1 / 28

Chap 1: Introduction to Crypto Systems

Chap 1: Introduction to Crypto Systems. Some background The plaintext message is usually represented as M or P (plaintext), the encryption result is usually represented as C (ciphertext). C usually has the same length as M or even longer E key (M) = C, D key (C) = M D key’ (E key (M)) = M

glenna-murray
Download Presentation

Chap 1: Introduction to Crypto Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chap 1: Introduction to Crypto Systems • Some background • The plaintext message is usually represented as M or P (plaintext), the encryption result is usually represented as C (ciphertext). • C usually has the same length as M or even longer • Ekey(M) = C, Dkey(C) = M • Dkey’(Ekey(M)) = M • Can you apply the encryption and decryption algorithm to some random sequence?

  2. What functionality can the encryption algorithms provide: • Confidentiality • Authentication • Integrity • Non-repudiation

  3. Introduction • Two kinds of cryptographic algorithms • Keep the method secret • Good: safe for low security requirement • Bad: user group dynamics, proof of correctness, how to communicate with outsider, reverse engineering • Make the algorithm public but keep the key secret • Now the encryption/decryption algorithms need the key as a parameter • Safety depends on the key only • Good: safety analysis can be conducted, have standard implementation (user can setup the key)

  4. Introduction (cnt’d) • Symmetric algorithms (secret key algorithm) • The encryption and decryption key can be calculated from each other easily (most of the time they are the same). • Block algorithms and stream algorithms • DES and XOR operation • Good: efficient and fast, easy to deploy • Bad: key pre-distribution, scalability, broadcast or multicast, proof to third party

  5. Introduction (cnt’d) • Public-key encryption • First appear in 1970’s • Two keys: public key and private key • Private key cannot be derived from public key • Everyone can send a packet to Alice • Only Alice has the private key to recover the packet • If Alice uses the private key to encrypt a message, can be viewed as a digital signature • Strong, scalable, easy for broadcast and multicast, but relatively slow

  6. Introduction (cnt’d) • Attack to encryption system • Cipher-text only attack • The amount of traffic matters • Known plaintext attack: try to get the key or a method to decrypt • Chosen plaintext attack: try to get the key or a method to decrypt • It is not difficult to have the 2nd or 3rd type of attack • Key point • Keep the cost to break the system higher than the gain of the information

  7. Introduction (cnt’d) • Can you always break an encryption system? • One time pad • Brute-force attack: Try every possible key • Make it impossible in practical world • How much energy required to flip a bit in the memory, and how much memory we are generating per year. Real example at NASA • How much aluminum is needed to store 1TB data, and how much aluminum do we have on the Earth.

  8. Introduction (cnt’d) • Several traditional encryption techniques • Substitution ciphers • Replace a character in the plaintext with another character • Replace a multi-char group with another multi-char group • Example: Caesar cipher • Try to figure out the length of the key • Transposition ciphers • Shuffle the order of characters • The frequency of characters does not change • XOR and one-time pad: • Many good properties of XOR • If the random bits repeat in cycle, it is dangerous • Synchronization at both side is always a problem

  9. Chap 2: Building blocks • There are hundreds of security related protocols. Fortunately, only a limited number of building blocks are involved • If secure blocks are put together in a wrong way, the final protocols may be insecure • How to organize these blocks shows the skills of the researchers

  10. Building blocks (cnt’d) • Classification of protocols • Arbitrated Protocols • Example: Buying a used car from a stranger with the help of a lawyer • Good: simple, everyone feels safe • Bad: how to find the Trusted Third Party (TTP) on the network, who will pay the cost, bottleneck at TTP, single point of failure • It is actually becoming very popular recently

  11. Building blocks (cnt’d) • Classification of protocols • “Judge” Involved Protocols • TTP get in only when disagreement arise • Similar to the difference between prevention and detection • Good: avoid the bottleneck • Bad: still need to keep the TTP, and need to keep evidence now

  12. Building blocks (cnt’d) • Classification of protocols • Self enforced protocols • If one party wants to cheat, the other party can detect and abort the procedure • Good: avoid the bottleneck • Bad: usually more complicated and more overhead. At the same time, often assume the two parties have the same level of resources.

