SlideShare a Scribd company logo

sheet2.pdf

A
aminasouyah

sheet2

Engineering
1 of 21
Download to read offline
January 10, 2012 1 Cryptography and Network Security Lecture 1: Introduction Ion Petre Department of IT, Åbo Akademi University Spring 2012 http://users.abo.fi/ipetre/crypto/
January 10, 2012 2 Motto “Unfortunately, the technical wizardry enabling remote collaborations is founded on broadcasting everything as sequences of zeros and ones that one's dog wouldn't recognize.  What is to distinguish a digital dollar when it is as easily reproducible as the spoken word?  How do we converse privately when every syllable is bounced on a satellite and smeared over an entire continent?  How should a bank know that it really is Bill Gates requesting from his laptop in Fiji a transfer of $10,000,000,000 to another bank? Fortunately, the magical mathematics of cryptography can help. Cryptography provides techniques for keeping information secret, for determining that information has not been tampered with, and for determining who authored pieces of information.” Ronald Rivest Foreword to Handbook of Applied Cryptography
January 10, 2012 3 Why do we need cryptography?  Computers are used by millions of people for many purposes  Banking  Shopping  Tax returns  Protesting  Military  Student records  …  Privacy is a crucial issue in many of these applications  Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
January 10, 2012 4 Security issues  The world before computers was in some ways much simpler  Signing, legalizing a paper would authenticate it  Photocopying easily detected  Erasing, inserting, modifying words on a paper document easily detectable  Secure transmission of a document: seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)  One can recognize each other’s face, voice, hand signature, etc.  Electronic world: the ability to copy and alter information has changed dramatically  No difference between an “original” file and copies of it  Removing a word from a file or inserting others is undetectable  Adding a signature to the end of a file/email: one can impersonate it – add it to other files as well, modify it, etc.  Electronic traffic can be (and is!) monitored, altered, often without noticing  How to authenticate the person electronically communicating with you
January 10, 2012 5 Possible adversaries  Student: to have fun snooping on other people’s email  Cracker: to test out someone’s security system, to steal data  Businessman: to discover a competitor’s strategic marketing plan  Ex-employee: to get revenge for being fired  Accountant: to embezzle money from a company  Stockbroker: to deny a promise made to a customer by email  Convict: to steal credit card numbers for sale  Spy: to learn an enemy’s military or industrial secrets  Terrorist: to steal germ warfare secrets  Point to make: making a network or a communication secure involves more than just keeping it free of programming errors  It involves outsmarting often intelligent, dedicated and often well-funded adversaries
January 10, 2012 6 Security issues: some practical situations  A sends a file to B: E intercepts it and reads it  How to send a file that looks gibberish to all but the intended receiver?  A send a file to B: E intercepts it, modifies it, and then forwards it to B  How to make sure that the document has been received in exactly the form it has been sent  E sends a file to B pretending it is from A  How to make sure your communication partner is really who (s)he claims to be  A sends a message to B: E is able to delay the message for a while  How to detect old messages  A sends a message to B. Later A (or B) denies having sent (received) the message  How to deal with electronic contracts  E learns which user accesses which information although the information itself remains secure  E prevents communication between A and B: B will reject any message from A because they look unauthentic
January 10, 2012 7 Classes of network security problems  Secrecy (or confidentiality)  Keep the information out of the hands of unauthorized users, even if it has to travel over insecure links  Authentication  Determine whom you are talking to before revealing sensitive information  Non-repudiation (or signatures)  Prove that the order was to buy X litres of alcohol at the price before the taxes fell down and not the price after. Prove also that the order indeed existed  Data integrity (or message authentication)  Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
January 10, 2012 8 Basic situation in cryptography
January 10, 2012 9 Basic situation in cryptography  A(lice) sends a message (or file) to B(ob) through an open channel (say, Internet), where E(vil, nemy) tries to read or change the message  A will encrypt the plaintext using a key transforming it into a “unreadable” cryptotext  This operation must be computationally easy  B also has a key (say, the same key) and decrypts the cryptotext to get the plaintext  This operation must be computationally easy  E tries to cryptanalyze: deduce the plaintext (and the key) knowing only the cryptotext  This operation should be computationally difficult  We will use cryptography to cover both the design of secure systems and their cryptanalysis – cryptology is also used sometimes  Do not think in terms of good guys do cryptography and bad guys do cryptanalysis
January 10, 2012 10 Cryptography – some types of systems  Depending on the type of operations in the encryption/decryption  Based on substitutions: elements in the plaintext are replaced by other elements  Based on transpositions: elements in the plaintext are re-arranged  Number of keys used  Symmetric systems (also known as single-key, secret-key, or conventional systems)  Asymmetric systems (also known as two-key, public-key, or unconventional systems)  The way the plaintext is processed  Block ciphers: plaintext split into blocks processed separately  Stream ciphers: plaintext processed continuously
