Cryptography subject gor lectures 111.ppt
abduganiyevbekzod011
8 views
13 slides
Sep 12, 2024
Slide 1 of 13
1
2
3
4
5
6
7
8
9
10
11
12
13
About This Presentation
Lecture
Slide Content
CS5204 – Operating Systems 1
Cryptographic Security
Cryptographic Security
CS 5204 – Operating Systems 2
Cryptographic Security
Security Considerations
Goals:
• privacy/confidentiality - information not disclosed to unauthorized entities
• integrity - information not altered deliberately or accidentally
• authentication - validation of identity of source of information
• non-repudiation - source of information can be objectively established
Factors:
• reliance on unknown, vulnerable intermediaries (e.g., Internet routers)
• parties may have no personal or organizational relationship (e.g., e-commerce)
• use of automated surrogates (e.g., agents)
Threats:
• replay of messages
• interference (inserting bogus messages)
• corrupting messages
Cryptographic Security
Security Considerations
Goals:
• privacy/confidentiality - information not disclosed to unauthorized entities
• integrity - information not altered deliberately or accidentally
• authentication - validation of identity of source of information
• non-repudiation - source of information can be objectively established
Factors:
• reliance on unknown, vulnerable intermediaries (e.g., Internet routers)
• parties may have no personal or organizational relationship (e.g., e-commerce)
• use of automated surrogates (e.g., agents)
Threats:
• replay of messages
• interference (inserting bogus messages)
• corrupting messages
CS 5204 – Operating Systems 3
Cryptographic Security
Cryptography
Encryption key Decryption key
public information
E
CA
M
D
C
M’
K
e
M
K
d
Forms of attack:
ciphertext
only
known
plaintext
chosen
plaintext
Cryptographic Security
Cryptography
Encryption key Decryption key
public information
E
CA
M
D
C
M’
K
e
M
K
d
Forms of attack:
ciphertext
only
known
plaintext
chosen
plaintext
CS 5204 – Operating Systems 4
Cryptographic Security
Forms of Cryptosystems
•Private Key (symmetric) :
A single key is used for both encryption and decryption.
Key distribution problem
a secure channel is needed to transmit
the key before secure communication can take place over an
unsecure channel.
•Public Key (asymmetric):
The encryption procedure (key) is public while the decryption
procedure (key) is private.
Requirements:
1. For every message M, D(E(M)) = M
2. E and D can be efficiently applied to M
3. It is impractical to derive D from E.
Cryptographic Security
Forms of Cryptosystems
•Private Key (symmetric) :
A single key is used for both encryption and decryption.
Key distribution problem
a secure channel is needed to transmit
the key before secure communication can take place over an
unsecure channel.
•Public Key (asymmetric):
The encryption procedure (key) is public while the decryption
procedure (key) is private.
Requirements:
1. For every message M, D(E(M)) = M
2. E and D can be efficiently applied to M
3. It is impractical to derive D from E.
CS 5204 – Operating Systems 5
Cryptographic Security
Combining Public/Private Key Systems
(1)
(2)
A B
Public key encryption is more expensive than symmetric key encryption
For efficiency, combine the two approaches
(1)Use public key encryption for authentication; once authenticated,
transfer a shared secret symmetric key
(2) Use symmetric key for encrypting subsequent data transmissions
Cryptographic Security
Combining Public/Private Key Systems
(1)
(2)
A B
Public key encryption is more expensive than symmetric key encryption
For efficiency, combine the two approaches
(1)Use public key encryption for authentication; once authenticated,
transfer a shared secret symmetric key
(2) Use symmetric key for encrypting subsequent data transmissions
CS 5204 – Operating Systems 6
Cryptographic Security
Secure Communication - Public Key System
M M
?
User X
User Y
User Z
D
Y(C)E
Y(M)
C
E
Y
is the public key for user Y
D
Y
is the secret key for user Y
Cryptographic Security
Secure Communication - Public Key System
M M
?
User X
User Y
User Z
D
Y(C)E
Y(M)
C
E
Y
is the public key for user Y
D
Y
is the secret key for user Y
CS 5204 – Operating Systems 7
Cryptographic Security
Rivest
ShamirAdelman (RSA) Method
MM
User X User YM
e
mod n C
d
mod n
Encryption Key for user YDecryption Key for user Y
C
(e, n) (d, n)
Cryptographic Security
Rivest
ShamirAdelman (RSA) Method
MM
User X User YM
e
mod n C
d
mod n
Encryption Key for user YDecryption Key for user Y
C
(e, n) (d, n)
CS 5204 – Operating Systems 8
Cryptographic Security
RSA Method
1. Choose two large (100 digit) prime numbers, p and q,and set n = p x q
2. Choose any large integer, d, so that: GCD( d, ((p
1)x(q1)) = 1
3. Find e so that: e x d = 1 (modulo (p
1)x(q1))
Example:
1. p = 5, q = 11 and n = 55.
