Professional Documents
Culture Documents
Computer Security
Lecture 6
1
Stream Ciphers
A stream cipher is a symmetric key cipher where each plaintext digit is encrypted
one at a time with the corresponding digit of the keystream, to give a digit of the
ciphertext stream.
▪ In other word, combine each bit of keystream with bit of plaintext to get bit of
ciphertext.
▪ m(i) =ith bit of message
▪ ks(i)= ith bit of keystream
▪ c(i)= ith bit of ciphertext
▪ c(i)= ks(i) m(i) ( = exclusive or)
▪ m(i)= ks(i) c(i)
2
Stream Ciphers
3
Block Ciphers
• It is used to encrypt a block of text, rather than encrypting one bit at a time as in stream
ciphers
• Message to be encrypted is processes in blocks of k bits (e.g., 64-bit blocks).
• Example with k=3
K=3 means that the block cipher map 3-bit inputs (plaintext) to 3-bit output (ciphertext)
Input Output
In this example, the block cipher breaks the message up
000 110
into 3-bit blocks and encrypts each block according to
001 111
the mapping in the table
010 101
011 100
100 011
What is the ciphertext for
101 010
010110001111 ?
110 000
111 001
4
Block ciphers are used in many secure internet protocols, including PGP (for
secure email), SSL( for securing TCP connection) and IPsec (for securing the
network-layer transport)
5
Asymmetric Cryptography
• Asymmetric cryptography, or public-key cryptography, is a
cryptographic system that uses pairs of keys. Each pair consists of a
public key and a private key. The generation of such key pairs depends
on cryptographic algorithms which are based on mathematical
problems termed one-way functions.
• Sender and receiver do not share a secret key.
• Public encryption key is known to all.
• Private decryption key is known only to receiver.
• Private key is compute from public key
6
Asymmetric Cryptography
7
1. Alice wants to send a secure message to Bob
2. Alice first fetches Bob’s public key (KᶧB)
3. Alice then encrypts her message (m) to Bob by using the public key
of Bob KᶧB (m).
4. Bob receives Alice’s encrypted message and use his private key (K־B)
and a known decryption algorithm to decrypt Alice’s encrypted
message. That is, Bob will compute K־B (KᶧB (m)) to get the original
message (m).
8
Requirements:
• Bob is the only one who can decrypt this encrypted message.
• It should be impossible to compute private key from public
key.
• Public key is known to everyone.
• Private key is known to Bob only.
• Every public key matches to only one private key.
• If the public key is used for encryption, then the related
private key is used for decryption. If the private key is used
for encryption, then the related public key is used for
decryption.
9
Massage Integrity
• Message integrity means that a contents of the message has not been
tampered with or altered.
• Allows communication parties to verify that received message are
authentic.
• Bob receives a message from Alice. To authenticate this message, Bob
needs o verify:
1. The message indeed originated from Alice
2. The message was not tampered with on its way to him.
10
Massage Digests
11
Desirable Properties:
• Easy to calculate
• Irreversibility: can’t determine m from H(m).
12
Sender
Hash Function
Message Hash
Hash
M H(M)
Algorithm
H(M) & M
To Receiver
Hash Function
Hash M
H(M)
Algorithm
If they are equal, so the
message is not be alerted
or tampering with H(M) Receiver
H(M)
13
Digital Signatures
• It is a cryptographic technique for indicate the owner or the creator of
message.
• Bob wants to send a message to Alice.
• Alice tells Bob that “I want to ensure you are the sender”.
• Bob sign m by encrypting it with his private key (K־B), creating
“signed” message, K־B(m).
14
1= K־B(m)
15
Combining Message Integrity and Source Authentication
16
Certification Authorities Public-Key Infrastructure (PKI)
17
Public Key Encryption + digital Signature+ Message Integrity
Large Digital
H: Hash
Message H(m) Signature
Function
(m) (encrypt)
K־B
Encrypted
Hash
Encryption
Algorithm
KᶧA
To the Receiver
18