cs 356 – lecture 3 cryptographic toolsgersch/cs356/356lecture03.pdfcs 356 – lecture 3...
TRANSCRIPT
-
CS 356 – Lecture 3Cryptographic Tools
Fall 2013
Tuesday, September 3, 13
-
Today’s Plan• Homework # 1 is due by the time I finish presenting the next slide.
• Homework #2 is posted on web and RamCT. Submit it on RamCT by start of class next Tuesday.– note: this one’s got 7 questions and they are harder to answer, so do
them early. You may need to look some things up.
• Finish Symmetric Key Crypto
• Explain Public Key Crypto
• Explain Message Digests and Authentication
• Feedback form hand-out; return at end of class– goal: improve the class and tune it to your style of learning
2
Tuesday, September 3, 13
-
Did I mention the HOMEWORK is due NOW!?!!!
3
Tuesday, September 3, 13
-
FINISH SYMMETRIC ENCRYPTION
Tuesday, September 3, 13
-
Data Encryption Standard (DES)
the most widely used encryption scheme
• FIPS PUB 46• referred to as the Data Encryption Algorithm (DEA)
• uses 64 bit plaintext block and 56 bit
strength concerns:• concerns about algorithm
• DES is the most studied encryption algorithm in existence
• use of 56-bit key• Electronic Frontier Foundation (EFF)
announced in July 1998 that it had broken a
Tuesday, September 3, 13
-
•Figure 2.2 Time to Break a Code (assuming 106 decryptions/ms) The graph assumes that a symmetric encryption algorithm is attacked using•a brute-force approach of trying all possible keys
Tuesday, September 3, 13
-
Triple DES (3DES) repeats basic DES algorithm three times using
either two or three unique keys first standardized for use in financial applications
in ANSI standard X9.17 in 1985 attractions:
168-bit key length overcomes the vulnerability to brute-force attack of DES
underlying encryption algorithm is the same as in DES drawbacks:
algorithm is sluggish in software uses a 64-bit block size
Tuesday, September 3, 13
-
Advanced Encryption Standard (AES)
needed a replacement for 3DES
• 3DES was not reasonable for long term use
NIST called for proposals for a new AES in 1997
• should have a security strength equal to or better than 3DES• significantly improved efficiency• symmetric block cipher• 128 bit data and 128/192/256 bit keys
selected Rijndael in November 2001
• published as FIPS 197
Tuesday, September 3, 13
-
DES, 3DES, and AES
•Comparison of Three Popular Symmetric Encryption Algorithms
Tuesday, September 3, 13
-
Practical Security Issues
Tuesday, September 3, 13
-
Practical Security Issues typically symmetric encryption is applied to a unit
of data larger than a single 64-bit or 128-bit block
Tuesday, September 3, 13
-
Practical Security Issues typically symmetric encryption is applied to a unit
of data larger than a single 64-bit or 128-bit block electronic codebook (ECB) mode is the simplest
approach to multiple-block encryptioneach block of plaintext is encrypted using the same key cryptanalysts may be able to exploit regularities in the
plaintext
Tuesday, September 3, 13
-
Practical Security Issues typically symmetric encryption is applied to a unit
of data larger than a single 64-bit or 128-bit block electronic codebook (ECB) mode is the simplest
approach to multiple-block encryptioneach block of plaintext is encrypted using the same key cryptanalysts may be able to exploit regularities in the
plaintext
modes of operationalternative techniques developed to increase the security of
symmetric block encryption for large sequencesovercomes the weaknesses of ECB
Tuesday, September 3, 13
-
Block Cipher Concepts1. Divide (plaintext) Data Into Fixed Blocks
• DES divides message into 64 bit blocks2. Apply The Algorithm to Each Block
• Input is block and symmetric key• Output is a block of encrypted data
3. Transmit the Encrypted Block4. Decrypt the Block
• Input is block and symmetric key• Output is a block of decrypted data
Tuesday, September 3, 13
-
Block Cipher Encryption
Stream Encryption
Tuesday, September 3, 13
-
Block & Stream CiphersBlock Cipher• processes the input one block of elements at a time• produces an output block for each input block• can reuse keys• more common
Stream Cipher• processes the input elements continuously• produces output one element at a time• primary advantage is that they are almost always faster and use far less code
Tuesday, September 3, 13
-
Public Key Encryption Pioneers Diffie and Hellman
14
Tuesday, September 3, 13
-
Public-Key Encryption Structure
Tuesday, September 3, 13
-
Public-Key Encryption Structure
publicly proposed by
Diffie and Hellman in
1976
based on mathematical
functions
asymmetric
• uses two separate keys• public key and private key• public key is made public for others to use
some form of protocol is needed for distribution
Tuesday, September 3, 13
-
RSA algorithm: Ron Rivest, Adi Shamir & Len Adleman
16
Tuesday, September 3, 13
-
Fun with Prime Numbers
• Can you find the prime factors of 33? – (you should have learned in the fifth grade....)
• Can you find the prime factors of 6784578994572859509348579856944875935693048176987467439593085670934573849570497394857039475039475639838574896704932487589457489784867882112834380380009792837643846856785764987698664531?
• A BIG PRIME NUMBER (e.g. 100 digits) times another BIG PRIME is really really BIG. And practically impossible to factor to get the prime numbers back again.
17
Tuesday, September 3, 13
-
Remember our Number Game last lecture?
• Using prime numbers 3 and 11– 3 x 11 = 33
• Public Key based on 2 numbers, 7 and 33: encrypt as n^7 mod 33
• Private key based on 3 and 33: decrypt as n^3 mod 33
• Not very secure, not very practical (can’t encrypt large numbers). So use really BIG prime numbers.
