fundamentals of cryptography algorithms and security
play

Fundamentals of Cryptography: Algorithms, and Security Services - PowerPoint PPT Presentation

Nov 16, 2023 •97 likes •697 views

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security: Private Communication in a Public World [Chap. 2-8] Charles Kaufman, Mike Speciner, Radia

  1. Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security: Private Communication in a Public World [Chap. 2-8] Charles Kaufman, Mike Speciner, Radia Perlman, Prentice-Hall Cryptography: Theory and Practice, Douglas Stinson, Chapman & Hall/CRC Cryptography and Network Security, William Stallings, Prentice Hall

  2. Why, How, What? ! Cryptography provides key building block for many network security services ! Security services: ! Authentication, Confidentiality, Integrity, Access control, Non- repudiation, availability, key management, audit ! Cryptographic algorithms (building blocks): ! Encryption: symmetric encryption (e.g., AES), asymmetric encryption (e.g., RSA, El-Gamal) ! Hashing functions ! Message Authentication Code (e.g., HMAC + SHA1) ! Digital signature functions (e.g., RSA, El-Gamal) Network Security Cryptography Overview 2

  3. What you need to know at the end of this lecture What are the important cryptographic mechanisms? ! What are the two fundamental classes of cryptographic mechanisms: ! symmetric, and asymmetric? What are the important algorithms for symmetric crypto? ! How are these algorithms used? ! Some of the main asymmetric crypto algorithms: RSA, DH, how do ! they work? how can they be used? Network Security Cryptography Overview 3

  4. Outline ! Introduction to Cryptography ! Secret Key Cryptography (symmetric crypto) ! Modes of Operation of Encryption Algorithms ! ECB, CBC, OFB, CFB, CTR ! Hashes and Message Authentication Codes ! Public Key Algorithms (asymmetric crypto) Network Security Cryptography Overview 4

  5. Terminology ! Security services: ! Authentication, confidentiality, integrity, access control, non- repudiation, availability, key management, audit ! Security attacks: ! Passive, active ! Cryptography models: ! Symmetric (secret key), asymmetric (public key) ! Cryptanalysis: ! Ciphertext only, known plaintext, chosen plaintext, chosen ciphertext, chosen text Network Security Cryptography Overview 5

  6. Security services ! Authentication: assures the recipient of a message the authenticity of the claimed source ! ! Access control: limits the access to authorized users ! ! Confidentiality: protects against unauthorized release of message content ! ! Integrity: guarantees that a message is received as sent ! ! Non-repudiation: protects against sender/receiver denying sending/receiving a message ! ! Availability: guarantees that the system services are always available when needed ! ! Security audit: keeps track of transactions for later use (diagnostic, alarms…) ! ! Key management: allows to negotiate, setup and maintain keys between communicating entities ! Network Security Cryptography Overview 6

  7. Security Attacks Security attacks: ! ! Interception (confidentiality) ! Interruption (availability) ! Modification (integrity) ! Fabrication (authenticity) Kent’s classification ! ! Passive attacks: ! Release of message content ! Traffic analysis ! Active attacks: ! Masquerade ! Replay ! Modification of message ! Denial of service Network Security Cryptography Overview 7

  8. Kerchoff’s Principle ! The cipher should be secure even if the intruder knows all the details of the encryption process except for the secret key ! “No security by obscurity” ! Examples of system that did not follow this rule and failed? Network Security Cryptography Overview 8

  9. Securing Networks Monitoring/Logging/Intrusion Detection Applications Layer ! Where to put Control/Management (configuration) telnet/ftp: ssh , http: shttp , mail: PGP the security in a Network Security Tools: ( SSL/TLS ) protocol stack? Transport Layer (TCP) ! Practical ( IPSec, IKE ) considerations: Network Layer (IP) ! End to end Link Layer security ( IEEE802.1x/IEEE802.10 ) ! No modification to OS Physical Layer ( spread-Spectrum, quantum crypto, etc. ) Network Security Cryptography Overview 9

  10. Encryption ! Basic Goal: ! Allow two entities (e.g., Alice, and Bob) to communicate over an insecure channel, such that an opponent (e.g., Oscar) cannot understand what is being communicated Oscar y x x Alice Encrypt Decrypt Bob Decryption Key Encryption Key

