CS549: Cryptography and Network Security - SRM · PDF fileNotice© This lecture note (Cryptography and Network Security) is prepared by Xiang-Yang Li. This lecture note has benefited

Cryptography and Network Security 1

CS549:Cryptography and Network Security

© by Xiang-Yang Li

Department of Computer Science, IIT


Notice©This lecture note (Cryptography and Network Security) is prepared by

Xiang-Yang Li. This lecture note has benefited from numerous textbooks and online materials. Especially the “Cryptography and Network Security” 2nd edition by William Stallings and the “Cryptography: Theory and Practice” by Douglas Stinson.

You may not modify, publish, or sell, reproduce, create derivative works from, distribute, perform, display, or in any way exploit any of the content, in whole or in part, except as otherwise expressly permitted by the author.

The author has used his best efforts in preparing this lecture note. The author makes no warranty of any kind, expressed or implied, with regard to the programs, protocols contained in this lecture note. The author shall not be liable in any event for incidental or consequential damages in connection with, or arising out of, the furnishing, performance, or use of these.


About Instructor

Associate Professor IITPhD/MS UIUC 1997-2000BS, BE Tsinghua University

Research Interests:Algorithm design and analysisWireless networksGame theoryComputational geometry

Contact InformationPhone 312-567-5207Email: [email protected]


Office and Office hours

OfficeSB 237D， 10 W 31st Street, Chicago.

Office hoursWednesday 4:10PM – 6:10PM.

Or by contact: email [email protected], phone 312 567 5207


About This CourseTextbook

Cryptography: Theory and Practiceby Douglas R. Stinson CRC press

Cryptography and Network Security: Principles and Practice; By William Stallings Prentice Hall

Handbook of Applied Cryptography byAlfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, CRC Press

I have electronic version!

http://www.cacr.math.uwaterloo.ca/~dstinson/gifs/cover.gif

http://www.amazon.com/gp/product/images/0138690170/ref=dp_primary-product-display_0/104-8278000-3955142?%5Fencoding=UTF8&n=283155&s=books

http://www.cacr.math.uwaterloo.ca/hac/about/cover.gif


Grading and Others

GradingHomework 30% Mid Term 25% (closed book on Oct 14th, 2009)Project s 20% (select your own topic),

Main campus students do the following (3 students form a group)Programming project: coding some selected methods (every student does it individually)Presentation project: 10-15 pages report and oral presentation (a group project that is done by group of 3 students)

India session doProgramming projects, andWriting a 10-15-page technical report on selected topics.

Final exam 25% (open book)Policy

Do it yourselfCan use library, Internet and so on, but you have to cite the sources when you use this information


HomeworksDo it independently

No discussionNo copyCan use reference books

Staple your solutionWrite your name also, ☺

For report, you could discuss with classmates then write your own report (about 15 pages for the topic you selected)

For project (presentation and programming)

Main campus students: You SHOULD collaborate with your group member and you SHOULD make enough contributions to get creditOther students: do it yourself

HW1 (Due 9/23/09)HW2 (Due 10/28/09)HW3 (Due 12/2/09)

Report (Due 12/02/09)

Type your solution!

• print it then submit

• Or submit it electronically


Topics

IntroductionNumber TheoryTraditional Methods: secret key systemModern Methods: Public Key SystemDigital Signature and othersInternet Security: DoS, DDoSOther topics:

secret sharing, zero-knowledge proof, bit commitment, oblivious transfer,…


Organization

ChaptersIntroductionNumber TheoryConventional EncryptionBlock CiphersPublic Key SystemKey ManagementHash Function and Digital SignatureIdentificationSecret SharingPseudo-random number GenerationEmail SecurityInternet SecurityOthers


Cryptography and Network Security

Introduction

Xiang-Yang Li


Introduction

The art of war teaches us not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.

--The art of War, Sun Tzu孙子兵法

Information Security


From wikipedia

C.I.A

Confidentiality, Integrity and Availability Information Systems are decomposed in three main portions, hardware, software and communications

with the purpose to identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers:

Physical, personal and organizational


Various SecuritiesData security

Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled.

