Cryptography & Network Security



Similar documents
Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

IT Networks & Security CERT Luncheon Series: Cryptography

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July The OWASP Foundation

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

CPSC 467b: Cryptography and Computer Security

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Lecture 9 - Network Security TDTS (ht1)

How To Understand And Understand The History Of Cryptography

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Cryptography and Network Security

VALLIAMMAI ENGINEERING COLLEGE

Table of Contents. Bibliografische Informationen digitalisiert durch

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

CRYPTOGRAPHY IN NETWORK SECURITY

CSE/EE 461 Lecture 23

CS 758: Cryptography / Network Security

Cryptographic Hash Functions Message Authentication Digital Signatures

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Network Security. HIT Shimrit Tzur-David

Cryptography & Network Security. Introduction. Chester Rebeiro IIT Madras

EXAM questions for the course TTM Information Security May Part 1

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

Fundamentals of Computer Security

7! Cryptographic Techniques! A Brief Introduction

Introduction to Cryptography CS 355

Chapter 10. Network Security

Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST

Content Teaching Academy at James Madison University

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK

CSCE 465 Computer & Network Security

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Cryptography & Digital Signatures

Network Security Technology Network Management

Chapter 8. Network Security

Message Authentication Codes

CIS433/533 - Computer and Network Security Cryptography

Archived NIST Technical Series Publication

Digital Signatures. Murat Kantarcioglu. Based on Prof. Li s Slides. Digital Signatures: The Problem

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Lecture 1: Introduction. CS 6903: Modern Cryptography Spring Nitesh Saxena Polytechnic University

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

About the Tutorial. Audience. Prerequisites. Disclaimer & Copyright. Cryptography

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

Lecture 9: Application of Cryptography

Symmetric Key cryptosystem

VoIP Security. Seminar: Cryptography and Security Michael Muncan

Security and Authentication Primer

Savitribai Phule Pune University

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Network Security: Cryptography CS/SS G513 S.K. Sahay

Chapter 23. Database Security. Security Issues. Database Security

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Security for Computer Networks

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Chap 2. Basic Encryption and Decryption

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

The Misuse of RC4 in Microsoft Word and Excel

Today. Network Security. Crypto as Munitions. Crypto as Munitions. History of Cryptography

An Introduction to Cryptography and Digital Signatures

Compter Networks Chapter 9: Network Security

CSE331: Introduction to Networks and Security. Lecture 20 Fall 2006

Public Key Cryptography Overview

Cryptography Exercises

Overview. SSL Cryptography Overview CHAPTER 1

Chapter 7 Transport-Level Security

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science

SECURITY IN NETWORKS

An Introduction to Cryptography as Applied to the Smart Grid

Chapter 7: Network security

A New Efficient Digital Signature Scheme Algorithm based on Block cipher

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Cryptography and Key Management Basics

Introduction to Computer Security

Chapter 6 Electronic Mail Security

Message authentication and. digital signatures

Chapter 17. Transport-Level Security

Signature Schemes. CSG 252 Fall Riccardo Pucella

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

Network Security. Omer Rana

Introduction to Encryption

XML Encryption Syntax and Processing. Duan,Limiao 07,12,2006

MAC. SKE in Practice. Lecture 5

Cryptography and Network Security

Introduction to Cryptography

Lukasz Pater CMMS Administrator and Developer

CPS Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang

CrypTool Claudia Eckert / Thorsten Clausius Bernd Esslinger / Jörg Schneider / Henrik Koy

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

1 Signatures vs. MACs

EXAM questions for the course TTM Information Security June Part 1

Recommendation for Cryptographic Key Generation

Overview of Symmetric Encryption

Transcription:

Cryptography & Network Security Lecture 1: Introduction & Overview 2002. 3. 27 chlim@sejong.ac.kr Common Terms(1) Cryptography: The study of mathematical techniques related to aspects of information security Cryptanalysis: The study of mathematical techniques for attempting to defeat cryptographic techniques Cryptology: The study of cryptography and cryptanalysis Cryptosystem: A general term referring to a set of cryptographic primitives used to provide information security Symmetric key primitives; Public key primitives Steganography: The method of concealing the existence of message Cryptography is not the only means of providing information security, but rather one set of such techniques 1

Common Terms(2) Cipher: Block cipher, Stream cipher, Public key cipher Plaintext/Cleartext ( ), Ciphertext ( ) Encryption/Encipherment, Decryption/Decipherment Key (or Cryptographic key) Secret key Private key / Public key Authentication essage authentication User authentication Digital signature Security Threats Interruption/Denial of service Interception: eavesdropping, wiretapping, theft odification Fabrication/Forgery Unauthorized access Denial of facts 2

Security Services Security services A service that enhances information security using one or more security mechanisms Confidentiality/Secrecy Interception Authentication Forgery Integrity odification Nonrepudiation Denial of facts Access control Unauthorized access Availability Interruption Security echanisms Security mechanism A mechanism designed to detect, prevent, or recover from a security attack Encryption Authentication Digital signature Key exchange Access control onitoring & Responding 3

odels for Evaluating Security Conditional vs Unconditional Unconditional security Computational security Provable vs Ad hoc Provable security Ad hoc security Summary: Security Needs for Network Communications Confidentiality Authentication Availability Interception Is Private? Forgery Who am I dealing with? Denial of Service Wish to access!! Integrity Non-Repudiation Access Control odification Has been altered? Not SENT! Claim Who sent/received it? Unauthorised access Have you privilege? 4

