Uses of Cryptography What can we use cryptography for? Lots of - - PowerPoint PPT Presentation

uses of cryptography
SMART_READER_LITE
LIVE PREVIEW

Uses of Cryptography What can we use cryptography for? Lots of - - PowerPoint PPT Presentation

Dec 20, 2022 137 likes •306 views

Uses of Cryptography What can we use cryptography for? Lots of things Secrecy Authentication Prevention of alteration Lecture 4 Page 1 CS 236 Online Cryptography and Secrecy Pretty obvious Only those knowing the

slide-1
SLIDE 1

Lecture 4 Page 1 CS 236 Online

Uses of Cryptography

  • What can we use cryptography for?
  • Lots of things

– Secrecy – Authentication – Prevention of alteration

slide-2
SLIDE 2

Lecture 4 Page 2 CS 236 Online

Cryptography and Secrecy

  • Pretty obvious
  • Only those knowing the proper keys

can decrypt the message – Thus preserving secrecy

  • Used cleverly, it can provide other

forms of secrecy

slide-3
SLIDE 3

Lecture 4 Page 3 CS 236 Online

Cryptography and Authentication

  • How can I prove to you that I created a

piece of data?

  • What if I give you the data in encrypted

form? – Using a key only you and I know

  • Then only you or I could have created it

– Unless one of us told someone else the key . . .

slide-4
SLIDE 4

Lecture 4 Page 4 CS 236 Online

Using Cryptography for Authentication

  • If both parties cooperative, standard

cryptography can authenticate – Problems with non-repudiation, though

  • What if three parties want to share a key?

– No longer certain who created anything – Public key cryptography can solve this problem

  • What if I want to prove authenticity without

secrecy?

slide-5
SLIDE 5

Lecture 4 Page 5 CS 236 Online

Cryptography and Non- Alterability

  • Changing one bit of an encrypted message

completely garbles it – For many forms of cryptography

  • If a checksum is part of encrypted data,

that’s detectable

  • If you don’t need secrecy, can get the same

effect – By encrypting only the checksum

slide-6
SLIDE 6

Lecture 4 Page 6 CS 236 Online

Symmetric and Asymmetric Cryptosystems

  • Symmetric - the encrypter and

decrypter share a secret key – Used for both encrypting and decrypting

  • Asymmetric – encrypter has different

key than decrypter

slide-7
SLIDE 7

Lecture 4 Page 7 CS 236 Online

Description of Symmetric Systems

  • C = E(K,P)
  • P = D(K,C)
  • E() and D() are not necessarily the

same operations

slide-8
SLIDE 8

Lecture 4 Page 8 CS 236 Online

Advantages of Symmetric Key Systems

+ Encryption and authentication performed in a single operation + Well-known (and trusted) ones perform faster than asymmetric key systems + Doesn’t require any centralized authority

  • Though key servers help a lot
slide-9
SLIDE 9

Lecture 4 Page 9 CS 236 Online

Disadvantage of Symmetric Key Systems

– Encryption and authentication performed in a single operation

  • Makes signature more difficult

– Non-repudiation hard without servers – Key distribution can be a problem – Scaling

slide-10
SLIDE 10

Lecture 4 Page 10 CS 236 Online

Scaling Problems of Symmetric Cryptography

K1 K1 K2 K2 K3 K3 K4 K4 K5 K5 K6 K6

H

  • w

m a n y k e y s a m I g

  • i

n g t

  • n

e e d t

  • h

a n d l e t h e e n t i r e I n t e r n e t ? ? ? ?

slide-11
SLIDE 11

Lecture 4 Page 11 CS 236 Online

Sample Symmetric Key Ciphers

  • The Data Encryption Standard
  • The Advanced Encryption Standard
  • There are many others
slide-12
SLIDE 12

Lecture 4 Page 12 CS 236 Online

The Data Encryption Standard

  • Well known symmetric cipher
  • Developed in 1977, still much used

– Shouldn’t be, for anything serious

  • Block encryption, using substitutions,

permutations, table lookups – With multiple rounds – Each round is repeated application of

  • perations
  • Only serious problem based on short key
slide-13
SLIDE 13

Lecture 4 Page 13 CS 236 Online

The Advanced Encryption Standard

  • A relatively new cryptographic algorithm
  • Intended to be the replacement for DES
  • Chosen by NIST

– Through an open competition

  • Chosen cipher was originally called

Rijndael – Developed by Dutch researchers – Uses combination of permutation and substitution

slide-14
SLIDE 14

Lecture 4 Page 14 CS 236 Online

Increased Popularity of AES

  • Gradually replacing DES

– As was intended

  • Various RFCs describe using AES in IPsec
  • FreeS/WAN IPsec (for Linux) includes

AES

  • Some commercial VPNs use AES
  • Used in modern Windows systems

– Also recent versions of Mac OS

slide-15
SLIDE 15

Lecture 4 Page 15 CS 236 Online

Is AES Secure?

  • No complete breaks discovered so far
  • But some disturbing problems

– Attacks that work on versions of AES using fewer rounds – Attacks that get keys quicker than brute force

  • But not practical time (e.g. in 2126
  • perations)
  • But unusable crypto flaws often lead to usable
  • nes
  • Attacks on crypto only get better over time, never

worse