Security and Cryptography

1
Security and Cryptography

• Security all issues which make secure
  communication (information transmission, two
  (multiple) party interaction) over insecure
  channels.
• Cryptography the science and art of manipulating
  messages to make them secure.
• Classical cryptographic techniques.
• Along with the development of communication
  networks and their broad applications, network
  security is becoming a more serious problem.
• Thus, call for modern cryptography.

2
replay
Request
Server
Client
Response
Attacker
Server
Server Imposter
Client
Man in the middle
Client
Server
Network security threads in two party
communication
Figure 11.1 - Part 1
3
Security requirements for transmitting information

• Privacy or confidentiality the information
  should be readable only by the intended receiver.
  i.e., protect the information from eavesdropping.
  
• Integrity the receiver can confirm that a
  message has not been altered during transmission,
  i.e., protect the information from tampering.
• Authentication any party (sender or receiver)
  can verify that the other party is who he or she
  claims to be, i.e., validate the identity of the
  other party.
• Nonrepudiation the sender can not deny having
  sent a given message. i.e., if a transaction
  (e.g., a purchase) has occurred between two
  parties, the nonrepudiation service can prove
  that for any party, he/she really performed the
  transaction him/herself, not by any other person.

4
Approaches to implementing security
By encryption (and decryption)
Confidentiality
Sender encrypts the message using a key and
sends the encrypted message. Receiver decrypts
the encrypted message using the same key as the
senders key or a key derivable
from the senders key.
Integrity
By checksum or hash value/message digest.
Sender computes checksum/hash value/message
digest from the message and sends
the message along with the checksum/hash
value/message digest. Receiver re-computes
checksum/hash value/message digest from received
message and compares with the
transmitted checksum/hash value/message digest.
Both are transmitted
message
checksum
In some sense, it likes error-detection.
Problem the attacker, after intercepting the
message, modifies the message, computes
the checksum for modified message, and resends
them.
Solution keyed checksum/hash value/message
digest.
Message checksum are transmitted
key
message
checksum
5
Approaches to implementing security (cont.)
Authentication
Traditional user ID and password.
Modern cryptography based authentication. --Dig
ital signature.
Undeniable signature, i.e.,
Nonrepudiation
Digital signature verification protocol
disavowal protocol
6
Key management and exchange

• Key is the essential part in any cryptosystem.
• How to distribute/exchange key/keys between two
  users/any pair of multiple users.
• Therefore key management and exchange come into
  play.
• Chapter 8.1, 8.4 (Diffie-Hellman key exchange)

7
Cryptography applications in real world

• Many network applications need secure
  transmissions.
• The Internet has implemented a suite of security
  protocols combining secret-key, public-key,
  digital signature, message digest, etc.
• IPSec (IP security) i.e., IP layer / network
  layer
• SSL (Secure Socket Layer) TLS (Transport Layer
  Security) transport layer
• SSH, SFTP, HTTPS, PGP application layer
• PKI and X.509 certificate.

8
Topics covered by this course

• Encryption decryption
• Classical techniques (chapter 1)
• Secret key cryptosystems DES and AES (chapter 3)
• Public key cryptosystems RSA (chapter 5) and
  ElGamal system (Chapter 6.1, 6.2), knapsack
  system (chapter 5.3, old edition)
• Digital signature Chapter 7.1, 7.2, 7.3
• Hash function and MACs Chapter 4.1 4.4
• Diffie-Hellman key exchange and problem
• Chapter 8.1, 8.4 (old edition) and Chapter 6.7.3
• Network security protocols
• IPSec, SSL, SSH, X.509, (dependent on time)

9
Authentication VS. Authorization
Authentication to prove a person is really who
he/she claims to be.
Authorization
verify that whether a legal person has the
privilege to perform a task or a right to access
certain resources after the person has been
authenticated. Called access control.
Ex. A client process contacts a file server
I am Xukais process and I want to delete
cookbook.old.
The server needs to determine two issues 1.
Is this actually Xukais process
(authentication)? 2. Is Xukai allowed to
delete cookbook.old (authorization)?
Another example user logins on to Unix system by
ID and password, Files owner, group, world and
read, write,execute for access control..
10
Classification of cryptographic techniques

• Classical cryptography
• Substitution cipher
• Replace characters in plaintext by cipher
  characters
• Monoalphabetic any character is mapped into a
  unique cipher character.
• shift cipher, substitution cipher, Affine
  cipher,
• Polyalphabetic cipher a character may be mapped
  into several cipher characters depending on
  locations
• Vigenere cipher and Hill cipher
• Stream cipher
• Permutation (transposition) cipher change the
  characters positions.
• Modern cryptography
• Secret key cryptosystem
• Public key cryptosystem
• Classical cryptographic techniques belong to
  secret key cryptosystem.

