260 likes | 525 Views
Cryptography in .Net. CS 795. Goals. Confidentiality---no one else can intercept a message as it passes from A to B---Encryption is the answer Integrity---message is not tampered as it passes from A to B --- Hashing is the answer
E N D
Cryptography in .Net CS 795
Goals • Confidentiality---no one else can intercept a message as it passes from A to B---Encryption is the answer • Integrity---message is not tampered as it passes from A to B --- Hashing is the answer • Authentication---B wants to be sure to be sure it is A who has sent the message---digital signature is the answer • Cryptography is key management
Hashing Algorithms • Create a message digest or hash code for a given message • Hashing algorithms break a message into fixed blocks (512 or 1024 bits) • Given a seed value and the 1st block, it produces a hash code. This hash code and the next block are fed again, that produce a new hash code. This continues until the last data block. The final hash code is the message digest.
Programming Hashing Algorithms • Managed (e.g., SHA1Managed) and unmanaged (e.g., SHA1CryptoServiceProvider) • System.Security.Cryptography.HashAlgorithm class: Methods: Create, ComputeHash, Initialize, Clear, TransformBlock, SHA1Managed hash_alg = new SHA1Managed(); Or hashAlgorithm hash_alg = HashAlgorithm.Create(“SHA1”); byte[ ] hash_code = hash_alg.ComputeHash(message_data); To validate hash code, generate a new hash code and compare byte-by-byte.
Keyed Hashing Algorithms (MAC) • These mix a secret key with the message data blocks when creating a hash code. • HMAC is one standard to combine secret key and message data (e.g., HMAC-SHA-1)---here the key is used as the 1st data block • HMAC-SHA-1 and MAC-Triple-DES KeyedHashAlgorithm hash_alg = KeyedHahAlgorithm.Create(“HMACSHA1”); Hash_alg.Key = key_bytes; byte [ ] hash_code = hasg_alg.ComputeHash(message_data);
Symmetric Encryption • Both parties agree on a secret key • Sender encrypts the message using secret key and sends the encrypted data • Receiver decrypts the received data using the secret key • To create encrypted data: (i) Data is treated as a number of fixed-size blocks • (ii) The fixed-size blocks are converted to encrypted blocks
Programming Symmetric Encryption • System.Security.SymmetricAlgorithm • Managed (DES, TripleDES, RC2, Rijndeal) and unmanaged (DESCryptoServiceProvider, TripleDESCryptoServiceProvider…) • Methods: Create, CreateEncryptor, CreateDecryptor, GenerateIV, ValidKeySize • Padding mode: PKCS7 (value of the padding byte is the numbe rof padded bytes); Zeros (0’s are padded) • Cipher Modes: ECB, CBC, CFB, CTS, OFB • KeySizes structure: MinSize, SkipSize, MaxSize of the range of key sizes • IV: Initialization vector; .Net Framework has some default value for it; but it can be changed • Secret key: Same as in the case of IV
Configuring the Symmetric Encryption Algorithms SymmetricAlgorithm algx = SymmetricAlgorithm.Create(“Rijndael”); //This assigns default values to the parameters; but they may be changed as follows algx.BlockSize = 192; algx.KeySize = 128; KeySizes[ ] x_size_ranges = algx.LegalKeySizes; Console.WriteLine(x_size_ranges[0].MinSize); algx.Padding = PaddingMode.Zeros; algx.Mode = CipherMode.ECB; byte[ ] x_secretkey = algx.Key; // Get the secret key value assigned algx.Key = new byte[ ] {0x64, …..}; algx.IV = new bytes[ ] {…};
Symmetric Encryption (Cont.) • Encrypting and Decrypting is done by ICryptoTransform interface SymmetricAlgorithm algx = SymmetricAlgorithm.Create(“Rijndael”); ICryptoTransform encryptorx = algx.CreateEncryptor(); ICryptoTransform decryptorx = algx.CreateDecryptor(); See pages 356-358 have an example
Asymmetric Encryption • Public-key encryption • A has a public-secret (or private) key pair • B has a public-secret (or private) key pair • A encrypts a message using B’s public key and sends it to B • B uses corresponding secret key to decrypt it • Main limitation: Very slow relative to symmetric encryption
