08.10.2015 s kondakci 1 süleyman kondakcı 08.10.2015 s kondakci 2 brief intro main objectives of...
TRANSCRIPT
21.04.23S Kondakci 1
Süleyman Kondakcı
21.04.23S Kondakci 2
Brief IntroBrief Intro Main objectives of information security Basic functions of cryptology Basic cryptographic systems Symmetric crypography Simple (XOR) encryption Asymmetric crypography and its
application to authentication Confidentiality with asymmetric
crypography Secure message exchange Digital Signature Othe important issues
3
The TrThe Triad iad of of Security Security ObjectObjectivesives
Integrity
Confidentiality
Avalaibility
4
Attacks, MechanismsAttacks, Mechanisms, and, and ServicesServices
Security Attack: Any action that compromises the security of information.
Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.
Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
5
Security AttacksSecurity Attacks
Interruption: This is an attack on availability
Interception: This is an attack on confidentiality
Modification: This is an attack on integrity
Fabrication: This is an attack on authenticity
6
Security ServicesSecurity Services
Confidentiality (privacy)
Authentication (who created or sent the data)
Integrity (has not been altered)
Non-repudiation (the order is final)
Access control (prevent misuse of resources)
Availability (permanence, non-erasure)
Denial of Service Attacks
Virus that deletes files
7
21.04.23S Kondakci 8
Main Objectives Main Objectives Exapanded(1)Exapanded(1)
1) Confidentiality (Gizlilik)Protecting data from unauthorized disclosure
2) Authentication (Kimlik Doğrulama)Reliably determining the identity of the communicating parts
3) Integrity (Bütünlük sağlama)Ensure that the contents of the traffic are not altered in transmission.
4) Access Control (Erişim kontrolü)Prvent anauthorized users/devices.
5) Traffic Flow Control Trafik akış denetim ve yönetimi
21.04.23S Kondakci 9
Main Objectives Exapanded Main Objectives Exapanded (2)(2)
6) Availability (Sistem sürekliliği)Güvenlik servislerinde idame
7) Accountability (Gözetleme ve denetleme)Ağ aktivitelerinin taranması ve loglanması
8) Scalability (Ölçeklenebilirlilik)Adding new users/devices should be easy and should not require changes to existing architecture and infrastructure.
10
DefenceDefence Methods Methods
Encryption Authorization: access control file
systems, databases, and operating system controls for protecting users from violating each other’s area)
Authentication Hardware Controls (smartcard) Policies (frequent changes of
passwords) Physical Controls
21.04.23S Kondakci 11
The Basic Cipher Operator: The Basic Cipher Operator: XORXOR
0
1
1
0
Encoded Text Bit
0
0
1
1
Plaintext Bit
0
1
0
1
Key Bit
Aslo known as Vernam CAslo known as Vernam Ciipherpher
21.04.23S Kondakci 12
Plaintext 0 1 1 0 0 1 0 1Key 1 0 1 0 0 1 1 1
Ciphertext 1 1 0 0 0 0 1 0
Ciphertext 1 1 0 0 0 0 1 0Key 1 0 1 0 0 1 1 1
Plaintext 0 1 1 0 0 1 0 1
Encrypting and Decrypting with XOREncrypting and Decrypting with XOR
21.04.23S Kondakci 13
Monoalphabetic Ciphers: Monoalphabetic Ciphers: Cipher ROT13Cipher ROT13
Plaintext Ciphertext
AB...
MN...Z
NO...ZA...
M
$ tr "[a-z][A-Z]" "[n-z][a-m][N-Z][A-M]" < plain_file
21.04.23S Kondakci 14
Polyalphabetic Substitution Ciphers: Polyalphabetic Substitution Ciphers: Vigenere CipherVigenere Cipher
( ) ( ) mod(26)
( ) ( )mod(26)
C E P P k
P D C C k
P = plain text,P = plain text,
C= Cipher text,C= Cipher text,
E(P) = Encryption,E(P) = Encryption,
D(C) = Decryption.D(C) = Decryption.
21.04.23S Kondakci 15
FlexibleFlexible CaeserCaeser CipherCipher iin n CC
/** Denmonstration of a flexible shifter function * S. Kondakci/10/5/1996 */void caeser(short c,int shifts){ ifif (('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z')) { int Case = (isupper(c) == 0 ? 122 : 90); if ( shifts + c >= Case) printf("%c",(char)(c-25+shifts)); else putchar(c + shifts); } else if (c == '\n') putchar('\n\n'); else putchar(c);}
21.04.23S Kondakci 16
Rail fence technique
.hidmtbetsbue
tgnihymhtustL
Plaintext: Plaintext: “Let us bust them by the midnight”“Let us bust them by the midnight”
Ciphertext:Ciphertext:
21.04.23S Kondakci 17
Rail fence technique with key
Plaintext: Plaintext: “Let us bust them by the midnight”“Let us bust them by the midnight”
Ciphertext: Ciphertext: tedte.uthumnshtbygLtmsbiehitedte.uthumnshtbygLtmsbiehi
Write the plaintext row by row in a rectangle, and cipher the message, column by column.
