1 What is cryptography Cryptography is a mathematical method of protecting information Cryptography is part of but not equal to security Predated modern computing In modern computing crypto is used to ID: 599596
Download Presentation The PPT/PDF document "Basic Cryptography" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Basic Cryptography
1Slide2
What is cryptography?
Cryptography is a mathematical method of protecting information
Cryptography is part of, but not equal to, security
Predated modern computing
In modern computing, crypto is used to remediate deficiencies in the cyber space.
2Slide3
Cryptographic Primitives
In this course, we do not study the math part of crypto; rather, we
use cryptography primitives as
“
black boxes.
”
Need to understand the fundamental properties of the crypto primitives
Four primitives:Cryptographic hashSymmetric encryptionAsymmetric encryptionDigital signatures
3Slide4
Using the crypto primitives
Build security protocols
e.g.
SSL/TLS
Build more complex security systems using the primitivese.g. PKI
4Slide5
Cryptographic Hash
Hash function: H(m) = c
Variable-length messages, fixed-length checksum
Examples: MD5, SHA-1
Properties:
Given m, easy to compute H(m)
Given c, hard to find m
(preimage resistance)
Given m, hard to find another m
’
s.t. H(m
’
) = H(m)
(second-preimage resistance)
Hard to find m and m
’ s.t. H(m) = H(m’) (collision resistance)
5Slide6
Applications of Hash Function
Provides integrity guarantee
If the message content is changed, the hash
will
be different.Hide informationKnowing the hash does not reveal the input message.N.B. Hash is NOT encryption!
6Slide7
A simple application
A
Commitment Scheme
We are having an online “sealed first-price auction”
Everyone submits a bid in a chat-roomThere is no trusted third partyBids may be submitted at different timesRequirements:The bids need to be secret before opening
The bids need to be binding after opening
Use cryptographic hash function to implement such a scheme
7Slide8
Using Salt with Hash
A salt is a message that is typically concatenated to the Hash function’s input.
Used to increase the input space of the hash
Increase the difficulty of brute-force attacks
8Slide9
c =enc(m,
K
)
m=dec(c,
K
)
Properties:
1. Given ciphertext, hard to infer plaintext
(ciphertext only attack)
2. Ciphertext and plaintext known, hard to infer key
(known-plaintext attack)
3. Access to encryption oracle, hard to infer key
(chosen-plaintext attack)
4. Access to decryption oracle, hard to infer key
(chosen-ciphertext attack)Symmetric Encryption (Secret-key Encryption)
Encryption and decryption use the same keysecret key
Examples: DES, AES
9
ciphertext
plaintextSlide10
The key management problem
Every pair of communicating parties need to establish a shared key
Leads to keys for
N
parties
Typically requires a key-management/key agreement scheme to be used in practice
10Slide11
Diffie-Hellman Key Agreement (1976)
Alice
BobSlide12
Asymmetric Encryption
(Public-key Encryption)
Encryption and decryption use two different keys:
c = enc(m, K
pub
)
m = dec(c, K
priv
)
Public key: announce to everyone
Private key: known to the owner only
Examples: RSA, El-Gamal
12
Every party has a pair of keys: <K
pub
, K
priv
>
It is hard to infer private key from the public keySlide13
Asymmetric Encryption
(Public-key Encryption)
Properties:
Given
ciphertext
, hard to infer plaintext
(
ciphertext
only attack)
Ciphertext
and plaintext known, hard to infer private key
(known-plaintext attack)
3.
Encryption
oracle given, hard to infer private key
(chosen-plaintext attack)4. Decryption oracle given, hard to infer private key (chosen-ciphertext attack)
13By definition of public-key encryptionSlide14
Using Public-key Crypto
Key generation
Creates the <public, private> key pair
Typically involves pseudo-random number generation
Encryption using public-key cryptoDoes not need to share keysDoes not need a secure channel to transmit the public key Much slower than symmetric-key encryption
14
Challenge: how to ensure the correct public key is used?Slide15
Using Public Key to Establish a Shared Secret
Alice
Bob
C=E
(PK
B
, s)
s
PK
B
s=D(SK
B
, C)
Pick a random secret s Slide16
Digital Signature
Based on public-key crypto.
Signing:
sig= Sign(m, K
priv
)
Verification:
Verify(sig, K
pub,
m) = True
Properties:
Verification of the validity of a digital signature needs only the public key.
Only the owner of the corresponding private key can produce a valid signature
Examples: RSA, DSA, El-Gamal
16Slide17
Applications of Digital Signature
Ensuring data authenticity
Sender signs the message, receiver verifies the signature
Providing non-repudiation
Digital signature serves as proof that the message is generated by the private-key holder
17Slide18
Message Authentication Code
18
Hash with a shared key.
tag= MAC(m, K)
Properties:
Only the holder of the key K can generate a valid MAC tag.
Examples: HMACSlide19
Exercise after class
Set up public-key based authentication using SSH
Play
with the various crypto primitives using
OpenSSL (http://www.openssl.org/
)
The command-line tool documentation can be found at
http://www.openssl.org/docs/apps/openssl.html Openssl should be installed at most Unix systems.
19