cryptographic techniques
DESCRIPTION
CRYPTOGRAPHIC TECHNIQUES..TRANSCRIPT
-
Web Security: Theory & ApplicationsSchool of Software, Sun Yat-sen University
Module I. Fundamentals of Information Security
Chapter 2Cryptographic Techniques
-
Web Security : Theory And Applications 2 / 41
Chapter 2 - Outline
2.1 Cryptology Introduction Introduction History Concepts & Items
2.2 Symmetric Key Cryptographic Algorithms Introduction Types & Modes Data Encryption Standard (DES) Advanced Encryption Standard (AES)
-
Web Security : Theory And Applications 3 / 41
2.3 Asymmetric Key Cryptographic Algorithms Introduction The RSA Algorithm Digital Signatures
2.4 Hashing Algorithms Introduction Message-Digest Algorithm (MD5)
2.5 Typical Applications MD5 and Passwords AES and Wi-Fi Protected Access RSA and E-Business
Chapter 2 - Outline
-
Web Security : Theory And Applications 4 / 41
Chapter 2 - Outline
2.1 Cryptology Introduction Introduction History Concepts & Items
2.2 Symmetric Key Cryptographic Algorithms2.3 Asymmetric Key Cryptographic Algorithms2.4 Hashing Algorithms2.5 Typical Applications
-
Web Security : Theory And Applications 5 / 41
2.1.1 Introduction Definition
Cryptography (or cryptology; from Greek krypts, "hidden, secret"; and grphein, "writing", or -logia, "study", respectively) is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation.
2.1 Cryptology Introduction
-
Web Security : Theory And Applications 6 / 41
Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering.
Applications of cryptography include ATM cards, computer passwords, and electronic commerce.
2.1 Cryptology Introduction
-
Web Security : Theory And Applications 7 / 41
2.1.2 History The Manual ERA The Mechanical ERA The Modern ERA
2.1 Cryptology Introduction
German Lorenz cipher machine,
used in World War II to encrypt
very-high-level general staff
messages
-
Web Security : Theory And Applications 8 / 41
2.1.3 Concepts & Items Plain Text and Cipher Text
Key and Key Space
Cryptosystem Services
Confidentiality, Integrity, Authenticity, Non-repudiation, Access Control
Cryptographic Methods
Symmetric, Asymmetric Attributes of Strong Encryption
Confusion, Diffusion
2.1 Cryptology Introduction
-
Web Security : Theory And Applications 9 / 41
Chapter 2 - Outline
2.1 Cryptology Introduction 2.2 Symmetric Key Cryptographic Algorithms
Introduction Types & Modes Data Encryption Standard (DES) Advanced Encryption Standard (AES)
2.3 Asymmetric Key Cryptographic Algorithms 2.4 Hashing Algorithms 2.5 Typical Applications
-
Web Security : Theory And Applications 10 / 41
2.2.1 Introduction Symmetric-key cryptography is sometimes called secret-
key cryptography. It is a kind of encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message.
Symmetric-key systems are simpler and faster. The two parties must somehow exchange the key in a secure way.
The most popular symmetric-key system is the DES,Data Encryption Standard.
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 11 / 41
2.2.2 Algorithm Types and Modes Algorithm Types
Block CipherE(M,K)=E(M1,K)E(M2,K) ..E(Mn,K)
MM1M2 Mn
Stream Cipher
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 12 / 41
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 13 / 41
Algorithm Modes
Electronic Code Book (ECB) Mode
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 14 / 41
Source ECB mode non-ECB mode
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 15 / 41
Cipher Block Chaining (CBC) Mode (IBM,1976) CBC - Encryption
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 16 / 41
CBC - Decryption
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 17 / 41
Cipher Feedback (CFB) Mode CFB - Encryption
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 18 / 41
CFB - Decryption
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 19 / 41
Output Feedback (OFB) Mode OFB - encryption
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 20 / 41
OFB - Decryption
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 21 / 41
2.2.3 Data Encryption StandardDES Background and History
How DES Works
Feistel function
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 22 / 41
2.2.4 Advanced Encryption StandardAES Introduction
2001, FIPS PUB 197 Rijndael - Joan Daemen & Vincent Rijmen
Properties Block length = 128 bit Key length = 128/192/256 bit
Steps AddRoundKey SubBytes ShiftRows MixColumns
2.2 Symmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 23 / 41
Chapter 2 - Outline
2.1 Cryptology Introduction 2.2 Symmetric Key Cryptographic Algorithms 2.3 Asymmetric Key Cryptographic Algorithms
Introduction The RSA Algorithm Digital Signatures
2.4 Hashing Algorithms 2.5 Typical Applications
-
Web Security : Theory And Applications 24 / 41
2.3.1 Introduction Definition
A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message.
Scenery When Alice wants to send a secure message to Bob, she uses
Bob's public key to encrypt the message. Bob then uses his private key to decrypt it.
Property It is important that the public and private keys are related in such
a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to deduce the private key from the known public key.
2.3 Asymmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 25 / 41
2.3.2 The RSA Algorithm Introduction
Ron Rivest, Adi Shamir & Leonard Adleman (MIT, 1977)
RSA algorithm is based on the presumed difficulty of factoring large integers, the factoring problem.