.
:
253684197:
thgindim
ehtybmeht
tsubsuteLtxetnialP
yeK
21.04.23S Kondakci 18
CryptographyCryptography Cryptography is the study of mathematical techniques related to
aspects of information security such as confidentiality, data integrity, entity
authentication, and data origin authentication.
Study of cryptography consists of a number of primitives (basic tasks and algorithms) that can be combined to provide a full range of information
security services.
21.04.23S Kondakci 19
Modern CryptographyModern Cryptography 1977: Data Encryption Standard (DES)
adopted by the U.S. Federal Information Processing for encrypting unclassified information
1976: Diffie and Hellman, introduced the revolutionary concept of public-key cryptography. Security is based on the intractability of the discrete logarithm problem
1978: Rivest, Shamir, and Adleman (RSA), perhaps the most well-known scheme; security is based on the the intractability of factoring large integers.
21.04.23S Kondakci 20
Model of 2-Party Communication Model of 2-Party Communication Using Encryption Using Encryption
21.04.23S Kondakci 21
A Taxonomy of Cryptographic A Taxonomy of Cryptographic PrimitivesPrimitives
CCiipher pher TypesTypes
Stream cipher: Encrypts digital data one bit or one byte at a time.
Block cipher: A block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. Typical block sizes are 64 or 128 bits.
22
21.04.23S Kondakci 23
TerminologyTerminology CryptographyCryptography terminologies :
Encryption/Encipherment Decryption/Decipherment Cryptographic Algorithm/cipher Encryption Key/Decryption KeyBelow a symmetric key scheme using a shared single key for
secure data exchange.
D_keyE_key
Plaintext M
Plaintext M
Plaintext M
Plaintext M
Encryption
Encryption
Decryption
Decryption
C = Ciphertext = E_key(M)C = Ciphertext = E_key(M)
C
M = Plaintext = D_key(C)M = Plaintext = D_key(C)
21.04.23S Kondakci
24
Basic Encryption Basic Encryption TEchniquesTEchniques
Symmetric algorithm Asymmetric algorithm
4/22
Secret key ciphering Public key ciphering
21.04.23S Kondakci 25
Basic Basic AlgoritAlgorithhmmss Symmetric/Shared key systems
Single key (Secret commonly shared). The single key both ciphers and
deciphers.
Asymmetric/Public key systems: Uses 2 keys:
Private key (Private to the generator) Public key (Distributed to others)
One of the keys ciphers the other deciphers
21.04.23S Kondakci 26
Symmetric EncryptionSymmetric Encryption
DES, 3DES (Data Encryption Standard) IDEA (International Data Enc. Algorithm) FEAL LOKI LUCIFER RC2 (Rives’t Code ) RC4 RC5
21.04.23S Kondakci 27
A 2-Party Communication A 2-Party Communication UsingUsing
Symmetric EncryptionSymmetric Encryption
One of the major problems in symmetric-key systems is to find an efficient method to agree upon and exchange keys
21.04.23S Kondakci 28
Symmetric EncryptionSymmetric Encryption
Plaintext M
Plaintext M
Plaintext M
Plaintext M
Same “Secret Key”Same “Secret Key”
Ciphertext C
Ciphertext C Ciphertext
C
Ciphertext C
21.04.23S Kondakci 29
Encryption—DES and 3 DESEncryption—DES and 3 DES
Widely adopted standard
Encrypts plaintext into ciphertextciphertext
DES performs 16 roundsrounds
Triple DES 168-bit 3DES includes three DES keys
Accomplished on VPN client, server, router, or firewall
21.04.23S Kondakci 30
Average time required for Average time required for exhaustiveexhaustive key search key search
Key Size (bits)
Number of Alternative Keys
Time required at 106 Decryption/µs
32 232 = 4.3 x 109 2.15 milliseconds
56 256 = 7.2 x 1016 10 hours
128 2128 = 3.4 x 1038 5.4 x 1018 years
168 2168 = 3.7 x 1050 5.9 x 1030 years
21.04.23S Kondakci 31
Costs/Times to Break DES Costs/Times to Break DES KeysKeys
BudgetBudget 40-Bit40-Bit 56-Bit56-Bit 168-Bit168-Bit3 DES3 DES
Type of Type of AttackerAttacker
IndividualIndividualHackerHacker
DedicatedDedicatedHackerHacker
Intelligence Intelligence CommunityCommunity
$400$400 38 Years38 Years Too LongToo Long
556 Days556 Days 101019 19 YearsYears
2121MinutesMinutes
101017 17 YearsYears$10M$10M 0.020.02SecondsSeconds
$10K$10K 1212MinutesMinutes
5 Hours5 Hours
21.04.23S Kondakci 32
Asymmetric AlgorithmsAsymmetric Algorithms
A pair of mathematically related keys:
A private key and a public key
Çok kullanılan açık anahtar kripto sistem:
Stanford Üniversitesi’nden Whitfield Diffie ve Martin Hellman 1976 da açık anahtar sistemi buldular.
