Protocols and Practices in Using Encryption Chapter 4

378 views
308 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
378
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Protocols and Practices in Using Encryption Chapter 4

  1. 1. 11 CHAPTER 4CHAPTER 4 PROTOCOLS & PRACTICESPROTOCOLS & PRACTICES IN USING ENCRYPTIONIN USING ENCRYPTION
  2. 2. 2 IntroductionIntroduction What is a protocol?What is a protocol? Protocol is an orderly sequence of steps two orProtocol is an orderly sequence of steps two or more parties take to accomplish some task.more parties take to accomplish some task. Everyone using a protocol must agree to theEveryone using a protocol must agree to the protocol before using it.protocol before using it. People use protocols to regulate behavior forPeople use protocols to regulate behavior for mutual benefit.mutual benefit.
  3. 3. 3 IntroductionIntroduction Good protocol has the following characteristics:Good protocol has the following characteristics: (1)(1) Established in advanceEstablished in advance: the protocol is: the protocol is completely designed before it is used.completely designed before it is used. (2)(2) Mutually subscribedMutually subscribed: All parties to the protocol: All parties to the protocol agree to follow its steps, in order.agree to follow its steps, in order. (3)(3) UnambiguousUnambiguous: No party can fail to follow a: No party can fail to follow a step properly because the party hasstep properly because the party has misunderstood the step.misunderstood the step. (4)(4) CompleteComplete: For every situation that can occur: For every situation that can occur there is a prescribe action to be taken.there is a prescribe action to be taken.
  4. 4. 4 Types of ProtocolsTypes of Protocols There are three types of protocols:There are three types of protocols: Arbitrated protocolsArbitrated protocols Adjudicated protocolsAdjudicated protocols Self-enforcing protocolsSelf-enforcing protocols
  5. 5. 5 Types of ProtocolsTypes of Protocols Arbitrated ProtocolsArbitrated Protocols Arbitrator is a disinterested 3Arbitrator is a disinterested 3rdrd party trusted toparty trusted to complete a transaction between two distrustingcomplete a transaction between two distrusting parties.parties. Example: Buying and selling cars – banker orExample: Buying and selling cars – banker or lawyer is the arbitrator.lawyer is the arbitrator. In computer protocol, an arbitrator is aIn computer protocol, an arbitrator is a trustworthy 3trustworthy 3rdrd party who ensures fairness. Itparty who ensures fairness. It might be a person, a program or a machine.might be a person, a program or a machine.
  6. 6. 6 Arbitrated ProtocolsArbitrated Protocols
  7. 7. 7 Types of ProtocolsTypes of Protocols Arbitrated computer protocols have severalArbitrated computer protocols have several disadvantages:disadvantages: The two sides may not be able to find a neutral 3The two sides may not be able to find a neutral 3rdrd party that both sides trust. Suspicious users areparty that both sides trust. Suspicious users are rightfully suspicious of an unknown arbiter in arightfully suspicious of an unknown arbiter in a network.network. Maintaining the availability of an arbiter represents aMaintaining the availability of an arbiter represents a cost to the users or the network, that cost may becost to the users or the network, that cost may be high.high. For these reasons, an arbitrated protocol is avoided if possible!
  8. 8. 8 Types of ProtocolsTypes of Protocols Arbitrated computer protocols have severalArbitrated computer protocols have several disadvantages:disadvantages: Arbitration causes a time delay in communicationArbitration causes a time delay in communication because a third party must receive, act on and thenbecause a third party must receive, act on and then forward every transaction.forward every transaction. If the arbitration service is heavily used, it mayIf the arbitration service is heavily used, it may become a bottleneck in the network as many usersbecome a bottleneck in the network as many users try to access a single arbiter.try to access a single arbiter. Secrecy becomes vulnerable, because the arbiterSecrecy becomes vulnerable, because the arbiter has access to much sensitive information.has access to much sensitive information. For these reasons, an arbitrated protocol is avoided if possible!
  9. 9. 9 Types of ProtocolsTypes of Protocols Adjudicated ProtocolsAdjudicated Protocols The idea of adjudicator is similar to arbiter.The idea of adjudicator is similar to arbiter. With an adjudicated protocol enough data isWith an adjudicated protocol enough data is available for a disinterested 3available for a disinterested 3rdrd party to judgeparty to judge fairness based on the evidence.fairness based on the evidence. Not only can 3Not only can 3rdrd party determine whether twoparty determine whether two disputing parties acted fairly that is within thedisputing parties acted fairly that is within the rules of the protocol but the 3rules of the protocol but the 3rdrd party can alsoparty can also determine who cheated.determine who cheated.
