1 / 25

15-441 Computer Networking

15-441 Computer Networking. Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others. Security Threats. Impersonation Pretend to be someone else to gain access to information or services Insecrecy Eavesdrop on data over network Corruption

merritt-nixon
Télécharger la présentation

15-441 Computer Networking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others

  2. Security Threats • Impersonation • Pretend to be someone else to gain access to information or services • Insecrecy • Eavesdrop on data over network • Corruption • Modify data over network • Repudiation • Deny sending a message • Break-ins • Take advantage of implementation bugs • Denial of Service • Flood resource to deny use from legitimate users

  3. Three Levels of Defense • Firewalls • Filtering “dangerous” traffic at a middle point in the network • Covered next lecture • Network level security (e.g. IPsec) • Host-to-host encryption and authentication • Can provide security without application knowledge • Cannot always protect applications from each other • Application level security • True end-to-end security • Requires extra effort per application • Libraries help, like SSL/TLS

  4. Private Key Authentication • Alice wants to talk to Bob • Needs to convince him of her identity • Both have private key k • Naive scheme Alice Bob • Vulnerability? “I am Alice”, x, E(x, k)

  5. Replay Attack • Eve can listen in and impersonate Alice later Alice Bob Eve “I am Alice”, x, E(x, k) “I am Alice”, x, E(x)

  6. Preventing Replay Attacks • Bob can issue a challenge phrase to Alice Alice Bob “I am Alice” x E(x, k)

  7. Private Key Cryptosystems • Finite message domain M, key domain K • Key k  K • Known by all parties • Must be secret • Encrypt: E: M × K  M • Plaintext mp to ciphertext mc as mc = E(mp, k) • Decrypt: D: M × K  K • mp = D(mc, k) = D(E(mp, k), k) • Cryptographic security • Given mc, hard to determine mp or k • Given mc and mp, hard to determine k

  8. One Time Pad • Messages • n-bit strings [b1,…,bn] • Keys • Random n-bit strings [k1,…,kn] • Encryption/Decryption • c = E(b, k) = b  k = [b1  k1, …, bn  kn] •  denotes exclusive or • b = D(b, k) = c  k = b  k  k = b  [1, …, 1] = b • Properties • Provably unbreakable if used properly • Keys must be truly random • Must notbe used more than once • Key same size as message

  9. Simple Permutation Cipher • Messages • n-bit strings [b1,…,bn] • Keys • Permutation  of n • Let  = -1 • Encryption/Decryption • E([b1,…,bn], ) = [b  (1),…,b  (n)] • D([b1,…,bn], ) = [b  (1),…,b  (n)] • Properties • Cryptanalysis possible • Only small part of plaintext and key used for each part of ciphertext

  10. Data Encryption Standard (DES)

  11. Initialization Termination … Round Round Round Overview Plaintext Key Key Key Key Cyphertext 16 rounds of permutations and substitution DES is a 64-bit block cipher. Both the plaintext and ciphertext are 64 bits wide. The key is 64-bits wide, but every eighth bit is a parity bit yielding a 54-bit key.

  12. Initial Permutation Initialization Key Right Half Plaintext Round Left Half

  13. Reverse Initial Permutation Termination Key Right Half Round Ciphertext Left Half

  14. Permutations and substitution XOR A Round Transformed Key (48-bit) Right Half Right Half Left Half Left Half

  15. S-Box Substitution P-Box Permutation XOR E-Box Permutation Permutations and Substitutions Transformed Key (48-bit) Right Half 8 S-Boxes are used by the P-Box

  16. split shift shift Compression Permutation Key Transformation 28-bit left semikey 64-bit Key Remove parity bit 56-bit Key 28-bit right semikey 28-bit shifted left semi-key 48-bit semi-key 28-bit shifted right semi-key

  17. E-Box (Expansion Box) 1 32 1 2 3 4 5 6 7 8 .. .. .. .. 29 30 31 32 48 1 2 3 4 5 6 7 8 9 10 11 .. .. .. .. 44 45 46 47 48 1

  18. S-Box (Substitution Box) There are 8 different S-Boxes, each of which provides a different 6:4 mapping. Where’d they come from? Some combination of IBM and NSA. The mappings are based on cryptanalysis and are ostensibly free of weaknesses, back-doors, &c.

  19. P-Box (Permutation Box) 48-bit input S-Box 6 S-Box 7 S-Box 8 S-Box 2 S-Box 3 S-Box 4 S-Box 5 S-Box 1 32-bit output

  20. Block Cipher Modes • “How do we break a message down into blocks for encryption by DES or another block cipher?”

  21. E(block) E(block) E(block) E(block) E(block) E(block) Block 1 Block 2 Block 3 Block 4 Block 5 … Block 1 Block 2 Block 3 Block 4 Block 5 … Electronic Code Book (ECB) Mode Plaintext Block Encryption Ciphertext • Pad last block, if necessary

  22. E(block) XOR XOR XOR XOR XOR E(block) E(block) E(block) E(block) Random Block 1 Block 2 Block 3 Block 4 … Block 2 Block 3 Block 4 Block 5 … Cipher Block Chaining (CBC) Mode Plaintext Block Encryption Ciphertext • Pad last block, if necessary • Random Block called IV can be sent in plain text. Not a secret – just prevents a codebook. Often times a timestamp.

  23. E(register) Leftmost C I-6 C I-5 C I-4 C I-3 C I-2 C I-1 Cipher Feedback Mode (CFB) Mode 1 unit is 1/N block Shift Register (1 Block wide) Block Encryption Encrypted Register After each unit, shift input register and insert the most recently generated unit of ciphertext Next unit of Ciphertext Next unit of Plaintext XOR output

  24. E(register) Leftmost C I-6 C I-5 C I-4 C I-3 C I-2 C I-1 Output Feedback Mode (OFB) Mode 1 unit is 1/N block Shift Register (1 Block wide) Block Encryption Encrypted Register After each unit, shift input register and insert the leftmost unit of the encrypted register. Next unit of Ciphertext Next unit of Plaintext XOR output

  25. Other Ciphers • Triple-DES • DES three times • mc = E(D(E(mp, k1), k2, k3) • Effectively 112 bits • Three times as slow as DES • Blowfish • Developed by Bruce Schneier circa 1993 • Variable key size from 32 to 448 bits • Very fast on large general purpose CPUs (modern PCs) • Not very easy to implement in small hardware • Advanced Encryption Standard (AES) • Selected by NIST as replacement for DES in 2001 • Uses the Rijndael algorithm • Keys of 128, 192 or 256 bits

More Related