Upload
others
View
33
Download
0
Embed Size (px)
Citation preview
Introduction to CryptographyIntroduction to Cryptography
Course: Network SecurityClass: MSCS/BSCS/PHDInstructor: Ghazi SalahuddinSession: Fall 2009
ObjectivesObjectives
Explain the generic properties of secret key, message digest, and public key algorithms, and how it is used.
Objectives of Lecture
• What is Cryptography?• Breaking an Encryption Scheme• Types of Cryptographic Functions
ObjectivesObjectives
This lecture will familiarize you with
• Types of Cryptographic Functions• Secret Key Cryptography• Public Key Cryptography• Hash Algorithms
What is Cryptography?What is Cryptography?
� Comes form the Greek work κρυπποκρυπποκρυπποκρυππο (hidden or secret) and γραφηγραφηγραφηγραφη (writing)
Art of mangling information into apparent unintelligibility in a
What is Cryptography?
Art of mangling information into apparent unintelligibility in a manner to allow a secret method of unmangling.
Cryptography ServicesCryptography Services
� Focus
Ability to send information between participants in a way that prevents others from reading it.
Cryptography Provides
� Focus◦ Kind of Cryptography that is based on representing information as numbers and mathematically manipulating those numbers.
◦ Provides services like� Integrity Checking
� Authentication
Cryptography ServicesCryptography Services
Reassuring the recipient of a message that the message has not been altered since it was generated by a legitimate source
Integrity
Authentication
Verifying someone’s (or something’s) identity
Authentication
Cryptographic SystemCryptographic System
plaintext cipher text plaintextEncryption Decryption
•A message in its original form
Plain text or Clear Text
• Mangled Information
Ciphertext
•The process for producing ciphertext from plaintext
Encryption
•The reverse process of encryption
Decryption
Cryptographers vs. CryptanalystsCryptographers vs. Cryptanalysts
• Invent Clever secret codes
Cryptographers
•Attempts to break secret codes
Cryptanalysts
Success of Cryptographers rests on the
If lots of smart people failed to solve a problem, Then it won’t be solved (soon)
Fundamental Tenet of Cryptography
Cryptographic Systems ComponentsCryptographic Systems Components
� Cryptographic system involve both
◦ Algorithm
◦ Secret Value (Key)
1. It is difficult to devise new algorithms2. Allow reversible scrambling of information3. It is difficult to explain newly devised algorithm with
participants4. There is not harm if even algorithm is known to bad
guys (cryptanalysts)
Reasons for Having key
Computational DifficultyComputational Difficulty
• Cryptographic algorithm needs to be reasonably efficient for good guys to compute.
• Cryptographic algorithms are not impossible to break• A bad guy can simply try all possible until one works.
No Algorithm provides 100% security
• An algorithm taking more time to break by bad guy will be considered more secure.
• If the best possible scheme will take 10 million years to break using all of the computers, then it can be considered reasonably secure.
Secure Algorithm - Computational difficulty to break
Computational DifficultyComputational DifficultyOften an encryption scheme can be made more secure by making the key longer.
It makes more little work for the good guy but will require exponentially higher time to try all possible combinations by bad guy for breaking the key.
• Computers can be used to exhaustively try keys.• Thousand and million of keys can be tried per second.• Also, lot of keys can be tried in parallel by using multiple
computers, saves time to break.
Computers make bad guy job easy
Computational DifficultyComputational DifficultyComputational DifficultyComputational Difficulty
A cryptographic algorithm can also have variable-length key
It can be made more secure by increasing the length of the key.
Some algorithms have a fixed-length key but similar algorithm with Some algorithms have a fixed-length key but similar algorithm with a longer key can be developed if necessary.
Try something else…..Try something else…..
• Breaking the cryptographic scheme is often only one way for getting what you want.
• For instance, bolt cutter works no matter how many digits are in the combination for briefcase lock.
Bolt Cutter Always Works…………..
