Upload File

cryptography

31
Cryptography • Basic concepts and terms • Public/Private Key Algorithms • Key Distribution/Management • Digital Signatures • Miscellaneous Crypto

Upload: kerry-johnson

Post on 02-Jan-2016

17 views

Category:

Documents


0 download

Report

Tags:

DESCRIPTION

Cryptography. Basic concepts and terms Public/Private Key Algorithms Key Distribution/Management Digital Signatures Miscellaneous Crypto. Crytpo Intro. Why Encrypt? Protect stored information Protect Encryption - process by which plaintext is converted to ciphertext using a key - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Cryptography

Cryptography

• Basic concepts and terms

• Public/Private Key Algorithms

• Key Distribution/Management

• Digital Signatures

• Miscellaneous Crypto

Page 2: Cryptography

Crytpo Intro

• Why Encrypt?– Protect stored information

– Protect

• Encryption - process by which plaintext is converted to ciphertext using a key

• Decryption - process by which ciphertext is converted to plaintext (with the appropriate key)

• plaintext (cleartext)- intelligible data

Page 3: Cryptography

Crypto Terms

• Cryptography - art/science relating to encrypting, decrypting information

• cryptanalysis - art/science relating to converting ciphertext to plaintext without the (secret) key

• Link encryption - the individual application of encryption to data on each link of a network (nodes are a weak link)

• end-to-end encryption - the encryption of data from source system to end system (https)

Page 4: Cryptography

Crypto Terms

• Repudiation - In communication between parties, Denial by one party of having participated in communication (commonly heard as non-repudiation)

• Traffic analysis - inference of information from analysis of traffic (presence, absence, frequency, etc.)

• Traffic padding - generation of spurious data units• Work Factor - effort/time needed to overcome a

protective measure

Page 5: Cryptography

One - Time Pad

• Two identical pads (keys), one with sender, one with recipient

• The random pads (keys) are the same length as the message

• Unbreakable by exhaustive search

• Relies on physical security of the pads

• Pads can only be used once

Page 6: Cryptography

Cryptanalysis Terms

• Ciphertext-only attack - attacker attempts to decrypt ciphertext

• Known-plaintext attack - attacker attempts to decrypt ciphertext given knowledge of some plaintext (think “Login: “)

• Chosen-plaintext attack - attacker obtains ciphertext corresponding to selected plaintext

• Chosen-ciphertext attack - attacker obtains plaintext corresponding to selected ciphertext (in a public key system, when trying to deduce private key)

Page 7: Cryptography

Crypto System Properties

• Encryption/decryption transformations must be efficient for all keys

• System must be easy to use

• The security of the system should depend ONLY on the secrecy of the keys and not on the secrecy of the encryption/decryption transformations

Page 8: Cryptography

Secrecy Requirements

• If ciphertext and plaintext are known, it should be computationally infeasible to determine the deciphering algorithm

• It should be computationally infeasible to systematically determine plaintext from intercepted ciphertext (Even if you decrypt ciphertext once, it should require the same amount of work to do it again.)

• Note: “systematically” allows for a lucky guess

• Note: “Computationally infeasible” means great effort, doesn’t account for advances in computing, mathematics

Page 9: Cryptography

Authenticity Requirements

• If ciphertext and plaintext are known, it should be computationally infeasible to determine the enciphering algorithm

• It should be computationally infeasible to find valid ciphertext (Even if you encrypt plaintext so that it can be decrypted once, it should require the same amount of work to do it again.)

Page 10: Cryptography

Public vs. Private Key Encryption

• Private key encryption uses the same key for both encryption and decryption (faster) (DES)

• Private key encryption known as symmetric• Public key encryption uses two different keys, one

to decrypt and one to encrypt (RSA)– Thus, one key can be “public”, because the other key is

still necessary for decryption

– More complex, key management is an issue

• Public key encryption known as asymmetric

Page 11: Cryptography

Encipherment Modes

• Block Mode ciphers - Message broken into blocks, each block encrypted separately– blocks of identical plaintext have identical ciphertext

– replay and substitution attacks easier (insertion or deletion of blocks

• Block chaining - parts of the previous block are inserted into the current block– makes replay and substitution attacks much harder

• DES is a block cipher

Page 12: Cryptography

Encipherment Modes

• Stream Ciphers - Message broken into characters or bits and enciphered with a “key stream”– key stream - should be random and generated

independently of the message stream

Page 13: Cryptography

Digital Encryption Standard (DES)

