: Cryptography Basics Contact: training@apnic.net esec02_v1.0 Overview Cryptography Cryptographic Algorithms Encryption Symmetric-Key Algorithm Block and Stream Cipher Asymmetric Key Algorithm

More information

Network Security. HIT Shimrit Tzur-David

Network Security. HIT Shimrit Tzur-David Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

More information

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers Cryptography Basics IT443 Network Security Administration Instructor: Bo Sheng Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions 1 2 Encryption/Decryption

More information

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g. Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Secret Writing. Introduction to Cryptography. Encryption. Decryption. Kerckhoffs s ( ) Principle. Security of Cryptographic System

Secret Writing. Introduction to Cryptography. Encryption. Decryption. Kerckhoffs s ( ) Principle. Security of Cryptographic System Introduction to Cryptography ECEN 1200, Telecommunications 1 Secret Writing Cryptography is the science and study of secret writing. More specifically, cryptography is concerned with techniques for enciphering

More information

Cryptography and Network Security Chapter 2

Cryptography and Network Security Chapter 2 Cryptography and Network Security Chapter 2 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 2 Classical Encryption Techniques "I am fairly familiar with all

More information

Applied Cryptology. Ed Crowley

Applied Cryptology. Ed Crowley Applied Cryptology Ed Crowley 1 Basics Topics Basic Services and Operations Symmetric Cryptography Encryption and Symmetric Algorithms Asymmetric Cryptography Authentication, Nonrepudiation, and Asymmetric

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 1: Introduction Ion Petre Department of IT, Åbo Akademi University January 10, 2012 1 Motto Unfortunately, the technical

More information

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it

More information

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

Introduction to Cryptography

Introduction to Cryptography Introduction to Cryptography Part 2: public-key cryptography Jean-Sébastien Coron January 2007 Public-key cryptography Invented by Diffie and Hellman in 1976. Revolutionized the field. Each user now has

More information

Cryptology introduction

Cryptology introduction Cryptology introduction Martin Stanek Department of Computer Science Comenius University stanek@dcs.fmph.uniba.sk Cryptology 1 (2015/16) Content Introduction security requirements Encryption simple examples,

More information

IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

More information

Sandeep Mahapatra Department of Computer Science and Engineering PEC, University of Technology s.mahapatra15101987@gmail.com

Sandeep Mahapatra Department of Computer Science and Engineering PEC, University of Technology s.mahapatra15101987@gmail.com Computing For Nation Development, March 10 11, 2011 Bharati Vidyapeeth s Institute of Computer Applications and Management, New Delhi A Comparative Evaluation of Various Encryptions Techniques Committing

More information

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Module No. # 01 Lecture No. # 05 Classic Cryptosystems (Refer Slide Time: 00:42)

More information

Network Security: Cryptography CS/SS G513 S.K. Sahay

Network Security: Cryptography CS/SS G513 S.K. Sahay Network Security: Cryptography CS/SS G513 S.K. Sahay BITS-Pilani, K.K. Birla Goa Campus, Goa S.K. Sahay Network Security: Cryptography 1 Introduction Network security: measure to protect data/information

More information

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

More information

CRYPTOGRAPHY IN NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

More information

Application Layer (1)

Application Layer (1) Application Layer (1) Functionality: providing applications (e-mail, Web service, USENET, ftp etc) providing support protocols to allow the real applications to function properly (e.g. HTTP for Web appl.)

More information

Security usually depends on the secrecy of the key, not the secrecy of the algorithm (i.e., the open design model!)