Rivest Shamir Adleman (RSA)
21.04.23S Kondakci 33
Authentication with Authentication with Asymmetric AlgorithmsAsymmetric Algorithms
Private KeyPrivate Key
D_keyE_key
Plaintext = M
(kullanıcı Kimliği)
Plaintext = M
(kullanıcı Kimliği)
Plaintext MPlaintext MEncryption
Encryption
Decryption
Decryption
C
Public KeyPublic Key
21.04.23S Kondakci 34
Confidentiality with Confidentiality with Asymmetric AlgorithmsAsymmetric Algorithms
Public KeyPublic Key
D_keyE_key
Plaintext = M
(Message)
Plaintext = M
(Message)
Plaintext MPlaintext M
Encryption
Encryption
Decryption
Decryption
C
Private KeyPrivate Key
21.04.23S Kondakci 35
Feistel Cipher StructureFeistel Cipher Structure
Virtually all conventional block encryption algorithms, including DES have a structure first described by Horst Feistel of IBM in 1973
The realization of a Fesitel Network depends on the choice of the following parameters and design features (see next slide):
21.04.23S Kondakci 36
A simple Feistel System A simple Feistel System
21.04.23S Kondakci 37
© S. Kondakcı
21.04.23S Kondakci 38
Feistel Cipher StructureFeistel Cipher Structure Block size: larger block sizes mean greater
security Key Size: larger key size means greater
security Number of rounds: multiple rounds offer
increasing security Subkey generation algorithm: greater
complexity will lead to greater difficulty of cryptanalysis.
Fast software encryption/decryption: the speed of execution of the algorithm becomes a concern
21.04.23S Kondakci 39
Feistel Cipher DecryptionFeistel Cipher Decryption
Private-Key Cryptography
traditional private/secret/single key cryptography uses one key
shared by both sender and receiver if this key is disclosed
communications are compromised also is symmetric, parties are equal hence does not protect sender from
receiver forging a message & claiming is sent by sender
Public-Key Cryptography
probably most significant advance in the 3000 year history of cryptography
uses two keys – a public & a private keyasymmetric since parties are not equal uses clever application of number
theoretic concepts to functioncomplements rather than replaces
private key crypto
Why Public-Key Cryptography?
developed to address two key issues: key distribution – how to have secure
communications in general without having to trust a KDC with your key
digital signatures – how to verify a message comes intact from the claimed sender
public invention due to Whitfield Diffie & Martin Hellman at Stanford Uni in 1976
known earlier in classified community
Public-Key Cryptography
public-key/two-key/asymmetric cryptography involves the use of two keys:
a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures
a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures
is asymmetric because those who encrypt messages or verify signatures
cannot decrypt messages or create signatures
Public-Key Secrecy
b,C =E(PU M) a,M=D(PR C)
Public-Key Authentication
b,C =E(PR M)b,M=D(PU X)
Public-Key Authentication & Secrecy
b, a
a, b
Z=E(PU E(PR ,X))
X =D(PU D(PR ,Z))
Applications for Public-Key Cryptosystems
Three categories: Encryption/decryption: The sender
encrypts a message with the recipient’s public key.
Digital signature: The sender ”signs” a message with its private key.
Key echange: Two sides cooperate two exhange a session key.
