Lecture 5 - Network Security
Non-Repudiation
ensuring that the sender actually sent the message
RSA: Creating Public/Private Keypair
o 1) Choose two large prime numbers p, q. o 2) Compute n = pq, Φ = (p-1)(q-1) o 3) Choose e (with e< Φ) that has no common factors with Φ. (e, Φ are "relatively prime"). o 4) Choose d such that ed-1 is exactly divisible by Φ. (in other words: ed mod Φ = 1 ; or d = e mod Φ) o 5) Public key is (n,e). The private key is (n,d).
RSA: Encryption and Decryption
o 1) Given (n, e) and (n, d) as computed above o 2) To encrypt message m (< n), compute c = m^e mod n o 3) To decrypt received bit pattern, c, compute m = c^d mod n
RSA: Getting Ready
o A message is a bit pattern o A bit pattern can be uniquely represented by an integer number. o Thus encrypting a message is equivalent to encrypting a number.
Zimmer Telegram
o Encrypted telegram from foreign secretary of the German empire to the German ambassador in Mexico o Intercepted and decrypted by the British o Indicated that unrestricted sub-warfare would commence. Proposed an alliance with Mexico to reclaim lost land to the US. o Pivotal in the US entering WWI
Issues with Symmetric Key Cryptography
o Requires Sender and Receiver know shared key o How do we agree on the key in the first place? o Secretly sharing keys is extremely difficult problem
Problems with RSA
o Slow to generate keys e, d even by today's CPU power o Does not have Perfect Forward Security o But it's free from licensing concerns
Why is RSA Secure?
o Suppose you know Bob's public key (n,e). How hard is it to determine d? o Essentially need to find factors of n without knowing the two factors p and q. o Fact: factoring a big number is hard. o - Φ = (p-1)(q-1) o Hard to find p, q, Φ when given n, e o Generating RSA Keys o Have to find big primes p and q o Approach: make a good guess then apply testing rules o The typical key size is 2048-bits
Enigma
o Used by Germans o Replaced letters as they were typed o Substitutions were computed using a key and a set of switches and rotors.
Public Key Cryptography (Asymmetric)
o radically different approach [DiffieHellman76, RSA78] o sender, receiver do not share secret key o public encryption key known to all o private decryption key known only to receiver
Confidentiality in Cryptography
only the sender, the intended receiver should "understand" the message contents: -the sender encrypts the message -receiver decrypts messages
End-Point Authentication
send, receiver want to confirm the identity of each other
Symmetric key cryptography
the sender and receiver use the same key for encryption and decryption
Cryptanalysis
the study and practice of finding weaknesses in ciphers
Public Key Cryptography
uses two keys: A public key the sender uses to create encrypted messages, and a mathematically-related private key that the receiver can use to decrypt messages encrypted by that public key.
How secure is DES?
● DES Challenge: 56-bit-key-encrypted phrase decrypted (brute force) in less than a day ● 1998: EFF's $250k machine- 1,800 custom chips ● No known good analytic attack making DES more secure: ● 3DES: encrypt/decrypt 3 times with 3 different keys ciphertext = EK3(DK2(EK1(plaintext)))
Why Rounds in Prototype?
● If only a single round, then one bit of input affects at most 8 bits of output. ● In 2 nd round, the 8 affected bits get scattered and inputted into multiple substitution boxes. ● How many rounds? o How many times do you need to shuffle cards? o Becomes less efficient and increase
Vernam- Perfect Substitution Cipher
● If we use Vigenère with a key length as long as the plaintext then cryptanalysis will become more difficult. ● If we change the key every time we encrypt then the cryptanalyst's job becomes even more difficult. One-time pad or Vernam Cipher. ● How do we get such long keys? o A large book shared by the transmitter and receiver o Initial key followed by previous messages themselves!! o Random number sequence based on common shared and secret seed ● Such a cipher is difficult to break but not very practical. ● Also called a "one-time pad"
Advanced Encryption Standard
● Newest (Nov. 2001) symmetric-key NIST standard, replacing DES ● Processes data in 128 bit blocks ● 128, 192, or 256 bit keys ● Brute Force Decryption (try each key) takes 10 billion years for AES o Based on the current fastest supercomputer 33.86 petaFLOPS (1015 FLOPS) o Not adjusted for technological advancements
Shannon's Characteristics of Good Ciphers
● The amount of secrecy needed should determine the amount of labor appropriate for encryption and decryption. ● The set of keys and enciphering algorithms should be free from complexity. ● The implementation of the process should be as simple as possible. ● Errors in ciphering should not propagate and cause the corruption of future information in the message. ● The size of enciphered text should be no longer than the text of the original message.
Who might Bob, Alice be?
