Professional Documents
Culture Documents
sandrauc3m2
SECURITY GOALS
• CONFIDENTIALITY: avoid interception of data with a secret way of sharing data
(ALGORITHMS & KEYS)
• INTEGRITY: avoid modification of data (HASH)
• AVAILABILITY: avoid interruption (there is no cryptographic mechanism)
• AUTHENTICATION: check the identification to avoid generation (verify the
identity)
• NON-REPUDIATION: sender is provided with proof of delivery and receiver is
provided with proof of sender’s identity (DIGITAL SIGNATURES)
SECURITY MEASURES
• DEPENDING ON ACTION • TYPES
o Prevention o Physical (alarm)
o Detection o Technical (encryption)
o Response o Administrative (policies)
o Legal (Law of Personal
Data Protection)
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
2.MATHEMATICAL FOUNDATIONS
MODULAR ARITHMETIC
Zn set. For n>1, Zn is the set {0, 1, …, n-1}
INVERSE COMPUTATION
If a and n are coprime (gdc=1) there is a unique x such that:
EULER’S THM
a ( n ) mod. n = 1 => a-1 = a( n ) - 1 mod n
• ( p ) = p-1, p prime
• ( pk ) = pk-1 (p-1), p prime and k positive integer
• (pq) = (p) (q)
• ( n ) = pi ki-1 (pi - 1), n= pi ki
Where A = a-1
CONGRUENCE EQUATIONS
POWERS OF AN INTEGER
All the results (remainders of n) of ai mod n for a given a and n and i∈{0, …, n-1}
GAUSSIAN W
The smallest exponent i that gives us the power of n 1.
PRIMITIVE ROOTS
The primitive roots of a number are those numbers a (ai mod n) that can generate
the hole set of remainders of n. The gaussian is a generator if it is a primitive
root.
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
• Then the last power will be the gaussian
DISCRETE LOGS
b = ax mod n => x = loga b mod n
• ADDITION c = a ± b mod 2 = a b
• IMPORTANT 2 * xi mod 2 = 0
o EXTENDED EUCLIDEAN ALG decompose until you get to 1 = A(x) a(x) + B(x)
p(x) where a -1 = A(x)
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
3.1.CLASSIC CRYPTOGRAPHY
BASIC TECHNIQUES
SUBSTITUTION
Each character is modified or substituted by another element. Numerical representation
of the alphabets
M ONOALPHABETIC
• MONOGRAPHIC
P OLYALPHABETIC
• PERIODIC
▪ Vigenère: 16 alphabets and key length m
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
E(mj ) = (mj + k(j mod m)) mod. 26
W ITH AUTOKEY
The key is used once and then
we use fragments of the
message.
E(M) = EDVIJVRF
• NON-PERIODIC
o Vernam: XOR between message and key. Key has same length (or larger)
as m. Random and not useful in the real world, can only be used once.
Perfect secrecy.
TRANSPOSITION OR PERMUTATION
All characters a reallocated according to some rule: GRUPS, SERIES, COLUMNS/ROWS.
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
3.2.SYMMETRIC ENCRYPTION: BLOCK CIPHERS
• secret key
2. ShiftRows: shift ith row i bytes counterclockwise (n first bits to end) (Row 0 shifts
0) (total of 4 rows 0,1,2,3) (DIFUSSION)
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
3. MixColumns: multiply all coulms by the following matrix and
substitute vector result by the corresponding column
OPERATION MODES
Techniques that adapt a cryptographic algorithm for sth specific or to enhance some
part of the algorithm. They are intended to be used with any symmetric block cypher.
• CIPHER BLOCK CHAINING (CBC): first block xor with initializing vector, the xor
with prev
o each block depends on the previous one (xor)
o same block different result (for diff key and IV)
o error propagation
o padding
• CIPHER FEEDBACK (CFB): uses xor of previous ciphertext and current plaintext
(concatenated), first xor of ciphered IV and plaintext (same as OFB but using
the output of the xor)
o shift register
o segments instead of blocks (smaller)
o stream-like, keystream depends on the plaintext
o some error propagation
o no padding
o different result for the same block
• OUTPUT FEEDBACK (OFB): uses previous cypher output and computes xor with
the plaintext to get the ciphered text (same as CFB but using the input of the
xor)
o IV must be a nonce (number only used once)
o stream-like cypher, keystream does not depend on the plaintext
o some error propagation
o no padding
o different result for the same block
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
• ADVANTAGES: high encryption rates (bit by bit), error resistance (no
propagation)
• DISADVANTAGES: poor diffusion, keys never totally random, key reuse issue (can
be obtained)
TYPES
• SYNCRONOUS: external, keystream independent of message and ciphered
KEYSTREAM
• PRNG: pseudorandom number
LSFR
seed, associate polynomial and T (period), key of period length
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
3.4. ASSYMETRIC ENCRYPTION
• each user has two keys
o public: know by everybody
▪ sender uses this key (public key of receiver) to encrypt
o private: know only by the user
▪ receiver uses this key (receiver private key) to decrypt
o private inverse of public, unfeasible to compute private from public
• brute force possible
• large keys
• slower than symmetric
1. A SENDS B: k1 = g a mod p
2. B SENDS A: k2 = g b mod p
3. A COMPUTES SHARED KEY K: K = k2 a mod p
4. B COMPUTES SHARED KEY K: K = k1 b mod p
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
3.5. KEY DISTRIBUTION
SYMMETRIC USING SYMMETRIC
sender and receiver have a priori a secret key (key wrapping) or in person or secure
channel with third party (Key Distribution Center, users shares a master key with KDC)
PUBLIC KEYS
• announcement
• directory
• public key authority
• certificates
10
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
3.6. HASH FUNCTIONS
They take an input of variable key length and produce a fixed size value (irreversible)
There are infinite possible inputs, but finite possible outputs bounded by the hash length => collision: two
messages with the same hash value
Sign with author’s private key. Deterministic and with message recovery. Based on
problem of factorizing large integers.