Computer SecurityThe objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users.Malware: malicious software

includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware,

Network Securityprotect the network and the network-accessible resources from unauthorized access, consistent and continuous monitoring and measurement of its effectiveness Cryptography and Network Security 14

Network Security

network security and information security are often used interchangeably

network security is generally taken as providing protection at the boundaries of an organization

Network security starts from authenticating any user, most likely a username and a password

An intrusion prevention system (IPS)[2] helps detect and prevent such malware. IPS also monitors for suspicious network traffic for contents, volume and anomalies to protect the network from attacks such as denial of service


http://en.wikipedia.org/wiki/Network_security#cite_note-1


Criteria for Desirable Cryptosystems

Confidence in Security establishedIs it based on hard or intractable problems?

Or how can I know the method is secure?Practical Efficiency

Space, time and so onExplicitness

About its environment assumptions, security service offered, special cases in math assumptions,

Protection tuned to application needsNo less, no moreSecurity protocols cannot do all: man does what man can do, machine does what machine can do

Openness


Most important

Security first

Efficiency, resource utilization, and security tradeoffs

This is especially the case for resource constrained networks such as wireless sensor networks

Limited power supply (thus limited communication, and computation), limited storage space


CryptographyCryptography (from Greek kryptós, "hidden", and gráphein, "to write") is, traditionally, the study of means of converting information from its normal, comprehensible form into an incomprehensible format, rendering it unreadable without secret knowledge — the art of encryption. Past: Cryptography helped ensure secrecy in important communications, such as those of spies, military leaders, and diplomats. In recent decades, cryptography has expanded its remit in two ways

mechanisms for more than just keeping secrets: schemes like digital signatures and digital cash, for example. in widespread use by many civilians, and users are not aware of it.


Crypto-graphy, -analysis, -logyThe study of how to circumvent the use of cryptography is called cryptanalysis, or codebreaking. Cryptography and cryptanalysis are sometimes grouped together under the umbrella term cryptology, encompassing the entire subject. In practice, "cryptography" is also often used to refer to the field as a whole; crypto is an informal abbreviation.Cryptography is an interdisciplinary subject,

linguisticsMathematics: number theory, information theory, computational complexity, statistics and combinatoricsengineering


Close, but different fieldsSteganography

the study of hiding the very existence of a message, and not necessarily the contents of the message itself (for example, microdots, or invisible ink) http://en.wikipedia.org/wiki/Steganography

Traffic analysiswhich is the analysis of patterns of communication in order to learn secret information

The messages could be encryptedhttp://en.wikipedia.org/wiki/Traffic_analysis

Steganography

Some techniquesConcealing messages within the lowest bits of noisy images or sound files.Invisible inkConcealing data within encrypted data

Polybius squareHidden messages on messenger's body



Stenography Example

Last 2 bits


Tools for Stenography

http://www.jjtc.com/Steganography/toolmatrix.htm


Network Security Model

Trusted Third Party

Principal

(sender)Principal

(receiver)

Security transformation

Security transformation

attacker


Attacks, Services and MechanismsSecurity Attacks

Action compromises the information securityCould be passive or active attacks

Security ServicesActions that can prevent, detect such attacks.Such as authentication, identification, encryption, signature, secret sharing and so on.

Security mechanismThe ways to provide such servicesDetect, prevent and recover from a security attack


Attacks

Passive attacksInterception

Release of message contentsTraffic analysis

Active attacksInterruption, modification, fabrication

MasqueradeReplayModificationDenial of service


Information Transferring


Attack: Interruption

Cut wire lines,Jam wireless

signals,Drop packets,


Attack: Interception

Wiring, eavesdrop


Attack: Modification

intercept Replaced info


Attack: Fabrication

Also called impersonation

Ali: this is …

Ali: this is …


Attacks, Services and MechanismsSecurity Attacks

Action compromises the information securityCould be passive or active attacks

Security ServicesActions that can prevent, detect such attacks.Such as authentication, identification, encryption, signature, secret sharing and so on.

Security mechanismThe ways to provide such servicesDetect, prevent and recover from a security attack


Important Services of SecurityConfidentiality, also known as secrecy:

only an authorized recipient should be able to extract the contents of the message from its encrypted form. Otherwise, it should not be possible to obtain any significant information about the message contents.

Integrity: the recipient should be able to determine if the message has been altered during transmission.

Authentication: the recipient should be able to identify the sender, and verify that the purported sender actually did send the message.

