cryptography chapter 7 part 3 pages 812 to 833. symmetric cryptography security services – only...
TRANSCRIPT
![Page 1: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/1.jpg)
Cryptography
Chapter 7Part 3
Pages 812 to 833
![Page 2: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/2.jpg)
Symmetric Cryptography
• Security Services– Only confidentiality, not authentication or non-
repudiation• Scalability– N(N-1)/2 secret keys
• Secure key distribution– Secure courier?
![Page 3: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/3.jpg)
Diffie-Hellman Algorithm
• First asymmetric • Subject to man-in-the-middle attack– Figure 7-20 on page 814
![Page 4: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/4.jpg)
RSA
• 1978 MIT– Ron Rivest, Adi Shamir, Leonard Adleman
• De facto asymmetric standard• RSA works– Pages 816-7
![Page 5: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/5.jpg)
RSA
• Security = difficulty in factor large numbers into a product of primes
• One-way function– Multiplying two primes is easy. Factoring is hard.
• If someone figures out an efficient way of factoring, RSA would be broken
• Key exchange protocol for AES
![Page 6: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/6.jpg)
ECC
• Elliptic Curve Cryptosystem• Discete Logarithms of Elliptic Curves• Figure 7-21 on page 819• More efficient than RSA• Limited processing, storage, power supply and
bandwidth devices such as cellular telephones
![Page 7: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/7.jpg)
Hash Algorithms
• MD-5– 128-bits– Ron Rivest– Subject to collisions
• SHA-1– 160-bits– NSA, NIST
![Page 8: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/8.jpg)
Hash Algorithms
• SHA-2– SHA-256, SHA-384, SHA-512
• SHA-3– NIST draft
![Page 9: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/9.jpg)
Message Authentication Code
• MAC– Figure 7-22a on page 822– Man-in-the-middle attack– Integrity– Can detect only unintentional modification
![Page 10: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/10.jpg)
HMAC
• Hash MAC– Figure 7-22b on page 822– Integrity and data origin authentication
• CBC-MAC– Figure 7-23 on page 824
![Page 11: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/11.jpg)
Collision
• Two message produce the same hash value• Birthday attack– Same birthday as you > 50%?• 253
– Two people with same birthday > 50%?• 23• 2^(n/2)
– SHA-1 (160-bits)• 2^80
![Page 12: Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation](https://reader036.vdocuments.site/reader036/viewer/2022082818/56649f145503460f94c28ea2/html5/thumbnails/12.jpg)
Digital Signatures
• Figure 7-24 on page 830• Provides authentication, non-repudiations,
and integrity