Crypto Fundamentals Dr. Mohammed Shafiul Alam Khan Assistant - - PowerPoint PPT Presentation

crypto fundamentals
SMART_READER_LITE
LIVE PREVIEW

Crypto Fundamentals Dr. Mohammed Shafiul Alam Khan Assistant - - PowerPoint PPT Presentation

Jul 27, 2023 260 likes •597 views

Crypto Fundamentals Dr. Mohammed Shafiul Alam Khan Assistant Professor Institute of Information Technology (IIT), University of Dhaka (DU) shafiul@du.ac.bd December 10, 2017 M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 1 / 31

slide-1
SLIDE 1

Crypto Fundamentals

  • Dr. Mohammed Shafiul Alam Khan

Assistant Professor Institute of Information Technology (IIT), University of Dhaka (DU) shafiul@du.ac.bd

December 10, 2017

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 1 / 31

slide-2
SLIDE 2

Outline

1

Fundamental Security Properties

2

Quick View on Different Ciphers

3

Diffie-Hellman Key Exchange

4

Public Key Infrastructure (PKI)

5

Hash Functions

6

Conclusion

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 2 / 31

slide-3
SLIDE 3

Fundamental Security Properties

Outline

1

Fundamental Security Properties

2

Quick View on Different Ciphers

3

Diffie-Hellman Key Exchange

4

Public Key Infrastructure (PKI)

5

Hash Functions

6

Conclusion

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 3 / 31

slide-4
SLIDE 4

Fundamental Security Properties

Fundamental Security Properties

Properties Confidentiality Integrity Availability OR Authentication protecting the information from disclosure to unauthorized parties protecting information from being modified by unauthorized parties ensuring that authorized parties are able to access the information when needed The CIA triad is a very fundamental concept in security. However, it has been suggested that the CIA triad is not enough.

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 4 / 31

slide-5
SLIDE 5

Fundamental Security Properties

How Crypto Comes in the Scene

It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics. — Bruce Schneier Security/Cryptographic Tools Encryption Hash / Message Authentication Code Encryption ensures confidentiality property Hash / Message Authentication Code ensures integrity property

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 5 / 31

slide-6
SLIDE 6

Quick View on Different Ciphers

Outline

1

Fundamental Security Properties

2

Quick View on Different Ciphers

3

Diffie-Hellman Key Exchange

4

Public Key Infrastructure (PKI)

5

Hash Functions

6

Conclusion

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 6 / 31

slide-7
SLIDE 7

Quick View on Different Ciphers

What is a Cipher OR Encryption

Examples When we use Google search or In general when we use https in web browsing Different applications, for example, voice and data communication in telecommunication network

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 7 / 31

slide-8
SLIDE 8

Quick View on Different Ciphers

How Cipher Works

Every cipher should work with

an Algorithm (suppose to be public), and a key which is private

Mostly the algorithm does a set of Substitution and Transposition based on the secret key.

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 8 / 31

slide-9
SLIDE 9

Quick View on Different Ciphers

Types of Encryption

Symmetric Encryption — use same key for both encryption and decryption Asymmetric Encryption (Public key encryption) — use different keys in encryption and decryption Block ciphers — Encrypt/Decrypt a block of data at a time. Example: AES, RSA Stream ciphers — Encrypt/Decrypt a bit stream. Example: RC4, RC5

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 9 / 31

slide-10
SLIDE 10

Quick View on Different Ciphers

Symmetric Encryption

Symmetric Encryption Provides only confidentiality service Need to share the key with the receiver If there are n users, then number of keys required are of order n2 Key distribution is challenging

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 10 / 31

slide-11
SLIDE 11

Quick View on Different Ciphers

Asymmetric Encryption

Asymmetric Encryption Could provides both confidentiality and authentication service If there are n users, then 2n keys are required What could be problem in such encryption? What about key distribution?

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 11 / 31

slide-12
SLIDE 12

Quick View on Different Ciphers

Asymmetric Encryption

Asymmetric Encryption Could provides both confidentiality and authentication service If there are n users, then 2n keys are required What could be problem in such encryption? What about key distribution? CA PKI

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 11 / 31

slide-13
SLIDE 13

Quick View on Different Ciphers

Key Bit Length and Key Space

Cipher algorithms vary in support of different key length. For example,

DES uses 56-bit key AES has 128-bit, 192-bit and 256-bit versions RSA keys could be 1024-bit or 2048-bit

Bit length impact on the key space

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 12 / 31

slide-14
SLIDE 14

Quick View on Different Ciphers

Attacks on Encryption

Brute force attack — Search for all possible keys in the key space. For example,

in DES 256 keys need to explore in AES 2128, 2192 or 2256 keys need to explore in RSA 21024 or 22048 keys need to explore

Cryptanalysis attack — Use probabilistic theories to find the key Known plaintext attack Choosen plaintext attack