  10. 10. 10 Types of ProtocolsTypes of Protocols Adjudicated ProtocolsAdjudicated Protocols Adjudicated protocols involve the services of aAdjudicated protocols involve the services of a 33rdrd party only in a case of a dispute.party only in a case of a dispute. Therefore, they are usually less costly in termsTherefore, they are usually less costly in terms of machine time or access to a trusted 3of machine time or access to a trusted 3rdrd partyparty software judge than arbitrated protocols.software judge than arbitrated protocols. However, adjudicated protocols detect a failureHowever, adjudicated protocols detect a failure to cooperate only after the failure has occurred.to cooperate only after the failure has occurred.
  11. 11. 11 Adjudicated ProtocolAdjudicated Protocol
  12. 12. 12 Types of ProtocolTypes of Protocol Self-Enforcing ProtocolsSelf-Enforcing Protocols A self-enforcing protocol is one that guaranteesA self-enforcing protocol is one that guarantees fairness.fairness. If either party tries to cheat, that fact becomesIf either party tries to cheat, that fact becomes evident to the other party.evident to the other party. No outsider is needed to ensure fairness.No outsider is needed to ensure fairness. Obviously, self-enforcing protocols areObviously, self-enforcing protocols are preferable to the other types.preferable to the other types. However, there is not a self-enforcing protocolHowever, there is not a self-enforcing protocol for every situation.for every situation.
  13. 13. 13 Self-Enforcing ProtocolSelf-Enforcing Protocol
  14. 14. 14 Protocol to Solve ProblemsProtocol to Solve Problems Cryptographic algorithms rely on the propertyCryptographic algorithms rely on the property that it is easy to encrypt and decrypt messagesthat it is easy to encrypt and decrypt messages with the appropriate keys but very hard to findwith the appropriate keys but very hard to find keys.keys. Therefore key management is really, reallyTherefore key management is really, really important!!!important!!!
  15. 15. 15 SymmetricSymmetric P --------------------P --------------------RR C = E(M, K)C = E(M, K) M = D(C, K)M = D(C, K)
  16. 16. 16 AssymmetricAssymmetric P----------------------------P----------------------------RR C = E(M, RC = E(M, Rpubpub)) M = D(C, RM = D(C, Rprivpriv)) M = D[E(M, RM = D[E(M, Rpubpub) R) Rprivpriv)])]
  17. 17. 17 AssymmetricAssymmetric P -------------------------P ------------------------- RR ConfidentialityConfidentiality – D[E(M, RD[E(M, Rpubpub), R), Rprivpriv]] AuthenticationAuthentication – D[E(M, Ppriv), PD[E(M, Ppriv), Ppubpub]]
  18. 18. 18 Protocol to Solve ProblemsProtocol to Solve Problems Several protocols developed for key distribution:Several protocols developed for key distribution: Symmetric key exchange with serverSymmetric key exchange with server Symmetric key exchange without serverSymmetric key exchange without server Asymmetric key exchange with serverAsymmetric key exchange with server Asymmetric key exchange without serverAsymmetric key exchange without server
  19. 19. 19 Protocol to Solve ProblemsProtocol to Solve Problems Assume that two users already each have a copy of aAssume that two users already each have a copy of a symmetric (secret) encryption key K known only to themsymmetric (secret) encryption key K known only to them – small messages is ok to use K.– small messages is ok to use K. But for greater security, they can agree to change keysBut for greater security, they can agree to change keys on a frequent basis even as often as a different key foron a frequent basis even as often as a different key for each message.each message. To do this, either one can generate a fresh key calledTo do this, either one can generate a fresh key called KKNEWNEW, encrypt it under K and send to the other., encrypt it under K and send to the other. K is called the “master key”K is called the “master key” KKNEWNEW is called the “traffic” or “session” key.is called the “traffic” or “session” key. Symmetric key exchange without serverSymmetric key exchange without server
  20. 20. 20 Block replay attack Assume two bank use fixed format on electronic exchange name of depositor account no transfer amount Suppose outsiders (Tipah) able to tap the data channel between these banks. The first day, Tipah has his bank transfer $10 on his behalf from one bank to another. (Tipah has account with both banks). The next day she does the same thing but the amount is $20. Why Knew?
  21. 21. 21 Assume that both transmissions were sent under the same encryption key. Tipah would noticed that the first two blocks encrypted were the same. So she know that the first two blocks are her name and her account no. The only different is the third block (the amount of money).
