Public Key Cryptography Overview

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Public Key Cryptography Overview"

Transcription

1 Ch.20 Public-Key Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic devices: cell phone/pda/laptop/calculator» Open book/notes Extra credit project due on the same day of final Technical Details for Sec 2.2 to 2.4 secure hash functions and HMAC RSA & Diffie-Hellman Public-Key Algorithms 1 Public Key Cryptography Overview Message authentication authentication codes and hash functions Public key encryption: principles and algorithms Exchange of conventional keys Digital signatures Revisit key management 2 1

2 Recall Security Services (CIA) Confidentiality protection from passive attacks Integrity received as sent, no modifications, insertions, shuffling or replays Authentication you are who you claim you are Both message content and message source 3 Security Attacks On the Internet, nobody knows you re a dog - by Peter Steiner, New York, July 5,

3 Security Attacks Active threats Masquerade Replay Modification of message contents Denial of service Message authentication helps prevent these! 5 What Is Message Authentication It s the source, of course! Procedure that allows communicating parties to verify that received messages are authentic Characteristics: source is authentic masquerading contents unaltered message modification timely sequencing replay 6 3

4 Can We Use Conventional Encryption? Yes, Only when sender and receiver share a key Include a time stamp Include an error detection code and a sequence number Active threats Masquerade Replay Modification of message contents Denial of service 7 Message Authentication Without Encryption: Fast! Append an authentication tag to a message Message read at the destination independent of the authentication function No message confidentiality 8 4

5 App. of Message Authentication w/o Confidentiality Application that broadcasts a message Broadcast to many different destinations only one destination needs to monitor for authenticity Too heavy a load to decrypt A control center collects massive amount of data random authentication checking Computer executables and files Do not need to decrypt every execution checked when assurance required 9 Life Without Authentication like airport without traffic control 10 5

6 Message Authentication Code Message Authentication Code (MAC) use a secret key to generate a small block of data that is appended to the message Assume: A and B share a common secret key K AB MAC M = F(K AB,M) 11 Message Authentication Code 12 6

7 Benefits of Message Authentication Code Receiver assured that message is not altered no modification Receiver assured that the message is from the alleged sender no masquerading Include a sequence number, assured proper sequence no replay 13 Message Authentication Code using DES DESis used to encrypt the message, and the last 16 or 32 bits is used as the MAC MACsneed not be reversible Less vulnerable to being broken than encryption Like Checksum Stands up to attack But there is an alternative

8 One-Way Hash Function Hash functionis a building block of MAC accepts a variable size message M as input produces a fixed-size message digest H(M) as output No secret keyas input Message digest is sent with the message for authentication Produces a fingerprint of the message 15 One-Way Hash Function: method 1 Shared key Message digest H(M) Authenticity is assured 16 8

9 One-Way Hash Function: method 2 Digital signature No key distribution Less computation since message does not have to be encrypted 17 One-Way Hash Function Ideally We Would Like To Avoid Encryption Encryption software is slow Encryption hardware costs aren t cheap Hardware optimized toward large data sizes Algorithms covered by patents Algorithms subject to export control 18 9

10 One-Way Hash Function: method 3 secret value S AB MD M M MD M = H(S AB M) No encryption for message authentication Secret value never sent; can t modify the message Important technique for Digital Signatures 19 Weak Strong Hash Function Requirements 1. H can be applied to a block of data of any size 2. H produces a fixed length output 3. H(x) is relatively easy to compute 4. For any given code h, it is computationally infeasible to find x such that H(x) = h; (one way) 5. For any given block x, it is computationally infeasible to find y x with H(y) = H(x) (weak collision resistance) For a given block 6. It is computationally infeasible to find any pair (x,y) such that H(x) = H(y) (strong collision resistance) NOT a single pair 20 10

11 Simple Hash Functions secure (or one-way) hash function used in message authentication and digital signatures a hash functions processes an input block at a time in an iterative fashion Input: a sequence of n-bit blocks Processed: one block at a time, producing an n-bit hash Simplest: Bit-by-bit XOR of every block C Longitudinal redundancy check i = b i1 b i2 L b im 21 Bitwise XOR Problem: to easy to find the same H(x) for a different y E.g., Switch the order of two blocks Solution: Eliminate predictability of data One-bit circular shift: RXOR, randomizing Rotate the current hash value to the left by one bit 22 11

