Upcoming SlideShare
×

# Java Crypto

3,828
-1

Published on

Published in: Technology, Education
1 Like
Statistics
Notes
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

Views
Total Views
3,828
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
162
0
Likes
1
Embeds 0
No embeds

No notes for slide

### Java Crypto

1. 1. GS: Chapter 3 Encryption, Authentication and Java Cryptography
2. 2. Cryptography & Java <ul><li>Encryption </li></ul><ul><li>Authentication </li></ul><ul><li>Java Cryptography </li></ul>
3. 3. Encryption <ul><li>Encryption Basics: </li></ul><ul><ul><li>An algorithm ( or cipher) and a key are required in order to encrypt or decrypt messages. </li></ul></ul><ul><ul><li>Example: the Caesar cipher (p.34) </li></ul></ul><ul><ul><ul><li>A symmetric, stream cipher </li></ul></ul></ul><ul><ul><ul><li>Exercise: Encrypt “DDAY” using Caesar cipher (5). </li></ul></ul></ul><ul><ul><ul><li>Answer: “IIFD”. </li></ul></ul></ul><ul><ul><ul><li>Q: What is the algorithm? </li></ul></ul></ul><ul><ul><ul><li>Q: What is the key? </li></ul></ul></ul><ul><ul><ul><li>Q: How would the cipher be decrypted? </li></ul></ul></ul>
4. 4. Encryption <ul><li>Symmetric Encryptions: </li></ul><ul><ul><li>Both the encrypter and the decrypter share the same key. </li></ul></ul><ul><ul><li>Key space : The set of possible keys that work with a cipher; determined by the number of bits used in the cipher. </li></ul></ul><ul><ul><li>The larger the key space is, the more secure the encryption will be. </li></ul></ul><ul><ul><li>Each additional bit added to the key length doubles its security. </li></ul></ul>
5. 5. Encryption <ul><li>Symmetric Encryptions: </li></ul><ul><ul><li>Two types of symmetric ciphers: block ciphers and stream ciphers. </li></ul></ul><ul><ul><li>Examples of symmetric encryptions: </li></ul></ul><ul><ul><ul><li>DES (Data Encryption Standard) & TripleDES: block ciphers </li></ul></ul></ul><ul><ul><ul><li>Blowfish: a faster and more secure replacement of DES </li></ul></ul></ul><ul><ul><ul><li>RC4 (Rivest’s Code 4): a stream cipher </li></ul></ul></ul><ul><ul><ul><li>AES (Advanced Encryption Standard): a block cipher </li></ul></ul></ul>
6. 6. Encryption <ul><li>Limitations of Symmetric Encryptions: </li></ul><ul><ul><li>Key distribution can be a vulnerability. </li></ul></ul><ul><ul><li>If the key is exposed, the encrypted message and all future communication using the same key will suffer the eavesdropping attack . </li></ul></ul><ul><ul><li>Key management problems: distribution, update, revoking </li></ul></ul>
7. 7. Encryption <ul><li>Asymmetric Encryptions: </li></ul><ul><ul><li>Also known as ‘public key encryption’ </li></ul></ul><ul><ul><li>Messages encrypted with the public key can only be decrypted by the corresponding private key . </li></ul></ul><ul><ul><li>The public key can be made known to the public, but the private key is kept as secret and only known to the owner of the key. </li></ul></ul><ul><ul><li>Examples of asymmetric encryption algorithms: </li></ul></ul><ul><ul><ul><li>Merkel Hellman Knapsacks </li></ul></ul></ul><ul><ul><ul><li>RSA: Rivest, Shamir, Adleman </li></ul></ul></ul><ul><ul><ul><li>El Gamal </li></ul></ul></ul>
8. 8. Encryption <ul><li>Limitations of asymmetric Encryptions: </li></ul><ul><ul><li>Asymmetric encryption requires much larger keys than symmetric encryption. </li></ul></ul><ul><ul><ul><li>A 1024-bit asymmetric key ~= a 128-bit symmetric key </li></ul></ul></ul><ul><ul><ul><li>Why? </li></ul></ul></ul><ul><ul><li>Asymmetric encryption is much slower (~ 1000 times slower) than symmetric encryption. </li></ul></ul><ul><ul><li>It is subject to man-in-the-middle attack . </li></ul></ul><ul><ul><ul><li>Solution? Digital certificates (Ch. 6) </li></ul></ul></ul>