(p
1)x(q1) = 4 x 10 = 40
2. A valid d is 23 since GCD(40, 23) = 1
3. Then e = 7 since:
23 x 7 = 161 modulo 40 = 1
Cryptographic Security
RSA Method
1. Choose two large (100 digit) prime numbers, p and q,and set n = p x q
2. Choose any large integer, d, so that: GCD( d, ((p
1)x(q1)) = 1
3. Find e so that: e x d = 1 (modulo (p
1)x(q1))
Example:
1. p = 5, q = 11 and n = 55.
(p
1)x(q1) = 4 x 10 = 40
2. A valid d is 23 since GCD(40, 23) = 1
3. Then e = 7 since:
23 x 7 = 161 modulo 40 = 1
CS 5204 – Operating Systems 9
Cryptographic Security
(Large) Document Integrity
File/
message
hash process
digest
Digest properties:
• fixed-length, condensation of the source
• efficient to compute
• irreversible - computationally infeasible for the
original source to be reconstructed from the digest
• unique - difficult to find two different sources that
map to the same digest (collision resistance)
Also know as: fingerprint
Examples: MD5 (128 bits), SHA-1 (160 bits)
Cryptographic Security
(Large) Document Integrity
File/
message
hash process
digest
Digest properties:
• fixed-length, condensation of the source
• efficient to compute
• irreversible - computationally infeasible for the
original source to be reconstructed from the digest
• unique - difficult to find two different sources that
map to the same digest (collision resistance)
Also know as: fingerprint
Examples: MD5 (128 bits), SHA-1 (160 bits)
CS 5204 – Operating Systems 10
Cryptographic Security
(Large)Document Integrity
file
hash process
digest
file
encrypt with
sender’s private key
d
i
g
i
t
a
l
e
n
v
e
l
o
p
e
Cryptographic Security
(Large)Document Integrity
file
hash process
digest
file
encrypt with
sender’s private key
d
i
g
i
t
a
l
e
n
v
e
l
o
p
e
CS 5204 – Operating Systems 11
Cryptographic Security
Guaranteeing Integrity
hash process
file
digest
decrypt with
sender’s public key
file
d
i
g
i
t
a
l
e
n
v
e
l
o
p
e
digest
compare
Cryptographic Security
Guaranteeing Integrity
hash process
file
digest
decrypt with
sender’s public key
file
d
i
g
i
t
a
l
e
n
v
e
l
o
p
e
digest
compare
CS 5204 – Operating Systems 12
Cryptographic Security
Digital Signatures (Public Key)
Requirements:
unforgable and unique
receiver: knows that a message came from the sender (authenticity)
sender: cannot deny authorship( non-repudiation)
message integrity
sender & receiver: message contents preserved (integrity)
(e.g., cannot cut
andpaste a signature into a message)
Public Key System:
sender, A: (E
A
: public, D
A
: private)
receiver, B: (E
B : public, D
B : private)
sender(A)
C= E
B
(D
A
(M)) > receiver(B)
receiver(B)
M = E
A (D
B (C)) > M
Cryptographic Security
Digital Signatures (Public Key)
Requirements:
unforgable and unique
receiver: knows that a message came from the sender (authenticity)
sender: cannot deny authorship( non-repudiation)
message integrity
sender & receiver: message contents preserved (integrity)
(e.g., cannot cut
andpaste a signature into a message)
Public Key System:
sender, A: (E
A
: public, D
A
: private)
receiver, B: (E
B : public, D
B : private)
sender(A)
C= E
B
(D
A
(M)) > receiver(B)
receiver(B)
M = E
A (D
B (C)) > M
CS 5204 – Operating Systems 13
Cryptographic Security
Secure Communication (Public Key)
BA
Handshaking
I
A, I
B are “nonces”
nonces can be included in each subsequent message
PKB: public key of B; PKA: public key of A;
E
PKA (I
A, I
B)
E
PKB, (I
A, A)
E
PKB (I
B)
Cryptographic Security
Secure Communication (Public Key)
BA
Handshaking
I
A, I
B are “nonces”
nonces can be included in each subsequent message
PKB: public key of B; PKA: public key of A;
E
PKA (I
A, I
B)
E
PKB, (I
A, A)
E
PKB (I
B)
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 8
- Slides 13
- Age 448 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
35 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
32 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
29 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views