1 / 94

Security and Protection

Security and Protection. References. Most slides are from B. A. Miller at Mount Allison University, Kenneth Chiu at SUNY Binghamton, and Daniel M. Zimmerman at CALTECH

arutledge
Télécharger la présentation

Security and Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security and Protection

  2. References Most slides are from B. A. Miller at Mount Allison University, Kenneth Chiu at SUNY Binghamton, and Daniel M. Zimmerman at CALTECH Some slides are from Scott Shenker and Ion Stoica at University of California, Berkeley and Ariel J. Frank at Bar-Ilan University I modified and added some slides

  3. Attacks Interception (eavesdropping): unauthorized party gains access to service or data Interruption (denial of service attack): services or data become unavailable Modification: unauthorized party changes the data or tampers with the service Fabrication: unauthorized party generates additional data or activity

  4. Cryptography

  5. What is cryptography? • cryto – “hidden” • graphy – “writing” • Keeping messages secret • Usually by making the message unintelligible to anyone that intercepts it

  6. The Problem Private Message Bob Alice Eavesdropping Eve

  7. The Solution Private Message Private Message Encryption Decryption Scrambled Message Bob Alice Eavesdropping Eve

  8. What do we need? • Bob and Alice want to be able to encrypt/decrypt easily • But no one else should be able to decrypt • How do we do this? • Keys!

  9. Using Keys Nonsense Encryption Decryption Ciphertext Plaintext Plaintext

  10. Symmetric vs. Asymmetric Encryption Symmetric encryption: the same key is used to encrypt and to decrypt Asymmetric encryption: encryption and decryption keys are different

  11. The Shift Cipher • We “shift” each letter over by a certain amount Plaintext five red balloons f + 3 = I i + 3 = L v + 3 = Y … Key = 3 Encryption Ciphertext ILYH UHG EDOORRQV

  12. The Shift Cipher cont. • To decrypt, we just subtract the key Ciphertext ILYH UHG EDOORRQV I - 3 = f L - 3 = i Y - 3 = v … Key = 3 Decryption five red balloons Plaintext

  13. The Shift Cipher cont. • Symmetric or Asymmetric encryption? • Symmetric encryption • What’s wrong with the shift cipher?

  14. Requirements for Cryptography • The communicating parties want to be able to encrypt/decrypt easily • But no one else should be able to decrypt

  15. What’s wrong with the shift cipher? • Not enough keys! • If we shift a letter 26 times, we get the same letter back • A shift of 27 is the same as a shift of 1, etc. • So we only have 25 keys (1 to 25) • Eve just tries every key until she finds the right one

  16. The Substitution Cipher Plaintext Ciphertext • Rather than having a fixed shift, change every plaintext letter to an arbitrary ciphertext letter

  17. The Substitution Cipher cont. Plaintext five red balloons Key = f = A i = L v = R … Encryption ALRD HDS XGOOYYBW Ciphertext

  18. The Substitution Cipher cont. • How to decrypt? • To decrypt we just look up the ciphertext letter in the table and then write down the matching plaintext letter • Symmetric or Asymmetric encryption? • Symmetric encryption

  19. The Substitution Cipher cont. • How many keys do we have now? • Akey is just a permutation of the letters of the alphabet • There are 26! permutations • 403291461126605635584000000 • Is this cipher good enough so that no one is able to decrypt the ciphertext without knowing the key?

  20. Frequency Analysis • In English (or any language) certain letters are used more often than others • If we look at a ciphertext, certain ciphertext letters are going to appear more often than others • It would be a good guess that the letters that occur most often in the ciphertext are actually the most common English letters

  21. Letter Frequency • This is the letter frequency in English • The most common letter is ‘e’ by a large margin, followed by ‘t’, ‘a’, and ‘o’ • ‘J’, ‘q’, ‘x’, and ‘z’ hardly occur at all

