1 / 64

Introduction to cryptography for authentication and identification systems

Introduction to cryptography for authentication and identification systems. --- FIT3105 --- Lecture 2 & 3. Outline. Why study crypto-based authentication and identification systems ? The importance of cryptography for authentication and identification

jael
Télécharger la présentation

Introduction to cryptography for authentication and identification systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to cryptography for authentication and identification systems --- FIT3105 --- Lecture 2 & 3

  2. Outline • Why study crypto-based authentication and identification systems? • The importance of cryptography for authentication and identification • The importance of light and secure ciphers for portable devices. E.g; smart cards • Introduction to private key cryptography • Introduction to public key cryptography • Introduction to one-way hash functions • Introduction to digital signatures FIT3105 - Security and Identity Management

  3. Some references • http://www.rsa.com/ (RSA website) • http://www.certicom.com/index.php?action=res,ecc_faq (good introduction papers) • http://cnscenter.future.co.kr/crypto/algorithm/ecc.html (more materials) • http://www.cs.mdx.ac.uk/staffpages/m_cheng/link/ecc_simple.pdf (good introduction for students with strong maths background) (You can find many more from the Web) FIT3105 - Security and Identity Management

  4. The importance of cryptography for authentication and identification • If we can generate a unique key for each entity (a person, an object, etc) universally, then • An entity can be identified by its key (one single key or hash value) • An entity can be identified by a pair of key (one private key and one public key). • An entity can be identified by a digital signature. FIT3105 - Security and Identity Management

  5. The importance of light and secure ciphers for small and portable devices • For some applications, the size of the key and the encrypt/decrypt algorithms are the critical factor • Smart cards require to work with encrypt/decrypt algorithms, so wee need light and good ciphers. • A portable device may be used to store many different keys to identify an entity. • Keys are stored together with other information to identify an entity. FIT3105 - Security and Identity Management

  6. Why study crypto: the basic problem • We consider the confidentiality goal: • Alice and Bob are Friends • Marvin is a rival • Alice wants to send secret messages (M1,M2,…) to Bob over the Internet • Rival Marvin wants to read the messages (M1,M2,…) - Alice and Bob want to prevent this! • Assumption: The network is OPEN: Marvin is able to eavesdrop and read all data sent from Alice to Bob. • Consequence: Alice must not send messages (M1,M2,…) directly – they must be “scrambled” or encrypted using a ‘secret code’ unknown to Marvin but known to Bob. FIT3105 - Security and Identity Management

  7. Cryptography plaintext (data file or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages) FIT3105 - Security and Identity Management

  8. Private key cipher Encryption Decryption Encrypted message (ciphertext) Encrypted message (ciphertext) E Alice D Bob key Message (cleartext, plaintext) Message (cleartext,plaintext) FIT3105 - Security and Identity Management

  9. Basic terms • Cryptology (to be very precise) • Cryptography --- code designing • Cryptanalysis --- code breaking • Cryptologist: • Cryptographer & cryptanalyst • Encryption/encipherment • Scrambling data into unintelligible to unauthorised parties • Decryption/decipherment • Un-scrambling FIT3105 - Security and Identity Management

  10. Types of ciphers • Private key cryptosystems/ciphers • The secret key is shared between two parties • Public key cryptosystems/ciphers • The secret key is not shared and two parties can still communicate using their public keys FIT3105 - Security and Identity Management

  11. Examples of “Messages” • Types of secret “Messages” Alice might want to send Bob (in increasing length): • Decision (yes/no), eg. as answer to the question “Are we meeting tomorrow?” • Numerical Value, eg. as answer to the question “at what hour are we meeting?” • Document • Software, • Images etc. FIT3105 - Security and Identity Management

  12. Concepts • A private key cipher is composed of two algorithms • encryption algorithm E • decryption algorithm D • The same key K is used for encryption & decryption • K has to be distributed beforehand FIT3105 - Security and Identity Management

  13. Notations • Encrypt a plaintext P using a key K & an encryption algorithm E C = E(K,P) • Decrypt a ciphertext C using the same key K and the matching decryption algorithm D P = D(K,C) • Note: P = D(K,C) = D(K, E(K,P)) FIT3105 - Security and Identity Management

