EEC 688/788 Secure and Dependable Computing

1
EEC 688/788Secure and Dependable Computing

• Lecture 5
• Wenbing Zhao
• Department of Electrical and Computer Engineering
• Cleveland State University
• wenbing_at_ieee.org

2
Outline

• Reminder
• Lab0, Next Monday 9/14
• Public-key algorithms
• Digital signatures
• Message digest
• Message authentication code
• Public key management

3
Public-Key Algorithms

• Distributing keys gt the weakest link in most
  cryptosystems
• No matter how strong a cryptosystem was, if an
  intruder could steal the key, the system was
  worthless
• Cryptologists always took for granted that the
  encryption key and decryption key were the same
• Diffie and Hellman (1976) proposed a radically
  new kind of cryptosystem encryption and
  decryption keys were different
• D(E(P)) P
• It is exceedingly difficult to deduce D from E
• E cannot be broken by a chosen plaintext attack

4
Public-Key Algorithms

• Public-key cryptography
• Encryption algorithm and the encryption key can
  be made public
• How to establish a secure channel
• Alice and Bob have never had previous contact
• Alice sends Bob EB(P) (message P encrypted using
  Bobs public encryption key EB)
• Bob receives the encrypted message and retrieves
  the plaintext by using his private key P
  DB(EB(P))
• Bobs then sends a reply EA(R) to Alice

5
RSA

• Rivest, Shamir, Adleman, 1978 a good method for
  public-key cryptography
• RSA method
• Choose two large primes, p and q (typically 1024
  bits)
• Compute n p ? q and z (p-1) ? (q-1)
• Choose a number relatively prime to z and call it
  d
• Find e such that e ? d 1 mod z
• To encrypt a message, P, Compute C Pe (mod n)
• To decrypt C, compute P Cd (mod n)
• The public key consists of the pair (e, n)
• The private key consists of the pair (d, n)

6
RSA

• An example of the RSA algorithm
• P 3, q 11 gt n 33 and z 20
• A suitable value for d 7
• e can be found by solving the eq. 7e 1 (mod 20)
  gt e 3
• C P3 (mod 33), P C7 (mod 33)

7
Digital Signatures

• Requirement on digital signatures one party can
  send a signed message to another party in such a
  way that the following conditions hold
• The receiver can verify the claimed identity of
  the sender
• The sender cannot later repudiate the contents of
  the message
• The receiver cannot possibly have fabricated the
  message himself

8
Symmetric-Key Signatures

• Big Brother (BB) a central authority that knows
  everything and whom everyone trusts
• Each user chooses a secret key and shares it with
  BB
• Digital signatures with Big Brother

9
Public-Key Signatures

• Digital signatures using public-key cryptography
• Requires E(D(P)) P (in addition to D(E(P)) P)

10
Message Digests

• Message digest (MD) using a one-way hash
  function that takes an arbitrarily long piece of
  plaintext and from it computes a fixed-length bit
  string
• Requirement on the hash function
• Given P, it is easy to compute MD(P)
• Given MD(P), it is effectively impossible to find
  P
• No collision given P no one can find P such
  that MD(P) MD(P)
• A change to the input of even 1 bit produces a
  very different output

11
Digital Signatures Using Message Digests
12
MD5

• One of the most widely used hash functions
• MD5 is the fifth in a series of message digests
  designed by Ronald Rivest (1992)
• It operates by mangling bits in a sufficiently
  complicated way that every output bit is affected
  by every input bit
• MD5 generates a 128-bit fixed value

13
SHA-1

• SHA-1 Secure Hash Algorithm 1, developed by
  National Security Agency (NSA) and blessed by
  NIST. It generates 160-bit message digest
• Use of SHA-1 and RSA for signing nonsecret
  messages

14
Message Authentication Code

• MACs are used between two parties that share a
  secret key in order to validate information
  transmitted between these parties
• The MAC mechanism that is based on cryptographic
  hash functions is called HMAC
• Append the key to the plaintext and generate a
  digest using a hash function
• Ship the plaintext together with the digest

15
Management of Public Keys

• Problem statement
• Certificates
• X.509
• Public key infrastructure

16
Problems with Public-Key Management

• If Alice and Bob do not know each other, how do
  they get each others public keys to start the
  communication process ?
• It is essential Alice gets Bobs public key, not
  someone elses
• A way for Trudy to subvert public-key encryption

17
Certificates

• Certification Authority (CA) an organization
  that certifies public keys
• It certifies the public keys belonging to people,
  companies, or even attributes
• CA does not need to be on-line all the time (in
  ideal scenarios)
• A possible certificate and its signed hash

18
X.509

• Devised and approved by ITU
• The basic fields of an X.509 certificate

19
Public-Key Infrastructures

• A Public-Key Infrastructure (PKI) is needed for
  reasons of
• Availability, Scalability, Ease of management
• A PKI has multiple components
• Users, CAs, Certificates, Directories
• A PKI provides a way of structuring these
  components and define standards for the various
  documents and protocols
• A simple form of PKI is hierarchical CAs

20
Public-Key Infrastructures

• Hierarchical PKI
• A chain of trust/certification path A chain of
  certificates going back to the root

21
Public-Key Infrastructures

• Revocation sometimes certificates can be
  revoked, due to a number of reasons
• Reinstatement a revoked certificate could
  conceivably be reinstated
• Each CA periodically issues a CRL (Certificate
  Revocation List) giving the serial numbers of all
  certificates that it has revoked
• A user who is about to use a certificate must now
  acquire the CRL to see if the certificate has
  been revoked
• Having to deal with revocation (and possibly
  reinstatement) eliminates one of the best
  properties of certificates, namely, that they can
  be used without having to contact a CA