9. 9. Encryption <ul><li>Session-key Encryption </li></ul><ul><ul><li>A session-key is a symmetric key that is used to encrypt the plaintext message. The session key itself is encrypted using a public key. </li></ul></ul><ul><ul><li>Sender: </li></ul></ul><ul><ul><ul><li>C = Spub ( S ) + Sencrypt (message)  Recipient </li></ul></ul></ul><ul><ul><li>Recipient: </li></ul></ul><ul><ul><ul><li>Spriv ( Spub (S) )  S </li></ul></ul></ul><ul><ul><ul><li>Sdecrypt (Sencrypt (message))  message </li></ul></ul></ul><ul><ul><li>Alternatively, the session key may be assigned an expiration time and be used over several sessions. </li></ul></ul>
10. 10. Encryption <ul><li>Examples of Session-key Encryption </li></ul><ul><ul><li>PGP (Pretty Good Privacy): </li></ul></ul><ul><ul><ul><li>Originally (1991) used to encrypt e-mail using session-key encryption </li></ul></ul></ul><ul><ul><ul><li>Supports RSA, TripleDES, etc. </li></ul></ul></ul><ul><ul><ul><li>http://www. pgp .com/ </li></ul></ul></ul><ul><ul><li>S/MIME (Secure/MIME): </li></ul></ul><ul><ul><ul><li>Invented by RSA to secure e-mail </li></ul></ul></ul><ul><ul><ul><li>Backed by Microsoft, RSA, and AOL </li></ul></ul></ul><ul><ul><li>SSL/TLS (Secure Socket Layer/Transport Layer Security): Ch. 9 </li></ul></ul><ul><ul><ul><li>Originally an attempt to secure TCP/IP traffic using encryptions </li></ul></ul></ul>
11. 11. Encryption <ul><li>Key Agreement Algorithm </li></ul><ul><ul><li>A key agreement algorithm takes the private and the public keys of two distinct parties (Apriv + Bpub or Apub + Bpriv) and generates a common shared secret key , which is then used to generate a session key. See the diagram on p.41. </li></ul></ul><ul><ul><li>Diffie-Hellman Key Agreement Algorithm: The first ever public key encryption </li></ul></ul><ul><ul><li>Allows two parties to independently generate the shared key; The session key is never transmitted. </li></ul></ul><ul><ul><li>References: </li></ul></ul><ul><ul><ul><li>See http://www.apocalypse.org/pub/u/seven/diffie.html </li></ul></ul></ul><ul><ul><ul><li>IETF RFC2631: http://www.ietf.org/rfc/rfc2631.txt </li></ul></ul></ul>
12. 12. Encryption <ul><li>Strength of Encryption Algorithms </li></ul><ul><ul><li>Two factors: </li></ul></ul><ul><ul><ul><li>The algorithm used + </li></ul></ul></ul><ul><ul><ul><li>The size of the key space </li></ul></ul></ul><ul><ul><li>See the tables comparing symmetric ciphers (p.42) and asymmetric ciphers (p.43) </li></ul></ul>
13. 13. Alternative Data-hiding Methods <ul><ul><li>Steganography: hiding messages inside another message or in a picture. </li></ul></ul><ul><ul><ul><li>See “ Steganography : Hidden Data ”. By Deborah Radcliff. ComputerWorld . June 10, 2002. </li></ul></ul></ul><ul><ul><li>Elliptic Curve Cryptography (ECC): based on the elliptic curve logarithm problem; a more efficient public key encryption (faster, smaller key size) </li></ul></ul><ul><ul><ul><li>An intro: http://world.std.com/~dpj/elliptic.html </li></ul></ul></ul><ul><ul><li>Codes, one-time pads, etc. </li></ul></ul>
14. 14. Authentication <ul><li>The process of determining the authenticity of a message or user. </li></ul><ul><li>Methods: </li></ul><ul><li>Message Digest </li></ul><ul><ul><li>a check value generated from a document, usually generated by a hash function </li></ul></ul><ul><ul><li>to prove that the data in the document has not been tampered with. </li></ul></ul><ul><ul><li>Commonly used for password authentication (i.e., one-way authentication) </li></ul></ul><ul><ul><li>Examples: MD4, MD5, SHA (secure hash algorithm) </li></ul></ul><ul><ul><li>Any problem? Man-in-the-middle attack Why? </li></ul></ul>