  14. The Caesar cipher (e.g) • The Caesar cipher is a substitution cipher, named after Julius Caesar. • Operation principle:each letter is translated into the letter a fixed number of positionsafter it in the alphabet table. • The fixed number of positions is a key both for encryption and decryption. FIT3105 - Security and Identity Management

  15. The Caesar cipher (cnt’d) K=3 Outer: plaintext Inner: ciphertext FIT3105 - Security and Identity Management

  16. An example • For a key K=3,plaintext letter: ABCDEF...UVWXYZciphtertext letter: DEF...UVWXYZABC • HenceTREATY IMPOSSIBLEis translated intoWUHDWB LPSRVVLEOH FIT3105 - Security and Identity Management

  17. Breaking classic ciphers • With the help of fast computers, 99.99% ciphers used before 1976 are breakable by using one of the 4 types of attacks (described later). • Modern cluster computers and future quantum computers can break several existing ciphers due to the power of such computers. FIT3105 - Security and Identity Management

  18. Breaking the Caesar cipher • By trial-and error • By using statistics on letters • frequency distributions of lettersletter percentA 7.49%B 1.29%C 3.54%D 3.62%E 14.00%.................................. FIT3105 - Security and Identity Management

  19. 0 0 = 0 1 1 = 0 0 1 = 1 1 0 = 1 Toy example of private key • Assume that a message is broken into 64-bit blocks and each 64-bit block of plaintext is encrypted separately: • Key space are combinations of numerical digits – max: 7 digits- • (eg: key = [1]; or key = [1,3], or key = [1,4,2]). • Assume that all 8 bits of a byte is used and key digits start from left to right. • Encryption: Each plaintext block is first shifted by the number of binary digits before the last non-zero digit of the key. It is then exclusive-ored with the key starting from the first byte of the block, repeatedly to the end of the block (the key moves a distance of its size from left to right of the plaintext block). • Decryption: do the reverse of encryption: the cipher-text is exclusive-ored and then shifted. : exclusive or FIT3105 - Security and Identity Management

  20. Using TPC • Use TPC to encrypt the plaintext “12345”, key = [1,4,2] • Use TPC to encrypt the plaintext “TREATY IMPOSSIBLE”; key = [4]; • Use TPC to encrypt the plaintext “100 dollars”, key = [2,4]; FIT3105 - Security and Identity Management

  21. Principles of Private Key Encryption • Devise cryptographic algorithms: • a set of fast functions (E1, E2, E3, ..En) that when in turn applied to an input (initial or intermediate input) will produce a more potentially scrambled output. • and a set of functions (D1,D2,D3, .. Dn) that when in turn applied to the cipher text (final or intermediate) will produce the original input text. • Devise algorithms, tests and proofs to validate your cryptographic algorithms • Analysing algorithms. • Tests with powerful computers such as specialised, parallel, cluster, or quantum computers. • Mathematical proofs. FIT3105 - Security and Identity Management

  22. Toy example of public key cryptography • Definition: The multiplicative inverse of x with modulo n is y such that (x*y) mod n = 1 E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1 • The above multiplicative inverse can be used to create a simple public key cipher: either x or y can be thought of as a secret key and the other is the public key. Let x = 3, y = 7, n = 10, and M be the message: • M = 4 ; • 3*4 mod 10 = 2; (ciphertext) - encrypting • 2*7 mod 10 = 4 = M ; (message) - decrypting • M =6 ; • 3*6 mod 10 = 8; • 8*7 mod 10 = 6 = M (message) FIT3105 - Security and Identity Management

  23. Problems with private key ciphers • In order for Alice & Bob to be able to communicate securely using a private key cipher, such as DES, they have to have a shared key in the first place. • Question: What if they have never met before ? • Alice needs to keep 100 different keys if she wishes to communicate with 100 different people FIT3105 - Security and Identity Management

  24. Motivation of Public Key Cryptography • Is it possible for Alice & Bob, who have no shared secret key, to communicate securely ? • This led to the SINGLE MOST IMPORTANT discovery of public key communications: • Diffie & Hellman’s ideas of public key cryptography: <private-key, public-key> FIT3105 - Security and Identity Management

  25. Main ideas • Bob: • publishes, say in Yellow/White pages, his • public (for encryption) key, and • encryption algorithm. • keeps to himself • the matching secret (for decryption) key. FIT3105 - Security and Identity Management

