MIT OpenCourseWare
http://ocw.mit.edu
6.033 Computer System Engineering
Spring 2009
For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms.
Protection
C
1) authentication
2) authorization
3) confidentiality
I
S
Crypto
A
m
T
k1
Shared key
(DES)
k1= k2
Public key (RSA)
k1≠ k2
I
U
k2
B
Security Primitives
Pub. Key
AÆB
{m}kApriv
sign
{m}kBpub
encrypt
hard to
build
sign, verify
encrypt, decrypt
Authentication
1) Who is requesting?
(same principal as before)
2) Mesg that was sent = mesg recv.
Model
Server
Principal
(user)
req
“buy
AAPL”
guard
service
authentication
technical
name
trust
psychological
Integrity ≠ Authenticity ≠ Confidentiality
Lucifer
A
m,CRC(m)
Server
modify m
reorder m
“Donate $100 to Save the Whales.”
- One time pad Æ no!
- CRC
checksum dependent on key
m
A
m
sign
k1
server
verify
k2
yes
no
Cryptographically
secure
sha-1)
k1≠ k2 Î MAC
k1= k2 Î signature
{hash(m)}kApriv
Key Distribution Problem
AÆB
“A’s pub key is X”
certificates
CA – certificate authority
Secure Comm. Channel
Use pub. key to authenticate
Exchange a shared key
Properties of crypt. Protocols
1) freshness
2) appropriate
3) forward secrecy
Attacks
crypto
replay
impersonation