January 10, 2012 11 Cryptanalysis – types of attacks  Fundamental rule: one must always assume that the attacker knows the methods for encryption and decryption; he is only looking for the keys  Creating a new cryptographic method is a very complex process involving many people – difficult to keep it confidential  Bonus for publishing the methods: people will try to break it for you (for free!)  Passive attack: the attacker only monitors the traffic attacking the confidentiality of the data  Active attack: the adversary attempts to alter the transmission attacking data integrity, confidentiality, and authentication.  Cryptanalysis: rely on the details of the encryption algorithm plus perhaps some knowledge about the general characteristics of the plaintext – sometimes the plaintext is known and the key is being looked for  Brute-force attack: try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
Key Size (bits) Number of Alternative Keys Time required at 1 decryption/µs Time required at 106 decryptions/µs 32 232 = 4.3 × 109 231 µs = 35.8 minutes 2.15 milliseconds 56 256 = 7.2 × 1016 255 µs = 1142 years 10.01 hours 128 2128 = 3.4 × 1038 2127 µs = 5.4 × 1024 years 5.4 × 1018 years 168 2168 = 3.7 × 1050 2167 µs = 5.9 × 1036 years 5.9 × 1030 years 26 characters (permutation) 26! = 4 × 1026 2 × 1026 µs = 6.4 × 1012 years 6.4 × 106 years January 10, 2012 12 Source: W.Stallings Cryptography and network security, 5th edition, 2011 (Table 2.2).
January 10, 2012 13 Attacks on encryption schemes Type of attack Known to cryptanalyst Ciphertext only  Encryption algorithm  Ciphertext Known plaintext  Encryption algorithm  One or more pairs plaintext-ciphertext Chosen plaintext  Encryption algorithm  One or more pairs plaintext-ciphertext, with the plaintext chosen by the attacker Chosen ciphertext  Encryption algorithm  Several pairs plaintext-ciphertext, ciphertext chosen by the attacker
January 10, 2012 14 Attacks on protocols  Known-key attack: obtain some previous keys and use the information to get the new ones  Replay: the adversary records a communication session and replays the entire session or portions of it at a later time  Impersonation: adversary assume the identity of a legitimate user  Dictionary: the attacker has a list of probable passwords, hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
January 10, 2012 15 How secure is secure?  Evaluating the security of a system is a crucial and most difficult task  Unconditionally secure system  If the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext: any plaintext may be mapped into that ciphertext with a suitable key  Consequently, the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there!  Bad news: only one known system has this property: one-time pad  Complexity-theoretic security  Consider a model of computation (e.g., Turing machine) and adversaries modeled as having polynomial computational power  Consider the weakest possible assumptions and the strongest possible attacker and do worst-case or at least average-case analysis
January 10, 2012 16 How secure is secure?  Provable security  Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (e.g., from Number Theory)  Computationally secure  The (perceived) cost of breaking the system exceeds the value of the encrypted information  The (perceived) time required to break the system exceeds the useful lifetime of the information
January 10, 2012 17 How large is large? Reference Order of magnitude Seconds in a year ≈ 3 x 107 Age of our solar system (years) ≈ 6 x 109 Seconds since creation of solar system ≈ 2 x 1017 Clock cycles per year, 3 GHz computer ≈ 9.6 x 1016 Binary strings of length 64 264 ≈ 1.8 x 1019 Binary strings of length 128 2128 ≈ 3.4 x 1038 Binary strings of length 256 2256 ≈ 1.2 x 1077 Number of 75-digit prime numbers ≈ 5.2 x 1072 Electrons in the universe ≈ 8.37 x 1077 Adapted from Handbook of Applied Cryptography (A.Menezes, P.van Oorschot, S.Vanstone), 1996
January 10, 2012 18 Overview of the course  I. CRYPTOGRAPHY  Secret-key cryptography  Classical encryption techniques  DES, AES, RC5, RC4  Public-key cryptography  RSA  Key management  II. AUTHENTICATION  MAC  Hashes and message digests  Digital signatures  Kerberos  III. NETWORK SECURITY  Email security  IP security  Web security (SSL, secure electronic transactions)  Firewalls  Wireless security  IV. OTHER ISSUES  Viruses  Digital cash  Secret sharing schemes  Zero-knowledge techniques
January 10, 2012 19 About the course  The goal of this course is to present the basic ideas and concepts of cryptography and network security  Huge amount of interesting/useful/challenging issues skipped  This should be thought of as an “Introduction to…” course  We will go occasionally into considerations of more advanced math (finite fields, modular arithmetic, number theory)  No surprise here: the whole idea of cryptography is centered around difficult problems that cannot be solved unless a trap-door (key) is known  No assumptions made on the math background – all notions will be introduced whenever needed  No need to be taken aback by the math part
January 10, 2012 20 Administrative details  Webpage: http://users.abo.fi/ipetre/crypto/  Email address: ion.petre@abo.fi  Exam: 30 points for maximum mark, 15 to pass  Not necessarily interested in the full details of the algorithms/protocols  Rather on the structure of an algorithm/protocol, the rationale behind that structure  Breaking or designing simple systems (simple enough for paper and pencil only)  Ideas, notions, etc.  Course book: W. Stallings – “Cryptography and network security”  Other useful books:  C.Kaufman, R.Perlamn, M.Speciner – “Network security. Private communication in a public world”  W.Trappe, L.Washington – “Introduction to cryptography with coding theory”  See the course website for more suggested reading
January 10, 2012 21 Challenges  No exercises  Optional assignments offering a number of points  If one collects sufficiently many points, (s)he may skip exam  Protocol  announce the challenge at the end of a lecture  allow for a couple of days before the data is published on the course website  award the points to the first N correct answers received in the lecturer’s inbox (email only!) before a deadline

