announcements
play

Announcements You shouldve received an email from the mailing list - PowerPoint PPT Presentation

May 02, 2023 •415 likes •692 views

CS 642: Computer Security and Privacy Cryptography [Intro] Spring 2020 Earlence Fernandes earlence@cs.wisc.edu Thanks to Franzi Roesner Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner, John Manferdelli, John Mitchell, Vitaly

  1. CS 642: Computer Security and Privacy Cryptography [Intro] Spring 2020 Earlence Fernandes earlence@cs.wisc.edu Thanks to Franzi Roesner Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials ...

  2. CS 642: Computer Security and Privacy Cryptography [Intro] Spring 2020 There, I changed it Earlence Fernandes earlence@cs.wisc.edu Thanks to Franzi Roesner Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials ...

  3. Announcements • You should’ve received an email from the mailing list with a link to course website – email me if you haven’t received this (check spam) • Office hours today: 1.30 to 2.30pm in my office CS 7387. • Office hours Friday: Zijun Ma, 2 to 3pm, CS 4217 1/23/2020 CS 642 - Spring 2020 3

  4. Common Communication Security Goals Confidentiality of data: Prevent exposure of information Bob Integrity of data: Prevent modification of information Adversary Alice 1/23/2020 CS 642 - Spring 2020 4

  5. Recall Bigger Picture • Cryptography only one small piece of a larger system • Must protect entire system – Physical security – Operating system security – Network security – Users – Cryptography (following slides) • Recall the weakest link • Still, cryptography is a crucial part of our toolbox 1/23/2020 CS 642 - Spring 2020 5

  6. Kerckhoff’s Principle • Security of a cryptographic object should depend only on the secrecy of the secret (private) key. • Security should not depend on the secrecy of the algorithm itself. 1/23/2020 CS 642 - Spring 2020 6

  7. Ingredient: Randomness • Many applications (especially security ones) require randomness • Explicit uses: – Generate secret cryptographic keys – Generate random initialization vectors for encryption • Other “non - obvious” uses: – Generate passwords for new users – Shuffle the order of votes (in an electronic voting machine) – Shuffle cards (for an online gambling site) 1/23/2020 CS 642 - Spring 2020 7

  8. C’s rand() Function • C has a built-in random function: rand() unsigned long int next = 1; /* rand: return pseudo-random integer on 0..32767 */ int rand(void) { next = next * 1103515245 + 12345; return (unsigned int)(next/65536) % 32768; } /* srand: set seed for rand() */ void srand(unsigned int seed) { next = seed; } • Problem: don’t use rand() for security-critical applications! – Given a few sample outputs, you can predict subsequent ones 1/23/2020 CS 642 - Spring 2020 8

  9. 1/23/2020 CS 642 - Spring 2020 9

  10. More details: “How We Learned to Cheat at Online Poker: A Study in Software Security” https://www.developer.com/tech/article.php/616221/How-We-Learned-to-Cheat-at-Online- Poker-A-Study-in-Software-Security.htm 1/23/2020 CS 642 - Spring 2020 10

  11. PS3 and Randomness http://www.engadget.com/2010/12/29/hackers-obtain- ps3-private-cryptography-key-due-to-epic-programm/ • 2010/2011: Hackers found/released private root key for Sony’s PS3 • Key used to sign software – now can load any software on PS3 and it will execute as “trusted” • Due to bad random number: same “random” value used to sign all system updates 1/23/2020 CS 642 - Spring 2020 11

  12. Obtaining Pseudorandom Numbers • For security applications, want “ cryptographically secure pseudorandom numbers” • Libraries include cryptographically secure pseudorandom number generators (CSPRNG) • Linux: – /dev/random – /dev/urandom - nonblocking, possibly less entropy • Internally: – Entropy pool gathered from multiple sources • e.g., mouse/keyboard timings • Challenges with embedded systems, saved VMs 1/23/2020 CS 642 - Spring 2020 12

  13. Alice and Bob • Archetypical characters Alice Bob Eve Mallory (eavesdrops) (is malicious) 1/23/2020 CS 642 - Spring 2020 13

  14. Received April 4, 1977 1/23/2020 CS 642 - Spring 2020 14

  15. History • Substitution Ciphers – Caesar Cipher • Transposition Ciphers • Codebooks • Machines • Recommended Reading: The Codebreakers by David Kahn and The Code Book by Simon Singh. 1/23/2020 CS 642 - Spring 2020 15