You can get further with a kind word and a gun than you can with a kind word alone.
--Willy Sutton, bank robber
To Publish or Not to PublishTo Publish or Not to Publish
1. Keeping a cryptographic algorithm as secret as possible will enhance its security.
2. Publishing the algorithm, so that it is widely known, will enhance its security.
Arguments
It seems that keeping the algorithm secret must be more secure – it makes for more work for the cryptanalysts to try to figure out what the algorithm is.
To Publish or Not to PublishTo Publish or Not to Publish
• It is difficult to keep the algorithm secret if an algorithm is widely used.• Bad guy will probably find out about it eventually anyway (e.g. reverse
engineering)• It’s better to tell a lot of no malicious people about the algorithm, so in
case of weaknesses, good guys will discover them rather than bad guy.
Arguments for Publishing
case of weaknesses, good guys will discover them rather than bad guy.• Academic community publications improves the discovered weaknesses.
A bad guy who discovers a weakness will exploit it for doing bad-guy things like embezzling money or stealing trade secrets.
To Publish or Not to PublishTo Publish or Not to Publish
• Cryptosystems for military to be kept secret.• The military ciphers are unpublished mainly to keep good cryptographic
methods out of hands of the enemy rather than to keep them from crypt analyzing our codes.
• If a commercial algorithm is unpublished today, it’s probably for trade secret
Arguments for Not Publishing
• If a commercial algorithm is unpublished today, it’s probably for trade secret reasons or because this makes it easier to get export approval rather than to enhance it security.
Secret CodesSecret Codes
Secret code (or cipher) mean any method of encrypting data.
Ceaser Cipher• Attributed to Julius Ceaser• Substitute for each letter of the message, the letter which is 3
letters later in the alphabet (and wrap around to A from Z)letters later in the alphabet (and wrap around to A from Z)• For Example: DOZEN would become GRCHQ• It is very easy to know the actual text from encrypted text.
Secret CodesSecret Codes
Captain Midnight Secret decoder rings• An enhancement to the Ceaser cipher distributed in 1940.• The variant is to pick a secret number n between 1 and 25,
instead of always using 3.• Substitute for each letter of the message, the letter which is n
higher ( and wrapped) around to A from Z).
For n=1Cleartext: ABCDEFGHIJKLMNOPQRSTUVWXYZCiphertext: BCDEFGHIJKLMNOPQRSTUVWXYZAExample: HAL would become IBM
For n=25Cleartext: ABCDEFGHIJKLMNOPQRSTUVWXYZCiphertext: ZABCDEFGHIJKLMNOPQRSTUVWXYExample: IBM would become HAL
There are only 26 possible ns to try, it is very easy to break this cipher if you know it is being used and you can recognize a message once it’s decrypted.
Secret CodesSecret Codes
Monoalphabetic
trillion years if it takes 1 microsecond to try each one.
Monoalphabetic cipher• It consists of an arbitrary mapping of one letter to another letter.• There are 26! Possible pairings of letters, which is approximately
4x1026.• It looks more secure, because to try all possibilities it would take 10
trillion years if it takes 1 microsecond to try each one.
• Statistical analysis means that certain letters and letter combinations are more common than others.
• It turns out to be fairly easy to break.• For instance, many daily news papers have a daily cryptogram, which
is a monoalphabetic cipher, and can be broken.
Statistical Analysis of Language
English letter FrequenciesEnglish letter Frequencies
Breaking an Encryption SchemeBreaking an Encryption Scheme
Attack Types
There are three types of attacks for breaking an encryption scheme
Ciphertext only
Known plaintext
Chosen Plaintext
CiphertextCiphertext onlyonly
• In this type of attack the encryption algorithm and ciphertext is known to bad guy.
• How a bad guy can figure out the plaintext if he can only see the cipher text??
How to break???