12 Secure Hash Algorithm (SHA) SHA-1, FIPS 180, (RFC3174) Developed by NIST in 1995 Input is processed in 512-bit blocks Produces as output a 160-bit message digest Every bit of the hash code is a function of every bit of the input Very secure, so far! --- WANG05: NIST issued revised FIPS in 2002 adds 3 additional versions: SHA-256, SHA-384, SHA-512 with 256/384/512-bit hash values same basic structure as SHA-1 but greater security NIST intend to phase out SHA-1 use in Comparison of SHA Parameters 24 12

13 SHA-512 Structure input a message with a max length of less than bits output a 512-bit message digest Step 1: Append padding bits: Step 2: Append length: an unsigned 128-bit integer length of the original message (before padding). Step 3: Initialize hash buffer: 8 registers of 64-bit Step 4: Process the msg. in 1024-bit blocks, in 80 rounds Step 5: Output the final hash buffer value The SHA-512 algorithm has the property that every bit of the hash code is a function of every bit of the input. the difficulty of coming up with two messages having the same message digest is on the order of operations 25 SHA-512 Secure Hash Function append padding bits append length compression function output Every bit of the hash code is a function of every bit of the input! 26 13

14 SHA-512 Secure Hash Function 27 Other Secure Hash Functions most based on iterated hash function design (Merkle 1979) Most follow basic structure of SHA-1 If the compression function is collision resistant, then so is the resultant iterated hash function Proven secure; new structures may bring new vulnerability MD5, Message Digest (RFC1321) most widely used hash until recently, Ron Rivest, 1992 produces 128-bit hash, now too small» Security of 128-bit hash code has become questionable (1996, 2004)» CPU is faster, 2^64 is not a big deal any more Whirlpool (EU NESSIE endorsed hash) developed by Vincent Rijmen & Paulo Barreto compression function is AES derived W block cipher produces 512-bit hash 28 14

15 keyed-hash Message Authentication Code (HMAC ) Needs of generate MAC (message authentication code) using a cryptographic hash Executes faster in software; No export restrictions Simultaneously verify integrity and authenticity due to fast speed and broad code availability Modifying secure hash function to generate MACs SHA was not designed for generating MACs HAMC incorporates a key into use of hash algorithm HMAC (RFC2104) widely supported used in IPsec, TLS & SET HMAC treats a hash as black box HMAC proven secure if embedded hash function has reasonable cryptographic strength 29 K + is padded K HMAC Structure repeat Message, M (including any padding) Two generated secret keys output repeat By passing S i and S o through the hash algorithm, we have pseudoradomly generated two keys from K. HMAC(K,M) = Hash[(K + XOR opad) Hash[(K + XOR ipad) M)] 30 15

16 Security of HMAC security based on underlying hash strength Security of MAC: prob of successful forgery with a given time and a given # of msg-mac pairs Attack 1: either attacker computes an output even with a random secret IV (unknown to attacker) brute force key O(2 n ), or use birthday attack Attack 2: attacker finds collisions in hash function even when the IV is random and secret i.e., find M and M' such that H(M) = H(M') birthday attack O(2 n/2 ) MD5 secure in HMAC due to the time limit to collect msg-mac pairs 31 Public Key Encryption Diffieand Hellman, New Directions In Cryptography 1976 First revolutionary advance in cryptography in thousands of years Based on mathematical functions, not bit manipulation Asymmetric, two separate key Profound effecton confidentiality, key distribution and authentication 32 16

17 Public Key Ingredients Plaintext: message input into the algorithm Encryption algorithm: transformations on plaintext Public & Private Key: pair of keys, one for encryption; one for decryption Ciphertext: scrambled message Decryption algorithm: produces original plaintext 33 Basic Steps of Encryption Each user generates a pair of keys: wiliki The public key goes in a public register The private key is kept private If Bob wishes to send a private message to Alice, Bob encrypts the message using Alice s public key When Alice receives the message, she decrypts using her private key 34 17

18 Public Key Encryption 35 Public Key Authentication 36 18

19 Public Key Applications Encryption/decryption encrypts a message with the recipient s public key Digital signature sender signs a message with private key Key Exchange two sides cooperate to exchange a session key