11
Why public-key cryptography

• The two communicants in secret key system require
  the
• prior communication of key, using a
  secure channel.
• it is very difficult to achieve in
  practice. Unless the two
• communicants meet together, phone call,
  post mail, email
• etc., are not secure.

• Suppose there are n users and every pair of users
  want to
• communicate. In secret-key system, it is
  necessary that
• the total number of keys is n(n-1)/2. Very
  difficult to
• management and quite insecure.
• However, in public-key system, every user
  selects his/her
• own private key and public key, and
  publicizes the public
• key but keep the private key secret. Quite
  easy and very secure.

The main problem with public-key system is that
it is very slow.
12
cryptology

• Cryptology cryptography cryptanalysis.
• Cryptography devise cryptosystems.
• Cryptanalysis break cryptosystems.

13
Kerckhoff principle and attack levels

• Kerckhoff principle the cryptosystem is
  publicly known, but only the key is secret.
  Breaking a cryptosystem (i.e., cryptanalysis)
  means figuring out the key currently used.
• Attack levels
• Ciphertext-only the attacker possesses a string
  of ciphertext, y.
• Known plaintext the attacker possesses a string
  of plaintext, x, and the corresponding
  ciphertext, y.
• Chosen plaintext the attacker has obtained
  temporary access to the encryption machinery.
  Hence, he can choose a plaintext string, x, and
  construct the corresponding ciphertext string, y.
• Chosen ciphertext the attacker has obtained
  temporary access to the decryption machinery.
  Hence, he can choose a ciphertext string, y, and
  construct the corresponding plaintext string, x.

14
Computational VS. unconditional security

• A cryptosystem is said to be computationally
  secure if the best known algorithm of breaking
  the system requires an unreasonably large amount
  of computer time.
• A cryptosystem is said to be unconditionally
  secure if it cannot be broken, even with infinite
  computational time.

Question public-key system is computationally
secure or unconditionally secure?
Computationally secure because the private-key
can be derived from public-key and as long as
enough time is given, the private key can
be computed.
15
Security issues in multiple party communication

• Called secure group communication
• Use multicast technique to achieve group
  communication
• Use cryptographic techniques to achieve secure
  communication among group members
• Dynamics users can join or leave the group at
  anytime, but prevent the joining user or leaving
  user from decrypting the previous or future
  messages
• How to prevent misbehavioring group members from
  doing bad things.

16
Typical cryptosystem (used in this course)
Oscar
y
x
x
Alice
encrypter
Bob
decrypter
Secure channel
K
Key source
x plaintext y ciphertext
Encryption transform x into y using key K,
denoted eK.. Decryption transform y back to x
using key K, denoted dK
i.e., yeK(x) and xdK(y) thus, dK(eK(x)) x.
K is the key for the encryption and decryption.
Alice and Bob get the key K via secure channel.
On the other hand, Oscar, who does not have the
key K, can not decrypt y.
17
Formal definition of a cryptosystem

• A five tuple (P, C, K, E, D) where the
  following conditions are satisfied
• P finite set of possible plaintexts
• C finite set of possible ciphertexts
• K key space, finite set of possible keys
• For each K ? K , there is an encryption rule eK ?
  E and a corresponding decryption rule dK ? D .
  Each eK P ? C and dK C ? P are functions
  such that dK(eK (x)) x for every plaintext x ?
  P.

18
Message string encryption

• The message is x x1x2xn where each xi ?P .
• The encrypted message is y y1y2yn where each
  yi eK(xi).
• Clearly each eK must be an injective function
  (one-to-one).
• If y eK(x1) eK(x2) and x1 ? x2, then there
  is no way of knowing whether y should be
  decrypted x1 or x2.