Upload
june-cain
View
224
Download
0
Embed Size (px)
DESCRIPTION
3 Serbia 2003 Cipher System cryptogram c Enciphering Algorithm Deciphering Algorithm Key k(E)Key k(D) message m message m Interceptor
Citation preview
1Serbia 2003
INTRODUCTIONto
CRYPTOGRAPHYFred Piper
Codes & Ciphers Ltd12 Duncan Road, RichmondSurrey, TW9 2JDENGLAND
Royal Holloway, University of LondonEgham Hill, EghamSurrey TW20 0EX
ENGLAND
2Serbia 2003
Sender Am I happy that the whole world sees this ? What am I prepared to do to stop them ? What am I allowed to do to stop them ?
Recipient Do I have confidence in :
the originator the message contents and message stream no future repudiation.
Network Manager Do I allow this user on to the network ? How do I control their privileges ?
Some Security Issues
3Serbia 2003
Cipher System
cryptogramc
EncipheringAlgorithm
DecipheringAlgorithm
Key k(E) Key k(D)
messagem
messagem
Interceptor
4Serbia 2003
The Attacker’s Perspective
DecipheringAlgorithm
Unknown Keyk(D)
Known c Wants m
Note: k(E) is not needed unlessit helps determine k(D)
5Serbia 2003
Two Types of Cipher System
• Conventional or Symmetrick(D) easily obtained from k(E)
• Public or AsymmetricComputationally infeasible to determine k(D) from k(E)
6Serbia 2003
Mortice Lock.If you can lock it, then you can unlock it.
Bevelled Sprung Lock.Anyone can lock it, only keyholder can unlock it.
7Serbia 2003
Types of Attack
• Ciphertext only• Known plaintext• Chosen ciphertext
8Serbia 2003
Assumptions About Attacker (1)
Military/Government:Try to keep details of system (including algorithm) secret
Worst Case Conditions:Commercial:
Assume he knows: System (including algorithm) All ciphertext Some corresponding plaintext/ ciphertext
9Serbia 2003
Warning
THE FACT THAT AN ALGORITHM HAS
BEEN PUBLISHED SAYS NOTHING
ABOUT ITS STRENGTH.
10Serbia 2003
Breaking Algorithm
• Finding a method of determining
message from cryptogram without
being given deciphering key.
11Serbia 2003
Exhaustive Key Search Attacks
• The security depends on the secrecy of the deciphering key.
• One potential attack, if the algorithm is known, is to try all possible deciphering keys and to eliminate all incorrect ones.
• To withstand this type of attack a large key space is required.
12Serbia 2003
Exhaustive Key Searches
Estimating time required for key
search requires assumptions about the
attacker’ resources
13Serbia 2003
Saints or Sinners ?Receiver
Interceptor
Sender
Who are the ‘good’ guys ?
14Serbia 2003
If Someone Wants Your Plaintext
• Give it to them• Give them the decryption key• They may break algorithm• They may ‘find’ plaintext in system• They may ‘find’ key in system
15Serbia 2003
Practical Considerations when Implementing Encryption
• Key management is the difficult part • Keys need to be generated, distributed,
stored, changed securely• History shows that most cryptanalytic
attacks exploit poor implementation and/or key management Example: Enigma in World War 2
16Serbia 2003
Cryptography is used to provide:
1. Confidentiality
2. Data Integrity
3. Entity/Origin Verification
4. Non-Repudiation
5. Access Control
17Serbia 2003
Choosing an Algorithm
The choice of algorithm depends upon the application.
Applications of encryption include :• Data confidentiality• Data integrity• Digital Signatures.
18Serbia 2003
Misuse of Encryption
GradeGood student xxxxxBad student xxxxx
Grades can be changed
19Serbia 2003
Classification of Techniques
• Bit / Block operation
• Positional dependence/independence
• Message dependence/independence
20Serbia 2003
Vernam Cipher
Random sequence k1,k2,…,kn
Message m1,m2,…,mn
+Ciphertext
k1m1,k2 m2,…,kn mn
The message and key are bit strings
21Serbia 2003
Stream Cipher
Plaintext data
Keystream sequence
Ciphertext
Key
SequenceGenerator
XOR
22Serbia 2003
Stream Cipher
• Enciphers bit by bit
• Positional dependence
• Security depends on properties of
the keystream
23Serbia 2003
Stream Ciphers
Applications•Widely used for military and paramilitary applications for both data and digitised speech
•The main reason for their wide use is that military communications are often over poor channels and error propagation is unacceptable
24Serbia 2003
Symmetric Block Cipher System
Key dependentpermutation
on s-bit blocks
s-bitplaintext block
s-bitciphertext block
Key
25Serbia 2003
Block Ciphers : Key Sizes
• Depends on security requirement
• Key searches on size 290 are currently considered infeasible
26Serbia 2003
DES: Key Search on Internet (1997)
DES has 256 keys DES key found Search took 140 days Search used over 10,000 computers Peak rate: 7.109 keys/sec ‘Might’ have taken 32 days
27Serbia 2003
DES Breaker (1998)
Electronic Frontier FoundationDesign cost $ 80,000Manufacturing cost $130,000Test key found in 56 hoursComplete search in 220 hours90 Billion keys per secondDesign details published
28Serbia 2003
DES : Double Length Key
k = (k1,k2) k1,k2 DES keys Ek(m) = Ek1(Dk2(Ek1(m))) key is 112 bits key search with 2112 trials is
infeasible.
29Serbia 2003
Advanced Encryption Standard (AES)
• Block ciphers
• Block size 128 bits
• Key lengths 128, 192, 256 bits
• Must be faster than triple DES
30Serbia 2003
AES (Continued)
June 1998: 15 candidates
August 1998: 11
April 1999: 5
Decision October 2000
Rijndael
31Serbia 2003
The following slides will not be discussed but are included for completeness
32Serbia 2003
Applications
• Access Control• Authentication
33Serbia 2003
The Challenge / Response Principle
Key Key
Random number
Challenge PIN-Controlled
A A
Response
A - Encipher or OWFY/N = ?
34Serbia 2003
Digital Signatures
According to ISO, the term Digital Signature is used: ‘to indicate a particular authentication technique used to establish the origin of a message in order to settle disputes of what message (if any) was sent’.
35Serbia 2003
Digital Signatures
A signature on a message is some data• that validates a message and verifies its origin• a receiver can keep as evidence• a third party can use to resolve disputes.
It depends on• the message• a secret parameter only• available to the sender
It should be• easy to compute • (by one person only)• easy to verify• difficult to forge
36Serbia 2003
Principle of Digital Signatures
There is a (secret) number which:• Only one person can use• Is used to identify that person• ‘Anyone’ can verify that it has been
used NB: Anyone who knows the value of
a number can use that number.
37Serbia 2003
Certification Authority
Aim :To guarantee the authenticity of public keys.
Method :The Certification Authority guarantees the authenticity by signing a certificate containing user’s identity and public key with its secret key.
Requirement :All users must have an authentic copy of the Certification Authority’s public key.
38Serbia 2003
Certification Process
Verifies credentials
CreatesCertificate
Receives(and checks)
Certificate
Presents Public Key and
credentials
Generates Key Set
Distribution
Centre
Owner
39Serbia 2003
How Does it Work?
The Certificate can accompany all Fred’s messages
The recipient must directly or indirectly:• Trust the CA• Validate the certificate
The CA certifiesthat Fred Piper’s
public key is………..
Electronicallysigned by
the CA
40Serbia 2003
Fundamental Requirement
Internal infrastructure to support secure technological implementation