  11. Encryption Algorithms ! Block vs. Stream ciphers ! Block ciphers: ! Input: block of n bits ; Output: block of n bits ! Examples: AES, DES ! Stream ciphers: ! Input: stream of symbols ; Output: stream of symbols ! Examples: GSM A5, RC4 ! Block ciphers can be used to build stream ciphers (under some assumptions) ! Examples: AES-CBC Network Security Cryptography Overview 11

  12. Encryption Models Symmetric encryption (conventional encryption) ! Encryption Key = Decryption Key ! I.e., Decryption key can be derived from encryption key ! E.g., AES, DES, FEAL, IDEA, BLOWFISH ! Asymmetric encryption ! Encryption Key ! Decryption key ! I.e., Decryption key cannot be derived from encryption key ! E.g., RSA, Diffie-Hellman, ElGamal ! Network Security Cryptography Overview 12

  13. Encryption Models Symmetric encryption: Asymmetric encryption: Network Security Cryptography Overview 13

  14. Symmetric vs. Asymmetric Algorithms ! Symmetric algorithms are much faster ! In the order of a 1000 times faster ! Symmetric algorithms require a shared secret ! Impractical if the communicating entities don’t have another secure channel ! Both algorithms are combined to provide practical and efficient secure communication ! E.g., establish a secret session key using asymmetric crypto and use symmetric crypto for encrypting the traffic Network Security Cryptography Overview 14

  15. Attacks on Encrypted Messages Ciphertext only: ! ! encryption algorithm, ciphertext to be decoded Known plaintext: ! ! encryption algorithm, ciphertext to be decoded, pairs of (plaintext, ciphertext) Chosen plaintext: ! ! encryption algorithm, ciphertext to be decoded, plaintext (chosen by cryptanalyst) + corresponding ciphertext Chosen ciphertext: ! ! encryption algorithm, ciphertext to be decoded, ciphertext (chosen by cryptanalyst) + corresponding plaintext Chosen text: ! ! encryption algorithm, ciphertext to be decoded, plaintext + corresponding ciphertext (both can be chosen by attacker) Network Security Cryptography Overview 15

  16. Secret Key Cryptography = Symmetric Cryptography = Conventional Cryptography Network Security Cryptography Overview 16

  17. Examples of Encryption Algorithms ! Advances Encryption Algorithm (AES) ! Block size: 128 bits ! Key size:128/196/256 ! Data Encryption Standard (DES) – not secure ! Block size: 64 bits ! Key size: 56 bits ! It is not recommended to use DES Network Security Cryptography Overview 17

  18. Encryption Modes: Electronic Codebook (ECB) P 1 P 2 P N ... K K K encrypt encrypt encrypt C 1 C 2 C N C 2 C N C 1 ... K K K decrypt decrypt decrypt P 2 P N P 1 Network Security Cryptography Overview 18

  19. Encryption Modes: Cipher Block Chaining (CBC) P 1 P 2 P N C N-1 IV K K K ... Encrypt Encrypt Encrypt C 1 C 2 C N C N C 1 C 2 K K K ... Decrypt Decrypt Decrypt C N-1 IV P N P 1 P 2 Network Security Cryptography Overview 19

  20. Encryption Modes: Cipher Feedback (CFB) C N-1 Shift register SR SR 64-j bits | j bits 64-j bits | j bits 64-j bits | j bits 64 64 64 K K K Encrypt Encrypt Encrypt 64 ... 64 64 j bits | 64- j bits j bits | 64- j bits j bits | 64- j bits j P 1 j j j j P N j j C 1 P 2 j j C 2 C N C N-1 Shift register SR SR 64-j bits | j bits 64-j bits | j bits 64-j bits | j bits 64 64 64 K K K Encrypt Encrypt Encrypt 64 ... 64 64 j bits | 64- j bits j bits | 64- j bits j bits | 64- j bits j P 1 j j j j P N j j C 1 P 2 j j C 2 C N

