Types of Cryptosystems. Implementation of Security Services. Types of Cryptosystems (1)

Similar documents
CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

CS 758: Cryptography / Network Security

Public Key (asymmetric) Cryptography

Cryptography and Network Security Chapter 9

Message Authentication Codes

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

SECURITY IN NETWORKS

7! Cryptographic Techniques! A Brief Introduction

IT Networks & Security CERT Luncheon Series: Cryptography

CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July The OWASP Foundation

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Computer Security: Principles and Practice

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Techniques of Asymmetric File Encryption. Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Cryptography & Network Security

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Network Security. HIT Shimrit Tzur-David

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

Table of Contents. Bibliografische Informationen digitalisiert durch

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Public Key Cryptography: RSA and Lots of Number Theory

Lecture 9 - Network Security TDTS (ht1)

CSCE 465 Computer & Network Security

Cryptography and Network Security Chapter 12

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Lukasz Pater CMMS Administrator and Developer

Authentication requirement Authentication function MAC Hash function Security of

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Client Server Registration Protocol

Symmetric Key cryptosystem

Chapter 7: Network security

Cryptography and Network Security

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Symmetric Mechanisms for Authentication in IDRP

Cryptography & Network Security. Introduction. Chester Rebeiro IIT Madras

lundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal

Advanced Cryptography

Savitribai Phule Pune University

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

CRYPTOGRAPHY IN NETWORK SECURITY

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

VoteID 2011 Internet Voting System with Cast as Intended Verification

Cryptographic mechanisms

Introduction to Cryptography CS 355

How To Understand And Understand The History Of Cryptography

Public Key Cryptography and RSA. Review: Number Theory Basics

Cryptographic Hash Functions Message Authentication Digital Signatures

Authentication, digital signatures, PRNG

Lecture 9: Application of Cryptography

Network Security. Omer Rana

Message Authentication

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

Public Key Cryptography. c Eli Biham - March 30, Public Key Cryptography

Recommendation for Cryptographic Key Generation

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Introduction to Computer Security

Public Key Cryptography Overview

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Application Layer (1)

EDA385 Embedded Systems Design. Advanced Course

Fundamentals of Computer Security

Notes on Network Security Prof. Hemant K. Soni

Practice Questions. CS161 Computer Security, Fall 2008

Chapter 10. Network Security

CSE/EE 461 Lecture 23

Advanced Authentication

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Elements of Applied Cryptography Public key encryption

A New Efficient Digital Signature Scheme Algorithm based on Block cipher

1 Data Encryption Algorithm

Cryptography and Network Security

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

PGP - Pretty Good Privacy

Overview of Public-Key Cryptography

Chapter 17. Transport-Level Security

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Network Security Technology Network Management

FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION

The application of prime numbers to RSA encryption

Digital Signature For Text File

Modes of Operation of Block Ciphers

Chapter 23. Database Security. Security Issues. Database Security

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

Lecture 6 - Cryptography

CPSC 467b: Cryptography and Computer Security

Transcription:

ECE 646 - Lecture 3 Types of Cryptosystems Implementation of Security Services Types of Cryptosystems (1) Block vs. stream s 1

Cryptosystem (Cipher) n bits k bits cryptographic m bits text Block vs. stream s M 1, M 2,, M n m 1, m 2,, m n K Block K Internal state - IS Stream C 1, C 2,, C n c 1, c 2,, c n C i =f K (M i ) c i = f K (m i, IS i ) IS i+1 =g K (m i, IS i ) Every block of text is a of only one corresponding block of plaintext Every block of text is a of the current block of plaintext and the current internal state of the 2

Typical stream Sender initialization vector (seed) Receiver initialization vector (seed) Pseudorandom Key Generator Pseudorandom Key Generator k i stream k i stream m i plaintext c i text c i text m i plaintext Types of Cryptosystems (2) Secret- vs. public- s 3

Secret- (Symmetric) Cryptosystems of Alice and - K AB of Alice and - K AB Network Alice Encryption Decryption Key Distribution Problem N - Users N (N-1) 2 Keys Users Keys 100 5,000 1000 500,000 4

Digital Signature Problem Both corresponding sides have the same information and are able to generate a signature There is a possibility of the receiver falsifying the sender denying that he/she sent the Public Key (Asymmetric) Cryptosystems Public of - K B Private of - k B Network Alice Encryption Decryption 5

Classification of cryptosystems Terminology secret- symmetric public asymmetric symmetric- classical conventional One-way X f(x) Y EXAMPLE: f -1 (Y) f: Y=f(X) = A X mod P where P and A are constants, P is a large prime, A is an integer smaller than P Number of bits of P Average number of multiplications necessary to compute f f -1 1000 1500 10 30 6