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 13 / 31

slide-15
SLIDE 15

Quick View on Different Ciphers

Attacks on Encryption

Dictionary Attack

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 14 / 31

slide-16
SLIDE 16

Quick View on Different Ciphers

Traditional Ciphers

Mono-Alphabetic Cipher Extension could be poly-alphabetic ciphers. Are not suitable in the age of computing (easily breakable using brute force attack)

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 15 / 31

slide-17
SLIDE 17

Quick View on Different Ciphers

Modern Ciphers

AES (Advanced Encryption Standard) — Symmetric crypto-systems RSA (Rivest-Shamir-Adleman) — one of the first practical public-key crypto-systems RSA is based on the difficulties of finding prime factors of a large

  • number. (demo with an url)

Other public key crypto-systems are ECC (Elliptic Curve Cryptography), ElGamal crypto-systems RC5 — a symmetric stream cipher In RC5 a key stream is generated based on the secret key and the generated key stream is Xored with the input message.

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 16 / 31

slide-18
SLIDE 18

Diffie-Hellman Key Exchange

Outline

1

Fundamental Security Properties

2

Quick View on Different Ciphers

3

Diffie-Hellman Key Exchange

4

Public Key Infrastructure (PKI)

5

Hash Functions

6

Conclusion

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 17 / 31

slide-19
SLIDE 19

Diffie-Hellman Key Exchange

Diffie-Hellman Key Exchange

Features Allows two users to exchange a secret key (Addressed the challenge of symmetric ciphers) Requires no prior secrets Real-time over an untrusted network Ensure perfect forward secrecy — a property of secure communication protocols in which compromise of long-term keys does not compromise past session keys

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 18 / 31

slide-20
SLIDE 20

Diffie-Hellman Key Exchange

How it Works

Based on the difficulty of computing discrete logarithms of large numbers

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 19 / 31

slide-21
SLIDE 21

Diffie-Hellman Key Exchange

Applications and Drawback

Applications Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Secure Shell (SSH) Internet Protocol Security (IPSec) Drawbacks Although there is no successful attack on the mathematical aspect of the protocol, however, Man-in-the-Middle attack is possible in the protocol if not carefully designed. Authenticated Diffie-Hellman Key Agreement (1992) could protect such attack

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 20 / 31

slide-22
SLIDE 22

Public Key Infrastructure (PKI)

Outline

1

Fundamental Security Properties

2

Quick View on Different Ciphers

3

Diffie-Hellman Key Exchange

4

Public Key Infrastructure (PKI)

5

Hash Functions

6

Conclusion

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 21 / 31

slide-23
SLIDE 23

Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)

Features Provides a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates Manage public-key encryption

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 22 / 31

slide-24
SLIDE 24

Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)

Application In network, PKI allows for the centralization of network authentication Authentication of client systems using SSL (Secure Socket Layer) signatures or encryption in web browser. Other applications include the transmission of authenticated email messages using S/MIME (Secure/Multi-purpose Internet Mail Extensions), OpenPGP (Open Pretty Good Privacy) and other technologies

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 23 / 31

slide-25
SLIDE 25

Hash Functions

Outline

1

Fundamental Security Properties

2

Quick View on Different Ciphers

3

Diffie-Hellman Key Exchange

4

Public Key Infrastructure (PKI)

5

Hash Functions

6

Conclusion

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 24 / 31

slide-26
SLIDE 26

Hash Functions

Hash Functions

Properties deterministic so the same message always results in the same hash infeasible to find two different messages with the same hash value infeasible to generate a message from its hash value except by trying all possible messages

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 25 / 31

slide-27
SLIDE 27

Hash Functions

Hash Functions

Properties small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value quick to compute the hash value for any given message Examples MD5 — Generate 160-bit hash with a set of defined procedure MD5 is not secure as it could be reversible (Though in theory MD5 is not reversible but using databases one may find out which text resulted in a particular hash value.) SHA-1 — A 160-bit hash function which resembles the earlier MD5 algorithm.

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 26 / 31

slide-28
SLIDE 28

Hash Functions

Hash Functions

Examples SHA-2 — A family of two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-bit words where SHA-512 uses 64-bit words. (Designed by NSA) SHA-3 — A hash function formerly called Keccak, chosen in 2012 after a public competition among non-NSA designers

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 27 / 31

slide-29
SLIDE 29

Hash Functions

Hashed Message Authentication Code (HMAC)

Properties Ensures authentication along with integrity

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 28 / 31

slide-30
SLIDE 30

Conclusion

Outline

1

Fundamental Security Properties

2

Quick View on Different Ciphers

3

Diffie-Hellman Key Exchange

4

Public Key Infrastructure (PKI)

5

Hash Functions

6

Conclusion

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 29 / 31

slide-31
SLIDE 31

Conclusion

Conclusion

Discuss the required security service in a network Discuss how different cryptographic systems provide those services Limitations of cryptographic systems Different attacks on such systems

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 30 / 31

slide-32
SLIDE 32

M S A Khan (IIT, DU) Crypto Fundamentals December 10, 2017 31 / 31