10 system.security.cryptography
TRANSCRIPT
Advanced C# Course
10- System.Security.Cryptography@MhdAlyan
04/13/2023 11:49 PM 2
Outlines Discover System.Security.Cryptography(How To Ensure Secure
Layer for our Applications) Understand Security Objectives (Security Requirements) ,
Security Mechanism . Explaining Security Requirements such as :
Confidentiality Data Integrity Availability Authentications None Repudiation .
Symmetric Encryption(Such as : AES) . Asymmetric Encryption(Such as : RSA).
04/13/2023 11:49 PM 3
Course Outlines Hash Functions(Such as , MD5 ,SHA-n) Message Authentication ways. Digital Signature ,What is it ? , Why do we need? , How is it
used? Entity Authentication (Such as : by Random Numbers !) PKI
CA …
04/13/2023 11:49 PM 4
Introduction What is Security?What is Information Security?Why We Need to Information security ?security requirementsSecurity Mechanisms
04/13/2023 11:49 PM 5
What is Security?What is Security?
Protecting general assets can be realized through:
Prevention Detection Reaction
Example : Private property
Prevention: locks at doors, window bars, walls around the
property.
Detection: stolen items aren’t there any more, burglar alarms,
CCTV, …
Reaction: call the police,…
04/13/2023 11:49 PM 6
What is Information Security ?
Information securityProtecting information and information resources
such as: books, faxes, computer data, voice communications, etc.
Information security What needs to be protected ? , i.e., assets Why (Security requirements which include CIA), What we need to protect from (Threats, vulnerabilities, risks), and how (Security measures) to protect it for as long as it
exists Security measures are implemented according to security
policies
7
What is Information Systems Security?
InformationSystems
(assets)
SecurityMeasures
Attackers
Policies
04/13/2023 11:49 PM 8
security requirementsMost important security requirements are:
Confidentiality: keeping information secret from all but those who are authorized to see it.
Integrity: ensuring information has not been altered by unauthorized or unknown means.
Availability: keeping information accessible by authorized users when required
Henric Johnson 9
Security Goals
Integrity
Confidentiality
Avaliability
04/13/2023 11:49 PM 10
security requirementsOther requirements:
Entity authentication: corroboration of the identity of an entity (e.g., a person, a credit card)Identification, identity verification
Message authentication: corroborating the source of information; also known as data origin authentication.Message authentication implicitly provides data
integrity
Non-repudiation: preventing the denial of previous commitments or actions
04/13/2023 11:49 PM 11
Security MechanismsCryptography Using Hashing (One Way Function) Functions
For Data Integrity Using Random Numbers for Authentication Using Digital Signature For None –
Repudiation
04/13/2023 11:49 PM 12
CryptographyEncryption algorithms have the following
schema:
04/13/2023 11:49 PM 13
Cryptography algorithms Types of cryptographic algorithms:
Symmetric Cryptography Stream Cipher . Block Cipher (Such as , DES ,3DES,AES)
Asymmetric (Public Key) Cryptography(RSA,ElGamal)
Symmetric Cryptography
15
Symmetric Cryptography Encryption key Decryption key=
ciphertext
EncryptionAlgorithm
Decryptionalgorithm plaintextplaintext
AES
Block of plaintext
128
Block of ciphertext
128
Encryption key
128 ,192 ,or 256
04/13/2023 11:49 PM 16
Symmetric Cryptography Example Characteristics :
Using The Same Key , for Encryption and Decryption Relatively small size of the keyKey must be kept secretIn a multiuser environment, there are heaters in
the process of key management Relatively Fast.Prefer to use for encrypting the massive
information.
04/13/2023 11:49 PM 17
Asymmetric Cryptography
04/13/2023 11:49 PM 18
Asymmetric Cryptography Alice wants to send a secret message m to BobBob should have 2 keys: public KUb and private
KRb
Prior to message encryption, Alice gets by some
means an authentic copy of Bob’s public key (i.e., the encryption key)
04/13/2023 11:49 PM 19
Asymmetric Cryptography
Key Source
MessageSource
Encryptionm
Alice
MessageSource
Decryption
m
Bob
KUb
KRb
04/13/2023 11:49 PM 20
Asymmetric Cryptography
Example Characteristics :
Two keys are used.The size of the keys is too large(over 1024 bit)Does not need the public key to any confidentialRelatively Slow.Preferably be used in data encryption small size
(asymmetric keys algorithms, such as AES Key)
04/13/2023 11:49 PM 21
Public Keys Distribution By the hand
04/13/2023 11:49 PM 22
Attacking RSA
04/13/2023 11:49 PM 23
Attacking RSARSA claims that 1024-bit keys are
likely to become crackable some time between 2006 and 2010 and that 2048-bit keys are sufficient until 2030.
An RSA key length of 3072 bits should be used if security is required beyond 2030.
04/13/2023 11:49 PM 24
One-Way Functions (OWF)A one-way function is a function that is “easy” to
compute and “difficult” to reverse (Such as : MD5,SHA-n)
H(m) provides error-detection capability(Data Integrity)
Example.
04/13/2023 11:49 PM 25
Message Authentication Message authentication is a procedure to
verify that received messages come from the pretended source and have not been altered. Also called data origin authenticationIt provides integrity.
26
Message Authentication Message Authentication Can be done by:
Message encryption: Symmetric encryption: if the encryption/decryption key is not known
to any other party (except the sender and receiver)
Asymmetric encryption:
the sender should uses its private key to encrypt the message,
the sender’s public key is then used to decrypt the message.
This helps providing only authentication !
Hash code:
H(m||S), where S is secret key shared between the sender and receiver.
No encryption
04/13/2023 11:49 PM
04/13/2023 11:49 PM 27
Message Authentication Example .
04/13/2023 11:49 PM 28
Digital signatureThe purpose of a digital signature is thus for an entity
to bind its identity to a message.We use the term:
signer for an entity who creates a digital signature
verifier for an entity who receives a signed message and attempts to check whether the digital signature is “correct” or not.
A digital signature on a message provides:Message authentication : message’s origin is known +
integrityNon-repudiation
04/13/2023 11:49 PM 29
Digital signature using hash algorithms
04/13/2023 11:49 PM 30
RSA Signature
Hash Function
message
(RSA)
signature
Hash
Signer’s private key
signature
message Signed message
04/13/2023 11:49 PM 31
Verification of a RSA Signature
Signer’s public key
Hash Function
? =
Decision
message
signature
)RSA(
32
Entity Authentication•Traditional method of using a password (PAP)
Password1
User Name +Password
Network
33
Entity Authentication• CHAP Method
NetworkClient1 P1
Client2 P2
Client3 P3
P1
Rand1
Hash(Rand1,P1)
04/13/2023 11:49 PM 34
04/13/2023 11:49 PM 35