Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Network Security
Secure channel
SSL (and many others: incl. IPSEC) Shared key establishing
Trusted party (Kerberos, etc. - to be covered) Public key methods
Alice
p, g
Bob
a b magamod p mbgbmod p
ma
mb
Encrypt(m): cmemodN Decrypt(c): mcdmodN Sign(m): smd modN ?m (modN) Verify(s,m): se Factoring: Given N=pq
Find x: bxmod p = y
Find p,q
Factoring based
RSA Square Roots (=factoring)
Rabin (Encryption,Signature) Fiat-Shamir (ID scheme, Signature)
World mod N
How many objects? |Z*N|= (N); for all z Z*N, z (N) mod N=1 If N=pq, then (N)= (p-1)(q-1) [If N=p, then (N)= p-1] Blum integers: N=pq, pq3 (mod 4) Then x(p+1)/4 mod p= y; y2x(p+1)/2x(p-1)/2 xx mod p
If gcd(a,b)=1: ax (mod b) =1
i.e. x=a-1 in Z*b
Rabin
Using Blum integers can compute SQRT mod p,q Using CRT can combine them to SQRT mod N
Attacks on factoring
(N), N => factoring (quadratic equation) Trick:
obtain x, s.t. x=0 mod p, x0 mod q gcd(x, N)=p
If z y, then x y-z
Key Establishing
Diffie-Hellman or RSA
Watch out for man-in-the-middle attack!!!
Authentication (signatures) PKI Remember AKE: authenticated key establishment
Beyond AKE
Ciphers MACs
Ciphers
Block ciphers
DES, AES, 3DES, Modes of operation: EDE, OFB, CBC,
Stream ciphers
Pseudo-random pad
Systems
PKI Kerberos - key distribution (symmetric crypto) IPSec - security on another level Firewalls, IDS, etc.