Trap-door one-way Whitfield Diffie and Martin Hellman New directions in cryptography, 1976 PUBLIC KEY X f(x) Y f -1 (Y) PRIVATE KEY Alice Key Distribution s public s private s public text text s public Intruder text 7

Alice signature Digital Signature signature Alice s private Alice s public Alice s public Intruder signature Alice s public Judge signature Alice s public Implementation of Security Services 8

Non-repudiation Alice Signature Signature Hash Hash Hash value 1 Hash value yes no Public Hash value 2 Public Alice s private Alice s public Hash arbitrary length m h hash h(m) hash value fixed length 9

Hash s Basic requirements 1. Public description, NO 2. Compression arbitrary length input fixed length output 3. Ease of computation Hash s Security requirements It is computationally infeasible Given To Find h(m) m m and h(m) m m, such that h(m ) = h(m) m m, such that h(m ) = h(m) 10

Non-repudiation Alice Signature Signature Hash Hash Hash value 1 Hash value Public yes/no Hash value 2 Public Alice s private Alice s public Non-repudiation Alice Signature Signature Hash Hash Signature generation Hash value Public Alice s private yes/no Signature Hash value verification 1 Hash value 2 Public Alice s public 11

Alice Authentication MAC MAC K AB Secret of Alice and Secret algorithm K AB Secret of Alice and Secret algorithm MAC yes MAC no MAC - Autentication Codes (ed hash s) arbitrary length m secret K MAC MAC fixed length 12

MAC s Basic requirements 1. Public description, SECRET parameter 2. Compression arbitrary length input fixed length output 3. Ease of computation MAC s Security requirements Given zero or more pairs m i, MAC(m i ) i = 1..k it is computationally impossible to find any new pair m, MAC(m ) such that m m i i = 1..k 13

CBC-MAC (Cipher Block Chaining MAC) MAC M 1 M 2 M t 0.... Secret- Secret- Secret- K AB K AB K AB Relations among security services NON-REPUDIATION AUTHENTICATION CONFIDENTIALITY INTEGRITY 14

Non-repudiation Alice Signature Signature Hash Hash Hash value 1 Hash value yes no Public Hash value 2 Public Alice s private Alice s public Alice Authentication MAC MAC K AB Secret of Alice and Secret algorithm K AB Secret of Alice and Secret algorithm MAC yes MAC no 15

Hybrid Systems Features required from today s s STRENGTH PERFORMANCE FUNCTIONALITY easy distribution digital signatures 16

Features of secret- s STRENGTH PERFORMANCE FUNCTIONALITY easy distribution digital signatures Features of public- s STRENGTH PERFORMANCE FUNCTIONALITY easy distribution digital signatures 17

Average Decryption Speed for implementations based on the same technology software hardware AES deing speed RSA-1024 deing speed 100 1000 Basic operations of secret s - S-box S-box n x m n S m Substitution C ASM Software WORD S[1<<n]= { 0x23, 0x34, 0x56.............. } S DW 23H, 34H, 56H.. x 1 x 2 x n ROM direct logic... Hardware n-bit address 2 n words m-bit output... y 1 y 2 y m 18

Basic operations of secret s - P-box Software Hardware P-box n x n P n C sequence of instructions <<,, & x 1 x 2 x 3...... x n-1 x n n Permutation ASM sequence of instructions ROL, OR, AND y 1 y 2 y 3 y n-1 y n order of wires Encryption Basic Operations of the Public Key Cryptosystem RSA public exponent text = plaintext mod public modulus Decryption k-bits k-bits k-bits private exponent plaintext = text mod private modulus k-bits k-bits k-bits 19

Hybrid Systems Network Alice session (random secret-) s public s private Session encrypted using s public encrypted using session Hybrid Systems - Sender s Side (2) Alice 1 session random Secret Public 3 s public 2 Session encrypted using s public encrypted using session 20

Hybrid Systems - Receiver s Side (2) session random 1 Public s private 2 Secret Session encrypted using s public encrypted using session Evaluating the security of secret- s 21

Classification of attacks (1) Ciphertext-only attack Given: text Looked for: plaintext or Example: Frequency analysis of letters in the text (effective only for most simple historical s) Classification of attacks (2) Known plaintext attack Given: text guessed fragment of the plaintext Looked for: remaining plaintext or Example: exhaustive search (brute-force ) attack successive s 22

Classification of attacks (3) Given: Capability to en an arbitrarily chosen fragment of the plaintext Chosen plaintext attack Encryption module Looked for: Example: Differential cryptanalysis M i M i * Encryption module i=1..n C i C i * Classification of attacks (4) Given: Capability to de an arbitrarily chosen fragment of the text Chosen text attack Encryption module Looked for: 23

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information