Recommended

Data+security+sp10
Data+security+sp10Data+security+sp10
Data+security+sp10ismaelhaider
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy ExamLisa Olive
 
Security.pptx
Security.pptxSecurity.pptx
Security.pptxjohn6938
 
Op Sy 03 Ch 61a
Op Sy 03 Ch 61aOp Sy 03 Ch 61a
Op Sy 03 Ch 61a Google
 
Security pre
Security preSecurity pre
Security premissstevenson01
 
Cryptography
CryptographyCryptography
CryptographySajal Agarwal
 
Unit - I cyber security fundamentals part -1.pptx
Unit - I cyber security fundamentals part -1.pptxUnit - I cyber security fundamentals part -1.pptx
Unit - I cyber security fundamentals part -1.pptxkarthikaparthasarath
 
How encryption works
How encryption worksHow encryption works
How encryption worksRaxTonProduction
 

Recommended

Data+security+sp10
Data+security+sp10Data+security+sp10
Data+security+sp10ismaelhaider
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy ExamLisa Olive
 
Security.pptx
Security.pptxSecurity.pptx
Security.pptxjohn6938
 
Op Sy 03 Ch 61a
Op Sy 03 Ch 61aOp Sy 03 Ch 61a
Op Sy 03 Ch 61a Google
 
Security pre
Security preSecurity pre
Security premissstevenson01
 
Cryptography
CryptographyCryptography
CryptographySajal Agarwal
 
Unit - I cyber security fundamentals part -1.pptx
Unit - I cyber security fundamentals part -1.pptxUnit - I cyber security fundamentals part -1.pptx
Unit - I cyber security fundamentals part -1.pptxkarthikaparthasarath
 
How encryption works
How encryption worksHow encryption works
How encryption worksRaxTonProduction
 
E comm jatin
E comm jatinE comm jatin
E comm jatinJatin Mandhyan
 
Information Security
Information SecurityInformation Security
Information SecurityPresentaionslive.blogspot.com
 
Discussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docxDiscussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docxJeniceStuckeyoo
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 
Cryptography
CryptographyCryptography
Cryptographyamiable_indian
 
chapter 7.pptx
chapter 7.pptxchapter 7.pptx
chapter 7.pptxMelkamtseganewTigabi1
 
Unit 1 QB.docx
Unit 1 QB.docxUnit 1 QB.docx
Unit 1 QB.docxkarthikaparthasarath
 
Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]Md. Fazla Rabbi
 
Itc chapter # 11
Itc chapter # 11Itc chapter # 11
Itc chapter # 11National university of modern languages
 
F16 cs61 cryptography
F16 cs61 cryptographyF16 cs61 cryptography
F16 cs61 cryptographyMuhammadalizardari
 
Week12
Week12Week12
Week12Ma310Shi
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
 
E-Commerce security
E-Commerce security E-Commerce security
E-Commerce security Tawhid Rahman
 
The ultimate privacy guide
The ultimate privacy guideThe ultimate privacy guide
The ultimate privacy guideJD Liners
 
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docxChapter 8Secret and Public KeysChapter 8 OverviewManag.docx
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docxbartholomeocoombs
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastechAbdulafeez Fasasi
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 
Cryptography
CryptographyCryptography
CryptographyS.M. Towhidul Islam
 
paper10.pdf
paper10.pdfpaper10.pdf
paper10.pdfaminasouyah
 
paper9.pdf
paper9.pdfpaper9.pdf
paper9.pdfaminasouyah
 
paper8.pdf
paper8.pdfpaper8.pdf
paper8.pdfaminasouyah
 
paper7.pdf
paper7.pdfpaper7.pdf
paper7.pdfaminasouyah
 

More Related Content

Similar to sheet2.pdf

Discussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docxDiscussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docxJeniceStuckeyoo
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 
Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]Md. Fazla Rabbi
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
 
E-Commerce security
E-Commerce security E-Commerce security
E-Commerce security Tawhid Rahman
 
The ultimate privacy guide
The ultimate privacy guideThe ultimate privacy guide
The ultimate privacy guideJD Liners
 
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docxChapter 8Secret and Public KeysChapter 8 OverviewManag.docx
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docxbartholomeocoombs
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithmsijtsrd
 

Similar to sheet2.pdf (18)

E comm jatin
E comm jatinE comm jatin
E comm jatin
 
Information Security
Information SecurityInformation Security
Information Security
 
Discussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docxDiscussion Question Contrast file encryption and volume encryptio.docx
Discussion Question Contrast file encryption and volume encryptio.docx
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
 
Cryptography
CryptographyCryptography
Cryptography
 
chapter 7.pptx
chapter 7.pptxchapter 7.pptx
chapter 7.pptx
 
Unit 1 QB.docx
Unit 1 QB.docxUnit 1 QB.docx
Unit 1 QB.docx
 
Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]
 
Itc chapter # 11
Itc chapter # 11Itc chapter # 11
Itc chapter # 11
 
F16 cs61 cryptography
F16 cs61 cryptographyF16 cs61 cryptography
F16 cs61 cryptography
 
Week12
Week12Week12
Week12
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network Security
 
E-Commerce security
E-Commerce security E-Commerce security
E-Commerce security
 
The ultimate privacy guide
The ultimate privacy guideThe ultimate privacy guide
The ultimate privacy guide
 
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docxChapter 8Secret and Public KeysChapter 8 OverviewManag.docx
Chapter 8Secret and Public KeysChapter 8 OverviewManag.docx
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastech
 
Performance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish AlgorithmsPerformance Comparison of File Security System using TEA and Blowfish Algorithms
Performance Comparison of File Security System using TEA and Blowfish Algorithms
 
Cryptography
CryptographyCryptography
Cryptography
 

More from aminasouyah

More from aminasouyah (20)

