an introduc+on to applied cryptographychester/courses/16o_os/slides/01... · 2017-01-09 ·...

CR

AnIntroduc+ontoAppliedCryptography

ChesterRebeiroIITMadras

CR

ConnectedandStoredEverythingisconnected!

2

Everythingisstored!

CR

IncreasedSecurityBreaches

81%morein2015

h9p://www.pwc.co.uk/assets/pdf/2015-isbs-execuGve-summary-02.pdf

3

CR

SecurityThreats(whydifficulttoprevent?)

A9ackersneedtotargettheweakestlinkinthechain

Networks/CommunicaGonlinks

Hardware

Peripherals

SystemSoPware(OperaGngSystems/Hypervisor)

ApplicaGons

4

CR

SecurityStudies(Research)Networks/CommunicaGonlinks

Hardware

Peripherals

SystemSoPware(OperaGngSystems/Hypervisor)

ApplicaGons

NetworkSecurity

HardwareSecurity

SystemSecurity

OSSecurity

CloudSecurityWebSecurity

DBMSSecurity

EmbeddedSecurity

Cryptography

5

CR

Cryptography

•  Acrucialcomponentinallsecuritysystems•  Fundamentalcomponenttoachieve

– Confiden+ality

Allowsonlyauthorizedusersaccesstodata

6

CR

Cryptography(itsuse)


– ConfidenGality– DataIntegrity

CryptographycanbeusedtoensurethatonlyauthorizeduserscanmakemodificaGons(forinstancetoabankaccountnumber)

7

CR



– ConfidenGality– DataIntegrity– Authen+ca+on

CryptographyhelpsproveidenGGes

8

CR



– ConfidenGality– DataIntegrity– AuthenGcaGon– Non-repudia+on

Thesenderofamessagecannotclaimthatshedidnotsendit

Ididnotsendthat

9

CR

SchemeforConfiden+ality

Alice Bob

messageA9ackatDawn!!

untrustedcommunicaGonlink

MalloryProblem:AlicewantstosendamessagetoBob(andonlytoBob)throughanuntrustedcommunicaGonlink

10

CR

Encryp+on

Alice Bob

message“A9ackatDawn!!”


MallorySecrets• OnlyAliceknowstheencrypGonkeyKE• OnlyBobknowsthedecrypGonkeyKD

E D

KE KD

“A9ackatDawn!!”encrypGon decrypGon

#%AR3Xf34^$(ciphertext)

Onlyseesciphertext.cannotgettheplaintextmessagebecauseshedoesnotknowthekeys

11

CR

Encryp+onAlgorithms

Alice BobuntrustedcommunicaGonlinkE D

KE KD


#%AR3Xf34($(ciphertext)

•  ShouldbeeasytocomputeforAlice/Bob(whoknowthekey)•  ShouldbedifficulttocomputeforMallory(whodoesnotknowthekey)•  Whatis‘difficult’?

•  Idealcase:ProvethattheprobabilityofMallorydeterminingtheencrypGon/decrypGonkeyisnobe&erthanarandomguess

•  Computa+onally:ShowthatitisdifficultforMallorytodeterminethekeysevenifshehasmassivecomputaGonalpower

12

CR

Ciphers•  SymmetricAlgorithms

–  EncrypGonandDecrypGonusethesamekey–  i.e.KE=KD–  Examples:

•  BlockCiphers:DES,AES,PRESENT,etc.•  StreamCiphers:A5,Grain,etc.

•  AsymmetricAlgorithms–  EncrypGonandDecrypGonkeysaredifferent–  KE≠KD–  Examples:

•  RSA•  ECC

13

E D

CR

Encryp+onKeys

•  Howarekeysmanaged– HowdoesAlice&Bobselectthekeys?– Needalgorithmsforkeyexchange

14

Alice BobuntrustedcommunicaGonlinkE D

KE KD



CR

AlgorithmicARacks

•  CanMalloryusetrickstobreakthealgorithm

•  Therebyreducingthe‘difficulty’ofgemngthekey.