• One possible solution is to search through all the keys.• It is essential in this attack that the bad guy should be able to
recognize when he has successes. (readable English Text)• It is also known as recognizable plaintext attack.• It is essential for bad guy to have enough ciphertext. • Example; Having XYZ ciphertext is not enough information and have
multiple possible substitution like THE/CAT/HAT and many more…..any of the following words can be the plaintext for XYZThe hot cat was sad but you may now sit and use her big red pen.
CiphertextCiphertext onlyonly
• Often, it is not necessary to search through a lot of keys.• If normal English words are taken as passwords, then it is possible to
avoid trying non-english words and can reduce to try all possible combinations of number of characters within the password. (English dictionary is used for recognizing English words)
How to break???
dictionary is used for recognizing English words)• On average half of all possible keys must be tried to achieve success.
• A strong encryption algorithm can secure from these type of attacks.
Known PlaintextKnown Plaintext
• Encryption Algorithm• Ciphertext• One or more plaintext-ciphertext pairs formed with the
secret key
Following is known to bad guy
• One possibility is that secret data might now remain secret forever
How plaintext-ciphertext pairs are known to attacker?
• From it, the attacker would learn the mappings of a substantial fraction of the most common letters.
• One possibility is that secret data might now remain secret forever• For instance, the data might consist of specifying the next city to be attacked.
Once the attack occurs, the plaintext to the previous day’s ciphertext is now known.
How Attack Works?
• It is important to design the systems that use such a cryptographic algorithm to
minimize the possibility that a bad guy will ever be able to obtain <plaintext, ciphertext> pairs.
Chosen PlaintextChosen Plaintext
• Encryption Algorithm• Ciphertext• Plaintext message chosen by cryptanalyst, together with its corresponding
ciphertext generated with the secret key
Following is known to bad guy
How it works?
• It allows the attacker to get all the letters of the alphabet encrypted and then be able to decrypt with certainly any encrypted message.
How it works?
• It is very easy to send few plaintext message and get their corresponding encrypted messages.
• Allow to obtain all substitutions and decrypt any possible encrypted message.
What attacker Needs to do?
Chosen PlaintextChosen Plaintext
• Attacker can choose any plaintext he wants, and get the system to tell him what the corresponding cipher text is.
• Suppose a telegraph company offered a service in which they encrypt and transmit message for you.
• Suppose Fred has eavesdropped on Alice’s encrypted message. • Now Fred would like to break the telegraph company’s encryption
How attacker get all these information?
• Now Fred would like to break the telegraph company’s encryption scheme so that he can decrypt Alice’s message.
• He can obtain the corresponding cipher text to any message he chooses by paying the telecom company to send the message for him.
• For instance, Fred knew they were using a mono-alphabetic cipher, he might send the message
The Quick brown fox jumps over the lazy dog. (Includes A-Z)
Types of Cryptographic FunctionsTypes of Cryptographic Functions
It involves the use of Zero Keys
It involves the use of only one key, called secret key
Hash Functions
Secret Key Functions secret key
It involves the use of two keys, called public and private keys
Functions
Public Key Functions
Secret Key CryptographySecret Key Cryptography
plaintext cipher textEncryption
cipher text plaintext
Key
Decryption
• It involves the use of only one key.• Same key is used for encryption and decryption.• Cipher text remain of same length as of plaintext after encryption• It is also known as conventional Cryptography or Symmetric
cryptography.• Examples: Captain midnight code and monoalphabetic ciphers
Secret Key CryptographySecret Key Cryptography
Classic Ciphers comprise of two basic components:
• Substitution Cipher• Transposition cipher
• Monoalphabetic• Monoalphabetic• Polyalphabetic
Several of these ciphers are grouped together to form a ‘product cipher’
Security uses of Security uses of Secret Key CryptographySecret Key Cryptography
• Transmitting over an Insecure channel• Secure Storage on Insecure Media• Authentication
Following are type of things that can be done by using secret key cryptography
• Authentication• Integrity Check
Transmitting over an Insecure channelTransmitting over an Insecure channel
If sender and receiver agree on a shared secret (a key), then by using the secret key then both can send messages to one another on a medium that can be tapped, without worrying about eveasdroppers.