  22. Frequency Analysis in Practice • Suppose this is our ciphertext • dq lqwurgxfwlrq wr frpsxwlqj surylglqj d eurdg vxuyhb ri wkh glvflsolqh dqg dq lqwurgxfwlrq wr surjudpplqj. vxuyhb wrslfv zloo eh fkrvhq iurp: ruljlqv ri frpsxwhuv, gdwd uhsuhvhqwdwlrq dqg vwrudjh, errohdq dojheud, gljlwdo orjlf jdwhv, frpsxwhu dufklwhfwxuh, dvvhpeohuv dqg frpslohuv, rshudwlqj vbvwhpv, qhwzrunv dqg wkh lqwhuqhw, wkhrulhv ri frpsxwdwlrq, dqg duwlilfldo lqwhooljhqfh.

  23. Ciphertext distribution English distribution In our ciphertext we have one letter that occurs more often than any other (h), and 6 that occur a good deal more than any others (d, l, q, r, u, and w) There is a good chance that h corresponds to e, and d, l, q, r, u, and w correspond to the 6 next most common English letters

  24. Frequency Analysis cont. • If we replace ‘e’ with ‘h’ and the 6 next most common letters with their matches, the ciphertext becomes • an intro???tion to ?o?p?tin? pro?i?in? a ?roa? ??r?e? o? t?e ?i??ip?ine an? an intro???tion to pro?ra??in?. ??r?e? topi?? ?i?? ?e ??o?en ?ro?: ori?in? o? ?o?p?ter?, ?ata repre?entation an? ?tora?e, ?oo?ean a??e?ra, ?i?ita? ?o?i? ?ate?, ?o?p?ter ar??ite?t?re, a??e???er? an? ?o?pi?er?, operatin? ???te??, net?or?? an? t?e internet, t?eorie? o? ?o?p?tation, an? arti?i?ia? inte??i?en?e.

  25. Classical to Modern Cryptography • Classical cryptography • Encryption/decryption done by hand • Modern cryptography • Computers to encrypt and decrypt • Same principles, but automation allows ciphers to become much more complex

  26. The Enigma Machine • German encryption and decryption machine used in WWII • Essentially a complex, automated substitution cipher

  27. How did Enigma work? • Rotors have different wiring connecting input to output • Rotors move after each keypress • The key is the initial position of the three rotors

  28. Breaking the Enigma • Britain set up its cryptanalysis team in Bletchley Park • They consistently broke German codes throughout the war • Important location in the history of computing • Alan Turing • COLOSSUS

  29. Differential Cryptanalysis • The most significant advance in cryptanalysis since frequency analysis • Ideally a ciphertext should be completely random, there should be no connection to its matching plaintext • Differential cryptanalysis exploits the fact that this is never actually the case; Uses patterns between plaintext and ciphertext to discover the key

  30. Cryptography in the Computer Age • Working with binary instead of letters • We can do things many, many times • Think of an Enigma machine that has 2128 pairs of symbols on each rotor, and 20 rotors • Other than that, the basic principles are the same as classical cryptography

  31. The Problem of Symmetric Key Cryptography • Up until now we’ve been talking about symmetric key cryptography • Alice and Bob are using the same key to encrypt/decrypt • Problem: How does Bob get the key to Alice when Eve is eavesdropping? • Up until 1976 the only solution was to physically give Alice the key in a secure environment

  32. Public (Asymmetric) Key Cryptography • Diffie and Hellman published a paper in 1976 providing a solution • We use one key for encryption (the public key), and a different key for decryption (the private key) • Everyone knows Alice’s public key, so they can encrypt messages and send them to her • But only Alice has the key to decrypt those messages • No one can figure out Alice’s private key even if they know her public key

  33. Using Public Keys Nonsense Encryption Decryption Ciphertext Plaintext Plaintext

  34. Public Key Cryptography in Practice • The problem is that public key algorithms are too slow to encrypt large messages • Instead Bob uses a public key algorithm to send Alice the symmetric key, and then uses a symmetric key algorithm to send the message • The best of both worlds! • Security of asymmetric key cryptography • Speed of symmetric key cryptography

