Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD...
-
Upload
polly-blankenship -
Category
Documents
-
view
235 -
download
3
Transcript of Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD...
![Page 1: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/1.jpg)
Cryptography
1
![Page 2: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/2.jpg)
History – Of Cryptography
Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère
Mechanical cipher machines 1750- 1950 Confederate Army’s Cipher Disk Japanese Red and Purple Machines German Enigma
Modern Computer Cryptography DES, Rijndael / AES, RSA, ECC, Chameleon,
2
![Page 3: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/3.jpg)
Crypto Vocabulary
Plaintext – A message in its natural format readable by an attacker
Ciphertext – Message altered to be unreadable by anyone except the intended recipients
Key – Sequence that controls the operation and behavior of the cryptographic algorithm
Keyspace – Total number of possible values of keys in a crypto algorithm
3
![Page 4: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/4.jpg)
Crypto Vocabulary 2
Initialization Vector – Random values used with ciphers to ensure no patterns are created during encryption
Cryptosystem – The combination of algorithm, key, and key management functions used to perform cryptographic operations
4
![Page 5: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/5.jpg)
Cryptosystem Services
ConfidentialityIntegrityAuthenticityNonrepudiationAccess Control
5
![Page 6: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/6.jpg)
Types of Cryptography
Asymmetric, and Symmetric
Stream-based Ciphers Mixes plaintext with key stream Good for real-time services
Block Ciphers Substitution and transposition
6
![Page 7: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/7.jpg)
Encryption Systems
Substitution Cipher Convert one letter to another Cryptoquip
Transposition Cipher Change position of letter in text Word Jumble
Monoalphabetic Cipher Caesar
7
![Page 8: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/8.jpg)
Encryption Systems
Polyalphabetic Cipher VigenèreModular Mathematics Running Key CipherOne-time Pads Randomly generated keys
8
![Page 9: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/9.jpg)
Steganography
Hiding a message within another medium, such as an imageExample Modify color map of JPEG image Image of Snowden’s GirlfriendLindsey Mills that contains encodedInformation that is still unknown
9
![Page 10: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/10.jpg)
Cryptographic Methods
Symmetric Same key for encryption and decryption Key distribution problem
Asymmetric Mathematically related key pairs for
encryption and decryption Public and private keys
10
![Page 11: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/11.jpg)
Cryptographic Methods
Hybrid Combines strengths of both methods Asymmetric distributes symmetric key
Also known as a session key Symmetric provides bulk encryption Example:
SSL negotiates a hybrid method
11
![Page 12: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/12.jpg)
Attributes of Strong Encryption
Confusion Change key values each round Performed through substitution Complicates plaintext/key relationship
Diffusion Change location of plaintext in ciphertext Done through transposition
12
![Page 13: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/13.jpg)
Symmetric Algorithms
DES3DESAES (ECB, CBC, TXC,)RC4, RC5IDEABlowfish, TwoFishChameleon
13
![Page 14: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/14.jpg)
Symmetric Encryption
14
E, D: cipher k: secret key (e.g., 128 bits)m, c: plaintext, ciphertext n: nonce (aka IV)
Alice
Em, n E(k,m,n)=c
Bob
Dc, n D(k,c,n)=m
k k
![Page 15: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/15.jpg)
15
First example: One Time Pad (single use key)
Vernam (1917)
Shannon ‘49: OTP is “secure” against ciphertext-only attacks
0 1 0 1 1 1 0 0 01Key:
1 1 0 0 0 1 1 0 00Plaintext:
1 0 0 1 1 0 1 0 01Ciphertext:
![Page 16: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/16.jpg)
16
Stream ciphers (single use key)
Problem: OTP key is as long the messageSolution: Pseudo random key -- stream ciphers
Stream ciphers: RC4 (113MB/sec) , SEAL (293MB/sec)
key
PRBG
message
ciphertext
c PRBG(k) m
![Page 17: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/17.jpg)
Dangers in using stream ciphers
One time key !! “Two time pad” is insecure:
C1 m1 PRBG(k)
C2 m2 PRBG(k)
Eavesdropper does:
C1 C2 m1 m2
Enough redundant information in English that:
m1 m2 m1 , m2
![Page 18: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/18.jpg)
Symmetric encryption: nonce (IV)
18
E, D: cipher k: secret key (e.g., 128 bits)m, c: plaintext, ciphertext n: nonce (aka IV)
Alice
Em, n E(k,m,n)=c
Bob
Dc, n D(k,c,n)=m
k k
nonce
![Page 19: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/19.jpg)
Use Cases
Single use key: (one time key) Key is only used to encrypt one message
encrypted email: new key generated for every email No need for nonce (set to 0)
Multi use key: Key used to encrypt multiple messages
SSL: same key used to encrypt many packets Need either unique nonce or random nonce
