introduction to computer security
play

Introduction to Computer Security Session 1.2 Symmetric Key - PowerPoint PPT Presentation

Sep 04, 2022 •167 likes •709 views

CSCI-UA.9480 Introduction to Computer Security Session 1.2 Symmetric Key Encryption Prof. Nadim Kobeissi 1.2a Cryptographic Security Information Theoretical Foundation for Security. 2 CSCI-UA.9480: Introduction to Computer Security

  1. CSCI-UA.9480 Introduction to Computer Security Session 1.2 Symmetric Key Encryption Prof. Nadim Kobeissi

  2. 1.2a Cryptographic Security Information Theoretical Foundation for Security. 2 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  3. What do we mean by “impossible?” In hash functions, we saw: We expect that finding a pre-image will be ● “extremely difficult.” We expect that going back from H(x) to x ● will be “impossible.” These terms are rooted in notions of informational and computational security . 3 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  4. Informational security. Based on notions of information theory ● (Claude Shannon.) Informational security is rooted in the ● notion of whether something is possible at all . A “one - time pad” is informationally secure. ● We will discuss one-time pads in more ● detail shortly. 4 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  5. Computational security. Computational security takes somewhat ● relative notions into account: Time, memory, energy… ● Security bound is usually 2 128 “bits of ● security.” 2 128 = ● 340282366920938463463374607431768 211456. 5 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  6. Computational security. Computational attacks can be “sped up:” Parallelizing the computations. ● Precomputing critical steps. ● Finding breaks (or “shortcuts”) in the ● system: Breaking a Diffie-Hellman group in half (c.f. ○ “ Socat ”) RC4 breaks and weaknesses. ○ 6 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  7. Keep your wits about you… A “cryptographic break” to an academic is ● anything that helps them find the key faster than exhaustive search . By this definition, almost everything out there is broken. A cryptography engineer is more concerned ● with computational breaks, i.e. those bounded by practical notions. 7 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  8. Did you know? Even at 100 billion keys per second, it would take more than 100,000,000,000,000,000,000 years to reach a key space of 2 128 . 8 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  9. Test your knowledge! What is the double of a key space of size 2 128 ? ☐ A : 2 256 ☐ B : 2 512 ☐ C : 2 129 9 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  10. Test your knowledge! What is the double of a key space of size 2 128 ? ☐ A : 2 256 ☐ B : 2 512 🗺 C : 2 129 10 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  11. Ways to achieve a notion of security. Provable security: breaking our primitive is ● the same as finding an efficient solution to a mathematical problem (hopefully one that is long-thought to be difficult.) Diffie-Hellman: discrete logarithm problem. ○ RSA: integer factorization problem. ○ Book on the right is recommended advanced reading if you’re interested in this. 11 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  12. Ways to achieve a notion of security. Basing security relative to another ● construction: hash-based signatures are an example. Heuristic security: educated attempts, ● wide-ranging statistical analyses, studies on simplified components of the cipher, etc. Block ciphers are an example. Book on the right is recommended advanced reading if you’re interested in this. 12 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  13. “Symmetric” encryption? It’s very simple: “Symmetric” means Alice and Bob have the ● same key. “Asymmetric” means public -key ● cryptography: each party has a different key pair. 13 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  14. Protocols need building blocks Asymmetric primitives. Symmetric primitives. Public key agreement algorithms : client and Secure hash functions : the client and the ● ● server can agree on a secret encryption key server can generate integrity-preserving over a public channel (wow!) codes for encrypted messages. Signature algorithms : an authority can sign a Encryption schemes : confidential data can ● ● certificate proving that the server is indeed be encrypted and exchanged. who it says it is. 14 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  15. Symmetric encryption overview. Alice Bob 15 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  16. Classic example: substitution cipher. Plaintext Ciphertext Key 16 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  17. Test your knowledge! What is the key space of a substitution cipher based on an alphabet of 26 letters? ☐ A : |K| = 26 ☐ B : |K| = 26! ☐ C : |K| = 2 26 17 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  18. Test your knowledge! What is the key space of a substitution cipher based on an alphabet of 26 letters? ☐ A : |K| = 26 🗺 B : |K| = 26! ☐ C : |K| = 2 26 18 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  19. 2 88 doesn’t last long when we have differentials. We know the plaintext is in French, so we look at the most common letters. 19 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  20. Another example (in English.) Letters Digrams Trigrams 20 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  21. 1.2b Block Ciphers 21 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  22. Block ciphers: a closer look 3DES: n = 64, x = 168 ● AES: n = 128, x = 128, 192, 256 ● 22 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  23. Block ciphers are “PRPs.” “One -to- one” pseudorandom permutations. The space of plaintexts is the same as the ● space of ciphertexts. Only one mapping is possible from one to ● the other. Mappings are uniform and pseudorandom. ● 23 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  24. Block ciphers: a brief history. Data Encryption Standard (DES.) Advanced Encryption Standard (AES.) Invented in 1970 by Horst Feistel at IBM NIST submits RFP in 1997 and receives 15 ● ● with a key size of 128 bits and a block size contesting proposals. of 128 bits (codename: Lucifer.) NIST chooses five finalists in 1995, of which ● Standardized in 1976 by the U.S. AES was the winner in 2000 (codename: ● Government with a key size of 56 bits and a Rijndael.) message size of 64 bits (hmm.) Broken in 1997 with practical exhaustive ● search 24 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  25. Block ciphers: a brief history. Advanced Encryption Standard (AES.) NIST submits RFP in 1997 and receives 15 ● contesting proposals. NIST chooses five finalists in 1995, of which ● AES was the winner in 2000 (codename: Rijndael.) 25 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  26. Block ciphers: inner workings. Feistel network (DES) Substitution-permutation network (AES) 26 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  27. Block ciphers: hidden weaknesses. Substitution boxes (s-boxes) are supposed to further confuse (and render non-linear) the relationship between key and ciphertext. However, they can introduce different types ● of attack vectors… Timing side-channel : S-box lookups can be ● implemented to operate in non-constant time. Backdoors: weaknesses in S-boxes can be ● difficult to detect by non-designers. 27 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  28. Electronic Codebook (ECB) mode. 28 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  29. Cipher Block Chaining (CBC) mode. 29 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  30. Counter (CTR) mode. 30 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  31. A not-so-great ciphertext. 31 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  32. More not-so-great ciphertexts. 32 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  33. Test your knowledge! Which block cipher mode was used to encrypt the previous ciphertext? ☐ A : ECB mode. ☐ B : CBC mode. ☐ C : CTR mode. 33 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  34. Test your knowledge! Which block cipher mode was used to encrypt the previous ciphertext? 🗺 A : ECB mode. ☐ B : CBC mode. ☐ C : CTR mode. 34 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  35. 1.2c Stream Ciphers 35 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  36. Why stream ciphers? No set plaintext size. ● Can encrypt as plaintext is being produced ● (phone conversations, etc.) Let’s look at one -time pads: ● c ← E(k, m) = k ⊕ m ○ m = D(k, c) = k ⊕ c ○ Ultimately founded on a simple property: XORing a non-random element with a pseudorandom, uniform element produces a pseudorandom and uniform output. 36 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  37. Test your knowledge! You are given a one time pad-encrypted message c and its plaintext m . Can you obtain the key? ☐ A : No. ☐ B : k = m ⊕ c ☐ C : k = m ⊕ m 37 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them? Lecture 1 Page 1 CS 236 Online Why Is Security Necessary? Because people arent always nice Because a lot of