paper10.pdf
paper10.pdfpaper10.pdf
paper10.pdf
 
paper9.pdf
paper9.pdfpaper9.pdf
paper9.pdf
 
paper8.pdf
paper8.pdfpaper8.pdf
paper8.pdf
 
paper7.pdf
paper7.pdfpaper7.pdf
paper7.pdf
 
paper6.pdf
paper6.pdfpaper6.pdf
paper6.pdf
 
paper5.pdf
paper5.pdfpaper5.pdf
paper5.pdf
 
paper4.pdf
paper4.pdfpaper4.pdf
paper4.pdf
 
paper3.pdf
paper3.pdfpaper3.pdf
paper3.pdf
 
paper2.pdf
paper2.pdfpaper2.pdf
paper2.pdf
 
paper1.pdf
paper1.pdfpaper1.pdf
paper1.pdf
 
sheet7.pdf
sheet7.pdfsheet7.pdf
sheet7.pdf
 
sheet6.pdf
sheet6.pdfsheet6.pdf
sheet6.pdf
 
sheet5.pdf
sheet5.pdfsheet5.pdf
sheet5.pdf
 
sheet4.pdf
sheet4.pdfsheet4.pdf
sheet4.pdf
 
sheet3.pdf
sheet3.pdfsheet3.pdf
sheet3.pdf
 
sheet1.pdf
sheet1.pdfsheet1.pdf
sheet1.pdf
 
doc4.pdf
doc4.pdfdoc4.pdf
doc4.pdf
 
doc7.pdf
doc7.pdfdoc7.pdf
doc7.pdf
 
doc6.pdf
doc6.pdfdoc6.pdf
doc6.pdf
 
doc5.pdf
doc5.pdfdoc5.pdf
doc5.pdf
 

Recently uploaded

Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfme23b1001
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
pipeline in computer architecture design
pipeline in computer architecture designpipeline in computer architecture design
pipeline in computer architecture designssuser87fa0c1
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
DATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage exampleDATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage examplePragyanshuParadkar1
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)Dr SOUNDIRARAJ N
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfAsst.prof M.Gokilavani
 

Recently uploaded (20)

Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdf
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
pipeline in computer architecture design
pipeline in computer architecture designpipeline in computer architecture design
pipeline in computer architecture design
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
POWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examplesPOWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examples
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
DATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage exampleDATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage example
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
 

