mes messa sage ge aut uthe hent ntica ication tion cod
play

Mes Messa sage ge Aut uthe hent ntica ication tion Cod Codes - PowerPoint PPT Presentation

Oct 05, 2022 •366 likes •1.18k views

Data and Network Security Lab Sharif University of Technology Department of Computer Engineering Mes Messa sage ge Aut uthe hent ntica ication tion Cod Codes es Instructor: Ahmad Boorghany Most of the slides are obtained from Bellare

  1. Data and Network Security Lab Sharif University of Technology Department of Computer Engineering Mes Messa sage ge Aut uthe hent ntica ication tion Cod Codes es Instructor: Ahmad Boorghany Most of the slides are obtained from Bellare and Rogaway’s “Introduction to Modern Cryptography” course. Sharif University Introduction to Modern Cryptography Spring 2015 1 / 80

  2. Outline  Message Authentication  Message Authentication Code (MAC)  PRFs as good MACs  Constructing MACs  Birthday Attack and Security Bounds  HMAC  Universal Hashing and Message Authentication Sharif University Introduction to Modern Cryptography Spring 2015 2 / 80

  3. Message Authentication Sharif University Introduction to Modern Cryptography Spring 2015 3 / 80

  4. Integrity and authenticity Sharif University Introduction to Modern Cryptography Spring 2015 4 / 80

  5. Integrity and authenticity example Sharif University Introduction to Modern Cryptography Spring 2015 5 / 80

  6. Medical databases Sharif University Introduction to Modern Cryptography Spring 2015 6 / 80

  7. Does privacy provide authenticity? Sharif University Introduction to Modern Cryptography Spring 2015 7 / 80

  8. Counterexample: OTP Sharif University Introduction to Modern Cryptography Spring 2015 8 / 80

  9. Adding redundacy Sharif University Introduction to Modern Cryptography Spring 2015 9 / 80

  10. What went wrong? Sharif University Introduction to Modern Cryptography Spring 2015 10 / 80

  11. Message Authentication Code (MAC) Sharif University Introduction to Modern Cryptography Spring 2015 11 / 80

  12. Message authentication codes Sharif University Introduction to Modern Cryptography Spring 2015 12 / 80

  13. Example Sharif University Introduction to Modern Cryptography Spring 2015 13 / 80

  14. Security: What the adversary gets Sharif University Introduction to Modern Cryptography Spring 2015 14 / 80

  15. Security: Key-recovery Sharif University Introduction to Modern Cryptography Spring 2015 15 / 80

  16. Security: Forgery Sharif University Introduction to Modern Cryptography Spring 2015 16 / 80

  17. uf-cma adversaries Sharif University Introduction to Modern Cryptography Spring 2015 17 / 80

  18. uf-cma adversaries Sharif University Introduction to Modern Cryptography Spring 2015 18 / 80