18
Tuesday, September 3, 13
-
Public Key Encryption
Tuesday, September 3, 13
-
Public Key Authentication
Tuesday, September 3, 13
-
Requirements for Public-Key Cryptosystems
computationally easy to create
key pairs
computationally easy for sender knowing public key to encrypt
messages
computationally easy for receiver
knowing private key to decrypt
ciphertextcomputationally
infeasible for opponent to determine
private key from public key
computationally infeasible for opponent to otherwise
recover original message
useful if either key can be used
for each role
Tuesday, September 3, 13
-
Public Key Algorithms• RSA (Rivest, Shamir, Adleman)
– developed in 1977– only widely accepted public-key encryption algorithm– given tech advances need 1024+ bit keys. 2048 bits now
common.
• Diffie-Hellman key exchange algorithm– only allows exchange of a secret key
• Digital Signature Standard (DSS)– provides only a digital signature function with SHA-1
• Elliptic curve cryptography (ECC)– new, security like RSA, but with much smaller keys
Tuesday, September 3, 13
-
Table 2.3
• Applications for Public-Key Cryptosystems
Tuesday, September 3, 13
-
Practical Application: Encryption of Stored Data
• common to encrypt transmitted data• much less common for stored data
– which can be copied, backed up, recovered• approaches to encrypt stored data:
– back-end appliance– library based tape encryption– background laptop/PC data encryption
Tuesday, September 3, 13
-
25
Cryptography is like magic fairy dust,we just sprinkle it on our protocols and its makes everything secure
Tuesday, September 3, 13
-
Recent Headline in MIT Technology Review
26
Tuesday, September 3, 13
-
27
There is no magic fairy dust
Tuesday, September 3, 13
-
Digital Signatures
Tuesday, September 3, 13
-
Digital Signaturesused for authenticating both source and
data integrity
Tuesday, September 3, 13
-
Digital Signaturesused for authenticating both source and
data integritycreated by encrypting hash code with
private key
Tuesday, September 3, 13
-
Digital Signaturesused for authenticating both source and
data integritycreated by encrypting hash code with
private keydoes not provide confidentiality
even in the case of complete encryptionmessage is safe from alteration but not
eavesdropping
Tuesday, September 3, 13
-
Message Authentication
protects against active attacks
verifies received message is authentic• contents have not been altered• from authentic source• timely and in correct sequence
can use conventional encryption• only sender & receiver share a key
Tuesday, September 3, 13
-
Message Authentication Codes
Tuesday, September 3, 13
-
Secure Hash Functions
Tuesday, September 3, 13
-
Hash Function Requirements
Tuesday, September 3, 13
-
Hash Function Requirements• can be applied to a block of data of any size• produces a fixed-length output• H(x) is relatively easy to compute for any given x• one-way or pre-image resistant
– computationally infeasible to find x such that H(x) = h
• second pre-image resistant or weak collision resistant– computationally infeasible to find y ≠ x such
that H(y) = H(x)• collision resistant or strong collision resistance
– computationally infeasible to find any pair (x, y) such that H(x) = H(y)
Tuesday, September 3, 13
-
Security of Hash Functions
Tuesday, September 3, 13
-
Security of Hash Functions there are two approaches to attacking a
secure hash function:cryptanalysis
exploit logical weaknesses in the algorithm
brute-force attack strength of hash function depends solely on the length of the hash
code produced by the algorithm
SHA most widely used hash algorithm
additional secure hash function applications:passwords
hash of a password is stored by an operating system intrusion detection
store H(F) for each file on a system and secure the hash values
Tuesday, September 3, 13
-
Message Authentication
Using a One-Way
Hash Function
Tuesday, September 3, 13
-
Public Key Certificates
Tuesday, September 3, 13
-
Public Key Certificates
Tuesday, September 3, 13
-
Digital Envelopes
protects a message without needing to first arrange for sender and receiver to have the same secret key
• ***equates to the same thing as a sealed envelope containing an unsigned letter
Tuesday, September 3, 13
-
Random Numbers
keys for public-key algorithms
stream key for symmetric stream cipher
symmetric key for use as a temporary session key or in creating a digital envelope
handshaking to prevent replay attacks
session key• Uses include generation of:
Tuesday, September 3, 13
-
Random Numbers
keys for public-key algorithms
stream key for symmetric stream cipher
symmetric key for use as a temporary session key or in creating a digital envelope
handshaking to prevent replay attacks
session key• Uses include generation of:
Tuesday, September 3, 13
-
Random Numbers
• random numbers have a range of uses• requirements:• randomness
– based on statistical tests for uniform distribution and independence
• unpredictability– successive values not related to previous– clearly true for truly random numbers– but more commonly use generator
Tuesday, September 3, 13
-
Pseudorandom verses Random Numbers
• often use algorithmic technique to create pseudorandom numbers– which satisfy statistical randomness tests– but likely to be predictable
• true random number generators use a nondeterministic source– e.g. radiation, gas discharge, leaky
capacitors– increasingly provided on modern
processors
Tuesday, September 3, 13
-
Summary• introduced cryptographic algorithms• symmetric encryption algorithms for
confidentiality• message authentication & hash
functions• public-key encryption• digital signatures and key management• random numbers
Tuesday, September 3, 13
-
Thursday• You will be receiving LOGIN credentials from the DETER
project in your student email sometime this week. For now, just login and change your password.– If you don’t get it by Thursday, inform Pinalkumar
• Project 1 will be posted by Thursday. It is due on September 26th. – 3 weeks looks like a lot of time. It isn’t. No, really!– Don’t count on doing it at the last minute. There are only 20
systems at DETER reserved for 50 students. That means that only 20 of you can login at one time to run the experiment. If you wait, you are likely going to be shut out!!!
• We’ll be starting chapter 3 in the text.
42
Tuesday, September 3, 13