Sie sind auf Seite 1von 35


2 A   
is basically a way to ensure
that an electronic document (e-mail,
spreadsheet, text file, etc.) is 
Authentic means that you know who created
the document and you know that   
       since that person
created it.

2 xigital signatures rely on certain types of
  to ensure authentication.
Encryption is the process of taking all the data
that one computer is sending to another and
  it into a form that only the other
computer will be able to   .
Authentication is the process of verifying that
information is coming from a 
These two processes work hand in hand for
digital signatures.

2 0ne of the most common digital signature
mechanisms, the x  

   x is the basis of the x
   (x ), a U. .
Government document.
2 x A lets one person with a secret key "sign" a
document, so that others with a matching
public key can verify it must have been signed
only by the holder of the secret key.
2 xigital signatures depend on   ,
which are   computations done on a
message. They are called "one-way" because
there is no known way (without infeasible
amounts of computation) to find a message with
a given hash value.
2 Œn other words, a hash value can be determined
for a given message, but it is not known to be
2 £ash functions are similar to the scrambling
operations used in symmetric key encryption,
except that there is no decryption key: the
operation is irreversible. The result has a fixed
length, which is 160 bits in the case of the
ecure £ash Algorithm ( £A) used by x A.
2 The key in public-key encryption is based on a
. This is a value that is computed from
a base  

 using a      .
Essentially, the hash value is a summary of the
original value.
2 The important thing about a hash value is that it
is    to derive the original input
number without knowing the 
  the hash value. £ere's a simple example:



2 Îou can see how hard it would be to determine

that the value 1,525,381 came from the
multiplication of 10,667 and 143. But if you knew
that the multiplier was 143, then it would be very
easy to calculate the value 10,667. Public-key
encryption is actually much more complex than
this example, but that's the basic idea.

2 Public keys generally use complex algorithms and

very large hash values for encrypting, including
40-bit(5 Bytes/Char) or even 128-bit(16 Bytes/
Char) numbers. A 128-bit number has a possible
   , or    
 different combinations -- this would be
like trying to find one particular grain of sand in
the ahara xesert.
2 0ne-way functions or cryptographic hash
functions, they were first used in computer
systems for       
in the 1960s. They are also used to compute
   ; given a message M, we can
pass it through a 
get a digest, say h(M), which can stand in for
the message in various applications.
2 The output of the hash function is known as
    ; an input
corresponding to a given hash value is its
2 Given knowledge of an input x, we can easily
compute the hash value h(x); but it is very
difficult given the hash value h(x) to find a
corresponding preimage x if one is not already
2 As the output is random, the best an attacker
who wants to invert a random function can do
is to keep on feeding in more inputs until he
or she gets lucky.
2 A common way of implementing public key
encryption is the trapdoor one-way
permutation. This is a computation that
anyone can perform, but that can be reversed
only by someone who knows a trapdoor such
as a secret key.
ü!  "
2    suggested in the  that strong ciphers
could be built by combining substitution with
transposition repeatedly.
2 Xor example, one might add some key material to a
block of input text, then shuffle subsets of the input,
and continue in this way a number of times.
2 £e described the properties of a cipher as being
 Ͷadding unknown key values
will confuse an attacker about the value of a plaintext
symbol, while diffusion means spreading the plaintext
information through the cipher text.
ü!  "
2 The earliest block ciphers were simple networks
that combined 

 and ü 

circuits, and so were called ü  ".
2 The diagram shows an P-network with 
, which we can imagine as the bits of a 16-
bit number, and two layers of 4-bit invertible
substitution boxes (or -boxes), each of which can
be visualized as a lookup table containing some
permutation of the numbers 0 to 15.
ü!  "
ü!  "
2 Three things need to be done to make such a
design secure:
1. The cipher needs to be ͞wide͟ enough.
2. The cipher needs to have enough rounds.
3. The -boxes need to be suitably chosen.
2 0ne of the most common asymmetric
cryptosystems is R A, named for the
initials of the inventors (M M ,    ,
and #   ).
2 ëike most asymmetric algorithms, R A has
  "  $ , and is based on  
   instead of on fixed scrambling
operations. 0f course, like all asymmetric
algorithms, the encryption key is different from
the decryption key.
M (Rivest, hamir & Adleman)
2 R A is based on  
 . Unlike xE ,
which is based on a complex scrambling
operation, R A depends on    .
0n the other hand, for the same encryption
strength, R A uses much larger keys.
2 An R A encryption key consists of a pair of
numbers ( ). To encrypt a message , the
sender computes      ; the result is
the encrypted (  %) message.
M (Rivest, hamir & Adleman)
2 The receiver must decrypt by solving the
equation       for the value of .
2 Œf this were easy, then anyone could decrypt
the message and the cryptosystem would not
be of much use. Therefore, it must be difficult
to be useful. Œn fact, it must be so difficult as
to be infeasible to anyone who did not have a
clue about the solution.
M (Rivest, hamir & Adleman)
2 To accomplish this, choose the values of  and 
in the following way:
1. Choose     
 , ü and .
2. Choose , so that ü and ü  have no
common factors. (That is, they are relatively
3. Compute x  ü  so that
x ü .
M (Rivest, hamir & Adleman)
2 The number or clue x   to solve the problem
easily is known as the            ,
since          "  . The value 
  , since
anyone who needs to send a message can and must
know it.
2 Without knowing x, if the values of and  are large
enough, the equation       is extremely
difficult to solve for . ome implementations of M

