Security - PowerPoint PPT Presentation

1 / 37

About This Presentation

Title:

Security

Description:

Alice wants to communicate with Bob so that. the message is ... Eve should not be able to impersonate Alice. Protocol is succeptible to playback attacks ... – PowerPoint PPT presentation

Number of Views:25

Avg rating:3.0/5.0

Slides: 38

Provided by: kkalp

Category:

more less

Transcript and Presenter's Notes

Title: Security

1
Security Cryptography
2
Protection vs Security

The protection mechanisms (ACLs, etc) discussed
earlier assist us in preventing unauthorized
access and use of computer resources
what happens if an intruder bypasses the
protection mechanisms?
Cryptography can be used so that an intruder is
unable to understand or use information obtained
without authorization

3
Cryptography Terminology

Plaintext (or cleartext)
is the intelligible message
Ciphertext
is the unintelligible message
Encryption and decryption
Are the processes to convert between plaintext
and ciphertext
Key
Is the parameter used in an encryption/decryption
algorithm

4
Cryptography Terminology

Cryptosystem
A system for encryption/decryption of information
Symmetric cryptosystem
use the same key for both encryption and
decryption
Asymmetric cryptosystem
use the different keys for encryption and
decryption
Cryptology
the designing breaking of cryptosystems
Cryptography
the practice of using cryptosystems for
confidentiallity of information
Cryptoanalysis
the breaking cryptosystems

5
Basic Structure of a Cryptosystem
Eve
Plaintext M
Side Information
Break
Bob
Alice
Plaintext M
Plaintext M
Encrypt
Decrypt
Ciphertext C
Encryption Key Ke
Decryption Key Kd
6
Basic Attacks to Cryptosystems

Cryptosystem attacks are classified based on the
amount of side information available to an
intruder
Attack classification
ciphertext-only
intruder only has access to the ciphertext
known-plaintext
intruder has access to the ciphertext and
considerable amount of plaintext
chosen-plaintext
intruder has access to a chosen plaintext and its
corresponding ciphertext

7
Design Principles for Cryptosystems

Shannons principles
Diffusion principle
spread the correlations and dependencies among
key and words over the text as much as possible
in order to maximize the length of plaintext
needed to break the system
Confusion principle
change a piece of information so that ciphertext
has no obvious relationship with plaintext
Computational Intractability principle
every algorithm for determining a key needed to
break cryptosystem is believed to require
exhaustive search of a very large search space

8
A Taxonomy of Cryptosystems

Conventional systems
Modern systems
private key systems
public key systems

9
Conventional Cryptosystems

Conventional cryptosystems are based on
substitution ciphers
Caesars cipher
E(M) (M k) modulo 26
where M is a letter and k3 is the key
Simple substitution cipher
E(M) KeyM
where Key is an arbitrary permutation of a single
alphabet
Vigenere cipher
choose N simple substitution ciphers and encrypt
the jth letter using the (j mod N) substitution
cipher
One-time pad
encrypt by Xoring message with a key, whose size
equals the size of the message

10
DES

The Data Encryption Standard (DES) is a modern
private-key cryptosystem
It is a block cipher that uses two basic
operations
permutation,
and substitution
It breaks a message in 64-bit blocks and
encrypts/decrypts each block individually
It uses a 56-bit secret key, which is expanded to
64-bits using parity bits

11
DES

Has three stages
plaintext block undergoes an initial permutation
IP
permuted block undergoes for 16 times a complex
transformation
A block at the ith iteration is broken into two
32-bit blocks Li Ri
transformed block undergoes the inverse IP of
the permutation IP at the 1st stage
DES transformation in the ith iteration,
i1,2,,16
K i Phi(Key, i) 48-bit key of ith iteration
L i Ri-1
R i L i xor F (Ri-1 , K i )

12
DES

Function F does the following
expands R i into a 48-bits quantity E(R i) by
permuting and duplicating some bits of R
Xors E(R i) with K i and partitions the result
into eight 6-bit blocks Q1, Q2,,Q8
passes each Q j 6-bit block through a separate
6-to-4 bit substitution box
concatenates all transformed 4-bit Q j blocks and
then permutes them

13
DES

Decryption is done by executing the three stages
in reverse order and each time using the inverse
function/operation
permute cipher text using IP
undo the 16 transformations, for i16,15,,1,
using the same keys K1, K2, , K16
R i-1 R i
L i-1 R i xor f ( L i , K i )
permute transformed ciphertext with IP
For added security, block chaining can be used
each plaintext block is Xored with the ciphertext
of the previous plaintext block
triple encryption (DES does not form a group)
Rijdael new private key standard

