Upload
hoanbq
View
214
Download
0
Embed Size (px)
Citation preview
8/13/2019 Cns Scr 08 Cryptography
1/87
C
32012
8/13/2019 Cns Scr 08 Cryptography
2/87
:
C, :
C
C
:
A
D C
N
8/13/2019 Cns Scr 08 Cryptography
3/87
8/13/2019 Cns Scr 08 Cryptography
4/87
, :
( ?)
E
8/13/2019 Cns Scr 08 Cryptography
5/87
A B. A .
B A.
B A.
O, A B, A B
8/13/2019 Cns Scr 08 Cryptography
6/87
H ? O :
.
. .
I
A :
.
H ().
E/
().
8/13/2019 Cns Scr 08 Cryptography
7/87
A .
H .
A
H?
. .
H ( ).
D: .
O , .
, .
8/13/2019 Cns Scr 08 Cryptography
8/87
8/13/2019 Cns Scr 08 Cryptography
9/87
8/13/2019 Cns Scr 08 Cryptography
10/87
A A IN
.
IN
.
C
.
M .
8/13/2019 Cns Scr 08 Cryptography
11/87
N A : .
I
. M ,
.
N
.
N .
.
8/13/2019 Cns Scr 08 Cryptography
12/87
I
.
C .
.
N,
.
8/13/2019 Cns Scr 08 Cryptography
13/87
C A
.
, .
.
.
/
() .
8/13/2019 Cns Scr 08 Cryptography
14/87
C
.
. C
.
8/13/2019 Cns Scr 08 Cryptography
15/87
()
8/13/2019 Cns Scr 08 Cryptography
16/87
1970.
.
A / .
.
I , . I .
O .
B C .
.
8/13/2019 Cns Scr 08 Cryptography
17/87
:
A (E)
H ? A (K) .
(D) E
: C = EK(M)
M = DK(C)
A:
D E .
, .
.
8/13/2019 Cns Scr 08 Cryptography
18/87
B :
C .
.
A .
B :
I .
B
.
8/13/2019 Cns Scr 08 Cryptography
19/87
:
M (C)
(A, ) M
C ( )
B
: E
DE, 3DE (D E )
AE (A E )
8/13/2019 Cns Scr 08 Cryptography
20/87
.
M
E
( ). O .
E
( ).
M .
8/13/2019 Cns Scr 08 Cryptography
21/87
M C
A .
HELLOOLD 1, 2 3
:
?
A:
8/13/2019 Cns Scr 08 Cryptography
22/87
C C , 26 .
B ,
. E
.
N 26 . 26! (! I )
Plain: abcdefghijklmnopqrstuvwxyz
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
8/13/2019 Cns Scr 08 Cryptography
23/87
C F , :
M
.
C .
C . L .
F , E : 12.702%
0.074%
8/13/2019 Cns Scr 08 Cryptography
24/87
8/13/2019 Cns Scr 08 Cryptography
25/87
C C .
C BENCH ().
A C :
E :
8/13/2019 Cns Scr 08 Cryptography
26/87
8/13/2019 Cns Scr 08 Cryptography
27/87
.
I , , .
:
reeb sdder ekil i
: i like redds beer
epgniusn rae omtsyl aft
: penguins are mostly fat
8/13/2019 Cns Scr 08 Cryptography
28/87
:
N :
D...S...A...A...R...M...I
.E.R.A.T.P.E.S.B.I.G.E.N.P.D
.
.
H, 3. , DE
3DE.
..A...N...L...E...N...A...O
8/13/2019 Cns Scr 08 Cryptography
29/87
C
.
C :
A
.
.
8/13/2019 Cns Scr 08 Cryptography
30/87
C B
A
, , .
M
.
C
,
.
.
.
M
.
8/13/2019 Cns Scr 08 Cryptography
31/87
C C
.
. AND
.
C
.
.
J .
8/13/2019 Cns Scr 08 Cryptography
32/87
C M .
.
8/13/2019 Cns Scr 08 Cryptography
33/87
D
8/13/2019 Cns Scr 08 Cryptography
34/87
C H .
H ( )
.
Data of ArbitraryLength
.
:
D
M
F
Fixed-LengthHash Value
e883aa0b24c09f
8/13/2019 Cns Scr 08 Cryptography
35/87
8/13/2019 Cns Scr 08 Cryptography
36/87
MD5 MD 5
MD5
. O
H .
MD5
.
C
(O, , ).
128 .
8/13/2019 Cns Scr 08 Cryptography
37/87
HA H A
MD5
A 264
160
MD5 SHA
HA1
HA
.
HA224, HA256, HA384 HA512
HA
HA2.
8/13/2019 Cns Scr 08 Cryptography
38/87
.
