1
play

1 Message Encryption- see Table 11.1 in the book Message Encryption - PDF document

Mar 17, 2024 •385 likes •462 views

Message Authentication CPE 542: CRYPTOGRAPHY & NETWORK SECURITY message authentication is concerned with: protecting the integrity of a message Chapter 11 Message Authentication and validating identity of originator Hash

  1. Message Authentication CPE 542: CRYPTOGRAPHY & NETWORK SECURITY • message authentication is concerned with: • protecting the integrity of a message Chapter 11 – Message Authentication and • validating identity of originator Hash Functions • non-repudiation of origin (dispute resolution) • three alternative functions are used: • message encryption Dr. Lo’ai Tawalbeh • message authentication code (MAC) Computer Engineering Department • hash function Jordan University of Science and Technology Jordan Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 Security Requirements Message Encryption • traffic analysis • message encryption by it self also provides a measure of authentication • content modification • if symmetric encryption is used then: • sequence modification • receiver knows sender must have created it • timing modification • since only sender and receiver know the key used • source repudiation • destination repudiation Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 1

  2. Message Encryption- see Table 11.1 in the book Message Encryption • if public-key encryption is used: • encryption provides no confidence of sender • since anyone potentially knows public-key • however if: • sender signs message using their private-key • then encrypts with recipients public key • have both confidentiality and authentication • but at cost of two public-key use on a message Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 Message Authentication Code Message Authentication Code (MAC) • generated by an algorithm that creates a small fixed- size block • depending on both message and some key • like encryption though need not be reversible • appended to message as a signature • receiver performs same computation on message and checks it matches the MAC • provides assurance that message is unaltered and comes from sender Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 2

  3. Message Authentication Codes Message Authentication Codes • as shown MAC provides Authentication • can also use encryption for Confidentiality • generally use separate keys for each • can compute MAC either before or after encryption • why use a MAC? • sometimes only authentication is needed • sometimes need authentication to persist longer than the encryption (eg. archival use) • note that a MAC is not a digital signature- the same key is shared between the two parties. Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 MAC Properties Requirements for MACs • a MAC is a cryptographic checksum • taking into account the types of attacks MAC = C K (M) • need the MAC to satisfy the following: • condenses a variable-length message M using a secret key K 1. knowing a message and MAC, it is infeasible to find another to a fixed-sized authenticator message with same MAC 2. MACs should be uniformly distributed • is a many-to-one function 3. MACs should depend equally on all bits of the message • potentially many messages have same MAC • but finding these needs to be very difficult Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 3

  4. Hash Functions Using Symmetric Ciphers for MACs • can use any block cipher chaining mode and use final • condenses arbitrary message to fixed size block as a MAC • usually assume that the hash function is public and not • Data Authentication Algorithm (DAA) is a widely keyed used MAC based on DES-CBC • different than MAC which is keyed • using IV=0 and zero-pad of final block • hash used to detect changes to message • encrypt message using DES in CBC mode • can be used in various ways with message, mostly to • and send just the final block as the MAC create a digital signature • or the leftmost M bits (16 ≤ M ≤ 64) of final block • a Hash Function produces a fingerprint of some file/message/data h = H(M) Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 Hash Functions & Digital Signatures Requirements for Hash Functions 1. can be applied to any sized message M 2. produces fixed-length output h 3. is easy to compute h=H(M) for any message M 4. given h is infeasible to find x s.t. H(x)=h • one-way property 5. is infeasible to find any x,y s.t . H(y)=H(x) • strong collision resistance Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 4

  5. Simple Hash Functions Block Ciphers as Hash Functions • can use block ciphers as hash functions • are several proposals for simple functions • using H 0 =0 and zero-pad of final block • based on XOR of message blocks • compute: H i = E Mi [H i-1 ] • not secure since can manipulate any message and • and use final block as the hash value either not change hash or change hash also • similar to CBC but without a key • need a stronger cryptographic function (next chapter) • resulting hash is too small (64-bit)- Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 Hash Example: Secure Hash Algorithm-SHA Hash Example: Secure Hash Algorithm-SHA 1. pad message so its length is congruent to 448 mod 512 (first bit 1, then followed by zeros) 1. append a 64-bit integer value to the msg (cantinas the original msg length). 2. initialise 5-word (160-bit) buffer (A,B,C,D,E) to (67452301,efcdab89,98badcfe,10325476,c3d2e1f0) 3. process message in 16-word (512-bit) chunks: • expand 16 words into 80 words by mixing & shifting • use 4 rounds of 20 bit operations on message block & buffer • add output to input to form new buffer value 4. output hash value is the final buffer value Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 5