  21. Encryption Modes: Output Feedback (OFB) O N-1 Shift register SR SR 64-j bits | j bits 64-j bits | j bits 64-j bits | j bits 64 64 64 K K K Encrypt Encrypt Encrypt 64 ... 64 64 j bits | 64- j bits j bits | 64- j bits j bits | 64- j bits j P 1 j j j j P N j j P 2 j j C 1 C 2 C N O N-1 Shift register SR SR 64-j bits | j bits 64-j bits | j bits 64-j bits | j bits 64 64 64 K K K Encrypt Encrypt Encrypt 64 ... 64 64 j bits | 64- j bits j bits | 64- j bits j bits | 64- j bits j C 1 j j j j C N j j C 2 j j P 1 P 2 P N

  22. Counter (CTR) ! Similar to OFB but encrypts counter value rather than any feedback value ! Must have a different key & counter value for every plaintext block (never reused) C i = P i XOR O i O i = Encrypt K1 (i) ! Uses: high-speed network encryptions, random access to files Network Security Cryptography Overview 22

  23. Symmetric Encryption Algorithms Internals ! Historical ciphers ! Not necessary to understand all the details Network Security Cryptography Overview 23

  24. Symmetric cryptosystems (conventional cryptosystems) ! Substitution techniques: ! Caesar cipher ! Replace each letter with the letter standing x places further ! Example: (x = 3) ! plain: meet me after the toga party � ! cipher: phhw ph diwhu wkh wrjd sduwb � ! Key space: 25 ! Brut force attack: try 25 possibilities � ! Monoalphabetic ciphers ! Arbitrary substitution of alphabet letters ! Key space: 26! > 4x10 26 > key-space(DES) ! Attack if the nature of the plaintext is known (e.g., English text): ! compute the relative frequency of letters and compare it to standard distribution for English (e.g., E:12.7, T:9, etc.) ! compute the relative frequency of 2-letter combinations (e.g., TH) Network Security Cryptography Overview 24

  25. English Letters Frequencies Network Security Cryptography Overview 25

Recommend

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Cryptography: Theory and Practice, Douglas Stinson, Chapman & Hall/CRC Network Security: Private

711 views • 56 slides
15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline

15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline

15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline Introduction: terminology, cryptanalysis, security Private-Key Algorithms: Rijndael, DES Number Theory Groups Public-Key Algorithms: RSA, ElGamal,

525 views • 26 slides
1 Terminology Security services: Authentication, confidentiality, integrity,

1 Terminology Security services: Authentication, confidentiality, integrity,

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security: Private Communication in a Public World [Chap. 2-8] Charles Kaufman, Mike Speciner, Radia

454 views • 20 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used Describe the components of

569 views • 7 slides
Fundamentals of Computer Security Spring 2015 Radu Sion Key Exchange Public Key Cryptography

Fundamentals of Computer Security Spring 2015 Radu Sion Key Exchange Public Key Cryptography

Fundamentals of Computer Security Spring 2015 Radu Sion Key Exchange Public Key Cryptography Public Key Cryptography Computer Security Fundamentals Fundamentals RSA February 10, 2015 2 Key Exchange Computer Security Fundamentals

1.06k views • 23 slides
Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric cryptography CS 239 Asymmetric cryptography Computer Security January 26, 2005 Lecture 5 Lecture 5 Page 1 Page 2 CS 239, Winter 2005 CS 239,

321 views • 13 slides
Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric cryptography CS 239 Asymmetric cryptography Computer Security February 5, 2003 Lecture 7 Lecture 7 Page 1 Page 2 CS 239, Winter 2003 CS 239,

263 views • 11 slides
C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie

C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie

1 C) Public Key Cryptography C.a) Fundamentals C.b) RSA with Applications C.c) DSA and Diffie Hellman W. Schindler: Cryptography, B-IT, winter 2006 / 2007 2 C.a) Fundamentals 3 C.1 Introducing Remark Public key cryptosystems are widely

621 views • 47 slides
1 Cryptography basics Secret-key encryption Algorithms (E, D) are widely known Also

1 Cryptography basics Secret-key encryption Algorithms (E, D) are widely known Also

Security The security environment Basics of cryptography User authentication Chapter 9: Security Attacks from inside the system Attacks from outside the system Protection mechanisms Trusted systems CS 1550, cs.pitt.edu