EL GAMAL
Based on problem of computing discrete logarithms. Randomized and with appendix.
• Parameters of A:
11
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
3.8. ADVANCED MECHANISMS AND PROTOCOLS
ELLIPTIC CURVES (EC)
An elliptic curve over real numbers is a cubic curve defined over the infinite plane X-Y ,
and it cannot cross itself or others.
By adding two points you get a 3rd one belonging to the curve.
Faster and shorter keys than asymmetric but more error-prone due to complexity.
• Addition of points, to compute R=(xR, yR) such that R=2P given a curve y2 = x3 +
ax + b:
o xR = s2 - 2xP
o yR = (xP - xR) - yP
o p (module)
o a, b: curve parameters
2. A sends yA = xA * G and B yB = xB * G
3. Common key is P = xA * xB * G
12
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
ZERO KNOWLEDGE PROOFS
Zero-knowledge proofs consist of proving you know some information with some
actions, without revealing that information to the other party.
• Interactive: The prover proofs the verifier its knowledge, if there are several
verifiers, repeats the process for each one (online votes)
• Non-interactive: There is an intermediary, the dealer (cryptocurrency, verify ok
without revealing addresses or content)
• Ciphertext Policy (KP-ABE): keys are linked to attributes (known), the cypher
defines the access structure (the access policy is linked to the cypher)
Slow and needs a reliable entity. Third party may get access to keys (key escrow)
MULTIPARTY ENCRYPTION
Compute data between different parties without revealing.
S = secret code
HOMOMORPHIC ENCRYPTION
Allows mathematical operations over encrypted data, without revealing the data.
13
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
4.1. USER AUTHENTICATION
WHAT THE USER KNOWS (PIN, PASSWORD, CHALLENGE-RESPONSE…)
• MANAGEMENT:
o Quality: Weak/Strong
o Expiration criteria
o Blocking/cancellations/forget
• THREATS:
o Interception/Databases
14
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
4.2.PUBLIC KEY INFRASTRUCTURE (PKI)
problems w/ Public Key Authorities and Directories: require online access, not scalable
CERTIFICATES
when there is a communication process, to check the other party can be trusted (by
checking theirs certificate validity (key usages, validity period, signed by trusted CA…))
• identity of subject
• public key
• Certification Authority’s identity (AC or CA)
• validity
• serial number
• digital signature of previous information (signed with CA private key)
• EXTRAS: allowed usages
• STATE: valid, suspended, revoked
PKI
set of roles, policies, hardware, software, and procedures needed to create, manage,
distribute, use, store and revoke digital certificates and manage public-key encryption
X.509
Natural person ,Legal person, TLS, code…
• Version (currently 3)
• Serial number (identifies the certificate in the CA)
• Issuer CA
• Validity period (smaller than the validity of the CA)
• Subject (Distinguished Name DN)
• Public key
• Extensions (key usage)
• Signature Algorithm
• Signature
15
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
VALIDATION
• CERTIFICATE REVOCATION LISTS – CRL: list with revoked certificate, published by
CA or related entity
o Version - Issuer CA – thisUpdate – nextUpdate – List – Extensions - Sign
Alg -Signature
o nextUpdate period (short)
o bandwidth problem (sol: over-issue, segmentation, indirect)
• ONLINE CERTIFICATE STATUS PROTOCOL – OCSP: queries about the state of a
certificate
DECENTRALIZED MODEL
No CA, each user certificates what they trust, trust chains (of n nodes)
16
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413
5. LEGAL ISSUES
ISO 19790
set of requirements for a cryptographic module utilized within a security system
protecting sensitive information
• LEVELS:
o 1: minimum
• ROLES: Crypto Officer, User, Maintenance (bypass only by the authorized roles)
• secure boot
• non-invasive attacks
EIDAS REGULATION
For digital signatures in the EU. ID systems and validity of their digital signatures
• electronic documents
• website authentication
LAW 6/2020
Regulates how to check the identity and attributes of the requester of a qualified
certificate and adds additional requirements in Spain for qualified certificates
17
Reservados todos los derechos. No se permite la explotación económica ni la transformación de esta obra. Queda permitida la impresión en su totalidad.
a64b0469ff35958ef4ab887a898bd50bdfbbe91a-5178413