Cryptographic tools
RajasekarVr
7,419 views
28 slides
Sep 13, 2017
Slide 1 of 28
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
About This Presentation
1 Symmetric Encryption
2 Message Authentication and Hash Functions
3 Public-Key Encryption
4 Digital Signatures and Key Management
5 Random and Pseudo random Numbers
6 Practical Application: Encryption of Stored Data
7 Symmetric vs Asymmetric
Slide Content
1 CRYPTOGRAPHIC TOOLS ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools Mr. RAJASEKAR RAMALINGAM Department of IT, College of Applied Sciences, Sur. Sultanate of Oman . http :// vrrsekar.wixsite.com/raja Based on William Stallings, Lawrie Brown, Computer Security: Principles and Practice, Third Edition
CONTENT 2.1 Symmetric Encryption 2.2 Message Authentication and Hash Functions 2.3 Public-Key Encryption 2.4 Digital Signatures and Key Management 2.5 Random and Pseudorandom Numbers 2.6 Practical Application: Encryption of Stored Data 2.7 Symmetric vs Asymmetric ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 2
2.1 Symmetric Encryption universal technique for providing confidentiality also referred to as single-key encryption two requirements for secure use: need a strong encryption algorithm sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 3
Symmetric Encryption ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 4
Cryptanalytic Attacks rely on: nature of the algorithm plus some knowledge of the general characteristics of the plaintext even some sample plaintext- ciphertext pairs exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or the key being used if successful all future and past messages encrypted with that key are compromised Brute-Force Attack try all possible keys on some ciphertext until an intelligible translation into plaintext is obtained on average half of all possible keys must be tried to achieve success 2.1.1 Attacking Symmetric Encryption ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 5
2.1.2 Symmetric Encryption Algorithms ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 6
Block Cipher Encryption Stream Encryption 7
Block & Stream Ciphers processes the input one block of elements at a time produces an output block for each input block can reuse keys more common Block Cipher processes the input elements continuously produces output one element at a time primary advantage is that they are almost always faster and use far less code encrypts plaintext one byte at a time pseudorandom stream is one that is unpredictable without knowledge of the input key Stream Cipher ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 8
2.2 Message Authentication protects against active attacks verifies received message is authentic can use conventional encryption contents have not been altered from authentic source timely and in correct sequence only sender & receiver share a key ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 9
2.2.1 Message Authentication Codes ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 10
Secure Hash Functions ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 11
Message Authentication Using a One-Way Hash Function 12
2.2.3 Hash Function Requirements can be applied to a block of data of any size produces a fixed-length output H(x) is relatively easy to compute for any given x one-way or pre-image resistant infeasible to find x such that H(x) = h second pre-image or weak collision resistant infeasible to find y ≠x such that H(y) = H(x) collision resistant or strong collision resistance infeasible to find any pair (x, y) such that H(x) = H(y) ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 13
2.2.4 Security of Hash Functions approaches to attack a secure hash function cryptanalysis exploit logical weaknesses in the algorithm brute-force attack strength of hash function depends solely on the length of the hash code produced by the algorithm additional secure hash function applications: Passwords : hash of a password is stored by an operating system intrusion detection : store H(F) for each file on a system and secure the hash values ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 14
2.3 Public-Key Encryption Structure publicly proposed by Diffie and Hellman in 1976 based on mathematical functions asymmetric uses two separate keys public key and private key public key is made public for others to use some form of protocol is needed for distribution ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 15
2.3.1 Public-Key Encryption Confidentiality ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 16
Private-Key Encryption Authentication ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 17
2.3.2 Requirements for Public-Key Crypto. computationally easy to create key pairs computationally easy for sender knowing public key to encrypt messages computationally easy for receiver knowing private key to decrypt ciphertext computationally infeasible for opponent to determine private key from public key computationally infeasible for opponent to otherwise recover original message useful if either key can be used for each role ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 18
2.3.3 Asymmetric Encryption Algorithms RSA ( Rivest , Shamir, Adleman ) developed in 1977 most adopted approach to public-key encryption block cipher in which the plaintext and ciphertext are between 0 and n -1 Diffie -Hellman key exchange algorithm enables two users to securely reach agreement about a shared secret limited to the exchange of the keys Digital Signature Standard (DSS) provides only a digital signature function with SHA-1 cannot be used for encryption or key exchange Elliptic curve cryptography (ECC) security like RSA, but with much smaller keys ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 19
2.3.4 Applications for Public-Key Cryptosystems ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 20
2.4 Digital Signatures used for authenticating both source and data integrity created by encrypting hash code with private key does not provide confidentiality even in the case of complete encryption message is safe from alteration but not eavesdropping ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 21
2.4.1 Digital Envelopes protects a message without needing to first arrange for sender and receiver to have the same secret key equates to the same thing as a sealed envelope containing an unsigned letter ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 22
2.4.1 Public Key Certificates ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 23
2.5.1 Uses include generation of: keys for public-key algorithms stream key for symmetric stream cipher symmetric key for use as a temporary session key or in creating a digital envelope handshaking to prevent replay attacks session key ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 24 2.5 Random Numbers
1. Randomness criteria: uniform distribution frequency of occurrence of each of the numbers should be approximately the same independence no one value in the sequence can be inferred from the others 2. Unpredictability each number is statistically independent of other numbers in the sequence opponent should not be able to predict future elements of the sequence on the basis of earlier elements 2.5.2 Random Number Requirements ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 25
2.5.3 Random versus Pseudorandom cryptographic applications typically use algorithms for random number generation algorithms are deterministic and therefore produce sequences of numbers that are not statistically random pseudorandom numbers are: sequences produced that satisfy statistical randomness tests likely to be predictable true random number generator (TRNG): uses a nondeterministic source to produce randomness most operate by measuring unpredictable natural processes e.g. radiation, gas discharge, leaky capacitors increasingly provided on modern processors ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 26
2.6 Application: Encryption of Stored Data C ommon to encrypt transmitted data Much less common for stored data there is often little protection beyond domain authentication and operating system access controls data are archived for indefinite periods even though erased, until disk sectors are reused data are recoverable Approaches to encrypt stored data: use a commercially available encryption package back-end appliance library based tape encryption background laptop/PC data encryption ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools 27
2.7 Symmetric vs Asymmetric Secret Key (Symmetric) Public Key (Asymmetric) Number of keys 1 per pair 2 per person Protection of key Must be kept secret One key must be kept secret; the other can be freely exposed Best uses Cryptographic workhorse; secrecy and integrity of datasingle characters to blocks of data, messages, files Key exchange, authentication Key distribution Must be out-of-band Public key can be used to distribute other keys Speed Fast Slow; typically, 1,000 times slower than secret key 28 ITSY3104 COMPUTER SECURITY - A - LECTURE 2 - Cryptographic Tools
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 7,419
- Slides 28
- Favorites 6
- Age 3003 days
Related Slideshows
1
MGV Residential Design projects for different clients, including a New Mexico Adobe project-1-.pdf
mannyvesa
27 views
16
EUNITED_Advocacy and Public Engagement through Visual Media
GeorgeDiamandis11
32 views
31
DESIGN THINKINGGG PPT 2 TOPIC IDEATION.pptx
HibaZaidi2
25 views
36
DESIGN THINKING CHAPTER 1 PPTT PPT 1.pptx
HibaZaidi2
29 views
112
Hinduism and Its History - PowerPoint Slides.pptx
ConorMcCormack10
25 views
20
Service Attributes of Manufactured Parts.pptx
MustafaEnesKrmac
25 views