The only requirement is to have the sender encrypt the message and the receiver decrypt them using the shared secret.receiver decrypt them using the shared secret.
An eavesdropper will only see unintelligible data
This is the classic use of cryptography.
Secure Storage on Insecure MediaSecure Storage on Insecure Media
If you invent a key and encrypt the information using the key, you can store it anywhere and it is safe so long as you can remember the key.
Forgetting the key makes the data irrevocably lost, so this must be used with great care.great care.
Between the clever theives and court orders, ther are very few places that are truly secure, and none of them is convenient.
AuthenticationAuthentication
• In spy movies password used for authentication• Problem: Any one revealing their conversation or initiating
one falsely can gain information useful for replaying later and
impersonating the person to whom they are talking.
Spy Movies use passwords
• It means some one can prove knowledge of a secret without revealing it.
• It is useful when two computers are trying to communicate over an insecure network.
Strong Authentication
AuthenticationAuthentication
• Suppose Alice and Bob share a key KAB and they want to verify they are speaking to each other.
• Then each pick a random number, which is known as challenge.• Alice Pick rA and Bob picks rB.• The value x encrypted with the key KAB is known as response to the
challenge x.
Challenge-Response Authentication with Shared Secret
Alice Bob
rArA encrypted with KAB
rBrB encrypted with KAB
Figure: challenge-Response authentication with shared secret
AuthenticationAuthentication
If Alice and Bob complete this exchange, they have each proven to the other party that they know KAB without revealing it to an impostor or an eavesdropper.
• If someone, say Fred, were impersonating Alice, he could get Bob to encrypt a value for him (though he wouldn’t be able to tell if the person he was talking to was really Bob).the person he was talking to was really Bob).
• But this information would not be useful later in impersonating Bob to the real Alice because the real Alice would pick a different challenge.
AuthenticationAuthentication
• There is an opportunity for Fred to obtain some <choosenplaintext, ciphertext> pairs, since he can claim to be Bob and Ask Alice to encrypt a chllenge to him.
• It is essential that challenge to be chosen from a large
Always use large challenge space to avoid repeating
• It is essential that challenge to be chosen from a large enough space, 264 values, so that there is no significant chance of using the same as twice.
Integrity CheckIntegrity Check
A secret key scheme can be used to generate a fixed-length cryptographic checksum associated with a message.
• An ordinary (noncryptographic) checksum protects against
Cryptographic
checksum
What is a checksum?
• An ordinary (noncryptographic) checksum protects against accidental corruption of message
• The term checksum comes from the operation of breaking a message into fixed-length blocks and adding them up.
• The sum is sent along with the message.• The Receiver similarly break up the message, repeats the addition
and checks the sum.• If the message had been garbled en route, the sum will not match
the sum sent and the message is rejected.
Integrity CheckIntegrity Check
• If flaky hardware turns a bit off somewhere, it is likely to turn a corresponding bit on some where else.
• To protect against such “regular” flaws in hardware, more complex checksum called CRC (Cyclic redundancy Check) were devised.
What is CRC?
devised.• It still protects against faulty hardware and not an intelligent
attacker.• Since CRC algorithm are published, an attacker wanted to change
a message could do so, compute the CRC of the new message, and sent that along.
Note: if you don’t remember about CRC then please refer the book of Forouzan for refresh the concepts.
Integrity CheckIntegrity Check
• A secret checksum algorithm provides protection against malicious changes to a message.
• An attacker not knowing the algorithm can’t compute the right checksum for the message to be accepted as authentic.
• It is better to have a common (known) algorithm and a secret key.
Cryptographic checksum
• It is better to have a common (known) algorithm and a secret key.
• Given a key and a message, the algorithm produces a fixed-length message authentication code (MAC) that can be sent with the message.
• A MAC is often called a MIC (Message Integrity Check).
How it Works?