20 Requirements For Public Key, 1/2 Easy for party B to generate pairs: public key KU b ; private key KR b Easy for sender A to generate cipertext using public key: C = E KUb (M) Easy for receiver B to decrypt using the private key to recover original message M = D KRb (C) = D KRb [E KUb (M)] 39 Requirements For Public Key, 2/2 It is computationally infeasible for an opponent, knowing the public key KU b to determine the private key KR b It is computationally infeasible for an opponent, knowing the public key KU b and a ciphertext C, to recover the original message M Either of the two related keys can be used for encryption, with the other used for decryption M = D KRb [E KUb (M)]= D KUb [E KRb (M)] 40 20

21 RSA Algorithm Ron Rivest, Adi Shamir, Len Adleman 1977 Most widely accepted and implemented approach to public key encryption Block cipher, where message M and ciphertext C are integers between 0 and n-1 for some n Theory behind RSA: uses the exponentiation of integers modulo a prime Encryption: C = M e mod n Decryption: M = C d mod n = (M e ) d mod n = M ed mod n = M 1 mod n = M 41 RSA Algorithm Sender and receiver know the values of n and e but only the receiver knows the value of d Receiver s Public key: KU = {e,n} Receiver s Private key: KR = {d,n} 42 21

22 RSA Requirements It is possible to find values of e, d, n such that M ed = M mod n for all M < n It is relatively easy to calculate C = M e mod n, for all values of M < n It is infeasible to determine d, given e and n 43 RSA Algorithm: Key Generation 1. Select p,q p and q both prime 2. Calculate n = p x q 3. Calculate φ(n) = (p-1)(q-1) 4. Select integer e, such that gcd(φ(n), e) = 1; greatest common divisor, 1 < e < φ(n) 5. Calculate d d = e -1 mod φ(n) 6. Public Key KU = {e,n} 7. Private key KR = {d,n} 44 22

23 RSA Algorithm Encryption Plaintext: M<n Ciphertext: C = M e (mod n) Decryption Ciphertext: C Plaintext: M = C d (mod n) 45 RSA Example Select two prime numbers, p=7 and q=17 Calculate n = pq = 7 x 17 = 119 this is the modulus Calculate φ(n) = (p-1)(q-1) = 96 Euler totient Select e, such that e is relatively prime to φ(n) = 96 and less than φ(n); in this case, e= 5 Determine d such that de = 1 mod 96 and d<96 multiplicative inverse of e The correct value is d=77, because 77 x 5 = 385 = 4 x

24 RSA Example M C M e d 47 RSA Strength Brute force attack: try all possible keys the larger e and d, the more secure the larger the key, the slower the system mathematical attacks: factor n into two prime number For large n with large prime factors, factoring is a hard problem Cracked a 428 bit key in 1994 Currently 1024 key size is considered strong enough timing attacks on decryption implementation E.g., round on decrypting 1 is longer than that of 0 Defense uses constant time, random delays, blinding chosen ciphertext attacks (on RSA props) 48 24

25 Diffie-Hellman Key Exchange first public-key type scheme proposed in 1976 along with the exposition of public key concepts note: now know that Williamson (UK CESG) secretly proposed the concept in 1970 practical method to set up a secret key Allows two separate keys» Compute discrete logarithms Exchange keys securely: Key exchange algorithm using public and private values security relies on difficulty of computing discrete logarithms Mathematical functions rather than simple operations on bit patterns 49 Diffie-Hellman used in a number of commercial products Some misconceptions about public key cryptography, corrected NOT more secure than symmetric key Does NOT Makes symmetric key obsolete Central agent is needed for both in key distribution» KDC for symmetric encryption» Certificate Agency (CA) for public key certificate 50 25

26 discrete logarithm a is a primitive root of p if a mod p, a 2 mod p, a 3 mod p,, a p-1 mod p, are distinct, and consist of the integers from 1 through (p-1) in some order For integer b < p, we find b = a i mod p, where 0 i p-1 Then, i is referred to as the discrete logarithm of b, for base a and modulus p Denoted as dlog a,p (b) It is hard to calculate i, for given b = (a i mod p) 51 Diffie-Hellman Key Exchange Enables two users to exchange info to build a shared secret 52 26

