PublicKey Cryptography and Message Authentication - PowerPoint PPT Presentation

1 / 32
About This Presentation
Title:

PublicKey Cryptography and Message Authentication

Description:

Approaches to Message Authentication. Secure Hash Functions and HMAC ... An authentication tag is generated and appended to each message. Message Authentication Code ... – PowerPoint PPT presentation

Number of Views:103
Avg rating:3.0/5.0
Slides: 33
Provided by: Vic279
Category:

less

Transcript and Presenter's Notes

Title: PublicKey Cryptography and Message Authentication


1
Chapter3
  • Public-Key Cryptography and Message Authentication

Henric Johnson Blekinge Institute of Technology,
Sweden http//www.its.bth.se/staff/hjo/ henric.joh
nson_at_bth.se
2
OUTLINE
  • Approaches to Message Authentication
  • Secure Hash Functions and HMAC
  • Public-Key Cryptography Principles
  • Public-Key Cryptography Algorithms
  • Digital Signatures
  • Key Management

3
Authentication
  • Requirements - must be able to verify that
  • 1. Message came from apparent source or
    author,
  • 2. Contents have not been altered,
  • 3. Sometimes, it was sent at a certain time or
    sequence.
  • Protection against active attack (falsification
    of data and transactions)

4
Approaches to Message Authentication
  • Authentication Using Conventional Encryption
  • Only the sender and receiver should share a key
    does not guarantee non-repudiation!
  • Message Authentication without Message Encryption
  • An authentication tag is generated and appended
    to each message
  • Message Authentication Code
  • Calculate the MAC as a function of the message
    and the key. MAC F(K, M)

5
(No Transcript)
6
One-way HASH function
7
One-way HASH function
  • Secret value is added before the hash and removed
    before transmission.

8
Secure HASH Functions
  • Purpose of the HASH function is to produce a
    fingerprint.
  • Properties of a HASH function H
  • H can be applied to a block of data at any size
  • H produces a fixed length output
  • H(x) is easy to compute for any given x.
  • For any given block x, it is computationally
    infeasible to find x such that H(x) h
  • For any given block x, it is computationally
    infeasible to find with H(y) H(x).
  • It is computationally infeasible to find any pair
    (x, y) such that H(x) H(y)

9
Simple Hash Function
  • One-bit circular shift on the hash value after
    each block is processed would improve

10
Message Digest Generation Using SHA-1
11
SHA-1 Processing of single 512-Bit Block
12
Other Secure HASH functions
13
HMAC
  • Use a MAC derived from a cryptographic hash code,
    such as SHA-1.
  • Motivations
  • Cryptographic hash functions executes faster in
    software than encryptoin algorithms such as DES
  • Library code for cryptographic hash functions is
    widely available
  • No export restrictions from the US

14
HMAC Structure
15
Public-Key Cryptography Principles
  • The use of two keys has consequences in key
    distribution, confidentiality and authentication.
  • The scheme has six ingredients (see Figure 3.7)
  • Plaintext
  • Encryption algorithm
  • Public and private key
  • Ciphertext
  • Decryption algorithm

16
Encryption using Public-Key system
17
Authentication using Public-Key System
18
Applications for Public-Key Cryptosystems
  • Three categories
  • Encryption/decryption The sender encrypts a
    message with the recipients public key.
  • Digital signature The sender signs a message
    with its private key.
  • Key echange Two sides cooperate two exhange a
    session key.

19
Requirements for Public-Key Cryptography
  • Computationally easy for a party B to generate a
    pair (public key KUb, private key KRb)
  • Easy for sender to generate ciphertext
  • Easy for the receiver to decrypt ciphertect using
    private key

20
Requirements for Public-Key Cryptography
  • Computationally infeasible to determine private
    key (KRb) knowing public key (KUb)
  • Computationally infeasible to recover message M,
    knowing KUb and ciphertext C
  • Either of the two keys can be used for
    encryption, with the other used for decryption

21
Public-Key Cryptographic Algorithms
  • RSA and Diffie-Hellman
  • RSA - Ron Rives, Adi Shamir and Len Adleman at
    MIT, in 1977.
  • RSA is a block cipher
  • The most widely implemented
  • Diffie-Hellman
  • Echange a secret key securely
  • Compute discrete logarithms

22
The RSA Algorithm Key Generation
  • Select p,q p and q both prime
  • Calculate n p x q
  • Calculate
  • Select integer e
  • Calculate d
  • Public Key KU e,n
  • Private key KR d,n

23
Example of RSA Algorithm
24
Another Example of RSA Algorithm
25
The RSA Algorithm - Encryption
  • Plaintext Mltn
  • Ciphertext C Me (mod n)

26
The RSA Algorithm - Decryption
  • Ciphertext C
  • Plaintext M Cd (mod n)

27
Diffie-Hellman Global Elements
28
Diffie-Hellman Key Echange
29
Other Public-Key Cryptographic Algorithms
  • Digital Signature Standard (DSS)
  • Makes use of the SHA-1
  • Not for encryption or key echange
  • Elliptic-Curve Cryptography (ECC)
  • Good for smaller bit size
  • Low confidence level, compared with RSA but
    supposed to be harder to perform brute-force
    attack
  • Very complex

30
RSA versus DSS for Signature
31
Applications of Public-Key Cryptosystems
32
Key ManagementPublic-Key Certificate Use
Write a Comment
User Comments (0)
About PowerShow.com