11 views

Uploaded by nooti

Class 5

- Chapter 09
- savcref
- Network Security Points
- 10.1.1.21.9175
- Embedding a Non-Standard Encryption/Decryption Method with Mathematical Draw Function to Meet Challenges in Mobility
- Empirical Study of a Key Authentication Scheme in Public Key Cryptography
- DAA Report
- ns
- EcomII
- Image Encryption & Decryption Model_2
- Week6-W
- Encryption
- Log File
- Ep 32883890
- Cryptography
- IRJET-An Innovative Approach for Secret Hiding Based on Visual Cryptography Scheme
- Data Security.en
- Information Security Unit-2 - 9 HMAC
- encyc Steganography encryption
- Cloud Security Mechanisms

You are on page 1of 29

What is Cryptography

Cryptography

In a narrow sense

Mangling information into apparent unintelligibility Allowing a secret method of un-mangling

In a broader sense

Mathematical techniques related to information security About secure communication in the presence of adversaries

Cryptanalysis

The study of methods for obtaining the meaning of encrypted information without accessing the secret information

Cryptology

Cryptography + cryptanalysis

Security Attacks

Passive attacks

Obtain message contents Monitoring traffic flows

Active attacks

Masquerade of one entity as some other Replay previous messages Modify messages in transmit Add, delete messages Denial of service

Confidentiality (secrecy)

Only the sender and intended receiver should be able to understand the contents of the transmitted message

Authentication

Both the sender and receiver need to confirm the identity of other party involved in the communication

Data integrity

The content of their communication is not altered, either maliciously or by accident, in transmission.

Availability

Timely accessibility of data to authorized entities.

Non-repudiation

An entity is prevented from denying its previous commitments or actions

Access control

An entity cannot access any entity that it is not authorized to.

Anonymity

The identity of an entity if protected from others.

Secret key functions Public key functions Hash functions

encryption

plaintext

key

ciphertext

ciphertext

decryption

plaintext

Using a single key for encryption/decryption. The plaintext and the ciphertext having the same size. Also called symmetric key cryptography

Transmitting over an insecure channel

The transmitted message is encrypted by the sender and can be decrypted by the receiver, with the same key Prevent attackers from eavesdropping

Data is encrypted before being stored somewhere Only the entities knowing the key can decrypt it

Authentication

Strong authentication: proving knowledge of a secret without revealing it. Alice challenge rA Bob response rA encrypted with KA,B

rB

rB encrypted with KA,B

Integrity Check

Noncryptographic checksum

Using a well-known algorithm to map a message (of arbitrary length) to a fixed-length checksum Protecting against accidental corruption of a message Example: CRC

Cryptographic checksum

A well-know algorithm Given a key and a message The algorithm produces a fixed-length message authentication code (MAC) that is sent with the message

encryption plaintext Public key Private key ciphertext

ciphertext

decryption

plaintext

a private key (d): need not be reveal to anyone a public key (e): preferably known to the entire world

Transmitting over an insecure channel

Alice encrypt mA using eB Bob encrypt mA using dB

Data is encrypted with the public key of the source, before being stored somewhere Nobody else can decrypt it (not knowing the private key of the data source)

Authentication

Alice encrypt r using eB Bob decrypt to r using dB r

Digital Signatures

Proving that a message is generated by a particular individual Non-repudiation: the signing individual can not be denied, because only him/her knows the private key.

signing

plaintext

Private key

Signed message

Public key

Signed message plaintext verification

Hash Functions

Cryptographic hash function

A mathematical transformation that takes a message of arbitrary length and computes it a fixed-length (short) number.

Properties

( Let the hash of a message m be h(m) )

For any m, it is relatively easy to compute h(m) Given h(m), there is no way to find an m that hashes to h(m) in a way that is substantially easier than going through all possible values of m and computing h(m) for each one. It is computationally infeasible to find two values that hash to the same thing.

Password hashing

The system store a hash of the password (not the password itself) When a password is supplied, it computes the passwords hash and compares it with the stored value.

Message integrity

Using cryptographic hash functions to generate a MAC Alice secret message hash hash

=?

Bob

secret

Message fingerprint

Save the message digest of the data on a tamper-proof backing store Periodically re-compute the digest of the data to ensure it is not changed.