  19. UF-CMA Sharif University Introduction to Modern Cryptography Spring 2015 19 / 80

  20. Definition: UF-CMA Sharif University Introduction to Modern Cryptography Spring 2015 20 / 80

  21. The measure of success Sharif University Introduction to Modern Cryptography Spring 2015 21 / 80

  22. MAC security Sharif University Introduction to Modern Cryptography Spring 2015 22 / 80

  23. Tag lengths Sharif University Introduction to Modern Cryptography Spring 2015 23 / 80

  24. Example 1 Sharif University Introduction to Modern Cryptography Spring 2015 24 / 80

  25. Example 1 Sharif University Introduction to Modern Cryptography Spring 2015 25 / 80

  26. Example 1 Sharif University Introduction to Modern Cryptography Spring 2015 26 / 80

  27. Example 1 Sharif University Introduction to Modern Cryptography Spring 2015 27 / 80

  28. Example 1 Sharif University Introduction to Modern Cryptography Spring 2015 28 / 80

  29. Example 1 Sharif University Introduction to Modern Cryptography Spring 2015 29 / 80

  30. Example 2 Sharif University Introduction to Modern Cryptography Spring 2015 30 / 80

  31. Example 2 Sharif University Introduction to Modern Cryptography Spring 2015 31 / 80

  32. Example 2 Sharif University Introduction to Modern Cryptography Spring 2015 32 / 80

  33. Attack on Example 2 Sharif University Introduction to Modern Cryptography Spring 2015 33 / 80

  34. PRFs as good MACs Sharif University Introduction to Modern Cryptography Spring 2015 34 / 80

  35. Any PRF is a MAC Sharif University Introduction to Modern Cryptography Spring 2015 35 / 80

  36. Intuition for why PRFs are good MACs Sharif University Introduction to Modern Cryptography Spring 2015 36 / 80

  37. Random functions are good MACs Sharif University Introduction to Modern Cryptography Spring 2015 37 / 80

  38. Random functions are good MACs Sharif University Introduction to Modern Cryptography Spring 2015 38 / 80

  39. PRFs are nearly as good MACs as random functions Sharif University Introduction to Modern Cryptography Spring 2015 39 / 80

  40. PRFs are good MACs Sharif University Introduction to Modern Cryptography Spring 2015 40 / 80

  41. Games for proof Sharif University Introduction to Modern Cryptography Spring 2015 41 / 80

  42. Adversary B Sharif University Introduction to Modern Cryptography Spring 2015 42 / 80

  43. Analysis Sharif University Introduction to Modern Cryptography Spring 2015 43 / 80

  44. Proof of Claim Sharif University Introduction to Modern Cryptography Spring 2015 44 / 80

  45. Proof of Claim Sharif University Introduction to Modern Cryptography Spring 2015 45 / 80

  46. Proof of Claim Sharif University Introduction to Modern Cryptography Spring 2015 46 / 80

  47. Constructing MACs Sharif University Introduction to Modern Cryptography Spring 2015 47 / 80

  48. Basic CBC MAC Sharif University Introduction to Modern Cryptography Spring 2015 48 / 80

  49. Splicing attack on basic CBC MAC Sharif University Introduction to Modern Cryptography Spring 2015 49 / 80

  50. Preventing the splicing attack Sharif University Introduction to Modern Cryptography Spring 2015 50 / 80

  51. ECBC MAC Sharif University Introduction to Modern Cryptography Spring 2015 51 / 80

  52. Birthday Attack and Security Bounds Sharif University Introduction to Modern Cryptography Spring 2015 52 / 80

  53. Birthday attacks on MACs Sharif University Introduction to Modern Cryptography Spring 2015 53 / 80

  54. The birthday attack Sharif University Introduction to Modern Cryptography Spring 2015 54 / 80

  55. Internal collisions Sharif University Introduction to Modern Cryptography Spring 2015 55 / 80

  56. Exploiting internal collisions to forge Sharif University Introduction to Modern Cryptography Spring 2015 56 / 80

  57. Exploiting internal collisions to forge Sharif University Introduction to Modern Cryptography Spring 2015 57 / 80

  58. Finding internal collisions Sharif University Introduction to Modern Cryptography Spring 2015 58 / 80

  59. Birthday attack on 3-restricted basic CBC MAC T Sharif University Introduction to Modern Cryptography Spring 2015 59 / 80

  60. Truncation Sharif University Introduction to Modern Cryptography Spring 2015 60 / 80

  61. Security of basic CBC MAC Sharif University Introduction to Modern Cryptography Spring 2015 61 / 80

  62. Security of basic CBC MAC Sharif University Introduction to Modern Cryptography Spring 2015 62 / 80

  63. Security of ECBC Sharif University Introduction to Modern Cryptography Spring 2015 63 / 80

  64. Security of ECBC Sharif University Introduction to Modern Cryptography Spring 2015 64 / 80

  65. Non-full messages Sharif University Introduction to Modern Cryptography Spring 2015 65 / 80

  66. Non-full messages Sharif University Introduction to Modern Cryptography Spring 2015 66 / 80

  67. HMAC Sharif University Introduction to Modern Cryptography Spring 2015 67 / 80

  68. MACing with hash functions Sharif University Introduction to Modern Cryptography Spring 2015 68 / 80

  69. Extension attack Sharif University Introduction to Modern Cryptography Spring 2015 69 / 80

  70. Extension attack Sharif University Introduction to Modern Cryptography Spring 2015 70 / 80

  71. HMAC [BCK96] Sharif University Introduction to Modern Cryptography Spring 2015 71 / 80

  72. HMAC Sharif University Introduction to Modern Cryptography Spring 2015 72 / 80

  73. HMAC Security Sharif University Introduction to Modern Cryptography Spring 2015 73 / 80

  74. Universal Hashing and Message Authentication Sharif University Introduction to Modern Cryptography Spring 2015 74 / 80

