fundamentals of cryptography algorithms and security
play

Fundamentals of Cryptography: Algorithms, and Security Services - PowerPoint PPT Presentation

Nov 16, 2023 •97 likes •697 views

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security: Private Communication in a Public World [Chap. 2-8] Charles Kaufman, Mike Speciner, Radia

  1. Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security: Private Communication in a Public World [Chap. 2-8] Charles Kaufman, Mike Speciner, Radia Perlman, Prentice-Hall Cryptography: Theory and Practice, Douglas Stinson, Chapman & Hall/CRC Cryptography and Network Security, William Stallings, Prentice Hall

  2. Why, How, What? ! Cryptography provides key building block for many network security services ! Security services: ! Authentication, Confidentiality, Integrity, Access control, Non- repudiation, availability, key management, audit ! Cryptographic algorithms (building blocks): ! Encryption: symmetric encryption (e.g., AES), asymmetric encryption (e.g., RSA, El-Gamal) ! Hashing functions ! Message Authentication Code (e.g., HMAC + SHA1) ! Digital signature functions (e.g., RSA, El-Gamal) Network Security Cryptography Overview 2

  3. What you need to know at the end of this lecture What are the important cryptographic mechanisms? ! What are the two fundamental classes of cryptographic mechanisms: ! symmetric, and asymmetric? What are the important algorithms for symmetric crypto? ! How are these algorithms used? ! Some of the main asymmetric crypto algorithms: RSA, DH, how do ! they work? how can they be used? Network Security Cryptography Overview 3

  4. Outline ! Introduction to Cryptography ! Secret Key Cryptography (symmetric crypto) ! Modes of Operation of Encryption Algorithms ! ECB, CBC, OFB, CFB, CTR ! Hashes and Message Authentication Codes ! Public Key Algorithms (asymmetric crypto) Network Security Cryptography Overview 4

  5. Terminology ! Security services: ! Authentication, confidentiality, integrity, access control, non- repudiation, availability, key management, audit ! Security attacks: ! Passive, active ! Cryptography models: ! Symmetric (secret key), asymmetric (public key) ! Cryptanalysis: ! Ciphertext only, known plaintext, chosen plaintext, chosen ciphertext, chosen text Network Security Cryptography Overview 5

  6. Security services ! Authentication: assures the recipient of a message the authenticity of the claimed source ! ! Access control: limits the access to authorized users ! ! Confidentiality: protects against unauthorized release of message content ! ! Integrity: guarantees that a message is received as sent ! ! Non-repudiation: protects against sender/receiver denying sending/receiving a message ! ! Availability: guarantees that the system services are always available when needed ! ! Security audit: keeps track of transactions for later use (diagnostic, alarms…) ! ! Key management: allows to negotiate, setup and maintain keys between communicating entities ! Network Security Cryptography Overview 6

  7. Security Attacks Security attacks: ! ! Interception (confidentiality) ! Interruption (availability) ! Modification (integrity) ! Fabrication (authenticity) Kent’s classification ! ! Passive attacks: ! Release of message content ! Traffic analysis ! Active attacks: ! Masquerade ! Replay ! Modification of message ! Denial of service Network Security Cryptography Overview 7

  8. Kerchoff’s Principle ! The cipher should be secure even if the intruder knows all the details of the encryption process except for the secret key ! “No security by obscurity” ! Examples of system that did not follow this rule and failed? Network Security Cryptography Overview 8

  9. Securing Networks Monitoring/Logging/Intrusion Detection Applications Layer ! Where to put Control/Management (configuration) telnet/ftp: ssh , http: shttp , mail: PGP the security in a Network Security Tools: ( SSL/TLS ) protocol stack? Transport Layer (TCP) ! Practical ( IPSec, IKE ) considerations: Network Layer (IP) ! End to end Link Layer security ( IEEE802.1x/IEEE802.10 ) ! No modification to OS Physical Layer ( spread-Spectrum, quantum crypto, etc. ) Network Security Cryptography Overview 9

  10. Encryption ! Basic Goal: ! Allow two entities (e.g., Alice, and Bob) to communicate over an insecure channel, such that an opponent (e.g., Oscar) cannot understand what is being communicated Oscar y x x Alice Encrypt Decrypt Bob Decryption Key Encryption Key