Security usually depends on the secrecy of the key, not the secrecy of the algorithm (i.e., the open design model!) 1 A cryptosystem has (at least) five ingredients: 1. 2. 3. 4. 5. Plaintext Secret Key Ciphertext Encryption algorithm Decryption algorithm Security usually depends on the secrecy of the key, not the secrecy

More information

Chapter 10. Network Security

Chapter 10. Network Security Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

More information

Lecture 9: Application of Cryptography

Lecture 9: Application of Cryptography Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

More information

Today ENCRYPTION. Cryptography example. Basic principles of cryptography

Today ENCRYPTION. Cryptography example. Basic principles of cryptography Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer on-line. This lecture discusses one of the main technological solutions. The use

More information

Cryptography and Cryptanalysis

Cryptography and Cryptanalysis Cryptography and Cryptanalysis Feryâl Alayont University of Arizona December 9, 2003 1 Cryptography: derived from the Greek words kryptos, meaning hidden, and graphos, meaning writing. Cryptography is

More information

CIS433/533 - Computer and Network Security Cryptography

CIS433/533 - Computer and Network Security Cryptography CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and

More information

Table of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch

Table of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch 1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...

More information

Data Encryption A B C D E F G H I J K L M N O P Q R S T U V W X Y Z. we would encrypt the string IDESOFMARCH as follows:

Data Encryption A B C D E F G H I J K L M N O P Q R S T U V W X Y Z. we would encrypt the string IDESOFMARCH as follows: Data Encryption Encryption refers to the coding of information in order to keep it secret. Encryption is accomplished by transforming the string of characters comprising the information to produce a new

More information

Chapter 23. Database Security. Security Issues. Database Security

Chapter 23. Database Security. Security Issues. Database Security Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database

More information

Block encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015

Block encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015 CS-4920: Lecture 7 Secret key cryptography Reading Chapter 3 (pp. 59-75, 92-93) Today s Outcomes Discuss block and key length issues related to secret key cryptography Define several terms related to secret

More information

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/ Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

More information

Symmetric Key cryptosystem

Symmetric Key cryptosystem SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single

More information

7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

More information

Tutorial 2. May 11, 2015

Tutorial 2. May 11, 2015 Tutorial 2 May 11, 2015 I. Basic Notions Review Questions Chapter 5 & 11 Multiple-choice Example Chapter 5 Which is the first step in securing an operating system? a. implement patch management b. configure

More information

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,

More information

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

More information

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

More information

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION September 2010 (reviewed September 2014) ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK NETWORK SECURITY

More information

Application Layer (1)

Application Layer (1) Application Layer (1) Functionality: providing applications (e-mail, www, USENET etc) providing support protocols to allow the real applications to function properly security comprising a large number

More information

The Elements of Cryptography

The Elements of Cryptography The Elements of Cryptography (March 30, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish

More information

Introduction to Cryptography CS 355

Introduction to Cryptography CS 355 Introduction to Cryptography CS 355 Lecture 2 Classical Cryptography: Shift Cipher and Substitution Cipher CS 355 Fall 2005/Lecture 2 1 Announcements Join class mailing list CS355_Fall2005@cs.purdue.edu

More information

SECURITY IN NETWORKS

SECURITY IN NETWORKS SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

More information

Evaluation of the RC4 Algorithm for Data Encryption

Evaluation of the RC4 Algorithm for Data Encryption Evaluation of the RC4 Algorithm for Data Encryption Allam Mousa (1) and Ahmad Hamad (2) (1) Electrical Engineering Department An-Najah University, Nablus, Palestine (2) Systems Engineer PalTel Company,

More information

Lecture 9 - Network Security TDTS41-2006 (ht1)

Lecture 9 - Network Security TDTS41-2006 (ht1) Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,

More information

Shift Cipher. Ahmet Burak Can Hacettepe University. Substitution Cipher. Enigma Machine. How perfect secrecy can be satisfied?

Shift Cipher. Ahmet Burak Can Hacettepe University. Substitution Cipher. Enigma Machine. How perfect secrecy can be satisfied? One Time Pad, Block Ciphers, Encryption Modes Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr Basic Ciphers Shift Cipher Brute-force attack can easily break Substitution Cipher Frequency analysis

More information

Fundamentals of Computer Security

Fundamentals of Computer Security Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A Message From Our Sponsors Fundamentals System/Network Security, crypto How do things work Why How to design secure

More information

Introduction To Security and Privacy Einführung in die IT-Sicherheit I

Introduction To Security and Privacy Einführung in die IT-Sicherheit I Introduction To Security and Privacy Einführung in die IT-Sicherheit I Prof. Dr. rer. nat. Doğan Kesdoğan Institut für Wirtschaftsinformatik kesdogan@fb5.uni-siegen.de http://www.uni-siegen.de/fb5/itsec/