14
Public-Key Cryptosystems

Private key cryptosystems requires a secure
mechanism for distributing the private keys to
communicating parties
Diffie and Hellman proposed public key
cryptosystems
public key systems make the encryption key
publicly available and keep the decryption key
secret
public key systems are based on the computational
intractability principle (using problems such as
factoring primes, discrete logarithm, knapsack,
etc)

15
Public Key Cryptosystems

public key systems satisfy the following
DSK(EPK(M)) M for every message M
The encryption and decryption functions E and D
are computationally efficient
Knowledge of E, D, and PK (public key) does not
compromise SK (secret key)
DPK(ESK(M)) M for every message M, if message
singing/verification is desired

16
Trapdoor One-Way Functions

One-way functions F
F is invertible and easy to compute
inverting F is computationally intractable, ie
given y finding x such that yF(x) is believed to
be computationally infeasible
Trapdoor one-way functions F
yF(x) can be solved efficiently provided some
secret information for F is available
Diffie and Hellman suggested that one way to
implement public key systems is to use trapdoor
one-way functions

17
Number Theory Background

GCD Recursion Theorem the Extended Euclids
algorithm

18
Number Theory Background

Eulers phi function, Eulers and Fermats
Theorems

19
Number Theory Background

The Chinese Remainder Theorem
Origins
Sun-Tsu, circa 100 A.D. considered the problem of
finding those integers x that leave remainders 2,
3, and 2 when divided by 3, 5, and 7 respectively
(which are of the form x23105k).
Its essence

20
Number Theory Background

A corollary of the Chinese Remainder Theorem
states that

21
RSA

Rivest, Shamir, and Adleman introduced the RSA
public-key cryptosystem based on Diffie and
Hellman
RSA works as follows

22
RSA

RSAs encryption function is
EPK(M) Me mod n
where PK(e,n)
RSAs decryption function is
DSK(M) Md mod n
where SK(d,n)
these two encryption/decryption functions satisfy
DSK(EPK(M)) M
DPK(ESK(M)) M
can be computed efficiently given PK or SK
knowledge of PK does not compromise SK

23
RSA

Correctness of RSA is based on
Fermats theorem and on the Chinese Remainder
Theorem
Example values for RSA
choose p5 and q11
set n55 and N40
choose d23
compute e7 using the extended Euclid algorithm
encrypt M8 to 2 using repeated squaring

24
RSA

A more realistic example set of values for RSA
(courtesy of Prof. Stephens)
n 2419753086 4197530864 2125371358 0246913580
2471460971 7
p 1555555555 5555555555 560261
q 1555555555 5555555555 560497
e 512896171
d 1955459782 2571725357 3495557871 3933814929
3601459917 1
sqrt(n) approximately 1555555555 5555555555
560378
number of positive integers lt n that are relative
prime to n is equal to phi(n)
phi(n) 2419753086 4197530864 2125340246
9135802469 1360348896 0

25
Authentication

Objective
verify the identity of communicating entities
Authentication services
interactive communication (synchronous)
one-way communication (asynchronous)
signed communication (verifiable conversation by
third party)
Potential threats
altering messages
replaying old messages
denial of service
interference with ongoing communication
impersonation

26
Interactive Communication Protocols

Require an authoritative Authentication Server
(AS) for securely distributing conversation keys
Each user registers its secret key with the AS,
which is shared only between the AS and the user,
and their public key if any
Requirements use case
Alice wants to communicate with Bob so that
the message is intelligible to Bob, but not Eve
it should be evident that the message was sent by
Alice, and that is not a replay of an older
message from Alice

27
Interactive Communication with Private Key Systems

Alice wants to converse with Bob
Denning-Saccos modification to handle
compromised conversation keys
A message is not a reply attack if
LocalClock-TltLocalClocks disrepancy from ASs
clock plus the estimated maximum network delay

28
Interactive Communication with Public Key Systems

Alice wants to communicate with Bob

29
One-Way Communication with Private Key Systems

Alice wants to email message M to Bob
Bob should be able to authenticate integrity of
Alices message even if Alice is not currently
available
Eve should not be able to impersonate Alice

Protocol is succeptible to playback attacks
30
One-Way Communication with Public Key Systems

Alice wants to email message M to Bob

31
Digital Signatures

Must satisfy the following
a user can not forge signatures
sender of signed message can not deny the
validity of his signature
receipient can not modify the signature of a
signed message

32
Digital Signatures using Private Key Systems

Alice wants to sign a message to be sent to Bob

33
Digital Signatures using Public Key Systems

Alice wants to sign a message to be sent to Bob

34
Kerberos

An authentication system for an open network
computing environment where users machines are
under their complete control and can not be
trusted to identify users to network services
Consists of
Client (C)
Kerberos Server (K)
Ticket Granting Server (TGS)
Server (S)
User (U)

35
Kerberos Phase I Getting the Initial Ticket