27 Key Exchange Protocols Insecure against man-in-the-middle attack can not authenticate the source 53 Diffie-Hellman Key Exchange key setup Pick secret, random X Pick secret, random Y Alice a x mod p a y mod p Bob Compute shared secret k=(a y ) x =a xy mod p Compute shared secret k=(a x ) y =a xy mod p 54 27

28 have Diffie-Hellman Example prime number q = 353 primitive root α = 3 A and B each compute their public values A computes Y A = 3 97 mod 353 = 40 B computes Y B = mod 353 = 248 exchange public values and compute secret key: for A: K = (Y B ) XA mod 353 = mod 353 = 160 for B: K = (Y A ) XB mod 353 = mod 353 = 160 attacker must solve: 3 a mod 353 = 40, which is hard desired answer is 97, then compute key as B does 55 attack is: Man-in-the-Middle Attack 1. Darth generates private keys X D1 & X D2, and their public keys Y D1 & Y D2 2. Alice transmits Y A to Bob 3. Darth intercepts Y A and transmits Y D1 to Bob. Darth also calculates K2 4. Bob receives Y D1 and calculates K1 5. Bob transmits X A to Alice 6. Darth intercepts X A and transmits Y D2 to Alice. Darth calculates K1 7. Alice receives Y D2 and calculates K2 all subsequent communications compromised 56 28

29 Other Public-Key Algorithms Digital Signature Standard (DSS) FIPS PUB 186 from 1991, revised 1993 & 96 makes use of SHA-1 presents a new digital signature algorithm (DSA) Only used for digital signatures, not encryption or key exchange Elliptic Curve Cryptography (ECC) it is beginning to challenge RSA Equal security for a far smaller bit size than RSA still very new, but promising: Confidence level is not as high yet seen in standards such as IEEE P1363 based on a mathematical construct known as the elliptic curve 57 Summary discussed technical detail concerning: secure hash functions and HMAC RSA & Diffie-Hellman Public-Key Algorithms 58 29

30 Final: Wen (5/13) HOLM 248 Return hws sample exam Sample questions for Ch.19 and Ch.20 Mostly similar to homework questions and problems no electronic devices: cell phone/pda/laptop/calculator Open book/notes Extra credit project due on the same day of final Requirements: A written report include three basic components: Description of the installation of the system and present sufficient proof that the system running correctly propose to use the tool to perform specific tasks and methods to collect data traces for these tasks Analysis the collected data, and draw conclusions from your data Class evaluation 59 30

Computer Security: Principles and Practice

Computer Security: Principles and Practice Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

More information

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

More information

Authentication requirement Authentication function MAC Hash function Security of

Authentication requirement Authentication function MAC Hash function Security of UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

More information

Message Authentication

Message Authentication Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the

More information

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

More information

Public Key (asymmetric) Cryptography

Public Key (asymmetric) Cryptography Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,

More information

Notes on Network Security Prof. Hemant K. Soni

Notes on Network Security Prof. Hemant K. Soni Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

CRYPTOGRAPHY IN NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

More information

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies 1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Today ENCRYPTION. Cryptography example. Basic principles of cryptography

Today ENCRYPTION. Cryptography example. Basic principles of cryptography Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer on-line. This lecture discusses one of the main technological solutions. The use

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Fifth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared

More information

SECURITY IN NETWORKS

SECURITY IN NETWORKS SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

More information

Overview of Public-Key Cryptography

Overview of Public-Key Cryptography CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows

More information

Applied Cryptology. Ed Crowley

Applied Cryptology. Ed Crowley Applied Cryptology Ed Crowley 1 Basics Topics Basic Services and Operations Symmetric Cryptography Encryption and Symmetric Algorithms Asymmetric Cryptography Authentication, Nonrepudiation, and Asymmetric

More information

An Introduction to Cryptography as Applied to the Smart Grid

An Introduction to Cryptography as Applied to the Smart Grid An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric

More information

Message Authentication Codes

Message Authentication Codes 2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

More information

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead

More information

Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay

Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Modern/Public-key cryptography started in 1976 with the publication of the following paper. W. Diffie