  75. Paradigms for MACing Sharif University Introduction to Modern Cryptography Spring 2015 75 / 80

  76. AU Families Sharif University Introduction to Modern Cryptography Spring 2015 76 / 80

  77. NH [BHKKR] Sharif University Introduction to Modern Cryptography Spring 2015 77 / 80

  78. From AU to MAC Sharif University Introduction to Modern Cryptography Spring 2015 78 / 80

  79. Performance Sharif University Introduction to Modern Cryptography Spring 2015 79 / 80

  80. Questions? Sharif University Introduction to Modern Cryptography Spring 2015 80 / 80

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Simplif Simplifica ication Pr tion Project oject Special Open Door Forum Proposed Changes to

Simplif Simplifica ication Pr tion Project oject Special Open Door Forum Proposed Changes to

Documen Documenta tation tion Req equir uireme ements nts Simplif Simplifica ication Pr tion Project oject Special Open Door Forum Proposed Changes to DMEPOS Quality Standards for Therapeutic Shoe Inserts Melanie Combs-Dyer Tuesday

499 views • 11 slides
Powde der r Met Metallur allurgy y Fabr brica ication tion of of T Thin, hin, Fla

Powde der r Met Metallur allurgy y Fabr brica ication tion of of T Thin, hin, Fla

Powde der r Met Metallur allurgy y Fabr brica ication tion of of T Thin, hin, Fla lat, t, Mol Molyb ybde denu num m Disk Disks Rick Lowden Jim Kiggans Chris Bryan Oak Ridge National Laboratory Mo-99 Topical Meeting

668 views • 39 slides
for or Ident entif ifica ication tion of of Cer ervical vical Spine ine Inj njuries

for or Ident entif ifica ication tion of of Cer ervical vical Spine ine Inj njuries

Cer ervical vical Spine ine MRI I Uti tiliza lization tion for or Ident entif ifica ication tion of of Cer ervical vical Spine ine Inj njuries uries Amo mong ng Chi hildr ldren en Wi With th Non-Acc Accide idental

803 views • 13 slides
Specif ication in the sof tware Specif ication and design process Specif ication and design

Specif ication in the sof tware Specif ication and design process Specif ication and design

Formal Specif ication Objectives To explain why f ormal specif ication techniques help discover problems in Techniques f or the system requirements unambiguous To describe the use of algebraic techniques f or interf ace specif

776 views • 4 slides
Topics covered Formal specif ication in the sof tware process I nterf ace specif ication

Topics covered Formal specif ication in the sof tware process I nterf ace specif ication

Formal Specif ication Techniques f or the unambiguous specif ication of sof tware Objectives To explain why f ormal specif ication techniques help discover problems in system requirements To describe the use of algebraic

793 views • 12 slides
Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr

Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr

Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr Graphical phical Pr Prog ograms ams Car Carl Eastlund l Eastlund Ma Matthias F tthias Felleisen elleisen cce@ccs.neu.edu

489 views • 38 slides
Medica ication tion T Thera rapy y Manageme ement Fis t Fishbow bowl l Barry A. Bunting

Medica ication tion T Thera rapy y Manageme ement Fis t Fishbow bowl l Barry A. Bunting

Medica ication tion T Thera rapy y Manageme ement Fis t Fishbow bowl l Barry A. Bunting American Health Care Scaling and Spreading Innovation Strategies to Improve Cardiovascular Health April 19, 2012 Descr cription of on of Innov

2.15k views • 9 slides
Usa sage of of CAN AN and C nd CAN AN-FD FD f for r Hi High gh-De Defin initio tion

Usa sage of of CAN AN and C nd CAN AN-FD FD f for r Hi High gh-De Defin initio tion

