1 / 19

IT 221: Introduction to Information Security Principles

IT 221: Introduction to Information Security Principles. Lecture 4: Public-Key Cryptography For Educational Purposes Only Revised: September 15, 2002. Context and Questions. Context:

fletcher
Télécharger la présentation

IT 221: Introduction to Information Security Principles

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT 221:Introduction to Information Security Principles Lecture 4: Public-Key Cryptography For Educational Purposes Only Revised: September 15, 2002

  2. Context and Questions • Context: • “Tokyo at Rush hour, circa 2012: your automated car whisks you off to Narita airport, steering itself through bustling traffic. You’re free to work. Push a button on your watch, and an image of your firm’s mining operation in Indonesia springs to life in 3-D. You ask the digital assistant in your watch how current fluctuations might affect the mining investment, and a female voice reads the results out load.…As you arrive Narita, your car announces that the flight is delayed. Care to rebook?” [3] • Questions: • What some of the security and privacy implications with the potential ubiquity of (and access to) personalized data?

  3. Chapter 6 Outline • Chapter 6: • Context and Overview • History • Misconceptions • High-Level Principles • Categories of Public-keys • Encryption with Public-keys • Authentication with Public-keys • Ensuring Both Encryption and Authentication • RSA History • RSA Key Generation Algorithm • RSA Key Generation Example • RSA versus DES • Diffie-Hellman History • Diffie-Hellman Key Exchange • Key Management • Resources

  4. Context and Overview • Context: • The cryptographic systems and algorithms covered in Chapters 1-5 are fundamentally based on substitution and permutation. [2] • Inherent key distribution problem with Secret Key systems: • Necessary to share the secret key between Sender and Receiver • Comm. with n different parties requires n different keys • Public-key Cryptography Overview: • Public-key cryptography represents a radical departure from substitution and permutation based methods. [2] • Given a reliable transmission channel, Public-key systems solve the key distribution problem of using secret-key.

  5. History • History [4]: • Concept conceived by Diffie and Hellman in 1976 • Rivest, Shamir and Adleman (RSA) were first to describe a Public-key cryptosystem in 1978. • Merkle and Hellman published an alternative solution in 1978. • Serious contenders today available in the public domain: • RSA • El Gamal

  6. Misconceptions • Misconceptions [2]: • More secure from cryptanalysis than is conventional encryption. • General purpose technique that has made conventional encryption obsolete. • Key distribution is trivial compared to ‘handshaking’ involved with the Key Distribution of conventional encryption methods.

  7. High-Level Principles • High-Level Principles: • Based on the infeasibility to determine the decryption key (i.e. the Receiver’s Private Key), given knowledge of the following: [2] • Receiver’s Public Key • Chosen Plaintext • Possibly chosen ciphertext • Some algorithms, such as RSA, exhibit the following attribute: [2] - Either of the two related keys can be used for encryption, with the other used for decryption.

  8. Categories of Public-keys • Three Categories: • Encryption/Decryption: Sender encrypts a message with the recipient’s public key. • Digital Signature: Sender ”signs” a message with its private key. • Key Exchange: Two sides cooperate two exhange a session key.

  9. Encryption with Public-keys • Encryption Process [2]: • (1)Each end system in a network generates a pair of keys to be used for encryption and decryption of messages that it will receive. • (2)Each system publishes its encryption key by placing it in a public register or file. This is the Public-key. The companion key is kept private. • (3)If Bob wishes to send Alice, he encrypts the message using Alice’s Public-key. • (4)When Alice receives the message, she decrypts it using her Private-key. No other receiver can decrypt the message.

  10. Authentication with Public-keys • Authentication Process [2]: • (1)Bob prepares a message to Alice and encrypts the message using his private key. • (2)Alice decrypts Bob’s message by using his Public-key. • (3)Since the message was encrypted using the sender’s private key, only the sender could have sent this message.

  11. Ensuring Both Encryption and Authentication • Question: • Given the two preceding processes, how are you able to ensure for both Encryption and Authentication? • Solution: • Encrypt first, followed by the signature. Signature first has the advantage that the signature can be verified by parties other than the Recipient.

  12. RSA History • RSA History [2]: • Scheme developed by Rivest, Shamir, and Adleman • Block cipher in which the Plaintext and Ciphertext are integers between 0 and n –1 for some n. • Plaintext is encrypted in blocks, with each block having a binary value less than some number n, i.e. The block size must be less than or equal to log2(n).

  13. RSA Key Generation Algorithm • RSA Algorithm [2/4]: • Chose 2 large prime numbers p,q • Compute n = p x q • Select integer e relatively prime to (p –1) * (q –1) • Calculate d such that e*d = 1mod(p-1)*(q-1) • Publish Public Key {e,n} • Keep Private Key {d,n}

  14. RSA Key Generation Example • RSA Algorithm [4]: • Chose 2 large prime numbers p,q p = 47, q = 71 • Compute n = p x q n = p*q = 3337 • Select integer e relatively prime to (p –1) * (q –1) (47-1) * (71-1) = 46*70 = 3220 • Calculate d such that e*d = 1mod(p-1)*(q-1) 79^-1mod3220 = 1019 • Publish Public Key {e,n} (3337, 79) • Keep Private Key {d,n} • (3337, 1019)

  15. RSA versus DES • RSA versus DES [4]: • Speed of Implementation: • - RSA: Encypts in kilobits/second • DES: Encypts in megabits/second • Key Size: • - RSA: Selected by user • - DES: 64 bits (56 bits plus 8 parity bits) • Often proposed that RSA be used for secure exchange of DES keys.

  16. Diffie-Hellman History • RSA History [4]: • Proposed in 1976, and is the first public key algorithm (predates RSA) • Purpose of the algorithm is to enable two users to exchange a key securely over a potentially insecure channel. • Limited to the exchange of keys, I.e. can not be used for en-/de-cryption.

  17. Diffie-Hellman Key Exchange • Diffie-Hellman [4]: • Alice and Bob want to agree upon a key • They agree on 2 large integers n and g such that 1 < g < n • Alice chooses random x, computes X = g^xmod n and sends it to Bob. • Bob chooses random y, computes Y = g^y mod n, and sends it to Alice. • Alice computes k = Y^x mod n • Bob computes k’ = X^y mod n • If someone is eavesdropping, the intrudder knows n, g, X and Y but not x and y.

  18. Key Management • Several Schemes for Distributing Keys [2]: • Public Announcement of Public Keys • Publicly Available Directory • Public-Key Authority • Public-Key Certificates

  19. Resources • [1] Pfleeger, Charles. Security In Computing, Prentice Hall, 1997. Chapter 4. • [2] Stallings, William. Cryptography and Network Security, Prentice Hall, 1999. Chapter 4-5 • [3] Foroohar, Rana. “A New Way to Compute”. Time Magazine, September 16, 2002. Pp 34J-O. • [4] Jajodia, Dr. Sushil. “Cryptography and Its Applications”. Lecture, 1999.

More Related