  13. Block 1: one way functions • One way function is easy to calculate in one direction, but not the other. • Given x, easy to get f(x) • Given f(x), even f() is known, still not easy to get a x that satisfies f(x) • Think about the fingerprint of a person

  14. Trap door one way function • Given x, easy to calculate f(x) • Given f(x), difficult to get x • Given f(x) and a secret y, easy to recover x • Think about asymmetric encryption

  15. Block 1: one way hash function • Map a variable-length input string to a fixed length string: fingerprint the file • Easy to get Hash(x) when giving x • Almost impossible to find a x that satisfies Hash(x) • Almost impossible to find two files x and x’ to have the same hash value • Minor change in x, large changes in Hash(x) • Since the hash value is shorter, we have conflict: • We can easily rule out files, but cannot guarantee this is the origin file • Still good enough in courts, like DNA tests

  16. Block 1: one way hash function • Usage of hash function • Timestamp a file and prove that you are the creator (can be used to timestamp the homework) • MD5 values of the downloaded files • A commitment that cannot be easily changed • Verify the integrity of the files in a file system • Security problems: how and where to save the hash values • Use a secret key k, do not store k on the computer, use Hash(x, k) to prevent change on the computer: usually called MAC code (message authentication code)

  17. Block 2: communication using symmetric crypto algorithms • Steps: (1) Alice and Bob agree on a key k and an encryption algorithm (2) Alice calculates E_k (message) and sends the cipher text to Bob (3) Bob decrypts the message and gets the plaintext • Problems • How to determine the key: must in a secret place • How to convince other people it is from Alice instead of Bob • Number of keys increases fast, not scalable

  18. Block 3: communication using asymmetric crypto algorithms • First appeared in 1976, proposed by Diffie and Hellman • Two keys: public key and private key, it is almost impossible to get private key from public key. • A certain kind of trap door one way functions: private key is the secret • Steps: • Alice and Bob agree on a public key encryption algorithm • Bob sends his public key to Alice (3) Alice calculates E_pubB(message) and sends the cipher text to Bob (4) Bob decrypts the message with the private key and gets the plaintext

  19. Block 3: communication using asymmetric crypto algorithms • Solve the problem in symmetric crypto methods: the key can be transferred in public • More scalable, easy for multicast • New problems: • How can we make sure it is Bob’s public key • Trusted Third Party • Certificate for the public key • How to guarantee the sender’s identity • Some story about public key • NSA says it is unnecessary • But claims credit for it

  20. Hybrid crypto systems • Symmetric methods are fast, easy to implement, but require special attention during key distribution • Asymmetric methods are slow, but more secure • Careful about the forward search attack • Hybrid: • Using asymmetric method to distribute key • Using symmetric method to encrypt data

  21. Communication using hybrid crypto systems • Steps • Bob sends Alice his public key • Alice encrypts the session key with this public key and sends to Bob • Both Alice and Bob know the session key and can use it for data traffic Open question: why should B trust A’s capabilities to generate keys?

  22. Merkle’s puzzle • Make the life of an eavesdropper difficult • The receiver can randomly choose one message • The eavesdropper has to try almost all of them

  23. Block 4: Digital signature • Signature by symmetric encryption: • TTP will get involved • Who should store the encrypted messages? • How to send to a third party: through TTP again • Signature with asymmetric encryption • Using the private key for signature • If the signature is like “I owe Bob $100”, a timestamp should also be included in the signature to avoid replay attack.

  24. Never ever sign a random message or something you cannot see the plaintext

  25. Block 5: Random number • Pseudo random numbers: • Usually will repeat after a long sequence • Must long enough • Real random numbers: • Lava lamp • Earthquake strength or interval

  26. Dual encryption • Let’s assume that everyone in the network has a public-private key pair. Alice wants to send a message to Bob and convince that it is from Alice. • Two possible format: which is better??

  27. Dual encryption • Answer: • Alice should first sign the message, then use Bob’s public key to encrypt the packet • Reason 1: If Alice’s private key is the outer layer, everyone with Alice’s public key will be able to decrypt it. • Reason 2: never sign a random string that you do not know what it is (Example of RSA) • Two pair of public-private keys for everyone: one for encryption, one for digital signature

More Related