  26. Main ideas (2) • Alice: • Looks up the phone book, and finds out Bob’s • public key, and • encryption algorithm. • Encrypts a message using Bob’s public key and encryption algorithm. • sends the ciphertext to Bob. FIT3105 - Security and Identity Management

  27. Main ideas (3) • Bob: • Receives the ciphertext from Alice • Decrypts the ciphertext using his secret key, together with the decryption algorithm FIT3105 - Security and Identity Management

  28. Network Public Key Cryptosystem Public Key Directory (Yellow/White Pages) Bob: Cipher Text Cipher Text Plain Text Plain Text D E Secret Key Alice FIT3105 - Security and Identity Management Bob

  29. Main differences with DES • The public key is different from the secret key. • Infeasible for an attacker to find out the secret key from the public key. • No need for Alice & Bob to distribute a shared secret key beforehand ! • Only one pair of public and secret keys is required for each user ! FIT3105 - Security and Identity Management

  30. Realising public key ciphers • The most famous system that implements Diffie & Hellman’s ideas on public key ciphers is due to • Ronald Rivest • Adi Shamir • Leonard Adleman • This public key cryptosystem is called RSA. FIT3105 - Security and Identity Management

  31. Mathematical background Assume that we are working with non-negative integers: • Prime and composite numbers • a prime number is an integer that can be divided only by 1 and itself • E.g. 2, 3, 5, 7, 11, 13, 101, ...... • all other integers are composite • E.g. 4, 6, 8, 9, 10, 12, 523743960876432, 800164386535 FIT3105 - Security and Identity Management

  32. Mathematical background Modular operations • “remainder” • 13 mod 5 = 3, 1 mod 7 = 1 • 20 mod 5 = 0, 32 mod 7 = 4 • modular exponentiation • 22 mod 3 = 1, 32 mod 3 = 0 • 22 mod 5 = 4, 102 mod 92 = 8 • 46 mod 10 = 6, 311 mod 10 = 7 FIT3105 - Security and Identity Management

  33. Mathematical background • a is relative prime to b if the largest integer that divides both a & b is 1 • E.g: • any m (<>0) is relatively prime to a prime number • is 9 relatively prime to 10? FIT3105 - Security and Identity Management

  34. Mathematical background • Let ø(n) denote the total numbers that are less thann and relatively prime to n • If n is a prime number thenø(n) = n– 1 • If p, q are prime numbers and n=p*q, then • Ø(n) = Ø(p*q) = p*q – (p + q -1) = (p-1)*(q-1) - p & q are prime numbers => only multiples of p and q are not relatively prime to p*q - That is: there are (p + q – 1) multiples [0 is counted once] of p and q • E.g: p = 3; q=7; {0, 3, 7, 6, 9, 12, 14, 15, 18} are not relatively prime to p*q • Ø(n) = ø(p*q) = 12 ; {1,2,4,5,8,10,11,13,16,17,19,20} FIT3105 - Security and Identity Management

  35. Mathematical background • y & n are integers and y (mod ø(n)) = 1, for any x < n, xymod n = x (1) • E.g: • y=13 ; n=7; x = 4; • ø(n) = 6; y mod ø(n) = 13 mod 6 = 1; • xy = 413;xy mod n = 413 mod 6 = 4 = x mod n; FIT3105 - Security and Identity Management

  36. Mathematical background • The multiplicative inverse of x with modulo n is y such that: (x*y) mod n = 1 (2). • The above multiplicative inverse can be used to create a simple public key cipher: either x or y can be thought of as a secret key and the other is the public key. E.g: x=3; n=10; y=7; we have: (3*7) mod 10 = 1; • M =5 ; • 3*5 (mod 10) = 5 ; 5*7 (mod 10) = 5 = M (message) • M =6 ; • 3*6 (mod 10) = 8; 8*7 (mod 10) = 6 = M (message) FIT3105 - Security and Identity Management

  37. Network RSA Public Key Cryptosystem Public Key Directory (Yellow/White Pages) Bob: (e, n) public key: e & n Plain Text Cipher Text Cipher Text Plain Text c= m e mod n m= c d mod n Alice secret key: d FIT3105 - Security and Identity Management Bob