  22. 22. 22 By inserting data onto the transmission line, Tipah can now replace any person and account number with his own name and account number, leaving the amount alone. Tipah does not need to know who should be getting the money or how much is being obtained; Tipah simply changes name and account no to his own and watches the balance in his account grow. In ease, the interceptor does not necessarily have to break the encryption.
  23. 23. 23 Protocol to Solve ProblemsProtocol to Solve Problems Symmetric key exchange with serverSymmetric key exchange with server i. Please give me a key to communicate with Renee ii. Here’s a key for you and a copy for Renee iii. Renee, the distribution center gave me this key for our private communication. Renee Pablo Distribution Centre
  24. 24. 24 Protocol to Solve ProblemsProtocol to Solve Problems Disadvantage of this approach:Disadvantage of this approach: Two users must both share one key that isTwo users must both share one key that is unique to them.unique to them. Other pairs of users need unique keys andOther pairs of users need unique keys and in general n users need n(n-1)/2.in general n users need n(n-1)/2. Eg. 5 users –> 5(5-1)/2 = 10 keys.Eg. 5 users –> 5(5-1)/2 = 10 keys. Symmetric key exchange without serverSymmetric key exchange without server
  25. 25. 25 IssuesIssues 1.1. E(M, Rpub) – slow.E(M, Rpub) – slow. 2.2. E(Knew, Rpub) – no authentication.E(Knew, Rpub) – no authentication. Protocols to Solve ProblemsProtocols to Solve Problems Asymmetric key exchange without serverAsymmetric key exchange without server
  26. 26. 26 Protocols to Solve ProblemsProtocols to Solve Problems Suppose Pablo and Reene want to exchange aSuppose Pablo and Reene want to exchange a message, each has a public/private key pair and eachmessage, each has a public/private key pair and each has access to the others public key.has access to the others public key. Denote Ppub –> Pablo public key and Ppriv –> PabloDenote Ppub –> Pablo public key and Ppriv –> Pablo private key.private key. Rpub -> Renee public key and Rpriv -> Renee privateRpub -> Renee public key and Rpriv -> Renee private key.key. Pablo can send E(Knew, Rpub) directly to Reene.Pablo can send E(Knew, Rpub) directly to Reene. But how sure that E(Knew, Rpub) is from Pablo? ReeneBut how sure that E(Knew, Rpub) is from Pablo? Reene couldn’t tell that.couldn’t tell that. So to improve better – Pablo sends to Reene E(E(Knew,So to improve better – Pablo sends to Reene E(E(Knew, Ppriv), Rpub)Ppriv), Rpub) Asymmetric key exchange without serverAsymmetric key exchange without server
  27. 27. 27 Protocol to Solve ProblemsProtocol to Solve Problems Asymmetric key exchange with serverAsymmetric key exchange with server 1. Please give me Renee’s Public Key 2. Here is Renee Public Key 3. I’m Pablo, Lets talk 4. Please give me Pablo’s Public Key 5. Here is Pablo’s Public Key 6. Renee here what’s up? 7. How are you Distribution Centre Renee Pablo
  28. 28. 28 Protocol to Solve ProblemsProtocol to Solve Problems Distribution Center (DC) How do DC deals with keys? – publish its own public key widely – anybody wish to register, deliver the key and personal identity under the DC key Can have more than one center: – as backup, overload, if it doesn’t have the key, request from other DC – performance, size, reliability – must be available any time So, what gives us confidence that the keys registered are authentic?? That is, they belong to the people whose identification are associated.
  29. 29. 29 Protocol to Solve ProblemsProtocol to Solve Problems Certificate Develop ways for two people to establish trust without having both parties to be present. Trust coordinated => Certificate Authority Advantages and Disadvantages of Key Distribution Operational Restriction – availability of DC Trust – who must be trusted Protection from failure – anybody impersonate any entities Efficient Protocol – use several time-consuming steps for one-time use (establish an encryption key) Protocol – easy to implement or not (computer implementation vs manual use)
  30. 30. 30 Digital SignatureDigital Signature A Digital Signature is a protocol that produces the same effect as a real signature. It has the following characteristics: – Authentic : the recipient believes the signer deliberately signed the document – Unforgeable : the signature proves that the signer and nobody else signed the document – Single purpose : the signature is attached to the document and cannot be moved to a different one – Unalterable : after it has been signed, the document can no longer be changed. – Unrepudiable : after the fact, the signer cannot successfully deny having signed the document.
  31. 31. 31 How does Digital Signature Works?How does Digital Signature Works? Refer to extra notes…

×