8/13/2019 Cns Scr 08 Cryptography
39/87
8/13/2019 Cns Scr 08 Cryptography
40/87
HMAC
Sent Data SecretKey
Pay to Terry Smith$100.00
One Hundred and xx/100Dollars
Received DataPay to Terry Smith$100.00
One Hundred and xx/100Dollars
SecretKey
HMAC(Authenticated
Fingerprint)
Pay to Terry Smith$100.00
One Hundred and xx/100Dollars
4ehIDx67NMop9
4ehIDx67NMop9
HMAC(Authenticated
Fingerprint)4ehIDx67NMop9
I HMAC
HMAC,
.
I , .
Unsecuremedium
8/13/2019 Cns Scr 08 Cryptography
41/87
K DES Key Keyspace # of Possible Keys
56-bit256
11111111 11111111 11111111
11111111 11111111 11111111 1111111172,000,000,000,000,000
57-bit
25711111111 11111111 11111111
11111111 11111111 11111111 11111111 1 144,000,000,000,000,000
58
Twice asmuch time
Four time asmuch time
58-bit 11111111 11111111 11111111
11111111 11111111 11111111 11111111 11
288,000,000,000,000,000
59-bit
25911111111 11111111 11111111
11111111 11111111 11111111 11111111 111 576,000,000,000,000,000
60-bit
26011111111 11111111 11111111
11111111 11111111 11111111 11111111 1111 1,152,000,000,000,000,000
With 60-bit DESan attacker would
require sixteenmore time than
56-bit DES
For each bit added to the DES key, the attacker would require twice the amount of time tosearch the keyspace.
Longer keys are more secure but are also more resource intensive and can affect throughput.
8/13/2019 Cns Scr 08 Cryptography
42/87
Protection up
192192177696Protection upto 10 years
160160124880Protection up
to 3 years
HashDigital
SignatureAsymmetric
KeySymmetric
Key
to 20 years
2562563248128Protection upto 30 years
51251215424256Protection against
quantum computers
Calculations are based on the fact that computing power will continue to grow at itspresent rate and the ability to perform brute-force attacks will grow at the same rate.
Note the comparatively short symmetric key lengths illustrating that symmetricalgorithms are the strongest type of algorithm.
8/13/2019 Cns Scr 08 Cryptography
43/87
K
Key
Key Generation
Key Storage
Key Verification
Key Exchange
Certain keys are weaker than others. Theyare regenerated if found (Caesar keys 0and 25 do not encrypt).
Nowadays, an automatic process. Usesrandom numbers to minimize prediction.
Key Revocation and Destruction
The method used for
exchanging keys over anunsecure medium must besecure.
If keys are stored in clear
text, they can be sent ashashes. If they are stored ashashes, they must be sent inclear text.
Revocation notifies all interested parties that acertain key has been compromised and shouldno longer be used.
8/13/2019 Cns Scr 08 Cryptography
44/87
D C
8/13/2019 Cns Scr 08 Cryptography
45/87
OI C
OI :
D
.
N , I,
.
L ( L) L ( L )
.
A .
, ,.
.
L , .
8/13/2019 Cns Scr 08 Cryptography
46/87
E C :
A .
.
:
.
.
A
D
N
8/13/2019 Cns Scr 08 Cryptography
47/87
I .
(
).
80 256
E ( C ).
, .
K ?
E: DE, 3DE, AE, IDEA, B
8/13/2019 Cns Scr 08 Cryptography
48/87
B : DE (64), AE (128)
: C4, A5 (GM )
8/13/2019 Cns Scr 08 Cryptography
49/87
DE
DE 64 .
B 56 , . H 3DE .
.
8/13/2019 Cns Scr 08 Cryptography
50/87
3DE
C DE .
C , 35 .
C I DE 3DE.
8/13/2019 Cns Scr 08 Cryptography
51/87
3DE
8/13/2019 Cns Scr 08 Cryptography
52/87
AE
32.
, . 3DE AE.
8/13/2019 Cns Scr 08 Cryptography
53/87
A
AKA .
.
512 4096 .
.
E: A, , DH
8/13/2019 Cns Scr 08 Cryptography
54/87
H ?
A B
O , A () B.
I !
I :
A , B !
B A B .
I : A .
A B.
B A.
A , B. B , .
N , .
N !
8/13/2019 Cns Scr 08 Cryptography
55/87
,
A, B
A A()M B
B B()M A
A(B()) = B(A()) =
, A(), B(),
.A() B() A(B()).
: A(B()) = B(A())?
8/13/2019 Cns Scr 08 Cryptography
56/87
F, !
DH
A A B
A B:
(=23) (=5).
A (=6) B A=
6
A A . B (=15) A B=
B= 515 23= 19
B B .