2 Œn Private Key Encryption transmission of key
without compromising not easy. Œt is necessary
to assign different private key to each business
partner. When this is done a directory of keys
should be kept which should be secret. This is
difficult. 0nly secure way is to change the
private key every time a message is sent.
Public Key Encryption eliminates the key
distribution problem.
2 There is a pair of keys for each organization - A
Private Key and its Public Key. Œf A wants to
send message to B, A encrypts the message
with B's Public Key When message is received
by B he decrypts it with his Private Key.
Understanding Cryptographic
2 niffing and port scanning are passive attacks
ʹ just watching
2 Active attacks attempt to determine the secret
key being used to encrypt plaintext
2 Cryptographic algorithms are usually public
Xollows the open-source culture

Birthday Attack
2 Œf 23 people are in the room, what is the
chance that they all have different birthdays?
365 x364 x363 x363 x 361 x360 x . . .343
365 365 365 365 365 365 365
= 49%
o there͛s a 51% chance that two of them have
the same birthday

Birthday Attack
2 Œf there are N possible hash values,
Îou͛ll find collisions when you have calculated 1.2
x sqrt(N) values
2 £A-1 uses a 160-bit key
Theoretically, it would require 280 computations
to break
£A-1 has already been broken, because of other

Mathematical Attacks
2 Properties of the algorithm are attacked by
using mathematical computations
2 Categories
Ciphertext-only attack
2 The attacker has the ciphertext of several messages but
not the plaintext
2 Attacker tries to find out the key and algorithm used to
encrypt the messages
2 Attacker can capture ciphertext using a sniffer program
such as Ethereal or Tcpdump
Mathematical Attacks
2 Categories
Known plaintext attack
2 The attacker has messages in both encrypted form and
decrypted forms
2 This attack is easier to perform than the ciphertext-only
2 ëooks for patterns in both plaintext and ciphertext
Chosen-plaintext attack
2 The attacker has access to plaintext and ciphertext
2 Attacker has the ability to choose which message to
Mathematical Attacks
2 Categories (continued)
Chosen-ciphertext attack
2 The attacker has access to the ciphertext to be
decrypted and to the resulting plaintext
2 Attacker needs access to the cryptosystem to perform
this type of attack

Brute Xorce Attack
2 An attacker tries to guess passwords by
attempting every possible combination of
Requires lots of time and patience
Password-cracking programs that can use brute
2 John the Ripper
2 Cain and Abel
2 0phcrack
Also uses memory to save time ʹ ͞Rainbow tables͟

Man-in-the-Middle Attack

2 Victim sends public key to erver

Attacker generates two ͞false͟ key pairs
Attacker intercepts the genuine keys and send
false keys out
Both parties send encrypted traffic, but not with
the same keys
2 These false keys won͛t be verified by a CA

xictionary Attack
2 Attacker uses a dictionary of known words to
try to guess passwords
There are programs that can help attackers run a
dictionary attack
2 Programs that can do dictionary attacks
John the Ripper
Cain and Abel

Replay Attack
2 The attacker captures data and attempts to
resubmit the captured data
The device thinks a legitimate connection is in
2 Œf the captured data was logon information,
the attacker could gain access to a system and
be authenticated
2 Most authentication systems are resistant to
replay attacks

Password Cracking
2 Password cracking is illegal in the United
Œt is legal to crack your own password if you forgot
2 Îou need the hashed password file
/etc/passwd or /etc/shadow for *NŒ
The AM database in Windows
2 Then perform dictionary or brute-force attacks
on the file
Password cracking programs
2 John the Ripper
2 £ydra (T£C)
2 ë0phtcrack
2 Pwdump3v2
2 0phcrack does it all for you ʹ gathering the
AM database and cracking it