• No results found

CNIT 141 Cryptography for Computer Networks

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "CNIT 141 Cryptography for Computer Networks"

Copied!
44
0
0

Loading.... (view fulltext now)

Download now ( 44 Page )

Full text

(1)

CNIT 141

Cryptography for Computer Networks

1. Encryption

(2)

Topics

The Basics

Classical Ciphers

How Ciphers Work

Perfect Encryption: The One-Time Pad

Encryption Security

Asymmetric Encryption

When Ciphers Do More Than Encryption

(3)

The Basics

P: Plaintext

K: Key

C: Cleartext

E: Encryption via cipher

(4)
(5)
(6)
(7)
(8)

Vigenere Cipher

Shift varies with a repeated keyword

(9)

Breaking the Vigenere

Cipher

Find repeating ciphertext to deduce key length

(10)

Frequency Analysis

(11)

Modified Caesar Program

Converts to uppercase

Preserves spaces

(12)
(13)
(14)
(15)
(16)

Two Components

Permutation

Transforms one letter to another letter

In Caesar cipher, shift letter three places

Mode of Operation

Algorithm to handle messages of arbitrary size

In Caesar cipher, process each letter independently

(17)

Permutation Security

Permutation should be determined by

the key

If key is secret, attacker can’t easily

decrypt

Different keys should result in different

permutations

Permutation should look random

(18)

Mode of Operation

Caesar cipher encrypts letters one at a time

Double letters remain doubled

HELLO -> KHOOR

Patterns in plaintext are preserved in ciphertext

Insecure (now called “Electronic Code Book”

mode)

More secure modes encrypt repeated text differently each time

(19)

Perfect Encryption:

The One-Time Pad

(20)

XOR

XOR combines two bits

0 ^ 0 = 0

0 ^ 1 = 1

1 ^ 0 = 1

(21)

Encrypting a Stream of

Bits

Plain: ABC = 0100 0001 0100 0010 0100 0011

Key: 0110 0110 0110 0101 1010 1110

Cipher: 0010 0111 0010 0111 1110 1101

Key must be random and never re-used

Key must be longer than all the plaintexts you want to send

(22)

Unbreakable

If an attacker uses a brute-force attack

Trying all possible keys

They get all possible letter sequences

(23)
(24)
(25)

Attack Models

Set requirements for cryptographers who design ciphers

So they know what attacks to prevent

Give guidelines to users

Whether a cipher is safe in their environment

Provide clues for cryptanalysts who attempt to break ciphers

(26)
(27)

Kerckhoff’s Principle

The key is secret

(28)

Black-Box Models

No knowledge of cipher operation

Ciphertext-Only Attack (COA)

Attacker sees only C

Known-Plaintext Attack (KPA)

Attacker knows P and C

Chosen-Plaintext Attack (CPA)

Attacker can perform encryption for any P

Chosen-Ciphertext Attack (CCA)

(29)

Gray-Box Models

Attacker has access to the implementation

Can tamper with the system’s internals

Side-channel attack

Attacker measures something else about the cipher’s operation

Such as timing or power consumption

Noninvasive — does not alter integrity of system

(30)

Gray-Box Models

Invasive attacks

Modify system

Examples

Using acid to dissolve parts of a microchip

(31)

Security Goals

Indistinguishability

Ciphertext should be indistinguishable from a random string

Non-malleability

Ciphertext cannot be altered and produce meaningful plaintext

(32)

Security Notions

IND-CPA

Indistinguishability against a Chosen-Plaintext Attack

Also called semantic security

Two identical plaintext strings must result in different ciphertexts

Accomplished by adding “random” bits each time you encrypt

(33)

Asymmetric Encryption

Uses two keys

Also called Public-Key encryption

Public key freely published to everyone

Private key held secret

Will be covered in later chapters—everything in this chapter is about symmetric encryption

(34)

When Ciphers Do More

Than Encryption

(35)

Authenticated Encryption

Returns an authentication tag with the ciphertext

Tag ensures integrity of the message and also

authenticates the author

Authenticated Encryption with Associated Data

(AEAD)

(36)

Format-Preserving Encryption

Normally encryption takes inputs as bits and

returns outputs as bits

Could be written as hex, base64, etc.

Format-Preserving Encryption returns

ciphertext in the same format as the plaintext

Zip code -> Zip code

(37)

Fully Homomorphic

Encryption

Allows modification of encrypted data without decrypting it

The first FHE scheme was created in 2009

(38)

Searchable Encryption

Searches encrypted data without decrypting it

Using an encrypted search string

(39)
(40)

Tweakable Encryption

Adds a “tweak” parameter to normal encryption

Such as a unique customer number

(41)

How Things Can Go

Wrong

(42)

Weak Cipher

2G phone networks used the A5/1 cipher

Vulnerable to a time-memory trade-off attack

Using large lookup tables to speed up an attack

(43)

Wrong Model

Padding Oracle attack

If a user submitted data that decrypted to a valid string, that was taken as authentication

Even if the string contained nonsense

Server provided error messages for incorrect padding

Those errors can be used to find valid ciohertext without knowing the key

(44)

References

Download now ( PDF - 44 Page - 0.96 MB )

Related documents

The influence of whole-arm trisomy on gene expression in Drosophila.

We previously observed that many autosomal genes duplicated in whole-arm trisomies of Drosophila can also produce compensated (diploid) levels of gene product

Evidences for Deleterous Role of Free Radicalsin Experimental VaricoceleUsing Animal Model

The percentage sperm motility of the treated varicocelized models were significantly ( P <0.005) higher compared to the untreated model group (31.2±4.5) and comparable

Alcohol Consumption among Day workers and Shift workers in Visakhapatnam

The percentage of subjects consuming alcohol remained same in day workers but in shift workers it increased to 61.7 per cent after taking up the job and the quantity of

Connective tissue diseases and noninvasive evaluation of atherosclerosis

CV morbidity and mortality in patients with CTDs reflect complex and dynamic interaction between traditional risk factors (age, hypertension, metabolic syndrome, diabetes,

Constructed Wetlands as Remediation Tools for Shallow Groundwater Contaminated by Swine Lagoon Seepage

A swine lagoon in Eastern North Carolina constructed in sandy soil was found to be leaking. Investigation of the site indicated that the groundwater flow was transporting the

Design and Simulation of Koch Fractal Antenna for UWB Applications

Comparing simulated parameters for each iteration of Koch fractal antenna like reflection coefficient, VSWR, gain with conventional triangular patch antenna, we can

Meiotically and Mitotically Stable Inheritance of DNA Hypomethylation Induced by ddm1 Mutation of Arabidopsis thaliana

the other copy hypomethylated) were identified. One methylated through an outcross and a selfing. The methylation status of the Ta3 locus bia m105 homozygotes and 27 from

Detection Of Exudates in Color Fundus Image

In this project, we extract the blood vessels using thresholding method and detect optic disc using circular Hough transform method.. Finally we detect the exudates using