Solutions for Security Needs Physical Solutions CONFIDENTIAL Temper-evident sealed envelope ID-card, Passport, Drivers license Signature Cryptographic Solutions Encryption with AC : Confidentiality, Authentication, Integrity Protection Digital Certificate : Identification Digital Signature : Authentication, Integrity Protection, Non-Repudiation Security mechanisms are combined to provide a security service Virtual Private Network(VPN), Firewall, IDS, etc. Classical Encryption Techniques Basic building blocks of all encryption techniques Substitution: replacement Transposition: relocation Substitution ciphers Caesar cipher onoalphabetic ciphers Playfair cipher Hill cipher Polyalphabetic ciphers: Vigenere cipher Vernam cipher/one-time pad: perfect cipher Transpotition techniques Rotor machines: Enigma, Purple 5

Diffusion Confusion and Diffusion Ideally, ciphertext should look as if it is a random string of letters. Distributes or disperses the statistical structure of plaintext over the ciphertext. Hides the statistical relationships between the ciphertext and the underlying plaintext. Changes in the plaintext should affect many parts of the ciphertext. Substitution + Transposition Confusion The principle of confusion prevents the cryptanalyst from using ciphertext to figure out the secret encryption key. Hides the statistical relationship between ciphertext and secret key. The interceptor should not be able to predict what changing one character in the plaintext will do to the ciphertext. Substitution (Well-designed & Complex) Cryptographic Primitives Unkeyed Primitives Hash functions One-way Permutations Random Sequence Symmetric Key Primitives Symmetric Key Ciphers : Block ciphers, Stream ciphers essage authentication schemes: Keyed hash functions(ac) Pseudorandom Sequences Public Key Primitives Public Key Ciphers Digital Signatures Identification Primitives 6

Symmetric Encryption odel Cryptanalyst Adversary K E Insecure Channel D Plaintext Ciphertext C Secure Channel Plaintext Key K Shared Secret Key C = E K () D K (C) = Asymmetric Encryption odel Bob Cryptanalyst Adversary KA_d Alice E Insecure Channel D Plaintext Ciphertext C Plaintext Authentic Channel Alice s Public Key Obtain Alice s KA_e public Key Alice s Private Key KA_d C = E KA_e () D KA_d (C) = 7

Symmetric Authentication odel Cryptanalyst Adversary K mac Received essage AC + mac Insecure Channel Secure Channel AC =? Regenerated Success Or Failure Key K Shared Secret Key mac = AC K () AC K ( ) = mac? Regenerated mac = Received mac? Asymmetric Authentication odel Alice Cryptanalyst Adversary KA_d Bob essage SIGN + sig Alice s Private Key KA_d Insecure Channel Obtain Alice s public Key + sig Authentic Channel VERIFY Alice s Public Key KA_e Success Or Failure sig = SIGN KA_d () VERIFY KA_e (, sig ) = Success? 8

Secret Key vs Public Key Systems Symmetric Key Cryptosystem Both parties must share the same secret key Encrypt/Decrypt & AC generate/verify Very fast : Bulk data encryption, User/message authentication Block/Stream Cipher : AES, DES, IDEA, SEED, Crypton ; RC4, SEAL AC schemes: Keyed hash (HAC), CBC-AC Problem of Key Sharing ; Cannot provide Non-repudiation Public Key Cryptosystem A pair of (Public Key, Private Key) for each user Encrypt/Verify with peer s Public Key; Decrypt/Sign with its own Private Key Encryption scheme: RSA, ElGamal Key exchange: DH(Diffie-Hellman), ECDH Signature schemes: RSA, DSA, KCDSA, ECDSA, EC-KCDSA Slow : Key exchange, Authentication, Non-repudiation Problem : How to get the right peer s Public Key Hash Functions Hash Function Generate a fixed length Fingerprint for an arbitrary essage No Key involved One Way Function D5, SHA1, SHA2, HAS160 Applications Keyed hash: used to generate/verify AC(essage Authentication Code) or Integrity Check Value(ICV) HAC Unkeyed hash: used to produce Digital Signature essage H essage Digest D D = H() 9

essage Authentication Code(AC) Purposes Secure tag for authentication essage origin authentication User authentication essage integrity Schemes Keyed hash: HAC Block cipher: CBC-AC, XCBC-AC Dedicated AC: UAC AC AC SEND Shared Secret Key AC Digital Signature Digital Signature Combine Hash with Digital Signature and use PKC Provide Authentication and Non-Repudiation RSA; DSA, KCDSA, ECDSA, EC-KCDSA Hash Algorithm Sender s Public Key Signature Sender s Private Key Hash Signing Signature Signature SEND Hash Algorithm Hash1 Verifying Hash2 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information