Upload
nguyen-huu-sang-nguyen
View
222
Download
0
Embed Size (px)
Citation preview
8/6/2019 Lecture 02 Introduction Cryptography
1/34
Introduction toIntroduction toryptograp yryptograp y
Dr. Nguyen Tuan NamDr. Nguyen Tuan Nam
[email protected]@yahoo.com
8/6/2019 Lecture 02 Introduction Cryptography
2/34
CryptographyCryptographycomes from the Greek wordscomes from the Greek words
= hidden or secret = hidden or secret = writing = writingThe art of secret writingThe art of secret writing
Basic serviceBasic service The ability to send information between participants in a way thatThe ability to send information between participants in a way that
prevents others from reading itprevents others from reading it e scope o t s c ass: n o cryptograp y w eree scope o t s c ass: n o cryptograp y w ere
Representing information as numbersRepresenting information as numbers Manipulating those numbers mathematicallyManipulating those numbers mathematically
rov es o er serv ces suc asrov es o er serv ces suc as Integrity checkingIntegrity checking AuthenticationAuthentication
2Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
3/34
PlaintextPlaintext oror cleartextcleartext
Message in its original formMessage in its original form CiphertextCiphertext
e mang e n orma one mang e n orma on
EncryptionEncryption The rocess for roducin ci hertext from laintext The rocess for roducin ci hertext from laintext
DecryptionDecryption The reverse of encryptionThe reverse of encryption
plaintext cyphertext plaintextencryption decryption
3Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
4/34
8/6/2019 Lecture 02 Introduction Cryptography
5/34
AnAn algorithmalgorithm
AA secret valuesecret value, known as a, known as a keykey
Why do we need a key?Why do we need a key?
AA ood cr to ra hic schemeood cr to ra hic scheme
Perfectly OK to have everyone (including the bad guys andPerfectly OK to have everyone (including the bad guys andcryptanalysts) know the algorithmcryptanalysts) know the algorithm
Because knowledge of the algorithm without the key does notBecause knowledge of the algorithm without the key does nothelp unhelp un--mangle the information easilymangle the information easily
5Nguyen Tuan Nam/NetSec/Win2010
ow goo s ou t e omputat ona cu ty
8/6/2019 Lecture 02 Introduction Cryptography
6/34
Important for cryptographic algorithms to beImportant for cryptographic algorithms to be reasonably efficientreasonably efficient for thefor the
goo guy o compu egoo guy o compu e
Good guys are the ones with knowledge of the keysGood guys are the ones with knowledge of the keys Cryptographic algorithms are not impossible to break without the keyCryptographic algorithms are not impossible to break without the key. Why?. Why?
the bad guys to break itthe bad guys to break it 10 million years to break using all of the computers in the world10 million years to break using all of the computers in the world consideredconsidered
reasonably securereasonably secure
Combination lock consists of 3 numbersCombination lock consists of 3 numbers Takes 10 seconds to dial in a combinationTakes 10 seconds to dial in a combination reasonably convenient for the goodreasonably convenient for the good
guyguy
How much work is it for the bad guy? (worst case, average)How much work is it for the bad guy? (worst case, average) A scheme can be made more secure byA scheme can be made more secure bymaking the key longermaking the key longer
Combination lock example?Combination lock example?
6Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
7/34
Computer can be used to exhaustively try keysComputer can be used to exhaustively try keys
Faster than peopleFaster than people
Dont get tiredDont get tired Thousands or millions of keys can be tried per secondThousands or millions of keys can be tried per second More ke s can be tried in arallel if ou have multi le com utersMore ke s can be tried in arallel if ou have multi le com uters
VariableVariable--length keylength key Can be made more secure by increasing the length of the keyCan be made more secure by increasing the length of the key Increasing the length of the key by 1 bitsIncreasing the length of the key by 1 bits
oo guy s o ust a t ar eroo guy s o ust a t ar er Bad guys job, how much harder?Bad guys job, how much harder?
FixedFixed--length keylength key Similar al orithm with a lon er ke can be devisedSimilar al orithm with a lon er ke can be devised
QuizQuiz If the computers get 1000 times faster, how much longer should the key lengthIf the computers get 1000 times faster, how much longer should the key length
be?be?
7Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
8/34
wayway
in the combinationin the combination
Good guys:A kind word is a key to get what you want
,and a gun than you can with a kind word alone
8Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
9/34
Keeping a cryptographic algorithm as Publishin the al orithm, so that it is
ewView 2
secret as possible widely known
Common practice today
.the US may be unpublished. Why?
9Nguyen Tuan Nam/NetSec/Win2010
.
8/6/2019 Lecture 02 Introduction Cryptography
10/34
Secret codeSecret code oror ciphercipher
Any method of encrypting dataAny method of encrypting data
Caesar cipherCaesar cipher Substitute for each letter of the message, the letter which is 3 letters laterSubstitute for each letter of the message, the letter which is 3 letters later
in the alphabet (wrap around)in the alphabet (wrap around)
Captain Midnight Secret Decoder ringsCaptain Midnight Secret Decoder rings Pick a number n between 1 and 25Pick a number n between 1 and 25 Su st tute or eac etter o t e message, t e etter w c s n g erSu st tute or eac etter o t e message, t e etter w c s n g er
(wrap around)(wrap around)
MonoMono--alphabetic cipheralphabetic cipher
How many possible parings of letters?How many possible parings of letters? If took 1 microsecond to try each oneIf took 1 microsecond to try each one take about 10 trillion yearstake about 10 trillion years
10Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
11/34
,,
erl lqrx qgt iqul!erl lqrx qgt iqul!
11Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
12/34
Ciphertext onlyCiphertext only
Chosen plaintextChosen plaintext
12Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
13/34
Assumption: Fred, the bad guyAssumption: Fred, the bad guy
Seen some ciphertext (not difficult to obtain)Seen some ciphertext (not difficult to obtain) Can analyze at leisureCan analyze at leisure
HowHow Searches all the keysSearches all the keys Essential for this attack:Essential for this attack:
Recognize when he has succeededRecognize when he has succeededom na on ocom na on oc
Recognizable plaintextRecognizable plaintext attackattack
Enough ciphertextEnough ciphertext XYZXYZ
omet mes, not necessary to searc t roug a ot o eysomet mes, not necessary to searc t roug a ot o eys Statistical analysis (common English words)Statistical analysis (common English words)
A cryptographic algorithmA cryptographic algorithm MUSTMUST be secure against a ciphertextbe secure against a ciphertext
13Nguyen Tuan Nam/NetSec/Win2010
..
8/6/2019 Lecture 02 Introduction Cryptography
14/34
Fred somehow obtained someFred somehow obtained some
pairs. How?pairs. How? With a monoWith a mono--alphabetic cipheralphabetic cipher
A small amount of known plaintext would be bonanza forA small amount of known plaintext would be bonanza forFredFred
Good enough to be secure against ciphertext only attacksGood enough to be secure against ciphertext only attacks
Not good enough against known plaintext attacksNot good enough against known plaintext attacks
Important to design the systems toImportant to design the systems to minimize the possibilityminimize the possibilitythat a bad guy will ever be able to obtain airs
14Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
15/34
Can choose any plaintext he wantsCan choose any plaintext he wants
ciphertext isciphertext is
15Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
16/34
Public key functions: two keysPublic key functions: two keys
Hash functions: zero keyHash functions: zero key
16Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
17/34
Involves the use ofInvolves the use ofa sin le kea sin le ke
Given a message (plaintext) and a keyGiven a message (plaintext) and a key Encryption producesEncryption produces
,,waswas
Decryption is the reverseDecryption is the reverse Usin the same ke as encr tionUsin the same ke as encr tion
Also calledAlso called Conventional cryptographyConventional cryptography
ymme r c cryp ograp yymme r c cryp ograp y Example?Example?
17Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
18/34
Security Uses of Secret KeySecurity Uses of Secret Key
CryptographyCryptography
Secure storage on insecure mediaSecure storage on insecure media
Aut ent cat onAut ent cat on
Integrity checkIntegrity check
18Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
19/34
Authentication Using Secret KeyAuthentication Using Secret Key
CryptographyCryptography
Stron authenticationStron authentication
Someone can prove knowledge of a secret without revealingSomeone can prove knowledge of a secret without revealingitit
oss e w t cryptograp y oss e w t cryptograp y
Particularly useful when 2 computers trying to communicateParticularly useful when 2 computers trying to communicate
over an insecure networkover an insecure network
Alice Bob
rA
rA encrypted with KAB
rBProblem?