538 views • 11 slides
APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION

APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION

APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION ALGORITHMS An algorithm must be seen to be believed. Donald E. Knuth THIS TALK IS NOT ABOUT ALGORITHMS, ONLY SECURITY the state of being

1.03k views • 74 slides
1 2 Security Authentication Principles 3 4 Hypertext Transfer Cryptography Protocol Secure

1 2 Security Authentication Principles 3 4 Hypertext Transfer Cryptography Protocol Secure

Chapter 18 1 2 Security Authentication Principles 3 4 Hypertext Transfer Cryptography Protocol Secure (HTTPS) 5 6 Security Best Common Practices Threat Vectors 7 Summary Fundamentals of Web Development - 2 nd Ed. Randy Connolly

603 views • 14 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 6 Firewalls & VPNs Topics Firewall Fundamentals Case study: Linux iptables

778 views • 46 slides
iCSC 2011 Lecture 1 3-4 March 2011, CERN Computer Security Theme Understanding Cryptography

iCSC 2011 Lecture 1 3-4 March 2011, CERN Computer Security Theme Understanding Cryptography

Understanding Cryptography Outline Understanding Cryptography: From Caesar to RSA 1 Basic Substitution & Attacks Nicola Chiapolini 2 More Complex Methods 3 Something Completely Different? UZH 4 Two Modern Algorithms Inverted CERN School of

363 views • 10 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 7 Intrusion Detection Topics Fundamentals Network IDS Snort Host-based IDS

1.03k views • 72 slides
Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and

Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and

CSS441 Introduction Functions Auth. with Encryption Message Authentication Codes Auth. with MAC Security Algorithms CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by

673 views • 21 slides
Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is

Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is

Cryptography Basics Network Security Instructor: Haojin Zhu 1 Cryptography What is cryptography? Related fields: Cryptography ("secret writing"): Making secret messages Turning plaintext (an ordinary readable message)

1.2k views • 57 slides
Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security

Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security

PQCRYPTO Summer School on Post-Quantum Cryptography 2017 Stefan Klbl June 19th, 2017 DTU Compute, Technical University of Denmark Symmetric Key Cryptography Introduction to Symmetric Key Cryptography Myth Where does security fail?

758 views • 72 slides
Security of Communications What Can Cryptography Guarantee? One ever wanted to exchange

Security of Communications What Can Cryptography Guarantee? One ever wanted to exchange

Cryptography Provable Security Encryption Assumptions Security of Communications What Can Cryptography Guarantee? One ever wanted to exchange information securely Que peut nous garantir la cryptographie ? With the all-digital world, security

190 views • 4 slides
Python Cryptography & Security Jos Manuel Ortega | @jmortegac

Python Cryptography & Security Jos Manuel Ortega | @jmortegac

Python Cryptography & Security Jos Manuel Ortega | @jmortegac https://speakerdeck.com/jmortega Security Conferences INDEX 1 Introduction to cryptography 2 PyCrypto and other libraries 3 Django Security 4 OWASP & Best Practices 5

881 views • 61 slides
Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 CCA Security SIM-CCA Security (PKE) Recv Send PK/Enc SK/Dec Replay Filter Secure (and correct) if: s.t. output of is distributed

1.26k views • 101 slides
Objectives Goals of Cryptography Security Services Security Mechanisms Relationship

Objectives Goals of Cryptography Security Services Security Mechanisms Relationship

Overview on Modern Cryptography Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives Goals of Cryptography Security Services

658 views • 16 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 8 Scanning Topics Scanning fundamentals Nessus installation & examination 04/13

235 views • 21 slides
Algorithms for prerequisites Computer Games fundamentals of algorithms and data structures

Algorithms for prerequisites Computer Games fundamentals of algorithms and data structures

Course syllabus credits: 2 cu Algorithms for prerequisites Computer Games fundamentals of algorithms and data structures (see Cormen et al., Introduction to Algorithms ) knowledge in programming (e.g., with Java) Jouni Smed

406 views • 5 slides
CSE 543 - Computer Security Lecture 4 - Cryptography September 6, 2007 URL:

CSE 543 - Computer Security Lecture 4 - Cryptography September 6, 2007 URL:

CSE 543 - Computer Security Lecture 4 - Cryptography September 6, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 Hash Algorithms Hash algorithm

358 views • 22 slides

More recommend