15. 15. Authentication Methods <ul><li>MAC (Message Authentication Codes) </li></ul><ul><ul><li>A message digest created with a key </li></ul></ul><ul><ul><li>Typically used for data verification in a context where a secure connection is already available. </li></ul></ul><ul><ul><li>Example: SSL uses MACs to verify the data received, using a secret key that is exchanged at the beginning of the session. </li></ul></ul><ul><ul><li>Example MACs: </li></ul></ul><ul><ul><ul><li>HmacMD5 (Hashing MAC using MD5) </li></ul></ul></ul><ul><ul><ul><li>HmacSHA1 (Hashing MAC using SHA-1) </li></ul></ul></ul>
16. 16. Authentication Methods <ul><li>Digital Signatures </li></ul><ul><ul><li>Based on public key encryption </li></ul></ul><ul><ul><li>Computed with a person’s private key and verified with the person’s public key </li></ul></ul><ul><ul><li>An example of creating a digital signature: p.48 </li></ul></ul><ul><ul><ul><li>The sender applies a message digest algorithm to get a message digest (md) out of the message to be sent. </li></ul></ul></ul><ul><ul><ul><li>The message digest is then encrypted by the person’s private key. The ciphertext is the digital signature (ds). </li></ul></ul></ul><ul><ul><li>To check the digital signature: </li></ul></ul><ul><ul><ul><li>The recipient applies the digest algorithm to get a message digest (md-2). </li></ul></ul></ul><ul><ul><ul><li>The recipient decrypts the ds using the sender’s public key. </li></ul></ul></ul><ul><ul><ul><li>The output from step 2 is verified against md-2. </li></ul></ul></ul>
17. 17. Authentication Methods <ul><li>Digital Certificates </li></ul><ul><ul><li>Purpose: To authenticate a person’s public key </li></ul></ul><ul><ul><li>“ Vouching”: one party certifies that another party’s identity is authentic. e.g., passport, id cards </li></ul></ul><ul><ul><li>A digital certificate for A is A’s public key plus some identifying information, signed by the private key of a certification authority (CA) verifying A’s identity. </li></ul></ul><ul><ul><li>Other example usage of certificates: </li></ul></ul><ul><ul><ul><li>To authenticate a host/server (e.g., SSL certificates) </li></ul></ul></ul><ul><ul><ul><li>To sign and encrypt e-mail </li></ul></ul></ul>
18. 18. Authentication Methods <ul><li>Digital Certificates (Cont.) </li></ul><ul><ul><li>Certificates are often chained . That is, a CA may be authenticated by a root CA . </li></ul></ul><ul><ul><li>The top CA of a certificate chain must be self-signed. </li></ul></ul><ul><ul><li>Verisign has been accepted as the top CA. </li></ul></ul><ul><ul><li>Example of certificate chaining: Both Internet Explorer and Netscape Communicator include certificates from Verisign in their install. So when the browser makes an SSL connection to a server, if the server presents a certificate that is signed by Verisign, the server’s certificate will be automatically accepted. </li></ul></ul>
19. 19. Cryptanalysis <ul><li>The practice of analyzing and breaking cryptography </li></ul><ul><li>Mehtods: </li></ul><ul><ul><li>Brute force attack versus the key space </li></ul></ul><ul><ul><li>Common cryptanalytic tools: Frequency distribution, Digram/trigram study, IC, Repeated patterns, Probable letters </li></ul></ul><ul><ul><li>4 cryptanalytic cases: </li></ul></ul><ul><ul><ul><li>Ciphertext only  Ciphertext-only attack </li></ul></ul></ul><ul><ul><ul><li>Full or partial plaintext </li></ul></ul></ul><ul><ul><ul><ul><li>Known plaintext attack </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Probable plaintext analysis </li></ul></ul></ul></ul><ul><ul><ul><li>Ciphertext of any plaintext  Chosen plaintext attack </li></ul></ul></ul><ul><ul><ul><li>Algorithm + Ciphertext  Chosen ciphertext attack </li></ul></ul></ul>