Usa sage of of CAN AN and C nd CAN AN-FD FD f for r Hi High gh-De Defin initio tion Headli light Syste t Systems ms CiA-Presentation.pptx 1/26 Gennady Benderman | EEK4 In Intr trodu oduction on CiA-Presentation.pptx 2/26

433 views • 26 slides
HE HEP D P DYN YNAM AMIC IC CL CLAS ASSI SIFIE FIER Cl Classif assifica ication tion

HE HEP D P DYN YNAM AMIC IC CL CLAS ASSI SIFIE FIER Cl Classif assifica ication tion

HE HEP D P DYN YNAM AMIC IC CL CLAS ASSI SIFIE FIER Cl Classif assifica ication tion Im Impa pact ct on Co Comb mbustion ustion Pulverized Coal Particle Size 1. The particle size distribution of the PF will affect the

392 views • 12 slides
Reduction on i in F Fluor oros oscop opy T y Time e and Ra Radiati tion Do Dosa sage

Reduction on i in F Fluor oros oscop opy T y Time e and Ra Radiati tion Do Dosa sage

Reduction on i in F Fluor oros oscop opy T y Time e and Ra Radiati tion Do Dosa sage Using a g an Innovative G Guide W e Wire f e for Percutan aneou eous P Pedicle Screws Cook B, Briski D, Zavatsky J Ochsner Medical Center

223 views • 11 slides
Sage Inventory What is Sage Inventory Advisor? Advisor Sage Inventory Advisor is an affordable

Sage Inventory What is Sage Inventory Advisor? Advisor Sage Inventory Advisor is an affordable

Sage Inventory Advisor PC Retreat 2015 Sage Inventory What is Sage Inventory Advisor? Advisor Sage Inventory Advisor is an affordable Inventory Optimization Cloud-based solution that integrates with Sage ERP systems to help you optimize your

486 views • 4 slides
Dunmore Sand and Soil Modif ific ication 2 2 - Stage 5 10 10 Apr April il 20 2019 19 Com

Dunmore Sand and Soil Modif ific ication 2 2 - Stage 5 10 10 Apr April il 20 2019 19 Com

Dunmore Sand and Soil Modif ific ication 2 2 - Stage 5 10 10 Apr April il 20 2019 19 Com Communit ity Brie riefin ing Pre Presenta tati tion DSS Mod 2 Briefing - Introduction Agenda Welcome - Paul Jackson (Stakeholder

549 views • 22 slides
T ha nk T e a c he rs a nd the Sc ho o l fo r g iving us the o ppo rtunity to spe a k to da

T ha nk T e a c he rs a nd the Sc ho o l fo r g iving us the o ppo rtunity to spe a k to da

SL IDE 1 Intr oduc tion T ha nk T e a c he rs a nd the Sc ho o l fo r g iving us the o ppo rtunity to spe a k to da y. I ntro duc tio n yo urse lf a nd Ha r pse a ls.o rg . HSO is b a se d in so uthe rn Ca lifo rnia a nd ha s a na tio

358 views • 17 slides
Sage CRM and Sage 300 CRE How CRM can help your business Agenda What is CRM? Common business

Sage CRM and Sage 300 CRE How CRM can help your business Agenda What is CRM? Common business

Sage CRM and Sage 300 CRE How CRM can help your business Agenda What is CRM? Common business issues faced by companies today How CRM can help your company What is CRM4CRE and how does it work? Live Demo of Sage CRM and CRM4CRE Q & A

428 views • 20 slides
Introduction to Sage Sage Days 45: Multiple Dirichlet Series, Combinatorics, and Representation

Introduction to Sage Sage Days 45: Multiple Dirichlet Series, Combinatorics, and Representation

Introduction to Sage 2/11/13 11:48 AM Introduction to Sage Sage Days 45: Multiple Dirichlet Series, Combinatorics, and Representation Theory ICERM, Providence, RI February 11, 2013 Mission Sage Mission: To create a viable, free, open source

483 views • 5 slides
Greater Sage-Grouse Gunnison Sage-Grouse Kathy Griffin Statewide Grouse Conservation