415 views • 25 slides
Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer Security? Generally concerned with protection of computer related assets Risk analysis and management! Manage could mean prevention of

537 views • 26 slides
Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL

Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL

Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL injection Web security, part 1 Announcements intermission Stephen McCamant University of Minnesota, Computer Science & Engineering Web

522 views • 5 slides
Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements intermission Day 24: Usability and security Stephen McCamant Usable security example areas University of Minnesota, Computer Science & Engineering

219 views • 5 slides
Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements intermission Day 25: Usability and security Stephen McCamant Usable security example areas University of Minnesota, Computer Science & Engineering

419 views • 4 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer

CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer

CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer Security Studies in what ways security mechanisms may fail Can we gain access to a computer system without authorizaDon? Can we compromise

986 views • 84 slides
Outline CSci 5271 Big-Picture Introduction Introduction to Computer Security Day 1:

Outline CSci 5271 Big-Picture Introduction Introduction to Computer Security Day 1:

Outline CSci 5271 Big-Picture Introduction Introduction to Computer Security Day 1: Introduction and Logistics Course Logistics Stephen McCamant University of Minnesota, Computer Science & Engineering What is computer security? Two

362 views • 7 slides
Outline Brief introduction to networking CSci 5271 Introduction to Computer Security

Outline Brief introduction to networking CSci 5271 Introduction to Computer Security

Outline Brief introduction to networking CSci 5271 Introduction to Computer Security Announcements intermission Day 13: Network, etc., security overview Some classic network attacks Stephen McCamant University of Minnesota, Computer Science