  16. History: Caesar Cipher (Shift Cipher) • Plaintext letters are replaced with letters a fixed shift away in the alphabet. • Example: – Plaintext: The quick brown fox jumps over the lazy dog – Key: Shift 3 ABCDEFGHIJKLMNOPQRSTUVWXYZ DEFGHIJKLMNOPQRSTUVWXYZABC – Ciphertext: WKHTX LFNEU RZQIR AMXPS VRYHU WKHOD CBGRJ 1/23/2020 CS 642 - Spring 2020 16

  17. History: Caesar Cipher (Shift Cipher) • ROT13: shift 13 (encryption and decryption are symmetric) • What is the key space? – 26 possible shifts. • How to attack shift ciphers? – Brute force. 1/23/2020 CS 642 - Spring 2020 17

  18. History: Substitution Cipher • Superset of shift ciphers: each letter is substituted for another one. • Add a secret key • Example: – Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ – Cipher: ZEBRASCDFGHIJKLMNOPQTUVWXY • “State of the art” for thousands of years 1/23/2020 CS 642 - Spring 2020 18

  19. History: Substitution Cipher • What is the key space? 26! ~= 2^88 • How to attack? Bigrams: th 1.52% en 0.55% ng 0.18% he 1.28% ed 0.53% of 0.16% – Frequency analysis. in 0.94% to 0.52% al 0.09% er 0.94% it 0.50% de 0.09% an 0.82% ou 0.50% se 0.08% re 0.68% ea 0.47% le 0.08% nd 0.63% hi 0.46% sa 0.06% at 0.59% is 0.46% si 0.05% on 0.57% or 0.43% ar 0.04% nt 0.56% ti 0.34% ve 0.04% ha 0.56% as 0.33% ra 0.04% es 0.56% te 0.27% ld 0.02% st 0.55% et 0.19% ur 0.02% Trigrams: 1. the 6. ion 11. nce 2. and 7. tio 12. edt 3. tha 8. for 13. tis 9. nde 14. oft 4. ent 5. ing 10.has 15. sth 1/23/2020 CS 642 - Spring 2020 19

  20. History: Enigma Machine Uses rotors (substitution cipher) that change position after each key. Key = initial setting of rotors Key space? 26^n for n rotors 1/23/2020 CS 642 - Spring 2020 20

  21. How Cryptosystems Work Today • Layered approach: – Cryptographic primitives , like block ciphers, stream ciphers, hash functions, and one-way trapdoor permutations – Cryptographic protocols , like CBC mode encryption, CTR mode encryption, HMAC message authentication • Public algorithms ( Kerckhoff’s Principle) • Security proofs based on assumptions (not this course) • Don’t roll your own! 1/23/2020 CS 642 - Spring 2020 21

  22. Flavors of Cryptography • Symmetric cryptography – Both communicating parties have access to a shared random string K, called the key. • Asymmetric cryptography – Each party creates a public key pk and a secret key sk. 1/23/2020 CS 642 - Spring 2020 22

  23. Symmetric Setting Both communicating parties have access to a shared random string K, called the key. M Encapsulate Decapsulate M K K Alice Bob K K Adversary 1/23/2020 CS 642 - Spring 2020 23

  24. Asymmetric Setting Each party creates a public key pk and a secret key sk. M Encapsulate Decapsulate M pk B ,sk A pk A ,sk B pk B pk A Alice Bob pk A ,sk A pk B ,sk B Adversary 1/23/2020 CS 642 - Spring 2020 24

  25. Flavors of Cryptography • Symmetric cryptography – Both communicating parties have access to a shared random string K, called the key. – Challenge: How do you privately share a key? • Asymmetric cryptography – Each party creates a public key pk and a secret key sk. – Challenge: How do you validate a public key? 1/23/2020 CS 642 - Spring 2020 25

  26. Next Time • Symmetric Encryption – One Time Pad – Block Ciphers – Modes of Operation 1/23/2020 CS 642 - Spring 2020 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Announcements U 4: I

Announcements U 4: I

Announcements Announcements U 4: I L 4: ANOVA If I still have your midterm, pick it up at the end of class. Lab 5 Today S

512 views • 10 slides
Announcements Lecture 22 System Development Leah Perlmutter / Summer 2018 Announcements

Announcements Lecture 22 System Development Leah Perlmutter / Summer 2018 Announcements

CSE 331 Software Design and Implementation Announcements Lecture 22 System Development Leah Perlmutter / Summer 2018 Announcements Announcements Last Fridays Guest Speaker (Kendra Yourtee) Quiz 8 due Thursday 8/16 Sign

397 views • 12 slides
Recursion Announcements for Today Prelim 1 Other Announcements Reading: 5.8 5.10

