4620 Cryptography
4620 Cryptography
4620 Cryptography
ciphertext: mnbvcxzasdfghjklpoiuytrewq
K K
A-B A-B
DES operation
initial permutation
16 identical “rounds” of
function application,
each using different 48
bits of key
final permutation
• one pass
64-bit scrambler
through: one
input bit affects
eight output bits 64-bit output
8-10
8: Network Security
Public key cryptography
+ Bob’s public
K
B key
- Bob’s private
K
B key
K+ K-
B B
8-13
RSA: Encryption, decryption
0. Given (n,b) and (n,a) as computed above
Magic e d
happens! m = (m mod n) mod n
e e
letter m m c = m mod n
encrypt:
l 12 1524832 17
d d
c c m = c mod n letter
decrypt:
17 481968572106750915091411825223071697 12 l
e d ed
(m mod n) mod n = m mod n
ed mod (p-1)(q-1)
= m mod n
(using number theory result above)
1
= m mod n
- + + -
K B (KB (m)) = m = K B (K B (m))
Cryptographic Hash:
• takes input m, produces fixed length value, H(m)
– e.g., as in Internet checksum
• computationally infeasible to find two different messages, x,
y such that H(x) = H(y)
– equivalently: given m = H(x), (x unknown), can not determine x.
– note: Internet checksum fails this requirement!
H(.)
(message)
m H(m+s) m
public
m append compare
Internet
H(m+s)
H(.) H(m+s)
s
(shared secret)
CA
public +
K CA
key
8-28
8: Network Security
A certificate contains:
• Serial number (unique to issuer)
• info about certificate owner, including algorithm and key
value itself (not shown)
r info about
certificate
issuer
r valid dates
r digital signature
by issuer
“I am Alice”
Failure scenario??
in a network,
Bob can not “see” Alice, so
Trudy simply declares
herself to be Alice
“I am Alice”
Alice’s
IP address
“I am Alice”
Failure scenario??
Alice’s Alice’s
“I’m Alice”
IP addr password
Failure scenario??
Alice’s
OK
IP addr
Alice’s Alice’s
“I’m Alice”
IP addr password
playback attack: Trudy
Alice’s records Alice’s packet
OK
IP addr and later
plays it back to Bob
Alice’s Alice’s
“I’m Alice”
IP addr password
Alice’s encrypted
“I’m Alice”
IP addr password
Failure scenario??
Alice’s
OK
IP addr
Alice’s encrypted
“I’m Alice” record
IP addr password
and
playback
Alice’s
OK still works!
IP addr
Alice’s encrypted
“I’m Alice”
IP addr password
“I am Alice”
“I am Alice”
Bob computes
R + -
K (K (R)) = R
K - (R) A A
A and knows only Alice
“send me your public key”
could have the private
+ key, that encrypted R
K such that
A + -
K (K (R)) = R
A A
I am Alice I am Alice
R -
K (R)
T
R - Send me your public key
K (R) +
A K
T
Send me your public key
+
K
A +
K (m)
Trudy gets T
- +
+ m = K (K (m))
K (m)
A sends T
m toTAlice
- + encrypted with
m = K (K (m))
A A Alice’s public key
8-40
8: Network Security
ap5.0: security hole
Man (woman) in the middle attack: Trudy poses as Alice (to
Bob) and as Bob (to Alice)
Difficult to detect:
q Bob receives everything that Alice sends, and vice
versa. (e.g., so Bob, Alice can meet one week later and
recall conversation)
q problem is that Trudy receives all messages as well!
8-41
8: Network Security
Secure e-mail
q Alice wants to send confidential e-mail, m, to Bob.
KS
m K ( .)
S
KS(m ) KS(m )
KS ( ) . m
+ Internet - KS
KS
+ .
KB ( ) + +
-
KB ( ) .
KB(KS ) KB(KS )
K+
B KB-
Alice:
q generates random symmetric private key, KS.
q encrypts message with KS (for efficiency)
q also encrypts KS with Bob’s public key.
q sends both KS(m) and KB(KS) to Bob.
8: Network Security 8-42
Secure e-mail
q Alice wants to send confidential e-mail, m, to Bob.
KS
m K ( .)
S
KS(m ) KS(m )
KS ( ) . m
+ Internet - KS
KS
+ .
KB ( ) + +
-
KB ( ) .
KB(KS ) KB(KS )
K+
B KB-
Bob:
q uses his private key to decrypt and recover KS
q uses KS to decrypt KS(m) to recover m
KA- KA+
- -
m H(.)
-
KA( ). KA(H(m)) KA(H(m)) +
KA( ). H(m )
+ Internet - compare
m H( ). H(m )
m
+ KS ( ).
m + Internet
KS
+
KB ( ). +
KB(KS )
K+
B
Alice uses three keys: her private key, Bob’s public key, newly
created symmetric key