Distribution of Public Keys and HMAC

Presented by: Anurag JagetiyaAstt. Prof. MLV Textile & Engineering

College, Bhilwara

Objective

• Understand the technique use for distribution of Public keys.

• Understanding of MAC.

Prerequisite

• Understanding of Network Security Principles

Outline

• Background• Key Distribution

– RSA approach– Publicly available directory– Public key authority– Public key certificate

• Hash base Message Authentication Code (HMAC)

Background

"Cryptography, defined as "the science and study of secret writing" concerns the ways in which communications and data can be encoded to prevent disclosure of their contents through eavesdropping or message interception, using codes, ciphers and other methods, so that only certain people can see the real message.“

- Yamen Akdeniz

The Need for Cryptography

Cryptography is required to ensure:

• Confidentiality• Authentication• Authorization• Data Integrity• Non-Repudiation

Types of Cryptography

• Private key (Symmetric) Cryptography• Public Key (Asymmetric)Cryptography

Private key Cryptography

• Sender and the Recipient share a key that must be kept private to them.

• Same key is used to encrypt and decrypt the message.

• Example: DES, Triple DES, IDEA, blowfish, RC4

Problem: Private key Cryptography

• Every pair of user needs a unique key, thus number of keys are very large.

• Number of keys for N users are N(N-1)/2.• Key distribution is a big problem: cannot trust

upon third party• Solution: Public Key Cryptography

Public Key Cryptography

• Sender & Receiver both has two sets of keys Public key and Private key.

• Both the keys can be used for encryption/ decryption.

• Public key is publically available to everyone wish to send secret message.

• Private key remains secret to user.• Example: RSA, ECC, etc

Key Distribution

Distribution of Public Keys

RSA

• Based upon mathematics that it is easier to multiply two large prime numbers but it’s very difficult to find its factor.

• e.g. 40259, find its factors • Public key is the product of two long prime

numbers• Considered very secure but may suffer from

man in middle attack

317 *217

Publicly available directory

• directory must be trusted with properties:– contain {name, public-key} entries– participants register securely with directory– participants can replace key at any time– directory is periodically published

• Still vulnerable: trusted party can be attacked. Or if intruder somehow know the private key of any participant, she can pass counterfeit key information to the directory.

Public key authority

• Authority provides its public keys to participants

• Participants can request for their keys in an encrypted manner that can be decrypted by the private key of the authority.

• Danger of tempering with authority is still prevailing

• Dependency upon Authority is an overhead.

Public key certificate

• Digitally signed electronic certificates are used by the participants to exchange public keys safely.

• These certificates are assigned by the certificate authority like: VeriSign etc.

• Nobody other than the trusted certificate authority can generate the certificates.

• Popular TLS protocol uses the services of X.509 directory authentication service for the same.

HMAC: Background• Authentication techniques ensures

– Message is from alleged sender– And, its integrity is preserved

• Hash functions are used to produce a fixed length digest of the input message

• It is known as message digest or message authentication code

Contd…

• Hash functions are known as one way function i.e. easy in one direction but difficult in another direction.

• for any two different messages it’s impossible to get similar digest.

• Common hash algorithms– MD5 produces fixed 128 bit digest– SHA-1 produces 160 bit bits

HMAC Introduction

• HMAC uses popular cryptographic hash function like MD-5 or SHA-1 to generate strong and secure MAC.

• HMAC uses a secret key for the calculation and verification of the MACs.

• HMAC is specified in RFC 2104

Contd…

• To use available and approved cryptographic hash functions whose:– Cryptographic strength has been proved effectively.– Code is freely available and they perform well in software.

• Old embedded hash functions can be easily replaced with new hash functions, when developed.

• To make a simple use of keys

HMAC Algorithm: Parameters and symbols

M Input Message to HMAC (With necessary padding)

B Block Size (In Bytes) of Input Message

H Embedded hash function

Ipad Inner Pad: the byte 0x36 (In hexadecimal) repeated B times

K Secret Key (Shared by only sender and receiver)

K0 Key K after necessary pre-processing (i.e. padded with zeros on the left) to form a B byte key

Opad Outerpad: 0x5C (In hexadecimal) repeated B times

L Length of the hash code (in bytes)

|| Concatenation

Exclusive or

HMAC Algorithm: Cryptographic Key

• The size of secret key K used in HMAC shall be equal to or greater than L/2

• Here L is the size of Hash function output

• If key size greater than input block size (B bytes), first apply the key to hash function (H) than the resultant L byte string is used as key

• Key should be chosen at random using key generation algorithms and change periodically.

HMAC Algorithm

1. If K = B than Set K0:= K. Go to step 42. If K < B than K is padded with zeros in the left that form B byte string K0.

Go to step 4. 3. If K> B than hash the key K through H to get L byte string than add B-L

zeros to get a B byte string. (i.e. K0=H (K) || 0000…) Go to step 44. XOR K0 and ipad to generate a B byte string: K0 ipad 5. Append the input message to the output string of step 4. (K0 ipad) || M6. Apply H to the stream generate in step 5. H ((K0 ipad) || M)7. XOR K0 and opad: K0 opad8. Append the result of step 6 to result of step 7: 9. (K0 opad)|| H ((K0 ipad) || M)10. Apply H to the stream generated in step 8 to get the final output:11. H((K0 opad)|| H ((K0 ipad) || M))

Graphical representation of HMAC Algorithm

Image Source: http://blog.mousavi.net/2013/01/23/hmac-the-keyed-hash-based-mac-function/

• XORing of ipad and opad with key K result in the flipping of half of its key bits.

• But the flipped value will be different for ipad and opad respectively.

• Thus two keys are pseudo randomly generated by key K.

References

• Anurag Jagetiya, C. Ramakrishna, “Secure Socket Layer-A Boon to E-commerce”, CSI Communications, May-2013.

• William Stallings, Cryptography and Network Security Principles and Practices, Pearson Publication, 4th Edition.