Information Security CS 526 Lecture 17 - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Information Security CS 526 Lecture 17

Description:

Limitation: sender and receiver must share the same key ... The Big Picture. Digital Signatures: RSA, DSA, etc. Message Authentication Code ... – PowerPoint PPT presentation

Number of Views:25
Avg rating:3.0/5.0
Slides: 25
Provided by: NINGH7
Category:

less

Transcript and Presenter's Notes

Title: Information Security CS 526 Lecture 17


1
Information Security CS 526Lecture 17
  • Public Key Cryptography

2
Review of Secret Key (Symmetric) Cryptography
  • Confidentiality
  • stream ciphers
  • block ciphers with encryption modes
  • Integrity
  • message authentication code
  • Limitation sender and receiver must share the
    same key
  • needs secure channel for key distribution
  • impossible for two parties having no prior
    relationship

3
Public Key Cryptography Overview
  • Proposed in Diffie and Hellman (1976) New
    Directions in Cryptography
  • public-key encryption schemes
  • public key distribution systems
  • Diffie-Hellman key agreement protocol
  • digital signature
  • Public-key encryption was proposed in 1970 by
    James Ellis
  • in a classified paper made public in 1997 by the
    British Governmental Communications Headquarters
  • Diffie-Hellman key agreement and concept of
    digital signature are still due to Diffie
    Hellman

4
Public Key Encryption
  • Public-key encryption
  • each party has a PAIR (K, K-1) of keys K is the
    public key and K-1 is the private key, such that
    DK-1EKM M
  • Knowing the public-key and the cipher, it is
    computationally infeasible to compute the private
    key
  • Public-key crypto system is thus known to be
    asymmetric crypto systems
  • The public-key K may be made publicly available,
    e.g., in a publicly available directory
  • Many can encrypt, only one can decrypt

5
Public Key Encryption Algorithms
  • Almost all public-key encryption algorithms use
    number theory and modular arithmetic
  • RSA
  • based on the hardness of factoring large numbers
  • El Gamal
  • based on the hardness of solving discrete
    logarithm

6
RSA Algorithm
  • Invented in 1978 by Ron Rivest, Adi Shamir and
    Leonard Adleman
  • Published as R L Rivest, A Shamir, L Adleman, "On
    Digital Signatures and Public Key Cryptosystems",
    Communications of the ACM, vol 21 no 2,
    pp120-126, Feb 1978
  • Security relies on the difficulty of factoring
    large composite numbers
  • Essentially the same algorithm was discovered in
    1973 by Clifford Cocks, who works for the British
    intelligence

7
RSA Public Key Crypto System
  • Key generation
  • Select 2 large prime numbers of about the same
    size, p and q
  • Compute n pq, and ?(n) (q-1)(p-1)
  • Select a random integer e, 1 lt e lt ?(n), s.t.
    gcd(e, ?(n)) 1
  • Compute d, 1lt dlt ?(n) s.t. ed ? 1 mod ?(n)
  • Public key (e, n)
  • Private key d

8
RSA Description (cont.)
  • Encryption
  • Given a message M, 0 lt M lt n M ? Zn? 0
  • use public key (e, n)
  • compute C Me mod n C ? Zn? 0
  • Decryption
  • Given a ciphertext C, use private key (d)
  • Compute Cd mod n (Me mod n)d mod n Med mod n
    M

9
RSA Example
  • p 11, q 7, n 77, ?(n) 60
  • d 13, e 37 (ed 481 ed mod 60 1)
  • Let M 15. Then C ? Me mod n
  • C ? 1537 (mod 77) 71
  • M ? Cd mod n
  • M ? 7113 (mod 77) 15

10
RSA Security
  • Security depends on the difficulty of factoring n
  • The length of npq reflects the strength
  • 700-bit n factored in 2007
  • 1024 bit for minimal level of security today
  • likely to be breakable by 2010
  • 2048 for things need to kept secret until 2030
  • NIST suggests 15360-bit RSA keys are equivalent
    in strength to 256-bit

11
Digital Signatures The Problem
  • Consider the real-life example where a person
    pays by credit card and signs a bill the seller
    verifies that the signature on the bill is the
    same with the signature on the card
  • Contracts, they are valid if they are signed.
  • Can we have a similar service in the electronic
    world?

12
Digital Signatures
  • Digital Signature a data string which associates
    a message with some originating entity.
  • Digital Signature Scheme
  • a signing algorithm takes a message and a
    (private) signing key, outputs a signature
  • a verification algorithm takes a (public) key
    verification key, a message, and a signature
  • Provides
  • Authentication
  • Data integrity
  • Non-Repudiation (MAC does not provide this.)

13
Digital Signatures and Hash
  • Very often digital signatures are used with hash
    functions, hash of a message is signed, instead
    of the message.
  • Hash function must be
  • Pre-image resistant
  • Weak collision resistant
  • Strong collision resistant

14
RSA Signatures
  • Key generation (as in RSA encryption)
  • Select 2 large prime numbers of about the
  • same size, p and q
  • Compute n pq, and ? (q - 1)(p - 1)
  • Select a random integer e, 1 lt e lt ?, s.t.
  • gcd(e, ?) 1
  • Compute d, 1 lt d lt ? s.t. ed ? 1 mod ?
  • Public key (e, n)
  • Secret key d,

15
RSA Signatures (cont.)
  • Signing message M
  • Verify 0 lt M lt n
  • Compute S Md mod n
  • Verifying signature S
  • Use public key (e, n)
  • Compute Se mod n (Md mod n)e mod n M
  • Note in practice, a hash of the message is
    signed
  • and not the message itself.

16
Public Keys and Trust
Public Key PB Secret key SB
Public Key PA Secret key SA
  • How are public keys stored?
  • How to obtain the public key?
  • How does Bob know or trusts that PA is
  • Alices public key?

17
Distribution of Public Keys
  • Public announcement users distribute public keys
    to recipients or broadcast to community at large
  • Publicly available directory can obtain greater
    security by registering keys with a public
    directory
  • Both approaches have problems, and are vulnerable
    to forgeries

18
Public-Key Certificates
  • A certificate binds identity (or other
    information) to public key
  • Contents signed by a trusted Public-Key or
    Certificate Authority (CA)
  • Can be verified by anyone who knows the
    public-key authoritys public-key
  • Certificates allow key exchange without real-time
    access to public-key authority

19
X.509 Certificates
  • Part of X.500 directory service standards.
  • Defines framework for authentication services
  • Defines that public keys stored as certificates
    in a public directory.
  • Certificates are issued and signed by an entity
    called certification authority (CA).
  • Used by numerous applications SSL, IPSec, SET
  • Started 1988

20
Digital Signature Signing (figure from wikipedia)
21
How to Obtain a Certificate?
  • For a particular application you can define your
    own CA (libraries like openssl provide the
    necessary tools)
  • many companies define their own CA.
  • VeriSign a company that provides certificates to
    many commercial companies
  • Private key remains secret and certificate must
    be accessible.
  • Example see certificates accepted by your browser

22
CAs and Trust
  • Certificates are trusted if signature of CA
    verifies
  • Chain of CAs can be formed, head CA is called
    root CA
  • In order to verify the signature, the public key
    of the root CA should be obtain.
  • TRUST is centralized (to root CAs) and
    hierarchical

23
The Big Picture
Public Key Setting
Secret Key Setting
24
Coming Attractions
  • October 8
  • Discretionary Access Control and Mandatory Access
    Control
Write a Comment
User Comments (0)
About PowerShow.com