Add to collection(s) Add to saved
  1. History
  2. European History
  3. Renaissance (1330-1550)

Introduction to Computer and Network Security 15-349 Iliano Cervesato

advertisement 
15-349
Introduction to Computer and
Network Security
Iliano Cervesato
24 August 2008 – Introduction to Cryptography
Where we are
 Course intro
 Cryptography







Intro to crypto
Modern crypto
Symmetric encryption
Asymmetric encryption
Beyond encryption
Cryptographic protocols
Attacking protocols
 Program/OS security & trust
 Networks security
 Beyond technology
2
Outline
 Basic concepts
 Protecting information
 Goals of cryptography
 Brief history
 Cryptographic toolbox (preview)
 Cryptanalysis
 Traditional attack models
 Side-channel attacks
 Early ciphers
 Substitution ciphers
 Transposition ciphers
3
Confidentiality of Communication
Implement a virtual trusted channel over an
insecure medium
E
D
4
Confidentiality of storage
Implement a virtual trusted safebox over an
insecure storage medium
E
5
Insecure Channels
External observer can
 Read traffic
 Interception
 Inject new traffic
Passive
attack
 Fabrication
 Block traffic … (sometimes)
 Interruption
 Modify traffic … (sometimes)
Active
attack
 Modification
6
Representing Data
 Divide data into blocks
 Character, records, …
 Represent each block by a number
 E.g., ASCII
 Why?
 Cryptography is based on mathematics
7
Encryption and Decryption
Encrypted message
(ciphertext)
Encryption
E
Message
(cleartext,
plaintext)
X
X
Decryption
D
Message
(cleartext, plaintext)
E, D realize a virtual trusted channel
8
Keys
What are E and D?
 Channel-specific algorithm
 Requires a lot of
algorithms
m
E
s
 Hard
 Universal algorithms
 Parameterized by key
 Easier
– 1 algorithm
– Large space of keys
m
k
E
s
9
Classical Cryptography
Encrypted message
(ciphertext)
Encryption
E
Message
(cleartext,
plaintext)
X
X
key
Decryption
D
Message
(cleartext, plaintext)
E, D realize a virtual trusted channel, given key
10
Goals of Cryptography
Not just about confidentiality!
 Integrity
 Digital signatures
 Hash functions
 Non-repudiation, fair exchange
 Contract signing
 Anonymity
 Electronic cash
 Electronic voting
 …
Non-goals
 Denial of service
11
A Brief History of Cryptography
 ~2000 years ago: Substitution ciphers
 A few centuries later: Transposition ciphers
 Renaissance: Polyalphabetic ciphers
 1844: Mechanization
 1976: Public-key cryptography
12
A  C
B  E
D  F
…
X  A
Y  B
Z  C
Caesar’s
cipher:
Substitution Ciphers
Replace each letter with another
 Key: substitution table
 How to break it?
 Brute force? 26! possibilities (= 4x1026)
 Count the frequencies of letters, pairs, …
 Koran was tabulated by 1412
 Ciphertext is enough: ciphertext-only attack
 Example:
QVAQBCWZQRLWDVEFW
IAMINDECIPHERABLE
A
B
C
D
E
F
G







V
E
Z
C
W
G
O
H
I
J
K
L
M
N







L
Q
N
H
F
A
B
O
P
Q
R
S
T
U







S
R
I
D
U
Y
K
V
W
X
Y
Z





X
M
T
J
P
13
Renaissance Ciphers
Use message and key letters for cipher
 Key: a word (CRYPTO)
 Example:
WHATANICEDAYTODAY
+ CRYPTOCRYPTOCRYPT (mod 26)
ZZZJUCLUDTUNWGCQS
 Polyalphabetic cipher:
 Encryption of letter is context-dependent
 Seed of modern cryptography
14
Book Ciphers
Same thing but with very long key
 Key: a poem, a book, …
(TOBEORNOTTOBETHATISTHEQUESTION…)
 Example:
WHATANICEDAYTODAY
+ TOBEORNOTTOBETHAT
PVBXOEVQXWOZXHKAR
(mod 26)
 … there are not all that many famous
books, poems, etc.
15
One-Time Pad
Same thing, but now key is a infinite
random string
 Example:
WHATANICEDAYTODAY
+ YKSUFTGOARFWPFWEL (mod 26)


