Using Encryption Protocols

1
Using Encryption - Protocols

• Lecture 6
• Key distribution schemes
• Digital Signatures

2
Reading assignment

• Reading assignments for September 15
• Required
• Pfleeger Ch 4
• Recommended
• AES News AES may have been broken. Serpent,
  too. Or maybe not. In either case, there's no
  need to panic. Yet. But there might be soon.
  Maybe. (http//www.counterpane.com )
• Reading assignments for September 17
• Required
• Smith Ch 1, Ch 2

3
Protocols

• Good protocol characteristics
• Established in advance
• Mutually subscribed
• Unambiguous
• Complete

4
Protocols to solve problems

• Key distribution
• Digital Signatures
• Electronic Voting
• Oblivious Transfer (read only)
• Contract Signing (read only)

5
Symmetric-Key Distribution Symmetric-Key
Techniques

• Symmetric-Key without Server
• Change encryption key E(Knew,K), where Knew is
  the session key, K is the master key
• Diffie-Hellman Key Exchange
• Symmetric-Key with Server
• P,R communication
• P to Center (P,R,IP)
• Center to P E((IP,R,KPR,E((KPR,P), KR), KP)
• P to R E((KPR,P), KR)

6
Symmetric-Key Distribution Public-Key Techniques

• Simple secret key distribution
• Secret key distribution with confidentiality and
  authentication
• Diffie-Hellman Key Exchange

7
Simple secret key distribution

• KE-S ID-S
• 2. E KE-S(Ksession)

Sender
Recipient
Vulnerable to active attack!
8
With confidentiality and authentication

• E KE-RN1ID-A
• 2. E KE-SN1N2
• 3. E KE-RN2
• 4. E KE-R E KD-S(Ksession)

Sender
Recipient
9
Diffie-Hellman Key Exchange

• Proposed in 1976
• First public key algorithm
• Allows group of users to agree on secret key over
  insecure channel
• Cannot be used to encrypt and decrypt messages

10
Diffie-Hellman Key Exchange

• Protocol for A and B want to agree on shared
  secret key
• A and B agree on two large numbers n and g, such
  that 1ltgltn
• A chooses random x and computes Xgx mod n and
  sends X to B
• B chooses random y and computes Ygy mod n and
  sends Y
• A computes k Yx mod n
• B computer k Xy mod n
• Note k k gyx mod n

11
Diffie-Hellman Key Exchange

• Requires no prior communication between A and B
• Security depends on difficulty of computing x
  given Xgx mod n
• Choices for g and n are critical both n and
  (n-1)/2 should be prime, n should be large
• Susceptible to intruder in the middle attack
  (active intruder)

12
Intruder in the Middle Attack
Intruder
John
Rose
Hi Rose, Im John.
Hi Rose, Im John.
Hi John, Im Rose.
Hi John, Im Rose.
Intruder and John Uses Diffie-Hellman To agree
on key K.
Intruder and Rose Uses Diffie-Hellman To agree on
key K.
K and K may be the same
13
Asymmetric-Key Exchange

• Without server
• Broadcasting
• Publicly available directory
• With server
• Public key distribution center
• Certificates

14
Public announcement
KE-J.S.
KE-J.S.
KE-J.S.
KE-J.S.
John Smith
KE-J.S.
KE-J.S.
Bad Uncontrolled distribution ? easy to
forge
15
Publicly available directory
Better but not Good enough ? Directory could Be
compromised
Public Key Directory
KE-J.S.
KE-M.R..
John Smith
Mary Rose
16
Public-key authority
Public-Key Authority
1. Request Time1
4. Request Time2
2. EKD-AuthKE-RRequestTime1
5. EKD-AuthKE-SRequestTime2
3. EKE-R(ID-AN1)
Sender
Recipient
6. EKE-S(N1N2)
7. EKE-R(N2)
17
Public-key certificates
Certificate Authority
KE-R
KE-S
C-SEKD-CAuthTime1,ID-S,KE-S
CREKD-CAuthTime2,ID-R,KE-R
1. C-S
Sender
Recipient
2. C-R
18
Certificates

• Guarantees the validity of the information
• Establishing trust
• Public key and user identity are bound together,
  then signed by someone trusted
• Need digital signature

19
Digital Signature

• Need the same effect as a real signature
• Un-forgeable
• Authentic
• Non-alterable
• Not reusable

20
Digital signature

• Direct digital signature public-key cryptography
  based
• Arbitrated digital signature
• Conventional encryption
• Arbiter sees message
• Arbiter does not see message
• Public-key based
• Arbiter does not see message

21
Digital Signatures in RSA
Insecure channel
Sign
Verify
Plaintext
Signed plaintext
Plaintext
Encryption Alg.
Decryption Alg.
Recipient
Sender
Ss public key
Ss private key
(need reliable channel)
22
Non-repudiation

• Requires notarized signature, involving a third
  party
• Large system hierarchies of notarization

23
Electronic Voting

• Transmit an untraceable yet authentic message,
  e.g., presidential election votes
• Demillo and Merritt (1982,83) see textbook
• Current works
• Rebecca Mercuri Questions for Voting System
  Vendors (http//www.notablesoftware.com/checklists
  .html)
• Rebecca Mercuri Statement on Electronic Voting
  (http//www.notablesoftware.com/RMstatement.html)
• Bruce Schneier Voting and Technology
  (http//www.counterpane.com/crypto-gram-0012.html
  1)

24
Voting System

• Goal to establish the intent of the voter, and
  transfer that intent to the vote counter
• Assumptions
• Vote is open and everyone can monitor it
• Requirements
• Anonymous
• Scalable (speed, efficiency)
• Auditable
• Accurate
• Need to focus on accuracy and availability