  11. Encryption Algorithms ! Block vs. Stream ciphers ! Block ciphers: ! Input: block of n bits ; Output: block of n bits ! Examples: AES, DES ! Stream ciphers: ! Input: stream of symbols ; Output: stream of symbols ! Examples: GSM A5, RC4 ! Block ciphers can be used to build stream ciphers (under some assumptions) ! Examples: AES-CBC Network Security Cryptography Overview 11

  12. Encryption Models Symmetric encryption (conventional encryption) ! Encryption Key = Decryption Key ! I.e., Decryption key can be derived from encryption key ! E.g., AES, DES, FEAL, IDEA, BLOWFISH ! Asymmetric encryption ! Encryption Key ! Decryption key ! I.e., Decryption key cannot be derived from encryption key ! E.g., RSA, Diffie-Hellman, ElGamal ! Network Security Cryptography Overview 12

  13. Encryption Models Symmetric encryption: Asymmetric encryption: Network Security Cryptography Overview 13

  14. Symmetric vs. Asymmetric Algorithms ! Symmetric algorithms are much faster ! In the order of a 1000 times faster ! Symmetric algorithms require a shared secret ! Impractical if the communicating entities don’t have another secure channel ! Both algorithms are combined to provide practical and efficient secure communication ! E.g., establish a secret session key using asymmetric crypto and use symmetric crypto for encrypting the traffic Network Security Cryptography Overview 14

  15. Attacks on Encrypted Messages Ciphertext only: ! ! encryption algorithm, ciphertext to be decoded Known plaintext: ! ! encryption algorithm, ciphertext to be decoded, pairs of (plaintext, ciphertext) Chosen plaintext: ! ! encryption algorithm, ciphertext to be decoded, plaintext (chosen by cryptanalyst) + corresponding ciphertext Chosen ciphertext: ! ! encryption algorithm, ciphertext to be decoded, ciphertext (chosen by cryptanalyst) + corresponding plaintext Chosen text: ! ! encryption algorithm, ciphertext to be decoded, plaintext + corresponding ciphertext (both can be chosen by attacker) Network Security Cryptography Overview 15

  16. Secret Key Cryptography = Symmetric Cryptography = Conventional Cryptography Network Security Cryptography Overview 16

  17. Examples of Encryption Algorithms ! Advances Encryption Algorithm (AES) ! Block size: 128 bits ! Key size:128/196/256 ! Data Encryption Standard (DES) – not secure ! Block size: 64 bits ! Key size: 56 bits ! It is not recommended to use DES Network Security Cryptography Overview 17

  18. Encryption Modes: Electronic Codebook (ECB) P 1 P 2 P N ... K K K encrypt encrypt encrypt C 1 C 2 C N C 2 C N C 1 ... K K K decrypt decrypt decrypt P 2 P N P 1 Network Security Cryptography Overview 18

  19. Encryption Modes: Cipher Block Chaining (CBC) P 1 P 2 P N C N-1 IV K K K ... Encrypt Encrypt Encrypt C 1 C 2 C N C N C 1 C 2 K K K ... Decrypt Decrypt Decrypt C N-1 IV P N P 1 P 2 Network Security Cryptography Overview 19

  20. Encryption Modes: Cipher Feedback (CFB) C N-1 Shift register SR SR 64-j bits | j bits 64-j bits | j bits 64-j bits | j bits 64 64 64 K K K Encrypt Encrypt Encrypt 64 ... 64 64 j bits | 64- j bits j bits | 64- j bits j bits | 64- j bits j P 1 j j j j P N j j C 1 P 2 j j C 2 C N C N-1 Shift register SR SR 64-j bits | j bits 64-j bits | j bits 64-j bits | j bits 64 64 64 K K K Encrypt Encrypt Encrypt 64 ... 64 64 j bits | 64- j bits j bits | 64- j bits j bits | 64- j bits j P 1 j j j j P N j j C 1 P 2 j j C 2 C N