  35. Sending a Message What’s your public key? Bob picks a symmetric key and encrypts it using Alice’s public key Alice decrypts the symmetric key using her private key Then sends the key to Alice Bob encrypts his message using the symmetric key Alice decrypts the message using the symmetric key hi Then sends the message to Alice

  36. The RSA Public Key Cipher • The most popular public key cipher is RSA, developed in 1977 • Named after its creators: Rivest, Shamir, and Adleman • Uses the idea that it is really hard to factor large numbers • Create public and private keys using two large prime numbers • Then forget about the prime numbers and just tell people their product • Anyone can encrypt using the product, but they can’t decrypt unless they know the factors • If Eve could factor the large number efficiently she could get the private key, but there is no known way to do this

  37. Public-Key Cryptography: RSA (Rivest, Shamir, and Adleman) • Sender uses a public key • Advertised to everyone • Receiver uses a private key Plaintext Plaintext Internet Encrypt with public key Decrypt with private key Ciphertext

  38. Generating Public and Private Keys • Choose two large prime numbers p and q (~ 256 bit long) and multiply them: n = p*q • Chose encryption key e such that e and (p-1)*(q-1) are relatively prime • Compute decryption key d, where d = e-1mod ((p-1)*(q-1)) (equivalent to (d*e) mod ((p-1)*(q-1))=1) • Public key consists of pair (n, e) • Private key consists of pair (n, d)

  39. RSA Encryption and Decryption • Encryption of message block m: • c = memod n • Decryption of ciphertext c: • m = cd mod n

  40. Example (1/2) • Choose p = 7 and q = 11  n = p*q = 77 • Compute encryption key e: (p-1)*(q-1) = 6*10 = 60  chose e = 13 (13 and 60 are relatively prime numbers) • Compute decryption key d such that (13*d) mod 60 = 1  d = 37 (37*13 = 481)

  41. Example (2/2) • n = 77; e = 13; d = 37 • Send message block m = 7 • Encryption: c = me mod n = 713 mod 77 = 35 • Decryption: m = cd mod n = 3537 mod 77 = 7

  42. Properties • Confidentiality • A receiver B computes n, e, d, and sends out (n, e) • Everyone who wants to send a message to B uses (n, e) to encrypt it • How difficult is it to recover d ? (Someone that can do this can decrypt any message sent to B!) • Recall that d = e-1mod ((p-1)*(q-1)) • So to find d, you need to find primes factors p and q • This is provably very difficult

  43. RSA Factoring Challenge • RSA-768 has 768 bits or 232 decimal digits, took two years to compute and was factored on December 12, 2009. It’s the largest factored RSA number to date. • RSA-2048 may not be factorizable for many years to come, unless considerable advances are made in integer factorization or computational power in the near future.

  44. Public-Key Cryptography: RSA (Rivest, Shamir, and Adleman) • Sender uses a private key • Receiver uses a public key Plaintext Plaintext Internet Encrypt with private key Decrypt with public key Ciphertext

  45. So Far: The Problem Private Message Bob Alice Eavesdropping Eve

  46. So Far: The Solution Private Message Private Message Encryption Decryption Scrambled Message Bob Alice Eavesdropping Eve

  47. Other Security Problems • Are you who you say you are? • Authentication • How does Bob know that he’s really talking to Alice? • How does Alice know the message was sent by Bob? • Mutual authentication • How does Alice know that the message she receives hasn’t been tampered with? • Message Integrity

  48. Secure Channels • Can you have authentication without message integrity? • I know that Bob sent the message, but someone may have tampered with it. • I know that no one tampered with it, but I don’t know whether or not it was really Bob who sent it. • Authentication & message integrity cannot do without each other ! • Set-up phase precedes message exchange • Session keys to ensure message integrity

  49. Notation for Cryptography

  50. 1 KB+(A, RA) KA+(RA, RB, KA,B) 2 KA,B(RB) 3 Authentication • How does Bob know that he’s really talking to Alice? • How does Alice know the message was sent by Bob? • Mutual authentication • KA+, KB+: public keys ? Bob Alice

More Related