sheet2.pdf

  • 1. January 10, 2012 1 Cryptography and Network Security Lecture 1: Introduction Ion Petre Department of IT, Åbo Akademi University Spring 2012 http://users.abo.fi/ipetre/crypto/
  • 2. January 10, 2012 2 Motto “Unfortunately, the technical wizardry enabling remote collaborations is founded on broadcasting everything as sequences of zeros and ones that one's dog wouldn't recognize.  What is to distinguish a digital dollar when it is as easily reproducible as the spoken word?  How do we converse privately when every syllable is bounced on a satellite and smeared over an entire continent?  How should a bank know that it really is Bill Gates requesting from his laptop in Fiji a transfer of $10,000,000,000 to another bank? Fortunately, the magical mathematics of cryptography can help. Cryptography provides techniques for keeping information secret, for determining that information has not been tampered with, and for determining who authored pieces of information.” Ronald Rivest Foreword to Handbook of Applied Cryptography
  • 3. January 10, 2012 3 Why do we need cryptography?  Computers are used by millions of people for many purposes  Banking  Shopping  Tax returns  Protesting  Military  Student records  …  Privacy is a crucial issue in many of these applications  Security is to make sure that nosy people cannot read or secretly modify messages intended for other recipients
  • 4. January 10, 2012 4 Security issues  The world before computers was in some ways much simpler  Signing, legalizing a paper would authenticate it  Photocopying easily detected  Erasing, inserting, modifying words on a paper document easily detectable  Secure transmission of a document: seal it and use a reasonable mail carrier (hoping the mail train does not get robbed)  One can recognize each other’s face, voice, hand signature, etc.  Electronic world: the ability to copy and alter information has changed dramatically  No difference between an “original” file and copies of it  Removing a word from a file or inserting others is undetectable  Adding a signature to the end of a file/email: one can impersonate it – add it to other files as well, modify it, etc.  Electronic traffic can be (and is!) monitored, altered, often without noticing  How to authenticate the person electronically communicating with you
  • 5. January 10, 2012 5 Possible adversaries  Student: to have fun snooping on other people’s email  Cracker: to test out someone’s security system, to steal data  Businessman: to discover a competitor’s strategic marketing plan  Ex-employee: to get revenge for being fired  Accountant: to embezzle money from a company  Stockbroker: to deny a promise made to a customer by email  Convict: to steal credit card numbers for sale  Spy: to learn an enemy’s military or industrial secrets  Terrorist: to steal germ warfare secrets  Point to make: making a network or a communication secure involves more than just keeping it free of programming errors  It involves outsmarting often intelligent, dedicated and often well-funded adversaries
  • 6. January 10, 2012 6 Security issues: some practical situations  A sends a file to B: E intercepts it and reads it  How to send a file that looks gibberish to all but the intended receiver?  A send a file to B: E intercepts it, modifies it, and then forwards it to B  How to make sure that the document has been received in exactly the form it has been sent  E sends a file to B pretending it is from A  How to make sure your communication partner is really who (s)he claims to be  A sends a message to B: E is able to delay the message for a while  How to detect old messages  A sends a message to B. Later A (or B) denies having sent (received) the message  How to deal with electronic contracts  E learns which user accesses which information although the information itself remains secure  E prevents communication between A and B: B will reject any message from A because they look unauthentic
  • 7. January 10, 2012 7 Classes of network security problems  Secrecy (or confidentiality)  Keep the information out of the hands of unauthorized users, even if it has to travel over insecure links  Authentication  Determine whom you are talking to before revealing sensitive information  Non-repudiation (or signatures)  Prove that the order was to buy X litres of alcohol at the price before the taxes fell down and not the price after. Prove also that the order indeed existed  Data integrity (or message authentication)  Make sure that the message received was exactly the message you sent (not necessarily interested here in the confidentiality of the document)
  • 8. January 10, 2012 8 Basic situation in cryptography
  • 9. January 10, 2012 9 Basic situation in cryptography  A(lice) sends a message (or file) to B(ob) through an open channel (say, Internet), where E(vil, nemy) tries to read or change the message  A will encrypt the plaintext using a key transforming it into a “unreadable” cryptotext  This operation must be computationally easy  B also has a key (say, the same key) and decrypts the cryptotext to get the plaintext  This operation must be computationally easy  E tries to cryptanalyze: deduce the plaintext (and the key) knowing only the cryptotext  This operation should be computationally difficult  We will use cryptography to cover both the design of secure systems and their cryptanalysis – cryptology is also used sometimes  Do not think in terms of good guys do cryptography and bad guys do cryptanalysis
  • 10. January 10, 2012 10 Cryptography – some types of systems  Depending on the type of operations in the encryption/decryption  Based on substitutions: elements in the plaintext are replaced by other elements  Based on transpositions: elements in the plaintext are re-arranged  Number of keys used  Symmetric systems (also known as single-key, secret-key, or conventional systems)  Asymmetric systems (also known as two-key, public-key, or unconventional systems)  The way the plaintext is processed  Block ciphers: plaintext split into blocks processed separately  Stream ciphers: plaintext processed continuously
