0 valutazioniIl 0% ha trovato utile questo documento (0 voti)

5 visualizzazioni21 pagineCIS3360 PDF for studying at UCF

Sep 23, 2017

© © All Rights Reserved

PDF, TXT o leggi online da Scribd

CIS3360 PDF for studying at UCF

© All Rights Reserved

0 valutazioniIl 0% ha trovato utile questo documento (0 voti)

5 visualizzazioni21 pagineCIS3360 PDF for studying at UCF

© All Rights Reserved

Sei sulla pagina 1di 21

Cryptographic Tools

Demetrios Glinos University of Central Florida

CIS3360 - Security in Computing

Readings

• "Computer Security: Principles and Practice", (3 ^{r}^{d} Edition), by William Stallings and Lawrie Brown

• Chapter 2

D. Glinos

CIS3360 Security in Computing

2

Outline

• Confidentiality with Symmetric Encryption

• Message Authentication and Hash Functions

• Public -Key Encryption

• Digital Signatures and Key Management

• Random and Pseudorandom Numbers

D. Glinos

CIS3360 Security in Computing

3

Encryption

• Encryption: a means to allow two parties, customarily called Alice and Bob, to establish confidential communication over an insecure channel that is subject to eavesdropping.

Alice

Bob

Eve

D. Glinos

CIS3360 Security in Computing

4

Symmetric Encryption

• Symmetric encryption

• Also called: single -key encryption

• Historically, the only type of encryption until public-key methods introduced in late 1970s

• Still, universally used for providing confidentiality for transmitted or stored data

• Basic idea: the same key is used by sender and receiver

• Components

• plaintext

• encryption algorithm

• secret key

• ciphertext

• decryption algorithm

D. Glinos

CIS3360 Security in Computing

5

Symmetric Encryption Model

source: Fig. 2.1, p. 42

Requirements for secure use of symmetric encryption

1. Strong encryption algorithm, where "strong" means that even if an opponent knows the algorithm and has the ciphertext, he/she cannot decipher the ciphertext or figure out the key.

2. Sender and receiver have obtained copies of the same secret key in a secure manner

D. Glinos

CIS3360 Security in Computing

6

Attacking Symmetric Encryption

• Cryptanalysis

• Attacker knows the algorithm

• Attacker has some knowledge of the general characteristics of the plaintext, or even some plaintest-ciphertext pairs

• Exploits the characteristics of the algorithm to attempt to recover the plaintext or deduce the key that was used

• If key deduced, effect is catastrophic: all past and future messages encrypted with that key are compromised

• Brute -force attack

• Attacker tries all possible keys on some ciphertext until an intelligible translation into plaintext is obtained

• On average, half of all possible keys must be tried to achieve success

D. Glinos

CIS3360 Security in Computing

7

Symmetric Block Ciphers

• Block cipher

• processes plaintext input in fixed -size blocks

• a long plaintext message is processed as a series of plaintext blocks

• for each plaintext block, produces a ciphertext block of the same size

• most important algorithms: DES, Triple DES, and AES

D. Glinos

CIS3360 Security in Computing

_{s}_{o}_{u}_{r}_{c}_{e}_{:} _{T}_{a}_{b}_{l}_{e} _{2}_{.}_{2}_{,} _{p}_{.} _{4}_{4}

8

Modes of Operation

• Typically, symmetric encryption is applied to messages/files of many blocks

• Simplest approach

• use the same key to encrypt each block

• this is called the "electronic codebook (ECB) " mode of operation

• weakness: cryptanalysis may be able to exploit regularities in the plaintext

• More complex modes of operation mix results of earlier encryptions into later encryptions or modify the key used in various ways to overcome this weakness

• we will cover modes of operation in a later lecture

D. Glinos

CIS3360 Security in Computing

9

Symmetric Stream Ciphers

• Stream cipher

• processes the input elements continuously

• produces output one element at a time

• element is typically a byte, but can be just a bit or larger than a byte

• uses a key stream generated pseudorandomly from an input key

• advantage: generally runs faster than a block cipher

• good for streaming data over a communications channel or browser/Web link

• block ciphers (far more common) are better for file transfer, email, databases

D. Glinos

CIS3360 Security in Computing

_{s}_{o}_{u}_{r}_{c}_{e}_{:} _{F}_{i}_{g}_{.} _{2}_{.}_{2}_{(}_{b}_{)}_{,} _{p}_{.} _{4}_{6}

10

Message Authentication

• Encryption assures confidentiality

• Message/data authentication assures data integrity

• contents have not been altered

• from authentic source

• timely and in correct sequence

• Message/data authentication can be performed either with or without encryption

• Message authentication code (MAC)

• one authentication technique

• uses a shared secret key and a MAC algorithm

• MAC is appended to message before transmission

• MAC is computed separately by recipient and compared with received MAC

• FIPS PUB 113 recommends use DES to compute MAC

• MAC is last 16 or 32 bits of DES-encrypted message

D. Glinos

CIS3360 Security in Computing

11

Message Authentication using a MAC

source: Fig. 2.3, p. 49

If received and computed MACs match, the recipient is assured

1. the message has not been altered

2. the message came from the alleged sender (since used the shared key K)