Using a hash function to ensure a download program is not modified

Compute a message digest (using a hash function) and sign that.

Attacks on cryptographic algorithms Definition of security

Attacks: Types

Brute force search

Assume either know/recognize plaintext Simply try every key

Cryptoanalysis

Ciphertext only

With the ciphertext Plaintext is recognizable

Known plaintext

<cipher, plaintext> pairs are known

Chosen plaintext

Select plaintext and obtain ciphertext to attack

Birthday Attacks

Principle

Assume: A function yields any of n different outputs with equal probability, where n is sufficiently large. After evaluating the function for about 1.2*squart(n) arguments, we expect to find a pair of different arguments, x1 and x2, such that f(x1)=f(x2).

Meet-in-the-Middle Attacks

Principle

build a table of keys Compute f(k,m) for every key

f is an encryption function, m is a known message

Meet-in-the-Middle Attacks

An attack example

Assume:

a new encryption function: F(k1,k2,m)=f(k1,f(k2,m)) A pair (P,C) is known

Attacker:

Encrypt P, i.e., computing f(k2,P), for all possible values of k2; store the values in a table Decrypt C, i.e., computing f-1(k1,C), for all possible values of k1, and for each result check the table A match reveals a possible combination of the keys

Security Definition

Unconditional Security

The system cannot be defeated, no matter how much power is available by the adversary.

Computational security

The perceived level of computation required to defeat the system using the best known attack exceeds, by a comfortable margin, the computational resources of the hypothesized adversary. e.g., given limited computing resources, it takes the age of universe to break cipher.

Security Definition

Provable security

The difficulty of defeating the system can be shown to be essentially as difficult as solving a well-known and supposedly difficult problem (e.g., integer factorization)

Ad hoc security

Claims of security generally remain questionable Unforeseen attacks remain a threat

DES (Data Encryption Standard) 3DES (Triple DES) IDEA (International Data Encryption Algorithm) AES (Advanced Encryption Standard)

Authors: NSA & IBM, 1977

Data block size: 64-bit (64-bit input, 64-bit output) Key size: 56-bit key

Encryption is fast

DES chips DES software: a 500-MIP CPU can encrypt at about 30K octets per second

Security

No longer considered secure: 56 bit keys are vulnerable to exhaustive search

Triple-DES (3DES)

C = DESk3(DESk2(DESk1(P))).

Data block size: 64-bit Key size: 168-bit key; effective key size: 112 (due to man-in-the-middle attack)

Encryption is slower than DES Securer than DES

Authors: Lai & Massey, 1991 Data block size: 64-bit Key size: 128-bit Encryption is slower than DES Security

Nobody has yet published results on how to break it

Authors: Daemen & Rijmen Block size:128-bit Key size: 128-bit, 192-bit, 256-bit Encryption is fast Security

As of 2005, no successful attacks are recognized. NSA stated it secure enough for non-classified data.

- Chapter 09Uploaded bymaged abbass
- savcrefUploaded by23021992619
- Network Security PointsUploaded byDogan Tuncer
- 10.1.1.21.9175Uploaded byVelibor Saban
- Embedding a Non-Standard Encryption/Decryption Method with Mathematical Draw Function to Meet Challenges in MobilityUploaded byseventhsensegroup
- Empirical Study of a Key Authentication Scheme in Public Key CryptographyUploaded byAnonymous 7VPPkWS8O
- DAA ReportUploaded byAhmed Razzaq
- nsUploaded byNavindra Uraiya
- EcomIIUploaded byVinay Korekar
- Image Encryption & Decryption Model_2Uploaded byJaved Anwar
- Week6-WUploaded byleish
- EncryptionUploaded byManuel Aleixo Leiria
- Log FileUploaded byArdiAnto
- Ep 32883890Uploaded byAnonymous 7VPPkWS8O
- CryptographyUploaded byashishkumar777
- IRJET-An Innovative Approach for Secret Hiding Based on Visual Cryptography SchemeUploaded byIRJET Journal
- Data Security.enUploaded byarejei87
- Information Security Unit-2 - 9 HMACUploaded byLokesh Sai Kumar Dasari
- encyc Steganography encryptionUploaded byJared Gutierrez
- Cloud Security MechanismsUploaded byVidushi Sood
- Is Tutorial 1Uploaded bychithrasreemod
- Proj ReportUploaded byMohan Rajkumar.j
- Ban Logic TutorialUploaded byina_agustina879124
- Comp Crimes Ethics SecurityUploaded byShafeer Khan
- IT0350_2011Uploaded byJatin Sinha
- SePP Configuration ManualUploaded byStefan Kraxberger
- Exam 2- Ch. 5-8Uploaded byAmberMichele
- AesUploaded byapi-3719969
- Chapter 9Uploaded byLee Elizalde
- Hacking FaqUploaded byapi-3814317