  • 11. January 10, 2012 11 Cryptanalysis – types of attacks  Fundamental rule: one must always assume that the attacker knows the methods for encryption and decryption; he is only looking for the keys  Creating a new cryptographic method is a very complex process involving many people – difficult to keep it confidential  Bonus for publishing the methods: people will try to break it for you (for free!)  Passive attack: the attacker only monitors the traffic attacking the confidentiality of the data  Active attack: the adversary attempts to alter the transmission attacking data integrity, confidentiality, and authentication.  Cryptanalysis: rely on the details of the encryption algorithm plus perhaps some knowledge about the general characteristics of the plaintext – sometimes the plaintext is known and the key is being looked for  Brute-force attack: try every possible key on the ciphertext until an intelligible translation into a plaintext is obtained
  • 12. Key Size (bits) Number of Alternative Keys Time required at 1 decryption/µs Time required at 106 decryptions/µs 32 232 = 4.3 × 109 231 µs = 35.8 minutes 2.15 milliseconds 56 256 = 7.2 × 1016 255 µs = 1142 years 10.01 hours 128 2128 = 3.4 × 1038 2127 µs = 5.4 × 1024 years 5.4 × 1018 years 168 2168 = 3.7 × 1050 2167 µs = 5.9 × 1036 years 5.9 × 1030 years 26 characters (permutation) 26! = 4 × 1026 2 × 1026 µs = 6.4 × 1012 years 6.4 × 106 years January 10, 2012 12 Source: W.Stallings Cryptography and network security, 5th edition, 2011 (Table 2.2).
  • 13. January 10, 2012 13 Attacks on encryption schemes Type of attack Known to cryptanalyst Ciphertext only  Encryption algorithm  Ciphertext Known plaintext  Encryption algorithm  One or more pairs plaintext-ciphertext Chosen plaintext  Encryption algorithm  One or more pairs plaintext-ciphertext, with the plaintext chosen by the attacker Chosen ciphertext  Encryption algorithm  Several pairs plaintext-ciphertext, ciphertext chosen by the attacker
  • 14. January 10, 2012 14 Attacks on protocols  Known-key attack: obtain some previous keys and use the information to get the new ones  Replay: the adversary records a communication session and replays the entire session or portions of it at a later time  Impersonation: adversary assume the identity of a legitimate user  Dictionary: the attacker has a list of probable passwords, hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match
  • 15. January 10, 2012 15 How secure is secure?  Evaluating the security of a system is a crucial and most difficult task  Unconditionally secure system  If the ciphertext does not contain enough information to determine uniquely the corresponding ciphertext: any plaintext may be mapped into that ciphertext with a suitable key  Consequently, the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there!  Bad news: only one known system has this property: one-time pad  Complexity-theoretic security  Consider a model of computation (e.g., Turing machine) and adversaries modeled as having polynomial computational power  Consider the weakest possible assumptions and the strongest possible attacker and do worst-case or at least average-case analysis
  • 16. January 10, 2012 16 How secure is secure?  Provable security  Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (e.g., from Number Theory)  Computationally secure  The (perceived) cost of breaking the system exceeds the value of the encrypted information  The (perceived) time required to break the system exceeds the useful lifetime of the information
  • 17. January 10, 2012 17 How large is large? Reference Order of magnitude Seconds in a year ≈ 3 x 107 Age of our solar system (years) ≈ 6 x 109 Seconds since creation of solar system ≈ 2 x 1017 Clock cycles per year, 3 GHz computer ≈ 9.6 x 1016 Binary strings of length 64 264 ≈ 1.8 x 1019 Binary strings of length 128 2128 ≈ 3.4 x 1038 Binary strings of length 256 2256 ≈ 1.2 x 1077 Number of 75-digit prime numbers ≈ 5.2 x 1072 Electrons in the universe ≈ 8.37 x 1077 Adapted from Handbook of Applied Cryptography (A.Menezes, P.van Oorschot, S.Vanstone), 1996
  • 18. January 10, 2012 18 Overview of the course  I. CRYPTOGRAPHY  Secret-key cryptography  Classical encryption techniques  DES, AES, RC5, RC4  Public-key cryptography  RSA  Key management  II. AUTHENTICATION  MAC  Hashes and message digests  Digital signatures  Kerberos  III. NETWORK SECURITY  Email security  IP security  Web security (SSL, secure electronic transactions)  Firewalls  Wireless security  IV. OTHER ISSUES  Viruses  Digital cash  Secret sharing schemes  Zero-knowledge techniques
  • 19. January 10, 2012 19 About the course  The goal of this course is to present the basic ideas and concepts of cryptography and network security  Huge amount of interesting/useful/challenging issues skipped  This should be thought of as an “Introduction to…” course  We will go occasionally into considerations of more advanced math (finite fields, modular arithmetic, number theory)  No surprise here: the whole idea of cryptography is centered around difficult problems that cannot be solved unless a trap-door (key) is known  No assumptions made on the math background – all notions will be introduced whenever needed  No need to be taken aback by the math part
  • 20. January 10, 2012 20 Administrative details  Webpage: http://users.abo.fi/ipetre/crypto/  Email address: ion.petre@abo.fi  Exam: 30 points for maximum mark, 15 to pass  Not necessarily interested in the full details of the algorithms/protocols  Rather on the structure of an algorithm/protocol, the rationale behind that structure  Breaking or designing simple systems (simple enough for paper and pencil only)  Ideas, notions, etc.  Course book: W. Stallings – “Cryptography and network security”  Other useful books:  C.Kaufman, R.Perlamn, M.Speciner – “Network security. Private communication in a public world”  W.Trappe, L.Washington – “Introduction to cryptography with coding theory”  See the course website for more suggested reading
  • 21. January 10, 2012 21 Challenges  No exercises  Optional assignments offering a number of points  If one collects sufficiently many points, (s)he may skip exam  Protocol  announce the challenge at the end of a lecture  allow for a couple of days before the data is published on the course website  award the points to the first N correct answers received in the lecturer’s inbox (email only!) before a deadline