Recursion Announcements for Today Prelim 1 Other Announcements Reading: 5.8 5.10

Lecture 15 Recursion Announcements for Today Prelim 1 Other Announcements Reading: 5.8 5.10 Tonight at 7:30-9pm Assignment 3 now graded AJ (Uris G01) Mean 94, Median 99 K-Z (Statler Auditorium) Time

436 views • 41 slides
Recursion Announcements for Today Prelim 1 Other Announcements Reading: 5.8 5.10

Recursion Announcements for Today Prelim 1 Other Announcements Reading: 5.8 5.10

Lecture 14 Recursion Announcements for Today Prelim 1 Other Announcements Reading: 5.8 5.10 Tonight at 5:15 OR 7:30 Assignment 3 now graded AD (5:15, Uris G01) Mean 93.4, Median 98 E-K (5:15, Statler) Time : 7

827 views • 48 slides
Announcements Announcements (Extra credit for any of these) Rosenfield Symposium: Tyranny of

Announcements Announcements (Extra credit for any of these) Rosenfield Symposium: Tyranny of

Announcements Announcements (Extra credit for any of these) Rosenfield Symposium: Tyranny of Data, this Wed-Thurs Thursday Extra: Thursdays@4:00 in Science 3821 This week: Nathaniel Williams '20: Internship at Vocdoni Class slides posted

179 views • 5 slides
For personal use only 7 August 2007 Manager Announcements Companies Announcements Office

For personal use only 7 August 2007 Manager Announcements Companies Announcements Office

For personal use only 7 August 2007 Manager Announcements Companies Announcements Office Australian Stock Exchange Limited 10 th Floor, 20 Bond Street SYDNEY NSW 2000 By e-lodgment Dear Sir/Madam MANAGING DIRECTORS PRESENTATION

562 views • 29 slides
Overview of the New Unit Activity Reporting Module Announcements Introduction and announcements:

Overview of the New Unit Activity Reporting Module Announcements Introduction and announcements:

Overview of the New Unit Activity Reporting Module Announcements Introduction and announcements: All lines will be on mute. Please use the Chat with presenter option on the left hand side of your screen to ask questions. Answers will

548 views • 43 slides
61A Lecture 24 Monday, March 30 Announcements 2 Announcements Homework 7 due Wednesday 4/8

61A Lecture 24 Monday, March 30 Announcements 2 Announcements Homework 7 due Wednesday 4/8

61A Lecture 24 Monday, March 30 Announcements 2 Announcements Homework 7 due Wednesday 4/8 @ 11:59pm 2 Announcements Homework 7 due Wednesday 4/8 @ 11:59pm Quiz 3 released Tuesday 4/7, due Thursday 4/9 @ 11:59pm 2 Announcements

1.52k views • 113 slides
110 Announcements Announcements - Houses How-to use Zoom for Office-hours Video Posted on

110 Announcements Announcements - Houses How-to use Zoom for Office-hours Video Posted on

110 Announcements Announcements - Houses How-to use Zoom for Office-hours Video Posted on Course Site We will be doing house zooms today! Join yours via Sakai > Postem Password: comp110! Additionally, houses have setup GroupMes

318 views • 8 slides
Announcements Announcements Reading for Wednesday Reading for Wednesday the rest of

Announcements Announcements Reading for Wednesday Reading for Wednesday the rest of

Announcements Announcements Reading for Wednesday Reading for Wednesday the rest of Chapter 2 (with a few exceptions) Check Check http://www.itk.ilstu.edu/faculty/kwsuh/courses/ ITK168/Fall2011/index.htm

704 views • 51 slides
Announcements Lecture 16 Debugging Leah Perlmutter / Summer 2018 Announcements Reading

Announcements Lecture 16 Debugging Leah Perlmutter / Summer 2018 Announcements Reading

CSE 331 Software Design and Implementation Announcements Lecture 16 Debugging Leah Perlmutter / Summer 2018 Announcements Reading 6 is posted, Quiz 6 coming out tonight Congrats on making it past HW6 due date if still

345 views • 12 slides
Lecture 22 System Development Leah Perlmutter / Summer 2018 Announcements Announcements

Lecture 22 System Development Leah Perlmutter / Summer 2018 Announcements Announcements

CSE 331 Software Design and Implementation Lecture 22 System Development Leah Perlmutter / Summer 2018 Announcements Announcements Last Fridays Guest Speaker (Kendra Yourtee) Sign thank-you card Take survey:

680 views • 46 slides
Superintendents Report April 10 th , 2018 Superintendents Report Announcements Proposed

Superintendents Report April 10 th , 2018 Superintendents Report Announcements Proposed