2.3 Asymmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 26 / 41
How RSA Works Generating of Public key and Private key
Select two different big prims p and q. Let N=pq. By Eulers function, the number of integers less than and
prim to N is(N) = (pq) = (p) (q) = ( p-1)(q-1)
Select an integer e which is less than and prim to (N) Compute d byed 1 (mod (N)) Destroy p and q (when N is big enough, it will be extremely
difficult to find p, q). (e,N) is used as the public key, and (d,N) the private key.
Alice will send her (e,N) to Bob, but keep her (d,N) in secret.
2.3 Asymmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 27 / 41
Decryption By applying her private (d,N), Alice can decode n from c by
Encryption Suppose that Bob want to send Alice a message m. Bob has
Alices public key (e,N) in hand. Firstly he transforms m to an
integer n less than N in a presumed method. By applying the
key (e,N), n is encrypted to c
2.3 Asymmetric Key Crypt. Algorithms
(mod ), mode en c N or c n N Then Bob can send c to Alice through an unsafe channel.
(mod ) , modd dc n N or n c N
and recover the m from n.
-
Web Security : Theory And Applications 28 / 41
Principle of RSA By Eulers function, given two prims p and q satisfied N=pq
and one integer n satisfied 0
-
Web Security : Theory And Applications 29 / 41
Example of RSA For continent, we select small p,q and e. Suppose A want to sent a string key to B by RSA
encryption. Compute (e,N) and (d,N)
Let p=3, q=11, N=pq=311=33f(N)=(p-1)(q-1)=210=20
We take e=3 (3 is prim to 20) and try to get d such that ed1 mod f(n)3d1 mod 20
We get d by trial:
2.3 Asymmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 30 / 41
f(n)=(p-1)(q-1)=210=20. Take e=3 and try d.
2.3 Asymmetric Key Crypt. Algorithms
7279
4248
1217
18186
15155
12124
993
662
331
(ed) mod f(n)edd
From the table, we find that when d=7, ed 1 mod f(n) holds.
-
Web Security : Theory And Applications 31 / 41
So the public key and the private key are as
KU =(e,N)=(3,33)
and KR =(d,N)=(7,33)
2.3 Asymmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 32 / 41
Digitization
2.3 Asymmetric Key Crypt. Algorithms
26252423222120191817161514
zyxevutdrqpon
13121110090807060504030201
mlkjihgfedcba
By the Code Table, the code values of the string key M1,M2,M3are 11,05,25
Note that the max value of any code is 26 (it can not over N=33).
-
Web Security : Theory And Applications 33 / 41
Encryption
By Me= C (mod N) we have C = Me (mod N)
That is C1 = 113 mod 33, C2 = 53 mod 33, C3 = 253 mod
33
And we get C1= 11, C2= 26, C3= 16
Decryption
By Cd= M (mod N) we have M = Cd (mod N)
That is M1 = 117 mod 33, M2 = 267 mod 33, M3 = 167 mod
33
And we get M1= 11, M2= 5, M3= 25
Message recovery
By checking the Code Table, the string key is recovered.
2.3 Asymmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 34 / 41
2.3.3 Digital Signatures
2.3 Asymmetric Key Crypt. Algorithms
-
Web Security : Theory And Applications 35 / 41
Chapter 2 - Outline
2.1 Cryptology Introduction 2.2 Symmetric Key Cryptographic Algorithms 2.3 Asymmetric Key Cryptographic Algorithms 2.4 Hashing Algorithms
Introduction Message-Digest Algorithm (MD5)
2.5 Typical Applications
-
Web Security : Theory And Applications 36 / 41
2.4.1.Introduction Hashing
Hashing value
Hashing algorithms
Data fingerprint
2.4 Hashing Algorithms
-
Web Security : Theory And Applications 37 / 41
2.4.2.Message-Digest Algorithm (MD) Whats MD5
Message-Digest Algorithm 5 128-bits length
2.4 Hashing Algorithms
-
Web Security : Theory And Applications 38 / 41
Assignments of Sec.2.4
Show me how MD5 works. Design an executable MD5 program in C with some
short samples.
2.4 Hashing Algorithms
-
Web Security : Theory And Applications 39 / 41
Chapter 2 - Outline
2.1 Cryptology Introduction
2.2 Symmetric Key Cryptographic Algorithms
2.3 Asymmetric Key Cryptographic Algorithms
2.4 Hashing Algorithms
2.5 Typical Applications Assignments of Sec.2.5 Write a short thesis on one
of the three applications
MD5 and password protection. AES and Wi-Fi protected access. RSA and electronic business.
-
Web Security : Theory And Applications 40 / 41
References
1. William Stallings, Cryptography and Network Security: Principles and Practice (5th Edition), Prentice Hall 2010
2. http://en.wikipedia.org/wiki/Birthday attackCryptographyData Encryption StandardDiffieHellman key exchangeDigital signatureHash functionInformation_securityMD5Public-key cryptographyRSA
-
Web Security : Theory And Applications 41 / 41
Thank you!