Security and Cryptography

1
replay
Request
Client
Server
Response
1. Eavesdrop
2. replay
3. Client imposter
4. Server imposter
5. Man in the middle
6. Repudiation
7. Denial of service
(Secure group communication)
Network security threads in two party
communication
Figure 11.1 - Part 1
2
Security requirements and their implementation
By encryption (and decryption)
Confidentiality
Integrity
By checksum or hash value/message digest or MAC.
Authentication
user ID and password or Digital signature.
Nonrepudiation
Undeniable signature
Data integrity is called Data/message
authentication sometime.
3
Classification of cryptosystems

• Secret key (symmetric) vs. public key
  (asymmetric)
• Classical vs. modern
• Substitution vs. permutation (transposition)
• Monoalphabetic vs. Polyalphabetic
• Block vs. stream
• For stream cipher
• Synchronous vs. non-synchronous
• Periodic vs. non-periodic
• Dependent key-stream vs. one-time pad

Clarify each of them and relationship among them
4
Classical (secret key) systems

• Substitution cipher
• Shift, Affine, Vigenere, Hill
• Permutation cipher
• Stream cipher
• Binary stream cipher
• Autokey cipher
• One time pad

5
Principles behind classical cryptosystems
Modular operation, multiplicative inverse
Matrix algebra
Permutation
Binary vector, binary operation , linear
combination,
Linear Feedback Shift Register
6
Cryptologycryptographycryptoanalysis

• Kerckhoffs principle
• Attack types
• Ciphertext only
• Known plaintext
• Chosen plaintext
• Chosen ciphertext
• Basic approaches for attacking different
  cryptosystems

7
Mathematical principles for modern cryptography
.Group theory
Number theory
.Chinese remainder theorem, prime and
factorization
.Group and discrete logarithmic problem
.Secret sharing and (symmetric) polynomial,
interpolation
.Elliptic curve
.NP-complete
.Permutation group
(Extended) Euclidean algorithm
8
Modern (secret key) systems

• DES
• multiple round, permutation, transformation,
  S-box
• AES
• PGM
• Permutation group, logarithmic signature ?, ?.
• RC2, RC4

9
Public key cryptosystems
Cons and pros of secret and public key systems
RSA prime and factorization, CRT, Little
Fermat theorem ElGamal Zp, DLP Knapsack
knapsack and superincreasing knapsack elliptic
curve Elliptic curve
10
Key management and exchange

• Key is the essential part in any cryptosystem.
• Diffie-Hellman key exchange (DLP)
• (Centralized) key distribution vs. (distributed)
  key agreement
• Public key infrastructure
• Public key certificate, certificate authority
• X.509 certificate architecture (hierarchical)

11
Hash functions and MAC
One-way function, one-way trap-door function,
one-way hash function.
Three properties of one way hash functions
One-way,
Match-resistant,
Collision-resistant
Birthday attack
Unkeyed hash function vs. keyed hash function
(MAC)
MD4, MD5, SHA-1, HMAC, DES-MAC
12
Digital signature
RSA signature, ElGamal signature, DSA/DSS
signature Undeniable signature
13
Network security protocols

• IPSec (IP security)
• SSL (Secure Socket Layer) TLS
• SSH
• SFTP
• HTTPS, SHTTP
• PGP

Their similarities and differences

• PKI and X.509 certificate hierarchical CAs.

• Kerkeros

• Firewall

14
Secure group communication

• Key management
• Key tree scheme
• N-party Diffie-Hellman key agreement

15
Security and attack analysis of modern
cryptosystems

• Factorization
• Solving DLP problem
• Efficiency and performance
• 128 bits for secret systems
• 1024 bits for public systems

16
Various topics

• Intrusion detection
• Entropy and Compression
• Password based key exchange
• Hierarchical Access Control

17
Final exam

• Concepts and principles
• Question and explanation
• True / false
• Computation
• Network security protocols
• Knapsack, Elliptic curve, Undeniable signature
• 545700pm, Dec. 7, 2005