600 likes | 813 Views
UNIT-2 . PULIC –KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION. Approaches to message Authentication Secure Hash Functions and HMAC Public – Key Cryptography Principles Public – Key Cryptography Algorithms . Approaches To Message Authentication.
E N D
UNIT-2 PULIC –KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION
Approaches to message Authentication Secure Hash Functions and HMAC Public – Key Cryptography Principles Public – Key Cryptography Algorithms NETWORK SECURITY By: Homera Durani
Approaches To Message Authentication • Confidentiality – protection from passive attacks • Authentication– you are who you say you are • Integrity – received as sent, no modifications, insertions, shuffling or replays NETWORK SECURITY By: Homera Durani
Security Attacks • Message authentication helps prevents these Protection against attacks is known as message authentication. Active threats Masquerade Replay Modification of message contents Denial of service NETWORK SECURITY By: Homera Durani
What is Message Authentication • It’s the “source,” of course! • Procedure that allows communicating parties to verify that received messages are authentic • Characteristics: • source is authentic – masquerading • contents unaltered – messagemodification • timely sequencing – replay NETWORK SECURITY By: Homera Durani
Use of Conventional Encryption? • Only sender and receiver share a key • Include a time stamp • Include error detection code and sequence number NETWORK SECURITY By: Homera Durani
Message Authentication without Confidentiality • Application that broadcasts a message – only one destination needs to monitor for authentication • Too heavy a load to decrypt – random authentication checking, messages are chosen at random for checking. • Computer executables and files – checked when assurance required. NETWORK SECURITY By: Homera Durani
Life Without Authentication NETWORK SECURITY By: Homera Durani
Message Authentication Code • Message Authentication Code (MAC) – use a secret key to generate a small block of data that is appended to the message • Assume: A and B share a common secret key KAB • MACM = F(KAB,M) NETWORK SECURITY By: Homera Durani
Receiver assured that message is not altered – no modification • Receiver assured that the message is from the alleged sender – no masquerading • Include a sequence number, assured proper sequence – no replay NETWORK SECURITY By: Homera Durani
DES is used • Need not be reversible • Checksum • Stands up to attack • But there is an alternative... NETWORK SECURITY By: Homera Durani
One Way Hash Function • Hash function accepts a variable size message M as input and produces a fixed-size message digest H(M) as output • No secret key as input • Message digest is sent with the message for authentication • Produces a fingerprint of the message NETWORK SECURITY By: Homera Durani
Message digest H(M) Shared key Authenticity is assured NETWORK SECURITY By: Homera Durani
Digital signature No key distribution Less computation since message does not have to be encrypted NETWORK SECURITY By: Homera Durani
Encryption software is slow • Encryption hardware costs aren’t cheap • Hardware optimized toward large data sizes • Algorithms covered by patents • Algorithms subject to exportcontrol • Thus ONE AVOID ENCRYPTION NETWORK SECURITY By: Homera Durani
Assumes secret value SAB MDM||M MDM = H(SAB||M) No encryption for message authenticationSecret value never sent; can’t modify the message Important technique for Digital Signatures NETWORK SECURITY By: Homera Durani
SECURE HASH FUNCTIONS AND HMAC NETWORK SECURITY By: Homera Durani
HASH Function Requirements • The purpose of a hash function is to produce a “fingerprint” of a file, message, or other block of data, a hash function H must have the following properties: • H can be applied to a block of data at any size • H produces a fixed length output • H(x) is easy to compute for any given x. • For any given block x, it is computationally infeasible to find x such that H(x) = h • For any given block x, it is computationally infeasible to find with H(y) = H(x). • It is computationally infeasible to find any pair (x, y) such that H(x) = H(y) NETWORK SECURITY By: Homera Durani
Simple Hash Functions NETWORK SECURITY By: Homera Durani
One of the simplest hash functions is the bit – by – bit exclusive OR(XOR) of every block which can be expressed as follows: • Ci= bi1 ⊕ bi2 ⊕ … ⊕bim. • Where • Ci= ith bit of the hash code , 1<= i<= n • M = number of n- bit blocks in the input. • Bij = ith bit in jth block • ⊕ = XOR operation NETWORK SECURITY By: Homera Durani
A simple way to improve is to perform a one- bit circular shift, or rotation on the hash value after each block is processed. The procedure can be summarized as follows : • 1. Initially set the n- bit hash value to zero. • 2. Process each successive n – bit block of the data as follows: a. Rotate the current hash value to the left by one bit. b. XOR the block into the hash value. NETWORK SECURITY By: Homera Durani
SHA -1 Secure Hash Function NETWORK SECURITY By: Homera Durani
SHA (Secure Hash Algorithm ) was developed by the National Institute of Standards and Technology (NIST) and published as a federal information processing standard (FIPS 180) in 1993. • SHA -1 produces a hash value of 160 bits. In 2002 , NIST produced a new version of the standard, FIPS 180-2 , defined three new version of SHA with hash value lengths of 256, 384 , and 512 bits. • Which were known as SHA-256, SHA-384, SHA -512. NETWORK SECURITY By: Homera Durani