Developed by IBM in 1972 Never approved for national security applications 64-bit plain & cipher text block size 56-bit true key plus 8 parity bits Single chip (hardware) implementation

Most implementations now software

16 rounds of transpositions & substitutions Standard for unclassified government data symmetric, private key

Page 14: Cryptography

Applications of DES

Double DES Effective key length of 112 bits Work factor about the same as single DES

Triple DES Encrypt with first key Decrypt with second key Encrypt with first key Very secure

Page 15: Cryptography

Public key

RSA - Rivest, Shamir, and Adleman Introduced in 1976 Relies on factoring of large numbers

Elliptic Curve Cryptosystem (ECC) Highest strength/bit of public key stream Big savings over other public key systems

Computation Bandwidth Storage

Page 16: Cryptography

Strength Comparison

EC Key Size RSA Key Size MIPs Year160 1,024 1012

320 5,120 1036

600 21,000 1079

1,200 120,000 10168

Page 17: Cryptography

Key Selection

• Similar to password selection, users are the weak link

• Random number generators may not be random• Key clustering - two different keys produce

equivalent ciphertext from equivalent plaintext

Page 18: Cryptography

Key Management

• Using a public key system, A wants to talk to B• C is the Key Distribution Center, has A and B’s

public key• A calls B, and the calling protocol contacts C• C encrypts a session key, “k”, with the public keys

and sends the encrypted “k” to A and B• A and B can then communicate

Page 19: Cryptography

Key Management Issues

Key storage, recovery Key revocation (lost, compromised keys) Must be fully automated No key in clear outside crypto system Choose key randomly from entire key space Key-encrypting key must be separate from data

keys Infrequently use keys with long life

Page 20: Cryptography

Key Escrow• Separate agencies maintain components of private

key, which, when combined, can be used to decrypt ciphertext

• Stated reason is to decrypt drug related communications

• Clipper chip is an example– secret algorithm

– Unpopular, unused

• Issues include key storage, Big Brother

Page 21: Cryptography

Digital Signature

• Used like a written signature, binds a message to an individual (Provides non-repudiation):

• S is sender, R is recipient, and M is the Message– R must be able to validate S’s signature on M

– No one can forge S’s signature

– If S denies signing M, a 3rd party must be able to resolve the dispute between S and R

• Easy with public key encryption - S encrypts with private key, R can decrypt with public (so can 3rd party)

Page 22: Cryptography

Digital Signature

• Previous method results in M in ciphertext, anyone without S’s public key cannot view

• An alternative is to compute a digest of the message using a public hash function, then encrypt the digest using private key. Thus, the only ciphertext is the hash.

• MD2, MD4, and MD5 are public hash functions that create message digests. MD5 is strongest, a Rivest upgrade of MD4

Page 23: Cryptography

Hash Function

• Hash function produces a message digest• message digest also known as fingerprint, imprint• 2 messages with the same digest are extremely

unlikely– Signer can’t claim a different message was signed

– Recipient can’t claim a different message was signed

Page 24: Cryptography

Digital Signature Standard (DSS)

Uses secure hash algorithm Condenses message to 160 bits Key size 512 - 1024 bits Proposed by NIST in 1991 Adopted???

Page 25: Cryptography

Message Authentication Code

• General term used to describe digital signatures

Page 26: Cryptography

Attacks

• Brute force attack– Attempt to use all keys

• expensive

• time consuming

– But, processing speed doubles every 18 months,

– Clustered workstations, etc.

Page 27: Cryptography

Attacks• Analytic

– Use algorithm and algebraic manipulation to reduce complexity

• Statistical– Use statistical weaknesses in design (more 1’s than

0s in keystream on average, for example)

• Implementation– Microsoft - PPTP, LANMAN passwords– poor randomization on Netscape key

Page 28: Cryptography

Kerberos

• Authentication and encryption system designed at MIT

• Assigns a unique key, called a “ticket”, to each user on the network

• “Ticket” embedded in user’s messages to identify sender

Page 29: Cryptography

Certificate Authority

• Trusted, 3rd party organization

• CA (Certificate Authority) guarantees that the individual granted a certificate is who he/she claims to be

• CA usually has arrangement with financial institution to confirm identity

• Critical to data security and electronic commerce

Page 30: Cryptography

Public Key Infrastructure

• Known as PKI

• Necessary for widespread electronic commerce

• No absolute definition or standard

• A system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of parties in Internet transactions

Page 31: Cryptography

Steganography

• Art of hiding communications– Why? Deny message exists– Hide data transmissions (remember the

microdot?)