A = B
196 23=
B = A
815 23=
Green = public dataRed = private data
8/13/2019 Cns Scr 08 Cryptography
57/87
A
B A.
A B .
O B .
8/13/2019 Cns Scr 08 Cryptography
58/87
A
A B .
B A .
I B A
A.
8/13/2019 Cns Scr 08 Cryptography
59/87
H ?
I , .
A > B
A B
.
A .
B ,
.
A , .
B A , .
8/13/2019 Cns Scr 08 Cryptography
60/87
L
8/13/2019 Cns Scr 08 Cryptography
61/87
D
8/13/2019 Cns Scr 08 Cryptography
62/87
D
A
:
A
.
.
N N
.
D : DA, A
N HMAC
8/13/2019 Cns Scr 08 Cryptography
63/87
N . HMAC
HMAC, , .
I: ,
.
A: .
.
N .
A .
( ).
()
.
8/13/2019 Cns Scr 08 Cryptography
64/87
A
N .
N
.
A , .
C
.
H ?
8/13/2019 Cns Scr 08 Cryptography
65/87
H ?
() .
.
.
.
()
.
.
. I , .
I .
HO ?
8/13/2019 Cns Scr 08 Cryptography
66/87
, HO ?
ConfirmOrder
Data
The sending device createsa hash of the document
Si ned Data
The receiving deviceaccepts the documentwith digital signatureand obtains the public key
Signature Verified
0a77b3440
Validity of the digital signatureis verified
Encryptedhash
SignatureKey
The sending device
encrypts only the hashwith the private keyof the signer
0a77b3440
The signature algorithmgenerates a standard digital signature
Confirm
Order____________
0a77b3440
SignatureAlgorithm
VerificationKey
Signature isverified with theverificationkey
D
8/13/2019 Cns Scr 08 Cryptography
67/87
D
A //
/.
:
.
.
( ).
.
.
( ).
DA
8/13/2019 Cns Scr 08 Cryptography
68/87
DA
F G .
C .
DA DA .
A
8/13/2019 Cns Scr 08 Cryptography
69/87
A
.
, . F .
M DE ( )
100 DE
100010000 DE 15000 DE C
8/13/2019 Cns Scr 08 Cryptography
70/87
8/13/2019 Cns Scr 08 Cryptography
71/87
8/13/2019 Cns Scr 08 Cryptography
72/87
KI
8/13/2019 Cns Scr 08 Cryptography
73/87
KI
D
, .
I 10 , 90
.
A 11 20
.
,
.
.
KI
8/13/2019 Cns Scr 08 Cryptography
74/87
KI
KI
A
.
C , , , , .
C
A (
) .
I CA.
CA C A
KI .
CA F
8/13/2019 Cns Scr 08 Cryptography
75/87
CA F
L
8/13/2019 Cns Scr 08 Cryptography
76/87
C :
C 0: ,
C 1: ,
C 2: ,
C 3:
C 4:
C 5:
F , 1
.
A 3 4 ,
.
KI
8/13/2019 Cns Scr 08 Cryptography
77/87
E .
A .
, .
,
KI
8/13/2019 Cns Scr 08 Cryptography
78/87
5093 .
509.3
:
, L L
H L.
, , .
I N
G ( G )
C
C , N , I , I
.
C LAN
.
O KI
8/13/2019 Cns Scr 08 Cryptography
79/87
KC = K C
A ()
.
C
8/13/2019 Cns Scr 08 Cryptography
80/87
KI :
CA
H CA
C CA
CA CA
8/13/2019 Cns Scr 08 Cryptography
81/87
Root CA
D .
.
A
.
I ,
KI
.
CA H CA
8/13/2019 Cns Scr 08 Cryptography
82/87
CA.
I .
CA
CA. .
I CA , Root CA
.
SubordinateCA
CA C CA
8/13/2019 Cns Scr 08 Cryptography
83/87
CA2CA1
CA .
CA3
8/13/2019 Cns Scr 08 Cryptography
84/87
CA
Completed Enrollment
After the RegistrationAuthority adds specific
information to thecertificate request andthe request is approvedunder the organizations
CA
A.
Enrollment
request
RAHosts will submitcertificate requeststo the RA
eques orwar e oCA
,on to the Certification
Authority
The CA will sign the certificaterequest and send it back to the host
Certificate Issued
F
8/13/2019 Cns Scr 08 Cryptography
85/87
, ,
.
E .
.
, , , , .
.
C .
8/13/2019 Cns Scr 08 Cryptography
86/87
"If McDonalds offered a free Big Mac inexchange for a DNA sample, there'd belines around the block.
H N O 14 D 19:00
8/13/2019 Cns Scr 08 Cryptography
87/87