Non-repudiation:the sender should not be able to deny sending the message.


Secure Communication

protecting data locally only solves a minor part of the problem.

The major challenge that is introduced by the Web Service security requirements is to secure data transport between the different components.

Combining mechanisms at different levels of the Web Services protocol stack can help secure data transport (see figure next page).


Secure Communication


Secure CommunicationThe combined protocol HTTP/TLS or SSL is often referred to as HTTPS (see figure). SSL was originally developed by Netscape for secure communication on the Internet, and was built into their browsers. SSL version 3 was then adopted by IETF and standardized as the Transport Layer Security (TLS) protocol.Use of Public Key Infrastructure (PKI) for session key exchange during the handshake phase of TLS has been quite successful in enabling Web commerce in recent years. TLS also has some known vulnerabilities: it is susceptible to man-in-the-middle attacks and denial-of-service attacks.


SOAP securitySOAP (Simple Object Access Protocol) is designed to pass through firewalls as HTTP. This is disquieting from a security point of view. Today, the only way we can recognize a SOAP message is by parsing XML at the firewall. The SOAP protocol makes no distinction between reads and writes on a method level, making it impossible to filter away potentially dangerous writes. This means that a method either needs to be fully trusted or not trusted at all. The SOAP specification does not address security issues directly, but allows for them to be implemented as extensions.

As an example, the extension SOAP-DSIG defines the syntax and processing rules for digitally signing SOAP messages and validating signatures. Digital signatures in SOAP messages provide integrity and non-repudiation mechanisms.


PKIPKI key management provides a sophisticated framework for securely exchanging and managing keys. The two main technological features, which a PKI can provide to Web Services, are:

Encryption of messages: by using the public key of the recipient Digital signatures: non-repudiation mechanisms provided by PKI and defined in SOAP standards may provide Web Services applications with legal protection mechanisms

Note that the features provided by PKI address the same basic needs as those that are recognized by the standardization organizations as being important in a Web Services context. In Web Services, PKI mainly intervenes at two levels:

At the SOAP level (non-repudiation, integrity) At the HTTPS level (TLS session negotiation, eventually assuring authentication, integrity and privacy)


Some basic Concepts


Cryptography

Cryptography is the study of Secret (crypto-) writing (-graphy)

Concerned with developing algorithms: Conceal the context of some message from all except the sender and recipient (privacy or secrecy), and/or Verify the correctness of a message to the recipient (authentication) Form the basis of many technological solutions to computer and communications security problems


Basic Concepts

Cryptographyencompassing the principles and methods of transforming an intelligible message into one that is unintelligible, and then retransforming that message back to its original form

PlaintextThe original intelligible message

CiphertextThe transformed message

MessageIs treated as a non-negative integer hereafter


Basic Concepts

CipherAn algorithm for transforming an intelligible message into unintelligible by transposition and/or substitution, or some other techniques

KeysSome critical information used by the cipher, known only to the sender and/or receiver

Encipher (encode)The process of converting plaintext to ciphertext

Decipher (decode)The process of converting ciphertext back into plaintext


Basic Conceptscipher

an algorithm for encryption and decryption. The exact operation of ciphers is normally controlled by a key — some secret piece of information that customizes how the ciphertext is produced

Protocolsspecify the details of how ciphers (and other cryptographic primitives) are to be used to achieve specific tasks. A suite of protocols, ciphers, key management, user-prescribed actions implemented together as a system constitute a cryptosystem; this is what an end-user interacts with, e.g. PGP


Encryption and Decryption

Plaintext ciphertext

Encipher C = E(K1)(P)

Decipher P = D(K2)(C)

K1, K2: from keyspace

These two keys could be different; could be difficult to get one from the other


What is Security?

Two fundamentally different securitiesUnconditional security

No matter how much computational power is available, the cipher cannot be brokenUsing Shannon’s information theory

The entropy of the message I(M) is same as the entropy of the message I(M|C) when known the ciphertext (and possible more)

Computational securityGiven limited computing resources (e.g time needed for calculations is greater than age of universe), the cipher cannot be broken

What do we mean “broken”?Proved by some complexity equivalence approach

Documents

CS549: Cryptography and Network Security - SRM · PDF fileNotice© This lecture note (Cryptography and Network Security) is prepared by Xiang-Yang Li. This lecture note has benefited