Upload
helen-alexander
View
227
Download
3
Tags:
Embed Size (px)
Citation preview
Chapter 16Security
Introduction to CS
1st Semester, 2012 Sanghyun Park
Outline Introduction Aspects of Security Privacy Digital Signature
Introduction With the growth of the ______, more and more data are
being exchanged, and those data need to be _______
For example, when we shop on the Internet, we expect that the information we send to the vendor is kept secret
Also, when we receive a message, we sometimes need to ___________ the sender
In this chapter, we touch on the subject of security
There are four aspects of security
Aspects of Security (1/2)
Security
Privacy Authentication Integrity Nonrepudiation
Aspects of Security (2/2) Privacy: Only the ______ and the ________ are able to
understand the contents of the message
Authentication: The receiver needs to be sure of the sender’s _______
Integrity: The contents of the message need to be _________ during transmission
Nonrepudiation: A system needs to prove that the sender _______ sent the message
Privacy Privacy can be achieved using ________________
methods
The data are encrypted at the sender site and decrypted at the receiver site
Two categories of encryption/decryption methods in use today are _______ key and _______ key
Privacy with Secret Key Encryption The simplest way to encrypt data is to use a _____ key The sender uses this key and an ________ algorithm to
encrypt data; the receiver uses the _____ key and the corresponding algorithm to decrypt the data
The _____ key is used in encryption and decryption However, the encryption and decryption algorithms are
the _______ of each other
Data Encryption Standard (DES) (1/2)
We use very sophisticated encryption algorithm; the most common is called data encryption standard (DES)
DES encrypts and decrypts at the ___ level The data are first transformed into a string of ___, and
then broken into _______ of 64 bits Each segment is then encrypted using a 56-bit key
Data Encryption Standard (DES) (2/2)
The secret key algorithms are very _______;they take less time to encrypt or decrypt compared with the ______ key algorithms
Therefore they are very good candidates for ____ messages
Each pair of users must have a secret key
The _________ of the keys between two parties can be difficult
Privacy with Public Key Encryption There are two keys: a private key and a public key The private key is kept by the _______ The public key is announced to the ______ When user A wants to send a message to user B,A uses the _____ key of B to encrypt the message;When the message is received by B,B uses its _______ key to decrypt the message
RSA: Basic Idea The most common public-key algorithm is named after its
inventors, Rivest-Shamir-Adleman (RSA) encryption The private key is a pair of numbers (N, d);
the public key is also a pair of numbers (N, e) The sender uses the following algorithm to encrypt the
message: C = _________ The receiver uses the following algorithm to decrypt the
message: P = _________ A major concept of the RSA algorithm is the use of very
______ numbers for d and e In practice, the trial-and-error approach to breaking the
code takes a _____ time (e.g. several months) even with the fastest computers available today
RSA: Example
RSA: Choosing Public and Private Keys
One question is how to choose the three numbers N, d, and e for encryption and decryption to work
The inventors of the RSA algorithm mathematically proved that using the following procedure guarantees that the algorithm will work Choose two large ______ numbers, p and q Compute N = p x q Choose e (less than N) such that e and (p-1)(q-1) are relative
_______ (having no common factor other than 1) Choose d such that (e x d) mod [(p-1)(q-1)] is equal to ___
Privacy Using The Combination (1/2)
We can combine the advantage of the secret key algorithm (_________) and the advantage of the public key algorithm (easy ___________ of keys)
The procedure is as follows: The sender chooses a ______ key; this secret key is called the
one-session key; it is used only _____ The sender uses the ______ key of the receiver to encrypt the
secret key and sends the encrypted secret key to the receiver The receiver uses the _______ key to decrypt the secret key The sender uses the ______ key to encrypt the actual message
Privacy Using The Combination (2/2)
Digital Signature The other three aspects of security
(integrity, authentication, and nonrepudiation) can be achieved using the ______ of a document by its ______
Digital signature is a digital code that can be attached to an electronically transmitted message and that uniquely _______ the sender
Digital signature must be _________
Digital signature can be done in two ways: signing the ______ document or signing a ______ of the document
Signing The Whole Document (1/3) We can use _____ key encryption to sign the whole
document
The sender uses his ______ key (not the public key of the receiver) to encrypt the message
The receiver uses the _____ key of the sender (not his private key) to decrypt the message
The private key is used for encryption and the public key is used for decryption
Signing The Whole Document (2/3)
This method does not provide ______; anybody can use the ______ key of the sender to read the message.We need another level of encryption
Signing The Whole Document (3/3) The integrity of the message is preserved because,
if an intruder intercepts and changes the message,the decrypted message would be _________
The message can be authenticated because,if an intruder sends a message encrypted by his own private key, the message is then not decrypted correctlyby the public key of the _____ author
Although the sender can deny sending the message,he must reveal (in court) his private key.If we encrypt and decrypt the ________ message,we get the _____ message
Signing The Digest It is very ________ to use public key encryption to sign
the whole document
To make the process more efficient,we can let the sender sign a _______ of the document
The sender makes a _________ of the documentand signs it (encrypts it with his private key)
The receiver then checks the signature of the miniature (decrypts it with the sender’s _______ key)
Creating a Digest of The Message
Use a _____ function to create a digest of the message The digest is of fixed size (usually 128 bits) The two most common hash functions are Message
Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA-1) The hash function has two properties to succeed
Hashing should be _________ Hashing should be _________
Sender Site After the digest has been created,
it is encrypted (signed) using the sender’s ______ key The encrypted digest is ______ to the original message
and sent to the receiver
Receiver Site (1/2) ________ the message and the encrypted digest
Apply the same hash function to the message to create a ______ digest
Decrypt the _______ digest using the public key of the sender
It the two digests are the _____, it is obvious that all three aspects of security are _________
Receiver Site (2/2)
Three Aspects of Security UnderThe Method of Signing The Digest
If the received message creates a ______ of the digest,the message has not been changed
The digest comes from the true sender,so the message also comes from the true sender
The sender cannot deny the message because he cannot deny the digest; the only message that can create that digest is the received message
This method does not provide ______;We need another level of encryption