1 / 31

15-349 Introduction to Computer and Network Security

15-349 Introduction to Computer and Network Security. Iliano Cervesato 24 August 2008 – Introduction to Cryptography. Where we are. Course intro Cryptography Intro to crypto Modern crypto Symmetric encryption Asymmetric encryption Beyond encryption Cryptographic protocols

juancarlos
Télécharger la présentation

15-349 Introduction to Computer and Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 15-349Introduction to Computer and Network Security Iliano Cervesato 24 August 2008 – Introduction to Cryptography

  2. Where we are • Course intro • Cryptography • Intro to crypto • Modern crypto • Symmetric encryption • Asymmetric encryption • Beyond encryption • Cryptographic protocols • Attacking protocols • Program/OS security & trust • Networks security • Beyond technology

  3. Outline • Basic concepts • Protecting information • Goals of cryptography • Brief history • Cryptographic toolbox (preview) • Cryptanalysis • Traditional attack models • Side-channel attacks • Early ciphers • Substitution ciphers • Transposition ciphers

  4. E D Confidentiality of Communication Implement a virtualtrusted channel over an insecure medium

  5. Confidentiality of storage Implement a virtualtrusted safebox over an insecure storage medium E

  6. Insecure Channels External observer can • Read traffic • Interception • Inject new traffic • Fabrication • Block traffic … (sometimes) • Interruption • Modify traffic … (sometimes) • Modification Passive attack Active attack

  7. Representing Data • Divide data into blocks • Character, records, … • Represent each block by a number • E.g., ASCII • Why? • Cryptography is based on mathematics

  8. Encryption and Decryption Encryption Decryption Encrypted message (ciphertext) Encrypted message (ciphertext) E, D realize a virtual trusted channel E X D X Message (cleartext, plaintext) Message (cleartext, plaintext)

  9. Keys What are E and D? • Channel-specific algorithm • Requires a lot ofalgorithms • Hard • Universal algorithms • Parameterized by key • Easier • 1 algorithm • Large space of keys E m s k E m s

  10. Classical Cryptography Encryption Decryption Encrypted message (ciphertext) Encrypted message (ciphertext) E, D realize a virtual trusted channel, given key E X D X Message (cleartext, plaintext) key key Message (cleartext, plaintext)

  11. Goals of Cryptography Not just about confidentiality! • Integrity • Digital signatures • Hash functions • Non-repudiation, fair exchange • Contract signing • Anonymity • Electronic cash • Electronic voting • … Non-goals • Denial of service

  12. A Brief History of Cryptography • ~2000 years ago: Substitution ciphers • A few centuries later:Transposition ciphers • Renaissance: Polyalphabetic ciphers • 1844: Mechanization • 1976:Public-key cryptography

  13. A  V B  E C  Z D  C E  W F  G G  O H  L I  Q J  N K  H L  F M  A N  B O  S P  R Q  I R  D S  U T  Y U  K V  X W  M X  T Y  J Z  P A  C B  E D  F … X  A Y  B Z  C Substitution Ciphers Caesar’s cipher: Replace each letter with another • Key: substitution table • How to break it? • Brute force? 26! possibilities (= 4x1026) • Count the frequencies of letters, pairs, … • Koran was tabulated by 1412 • Ciphertext is enough: ciphertext-only attack • Example: QVAQBCWZQRLWDVEFW IAMINDECIPHERABLE

  14. + (mod 26) Renaissance Ciphers Use message and key letters for cipher • Key: a word (CRYPTO) • Example: • Polyalphabetic cipher: • Encryption of letter is context-dependent • Seed of modern cryptography WHATANICEDAYTODAY CRYPTOCRYPTOCRYPT ZZZJUCLUDTUNWGCQS

  15. + (mod 26) Book Ciphers Same thing but with very long key • Key: a poem, a book, …(TOBEORNOTTOBETHATISTHEQUESTION…) • Example: • … there are not all that many famous books, poems, etc. WHATANICEDAYTODAY TOBEORNOTTOBETHAT PVBXOEVQXWOZXHKAR