Multi use key, but all plaintexts are distinct: Can eliminate nonce (use 0) using special mode (SIV)
19
![Page 20: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/20.jpg)
Block ciphers: crypto work horse
E, D CT Block
n Bits
PT Block
n Bits
Key k Bits
Canonical examples:
1. 3DES: n= 64 bits, k = 168 bits
2. AES: n=128 bits, k = 128, 192, 256 bits
IV handled as part of PT block
![Page 21: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/21.jpg)
21
Building a block cipher
Input: (m, k)Repeat simple mixing operation several times DES: Repeat 16 times:
AES-128: Mixing step repeated 10 times
Difficult to design: must resist subtle attacks differential attacks, linear attacks, brute-force,
…
mL mR
mR mLF(k,mR)
![Page 22: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/22.jpg)
Block Ciphers Built by Iteration
R(k,m): round function for DES (n=16), for AES (n=10)
key k
key expansion
k1 k2 k3 kn
R(k
1, )
R(k
2, )
R(k
3, )
R(k
n, )
m c
![Page 23: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/23.jpg)
23
Incorrect use of block ciphers
Electronic Code Book (ECB):
Problem: if m1=m2 then c1=c2
PT:
CT:
m1 m2
c1 c2
![Page 24: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/24.jpg)
AES
24
![Page 25: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/25.jpg)
AES
![Page 26: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/26.jpg)
AES
26
![Page 27: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/27.jpg)
Chameleon
27
![Page 28: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/28.jpg)
Asymmetric Algorithms
Diffie-HellmanRSAElliptic Curve Cryptography (ECC)
28
![Page 29: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/29.jpg)
Complexity Classes
Answer in polynomial space may need exhaustive search
If yes, can guess and check in polynomial time
Answer in polynomial time, with high probability
Answer in polynomial time compute answer directly
P
BPP
NP
PSpace
easy
hard
![Page 30: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/30.jpg)
Example: RSA
Arithmetic modulo pq Generate secret primes p, q Generate secret numbers a, b with xab x mod pq
Public encryption key n, a Encrypt(n, a, x) = xa mod n
Private decryption key n, b Decrypt(n, b, y) = yb mod n
Main properties This appears to be a “trapdoor permutation” Cannot compute b from n,a
Apparently, need to factor n = pq
n
![Page 31: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/31.jpg)
Why RSA works (quick sketch)
Let p, q be two distinct primes and let n=p*q Encryption, decryption based on group Zn
* For n=p*q, order (n) = (p-1)*(q-1)
Proof: (p-1)*(q-1) = p*q - p - q + 1
Key pair: a, b with ab 1 mod (n) Encrypt(x) = xa mod n Decrypt(y) = yb mod n Since ab 1 mod (n), have xab x mod n
Proof: if gcd(x,n) = 1, then by general group theory, otherwise use “Chinese remainder theorem”.
![Page 32: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/32.jpg)
Textbook RSA is insecure
What if message is from a small set (yes/no)? Can build table
What if I want to outbid you in secret auction? I take your encrypted bid c and submit c (101/100)e mod n
What if there’s some protocol in which I can learn other message decryptions?
![Page 33: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/33.jpg)
OAEP [BR94, Shoup ’01]
Preprocess message for RSA
If RSA is trapdoor permutation, then this is chosen-ciphertext secure (if H,G “random oracles”)
In practice: use SHA-1 or MD5 for H and G
H+
G +
Plaintext to encrypt with RSA
rand.Message 01 00..0
Check padon decryption.Reject CT if invalid.
{0,1}n-1
![Page 34: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/34.jpg)
Digital Signatures
Public-key encryption Alice publishes encryption key Anyone can send encrypted message Only Alice can decrypt messages with this key
Digital signature scheme Alice publishes key for verifying signatures Anyone can check a message signed by Alice Only Alice can send signed messages
![Page 35: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/35.jpg)
Properties of signatures
Functions to sign and verify Sign(Key-1, message)
Verify(Key, x, m) =
Resists forgery Cannot compute Sign(Key-1, m) from m and Key Resists existential forgery:
given Key, cannot produce Sign(Key-1, m) for any random or arbitrary m
true if x = Sign(Key-1, m)false otherwise
![Page 36: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/36.jpg)
RSA Signature Scheme
Publish decryption instead of encryption key Alice publishes decryption key Anyone can decrypt a message encrypted by Alice Only Alice can send encrypt messages
In more detail, Alice generates primes p, q and key pair a, b Sign(x) = xa mod n Verify(y) = yb mod n Since ab 1 mod (n), have xab x mod n
Generally, sign hash of message instead of full plaintext
![Page 37: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/37.jpg)
Public-Key Infrastructure (PKI)
Anyone can send Bob a secret message Provided they know Bob’s public key
How do we know a key belongs to Bob? If imposter substitutes another key, can read Bob’s mail
One solution: PKI Trusted root authority (VeriSign, IBM, United Nations)
Everyone must know the verification key of root authority Check your browser; there are hundreds!!
