Cryptography And Secure Systems
-
Upload
invisibits -
Category
Technology
-
view
173 -
download
0
Transcript of Cryptography And Secure Systems
![Page 1: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/1.jpg)
12/8/2015
AppCrypto Team
![Page 2: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/2.jpg)
What does it mean a system to be secure?
![Page 3: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/3.jpg)
It boils down to the trust you place on the system!
Guru
Trust on the system
How secure is the system
![Page 4: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/4.jpg)
You decide to safeguard your valuable assets like hardly used gold jewelries in a bank instead of keeping them in your house.
Guru
You are placing more trust on the bank’s ability to safeguard your valuable asset
than your own house.
You learn this fact by experience – you
friends valuable assets kept at home
got robbed.
None of your friends have had any bad
experience with the bank safeguarding
their assets.
![Page 5: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/5.jpg)
Secure systems are built to satisfy the following security goals.
Guru
Integrity Availability
Confidentiality
Authentication
Non-repudiation
![Page 6: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/6.jpg)
We will not discuss availability in this presentation as cryptography is not generally used to assure availability (i.e. the service is available whenever you need it) Guru
Denial of Service (DoS) attacks disrupts the available it of a service.
![Page 7: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/7.jpg)
Can I trust the system not to show my sensitive data to any unauthorized parties?
Guru
Can I trust the system not to modify my data by any unauthorized parties?
Can I trust the system not to allow to impersonate me to the system?
Can I trust the system to hold each individual accountable of their actions?
Confidentiality
Integrity
Authentication
Non-repudiation
![Page 8: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/8.jpg)
Confidentiality
Integrity
Authentication
Non-repudiation
Cryptography
Can’t read!
Can’t modify!
Can’t impersonate!
Can’t deny doing!
![Page 9: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/9.jpg)
Trust sounds intuitive, but how do I objectively measure trust?
![Page 10: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/10.jpg)
What does it mean a system to be secure?
![Page 11: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/11.jpg)
Guru
The measure of trust (how secure your system) depends on who you are trying to protect against. We call it the attack model.
An Attack model captures the capabilities, collisions and intentions of adversaries.
An adversary is a bad user who want to break
the security of your system.
![Page 12: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/12.jpg)
Guru
In order to demonstrate trust in the system under the given attack model
We need to prove the security of the cryptographic protocols under that attack model.
A cryptographic protocol secure under one attack model (e.g. attacker can see one message) may not be secure under more stronger attack model (e.g. attacker can see many messages).
![Page 13: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/13.jpg)
Guru
Usually, most of us will be using time tested and proven cryptographic primitives such as ciphers, message authentication codes, digital signatures.
We will be constructing new protocols using these primitives. However, we need to make sure that our protocols are secure under the chosen attack model.
A cryptographic protocol built using secure cryptographic primitives may not necessarily be secure if not built right.
![Page 14: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/14.jpg)
Adversary
Capabilities
Intentions
In cryptography, we assume that attackers
have limited computational power. In other words, they are computationally
bounded.
There could be passive attackers or active attackers. Passive attackers simply listens to your
messages whereas much more powerful
active attacks modify your messages.
Collisions
Multiple adversaries may collude together to break a cryptographic
protocol.
![Page 15: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/15.jpg)
Let’s look at the security goals that are directly tied to cryptography mentioned earlier.
Guru
![Page 16: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/16.jpg)
Confidentiality
Can’t read!
Ciphertext (C) Encrypt Plaintext (M)
Plaintext(M) Decrypt Ciphertext(C)
Use cipher.
The message to be encrypted is called
“plaintext”
The encrypted message is called
“ciphertext”
![Page 17: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/17.jpg)
Ciphers
Symmetric ciphers
Asymmetric ciphers
Also called “Symmetric Key Cryptosystems”
Also called “Public Key Cryptosystems”
Alice Bob
Alice and Bob share the same key.
Alice Bob
Alice and Bob do not share the same key. Public key & Private
key pair
![Page 18: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/18.jpg)
Roughly speaking, a cipher is secure if it is hard to obtain plaintext from the ciphertext without knowing the key used. Guru
In a cipher, only the key is secret; everything else (encryption algorithm, decryption algorithm) is public.
Alice Bob
Messages exchanged in a TLS protocol are encrypted using a symmetric cipher.
![Page 19: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/19.jpg)
Integrity
Can’t modify!
Cryptographic Hashing Algorithm
Document
Key
Secure Hash
Alice Bob
Messages exchanged in a TLS protocol are hashed using a keyed hash algorithm.
Send the hash along with the document to the receiver.
Receiver can compute the hash and compare to verify.
Message Hash
Use hashing.
![Page 20: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/20.jpg)
Authentication
Can’t impersonate!
Use hashing, Public Key Ciphers (certificates).
Three ways to authenticate
Use what you have (e.g. key, badge, certificates)
Use what you know (e.g. passwords, PINs)
Use what you are (e.g. fingerprints, iris)
![Page 21: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/21.jpg)
Password authentication (Server: am I talking to Alice?)
Alice Server (www.example.com)
Hash pwd Salt Password
Certificate based authentication (Alice: Am I taking to example.com?)
Alice Server (www.example.com)
Example.com certificate
Example.com certificate
Check if the certificate is signed by a trusted root
authority.
Check if the new hash matches the
stored one.
![Page 22: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/22.jpg)
Transfer $1M to Bob
Non-repudiation
Can’t deny doing!
Use Public Key Ciphers (digital signatures).
Alice
Public key Private key
Transfer $1M to Bob
Digitally signed using Alice’s private key
Alice cannot later deny that she did not order bank to transfer as it has her digital signature on it
(only she can produce that signature)
Verify signature using Alice’s public key
![Page 23: Cryptography And Secure Systems](https://reader031.fdocuments.us/reader031/viewer/2022021918/58a7b83b1a28ab70368b606f/html5/thumbnails/23.jpg)
The security of a system boils down to the trust.
Cryptography is a tool that we can use to build trust in security services (confidentiality, integrity, authentication and non-repudiation) and in turn in systems build using these security services.
If the foundation of your house (cryptographic tools used) is not
strong, your house (software system) will collapse!
Guru