19Nguyen Tuan Nam/NetSec/Win2010
rB encrypted with KAB
8/6/2019 Lecture 02 Introduction Cryptography
20/34
What is a checksum?What is a checksum?
Original derivation of checksumOriginal derivation of checksum
CRCCRC Only protect against faulty hardware, but not an intelligent attackerOnly protect against faulty hardware, but not an intelligent attacker CRC algorithms are publishedCRC algorithms are published attacker can reattacker can re--compute CRC after altering thecompute CRC after altering the
messagemessage needsneeds secretsecret checksum algorithmschecksum algorithms
Cryptographic checksumCryptographic checksum
Common (known) algorithmCommon (known) algorithm Secret keSecret ke
MAC (message authentication code) or MIC (message integrity code)MAC (message authentication code) or MIC (message integrity code) At least 48 bits longAt least 48 bits long chance is only one in 280 trillion to guess the MACchance is only one in 280 trillion to guess the MAC
ExampleExample
InterInter--bank electronic funds transfersbank electronic funds transfers Messages are not kept secret, but their integrity is insuredMessages are not kept secret, but their integrity is insured
20Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
21/34
Involves the use of 2 keyInvolves the use of 2 key
A public key that is preferably known to the entireA public key that is preferably known to the entire
orldorld No shared key between the 2 communicating partiesNo shared key between the 2 communicating parties
21Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
22/34
Public Key CryptographyPublic Key Cryptography
Encryption and Digital SignatureEncryption and Digital Signature
plaintext
encryp on
ciphertext
ecryp on
plaintext
public key private key
plaintextsigning
signedverification
plaintext
private key public key
22Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
23/34
and a digital signature?and a digital signature?ww
digital signature?digital signature?
23Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
24/34
Security Uses of Public KeySecurity Uses of Public Key
CryptographyCryptography
key cryptography can dokey cryptography can do
communication tocommunication to
AuthenticateAuthenticate Establish a temporary shared secret keyEstablish a temporary shared secret key
The secret key is used to encrypt the remainder ofThe secret key is used to encrypt the remainder of
the conversation using secret key technologythe conversation using secret key technologyWhy?Why?
24Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
25/34
What should happen?What should happen?
25Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
26/34
Transmitting Over an InsecureTransmitting Over an Insecure
ChannelChannel
message before transmittingmessage before transmittingww
26Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
27/34
For performance reasonsFor performance reasons
se toget er w t secret ey cryptograp yse toget er w t secret ey cryptograp y
27Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
28/34
entitiesentities
Remember lots of secret keysRemember lots of secret keys
Remember only his private keysRemember only his private keys
Know be able to obtain others ublic keKnow be able to obtain others ublic ke
Does not need to keep any secret in order toDoes not need to keep any secret in order to
28Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
29/34
29Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
30/34
Also known asAlso known as messa e di estsmessa e di ests oror oneone-- aa
transformationstransformations Mathematical transformation that takes a message ofMathematical transformation that takes a message of
arbitrary length and computes from it a fixedarbitrary length and computes from it a fixed--lengthlength(short) number(short) number
,,propertiesproperties For any message m, relatively easy to compute h(m)For any message m, relatively easy to compute h(m)
Given h(m), no way to find an m that hashes to h(m)Given h(m), no way to find an m that hashes to h(m) It is computationally infeasible to find 2 values that hash toIt is computationally infeasible to find 2 values that hash to
30Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
31/34
Used to be publicly readableUsed to be publicly readable
31Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
32/34
generate a MAC to protect the integritygenerate a MAC to protect the integrity
Sent the messageSent the message
se t e as o t e message as ase t e as o t e message as a
Method 2?Method 2?
32Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
33/34
has been modifiedhas been modified
Method 2: use a hash function (save storage)Method 2: use a hash function (save storage)
atc outatc out
Bad guy may changes both the data and the hashBad guy may changes both the data and the hash
programprogram
33Nguyen Tuan Nam/NetSec/Win2010
8/6/2019 Lecture 02 Introduction Cryptography
34/34
--
intensiveintensiveuu
Digitally sign the hash result, instead of theDigitally sign the hash result, instead of thew o e messagew o e message
34Nguyen Tuan Nam/NetSec/Win2010