  21. Encryption Modes: Output Feedback (OFB) O N-1 Shift register SR SR 64-j bits | j bits 64-j bits | j bits 64-j bits | j bits 64 64 64 K K K Encrypt Encrypt Encrypt 64 ... 64 64 j bits | 64- j bits j bits | 64- j bits j bits | 64- j bits j P 1 j j j j P N j j P 2 j j C 1 C 2 C N O N-1 Shift register SR SR 64-j bits | j bits 64-j bits | j bits 64-j bits | j bits 64 64 64 K K K Encrypt Encrypt Encrypt 64 ... 64 64 j bits | 64- j bits j bits | 64- j bits j bits | 64- j bits j C 1 j j j j C N j j C 2 j j P 1 P 2 P N

  22. Counter (CTR) ! Similar to OFB but encrypts counter value rather than any feedback value ! Must have a different key & counter value for every plaintext block (never reused) C i = P i XOR O i O i = Encrypt K1 (i) ! Uses: high-speed network encryptions, random access to files Network Security Cryptography Overview 22

  23. Symmetric Encryption Algorithms Internals ! Historical ciphers ! Not necessary to understand all the details Network Security Cryptography Overview 23

  24. Symmetric cryptosystems (conventional cryptosystems) ! Substitution techniques: ! Caesar cipher ! Replace each letter with the letter standing x places further ! Example: (x = 3) ! plain: meet me after the toga party � ! cipher: phhw ph diwhu wkh wrjd sduwb � ! Key space: 25 ! Brut force attack: try 25 possibilities � ! Monoalphabetic ciphers ! Arbitrary substitution of alphabet letters ! Key space: 26! > 4x10 26 > key-space(DES) ! Attack if the nature of the plaintext is known (e.g., English text): ! compute the relative frequency of letters and compare it to standard distribution for English (e.g., E:12.7, T:9, etc.) ! compute the relative frequency of 2-letter combinations (e.g., TH) Network Security Cryptography Overview 24

  25. English Letters Frequencies Network Security Cryptography Overview 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Cryptography: Theory and Practice, Douglas Stinson, Chapman & Hall/CRC Network Security: Private

711 views • 56 slides
15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline

15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline

15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline Introduction: terminology, cryptanalysis, security Private-Key Algorithms: Rijndael, DES Number Theory Groups Public-Key Algorithms: RSA, ElGamal,

525 views • 26 slides
1 Terminology Security services: Authentication, confidentiality, integrity,

1 Terminology Security services: Authentication, confidentiality, integrity,

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security: Private Communication in a Public World [Chap. 2-8] Charles Kaufman, Mike Speciner, Radia

454 views • 20 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used Describe the components of

569 views • 7 slides
Fundamentals of Computer Security Spring 2015 Radu Sion Key Exchange Public Key Cryptography

Fundamentals of Computer Security Spring 2015 Radu Sion Key Exchange Public Key Cryptography

Fundamentals of Computer Security Spring 2015 Radu Sion Key Exchange Public Key Cryptography Public Key Cryptography Computer Security Fundamentals Fundamentals RSA February 10, 2015 2 Key Exchange Computer Security Fundamentals

1.06k views • 23 slides
Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric cryptography CS 239 Asymmetric cryptography Computer Security January 26, 2005 Lecture 5 Lecture 5 Page 1 Page 2 CS 239, Winter 2005 CS 239,

321 views • 13 slides
Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric cryptography CS 239 Asymmetric cryptography Computer Security February 5, 2003 Lecture 7 Lecture 7 Page 1 Page 2 CS 239, Winter 2003 CS 239,

263 views • 11 slides
C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie

C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie

1 C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie Hellman W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.a) Fundamentals 3 C.1 Introducing Remark Public key cryptosystems are widely

621 views • 47 slides
1 Cryptography basics Secret-key encryption Algorithms (E, D) are widely known Also

1 Cryptography basics Secret-key encryption Algorithms (E, D) are widely known Also

Security The security environment Basics of cryptography User authentication Chapter 9: Security Attacks from inside the system Attacks from outside the system Protection mechanisms Trusted systems CS 1550, cs.pitt.edu

538 views • 11 slides
APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION

APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION

APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION ALGORITHMS An algorithm must be seen to be believed. Donald E. Knuth THIS TALK IS NOT ABOUT ALGORITHMS, ONLY SECURITY the state of being

1.03k views • 74 slides
1 2 Security Authentication Principles 3 4 Hypertext Transfer Cryptography Protocol Secure