More information

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

More information

Message Authentication Codes

Message Authentication Codes 2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

More information

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a

More information

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 CSCI-E46: Applied Network Security Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 Welcome to CSCI-E46 Classroom & Schedule 53 Church Street L01 Wednesdays,

More information

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014 Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes

More information

Lecture 5 - Cryptography

Lecture 5 - Cryptography CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/

More information

Chapter 23. Database Security. Security Issues. Database Security

Chapter 23. Database Security. Security Issues. Database Security Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

Chap 2. Basic Encryption and Decryption

Chap 2. Basic Encryption and Decryption Chap 2. Basic Encryption and Decryption H. Lee Kwang Department of Electrical Engineering & Computer Science, KAIST Objectives Concepts of encryption Cryptanalysis: how encryption systems are broken 2.1

More information

CSE331: Introduction to Networks and Security. Lecture 20 Fall 2006

CSE331: Introduction to Networks and Security. Lecture 20 Fall 2006 CSE331: Introduction to Networks and Security Lecture 20 Fall 2006 Announcements Homework 2 has been assigned: **NEW DUE DATE** It's now due on Friday, November 3rd. Midterm 2 is Friday, November 10th

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

More information

FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION

FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION INTRODUCTION GANESH ESWAR KUMAR. P Dr. M.G.R University, Maduravoyal, Chennai. Email: geswarkumar@gmail.com Every day, millions of people

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard

More information

About the Tutorial. Audience. Prerequisites. Disclaimer & Copyright. Cryptography

About the Tutorial. Audience. Prerequisites. Disclaimer & Copyright. Cryptography About the Tutorial This tutorial covers the basics of the science of cryptography. It explains how programmers and network professionals can use cryptography to maintain the privacy of computer data. Starting

More information

Today. Network Security. Crypto as Munitions. Crypto as Munitions. History of Cryptography

Today. Network Security. Crypto as Munitions. Crypto as Munitions. History of Cryptography Network Security Symmetric Key Cryptography Today Substitution Ciphers Transposition Ciphers Cryptanalysis 1 2 Crypto as Munitions Does: protecting information kill enemies? failure to protect information

More information

Network Security Technology Network Management

Network Security Technology Network Management COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission

More information

Stream Ciphers. Example of Stream Decryption. Example of Stream Encryption. Real Cipher Streams. Terminology. Introduction to Modern Cryptography

Stream Ciphers. Example of Stream Decryption. Example of Stream Encryption. Real Cipher Streams. Terminology. Introduction to Modern Cryptography Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers Stream Ciphers Start with a secret key ( seed ) Generate a keying stream i-th bit/byte of keying stream is a function

More information

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

More information

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Hash Functions and Digital Signatures Pavel Laskov Wilhelm Schickard Institute for Computer Science Integrity objective in a wide sense Reliability Transmission errors

More information

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Karagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Karagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Karagpur Lecture No. #06 Cryptanalysis of Classical Ciphers (Refer

More information

An Introduction to Cryptography and Digital Signatures

An Introduction to Cryptography and Digital Signatures An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through

More information

Cryptography & Digital Signatures

Cryptography & Digital Signatures Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.

More information

Message Authentication

Message Authentication Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the

More information

Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

More information

CRYPTOGRAPHIC PRIMITIVES AN INTRODUCTION TO THE THEORY AND PRACTICE BEHIND MODERN CRYPTOGRAPHY

CRYPTOGRAPHIC PRIMITIVES AN INTRODUCTION TO THE THEORY AND PRACTICE BEHIND MODERN CRYPTOGRAPHY CRYPTOGRAPHIC PRIMITIVES AN INTRODUCTION TO THE THEORY AND PRACTICE BEHIND MODERN CRYPTOGRAPHY Robert Sosinski Founder & Engineering Fellow Known as "America's Cryptologic Wing", is the only Air Force