More information

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,

More information

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

More information

2. Cryptography 2.4 Digital Signatures

2. Cryptography 2.4 Digital Signatures DI-FCT-UNL Computer and Network Systems Security Segurança de Sistemas e Redes de Computadores 2010-2011 2. Cryptography 2.4 Digital Signatures 2010, Henrique J. Domingos, DI/FCT/UNL 2.4 Digital Signatures

More information

7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

More information

Symmetric Key cryptosystem

Symmetric Key cryptosystem SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single

More information

Cryptography and Network Security Chapter 12

Cryptography and Network Security Chapter 12 Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 12 Message Authentication Codes At cats' green on the Sunday he

More information

CS419: Computer Security

CS419: Computer Security CS419: Computer Security MAC, HMAC, Hash functions, DSA, SSL Vinod Ganapathy Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of

More information

Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

More information

Cryptography and Network Security Chapter 11. Fourth Edition by William Stallings

Cryptography and Network Security Chapter 11. Fourth Edition by William Stallings Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Chapter 11 Message Authentication and Hash Functions At cats' green on the Sunday he took the message from the inside of

More information

Hash Functions. Integrity checks

Hash Functions. Integrity checks Hash Functions EJ Jung slide 1 Integrity checks Integrity vs. Confidentiality! Integrity: attacker cannot tamper with message! Encryption may not guarantee integrity! Intuition: attacker may able to modify

More information

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

More information

Network Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography

Network Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Encryption/Decryption using Public Key Cryptography Network Security Chapter 2 Basics 2.2 Public Key Cryptography

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Hash Functions and Digital Signatures Pavel Laskov Wilhelm Schickard Institute for Computer Science Integrity objective in a wide sense Reliability Transmission errors

More information

Message authentication and. digital signatures

Message authentication and. digital signatures Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation

More information

The Mathematics of the RSA Public-Key Cryptosystem

The Mathematics of the RSA Public-Key Cryptosystem The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through

More information

Message Authentication Codes. Lecture Outline

Message Authentication Codes. Lecture Outline Message Authentication Codes Murat Kantarcioglu Based on Prof. Ninghui Li s Slides Message Authentication Code Lecture Outline 1 Limitation of Using Hash Functions for Authentication Require an authentic

More information

Cryptography and Network Security Chapter 10

Cryptography and Network Security Chapter 10 Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 10 Other Public Key Cryptosystems Amongst the tribes of Central

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Cryptographic Hash Functions Message Authentication Digital Signatures

Cryptographic Hash Functions Message Authentication Digital Signatures Cryptographic Hash Functions Message Authentication Digital Signatures Abstract We will discuss Cryptographic hash functions Message authentication codes HMAC and CBC-MAC Digital signatures 2 Encryption/Decryption

More information

Lecture 6 - Cryptography

Lecture 6 - Cryptography Lecture 6 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 Question 2 Setup: Assume you and I don t know anything about

More information

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of

More information

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

More information

Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9 Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,

More information

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0 APNIC elearning: Cryptography Basics Contact: training@apnic.net esec02_v1.0 Overview Cryptography Cryptographic Algorithms Encryption Symmetric-Key Algorithm Block and Stream Cipher Asymmetric Key Algorithm

More information

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1 EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

More information

Cryptography and Network Security Digital Signature

Cryptography and Network Security Digital Signature Cryptography and Network Security Digital Signature Xiang-Yang Li Message Authentication Digital Signature Authentication Authentication requirements Authentication functions Mechanisms MAC: message authentication

More information

Network Security Technology Network Management

Network Security Technology Network Management COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission

More information

Digital Signatures. Good properties of hand-written signatures:

Digital Signatures. Good properties of hand-written signatures: Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it is a part of the document) 4. Signed document is

More information

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a

More information

Chapter 7: Network security

Chapter 7: Network security Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

More information

Authentication, digital signatures, PRNG

Authentication, digital signatures, PRNG Multimedia Security Authentication, digital signatures, PRNG Mauro Barni University of Siena Beyond confidentiality Up to now, we have been concerned with protecting message content (i.e. confidentiality)

More information

Digital Signature. Raj Jain. Washington University in St. Louis

Digital Signature. Raj Jain. Washington University in St. Louis Digital Signature Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

Lecture 9: Application of Cryptography

Lecture 9: Application of Cryptography Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