Superintendents Report April 10 th , 2018 Superintendents Report Announcements Proposed Action Items Presentation Announcements Safety, Mental Health and Wellness in Honeoye Falls-Lima Central Schools Announcements What parents

356 views • 32 slides
Lecture 12 Subtypes and Subclasses Leah Perlmutter / Summer 2018 Announcements Announcements

Lecture 12 Subtypes and Subclasses Leah Perlmutter / Summer 2018 Announcements Announcements

CSE 331 Software Design and Implementation Lecture 12 Subtypes and Subclasses Leah Perlmutter / Summer 2018 Announcements Announcements Building You must run ant validate to make sure your homework builds on attu!!!!!! In real

592 views • 47 slides
Announcements Lecture 4 Specifications Leah Perlmutter / Summer 2018 Announcements

Announcements Lecture 4 Specifications Leah Perlmutter / Summer 2018 Announcements

CSE 331 Software Design and Implementation Announcements Lecture 4 Specifications Leah Perlmutter / Summer 2018 Announcements Weaker/Stronger Statements HW1 Due tonight Question from last lecture... Why is {sum = sum(1..n) }

646 views • 15 slides
Lecture 14 Generics 1 Leah Perlmutter / Summer 2018 Announcements Announcements

Lecture 14 Generics 1 Leah Perlmutter / Summer 2018 Announcements Announcements

CSE 331 Software Design and Implementation Lecture 14 Generics 1 Leah Perlmutter / Summer 2018 Announcements Announcements Quiz 5 is due Thursday Homework 6 due Thursday Midterm grades and feedback will be out this

626 views • 37 slides
Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M,

Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M,

Karlstad University Basic Cryptography Ge Zhang What is Cryptography Cryptography Cryptosystem: 5-tuple (M, C, E, D, K) M: the set of plaintexts C: the set of ciphertexts E: M x K -> C enciphering functions D: C x K

446 views • 40 slides
RES212 Example of Exam 25/6/2018 Firstname LASTNAME Cycle/ID QCM No. 0 Instructions :

RES212 Example of Exam 25/6/2018 Firstname LASTNAME Cycle/ID QCM No. 0 Instructions :

RES212 Example of Exam 25/6/2018 Firstname LASTNAME Cycle/ID QCM No. 0 Instructions : You must return ALL paper sheets : any non-complete copy will have a 0/20 score. Do not forget to fill your personal details above This exam

148 views • 4 slides
Datagram Transport Layer Security (DTLS) Extension to Establish Keys for Secure Real-time

Datagram Transport Layer Security (DTLS) Extension to Establish Keys for Secure Real-time

Datagram Transport Layer Security (DTLS) Extension to Establish Keys for Secure Real-time Transport Protocol (SRTP) (Phew!) Eric Rescorla David McGrew Eric Rescorla IETF 67 1 Overview SDP signals Im willing to do DTLS (and

93 views • 8 slides
Transport Level Security HTTPS SSH CSS322: Security and Cryptography Sirindhorn International

Transport Level Security HTTPS SSH CSS322: Security and Cryptography Sirindhorn International

CSS322 Transport Security Web Security TLS/SSL Transport Level Security HTTPS SSH CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013

687 views • 32 slides
Usuba High-Throughput and Constant-Time Ciphers, by Construction Pierre- Darius Mercadier

Usuba High-Throughput and Constant-Time Ciphers, by Construction Pierre- Darius Mercadier

Usuba High-Throughput and Constant-Time Ciphers, by Construction Pierre- Darius Mercadier Evariste Dagand LIP6 CNRS Inria Sorbonne Universit e June 24, 2019 1 / 15 Anatomy of a block cipher The Rectangle cipher Plaintext (64

1.02k views • 81 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

823 views • 46 slides
Cryptography and Network Security Bhaskaran Raman Department of CSE, IIT Kanpur Reference:

Cryptography and Network Security Bhaskaran Raman Department of CSE, IIT Kanpur Reference:

Cryptography and Network Security Bhaskaran Raman Department of CSE, IIT Kanpur Reference: Whitfield Diffie and Martin E. Hellman, Privacy and Authentication: An Introduction to Cryptography, in Proc. IEEE, vol. 67, no.3, pp. 397 - 427,

360 views • 17 slides
Strings l Chapter 3s problem context is cryptography, but mostly it is about strings and

Strings l Chapter 3s problem context is cryptography, but mostly it is about strings and

Starting chapter 3 Strings l Chapter 3s problem context is cryptography, but mostly it is about strings and related ideas l Strings are basically sequences of characters l A string literal is enclosed in quotes ( '' or in Python):

292 views • 12 slides

More recommend