network security. cryptography cryptography functions secret key (e.g., des) public key (e.g., rsa)...
TRANSCRIPT
Network Security
CryptographyCryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5)
Security services Privacy: preventing unauthorized release of information Authentication: verifying identity of the remote
participant Integrity: making sure message has not been altered
DES
Data Encryption Standard (DES)56 bit key, insecureTriple DES is secure, but supplanted by
AES
Advanced Encryption Standard (AES)Specified for US Government contracts
Neither are provably secure
Encryption Algorithms
Private Key (DES)
64-bit key (56-bits + 8-bit parity)
16 rounds
Round 1
Round 2
Round 16
. . .
plain text
Initial Permutation
Final Permutation
56bitKey
Encrypt w/Secret Key
Decrypt w/Secret Key
plaintext plaintext
ciphertext
Each round
Function F and generation of Ki for each round not shown
Repeat for larger messages
L i -1 R i 1
L i R i
F
+
iK
cipher1
block1
DES
+IV
cipher
block
DES
+
2
2 cipher
block
DES
+
3
3 cipher
block
DES
+
4
4
AES
AES operates on a 4×4 array of bytes, termed the state
For encryption, each round of AES consists of four stages: AddRoundKey - each byte of the state is combined with the
derived cipher key SubBytes - a non-linear substitution step where each byte is
replaced with another according to a lookup table. ShiftRows - a transposition step where each row of the state
is shifted cyclically a certain number of steps. MixColumns - a mixing operation which operates on the
columns of the state, combining the four bytes in each column using a linear transformation.
RSA
Public key/Private Key
Provably secure (NP-Complete type proof)
Slow
Multiplicative inverse for public key
With n=7
4*2 mod 7 = 1
4 and 2 are multiplicative inverses mod 7
4*3 mod 7 = 12 mod 7 = 5
2*5 mod 7 = 10 mod 7 = 3
If you multiply any number by 4, take the result and multiply it by 2, you will get the original number back
Encryption & Decryption
c = me mod n
m = cd mod n
Encrypt w/Public Key
Decrypt w/Private Key
plaintext plaintext
ciphertext
Public Key (RSA)Based on multiplicative group operationsGenerate a public and private key choose two large prime numbers p and q (each 256 bits) multiply p and q together to get n (at most 512 bits) choose the encryption key e, such that e and (p-1) x (q-1)
are relatively prime two numbers are relatively prime if they have no common factor
greater than one. compute decryption key d such that
d = e-1 mod((p-1)*(q-1)) construct public key as <e, n> construct private key as <d, n> discard (do not disclose) original primes p and q
Examplep=5, q=11, n=p*q=55, m=message=9, (p-1)(q-1)=40, e=23 and (p-1)*(q-1) are relatively primeWe want d*e=1mod 40, d*23=1mod40 You can try all values less than 40 23*2=46=6mod40, 23*3=69=29mod40, 23*4=92=12mod40,
23*5=115=35mod40, 23*6=138=18mod40 23*7=161=1mod40, d=7
For a message m=9 c=memodn=923mod55 How big is this? = 910mod55*913mod55= 1*14 mod 55 m=cdmodn=147mod55=105413504mod55=9
Breaking RSA
1977 challenge to break 430-bit message
Estimated 40 Quadrillion years to factor large composites
April 1994 broken with 5000 MIP-years of CPU
Breakage can be easier if something is known about the key generation (time of day)
Message Digest
Cryptographic checksum: just as a regular checksum protects the
receiver from accidental changes to the message, a cryptographic checksum protects the receiver from malicious changes to the message.
One-way function:
given a cryptographic checksum for a message, it is virtually impossible to figure out what message produced that checksum; it is not computationally feasible to find two messages that hash to the same cryptographic checksum.
Relevance:
if you are given a checksum for a message and you are able to compute exactly the same checksum for that message, then it is highly likely this message produced the checksum you were given.
Speed
175MHz DEC AlphaCustom HardwareSonicwall claims 54Mbps DES3 in hardwaressl.com advertises 75Mbps DES todayMd5 1.27GbpsSHA 1.02GbpsRSA 400 keys/second
Message Integrity Protocols
Digital signature using RSAspecial case of a message integrity where
the code can only have been generated by one participant
compute signature with private key and verify with public key
Making Signatures
Compute checksum of signed document
Encrypt checksum, time and date, and other information using private key
Attach digital signature to end of document
Optionally, encrypt signed document with receiver’s public key
Checking Signatures
Decrypt signed document, if necessary, using private key
Decrypt digital signature using public key
Verify checksum for document
Display the time and date of the document
CertificatesCertified EntityCA
Verifier
Decrypt senders public key using CA-publickey
Albert Levi
Albert Levi
Albert Levi
Register with CA, send client Public Key
CA-Publickey and Certificate with RSA(client Public Key,CA-privatekey)
Certificate
Application (e.g., HTTP)
Secure transport layer
TCP
IP
Subnet
TLS,SSL,HTTPSTransport Layer Security, Secure Socket Layer
SSL
Each browser is configured with a root CAWhen a session is initiated, server and client agree on security capabilities. (most clients are 40 bit encryption, but 128 bit encryption is available on many strong serversThe server is authenticated by the certificate authorityUsing the server public key from the CA, the client sends a DES key to the serverThe DES key is used to encrypt the session
IPSEC
Optional in IPv4, mandatory in IPv6Data Confidentiality---The IPSec sender can encrypt packets before transmitting them across a network. Data Integrity---The IPSec receiver can authenticate packets sent by the IPSec sender to ensure that the data has not been altered during transmission. Data Origin Authentication---The IPSec receiver can authenticate the source of the IPSec packets sent. This service is dependent upon the data integrity service. Anti-Replay---The IPSec receiver can detect and reject replayed packets.