More information

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 CSCI-E46: Applied Network Security Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING 2016 1 Welcome to CSCI-E46 Classroom & Schedule 53 Church Street L01 Wednesdays,

More information

Digital Signatures. Meka N.L.Sneha. Indiana State University. nmeka@sycamores.indstate.edu. October 2015

Digital Signatures. Meka N.L.Sneha. Indiana State University. nmeka@sycamores.indstate.edu. October 2015 Digital Signatures Meka N.L.Sneha Indiana State University nmeka@sycamores.indstate.edu October 2015 1 Introduction Digital Signatures are the most trusted way to get documents signed online. A digital

More information

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication

More information

Crypto Basics. Ed Crowley. Spring 2010

Crypto Basics. Ed Crowley. Spring 2010 Crypto Basics Ed Crowley Spring 2010 Kerckhoff s Principle Symmetric Crypto Overview Key management problem Attributes Modes Symmetric Key Algorithms DES Attributes Modes 3DES AES Other Symmetric Ciphers

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

EXAM questions for the course TTM4135 - Information Security June 2010. Part 1

EXAM questions for the course TTM4135 - Information Security June 2010. Part 1 EXAM questions for the course TTM4135 - Information Security June 2010 Part 1 This part consists of 6 questions all from one common topic. The number of maximal points for every correctly answered question

More information

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography Kommunikationssysteme (KSy) - Block 8 Secure Network Communication Part II II Public Key Cryptography Dr. Andreas Steffen 2000-2001 A. Steffen, 28.03.2001, KSy_RSA.ppt 1 Secure Key Distribution Problem

More information

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

More information

Cryptography basics for embedded developers. Embedded Linux Conference, San Diego, 2016

Cryptography basics for embedded developers. Embedded Linux Conference, San Diego, 2016 Cryptography basics for embedded developers Embedded Linux Conference, San Diego, 2016 "If you think cryptography is the solution to your problem, then you don't understand your problem" - Roger Needham

More information

Table of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch

Table of Contents. Bibliografische Informationen http://d-nb.info/996514864. digitalisiert durch 1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...

More information

Cryptography and Network Security Chapter 11

Cryptography and Network Security Chapter 11 Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 11 Cryptographic Hash Functions Each of the messages, like each

More information

The Elements of Cryptography

The Elements of Cryptography The Elements of Cryptography (March 30, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish

More information

Cryptography Lecture 8. Digital signatures, hash functions

Cryptography Lecture 8. Digital signatures, hash functions Cryptography Lecture 8 Digital signatures, hash functions A Message Authentication Code is what you get from symmetric cryptography A MAC is used to prevent Eve from creating a new message and inserting

More information

UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX

UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 6 Introduction to Public-Key Cryptography Israel Koren ECE597/697 Koren Part.6.1

More information

PUBLIC KEY ENCRYPTION

PUBLIC KEY ENCRYPTION PUBLIC KEY ENCRYPTION http://www.tutorialspoint.com/cryptography/public_key_encryption.htm Copyright tutorialspoint.com Public Key Cryptography Unlike symmetric key cryptography, we do not find historical

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond

More information

CRYPTOGRAPHIC ALGORITHMS (AES, RSA)

CRYPTOGRAPHIC ALGORITHMS (AES, RSA) CALIFORNIA STATE POLYTECHNIC UNIVERSITY, POMONA CRYPTOGRAPHIC ALGORITHMS (AES, RSA) A PAPER SUBMITTED TO PROFESSOR GILBERT S. YOUNG IN PARTIAL FULFILLMENT OF THE REQUIREMENT FOR THE COURSE CS530 : ADVANCED

More information

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers Cryptography Basics IT443 Network Security Administration Instructor: Bo Sheng Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions 1 2 Encryption/Decryption

More information

Message Authentication Codes (MACs)

Message Authentication Codes (MACs) UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 12 Message Authentication Codes (MACs) Israel Koren ECE597/697 Koren Part.12.1 Content

More information

Introduction to Cryptography, Part II

Introduction to Cryptography, Part II Introduction to Cryptography, Part II Mariana Raykova 1 Alice and Bob Alice wants to communicate securely with Bob (Cryptographers frequently speak of Alice and Bob instead of A and B... What key should