• Common implementations hide information in graphic files, sound files, or slack space


Cryptography - A Reviewweb.cse.msstate.edu/~ramkumar/review1.pdfSymmetric Cryptography Asymmetric Cryptography Key Management Network Security Symmetric Cryptography Overview Block

Introduction to Practical Cryptography Lecture 2 Public Key Cryptography

Elliptic Curve Cryptography based Threshold Cryptography (ECC- TC)

Cryptography or Smalltalkers 2 Public Key Cryptography

Quantum cryptography CS415 Biometrics and Cryptography UTC/CSE

Quantum cryptography CS4600/5600 Biometrics and Cryptography UTC/CSE

DNA BASED CRYPTOGRAPHY - Western Universitylila/kavita.pdf · 2 Overview • Cryptography in general • Need of Cryptography • Basic concepts in Cryptography - Plaintext - Cipher

Cryptography - Number Theory an Related Alghoritm in Cryptography

Advanced Cryptography Isogeny-based Cryptography

Java*Cryptography - Cogent Logic · Java*Cryptography Symmetric*Key*Cryptography • Cryptography. Cryptography

Information Security Cryptography ( L02- Types Cryptography)

univie.ac.atothes.univie.ac.at/27163/1/2013-02-27_0501793.pdf · Quantum Cryptography in the Tokyo Metropolitian Area 2.). Quantum cryptography 2.1.Classical Cryptography Cryptography

Cryptography Gerard Klonarides. What is cryptography? Symmetric Encryption Symmetric Encryption Asymmetric Encryption Asymmetric Encryption Other cryptography

Applied Cryptography Week 4 Cryptography and.NET 1 Applied Cryptography Week 4 Mike McCarthy

Information Security Cryptography ( L03- Old Cryptography Algorithms )

(Continue) Cryptography - University of Washington · 2013-02-05 · Cryptography: Now on to asymmetric cryptography HW2 out soon (on cryptography) (Reminder:) Symmetric Cryptography

introduction to Cryptography(FINAL) - WordPress.com · Introduction to Cryptography 1. Objectives •Define cryptography and differentiate it with steganography. •Introduce cryptography

Palladium Cryptography Palladium Cryptography Next ... · Palladium Cryptography Palladium Cryptography Next Generation Security Computation Base Harshwardhan Rathore, Asst. Prof

Beginning Cryptography With Java - Symmetric Key Cryptography

Basic Cryptography - Sapienzaparisi/Risorse/CryptographicPrimitives.pdf · Basic Cryptography Introduction ... The Java Cryptography Architecure (JCA) The Java Cryptography Extensions

Cryptography and Security in Wireless Sensor …Cryptography Cryptography De nition Cryptography is the study of mathematical techniques related to aspects of information security

Chapter 3 Cryptography - Reading & Learning...Chapter 3 Cryptography Introduction: Cryptography is an ancient art of keeping secrets. Cryptography ensures security of communication

Chapter 8 - Cryptography. Cryptography General Concepts

Codes, Ciphers, and Cryptography Quantum Cryptography

Cryptography Cryptography 1. Activity What is cryptography ? 2

Innovative field of cryptography: DNA cryptography

Post-Quantum Cryptography: Lattice-Based Cryptography and

Cryptography 2017 - Chalmers · Cryptography 2017 Introduction ... J. Katz, Y. Lindell, Introduction to Modern Cryptography, ... Introduction Why study cryptography?

Quantum computing, teleportation, cryptography Computing Teleportation Cryptography

Bronson Jastrow. Outline What is cryptography? Symmetric Key Cryptography Public Key Cryptography How Public Key Cryptography Works Authenticating

Applied Cryptography Spring 2015 GSM and cryptography

Cryptography -

Cryptography - Report Advanced Cryptography Standard AES.pdf

1 Lecture 2: Introduction to Cryptography Outline uses of cryptography secret key cryptography public key cryptography message digests

Kleptography: Using Cryptography Against Cryptography · 2017-08-27 · Kleptography: Using Cryptography Against Cryptography Adam Young* and Moti Yung” Abstract. The notion of