15

E

CR

CipherImplementa+ons

Cryptographyisalwaysanoverhead!!•  Forsecurity,thealgorithmsneedtobecomputaGon

intensive.•  OPenrequirelargenumbers,complexmathemaGcaloperaGons.

•  DesignChallenges:Performance,Size,Power.•  Algorithmstoachievethis

16

E

CR

Implementa+onARacks(SideChannelAnalysis)

Alice Bob



MallorySideChannelsEg.Powerconsump+on/radia+onofdevice,execu+on+me,etc.

E D

KE KD



GetsinformaGonaboutthekeysbymonitoringSidechannelsofthedevice

sidechannels

17

CR

SideChannelAnalysis

18

Radia+onfromDevice

0 1 1 1Secretinforma+on 0 1

Alice


E

00111

encrypGon

CR

CiphersDesignChallenges

Wewantcryptoalgorithmstobefastandsmall

Forsecurity,thealgorithmsarecomputaGonallyintensive.Typicallyuselargenumbers,complexoperaGons

Needtoprotectagainstsidechannela9acks.

TradeoffsbetweenSecurity,Speed,Side-ChannelARacks

CR

CryptographyStudy

•  MathemaGcs+EngineeringMathemaGcs ElectricalEngg.

ComputerSc.

cryptography

20

Physics

CR

SomeHotResearchTrends

21

lightweightcryptographypost-quantumcryptography

Leakageresilientcryptographysidechannelanalysis

efficientimplementaGons

cryptanalysis

cloudsecurityhomomorphicencrypGon

privacyenhancingsecurity

CR

ThePlanAhead•  Howareciphersdesigned?

–  IdealsecurityvsComputaGonalsecurity–  Blockciphers/Streamciphers –  AsymmetricKeyciphers–  TradeoffsbetweensecurityandimplementaGon

•  ARacks–  Algorithmic/ImplementaGonbasedA9acks

•  Applica+ons–  HowaretheyusedtoachieveconfidenGality,integrity,authenGcaGon,

non-repudiaGon

•  CaseStudies–  KeyEstablishments,DigitalSignatures,Bitcoins

22

CR

CourseStructure•  ClassicalCryptography•  Shannon’sTheory•  BlockCiphers

–  DES,AES,theirimplementaGonsandtheira9acks•  StreamCiphers•  DigitalSignaturesandAuthenGcaGon

–  HashfuncGons•  Publickeyciphers

–  RSA,implementaGons,anda9acks–  ECC

•  Sidechannelanalysis•  CaseStudies:Bitcoins

23

CR

ExpectedLearningOutcomes

24

•  Whatyouwouldlearnbytheendofthecourse?§  DisGnguishbetweencipheralgorithms

-  Wheretousewhatalgorithm?

§  EvaluateciphersandtheirimplementaGonsforsecurity-  MathemaGcalcryptanalysisofsomealgorithms-  Sidechannelbaseda9acksoncipherimplementaGons

§  Applyalgorithmstosolvesecurityproblemsinreal-worldsystems

CR

Books/References

25

Textbooks (STINSON) ''Cryptography: Theory and Practice", Third Edition, by Douglas R. Stinson, CRC Press, Taylor and Francis Group References (STALLINGS) ''Cryptography and Network Security: Principles and Practices'', Sixth Edition, by William Stallings (HANDBOOK) ''Handbook of Applied Cryptography'', Fifth Printing, by Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, CRC Press

CR

Grading

•  Quiz1:20%on(18/2/2016)•  Quiz2:20%on(25/3/2016)•  Endsemester:30%on(28/4/2016)•  Assignments:15%•  Tutorials:15%

26

CR

CourseWebpages

•  Forslides/syllabus/scheduleetc.

•  Fordiscussions/announcements/submissions

CSEMoodleGoogleGroups(aciitm_2017)

27

h9p://www.cse.iitm.ac.in/~chester/courses/17e_ac/index.html

CR

Logis+cs

•  CS36•  Time:

–  Tuesdays:11:00-11:50AM–  Wednesdays:10:00-10:50AM–  Thursdays:8:00-8:50AM–  Fridays:4:50–5:40PM

28

an introduc+on to applied cryptographychester/courses/16o_os/slides/01... · 2017-01-09 ·...

Documents