Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

Successfully reported this slideshow.

Like this presentation? Why not share!

1,638 views

Published on

Network Security Topic 4 cryptography2

Published in:
Education

No Downloads

Total views

1,638

On SlideShare

0

From Embeds

0

Number of Embeds

7

Shares

0

Downloads

62

Comments

0

Likes

1

No embeds

No notes for slide

- 1. Lecture 4Cryptographic Tools (cont)
- 2. Message Authentication protects against active attacks • contents have not been verifies received altered message is • from authentic source • timely and in correct authentic sequence can use • only sender & receiver conventional share a key encryption
- 3. Message Authentication Codes
- 4. Secure Hash Functions
- 5. MessageAuthentication Using a One-WayHash Function
- 6. Hash Function Requirements• can be applied to a block of data of any size• produces a fixed-length output• H(x) is relatively easy to compute for any given x• one-way or pre-image resistant – infeasible to find x such that H(x) = h• second pre-image or weak collision resistant – infeasible to find y ≠ x such that H(y) = H(x)• collision resistant or strong collision resistance – infeasible to find any pair (x, y) such that H(x) = H(y)
- 7. Security of Hash Functions• approaches to attack a secure hash function – cryptanalysis – exploit logical weaknesses in the algorithm – brute-force attack – strength of hash function depends solely on the length of the hash code produced by the algorithm• additional secure hash function applications: – Passwords: hash of a password is stored by an operating system – intrusion detection: store H(F) for each file on a system and secure the hash values
- 8. Public-Key Encryption Structure asymmetric • uses two separate keys publicly • public key and some form ofproposed by based on private key protocol is Diffie and mathematical • public key is needed for Hellman in functions made public for distribution 1976 others to use
- 9. Public-Key Encryption
- 10. Private-Key Encryption
- 11. Requirements for Public-Key Crypto. computationally easy to create key pairs computationally easyuseful if either key can for sender knowing be used for each role public key to encrypt messages computationally computationally easyinfeasible for opponent for receiver knowing to otherwise recover private key to decrypt original message ciphertext computationally infeasible for opponent to determine private key from public key
- 12. Applications for Public-Key Cryptosystems
- 13. Digital Signatures• used for authenticating both source and data integrity• created by encrypting hash code with private key• does not provide confidentiality – even in the case of complete encryption – message is safe from alteration but not eavesdropping
- 14. Public Key Certificates
- 15. Digital Envelopes• protects a message without needing to first arrange for sender and receiver to have the same secret key• equates to the same thing as a sealed envelope containing an unsigned letter
- 16. Random • Uses include generation of:Numbers – keys for public-key algorithms – stream key for symmetric stream cipher – symmetric key for use as a temporary session key or in creating a digital envelope – handshaking to prevent replay attacks – session key
- 17. Random Number Requirements Randomness Unpredictability• criteria: – uniform distribution each number is statistically – frequency of occurrence of independent of other each of the numbers should numbers in the sequence be approximately the same opponent should not be able – independence – no one value in the to predict future elements sequence can be inferred of the sequence on the from the others basis of earlier elements
- 18. Random versus Pseudorandom• cryptographic applications typically use algorithms for random number generation – algorithms are deterministic and therefore produce sequences of numbers that are not statistically random• pseudorandom numbers are: – sequences produced that satisfy statistical randomness tests – likely to be predictable• true random number generator (TRNG): – uses a nondeterministic source to produce randomness – most operate by measuring unpredictable natural processes – e.g. radiation, gas discharge, leaky capacitors – increasingly provided on modern processors
- 19. Summary• symmetric encryption hash functions – conventional or single-key only type − message authentication creation of digital signatures used prior to public-key – five parts: plaintext, encryption digital signatures algorithm, secret key, ciphertext, and − hash code is encrypted with decryption algorithm private key – two attacks: cryptanalysis and brute digital envelopes force − protects a message without – most commonly used algorithms are needing to first arrange for sender block ciphers (DES, triple DES, AES) and receiver to have the same• public-key encryption secret key – based on mathematical functions random numbers – asymmetric − requirements: randomness and – six ingredients: plaintext, encryption unpredictability algorithm, public and private key, − validation: uniform distribution, ciphertext, and decryption algorithm independence − pseudorandom numbers

No public clipboards found for this slide

Be the first to comment