• Cryptography is a mathematical method of protecting information – Cryptography is part of, but not equal to, security – Predated modern computing • In modern computing, crypto is used to
remediate deficiencies in the cyber space
• In this course, we do not study the math part of crypto; rather, we use cryptography primitives as “ black boxes.
the crypto primitives ” – Need to understand the fundamental properties of • Four primitives: – Cryptographic hash – Symmetric encryption – Asymmetric encryption – Digital signatures 3
• Build security protocols –
SSL/TLS • Build more complex security systems using the primitives –
Hash function: H(m) = c Variable-length messages, fixed-length checksum Properties: 1. Given m, easy to compute H(m) 2. Given c, hard to find m (preimage resistance) 3. Given m, hard to find another m ’ resistance) s.t. H(m ’ ) = H(m) (second-preimage 4. Hard to find m and m ’ s.t. H(m) = H(m ’ ) (collision resistance) Examples: MD5, SHA-1 5
• Provides integrity guarantee – If the message content is changed, the hash
• Hide information – Knowing the hash
reveal the input • N.B. Hash is NOT encryption!
– We are having an online “sealed first-price auction” – Everyone submits a bid in a chat-room – There is no trusted third party – Bids may be submitted at different times • Requirements: – The bids need to be secret before opening – The bids need to be binding after opening – Use cryptographic hash function to implement such a scheme 7
• A salt is a message that is typically concatenated to the Hash function’s input.
– Used to increase the input space of the hash – Increase the difficulty of brute-force attacks 8
(Secret-key Encryption) c =enc(m, K ) m=dec(c, K ) secret key Encryption and decryption use the same key Properties: 1. Given ciphertext, hard to infer plaintext (ciphertext only attack) 2. Ciphertext and plaintext known, hard to infer key (known-plaintext attack) 3. Access to encryption oracle, hard to infer key (chosen-plaintext attack) 4. Access to decryption oracle, hard to infer key (chosen-ciphertext attack) Examples: DES, AES 9
• Every pair of communicating parties need to establish a shared key • Leads to keys for
parties • Typically requires a key-management/key agreement scheme to be used in practice 10
(Public-key Encryption) Every party has a pair of keys:
Properties: (Public-key Encryption) By definition of public-key encryption 1. Given ciphertext, hard to infer plaintext (ciphertext only attack) 2. Ciphertext and plaintext known, hard to infer private key (known-plaintext attack) 3. Encryption oracle given, hard to infer private key (chosen-plaintext attack) 4. Decryption oracle given, hard to infer private key (chosen-ciphertext attack) 13
• Key generation – Creates the
– Much slower than symmetric-key encryption 14
PK B C=E(PK B , s) Alice Pick a random secret s s Bob s=D(SK B , C)
Based on public-key crypto.
Signing: Verification: sig= Sign(m, K priv ) Verify(sig, K pub, m) = True Properties: 1. Verification of the validity of a digital signature needs only the public key.
2. Only the owner of the corresponding private key can produce a valid signature Examples: RSA, DSA, El-Gamal 16
• Ensuring data authenticity – Sender signs the message, receiver verifies the signature • Providing non-repudiation – Digital signature serves as proof that the message is generated by the private-key holder 17
Hash with a shared key.
tag= MAC(m, K) Properties: 1. Only the holder of the key K can generate a valid MAC tag.
Examples: HMAC 18
• Set up public-key based authentication using SSH • Play with the various crypto primitives using OpenSSL ( http://www.openssl.org/ ) – The command-line tool documentation can be found at http://www.openssl.org/docs/apps/openssl.ht
ml – Openssl should be installed at most Unix systems. 19