1 2 Security Authentication Principles 3 4 Hypertext Transfer Cryptography Protocol Secure

Chapter 18 1 2 Security Authentication Principles 3 4 Hypertext Transfer Cryptography Protocol Secure (HTTPS) 5 6 Security Best Common Practices Threat Vectors 7 Summary Fundamentals of Web Development - 2 nd Ed. Randy Connolly

603 views • 14 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 6 Firewalls & VPNs Topics Firewall Fundamentals Case study: Linux iptables

778 views • 46 slides
iCSC 2011 Lecture 1 3-4 March 2011, CERN Computer Security Theme Understanding Cryptography

iCSC 2011 Lecture 1 3-4 March 2011, CERN Computer Security Theme Understanding Cryptography

Understanding Cryptography Outline Understanding Cryptography: From Caesar to RSA 1 Basic Substitution & Attacks Nicola Chiapolini 2 More Complex Methods 3 Something Completely Different? UZH 4 Two Modern Algorithms Inverted CERN School of

363 views • 10 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 7 Intrusion Detection Topics Fundamentals Network IDS Snort Host-based IDS

1.03k views • 72 slides
Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and

Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and

CSS441 Introduction Functions Auth. with Encryption Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by

673 views • 21 slides
Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is

Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is

Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is cryptography? Related fields: Cryptography ("secret writing"): Making secret messages Turning plaintext (an ordinary readable message)

1.2k views • 57 slides
Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Cryptography Public Key Cryptography Concepts of Public Key Cryptography Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia Prepared by Steven Gordon on 20 Feb 2020, public.tex, r1803 1

421 views • 7 slides
Cryptography Basic Principles 1. Encryption In a simplest form, encryption is to convert the

Cryptography Basic Principles 1. Encryption In a simplest form, encryption is to convert the

Cryptography Basic Principles 1. Encryption In a simplest form, encryption is to convert the data in some unreadable form. This helps in protecting the privacy while sending the data from sender to receiver. On the receiver side, the data

667 views • 35 slides
Asymmetric Cryptography Key Exchange 3 Recapitulation: Symmetric Encryption One problem: key

Asymmetric Cryptography Key Exchange 3 Recapitulation: Symmetric Encryption One problem: key

Network and Communications Security (IN3210/IN4210) Asymmetric Cryptography Key Exchange 3 Recapitulation: Symmetric Encryption One problem: key exchange Eve 6R4Y2 hlbMZ CB... Dear Dear Bob Decryption Bob Encryption .... ....

831 views • 63 slides
Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111

Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111

Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 Operating Systems Peter Reiher Lecture 18 CS 111 Page 1 Spring 2015 Outline Basic concepts in computer security Design principles for

1.06k views • 62 slides
Cryptography a lecture by ya boy, Bill Nye (Jerry) Key Terms Key Data used for encryption

Cryptography a lecture by ya boy, Bill Nye (Jerry) Key Terms Key Data used for encryption

Cryptography a lecture by ya boy, Bill Nye (Jerry) Key Terms Key Data used for encryption Cyphertext a secret or disguised way of writing; a code. Plaintext text that is not computationally tagged, specially

704 views • 23 slides
Steganography with Public-Key Cryptography for Videoconference XXX CNMAC - Set/2007 Fbio

Steganography with Public-Key Cryptography for Videoconference XXX CNMAC - Set/2007 Fbio

Steganography with Public-Key Cryptography for Videoconference XXX CNMAC - Set/2007 Fbio Borges de Oliveira Steganography with Public-Key Cryptography for Videoconference p.1/26 Steganography Source: Steganography: Steganography with

786 views • 34 slides
I mport ance of Net work Securit y? Think about The most pr ivat e, embar r assing

I mport ance of Net work Securit y? Think about The most pr ivat e, embar r assing

I mport ance of Net work Securit y? Think about The most pr ivat e, embar r assing or valuable 15: piece of inf or mat ion youve ever st or ed on a comput er Net work Securit y Basics How much you r ely on comput er

566 views • 7 slides
Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER

Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER

Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER EPRINT.IACR.ORG/2014/794 BY DUCAS, LYUBASHEVSKY, AND PREST 2016-09-21, Royal Holloway, Egham OFFICIAL Public Key Cryptography (PKC) Also called

403 views • 26 slides

More recommend