  38. RSA (1) • Bob: • chooses 2 large prime numbers: p, qmultiplies p and q: n = p*q • finds out two numbers e & d such that • (e * d) mod ø(n) = 1 [ similar to(2) ] Or (e * d) mod [(p-1)*(q-1)] = 1 • public key (published in the phone book) • 2 numbers: (e, n) • encryption alg: modular exponentiation • secret key: (d,n) FIT3105 - Security and Identity Management

  39. RSA (2) • Alice has a message m to be sent to Bob: • finds out Bob’s public encryption key (e, n) • calculatesme(mod n) -> c • sends the ciphertext c to Bob FIT3105 - Security and Identity Management

  40. RSA (3) • Bob: • receives the ciphertext c from Alice • uses his matching secret decryption key d to calculate cd(mod n) -> m FIT3105 - Security and Identity Management

  41. RSA --- 1st small example (1) • Bob: • chooses 2 primes: p=5, q=11multiplies p and q: n = p*q = 55 • finds out two numbers e=3 & d=27 which satisfy (3 * 27) mod 40 = 1 • Bob’s public key • 2 numbers: (3, 55) • encryption alg: modular exponentiation • secret key: (27,55) FIT3105 - Security and Identity Management

  42. RSA --- 1st small example (2) • Alice has a message m=13 to be sent to Bob: • finds out Bob’s public encryption key (3, 55) • calculates c:c = me(mod n) = 133(mod 55) = 2197(mod 55) = 52 • sends the ciphertext c=52 to Bob FIT3105 - Security and Identity Management

  43. RSA --- 1st small example (3) • Bob: • receives the ciphertext c=52 from Alice • uses his matching secret decryption key 27 to calculate m:m = 5227(mod 55) = 13 (Alice’s message) FIT3105 - Security and Identity Management

  44. Symmetric key size (in bits) Example algorithm DLP key size for equivalent security (p in bits) RSA key size for equivalent security (n in bits) ECC key size for equivalent security (n in bits) Key size ratio of RSA to ECC (approx) 56 - 512 512 112 5:1 80 SKIPJACK22 1024 1024 160 6:1 112 Triple DES 2048 2048 224 9:1 128 AES-128 3072 3072 256 12:1 192 AES-192 7680 7680 384 20:1 256 AES-256 15360 15360 512 30:1 Elliptic curve cryptosystem (ECC) Extract from my student’s Thesis – Markku N.M. Pekkarinen Key Size Equivalence Against Best Known Attacks (Based on López and Dahab, 2000 and Fibíková, 2002) FIT3105 - Security and Identity Management

  45. RSA and ECC challenges Progress in Integer Factorisation (Certicom 1997) FIT3105 - Security and Identity Management

  46. The Need of Digital Signature • Social & business activities and their associated documents are becoming digital • Authentication • digital conferences • digital contract signing • digital cash payments, ...... • Hand-written signatures are not applicable to digital data FIT3105 - Security and Identity Management

  47. ? Network D Digital Signature (based on RSA) Public Key Directory (Yellow/White Pages) Bob: Plain Text Plain Text Accept if equal + E Signature Signature Secret Key Cathy Bob Public Key FIT3105 - Security and Identity Management

  48. ? Network Digital Signature (for short doc) Public Key Directory (Yellow/White Pages) Bob: (e, n) Plain Text Plain Text Accept if equal + s = md mod n t =se mod n Signature Signature Secret Key d Cathy Bob Public Key (e, n) FIT3105 - Security and Identity Management

  49. RSA Signature --- an eg (1) • Bob: • chooses 2 primes: p=5, q=11multiplies p and q: n = p*q = 55 • finds out two numbers e=3 & d=27 which satisfy (3 * 27) mod 40 = 1 • Bob’s public key • 2 numbers: (3, 55) • encryption alg: modular exponentiation • secret key: (27,55) FIT3105 - Security and Identity Management

  50. RSA Signature --- an eg (2) • Bob has a document m=19 to sign: • uses his secret key d=27 to calculate the digital signature of m=19:s = md(mod n) = 1927(mod 55) = 24 • appends 24 to 19. Now (m, s) = (19, 24) indicates that the doc is 19, and Bob’s signature on the doc is 24. FIT3105 - Security and Identity Management

More Related