More information

Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2

Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2 Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2 Research Student, Bharti Vidyapeeth, Pune, India sd_patil057@rediffmail.com Modern College of Engineering,

More information

Introduction. Digital Signature

Introduction. Digital Signature Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology

More information

Public Key (asymmetric) Cryptography

Public Key (asymmetric) Cryptography Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,

More information

Cryptography and Network Security Chapter 11. Fourth Edition by William Stallings

Cryptography and Network Security Chapter 11. Fourth Edition by William Stallings Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Chapter 11 Message Authentication and Hash Functions At cats' green on the Sunday he took the message from the inside of

More information

Cryptographic process for Cyber Safeguard by using PGP

Cryptographic process for Cyber Safeguard by using PGP Cryptographic process for Cyber Safeguard by using PGP Bharatratna P. Gaikwad 1 Department of Computer Science and IT, Dr. Babasaheb Ambedkar Marathwada University Aurangabad, India 1 ABSTRACT: Data security

More information

CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data

More information

Chapter 7: Network security

Chapter 7: Network security Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

More information

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science Ky Vu DeVry University, Atlanta Georgia College of Arts & Science Table of Contents - Objective - Cryptography: An Overview - Symmetric Key - Asymmetric Key - Transparent Key: A Paradigm Shift - Security

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

PUBLIC KEY ENCRYPTION

PUBLIC KEY ENCRYPTION PUBLIC KEY ENCRYPTION http://www.tutorialspoint.com/cryptography/public_key_encryption.htm Copyright tutorialspoint.com Public Key Cryptography Unlike symmetric key cryptography, we do not find historical

More information

Modes of Operation of Block Ciphers

Modes of Operation of Block Ciphers Chapter 3 Modes of Operation of Block Ciphers A bitblock encryption function f: F n 2 Fn 2 is primarily defined on blocks of fixed length n To encrypt longer (or shorter) bit sequences the sender must

More information

The Data Encryption Standard (DES)

The Data Encryption Standard (DES) The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric

More information

6.857 Computer and Network Security Fall Term, 1997 Lecture 4 : 16 September 1997 Lecturer: Ron Rivest Scribe: Michelle Goldberg 1 Conditionally Secure Cryptography Conditionally (or computationally) secure

More information

Principles of Network Security

Principles of Network Security he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy

More information

Cryptography Exercises

Cryptography Exercises Cryptography Exercises 1 Contents 1 source coding 3 2 Caesar Cipher 4 3 Ciphertext-only Attack 5 4 Classification of Cryptosystems-Network Nodes 6 5 Properties of modulo Operation 10 6 Vernam Cipher 11

More information

Recommendation for Applications Using Approved Hash Algorithms

Recommendation for Applications Using Approved Hash Algorithms NIST Special Publication 800-107 Recommendation for Applications Using Approved Hash Algorithms Quynh Dang Computer Security Division Information Technology Laboratory C O M P U T E R S E C U R I T Y February

More information

Introduction to Symmetric and Asymmetric Cryptography

Introduction to Symmetric and Asymmetric Cryptography Introduction to Symmetric and Asymmetric Cryptography Ali E. Abdallah Birmingham CityUniversity Email: Ali.Abdallah@bcu.ac.uk Lectures are part of the project: ConSoLiDatE Multi-disciplinary Cooperation

More information

Security and Cryptography just by images

Security and Cryptography just by images Security and Cryptography just by images Pascal Lafourcade 2009 pascal.lafourcade@imag.fr 1 / 52 Motivations Applications 2 / 52 Motivations Secrecy or Confidentiality Alice communicates with the White

More information

Security and Cryptography 1. Stefan Köpsell, Thorsten Strufe. Module 4: Basic Crypto, Stream Ciphers

Security and Cryptography 1. Stefan Köpsell, Thorsten Strufe. Module 4: Basic Crypto, Stream Ciphers Security and Cryptography 1 Stefan Köpsell, Thorsten Strufe Module 4: Basic Crypto, Stream Ciphers Disclaimer: Günter Schäfer, Mark Manulis, large parts from Dan Boneh Dresden, WS 16/17 Reprise from the

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information