Beruflich Dokumente
Kultur Dokumente
Bijendra Jain
(bnj@cse.iitd.ernet.in)
3/15/2012
Lecture 1: Introduction
3/15/2012
Top-level issues
threats, both external and internal economic gains cost of securing resources cryptographic methods vs. physical security nature of resources (HW, SW, information) during storage, access and communication limited to a single computer vs. network security various layers (physical through application layers)
Information security:
3/15/2012
Security threats
Non-destructive Destructive Repudiation Denial of service crypt-analysis snooping masquerading replay attacks virus, worms etc.
Tutorial on Network Security: Sep 2003 4
Threat techniques:
3/15/2012
Security services
3/15/2012
Security mechanisms
Physical controls Audit trails Fraud detection (data mining) Steganography Encryption:
private-key vs. public-key encryption key generation, exchange, and management certification
Firewalls etc.
3/15/2012
3/15/2012
Cryptographic systems
Time to crack (1 encryption/microsec) 36 min 1100 years 5 x 1024 years 6 x 1012 years
Time to crack (106 encryptions/microsec) 2. msec 10 hrs 5 x 1018 years 6 x 106 years
ciphertext (only) plaintext + ciphertext chosen plaintext + ciphertext chosen ciphertext + plaintext
Tutorial on Network Security: Sep 2003 8
3/15/2012
Symmetric encryption
Plaintext, X Ciphertext, Y Secret keys for encryption, decryption, K Cryptanalysis Encrypt Insecure channel Decrypt DK(X)
EK(X)
K
Secure channel
Secret key, K
3/15/2012 Tutorial on Network Security: Sep 2003 9
Asymmetric encryption
Plaintext, X Ciphertext, Y Two keys K1, and K2. One is secret, other is public One of them (secret or public) is used to encrypt, the other for decryption Helps with confidentiality, digital signatures Cryptanalysis Encrypt Insecure channel Decrypt DK(X)
EK(X)
X K2
K1
Symmetric encryption
Substitution cipher Transposition cipher DES Triple DES Blowfish, RC5, RC4, etc.
3/15/2012
11
Substitution cipher
Ceasar cipher
encrypt C (p+k) mod n decrypt p (C-k) mod n assumes set of n characters easily breakable in n-1 steps encrypt Ci lookup_encrypt(pi) decrypt pj lookup_decrypt(Cj) 26! Different keys may be broken using known relative frequency of each character To counter:
3/15/2012
12
Transposition cipher
Transposition example:
Key Plaintext 4 a o d w 3 t s u o 1 t t n a 2 a p t m 5 c o I x 6 k n l y 7 p e t z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
3/15/2012
13
DES
Applied to each block of size 64 bits Key is 56 bits Uses portions of key at different steps Uses techniques referred to by diffusion and confusion
Developed by IBM 1971-73, accepted by NBS (USA) as a standard in 1977 C1 P1 Primarily a block cipher
K
K
Encypt EK(X)
Decrypt DK(X)
C1
3/15/2012 Tutorial on Network Security: Sep 2003
P1
14
56-bit key
Round 1 Round 2
Permuted key
K16
Permuted key
64-bit ciphertext
3/15/2012 Tutorial on Network Security: Sep 2003 15
a block cipher
P1 IV
P2
C1
C2
+
IV
Decrypt DK(X)
Decrypt DK(X)
Encrypt
Encrypt
EK(X)
EK(X)
C1
C2
P1
P2
3/15/2012
16
Strength of DES
engines to break it in 35 hours In 1997, 70,000 systems on Internet discovered the key in less than 96 days (part of plaintext is given) Automating the process is difficult, unless plaintext is known
Trapdoor
US Govt changed the original design
3/15/2012
17
Double-DES
K2
EK2(X)
3/15/2012
18
Double-DES
Meet-in-the-middle attack
Let C = EK2(EK1(P)), and X = EK1(P) = DK2(C) Let known P and C Search for K1 and K2 such that X = EK1(P) = DK2(C) Complexity is O(256 + 256), not O(2128)
3/15/2012
19
Triple-DES
K3
Encypt EK1(X)
EK2(X)
3/15/2012
20
IDEA
International data encryption algorithm (IDEA) developed in 1991, gaining ground block cipher better understood US government has had no role in its design design principle:
block size 64 bits key length 128 bits more emphasis on diffusion and confusion uses three operations:
exclusive-OR, addition, multiplication
RC5
3/15/2012
22
Blowfish
Developed in 1993 block cipher up to 448 bit keys no known attacks simple, fast and compact
cycles/"round" 9 12 18 50 18 No. of rounds cycles/byte encrypted 16 18 16 23 16 45 8 50 48 108
3/15/2012
23
Since the same key is used to encrypt and decrypt, the system is also know as private-key encryption Symmetric key encryption
uses shared secret keys also known as private-key encryption
repudiated
3/15/2012
24
Application to confidentiality
Private-key encryption may be used to provide confidentiality of messages during transfer over LANs and/or WANs At issue:
what information: User data vs. headers Identity of correspondents vs. node/route identity in what layer, and between what points Link-layer vs. end-to-end vs. application level
3/15/2012
25
R R
Link-level enrypt/ decrypt End-to-end enrypt/ decrypt
3/15/2012
26
Intermediate nodes require encryption One key for each link Done in hardware
Only end hosts need encryption One key per session/connection Perhaps done in software
3/15/2012
27
Traffic confidentiality
Issues:
Identity of communicating entities Identity of hosts, routers Traffic volumes, patterns
Link-level encryption offers better confidentiality Padding may be used to hide patterns and volumes
3/15/2012
28
Key distribution
Secret key must be distributed between the communicating entities, say A and B Link level encryption requires L number of keys to be distributed, one for each device at the end of a link Host-to-host encryption requires N*(N-1)/2 keys to be distributed Two techniques:
Physical delivery (works only in a very limited environs) A delivers it to B A trusted third party C delivers the key to A and to B Electronic delivery using an established secure connection or
session
A delivers it to B after suitably encrypting it A trusted third party C delivers the key to A and to B using secure channels to A and to B.
3/15/2012
29
Key distribution
Above:
N1 and N2 are nonce, MKm is the master key used by A and B KS is the new session key F is a well-known function, such as ADD 1
Tutorial on Network Security: Sep 2003
3/15/2012
30
Key distribution
3/15/2012
31
Key distribution
Above:
KA and KB are keys used by A and B, respectively, to communicate
3/15/2012
32
Key distribution
Other issues:
Hierarchy of keys Lifetime of a session key Generation of Nonce or Random numbers
3/15/2012
33
Thanks
3/15/2012
34