Integrity CheckIntegrity Check
• Bad guy want to modify the message and don’t know the key.• He will guess a MAC, which chances of getting right depends on the
MAC length.• A typical MAC is at least 48-bits long.• Chance of getting away with forged message is only one in 280
MAC/MIC and bad guys
• Chance of getting away with forged message is only one in 280 trillion.
Public Key CryptographyPublic Key Cryptography
plaintext cipher textEncryption
cipher text plaintextDecryption
Public Key
Private Key
Decryption
• It is also referred to as asymmetric Cryptography.• It is a new field, invented in 1975.• It involves the use of two keys:
• Private key : that need not be revealed to anyone,• Public key: that is preferably known to the entire world.
Public Key CryptographyPublic Key Cryptography
• A digital signature can be generated on a message.• A digital signature is a number associated with a message, like the
checksum or the MAC.• A digital can only be generated by someone knowing the private
key.
Additional Advantage: Digital Signatures
plaintext Signed MessageSigning
Signed Message plaintextVerification
Public Key
Private Key
Public Key CryptographyPublic Key Cryptography
• A Checksum or MAC can be generated by anyone. • A digital signature can only be generated by someone knowing the
private key.
Difference between Digital Signature and MAC
• A public key signature differs from a secret key MAC because • verification of a MAC requires knowledge of the same secret as
was used too create it.was used too create it.• Anyone who can verify a MAC can also generate one.• In contrast, verification of the signature only requires knowledge
of the public key.
• Alice can sign a message by generating a signature only she can generate and other people can verify that it is Alice’s signature, but can not forge her signature.
• It is called signature because it shares with handwritten signatures the property that it is possible to recognize a signature authentic without being able to forge it.
Exam
ple
Public Key CryptographyPublic Key Cryptography
• Public key cryptography algorithms are slower than secret key cryptography algorithms
• Usually used with secret key cryptography algorithms• Network security is easily configurable.• Conversation:
• Authentication at start using PK
Security Use of Public Key Cryptography
• Authentication at start using PK• Encryption during conversation using SK
• Alice encrypt the secret key using public key and send to Bob.• Alice and Bob us the secret key to encrypt conversation.• Only Bob can decrypt the secret key• Bob does not know that it was Alice who sent the message.• Alice digitally sign the encrypted secret key using the private key.
Transmitting over an Insecure channelTransmitting over an Insecure channel
Suppose Alice’s <private key, public key> pair is <eA, dA) and Bob’s key pair is <eB, dB).
Assume Alice know Bob’s public key and Bob knows Alice’s public key.
Both can send the secured message over insecure channel.Both can send the secured message over insecure channel.
Encrypt mA using eB Decrypt mA using dB
Encrypt mB using eADecrypt mB using dA
Alice Bob
Secure Storage on Insecure MediaSecure Storage on Insecure Media
It works same as with Secret key cryptography.
You’d encrypt the data with your public key and no body can decrypt it except you, since decryption will require the use of private key.
Better Performance
• You wouldn’t encrypt the data directly with the public key• Randomly generate the secret key, encrypt the data with that
secret key, and encrypt that secret key with the public key.
Better Performance
If you loose your private key, the data is irretrievably lost.
• You can encrypt an additional copy of the data encryption key under the public key of someone you trust, like your lawyer.
• You can store copies of your private key with someone you trust.
AuthenticationAuthentication
• If Alice and Bob wants to communicate, they have to share a secret.
• If bob wants to prove his identity with lots of identities then he needs to remember lots of keys (One for each entity).
• If Alice uses the same shared secret with Alice as Carol, then Carol and Alice can impersonate to each other.
Weakness of Secret Key AuthenticationWeakness of Secret Key Authentication
• Bob only needs to remember a single secret, his own key.• If bob wants to be able to verify the identify of thousands of
entities, then he will only need to know thousands of public keys (PKI helps to manage it in efficient way)
Public key AuthenticationPublic key Authentication
AuthenticationAuthentication
• How Alice can use the public key cryptography for verifying ob’s identity assuming Alice knows Bob’s public key??