20. 20. Key Management (storage) <ul><li>A dilemma: Keys must be securely stored while allowing users easy access when necessary. </li></ul><ul><li>A typical solution is to encrypt the stored keys with passwords and then protect the storage with the OS access control. </li></ul><ul><li>A key storage is an attractive target for attack. </li></ul><ul><li>The smart card solution: A smart card stores a private key and a certificate, which can be used to encrypt and/or decrypt information. </li></ul><ul><li>An example of smart card solution: See Protection of Keys (RSA vs nCipher) </li></ul>
21. 21. Cryptographical Protocols <ul><li>Cryptographical protocols determine the exact order and way in which each algorithm must be used in order to maximize security. </li></ul><ul><li>Examples of protocols: </li></ul><ul><ul><li>Distribution of keys, </li></ul></ul><ul><ul><li>Certificates, Digital signatures, </li></ul></ul><ul><ul><li>Key escrow, </li></ul></ul><ul><ul><li>Mental poker, </li></ul></ul><ul><ul><li>Electronic voting, </li></ul></ul><ul><ul><li>oblivious transfer, contract signing, </li></ul></ul><ul><ul><li>certified mail </li></ul></ul>
22. 22. JCA/JCE <ul><li>Java Cryptography Architecture (JCA) is part of the Java 2 run-time environment.  java.security.* </li></ul><ul><li>JCE (Java Cryptography Extension), on the other hand, is an extension to the JCA. JCE adds encryption and decryption APIs to the JCA.  java.crypto.* </li></ul><ul><li>Major classes defined in JCA: </li></ul><ul><ul><li>MessageDigest, Signature, KeyPairGenerator, KeyFactory, CertificateFactory, KeyStore, AlgorithmParameters, AlgorithmParameterGenerator, SecureRandom, … </li></ul></ul>
23. 23. JCA/JCE <ul><li>A cryptographic service provider implements various cryptographic algorithms. </li></ul><ul><li>See page 54 for a list of algorithms implemented in the SUN provider (sun.security.provider.Sun), Java 2 (v1.2). </li></ul><ul><li>A second provider, the RSAJCA provider (com.sun.rsajca.Provider) is shipped with JDK v1.3, to provide RSA-specific cryptos. </li></ul>
24. 24. JCA <ul><li>An example of using MessageDigest in the JCA: </li></ul><ul><ul><li>Get an instance of a message digest. </li></ul></ul><ul><ul><ul><li>MessageDigest myMessageDigest = </li></ul></ul></ul><ul><ul><ul><li>MessageDigest. getInstance (“MD5”); </li></ul></ul></ul><ul><ul><ul><li>Or MessageDigest myMessageDigest = </li></ul></ul></ul><ul><ul><ul><li>MessageDigest.getInstance (“MD5”,”Sun”); </li></ul></ul></ul><ul><ul><li>Add data to be digested. </li></ul></ul><ul><ul><ul><li>myMessageDigest. update (myData); </li></ul></ul></ul><ul><ul><li>Get the digest. </li></ul></ul><ul><ul><ul><li>byte [ ] signatureBytes = </li></ul></ul></ul><ul><ul><ul><li>myMessageDigest. digest ( ); </li></ul></ul></ul>
25. 25. JCE <ul><li>Major JCE classes: </li></ul><ul><ul><li>Cipher, KeyAgreement, KeyGenerator, MAC, SecretKey, SecretKeyFactory </li></ul></ul><ul><li>JCE needs to be separately downloaded and installed if you have JDK older than v1.4.  For JDK1.4 or higher, JCE is an integrated component.   </li></ul><ul><li>See http://java.sun.com/products/ jce /index-14.html for more details. </li></ul>
26. 26. JCE <ul><li>Installation of JCE security provider </li></ul><ul><li>Sample programs: http://nas.cl.uh.edu/yang/teaching/csci5931webSecurity/JCE%20provider.htm </li></ul><ul><li>Visit http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html and download all the sample programs from the book. </li></ul>
27. 27. Next <ul><li>Symmetric Encryption (GS: 4) </li></ul><ul><li>Asymmetric Encryption (GS: 5) </li></ul>
1. #### A particular slide catching your eye?

Clipping is a handy way to collect important slides you want to go back to later.