Comparison of SHA Parameters. NETWORK SECURITY By: Homera Durani
append length append padding bits • Message Digest Generation Using SHA - 512 output compression function NETWORK SECURITY By: Homera Durani
Input is processed in 512-bit blocks • Produces as output a 160-bit message digest • Every bit of the hash code is a function of every bit of the input NETWORK SECURITY By: Homera Durani
Other Secure Hash Function • Most follow basic structure of SHA-1 • This is also called an iterated hash function – Ralph Merkle 1979 • If the compression function is collision resistant, then so is the resultant iterated hash function NETWORK SECURITY By: Homera Durani
Other Secure Hash Function • MD5 • Whirlpool NETWORK SECURITY By: Homera Durani
MD5 • Message Digest Algorithm (MD5) was developed by Ron Rivest. • Ron Rivest - 1992 • RFC 1321 • Input: arbitrary Output: 128-bit digest • Most widely used secure hash algorithm – until recently • Security of 128-bit hash code has become questionable (1996, 2004) NETWORK SECURITY By: Homera Durani
Whirlpool • Developed by Vincent Rijmen who is co –inventor of Rijndael. • Whirlpool is one of the two hash Function endorsed by NESSIE (New European Schemes for Signatures, Integrity, and Encryption ). • Whirlpool is based on the use of a block cipher for the compression function. • It is based on AES. • Algorithm takes input less than 2256 bit Output a 512 – bit . NETWORK SECURITY By: Homera Durani
HMAC • Effort to develop a MAC derived from a cryptographic hash code • Executes faster in software • No export restrictions • Relies on a secret key • RFC 2104 list design objectives • Used in Ipsec • Simultaneously verify integrity and authenticity NETWORK SECURITY By: Homera Durani
Motivations: • Cryptographic hash functions executes faster in software than encryptoin algorithms such as DES • Library code for cryptographic hash functions is widely available • No export restrictions from the US • HMAC has been issued as RFC 2104 and has been chosen as the mandatory – to – implement MAC for IP security , and used in other Internet Protocols such as TLS(Transport Layer Security ) to replace SSL(Secure Sockets Layer) and SET(Secure Electronic Transaction). NETWORK SECURITY By: Homera Durani
Objectives • To use, without modifications , available in Hash Functions • Easy Replace ability. • Preserve original performance. • Use and handle keys in a simple way. NETWORK SECURITY By: Homera Durani
Message, M secret key output NETWORK SECURITY By: Homera Durani
Public – Key Cryptography principles NETWORK SECURITY By: Homera Durani
Public – key Encryption Structure • The use of two keys has consequences in: key distribution, confidentiality and authentication. • The scheme has six ingredients • Plaintext • Encryption algorithm • Public and private key • Ciphertext • Decryption algorithm NETWORK SECURITY By: Homera Durani
Plaintext : Readable message. • Encryption Algorithm : performs various transformation on the plaintext. • Public and Private key : one is used for encryption and other is used for decryption. • Cipher text : scrambled message (output). • Decryption algorithm : accepts cipher text and match key and produce original plaintext. NETWORK SECURITY By: Homera Durani
Encryption using Public-Key system NETWORK SECURITY By: Homera Durani
Authentication usingPublic-Key System NETWORK SECURITY By: Homera Durani
Applications for Public-Key Cryptosystems • Three categories: • Encryption/decryption: The sender encrypts a message with the recipient’s public key. • Digital signature: The sender ”signs” a message with its private key. • Key exchange: Two sides cooperate two exhange a session key. NETWORK SECURITY By: Homera Durani
Requirements For Public Key • Easy for party B to generate pairs: public keyKUb ; private keyKRb • Easy for sender A to generate cipertextusing public key:C = EKUb(M) • Easy for receiver B to decrypt using the private key to recover original messageM = DKRb(C) = DKRb[EKUb(M)] HINT: PUBLIC PRIVATE NETWORK SECURITY By: Homera Durani
It is computationally infeasible for an opponent, knowing the public key KUbto determine the private keyKRb • It is computationally infeasible for an opponent, knowing the public key KUband a ciphertext, C, to recover the original message, M • Either of the two related keys can be used for encryption, with the other used for decryptionM = DKRb[EKUb(M)]= DKUb[EKRb(M)] NETWORK SECURITY By: Homera Durani
Public – key Cryptography Algorithms NETWORK SECURITY By: Homera Durani
Public-Key Cryptographic Algorithms • RSA and Diffie-Hellman • RSA - Ron Rivest in 1977, Adi Shamir and Len Adleman at MIT, and published in 1978. • RSA is a block cipher • The most widely implemented • Diffie-Hellman • Echange a secret key securely • Compute discrete logarithms NETWORK SECURITY By: Homera Durani
RSA Algorithm • Most widely accepted and implemented approach to public key encryption • Block cipher where M and C are integers between 0 and n-1 for some n • Following form: C = Memod n M = Cdmod n = (Me)dmod n = Medmod n NETWORK SECURITY By: Homera Durani
Sender and receiver know the values of n and e, but only the receiver knows the value of d • Public key: KU = {e,n} • Private key: KR = {d,n} NETWORK SECURITY By: Homera Durani
RSA Requirements • It is possible to find values of e, d, n such that Med = M mod n for all M<n • It is relatively easy to calculate Me and C for all values of M<n • It is infeasible to determine d given e and n Here is the magic! NETWORK SECURITY By: Homera Durani