Root authority can sign certificates Certificates identify others, including other authorities Leads to certificate chains
![Page 38: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/38.jpg)
Public-Key Infrastructure
Certificate Authority
Client Server
Known public signature verification key Ka
Sign(Ka-1, Ks), Sign(Ks, msg)
CertificateSign(Ka-1, Ks)Ks
Server certificate can be verified by any client that has CA key Ka
Certificate authority is “off line”
Ka
![Page 39: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/39.jpg)
Hashing Algorithms
MD5 Computes 128-bit hash value Widely used for file integrity checking
SHA-1 Computes 160-bit hash value NIST approved message digest algorithm
SHA-256
39
![Page 40: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/40.jpg)
Birthday Attack
Collisions Two messages with the same hash value
Based on the “birthday paradox”Hash algorithms should be resistant to this attack
40
![Page 41: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/41.jpg)
Message Authentication Codes
Small block of data generated with a secret key and appended to a messageHMAC (RFC 2104) Uses hash instead of cipher for speed Used in SSL/TLS and IPSec
41
![Page 42: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/42.jpg)
Digital Signatures
Hash of message encrypted with private key
Digital Signature Standard (DSS)• DSA/RSA/ECD-SA plus SHA
DSS provides• Sender authentication• Verification of message integrity• Nonrepudiation
42
![Page 43: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/43.jpg)
Encryption Management
Key Distribution Center (KDC) Uses master keys to issue session keys Example: Kerberos
ANSI X9.17 Used by financial institutions Hierarchical set of keys Higher levels used to distribute lower
43
![Page 44: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/44.jpg)
Public Key Infrastructure
All components needed to enable secure communication Policies and Procedures Keys and Algorithms Software and Data Formats
Assures identity to usersProvides key management features
44
![Page 45: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/45.jpg)
PKI Components
Digital Certificates• Contains identity and verification info
Certificate Authorities• Trusted entity that issues certificates
Registration Authorities• Verifies identity for certificate requests
Certificate Revocation List (CRL)
45
![Page 46: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/46.jpg)
PKI Cross Certification
Process to establish a trust relationship between CAs
Allows each CA to validate certificates issued by the other CA
Used in large organizations or business partnerships
46
![Page 47: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/47.jpg)
Cryptanalysis
The study of methods to break cryptosystems
Often targeted at obtaining a keyAttacks may be passive or active
47
![Page 48: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/48.jpg)
Cryptanalysis
Kerckhoff’s Principle The only secrecy involved with a
cryptosystem should be the key
Cryptosystem Strength How hard is it to determine the secret
associated with the system?
48
![Page 49: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/49.jpg)
Cryptanalysis Attacks
Brute force Trying all key values in the keyspace
Frequency Analysis Guess values based on frequency of
occurrence
Dictionary Attack Find plaintext based on common words
49
![Page 50: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/50.jpg)
Cryptanalysis Attacks (statistical)
WORD COUNT PERCENT bar graph
the 53.10 B 7.14% the
of 30.97 B 4.16% ofand 22.63 B 3.04%
and to 19.35 B 2.60% to in 16.89 B 2.27% ina 15.31 B 2.06% a is 8.38 B 1.13% is that 8.00 B 1.08%
that for 6.55 B 0.88% for
50
LET COUNT PERCENT bar graphE 445.2 B 12.49% ET 330.5 B 9.28% TA 286.5 B 8.04% AO 272.3 B 7.64% OI 269.7 B 7.57% IN 257.8 B 7.23% NS 232.1 B 6.51% SR 223.8 B 6.28% RH 180.1 B 5.05% HL 145.0 B 4.07% LD 136.0 B 3.82% DC 119.2 B 3.34% CU 97.3 B 2.73% UM 89.5 B 2.51% MF 85.6 B 2.40% FP 76.1 B 2.14% P
![Page 51: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/51.jpg)
Cryptanalysis Attacks
Replay Attack Repeating previous known values
Factoring Attacks Find keys through prime factorization
Ciphertext-OnlyKnown Plaintext
Format or content of plaintext available
51
![Page 52: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/52.jpg)
Cryptanalysis Attacks
Chosen Plaintext Attack can encrypt chosen plaintext
Chosen Ciphertext Decrypt known ciphertext to discover key
Differential Power Analysis Side Channel Attack Identify algorithm and key length
52
![Page 53: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/53.jpg)
Cryptanalysis Attacks
Social Engineering Humans are the weakest link
RNG Attack Predict IV used by an algorithm
Temporary Files May contain plaintext
53
![Page 54: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/54.jpg)
E-mail Security Protocols
Privacy Enhanced Email (PEM)Pretty Good Privacy (PGP)
Based on a distributed trust model Each user generates a key pair
S/MIME Requires public key infrastructure Supported by most e-mail clients
54
![Page 55: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/55.jpg)
Network Security
Link Encryption Encrypt traffic headers + data Transparent to users
End-to-End Encryption Encrypts application layer data only Network devices need not be aware
55
![Page 56: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/56.jpg)
Network Security
SSL/TLS• Supports mutual authentication• Secures a number of popular network
services
IPSec• Security extensions for TCP/IP protocols• Supports encryption and authentication• Used for VPNs
56
![Page 57: Cryptography 1. History – Of Cryptography Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950.](https://reader034.fdocuments.us/reader034/viewer/2022042519/56649f355503460f94c5331c/html5/thumbnails/57.jpg)
Questions?
57