Security in Computing - Chapter 3 - Cryptography

1
INTRODUCTION TO
CRYPTOGRAPHY
Chapter 3: Cryptography
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Problems Addressed by Encryption

Suppose a sender wants to send a message to a
recipient. An attacker may attempt to

Block the message
Intercept the message

Modify the message
Fabricate an authentic-looking alternate message
Cryptography conceals data against unauthorized access
Encryption Terminology
Sender
Recipient
Transmission medium
Interceptor/intruder
Encrypt, encode, or encipher
Decrypt, decode, or decipher
Cryptosystem
Plaintext : material in intelligible form
Ciphertext : encrypted material
Encryption/Decryption Process
Key
(Optional)
Plaintext
Encryption
Key
(Optional)
Ciphertext
Decryption
Original
Plaintext
Symmetric vs. Asymmetric

One key
encrypts and
decrypts
Key
Plaintext
Encryption
Ciphertext
Decryption
Original
Plaintext
(a) Symmetric Cryptosystem

Encryption
Key
Plaintext
Encryption
Decryption
Key
Ciphertext
Decryption
One key
encrypts and
one key decrypts
Original
Plaintext
(b) Asymmetric Cryptosystem

Stream Ciphers
Key
(Optional)
ISSOPMI
Plaintext
wdhuw
Encryption
Ciphertext
Block Ciphers
Key
(Optional)
.. XN OI TP ES
Plaintext
IH
Ciphertext
Encryption
po
ba
qc
kd
em
..
Stream vs. Block

Stream
Block
Advantages
Speed of
transformation
Low error
propagation
High diffusion
Immunity to
insertion of
symbol
Disadvantages
Low diffusion
Susceptibility to
malicious
insertions and
modifications
Slowness of
encryption
Padding
Error
propagation
DES: The Data Encryption Standard

Symmetric block cipher
Developed in 1976 by IBM for the US National Institute of
Standards and Technology (NIST)
10
AES: Advanced Encryption System

Symmetric block cipher
Developed in 1999 by
independent Dutch
cryptographers
Still in common use
11
DES vs. AES
12
Public Key (Asymmetric) Cryptography

Instead of two users sharing one secret
key, each user has two keys: one public

and one private
Messages encrypted using the users
public key can only be decrypted using the
users private key, and vice versa
13
Secret Key vs. Public Key Encryption
14
Public Key to Exchange Secret Keys

1 .,
4. ,
a bc
de
4h
3d e f
tu v
5k l
pq
7r
pq r s
8uv
wxyz
mn
6
o
9y
Bill, give me your public key

Here is my key, Amy
Here is a symmetric key we can use
15
Key Exchange Man in the Middle
1,
.,
ab
4g
ef
6d
ab c
h
i
7q
rs
t uv
xy z
6o
8t u
3 de f
5j k l
pq r
9x
y
z
Bill, give me
your public key
1a No, give it to me
Here is my key, Amy
Here is the middles key 2a
Here is the symmetric k ey
3a Here is another symmetric k ey
16
Error Detecting Codes

Demonstrates that a block of data has been modified
Simple error detecting codes:
Parity checks
Cyclic redundancy checks
Cryptographic error detecting codes:
One-way hash functions
Cryptographic checksums
Digital signatures
17
Parity Check
18
One-Way Hash Function

M
Encrypted for
authenticity
Hash
function
Message
digest
19
Digital Signature
Mark fixed
to
document
Mark only
the sender
can make
Authentic
Unforgeable
20
Certificates: Trustable Identities and

Public Keys
A certificate is a public key and an identity
bound together and signed by a certificate

authority.
A certificate authority is an authority that
users trust to accurately verify identities
before generating certificates that bind
those identities to keys.
21
Certificate Signing and Hierarchy

To create Dianas certificate:
To create Delwyns certificate:
Diana creates and delivers to Edward:
Delwyn creates and delivers to Diana:
Name: Diana
Position: Division Manager
Public key: 17EF83CA ...
Name: Delwyn
Position: Dept Manager
Public key: 3AB3882C ...
Edward adds:
Name: Diana
Diana adds:
hash value
128C4
Edward signs with his private key:

Name: Diana
Which is Dianas ce rtificate.
Name: Delwyn
hash value
48CFA
Diana signs with her private key:

hash value
128C4
Name: Delwyn
hash value
48CFA
And appends her certificate:

Name: Delwyn
hash value
48CFA
Name: Diana
hash value
128C4
Which is Delwyns certificate.

22
Cryptographic Tool Summary
23
Summary
Encryption helps prevent attackers from revealing,
modifying, or fabricating messages

Symmetric and asymmetric encryption have
complementary strengths and weaknesses
Certificates bind identities to digital signatures

Security in Computing - Chapter 3 - Cryptography

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Security in Computing - Chapter 3 - Cryptography

Hochgeladen von

Copyright:

Verfügbare Formate

1

Problems Addressed by Encryption

recipient. An attacker may attempt to

Intercept the message

Cryptography conceals data against unauthorized access

Symmetric vs. Asymmetric

(a) Symmetric Cryptosystem

(b) Asymmetric Cryptosystem

Stream vs. Block

DES: The Data Encryption Standard

Standards and Technology (NIST)

AES: Advanced Encryption System

DES vs. AES

Public Key (Asymmetric) Cryptography

key, each user has two keys: one public

Secret Key vs. Public Key Encryption

Public Key to Exchange Secret Keys

Bill, give me your public key

Here is a symmetric key we can use

Key Exchange Man in the Middle

Here is my key, Amy

Here is the middles key 2a

Here is the symmetric k ey

3a Here is another symmetric k ey

Error Detecting Codes

One-Way Hash Function

Certificates: Trustable Identities and

bound together and signed by a certificate

Certificate Signing and Hierarchy

To create Delwyns certificate:

Diana creates and delivers to Edward:

Delwyn creates and delivers to Diana:

Edward signs with his private key:

Diana signs with her private key:

And appends her certificate:

Which is Delwyns certificate.

Cryptographic Tool Summary

modifying, or fabricating messages

Das könnte Ihnen auch gefallen