How it Works?How it Works?
• Alice Chooses a random number r, encrypt it using the Bob’s publick key e , and send the result to bob.
Encrypt r using eB Decrypt to r using dB
r
Alice Bob
eB, and send the result to bob.• Bob proves he knows dB by decrypting the message and sending r back
to Alice
AuthenticationAuthentication
verify Bob.• Alice does not need to keep any secret information in order to
verify Bob.
Other AdvantagesOther Advantages
• For instance, Alice might be a computer system in which back tapes are unencrypted and easily stolen.tapes are unencrypted and easily stolen.
• With secret key based authentication, if Carol stole a backup tape ad read the key that Alice shares with bob, she could then trick Bob into thinking she was Alice.
• In contrast, with public key based authentication, the only information on Alice’s backup tapes is public key information, and that can not be used to impersonate Bob.
Digital SignaturesDigital Signatures
• They prove who generated the information• They prove that the information has not been modified in any way
by anyone since the message and matching signature were generated.
Digital Signatures provide two important functionsDigital Signatures provide two important functions
• Public key technology (Digital signature) is useful to prove that a message was generated by a particular individual.
• Bob’s signature for a message m can only be generated by someone with knowledge of Bob’s private key.
• Signature depends on the contents of message m.• If m is modified then signature becomes invalid.
Digital SignaturesDigital Signatures
• Digital Signatures offer important advantage (Non-repudiation) over secret key cryptography MACs.
Digital Signatures vs. Secret key cryptography MACs
• Bob sells widgets and Alice routinely buys them.• Orders are placed through mail with signed purchase order.• Orders are placed through mail with signed purchase order.• Both agree with email message to order widgets.• To avoid forging orders, Alice will include a message integrity code
on her messages.• It can be either a secret key MAC of public key based signature.• What are the complications with both approaches?????
Digital SignaturesDigital Signatures
• If public key signatures are used by Alice and Bob • Bob can show the signed message to the judge and it can be
verified that it was signed with Alice’s key (private key)• If Alice claims the key stolen or misuse but still he will be
• Everyone generates the signature using their own private key
• If Alice claims the key stolen or misuse but still he will be responsible due to contract and his responsibility to secure his private key.
• Digital signatures are created by private key of sender and can be easily idetified with the knowledge of sender private key.
Digital SignaturesDigital Signatures
• Suppose Alice placed a big order but she changes her mind.• There is big penalty for cancelling order.• She wants to deny that she ever placed the order• Bob sues to Alice……..
• Bob cant prove if Alice deny the placed order (Same Shared Key)
• Bob sues to Alice……..• If Alice authenticated the message by computing a MAC based
on a key that shares with Bob, Bob knows Alice really placed the order because no body other than Bob know that key.
• If Bob knows he didn’t create the message he knows it must have been Alice.
• Bob can’t prove it to anyone, since he knows the same key that Alice used to sign the order, he could have forged the signature on the message himself to the judge that he didn’t.
Hash AlgorithmsHash Algorithms
� It is a mathematical transformation
� It takes a message of arbitrary length (transformed into a string of bits)
Hash algorithms are also called Message Digests or one-way transformations.
What is Hash Function?
bits)
� Computes a fixed-length number from it.
� Take the message m and treat it as a number
� Add some large constants and Square it
� Take the middle n digits as hash.
Example
Hash AlgorithmsHash Algorithms
� For any message m, it is easy to compute h(m), doesn’t take lot of processing to compute the hash.
� Given h(m), there is no way to find an m that hashes to h(m) in a way that is substantially easier then going through all possible values of m and computing h(m) for each one.
Properties of hash of a message
and computing h(m) for each one.
� Many different values of m can be transformed to the same value h(m) (because there are many more possible values of m), it is computationally infeasible to find two values that hash to the same thing.