ZZZJUCLUDTUNWGCQS
This is a perfect cipher
How to remember/transmit the key??
 Short key stretched by means of a random
number generator
 Vernam cipher
 Use  (xor) to combine key and message
16
Book Ciphers
 Same thing, but now use a very long
key
17
Transposition Ciphers
k=
1 2 3 4 5
3 5 4 1 2
Switch letters around by a permutation
 Example: HELLOWORLD  LOLHERDLWO
 Key: permutation
 Breakable with ciphertext-only attack
18
More transposition
 Write code in rows and read it in
columns
THE GOAL OF SUBSITUTION IS CONFUSION
THEGOAL
OFSUBSI
TUTIONI
SCONFUS
IONXXXX
TOTSIHFUCOESTONGUINXOBOFXASNUXLIISX
 A very regular type of permutation
19
Confusion and Diffusion
Confusion
 Replace symbol with
another
Diffusion
 Mix up symbols
WHATANI
WHATANI
ZZZJUCL
ANWIHAT
Modern ciphers are a combination
20
The Enigma
Mechanization
 1844: invention of telegraph
 Beginning of civilian crypto
 Rotor machines
 Key: initial position of rotors
 Culminate in WW II
 1975: DES
 1996-2000 AES
 1976: Public key cryptography
We will
examine
in some
detail
21
Cryptographic Toolbox
 Encryption
 Symmetric
 Asymmetric
 Digests
 Hashing
 Digital signatures
 Certificates
22
Symmetric Encryption
Encryption
box
M
Decryption
box
Encrypted message
(ciphertext)
E
Message
(cleartext)
X
X
k
Secret key
D
M
Message
(cleartext)
Dk(Ek(m)) = m
23
Asymmetric Encryption
Encryption
Decryption
box
Ciphertext
E
M
box
X
X
Cleartext
k-1
k
Public data
D
Public key
M
Cleartext
Private key
k
Dk (Ek(m)) = m
-1
24
Digital Signatures
Signature
Verification
box
Signature
S
M
box
M, s
M, s
Message
k-1
k
Public data
k
V
signature key
M
Message
Verification key
true if s =Sk(m)
Vk-1 (m,s) =
false otherwise
25
Certificates
How do you know this public key is mine?
 Certificate
 Binding between key and owner
 Certified by authority
 Who is the authority?
 Public-key infrastructure
26
Message Digests
 Short message to certify integrity
 Un-keyed
 Checksums, hashes
 No crypto
 Anybody can calculate/modify it
 Keyed
 MACs
 Based on a secret key
 Only owners can calculate/modify it
27
Cryptanalysis
The art  science of breaking a cipher
 Try all possible plaintext corresponding to a
ciphertext
 Plain silly!
 Try all possible keys for an encryption algorithm
 Algorithm must be known
 Enormous space of keys
 Exploit weaknesses, regularities, shortcuts
 Side-channel attacks
 E.g., basic substitution cipher
28
What is “breaking a cipher”?
 Recover the key k
 Hard
 Often not needed!
 Decipher a single message
 Decipher all messages
 Modify messages
 “Attack at dawn”  “attack at dusk”
 Exploit properties of the cipher
29
Attack Models
Random
x
Ek(m)
m, x
Ciphertext Only
Chosen
Random
Ek(m)
m, x
Chosen Plaintext
Known Plaintext
Chosen
Dk(x)
x, m
Chosen Ciphertext
Good ciphers resist all attack models
30
Differential Power Analysis on DES
Sneaky Attacks
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Detail:
Round 2
 Obtain the key somehow
Round 3
From http://www.cryptography.com/dpa/technical
 Network sniffers, worms, backup tapes, …
 Blackmail, bribery, torture, …
Be careful!
 Side-channel cryptanalysis
 Power consumption  off-peak computation
 Encryption time
 random noise
 Radiation
 physical shielding
Better implementation and design
31
Related documents
Hwk #11
Hwk #11
Introduction to Computer and Network Security 15-349
Introduction to Computer and Network Security 15-349
CS361 Questions: Week 8
CS361 Questions: Week 8
CIS 5371 Cryptography Home Assignment 1
CIS 5371 Cryptography Home Assignment 1
INFA 723 Applied Cryptography
INFA 723 Applied Cryptography
VideoCase08:_Security
VideoCase08:_Security
Download
advertisement