190 likes | 324 Views
Internet Engineering Czesław Smutnicki Discrete Mathematics – Cryptography. CONTENTS. DES algorithm Triple-DES algorithm RSA algorithm MD5 algorithm CRC algorithm ssh service. SECURITY IN COMPUTER NETWORKS. Cryptography Algorithms with symmetrical keys
E N D
Internet Engineering Czesław Smutnicki Discrete Mathematics – Cryptography
CONTENTS • DES algorithm • Triple-DES algorithm • RSA algorithm • MD5 algorithm • CRC algorithm • ssh service
SECURITY IN COMPUTER NETWORKS • Cryptography • Algorithms with symmetrical keys • Algorithms with public (non-symmetrical) keys • Digital signature • Management of public keys • Security of communications • Trustworthiness protocols • Security of e-mail • Security of www • Social aspects of computer networks
CRYPTOGRAPHY • Introduction: encryption = transformation (bit-after-bit, character-after-character), coding = replacing, open text, algorithm, key, encrypted text, intruder, cryptoanalysis, cryptology • Substituting ciphers • Transposition ciphers • Once-used keys (XOR of data and key) • Quantized cryptography: phaeton, polarisation, strigth linear basis, diagonal basis, qubit, once-used key • Fundamental rules of cryptography: redundancy, timeliness
ALGORITHMSWITH SYMMETRICAL KEYS • P-box, S-box, cascade • DES • Triple DES • AES • Encryption modes: coding book, linking of coding blocks, feedback, streaming code, counting method • Other coding: IDEA, RC4, RC5, Rijndael, Serpent, Twofish • Cryptoanalysis: differential, linear
ALGORITHM WITH SYMMETRICAL KEYS P-box: 8 lines Aggregate (cascade): 12 lines S-box: 3 lines S1 S5 S9 S2 S6 S10 P3 P1 P2 P4 S3 S7 S11 S4 S8 S12 Decoder 8->3 Decoder 3->8 P-box permutation=key cascade: 64 ..256 lines, >18 stages (hardware), >8 (software), 1 stage=iteration=P+S
DES = DATA ENCRYPTION STANDARD L 32 bits (i-1) P 32 bits (i-1) open text 64 bits starting transposition iteration 1 Key 56 bits iteration 2 L(i) XOR f(P(i-1),K(i)) . . . iteration 16 transposition of 32-bit halves final transposition inverse to starting L 32 bits (i) P 32 bits (i) encrypted data 64 bits
DES cont. L 32 bits (i-1) P 32 bits (i-1) 32 bits 32 bits -> 48 bits indirect key XOR K S-box: in 8 x 6 L(i) XOR f(P(i-1),K(i)) S1 S2 S3 S4 S5 S6 S7 S8 S-box: out 8 x 4 P-box indirect key has been obtained by certain transformation of fundamental key of 56 bits. Applied is so-called whitening operation (additional random keys) L 32 bits (i) P 32 bits (i)
TRIPLE DES • 2 keys • encryption(K1)-decryption(K2)-encryption(K1)
AES= ADAVANCED ENCRYPTION STANDARD • Competition • Symmetrical key • Public project • Keys 128, 192, 256-bits • Easily implementable (hardware, software) • Free-access licence • Rijndael (86), Serpent (59), Twofish (31), RC6 (23), MARS (13)
ALGORYITHMWITH PUBLIC KEYS: RSA • Choose two prime numbers p i q • Find n=p*q and z=(p-1)*(q-1) • Find any d relatively prime with z • Find any number e such that (e*d) mod z=1 • Public key (e,n) • Private key (d,n) • Encryption of message P decryption of hiden text C
DIGITAL SIGNATURE • Receiver can verify the authentity of Sender signature • Sender cannot renege of sending the message with this contents • Receiver cannot change the obtained message contents • Signature based on symmetric keys(certification institution) • Signature based on public keys (secret key theft, changing of secret key) • Message shortcut (hashing): MD5, SHA-1,
MANAGEMENT OF PUBLIC KEYS • Certificates • Standard X.509 • Infrastructure of public keys: confidence chain, certfication track, confidence anchors, certificate cancel,
SECURITY OF COMMUNICATION • IPsec: transport mode, tunel mode, trafic analysis • Firewalls, packet filter, application gateway, DoS attack, DDoS • Private virtual networks • Security in wireless networks: WEP (RC4), Bluetooth (SAFER+)
TRUSTWORTHINESS PROTOCOLS • Trustworthiness on the base of shared secret key • Setting shared secret key: key exchange • Trustworthiness with the use of key distribution center • Trustworthiness based on Kerberos • Trustworthiness with the use of public keys
SECURITY OF E-MAIL • PGP • PEM • S/MIME
SECURITY OF WWW • Emergences • Secure names • SSL • Security of movable code
SOCIAL ASPECTS OF COMPUTER NETWORKS • Privacy protection policy • Freedom of a word • Intelectual property rigths
Thank you for your attention DISCRETE MATHEMATICS Czesław Smutnicki