1 / 8

A Quick Tour of Cryptographic Primitives

18739A: Foundations of Security and Privacy . A Quick Tour of Cryptographic Primitives. Anupam Datta CMU Fall 2009. Basic Cryptographic Concepts. Encryption scheme (symmetric and public key) Signature scheme Message authentication code Hash function

booker
Télécharger la présentation

A Quick Tour of Cryptographic Primitives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 18739A: Foundations of Security and Privacy A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall 2009

  2. Basic Cryptographic Concepts • Encryption scheme (symmetric and public key) • Signature scheme • Message authentication code • Hash function • A network protocol like SSL is built using these primitives

  3. Symmetric Encryption Scheme • Key generation algorithm • Produces a key that is used for encryption and decryption • Algorithm to encrypt a message • Algorithm to decrypt a ciphertext • Correctness: • Decrypting a ciphertext obtained by encrypting message m with the corresponding key k returns m dec(enc(m,k),k) = m • (Symbolic) Security: • A ciphertext cannot be decrypted without access to the key Can you think of a stronger security property?

  4. Public-Key Encryption Scheme • Key generation algorithm • Produces private decryption & public encryption key pair • Algorithm to encrypt a message • Algorithm to decrypt a ciphertext • Correctness: • Decrypting a ciphertext obtained by encrypting message m with the corresponding encrytion key returns m dec(enc(m, pk(A)), sk(A)) = m • (Symbolic) Security: • A ciphertext cannot be decrypted without access to the private decryption key Why would you want public key encryption?

  5. Signature Scheme • Key generation algorithm • Produces private signing & public verification key pair • Algorithm to sign data • Algorithm to verify signature • Correctness: • Message signed with a signing key verifies with the corresponding verification key verify(m,sign(m,sk(A)), pk(A)) = ok • Security: • A signature cannot be produced without access to the private signing key Can you think of a scenario where you may not want non-repudiation?

  6. Message Authentication Code (MAC) • Key generation algorithm • Produces a key • Algorithm to mac a message • Algorithm to verify a mac on a message • Correctness: • Message mac-ed with key verifies with the same key verify(k, m, mac(k,m)) = ok • Security: • A MAC cannot be produced without access to the key Similar to signature, but uses symmetric key What property does a signature have, but a MAC does not?

  7. Hash Functions • Key generation algorithm • Produces a key • Algorithm to hash a message m, given a key k to a fixed length output hash(k, m) • Security (Collision resistance) Given hash function hash: X  Y and key k, cannot find a collision, i.e. x, x’  X s.t. x ≠ x’ and hash(k,x) = hash(k,x’) What is the difference between a MAC and a hash function?

  8. Cryptographic Constructions • Signature scheme • DSS, RSA-FDH,… • Hash function • SHA-1, MD5,… • Message Authentication Code (MAC) • HMAC, CBC-MAC, NBAC… • Encryption scheme • Asymmetric (public key): RSA, Diffie-Hellman, El Gamal,… (distinct keys for encryption and decryption) • Symmetric: DES, 3DES, AES, RC4,… (same key for encryption and decryption) • Want to know more? • 18-733: Applied Cryptography Later: Peeking inside the RSA encryption scheme

More Related