  16. + (mod 26) One-Time Pad Same thing, but now key is a infinite random string • Example: • This is a perfect cipher • How to remember/transmit the key?? • Short key stretched by means of a random number generator • Vernam cipher • Use  (xor) to combine key and message WHATANICEDAYTODAY YKSUFTGOARFWPFWEL ZZZJUCLUDTUNWGCQS

  17. Book Ciphers • Same thing, but now use a very long key

  18. 1 2 3 4 5 3 5 4 1 2 Transposition Ciphers k = Switch letters around by a permutation • Example: HELLOWORLD • Key: permutation • Breakable with ciphertext-only attack LOLHERDLWO

  19. More transposition • Write code in rows and read it in columns • A very regular type of permutation THEGOALOFSUBSITUTIONISCONFUSIONXXXX THE GOAL OF SUBSITUTION IS CONFUSION TOTSIHFUCOESTONGUINXOBOFXASNUXLIISX

  20. Confusion Replace symbol with another Diffusion Mix up symbols Confusion and Diffusion WHATANI WHATANI ZZZJUCL ANWIHAT Modern ciphers are a combination

  21. We willexaminein somedetail Mechanization The Enigma • 1844: invention of telegraph • Beginning of civilian crypto • Rotor machines • Key: initial position of rotors • Culminate in WW II • 1975: DES • 1996-2000 AES • 1976: Public key cryptography

  22. Cryptographic Toolbox • Encryption • Symmetric • Asymmetric • Digests • Hashing • Digital signatures • Certificates

  23. Symmetric Encryption Encryption box Decryption box Encrypted message (ciphertext) Encrypted message (ciphertext) Dk(Ek(m)) = m E M X D M X k Message (cleartext) Message (cleartext) Secret key

  24. Asymmetric Encryption Encryption box Decryption box Ciphertext Ciphertext Dk (Ek(m)) = m E M X D M X Cleartext k-1 k Cleartext Public data k Public key Private key -1

  25. Digital Signatures Signature box Verification box Signature Signature Vk (m,s) = S M, s M V M, s M Message k-1 k Message Public data k signature key Verification key true if s =Sk(m) false otherwise -1

  26. Certificates How do you know this public key is mine? • Certificate • Binding between key and owner • Certified by authority • Who is the authority? • Public-key infrastructure

  27. Message Digests • Short message to certify integrity • Un-keyed • Checksums, hashes • No crypto • Anybody can calculate/modify it • Keyed • MACs • Based on a secret key • Only owners can calculate/modify it

  28. Cryptanalysis The art  science of breaking a cipher • Try all possible plaintext corresponding to a ciphertext • Plain silly! • Try all possible keys for an encryption algorithm • Algorithm must be known • Enormous space of keys • Exploit weaknesses, regularities, shortcuts • Side-channel attacks • E.g., basic substitution cipher

  29. What is “breaking a cipher”? • Recover the key k • Hard • Often not needed! • Decipher a single message • Decipher all messages • Modify messages • “Attack at dawn”  “attack at dusk” • Exploit properties of the cipher

  30. Attack Models Random Random Ek(m) Good ciphers resist all attack models x m, x Ciphertext Only Known Plaintext Chosen Ek(m) Chosen Dk(x) m, x x, m Chosen Plaintext Chosen Ciphertext

  31. Differential Power Analysis on DES Sneaky Attacks 1 2 3 4 5 6 7 8 9 10 11 1213141516 Detail: Round 2 Round 3 From http://www.cryptography.com/dpa/technical • Obtain the key somehow • Network sniffers, worms, backup tapes, … • Blackmail, bribery, torture, … • Side-channel cryptanalysis • Power consumption • Encryption time • Radiation Be careful!  off-peak computation  random noise  physical shielding Better implementation and design

More Related