1 / 18

Today’s topics

Learn about RSA security and the principles of cryptography, algorithms, and keys. Understand the importance of information security and the different levels of encryption. Discover the workings of RSA, the most widely used public-key cryptosystem. Explore the concept of digital signatures for secure communication.

lambrose
Download Presentation

Today’s topics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Today’s topics • Security • Demo from RSA Security (www.rsa.com) • Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University • For further reference “Applied Cryptography” by Bruce Schneier • Upcoming • Complexity • Reading • Sections 4.6 and 11 in Brookshear. • Chapters 11,13 in Great Ideas.

  2. Security • Computer Security is the prevention of, or protection against: • Access to information by unauthorized recipients • Intentional but unauthorized destruction or alteration of that information. • Authentication: verifying the identity of a person or system • Username and Password • What is an example of a good password? • Change your password often. A particular implementation of this idea is ONE-TIME PASSWORDS. • Physical security of the system is also important.

  3. Cryptography Cryptography: science of creating secret codes. Cryptanalysis : science of code breaking Cryptology: science of secret communication. Goal: Information Security in presence of malicious adversaries. • Confidentiality… • Integrity… • Authentication… • Authorization… • Non-repudiation… RSA PRESENTATION

  4. Algorithms & Keys Restricted Algorithm • If the security depends on keeping the working of the algorithm secret. • Can’t support a large or changing group of users…Why? • No quality control. Modern cryptology solves this with a KEY (K). • Key might be any of a large number of values. • Range of possible values called a keyspace. • Now security depends on the security of the Key. • The algorithms for encrypting and decrypting can be mass produced and optimized.

  5. Algorithms & Keys Two general types of Key based algorithms • Symmetric Algorithms • Symmetric => same key for encryption and decryption • Also called Private key algorithms. • Public-Key Algorithms • Different encryption and decryption keys.

  6. Attacks! • Ciphertext-only Attack.. • Known-plaintext Attack.. • Chosen-plaintext Attack.. • Chosen-ciphertext Attack.. • Rubber-hose cryptanalysis..

  7. Security levels ? • Total Break! • Cryptanalyst find the key. • Global Deduction. • Cryptanalyst finds alternate algorithm equivalent to the decrypting (or encrypting) algorithm without the key. • Local Deduction. • Cryptanalyst finds plaintext of a particular intercepted ciphertext. • Information Deduction • Cryptanalyst gains some incomplete knowledge about the key or plaintext. • Unconditionally Secure. • Not breakable by even brute-force attack..EVER.. • Computationally secure. • Can’t be broken given the current available resourses.

  8. Private Key Encryption Assume message is encoded as binary string. ASCI

  9. Public Key Encryption

  10. Public Key Encryption Bob has N-Bit message to send to Alice. • Alice has public and secret key. • PUBLIC key = published on Web in digital phonebook (VERISIGN). • PRIVATE key = known only by Alice. • Bob encrypts message using Alice’s public key. • Alice decrypts message using her private key. To achieve security, need following properties: • Can encrypt message efficiently with public key. • Can decrypt message efficiently with private key. • CANNOT decrypt message efficiently with public key alone.

  11. Factoring! Factoring of large numbers is HARD. • This is the underlying assumption in RSA and many other public key algorithms. Is it hard?... • Review the process for factoring a number. • The one we follow is Brute-force approach! • Will be extremely hard even for a computer if the number is (say) 200 digits or more.

  12. RSA Public-Key Cryptosystem RSA cryptosystem (Rivest-Shamir-Adleman,1978). • Most widely used public-key cryptosystem (500 million users). • Sun, Microsoft, Apple, browsers, cell phones, ATM machines,… Key generations. • Select two large prime numbers p and q at random. • Compute n= pq, andf = (p-1)(q-1). • Choose integer e such that it is relatively prime to f. • Compute d such that d e = e d = 1 (mod f). • Publish (e , n) as Public key. • Keep (d, n ) as Secret key. Note: Don’t even need to store p, q, or f. • f only needed to compute d. • Saving p, q speeds up decryption (Chinese Remainder Theorem).

  13. RSA Details How large should n = p q be? • 1,024 bits for long term security. • IE, Netscape: 40, 56 , 128 bit. • Too small => easy to break. • Too large => time consuming to encrypt/decrypt. Number Theory => n / logen prime numbers between 2 and n. How to compute d efficiently ? • Existence guaranteed since gcd(e,f) = 1. • Fancy version of Euclid’s algorithm.

  14. RSA Attacks Factoring. • Factor n = pq. • Then compute f. • Then compute e. Timing attacks. • Reconstruct d by sending C and monitoring how long it takes to compute Cd(mod n). Other means? • Long-standing open research question.

  15. Digital Signature Alice sends Bob a response. • Bob wants to be really sure Alice really sent it, and not some imposter.

  16. RSA Digital Signature Alice wants to send Bob a response S. • Alice uses private key d and computes: S’= Sd (mod n). • Alice sends ( S, S’). Bob receives digital signed response ( S, S’) . • Bob uses Alice’s public key e and checks if S = (S’)e (mod n ). • If yes, then Bob concludes S sent by Alice. • If no, then Bob concludes S or S’ corrupted in transmission, or message is forgery. Third party. • Bob verifies Alice’s signature on digitally signed message (e.g. electronic check). • Bob forwards digitally signed message to bank. • Bank re-verifies Alice’s signature.

  17. RSA Applications Secure Internet Communication. • Browsers. • S/MIME, SSL, S/WAN. • PGP. • Microsoft Outlook. Operating Systems. • Sun, Microsoft, Apple, Novel. Hardware. • Cell phones. • ATM machines. • Wireless Ethernet cards. • Smart cards. • Palm Pilots.

  18. Bad Cryptology. Good introductory explanation & details on Gregory Kesden’s site (CMU) http://www-2.cs.cmu.edu/~dst/DeCSS/Kesden/ Content Scrambling System (CSS). • Use to encrypt DVD’s. • Each disc has 3 40-bit keys. • Each DVD decoder (software/hardware) has unique 40-bit key. • “Not possible” to play back on computer without disc. DeCSS. (Canman and SoupaFrog, 1999). • Decryption algorithm written by two Norwegians. • Used “in-circuit emulator” to monitor hardware activity. Why CSS is fatally flawed. (Policy and Legal issues..)

More Related