  6. SHA-1 Compression Function SHA-1 Compression Function • each round has 20 steps which replaces the 5 buffer words thus: (A,B,C,D,E) <-(E+f(t,B,C,D)+(A<<5)+W t +K t ),A,(B<<30),C,D) • a,b,c,d refer to the 4 words of the buffer • t is the step number • f(t,B,C,D) is nonlinear function for round W t is derived from the message block • • K t is a constant value derived from sin Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 Revised Secure Hash Standard • NIST have issued a revision FIPS 180-2 • adds 3 additional hash algorithms • SHA-256, SHA-384, SHA-512 • designed for compatibility with increased security provided by the AES cipher • structure & detail is similar to SHA-1 • hence analysis should be similar Dr. Lo’ai Tawalbeh Fall 2005 6

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 12

Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 12

Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 12 Message Authentication Codes (MACs) Updated 12-4-17 These slides were prepared by Christof Paar and Jan Pelzl And modified by Sam Bowne

416 views • 18 slides
Cryptography and Network Codes Security At cats' green on the Sunday he took the message from

Cryptography and Network Codes Security At cats' green on the Sunday he took the message from

4/19/2010 Chapter 12 Message Authentication Cryptography and Network Codes Security At cats' green on the Sunday he took the message from the Chapter 12 inside of the pillar and added Peter Moran's name to the two names already printed

349 views • 6 slides
Cryptography: Hash Functions and MACs [continued] Asymmetric

Cryptography: Hash Functions and MACs [continued] Asymmetric

CSE 484 / CSE M 584: Computer Security and Privacy Cryptography: Hash Functions and MACs [continued] Asymmetric Cryptography [start] Spring 2015

707 views • 23 slides
Public Key Cryptography and Cryptographic Hashes CS461/ECE422 Fall 2010 Reading Computer

Public Key Cryptography and Cryptographic Hashes CS461/ECE422 Fall 2010 Reading Computer

Public Key Cryptography and Cryptographic Hashes CS461/ECE422 Fall 2010 Reading Computer Security: Art and Science Chapter 9 Handbook of Applied Cryptography, Chapter 8 http://www.cacr.math.uwaterloo.ca/hac/ Public-Key

864 views • 47 slides
Message authentication and digital signatures &quot; Message authentication verify that the

Message authentication and digital signatures &quot; Message authentication verify that the

Message authentication and digital signatures &quot; Message authentication verify that the message is from the right sender, and not modified (incl message sequence) &quot; Digital signatures in addition, non ! repudiation &quot; Two

439 views • 23 slides
Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher

Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher

Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher Lecture 18 CS 118 Page 1 Winter 2016 Another type of layer deficiency Some layers of protocol do not provide any security or privacy What if

708 views • 59 slides
Crypto: Public-Key Cryptography Slides credit: Dan Boneh, Doug Tygar Dawn

Crypto: Public-Key Cryptography Slides credit: Dan Boneh, Doug Tygar Dawn

Computer Security Course. Dawn

564 views • 20 slides
Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and

Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and

CSS441 Introduction Functions Auth. with Encryption Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by

673 views • 21 slides
Introduction to Security Cryptography Ming Chow (mchow@cs.tufts.edu) Twitter: @0xmchow Learning

Introduction to Security Cryptography Ming Chow (mchow@cs.tufts.edu) Twitter: @0xmchow Learning

Introduction to Security Cryptography Ming Chow (mchow@cs.tufts.edu) Twitter: @0xmchow Learning Objectives By the end of this week, you will be able to: Understand the difference between symmetric and asymmetric cryptography

697 views • 28 slides
Tools in Cryptanalysis Florian Mendel - Tomislav Nad - Martin Schlffer Christoph Dobraunig -

Tools in Cryptanalysis Florian Mendel - Tomislav Nad - Martin Schlffer Christoph Dobraunig -

Tools in Cryptanalysis Florian Mendel - Tomislav Nad - Martin Schlffer Christoph Dobraunig - Maria Eichlseder Hash Functions A cryptographic hash function produces cryptographic checksums or fingerprints m Fast H Secure h Security

696 views • 42 slides
Information Systems Security Dr. Ayman Abdel-Hamid College of Computing and Information

Information Systems Security Dr. Ayman Abdel-Hamid College of Computing and Information

Information Systems Security Dr. Ayman Abdel-Hamid College of Computing and Information Technology Arab Academy for Science &amp; Technology and Arab Academy for Science &amp; Technology and Maritime Transport Chapter 11 p Message