504 views • 5 slides
Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard

Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard

Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard Institute for Computer Science Security instruments learned so far Symmetric and asymmetric cryptography confidentiality, integrity, non-repudiation

319 views • 29 slides
Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer Security Logistics intermission Day 2: Intro to Software and OS Security Example security failures Stephen McCamant University of Minnesota, Computer

608 views • 8 slides
Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer Security Logistics intermission Day 2: Intro to Software and OS Security Example security failures Stephen McCamant University of Minnesota, Computer

395 views • 7 slides
INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is security? Why is it so hard to achieve? Administrative The security mindset Analyzing a systems security 1. Summarize the system 2.

801 views • 43 slides
INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

ADVANCED COMPUTER SECURITY INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT IS SECURITY? A systems security policies describe What the system is supposed to do Store and provide access

479 views • 16 slides
Introduction to Computing Principles

Introduction to Computing Principles

Introduction to Computing Principles Computer Safe Computer Security Attacks Practices What is Computer Security? Computer Security, also known as cybersecurity or IT

974 views • 63 slides
Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography

Modern cryptography CSCI 470: Web Science Keith Vertanen Overview Modern cryptography Symmetric cryptography DES 3DES AES Asymmetric cryptography Diffie-Hellman key exchange 2 Modern cryptography Moving into

338 views • 16 slides
Svetlin A. Manavski Presented by: Gareth Ferneyhough CS 791V UNR, Fall 2011 Outline

Svetlin A. Manavski Presented by: Gareth Ferneyhough CS 791V UNR, Fall 2011 Outline

CUDA COMPATIBLE GPU AS AN EFFICIENT HARDWARE ACCELERATOR FOR AES CRYPTOGRAPHY Svetlin A. Manavski Presented by: Gareth Ferneyhough CS 791V UNR, Fall 2011 Outline Cryptography and AES Overview Previous GPU implementation of AES

358 views • 22 slides
Cryptography basics for embedded developers Embedded Linux Conference, San Diego, 2016 "If

Cryptography basics for embedded developers Embedded Linux Conference, San Diego, 2016 "If

Cryptography basics for embedded developers Embedded Linux Conference, San Diego, 2016 "If you think cryptography is the solution to your problem, then you don't understand your problem " - Roger Needham Cryptography basics are

417 views • 25 slides
Protection and Security - I Tevfik Ko ar Louisiana State University April 15 th , 2008 1 The

Protection and Security - I Tevfik Ko ar Louisiana State University April 15 th , 2008 1 The

CSC 4103 - Operating Systems Spring 2008 Lecture - XX Protection and Security - I Tevfik Ko ar Louisiana State University April 15 th , 2008 1 The Security Problem Security must consider external environment of the system, and

236 views • 7 slides
Announcements Homework 2 graded. Recitation tomorrow: Eigenvalues and SVD. HW

Announcements Homework 2 graded. Recitation tomorrow: Eigenvalues and SVD. HW

Announcements Homework 2 graded. Recitation tomorrow: Eigenvalues and SVD. HW solution discussion. No lecture next Tuesday (November 5 th ). Make-up lecture next Friday (November 8 th ). 15-853 Page 1 15-853:Algorithms

935 views • 47 slides
Intro to Public Key Cryptography Diffie & Hellman Key Exchange Course Summary

Intro to Public Key Cryptography Diffie & Hellman Key Exchange Course Summary

Intro to Public Key Cryptography Diffie & Hellman Key Exchange Course Summary Introduction Stream & Block Ciphers Block Ciphers Modes (ECB,CBC,OFB) Advanced Encryption Standard (AES) Message

243 views • 20 slides
Mobile Communications Mobile Communications Confidentiality Security No access to information

Mobile Communications Mobile Communications Confidentiality Security No access to information

Security Requirements Authorization Which objects are accessible by whom? Authentication Reliable identification of users identity . Mobile Communications Mobile Communications Confidentiality Security No access to information for

577 views • 11 slides
Symmetric Key Cryptography Lecture 8 Summary RECALL Symmetric-Key Encryption SIM-CCA Security

Symmetric Key Cryptography Lecture 8 Summary RECALL Symmetric-Key Encryption SIM-CCA Security

Symmetric Key Cryptography Lecture 8 Summary RECALL Symmetric-Key Encryption SIM-CCA Security Authentication not required. i.e., Adversary allowed to send own messages (possibly error) Key/ Key/ Recv Enc Dec Send Replay SIM-CCA

192 views • 16 slides

More recommend