1 / 15

Introduction to cryptography

Main concepts Design principles Cryptosystems conventional Caesar’s cipher Simple substitution Modern Symmetric DES Modern RSA Authentication one way two way two-way authentication and secure channel setup symmetric cryptosystems asymmetric cryptosystems.

cgulley
Télécharger la présentation

Introduction to cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Main concepts Design principles Cryptosystems conventional Caesar’s cipher Simple substitution Modern Symmetric DES Modern RSA Authentication one way two way two-way authentication and secure channel setup symmetric cryptosystems asymmetric cryptosystems Introduction to cryptography

  2. P clear (plain) text, message - readable (intelligible) information C ciphertext - encrypted information E encryption (enciphering) - transforming clear text into ciphertext D decryption (deciphering) - transforming ciphertext back into original cleart text encrypting algorithm – a mathematical function having the following form: C = E (P, Ke) where Ke encryption key decryption algorithm: P = D (C, Kd) where Kd encryption key attacker (cryptoanalyst, intruder) - person that tries to discover C (compromise the encryption algorithm) two entities (users, programs) A and B need to communicate if A has Ke , B has a matching Kd - A and B have a one way private secure communication channel if also B has Ke and A has a matching Kd - A and B have a two way secure communication channel Cryptography, main concepts

  3. Cryptosystem – a system for encryption and decryption of information conventional - encryption algorithm is designed to be rather complex and hard to guess modern - encryption algorithm is made public but the keys are kept secret - the strength of the algorithm depends on the difficulty of determining Kd symmetric – key is the same for encryption and decryption asymmetric – key is different Cryptology – a science for designing and breaking cryptosystems Cryptography – practice of using cryptosystems to maintain confidentiality of information Cryptoanalysis – the study of breaking cryptosystems Cryptosystem and others

  4. Shannon’s principles diffusion - spreading dependencies such that plaintext needed to break the system is maximized confusion – changing piece of information so that the output has no obvious relation to input Exhaustive search principle – the determination of the key requires exhaustive search of key space Cryptosystem design principles

  5. the Caesar cipher: every letter is transformed into the third (or some other) in the alphabetical sequence (with wrap around): E=M->(M+3) mod 26 “advanced operating systems” -> “dgydqfhg rshudwlqj vcvwhpv” transformation is linear - the number of keys (shifts) is only 25 - easy to guess simple substitution cipher : an alphabet can be mapped to any permutation of letters each permutation is a key - there 26! (> 1026) keys. Exhaustive search is very expensive. substitution preserves frequency distribution of the letters of an alphabet - statistical analysis is possible. Conventional cryptosystems

  6. Symmetric - Ke and Kd are similar (possibly can be easily derived from one another) – not as computationally intensive as asymmetric. Useful if both encryption and decryption is performed by private parties need secure channel to exchange keys between communicating parties. Can use insecure channel for encrypted messages transmission example - Data Encryption Standard (DES) asymmetric - Ke and Kd are dissimilar. It is (computationally) hard to derive Kd from Ke. Ke does not need to be kept secret. computationally expensive and cannot be used for bulk data encryption can use insecure channel for both key and message transmission can encode with public and sign (digital signature) with private Example - method of Rivest-Shamir-Adleman (RSA) Modern cryptosystems

  7. data encryption standard developed by IBM, widely used symmetric Used to encrypt 64-bit data blocks with 56-bit key, the key is expandedto 64 bits for error correction Encryption algorithm Initial permutation 16 identical iterations with 48bit key Ki derived from encryption key: 32-bit right side is expanded to 48-bits by duplicating some bits These bits are x-or-ed with Ki The output is shrunk to 32 bits Inverse of initial permutation Decryption is encryption in reverse Finding key requires exhaustive search over 256 values DES

  8. Invented by Rivest-Shamir-Adleman Asymmetric Encryption (public) key is pair (e, n) Decryption (private) key – (d, n) Computing keys n = pq where p and q are large primes Pick d such that GCD(d,(p -1)  (q -1))=1dand(p -1)  (q -1) are relatively prime Pick e such that ed (modulo(p -1)  (q -1)) =1 Even though e,n are public, to determine d intruder needs to factor n into primes, if n is large (say 200 digits) factorization can be done by exhaustive search only RSA

  9. 23  7=161 RSA example

  10. authentication – verifying the identity of communicating entities to each other environment: message passing system (no shared memory), insecure channels, no past knowledge authentication services one-way authentication of communication entities – verifies the identity of one of the two communication entities to the other entity two-way authentication of communication entities – mutual authentication (both communication entities verify each other’s identity) Authentication

  11. intruder can gain access to any part of the network and can alter or copy any part of the message has knowledge of authentication protocol knows message types, purpose and order time of protocol initiation can replay earlier recorded messages can impersonate one of the communicating parties cannot understand the contents of encrypted messages Threats

  12. If two entities A and B want to communicate they must share Ke/Kd pair. How can the two entities exchange keys if there is no secure channel? Key distribution center (KDC) – holds keys for each communicating entity Two-way athentication and secure channel setup

  13. two phases for authentication obtaining shared (conversation) key communicating conversation key Obtaining the conversation key m1 = (Ra, IDa, IDb) - where Ra – id of request (different every time) IDa - id of process A IDb - id of process B m2 = E((Ra, IDb, Kab, C1), Ka) - where Kab – conversation key C1=E((Kab, IDa), Kb) Ka - private key of A what if IDb is not used in m2? intruder can substitute B in m1 for X and have A communicate with X instead of B what if Ra is not used in m2? intruder can replay a previously recorded message from KDC to A forcing A to reuse a previous conversation key m1 KDC A B m2 Symmetric systems, two-way auth. and channel setup

  14. communicating the conversation key m3 = C1 where C1=E((Kab, IDa), Kb) key communicated problem: intruder can playback A’s message to B forcing it to reuse the conversation key solution: m4 = C2=E(Nr, Kab ) where Nr is nonce (never repeating number) m5 = C3=E(Nr, Kab ) m3 m1 m4 B KDC A m2 m5 Symmetric systems, two-way auth.and channel setup

  15. two phases obtaining the public key handshake obtaining the public key (by A, B’s procedure is similar) m1=(A,B) m2=Esdc(PB,B) handshake m3=Epb(Na,A) m4=Epa(Na,Nb) m5=Epb(Nb) m3 m1 m4 B KDC A m2 m5 Asymmetric systems, two-way auth.and channel setup

More Related