html5-img
1 / 39

CS457 – Introduction to Information Systems Security Cryptography 1b

CS457 – Introduction to Information Systems Security Cryptography 1b. Elias Athanasopoulos elathan@ics.forth.gr. Cryptography Elements. Symmetric Encryption Block Ciphers Stream Ciphers Asymmetric Encryption Cryptographic Hash Functions Applications. The need for randomness.

jelani-holloway
Télécharger la présentation

CS457 – Introduction to Information Systems Security Cryptography 1b

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CS457 – Introduction to Information Systems SecurityCryptography 1b Elias Athanasopoulos elathan@ics.forth.gr

  2. Cryptography Elements • Symmetric Encryption • Block Ciphers • Stream Ciphers • Asymmetric Encryption • Cryptographic Hash Functions • Applications Elias Athanasopoulos

  3. The need for randomness Elias Athanasopoulos

  4. The need for randomness • Key distribution • Replay attacks (nonces) • Session key generation • Generation of keys for the RSA public-key encryption algorithm • Stream ciphers Elias Athanasopoulos

  5. Randomness • Uniform distribution • The distribution of bits in the sequence should be uniform; that is, the frequency of occurrence of ones and zeros should be approximately equal. • Independence • No one subsequence in the sequence can be inferred from the others. • Security requirement • Unpredictability Elias Athanasopoulos

  6. Random Generator Types • True Random Number Generators (TRNGs) • Pseudo-random Number Generators (PRNGs) • Pseudo-random Functions (PRFs) Elias Athanasopoulos

  7. Elias Athanasopoulos

  8. TRNGs Elias Athanasopoulos

  9. PRNGs r = f(seed); Elias Athanasopoulos

  10. Requirements • Uniformity • Occurrence of a zero or one is equally likely. The expected number of zeros (or ones) is n/2, where n = the sequence length • Scalability • Any test applicable to a sequence can also be applied to subsequences extracted at random. If a sequence is random, then any such extracted subsequence should also be random • Consistency • The behavior of a generator must be consistent across starting values (seeds) Elias Athanasopoulos

  11. Tests • Frequency test • Determine whether the number of ones and zeros in a sequence is approximately the same as would be expected for a truly random sequence • Runs test • Determine whether the number of runs of ones and zeros of various lengths is as expected for a random sequence • Maurer’s universal statistical test • Detect whether or not the sequence can be significantly compressed without loss of information. A significantly compressible sequence is considered to be non-random Elias Athanasopoulos

  12. Unpredictability • Forward unpredictability • If the seed is unknown, the next output bit in the sequence should be unpredictable in spite of any knowledge of previous bits in the sequence • Backward unpredictability • It should also not be feasible to determine the seed from knowledge of any generated values. No correlation between a seed and any value generated from that seed should be evident; each element of the sequence should appear to be the outcome of an independent random event whose probability is 1/2 Elias Athanasopoulos

  13. Seed Elias Athanasopoulos

  14. Cryptographic PRNGs • Purpose-built algorithms • Designed specifically and solely for the purpose of generating pseudorandom bit streams. • Algorithms based on existing cryptographic algorithms • Cryptographic algorithms have the effect of randomizing input. Indeed, this is a requirement of such algorithms. Three broad categories of cryptographic algorithms are commonly used to create PRNGs: • Symmetric block ciphers • Stream ciphers • Asymmetric ciphers • RSA, compute primes • Hash functions and message authentication codes Elias Athanasopoulos

  15. Example Xn+1= (aXn+ c) mod m Selection of a, c, and m, is verycritical: • a=7, c=0, m=32 • {7, 17, 23, 1, 7, etc.} • a=5 • {5, 25, 29, 17, 21, 9, 13, 1, 5, etc.} • In theorym shouldbevery large (2^31) Elias Athanasopoulos

  16. Stream ciphers Elias Athanasopoulos

  17. Elias Athanasopoulos

  18. /* Initialization */ for i = 0 to 255 do S[i] = i;T[i] = K[i mod keylen]; RC4 /* Initial Permutation of S */ j = 0;for i = 0 to 255 do j = (j + S[i] + T[i]) mod 256; Swap (S[i], S[j]); /* Stream Generation */ i, j = 0;while (true) i = (i + 1) mod 256; j = (j + S[i]) mod 256; Swap (S[i], S[j]); t = (S[i] + S[j]) mod 256; k = S[t]; Elias Athanasopoulos

  19. Asymmetric Encryption Elias Athanasopoulos

  20. What is a prime number? Elias Athanasopoulos

  21. An integer p >1 is a prime number if and only if its only divisors are: 1,+p, and -p. Elias Athanasopoulos

  22. More maths • Any integer a > 1 can be factored in a unique way as: Elias Athanasopoulos

  23. Determining the prime factors of a large number is no easy task! Elias Athanasopoulos

  24. Public-Key Cryptography Elias Athanasopoulos

  25. Properties • 2 keys • Public Key (no secrecy) • Private Key (if stolen everything is lost) • Easy algorithm, but hard to reverse • Y = f(X), easy • X = f-1(X), computationally hard • Computationally hard means solvable in non-polynomial time Elias Athanasopoulos

  26. RSA Plaintext = M, cipher = C C = Memod n M = Cd mod n = (Me mod n)d = Medmod n Public Key = {e, n} Private Key = {d, n} Elias Athanasopoulos

  27. Euler’s totient function • Written φ(n), and defined as the number of positive integers less than n and relatively prime to n. By convention, φ(1) = 1. Elias Athanasopoulos

  28. n=pq, p, q are prime numbersφ(n) = φ(pq) =φ(p) φ(q) =(p-1)(q-1) Just believe me that this holds! (i.e., φ(pq) =φ(p) φ(q)) Elias Athanasopoulos

  29. RSA Steps • p, q, two prime numbers • Private • n = pq • n can be public, but recall that it is hardto infer p and q by just knowing n • e is relative prime to φ(n) • Public • Recall φ(n) = (p-1)(q-1) • d from e, and φ(n) • Private Elias Athanasopoulos

  30. RSA example • Select p= 17 and q= 11 • Then, n= pq= 17×11 = 187. • φ(n)=(p-1)(q-1)=16×10=160. • Select erelatively prime to φ(n) = 160 and less than φ(n); e= 7. • Determined - de=1 (mod 160)andd< 160, - The correct value is d= 23, because 23 × 7 = 161 = (1 × 160) + 1; Elias Athanasopoulos

  31. Computational Aspects • RSA builds on exponents • Intensive operation • Sidechannels Elias Athanasopoulos

  32. Cryptographic Hash Functions Elias Athanasopoulos

  33. How it works? Elias Athanasopoulos

  34. Integrity and Message Authentication • Integrity • (e.g., download a file) • Message digest • Message Authentication Code (MAC) • Used between two parties that share a secret key to authenticate information exchanged between those parties • Input is a secret key and a data block and the product is their hash value, referred to as the MAC • An attacker who alters the message will be unable to alter the MAC value without knowledge of the secret key Elias Athanasopoulos

  35. Digital Signatures • The hash value of a message is encrypted with a user’s private key. Anyone who knows the user’s public key can verify the integrity of the message that is associated with the digital signature. Elias Athanasopoulos

  36. Simple Hash Functions Elias Athanasopoulos

  37. Essentially based on compression Elias Athanasopoulos

  38. Requirements Elias Athanasopoulos

  39. Applications for Hash Functions • Passwords • Never stored in plain • Server stores only the hash value • Salt (same plain goes to different hash) • Cracking • GPUs • Dictionary attacks Elias Athanasopoulos

More Related