3. if the message includes a sequence number, then sequence assured since attacker couldn't modify it without affecting the MAC calculation

D. Glinos

CIS3360 Security in Computing

12

Secure Hash Function

• Another method for message authentication

• also called "one-way hash function"

• Uses an algorithm that sender and receiver both know (and maybe attacker, too)

• Result is a fixed -length "hash value" or "hash code"

• Hash code can be encrypted by symmetric or public -key encryption

• Also possible to append a shared secret key to message and hash the combination

• no encryption is needed in this case (since only sender and recipient know the secret key)

source: Fig. 2.4, p. 51

D. Glinos

CIS3360 Security in Computing

13

Requirements for Hash Functions

• For any hash function

• can be applied to an entire message or file of any size

• produces a fixed -length output

• computationally easy to compute

• For a secure hash function, all above, plus

• must be one -way

• infeasible to find x from H( x ), i.e., to find message given hash value

• must be collision resistent

• for a given message, infeasible to find another message that generates the same hash value

• also, infeasible to find 2 messages that generate the same hash value

• Uses for secure hash functions

• MACs, digital signatures, and integrity checking

D. Glinos

CIS3360 Security in Computing

14

Public-Key Encryption

• Proposed publicly by Diffie and Hellman in 1976

• Basic idea

• use a different key for decryption than for encryption

• the keys are related mathematically to make this possible

• Each person has two keys: a private key that only he/she knows, and a public key that is broadcast widely; other components are the same as for symmetric systems

• To send a message, the sender encrypts the message using the recipient's public key

• On receipt, the recipient uses his private key to decrypt the message.

• Solves key distribution and digital signature issues, but algorithms run much slower than symmetric algorithms.

• Still need some form of protocol for distributing keys

• Computationally expensive: as a result, symmetric encryption still the method most used for data encryption

D. Glinos

CIS3360 Security in Computing

15

Public-Key Encryption Model

source: Fig. 2.6(a), p. 57

D. Glinos

CIS3360 Security in Computing

16

Applications of Public-Key Algorithms

• Encryption , but computationally expensive, so not often done

• Diffie -Hellman key exchange

• uses public -key encryption to compute a shared secret key

• the shared secred key is thereafter used for symmetric data encryption

• Authentication

• Sender encrypts using his private key

• Recipients can decrypt using sender's public key, which they all know

• Since only sender has the corresponding private key, authenticity is assured

• Digital signature

• use authentication scenario, but encrypt a hash value, not the message

• Key management and distribution

• used with certificate authorities (CAs) to assure recipients that alleged public key is genuine

D. Glinos

CIS3360 Security in Computing

17

Digital Certificates

• Digital certificates (DCs) address the question: How can Alice know that the public key she is using for Bob is really his public key?

• Issued by trusted entities called certificate authorities (CA)

• A digital certificate vouches for an entity (e.g., Bob) and contains Bob’s public key

• The DC is digitally signed by the CA using its private key; Alice uses the CA’s public key to verify the CA’s signature

• Entities (e.g., Alice) wishing to communicate with Bob can now trust that they have a valid public key for Bob, since they trust the CA.

• This is not fool-proof. It is merely “strong evidence” of Bob’s public key

D. Glinos

CIS3360 Security in Computing

18

• Another way to use public -key encryption to protect a symmetric key

• Does not need for sender and recipient to negotiate a shared secret key

• Uses a one -time symmetric key

• Key is encrypted using recipient's public key and sent to recipient

Digital Envelopes

source: Fig. 2.8, p. 63

D. Glinos

CIS3360 Security in Computing

19

Random Numbers

• Random numbers are used extensively in cryptographic applications, for

• generation of keys for public-key algorithms

• generation of stream keys for symmetric stream ciphers

• generation of one-time symmetric keys for use in digital envelopes

• session key generation by key distribution centers or parties to communication

• also used in handshake protocols to prevent replay attacks

• Requirements

• Randomness

• uniform distribution – each value is equally likely

• independence – cannot infer any value from other values

• Unpredictability

• opponent should not be able to predict future element of sequence on basis of earlier elements (similar to statistical independence, above)

D. Glinos

CIS3360 Security in Computing

20

Pseudorandom Numbers

• Cryptographic applications (and programming languages) typically use algorithms to generate "random" numbers

• algorithms are deterministic

• therefore, sequences produced are not truly random

• such sequences are called " pseudorandom"

• Pseudorandom number generators (PRNGs)

• use algorithms that produce sequences that satisfy statistical randomness tests (uniformity, independence)

• neveretheless, can be predictable

• True random number generators (TRNGs)

• typically measure unpredictable natural processes

• e.g., radiation events, gas discharge, leaky capacitors

• increasingly provided on modern processors

• e.g., Intel chip that samples thermal noise across undriven resistors

D. Glinos

CIS3360 Security in Computing

21

## Molto più che documenti.

Scopri tutto ciò che Scribd ha da offrire, inclusi libri e audiolibri dei maggiori editori.

Annulla in qualsiasi momento.