Greater Sage-Grouse Gunnison Sage-Grouse Kathy Griffin Statewide Grouse Conservation

Sa Sage-Gr Grouse ouse Sta Status tus Greater Sage-Grouse Gunnison Sage-Grouse Kathy Griffin Statewide Grouse Conservation Coordinator Sage-Gr Grouse ouse Dis istrib ributi ution on - CO CO Gu Gunn nnis ison on Sage-Gr Grouse

430 views • 23 slides
Foundation of Cryptography (0368-4162-01), Lecture 7 MACs and Signatures Iftach Haitner, Tel

Foundation of Cryptography (0368-4162-01), Lecture 7 MACs and Signatures Iftach Haitner, Tel

Message Authentication Code (MAC) Constructions Signature Schemes OWFs = Signatures Foundation of Cryptography (0368-4162-01), Lecture 7 MACs and Signatures Iftach Haitner, Tel Aviv University December 27, 2011 Message Authentication

1.25k views • 89 slides
Symmetric-key Cryptography: an Engineering Perspective Nicky Mouha 1 ESAT/COSIC, KU Leuven and

Symmetric-key Cryptography: an Engineering Perspective Nicky Mouha 1 ESAT/COSIC, KU Leuven and

Symmetric-key Cryptography: an Engineering Perspective Nicky Mouha 1 ESAT/COSIC, KU Leuven and iMinds, Belgium 2 Project-team SECRET, Inria, France ASK 2014 December 19, 2014 1 / 44 Overview Engineering Perspective Design, analysis,

873 views • 84 slides
Efficient Implementation of Hash-Sequence Signatures Ahto Truu, Guardtime AS / Tallinn University

Efficient Implementation of Hash-Sequence Signatures Ahto Truu, Guardtime AS / Tallinn University

Efficient Implementation of Hash-Sequence Signatures Ahto Truu, Guardtime AS / Tallinn University of Technology This is joint work with Ahto Buldas and Risto Laanoja The presenter has received the Skype and IT Academy PhD Students Scholarship

318 views • 15 slides
Network Security Essentials Chapter 3 Fourth Edition by William Stallings Lecture slides by

Network Security Essentials Chapter 3 Fourth Edition by William Stallings Lecture slides by

Network Security Essentials Chapter 3 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively as the true name and the

970 views • 81 slides
Exact Security Analysis of Hash-then-Mask Type Probabilistic MAC Constructions Avijit Dutta and

Exact Security Analysis of Hash-then-Mask Type Probabilistic MAC Constructions Avijit Dutta and

Message Authentication Code HtM Construction Contributions Conclusion Exact Security Analysis of Hash-then-Mask Type Probabilistic MAC Constructions Avijit Dutta and Ashwin Jha and Mridul Nandi Indian Statistical Institute, Kolkata 27th

463 views • 42 slides
Hashing Hashing What is it? A form of narcotic intake? A side order for your eggs? A

Hashing Hashing What is it? A form of narcotic intake? A side order for your eggs? A

Hashing Hashing What is it? A form of narcotic intake? A side order for your eggs? A combination of the two? Hashing 1 Problem RT&T is a large phone company, and they want to provide caller ID capability: - given a phone number,

267 views • 14 slides
Advanced Algorithms COMS31900 Hashing part one Chaining, true randomness and universal

Advanced Algorithms COMS31900 Hashing part one Chaining, true randomness and universal

Advanced Algorithms COMS31900 Hashing part one Chaining, true randomness and universal hashing Rapha el Clifford Slides by Benjamin Sach and Markus Jalsenius Dictionaries In a dictionary data structure we store ( key , value ) -pairs

1.56k views • 98 slides
Week 9 Oliver Kullmann Generalising arrays Hash tables Direct addressing Hashing in

Week 9 Oliver Kullmann Generalising arrays Hash tables Direct addressing Hashing in

CS 270 Algorithms Week 9 Oliver Kullmann Generalising arrays Hash tables Direct addressing Hashing in general Generalising arrays 1 Hashing through chaining Direct addressing 2 Hash functions Hashing in general 3 Tutorial

558 views • 33 slides

More recommend