290 likes | 526 Views
Cryptography Basics ( ch 2). IT443 – Network Security Administration Instructor: Bo Sheng. Outline. Basic concepts in cryptography system Secret key cryptography Public key cryptography Hash functions. Encryption/Decryption. Plaintext: a message in its original form
E N D
Cryptography Basics (ch 2) IT443 – Network Security Administration Instructor: Bo Sheng
Outline • Basic concepts in cryptography system • Secret key cryptography • Public key cryptography • Hash functions
Encryption/Decryption • Plaintext: a message in its original form • Ciphertext: a message in the transformed, unrecognized form • Encryption: the process that transforms a plaintext into a ciphertext • Decryption: the process that transforms a ciphertext to the corresponding plaintext • Key: the value used to control encryption/decryption. plaintext ciphertext plaintext encryption decryption key key
Cryptanalysis • “code breaking”, “attacking the cipher” • Difficulty depends on • sophistication of the cipher • amount of information available to the code breaker • Any cipher can be broken by exhaustive trials, but rarely practical
plaintextalphabet ciphertextalphabet Caesar Cipher • Replace each letter with the one 3 letters later in the alphabet • ex.: plaintext CAT ciphertext FDW Trivial to break
plaintextalphabet ciphertextalphabet Mono-Alphabetic Ciphers • Generalized substitution cipher: an arbitrary (but fixed) mapping of one letter to another • 26! (4.0*1026 288) possibilities
Attacking Mono-Alphabetic Ciphers • Broken by statistical analysis of letter, word, and phrase frequencies of the language • Frequency of single letters in English language, taken from a large corpus of text:
Ciphertext Only Attacks • Ex.: attacker can intercept encrypted communications, nothing else • Breaking the cipher: analyze patterns in the ciphertext • provides clues about the encryption method/key
Known Plaintext Attacks • Ex.: attacker intercepts encrypted text, but also has access to some of the corresponding plaintext (definite advantage) • Makes some codes (e.g., mono-alphabetic ciphers) very easy to break
Chosen Plaintext Attacks • Ex.: attacker can choose any plaintext desired, and intercept the corresponding ciphertext • Allows targeted code breaking (choose exactly the messages that will reveal the most about the cipher)
The “Weakest Link” in Security • Cryptography is rarely the weakest link • Weaker links • Implementation of cipher • Distribution or protection of keys • … …
Secret Keys vs Secret Algorithms • Security by obscurity • We can achieve better security if we keep the algorithms secret • Hard to keep secret if used widely • Reverse engineering, social engineering • Publish the algorithms • Security of the algorithms depends on the secrecy of the keys • Less unknown vulnerability if all the smart (good) people in the world are examine the algorithms
Outline • Basic concepts in cryptography system • Secret key cryptography • Public key cryptography • Hash functions
Secret Key Cryptography • Same key is used for encryption and decryption • Also known as • Symmetric cryptography • Conventional cryptography plaintext ciphertext plaintext encryption decryption key Same key key
Secret Key Cryptography • Stream cipher • Block cipher • Converts one input plaintext block of fixed size k bits to an output ciphertext block of k bits • DES, IDEA, AES, … • AES • Selected from an open competition, organized by NSA • Joan Daemen and Vincent Rijmen (Belgium) • Block size=128 bits, Key Size= 128/192/256 bits
Key Size • Keys should be selected from a large potential set, to prevent brute force attacks • Secret key sizes • 40 bits were considered adequate in 70’s • 56 bits used by DES were adequate in the 80’s • 128 bits are adequate for now • If computers increase in power by 40% per year, need roughly 5 more key bits per decade to stay “sufficiently” hard to break
Public Key Cryptography • A public/private key pair is used • Public key can be publicly known • Private key is kept secret by the owner of the key • Much slower than secret key cryptography • Also known as asymmetric cryptography • Another mode: digital signature plaintext ciphertext plaintext encryption decryption Public key Private key
Public Key Cryptography • Digital signature • Only the party with the private key can create a digital signature. • The digital signature is verifiable by anyone who knows the public key. • The signer cannot deny that he/she has done so. plaintext ciphertext plaintext Sign Verify Private key Public key
Public Key Cryptography • It must be computationally • easy to generate a public / private key pair • hard to determine the private key, given the public key • It must be computationally • easy to encrypt using the public key • easy to decrypt using the private key • hard to recover the plaintext message from just the ciphertext and the public key
Symmetric vs Asymmetric • Symmetric algorithms are much faster • In the order of a 1000 times faster • Symmetric algorithms require a shared secret • Impractical if the communicating entities don’t have another secure channel • Both algorithms are combined to provide practical and efficient secure communication • E.g., establish a secret session key using asymmetric crypto and use symmetric crypto for encrypting the traffic
Lab 1 • Sample codes for Q2.c • eecs.mit.edu’s IP is 18.62.1.6 • Assume their subnetwork use 28-bit prefix 18. 62. 1. 00000110 • Scan 18.62.1.0 ~ 18.62.1.15 • dig -x 18.62.1.0 +short • /home/shengbo/it443/scanip.sh • /home/shengbo/it443/scanip.pl
Outline • Basic concepts in cryptography system • Secret key cryptography • Public key cryptography • Hash functions
Hash Function • Also known as • Message digest • One-way transformation • One-way function • Hash • Length of H(m) much shorter than length of m • Usually fixed lengths: 128 or 160 bits A fixed-length short message Message of arbitrary length Hash
Properties of Hash • Consider a hash function H • Performance: Easy to compute H(m) • One-way property: Given H(m) but not m, it’s computationally infeasible to find m • Weak collision resistance (free): Given H(m), it’s computationally infeasible to find m’ such that H(m’) = H(m). • Strong collision resistance (free): Computationally infeasible to find m1, m2 such that H(m1) = H(m2)
Hash Applications • File / Message integrity • Check if a downloaded file is corrupted • Detect if a file has been changed by someone after it was stored • Compute a hash H(F) of file F • openssldgst -md5 filename
Hash Applications • Password verification • Password cannot be stored in plaintext • In a hashed format • Linux: /etc/passwd, /etc/shadow • cat /etc/shadow
Hash Applications • User authentication • Alice wants to authenticate herself to Bob • Assuming they already share a secret key K Alice Bob “I’m Alice” R computesY=H(R|K) Y verifies thatY=H(R|K) time
Modern Hash Functions • MD5 (128 bits) • Previous versions (i.e., MD2, MD4) have weaknesses. • Broken; collisions published in August 2004 • Too weak to be used for serious applications • SHA (Secure Hash Algorithm) • Weaknesses were found • SHA-1 (160 bits) • Broken, but not yet cracked • Collisions in 269 hash operations, much less than the brute-force attack of 280 operations • Results were circulated in February 2005, and published in CRYPTO ’05 in August 2005 • SHA-256, SHA-384, …
Birthday Attack • What is the smallest group size k such that • The probability that at least two people in the group have the same birthday is greater than 0.5? • 23 • Implication for hash function H of length m • With probability at least 0.5 • If we hash about 2m/2 random inputs, • Two messages will have the same hash image • m=64, 1ns per hash • Brute force (264): 1013 seconds over 300 thousand years • Birthday attack (232): 4 seconds