More information

ΕΠΛ 674: Εργαστήριο 3

ΕΠΛ 674: Εργαστήριο 3 ΕΠΛ 674: Εργαστήριο 3 Ο αλγόριθμος ασύμμετρης κρυπτογράφησης RSA Παύλος Αντωνίου Department of Computer Science Private-Key Cryptography traditional private/secret/single key cryptography uses one key

More information

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg Outline CSc 466/566 Computer Security 8 : Cryptography Digital Signatures Version: 2012/02/27 16:07:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian

More information

encrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher basic unit is the bit

encrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher basic unit is the bit Overview of the DES Introduction to Computer Security Lecture 6 Cryptography October 2, 2003 A block cipher: encrypts blocks of 64 bits using a 64 bit key outputs 64 bits of ciphertext A product cipher

More information

Midterm Exam Solutions CS161 Computer Security, Spring 2008

Midterm Exam Solutions CS161 Computer Security, Spring 2008 Midterm Exam Solutions CS161 Computer Security, Spring 2008 1. To encrypt a series of plaintext blocks p 1, p 2,... p n using a block cipher E operating in electronic code book (ECB) mode, each ciphertext

More information

Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms

Principles of Public Key Cryptography. Applications of Public Key Cryptography. Security in Public Key Algorithms Principles of Public Key Cryptography Chapter : Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter : Security on Network and Transport

More information

IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

More information

Public-Key Cryptography. Oregon State University

Public-Key Cryptography. Oregon State University Public-Key Cryptography Çetin Kaya Koç Oregon State University 1 Sender M Receiver Adversary Objective: Secure communication over an insecure channel 2 Solution: Secret-key cryptography Exchange the key

More information

RSA Attacks. By Abdulaziz Alrasheed and Fatima

RSA Attacks. By Abdulaziz Alrasheed and Fatima RSA Attacks By Abdulaziz Alrasheed and Fatima 1 Introduction Invented by Ron Rivest, Adi Shamir, and Len Adleman [1], the RSA cryptosystem was first revealed in the August 1977 issue of Scientific American.

More information

What is network security?

What is network security? Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application

More information

Digital Signatures. (Note that authentication of sender is also achieved by MACs.) Scan your handwritten signature and append it to the document?

Digital Signatures. (Note that authentication of sender is also achieved by MACs.) Scan your handwritten signature and append it to the document? Cryptography Digital Signatures Professor: Marius Zimand Digital signatures are meant to realize authentication of the sender nonrepudiation (Note that authentication of sender is also achieved by MACs.)

More information

CS 161 Computer Security

CS 161 Computer Security Song Spring 2015 CS 161 Computer Security Discussion 11 April 7 & April 8, 2015 Question 1 RSA (10 min) (a) Describe how to find a pair of public key and private key for RSA encryption system. Find two

More information

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher

More information

Chapter 9 Public Key Cryptography and RSA

Chapter 9 Public Key Cryptography and RSA Chapter 9 Public Key Cryptography and RSA Cryptography and Network Security: Principles and Practices (3rd Ed.) 2004/1/15 1 9.1 Principles of Public Key Private-Key Cryptography traditional private/secret/single

More information

Network Security. HIT Shimrit Tzur-David

Network Security. HIT Shimrit Tzur-David Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

More information

Public Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography

Public Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography Public Key Cryptography c Eli Biham - March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known a-priori to all the users, before they can encrypt

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 7: Public-key cryptography and RSA Ion Petre Department of IT, Åbo Akademi University 1 Some unanswered questions

More information

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

More information

Principles of Network Security

Principles of Network Security he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing

More information

HASH CODE BASED SECURITY IN CLOUD COMPUTING

HASH CODE BASED SECURITY IN CLOUD COMPUTING ABSTRACT HASH CODE BASED SECURITY IN CLOUD COMPUTING Kaleem Ur Rehman M.Tech student (CSE), College of Engineering, TMU Moradabad (India) The Hash functions describe as a phenomenon of information security

More information

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

Secure File Transfer Using USB

Secure File Transfer Using USB International Journal of Scientific and Research Publications, Volume 2, Issue 4, April 2012 1 Secure File Transfer Using USB Prof. R. M. Goudar, Tushar Jagdale, Ketan Kakade, Amol Kargal, Darshan Marode

More information