● Web browsers/server for electronic transactions ● online banking/client/server ● DNS servers ● routers exchanging routing table updates
Friends and enemies: Alice, Bob, Eve
● Well-known in the network security world ● Bob, Alice wants to communicate securely ● Trudy (intruder) may intercept, delete, add to the message
Language of Cryptography
● m is a plaintext message ● KA(m) is ciphertext, encrypted with key KA ● m = KB(KA(m))
Cipher Block Chaining (CBC)
-CBC generates its own random numbers -Have encryption of current block depend on result of previous block -How do we encrypt first block? -Initialization vector (IV): random block = c(0) -Change IV for each message (or session) -Guarantees that even if the same message is sent repeatedly, the cipher-text will be completely different each time
Cryptography Basics
-Cryptography is the process of converting plaintext into ciphertext. -Plaintext - Readable text -Ciphertext - Unreadable or encrypted text -Cryptography is used to hide information from unauthorized users -Decryption is the process of converting ciphertext back to plaintext -Cryptography requires at least two pieces of information -Encryption algorithm -Encryption key
Cipher-text only attack
-Eve has cipher-text that she can analyze o Two approaches: -Search through all keys: must be able to differentiate resulting plaintext from gibberish -Statistical analysis
Session Keys
-Exponentiation is computationally intensive -DES is at least 100 times faster than RSA -A session key, KS -Bob and Alice use RSA to exchange a symmetric key KS -Once both has KS, they use symmetric key cryptography -Limited-use symmetric keys for temporary communications during an online session.
Poly-alphabetic Encryption: Vingenère
-Know how to do it
Problems with Stream Ciphers
-Known Plain-Text Attack -There's often predictable and repetitive data in communication messages -attacker receives some cipher text c and correctly guesses corresponding plaintext m -kS = m XOR c -attacker now observes c' obtained with same sequences ks -Attacker now observes c' obtained with same sequence ks -m' = kS XOR c' -Even Easier -Attacker obtains two cipehrtexts, c and c' generating with the same key sequence -c XOR c' = m XOR m' -There are well known methods of decrypting two plaintext given their XOR -Integrity Problem Too -Suppose attacker knows c and m -Wants to change m to m' calculates c' = c XOR (m XOR m') -Sends c' to destination
RC4 Stream Cipher
-RC4 is popular stream cipher -Extensively analyzed and considered good -The key can be from 1 to 256 bytes -Used in WEP for 802.11 -Can be used in SSL
Public Key Encryption
-Requirements: -need KS- and KS+ such that: -KB-(KB+(m)) = m -Given public key KS+, it should be impossible to compute private key KS- -RSA
Two Types of Symmetric Ciphers
-Stream Ciphers -Block Ciphers
Substitution Cipher
A cipher that substitutes one character with another
Diffie-Hellman
A key agreement protocol, does not provide any security services nor digital signature. -Allows two entities to agree on shared key -But does not provide encryption -n is a large prime; g is a number less than n -n and g are made public
Hash functions
Also referred to as message digests, these functions do not use a key
Data in Computational Effort
Amount of captured data required to complete the attack.
Memory in Computational Effort
Amount of storage required to complete the attack. This can be either a hard disk or memory.
RSA: Another important property
Apply public key first then apply private key: Kb^-(Kb^+(m)) = m = Kb^+(Kb^-(m)) ^--- Apply private key first then apply public key Result is the same!
Confusion
Changes in the key should affect many parts in the ciphertext
Diffusion
Changing one character in the plaintext will result in multiple changes throughout the ciphertext
Symmetric Key Crypto: DES
DES: Data Encryption Standard •US encryption standard [NIST 1993] •56-bit symmetric key, the 64-bit plaintext input •Block cipher with cipher block chaining
Stream Ciphers
Encrypt one bit at a time
Block Ciphers
Encrypts a message one block at a time ● The message to be encrypted is processed in blocks of k bits (e.g., 64-bit blocks) ● 1-to-1 mapping is used to map k-bit block of plaintext to k-bit block of ciphertext ● Example with k = 3
Chosen-plaintext attack
Eve can get the ciphertext from some chosen plaintext
Known-Plaintext Attack
Eve has some plaintext corresponding to some ciphertext
Time in Computational Effort
Number of primitive operations required. The computational time required for the attack. Some attacks become more feasible as computing power becomes cheaper and faster.
Encrypting a Large Message
Why not just break messages into 64-bit blocks, and encrypt each block separately? o If the same block of plaintext appears twice, will give the same ciphertext.
How many possible mappings are there for k = 3?
2^3! = 40,320; not very many
Message Integrity in Cryptography
Sender and receiver want to ensure the message is not altered (in transit, or afterward) without detection.