Basic idea of a message digest function is that the input is mangled so badly the process cannot be reversed.
Password HashingPassword Hashing
To store hash of password is secure than storing unencrypted passwords in a system.
• When a password is supplied, it computes the password’s has and compares it with the stored hash value.
• If they match, the password is deemed correct.
Password HashingPassword Hashing
If the hashed password file is obtained by an attacker, it is not immediately useful because the password can’t be derived from the hashes.
• If systems make the password hash file publically reachable, it involves security riskinvolves security risk
• Even if there are no cryptographic flaws in the hash, it is possible to guess passwords and hash them to see if they match.
• If a user is careless and select a guessable password, an exhaustive search would crack the password.
Many systems hide the hashed password list or file.
Message IntegrityMessage Integrity
Hash functions can be used to generate a MAC to protect the integrity of messages transmitted over insecure media (same like secret key crypt)
If we merely sent the message and used the hashed of the message as MAC, this would not be secure.MAC, this would not be secure.
Hash functions are well-known, bad guy can modify the message and compute a new hash for the new message, and transmits it.
Keyed Hash provides more secure mechanism.
Message IntegrityMessage Integrity
A message can be concatenated with secret key for calculating the hash and provides secure integrity.
Alice Bob
HashMessage
Secret
?=
Hash
Secret
• If Alice and Bob have agreed on a secret.• Alice can use a hash to generate a MAC for a message to bob by
taking the message.• Concatenate the secret, and compute the hash of the secret.
Message IntegrityMessage Integrity
What is Keyed Hash??
• Concatenate the secret, and compute the hash of the secret.• Alice send the hash and the message (without the secret) to Bob.• Bob concatenates the secret to the received message and computes
the hash of the result.• If that matches the received hash, Bob can have confidence the
message was sent by someone knowing the secret.
Message fingerprintMessage fingerprint
• You want to know whether some large data structures (e.g. programs) has been modified from one day to the next.
Scenario / Requirements
• You could keep a copy of the data on some temper-proof backing
Solution 1: Multiple Copies
• You could keep a copy of the data on some temper-proof backing store and periodically compare it to the active version.
• Use of hash function can save storage (hash is small compare to file).• You simply save the message digest of the data on the tamper-proof
backing store.• If the message digest hasn’t changed, you can be confident none the of
the data has.
Solution 2: Hash function
Hash functions must be secured and protected from bad guys
DownlineDownline Load SecurityLoad Security
• Many devices connected to network (like routers or printers) do not have nonvolatile memory to store the programs they normally run.
• They keep a bootstrap program smart enough to get a program from the network and run it.
What is downline load ?
from the network and run it.• This scheme is called downline load.
• Suppose you want to downline a program and make sure that it hasn’t been corrupted.
• If you know the proper hash of the program, you can compute the hash of the loaded program and make sure it has the proper value before running the program.
Downline Load Security
Digital Signature EfficiencyDigital Signature Efficiency
• The best known public key algorithms are sufficiently processor-intensive that is desirable to compute a message digest of the message and sign that, rather than to sign the message directly.
• The message digest algorithms are much less processor-intensive, and the message digest is much shorter than the
Digital signature vs. digest efficiency
intensive, and the message digest is much shorter than the message.
Cryptography ToolsCryptography Tools
• Cypher Calc• Command Line Scriptor• CryptoHeaven• PGP Crack• Magic Lantern• Advanced File Encryptor• Encryption Engine
• Omziff• ABC CHAOS• EncryptOnClick• CryptoForge• SafeCryptor• CrypTool• Micrsoft Cryptography • Encryption Engine
• Encrypt files
• Encrypt PDF• Encrypt Easy• Encrypt my folder• Advanced HTML encrypt
and Password Protect• Encrypt HTML Source• Alive file Encryption
• Micrsoft Cryptography Tools
• Polar Cryto Light• CryptoSafe• Crypt Edit• CrypSecure• Cryptlib• Crypto++ Library
SummarySummary