- HP Deskjet 5075 Ink Advantage All-In-One User Manual EnUploaded bynooti
- ProgramsUploaded bynooti
- Howto SocketsUploaded bynooti
- Graphics ProgrammingUploaded bynooti
- d Scouse PlanUploaded bynooti
- Cg Previous Year QP With Ans -ShortanswersUploaded bynooti
- 2d TransformationsUploaded bynooti
- QuestionsUploaded bynooti
- attributesofoutputprimitives ch4Uploaded bynooti
- Contents Beyond Syllabus for MmsUploaded bynooti
- ICJPManualUploaded bynooti
- Servlets Life CycleUploaded bynooti
- mmadUploaded byroja1901
- Arithmetic Addition ExampleUploaded bynooti
- Cns Chapter5Uploaded bynooti
- Wk1.1.IntroUploaded bynooti
- Visual Programming Lab MannulUploaded byShiva Prakash
- Solved MCQ of Computer Security and Network SecurityUploaded bynooti
- Ch4Uploaded bynooti
- moodleguide.pdfUploaded byAnonymous KHDGWrV6GQ
- ASPUploaded bynooti
- basic computer organization & designUploaded bymuralik_64
- JavaClass_lecture12Uploaded bynooti
- cao termsUploaded bynooti
- Case Studies on Cryptography and SecurityUploaded bynooti
- SubroutinesUploaded bynooti
- PracticeProblems-COA8eUploaded byAnousith Phompida
- Introduction to MasterPages in ASPUploaded bynooti
- 3D SecureUploaded bynooti

- Data Access Object DesignUploaded byPavel Mička
- Images in EndNoteUploaded byscribd-123
- ERP_PAPER_7Uploaded byHarinath Reddy Chemmala
- What is RTWPUploaded bysumantabhuin
- operational risk by j l king.pdfUploaded byGhazala Quraishy
- Slide acromegalyUploaded byadwinas253
- Auto Revista Issue 12-11-2009Uploaded byAutoRevista
- I-LAB Diacetyl Analyses Method[1]Uploaded byEmanuele Hernandes
- SS.pdfUploaded bycn
- NBIE- SintexUploaded byvarun_in
- Tensegrity Prototype Tg3 by PenaUploaded byTensegrity Wiki
- Lab- Rate of TranspirationUploaded byBrianna Mayer
- Ta-1004q1 Cash and Cash EquivalentsUploaded byleonardo alis
- molly spear programming finalUploaded byapi-243273719
- Unknown - 1868 - Flateyjarbók En samling af Norske Konge-sagaer.pdfUploaded bycarlaz
- 1st seminar achyarUploaded byMuhamad Galih Sumajaya
- See You Again - Charlie Puth.pdfUploaded byMaartje02
- discoFront Prop Rebuild[1]Uploaded bykh500
- Accelerated DepreciationUploaded byaaaa
- 10.1.1.50.6896(1)Uploaded byd882011
- 下述内容来于新加坡Agri Velt的博客Uploaded byJW整形
- Leading the Transformation: Capgemini Mobile World Congress Show Special e-bookUploaded byCapgeminiTME
- ExamsGrade 1Z0-417 Test Practice QuestionsUploaded byLamont Bauch
- Skype de TaniaUploaded byCarlosBryanAndonayre
- 9671-19391-2-PBUploaded byMhamoondt Sii Sibuk
- NetBackup AdminGuide Oracle UnixUploaded byluciano_faria_17
- Blaser B97Uploaded byJustin
- Print Edition: February 05, 2014Uploaded byDhaka Tribune
- Admin Guide - ImpUploaded byGeetha Dasariraju
- Electrical Manual Centurion System P&H 2800XPBUploaded byanonimo