Creating Asymmetric Keys • RSA (Rivest, Shamir, Adleman, 1977) • Algorithm: • Choose two large random #s, p and q, of equal length and multiply them together to create n, the RSA key modulus: n=p*q; If p=23, q=31, n=713 • Randomly choose e, the public exponent so that e and (p-1)(q-1) are relatively prime (i.e., share no common factors except 1). In the above, (p-1)(q-1)=660; choose e=19 • Find d such that d*e = 1 mod (p-1)(q-1) 19d= 1 mod 660; So 19d=661, 1321, 1981, 2641, .. Here, d=2641/19=139 4. Public key consists of e and n. Private key is d. Discard p and q, but do not reveal their values. Why is RSA algorithm secure? Because it is hard to find the factors of a large number. Here, we are given n. So we have to find factors p and q so that n=p*q
Encryption (with asymmetric keys) • Break the plaintext into small blocks of data • Encrypt each plaintext block using the public key and the encryption function • Concatenate the encrypted blocks • Length of block = trunc[(length of n in the public key -1)/8] • RSA Algorithm • Example: Encryption: If m= 25, (n=713,e=19) as the public key, c=(me)mod n = (2519)mod 713 = 156 Decryption: c=156, use private key (n=713, d=139), compute m = cd (mod n) = 156139 mod 713 =
How secure is Asymmetric Encryption? Given only the public key e and n, how many computations does it take to discover the private key d? Once we know factors p and q, it is relatively easy to calculate d, and decrypt cipher text. So the secret is in the values d,p, and q.
Programming Asymmetric Encryption • System.Security.Cryptography.AsymmetricAlgorithm • System.Security.Cryptography.RSA • System.Security.Cryptography.RSACryptoServiceProvider
Digital Signatures • Purpose: For receiver to verify the sender (or author) • Use asymmetric keys • Sender signs the message; receiver verifies it A generates a digital signature on a message using its private key; B receives the message and the signature; B uses A’s public key to verify the and that the content has not been changed Due to the slow performance of the asymmetric algorithms, A first creates a cryptographic hash code of the message and then applies the signature algorithm on the hash code. Joint signatures on a document
RSA Algorithm for DS Digital signing Sender A does the following:- • Creates a message digest (hash code) of the information to be sent. • Represents this digest as an integer m between 0 and n-1. • Uses her private key (n, d) to compute the signature s = m^d mod n. • Sends this signature s to the recipient, B. Signature verification Recipient B does the following:- • Uses sender A's public key (n, e) to compute integer v = s^e mod n. • Extracts the message digest from this integer. • Independently computes the message digest (hash code) of the information that has been signed. • If both message digests are identical, the signature is valid.
DS and Encryption/Decryption • Decryption and signing are identical as far as the mathematics is concerned as both use the private key. • Similarly, encryption and verification both use the same mathematical operation with the public key. • That is, mathematically, m = (m^e mod n)^d mod n = (m^d mod n)^e mod n, m < n • However, note these important differences in implementation:- • The signature is derived from a message digest of the original information. The recipient will need to follow exactly the same process to derive the message digest, using an identical set of data. • The recommended methods for deriving the representative integers are different for encryption and signing (encryption involves random padding, but signing uses the same padding each time).
DS Algorithms in .Net • RSA algorithm (used for encryption and digital signatures) • DSA or Digital Signature Algorithm (only digital signature, not encryption) • Hashing algorithms to be used prior to digital signature generation: • MD5, SHA-1, SHA-256 (minimum key length 256 bit ), SHA-384, SHA-512 • http://en.wikipedia.org/wiki/SHA_hash_functions
XML Signatures • .Net supports XML signatures specification or XMLDSIG for XML documents <book> <title> Programming .Net Security </title> <author>Adam Freeman </author> <year>2004</year> </book> • Create a URL reference for the document (page 414, O’Reilly) • Create a new instance of the SignedXML class and the URL reference; • Create a new asymmetric signing algorithm instance and assign it to the reference object created along with all other parameters (signing key, etc.) • Call ComputeSignature on the reference object. • Use GetXml().OuterXml to get the signature. Follow similar procedure for verification of the signature.
Performance of web services security • Performance Comparison: Security Design Choices