251 views • 23 slides
Cryptography Made to Measure Workshop on Applied Cryptography Matt Robshaw NTU, Singapore

Cryptography Made to Measure Workshop on Applied Cryptography Matt Robshaw NTU, Singapore

Cryptography Made to Measure Workshop on Applied Cryptography Matt Robshaw NTU, Singapore Orange Labs December 3, 2020 Paris, France Orange Labs A New Kind of Network Telecommunication companies like France Tlcom / Orange are

601 views • 36 slides
Hash Functions Vincent Rijmen Challenges and Perspectives for Academia and Industry Antwerp, May

Hash Functions Vincent Rijmen Challenges and Perspectives for Academia and Industry Antwerp, May

Hash Functions Vincent Rijmen Challenges and Perspectives for Academia and Industry Antwerp, May 27 th , 2008 A cryptographic hash function produces cryptographic checksums or fingerprints cryptographic checksums or fingerprints Fast

716 views • 25 slides
Objectives Goals of Cryptography Security Services Security Mechanisms Relationship

Objectives Goals of Cryptography Security Services Security Mechanisms Relationship

Overview on Modern Cryptography Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives Goals of Cryptography Security Services

658 views • 16 slides
Pegasus : Introducing Integrity to Scientific Workflows Karan Vahi vahi@isi.edu

Pegasus : Introducing Integrity to Scientific Workflows Karan Vahi vahi@isi.edu

Pegasus : Introducing Integrity to Scientific Workflows Karan Vahi vahi@isi.edu https://pegasus.isi.edu HTCondor DAGMan Compute Compute Pipelines Pipelines DAGMan DAGMan is is a a reliable reliable and and a a scalable scalable

682 views • 19 slides
AWS Key Management Service (KMS) Handlin ing cry ryptographic ic bounds for use of AES-GCM

AWS Key Management Service (KMS) Handlin ing cry ryptographic ic bounds for use of AES-GCM

AWS Key Management Service (KMS) Handlin ing cry ryptographic ic bounds for use of AES-GCM Matthew Campagna Shay Gueron Amazon Web Services Amazon Web Services University of Haifa 1 Outline The AWS Key Management Service

2.63k views • 25 slides
Roadmap for Section 8.3 Encrypting File System (EFS) Terminology EFS Operation Data Encryption

Roadmap for Section 8.3 Encrypting File System (EFS) Terminology EFS Operation Data Encryption

Unit OS8: File System 8.3. Encrypting File System Security in Windows Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 8.3 Encrypting File System (EFS) Terminology EFS

250 views • 12 slides
Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 1:

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 1:

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 1: Cryptography Chapter 14: 2 Cryptography Cryptography is the science and study of secret writing. Cryptanalysis is the science and study of methods of

569 views • 41 slides
How nCipher HSMs enhance security for Red Hat OpenShift Platform www.ncipher.com Red Hat and

How nCipher HSMs enhance security for Red Hat OpenShift Platform www.ncipher.com Red Hat and

How nCipher HSMs enhance security for Red Hat OpenShift Platform www.ncipher.com Red Hat and nCipher partnership history Long standing 10+ years technology partnership Supported integrations Red Hat Enterprise Linux Certificate System

712 views • 10 slides
Security and Cryptography at NXP Ventzislav Nikov NXP Semiconductors Research Laboratory Leuven

Security and Cryptography at NXP Ventzislav Nikov NXP Semiconductors Research Laboratory Leuven

Security and Cryptography at NXP Ventzislav Nikov NXP Semiconductors Research Laboratory Leuven Center of Competence System Security and DRM 29.05.2008 Outline Products Domains, Telematics, Product Security Cryptography

432 views • 29 slides
Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Outline Introduction Support technologies Privacy-preserving IDaaS system Conclusions Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services David Nu nez , Isaac Agudo, and Javier Lopez Network,

422 views • 24 slides
Password-Based Cryptography: Strong Security from Weak Secrets Anja Lehmann IBM Research

Password-Based Cryptography: Strong Security from Weak Secrets Anja Lehmann IBM Research

Password-Based Cryptography: Strong Security from Weak Secrets Anja Lehmann IBM Research Zurich based on joint work with Jan Camenisch, Anna Lysyanskaya &amp; Gregory Neven ROADMAP Password-Based Authentication How to make password

1.43k views • 43 slides
Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos

Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos

Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos University of Cyprus 1 How authentication works today? 2 How web services protect passwords? Cryptographically secure hash functions One way

538 views • 22 slides
Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols 01 Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief introduction to security protocols; Model checking of security protocols, particularly using the process

1.28k views • 110 slides

More recommend