Requirements for Public-Key Cryptography
1.Computationally easy for a party B to generate a pair (public key KUb, private key KRb)
2.Easy for sender to generate ciphertext:
3.Easy for the receiver to decrypt ciphertect using private key:
)(MEC KUb
)]([)( MEDCDM KUbKRbKRb
Requirements for Public-Key Cryptography
4. Computationally infeasible to determine private key (KRb) knowing public key (KUb)
5. Computationally infeasible to recover message M, knowing KUb and ciphertext C
6. Either of the two keys can be used for encryption, with the other used for decryption:
)]([)]([ MEDMEDM KRbKUbKUbKRb
Public-Key Cryptographic Algorithms
RSA and Diffie-Hellman RSA - Ron Rives, Adi Shamir and Len
Adleman at MIT, in 1977. RSA is a block cipher The most widely implemented
Diffie-Hellman Echange a secret key securely Compute discrete logarithms
The RSA Algorithm – Key Generation
1. Select p,q p and q both prime2. Calculate n = p x q3. Calculate 4. Select integer e5. Calculate d6. Public Key KU = {e,n}7. Private key KR = {d,n}
)1)(1()( qpn)(1;1)),(gcd( neen
)(mod1 ned
The RSA Algorithm - Decryption
Ciphertext: C
Plaintext: M = Cd (mod n)
The RSA Algorithm - Encryption
Plaintext: M<n
Ciphertext: C = Me (mod n)
Example of RSA Algorithm
Authentication
• Requirements - must be able to verify that:1. Message came from apparent
source or author,2. Contents have not been altered,3. Sometimes, it was sent at a certain time or sequence.
• Protection against active attack (falsification of data and transactions)
Approaches to Message Authentication
Authentication Using Conventional Encryption
Only the sender and receiver should share a key
Message Authentication without Message Encryption
An authentication tag is generated and appended to each message
Message Authentication Code Calculate the MAC as a function of the message
and the key. MAC = F(K, M)
One-way HASH One-way HASH functionfunction
One-way HASH function
Secret value is added before the hash and removed before transmission.
21.04.23S Kondakci 60
RSA Açık Anahtar İle RSA Açık Anahtar İle ŞifrelemeŞifreleme
EncryptedData
EncryptedData
DataData
To Bob
Alice’s RSA Prv. Key
DataData
Encrp.Data
Encrp.Data
Alice’s RSA Pub. Key
RSA calculationRSA calculation
RSA calculationRSA calculation
One-way Trust Model Information encrypted with the RSA private key can only be decrypted with the matching RSA public key
21.04.23S Kondakci 61
Example: A trusted Example: A trusted messagingmessaging
Both the message and a session key (S-key) are encrypted and sent to Bob. Bob uses his own public key to decrypt the session key, then uses the decrypted session key to decrypt the message
Ciphertext
S-key Bob’s public key Cipher-key
To Bob
S-key
Plaintext
Ciphertext
Shared session key
21.04.23S Kondakci 62
Bob Deciphers the Session Bob Deciphers the Session KeyKey
Ciphertext
Bob’s private key
S-key S-key
Bob deciphers
the e
ncrypted
sessi
on
key usin
g his own priv
ate key
and
asymmetr
ic alg
orithm. N
ow he has
the sess
ion key an
d ciphere
d mess
age
21.04.23S Kondakci 63
Bob Deciphers the Bob Deciphers the MessageMessage
Ciphertext
S-key
Plaintext
Plaintext
21.04.23S Kondakci 64
Fingerprint: One-way Fingerprint: One-way Hash FunctionsHash Functions
Also called hash function, cryptographic checksum, message integrity check, message digest function
PlaintextPlaintext Finger printFinger print
Fingerprint (also called hash value) is
• always unique for a given message
•one-way; can’t generate plaintext from the hash value
21.04.23S Kondakci 65
One-way HashOne-way Hash
UnknownPlaintextUnknownPlaintextFinger printFinger print
one-way; can’t generate plaintext from the hash value
21.04.23S Kondakci 66
Message Digest Message Digest AlgorithmsAlgorithms
(Mesaj Özetleme)(Mesaj Özetleme)
MD4:128-bit hash value, 32-bit register faster than MD2, better security
MD5: Replacement for MD4, solves some weaknesses of MD4
SHA: Secure Hash Algorithm, 160-bit.
HAVAL, SNEFRU, etc ...
21.04.23S Kondakci 67
Digital SignaturesDigital Signatures(Sayısal İmzalar)(Sayısal İmzalar)
Digital signatures ensure: message integrity integrity (not modified in (not modified in
transit)transit) identityidentity of the sender (Sender’s private
key) non-repudiationnon-repudiation 0000123
SHA, DH, 3837829 …
1/1/93 to 12/31/98
Alice Smith, Acme Corp
DH, 3813710 ...
Acme Corporation, Security Dept.
SHA, DH, 2393702347 ...
Message
Digital certificate
21.04.23S Kondakci 68
Digital SignaturesDigital Signatures
To verify the signature of the message both the sender and receiver create digest messages.
Sender’s public key
Receiver GeneretedDigest
Sender GeneretedDigest
Digest
Digest
Digest
Comparator
TRUE
FALSE
At the Receiver’s Side
Digest DigestTo the Receiver
At the Sender’s Side Sender’s private key