Cryptography: Message Authentication, Hash Functions, and Public-Key Encryption, Slides of Computer Security

An in-depth exploration of cryptographic tools, focusing on message authentication, hash functions, and public-key encryption. Topics include message authentication codes, secure hash functions, public-key encryption structure, requirements for public-key cryptography, and various algorithms such as rsa, diffie-hellman key exchange, and digital signature standard. Applications and uses of these cryptographic methods are also discussed.

Typology: Slides

2012/2013

Uploaded on 04/25/2013

bageshri
bageshri 🇮🇳

4.3

(24)

175 documents

1 / 21

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Lecture 4
Cryptographic Tools (cont)
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15

Partial preview of the text

Download Cryptography: Message Authentication, Hash Functions, and Public-Key Encryption and more Slides Computer Security in PDF only on Docsity!

Lecture 4

Cryptographic Tools (cont)

Message Authentication

protects against

active attacks

verifies received

message is

authentic

can use

conventional

encryption

  • contents have not been

altered

  • from authentic source
  • timely and in correct

sequence

  • only sender & receiver

share a key

Secure Hash

Functions

Message

Authentication

Using a

One-Way

Hash Function

Security of Hash Functions

• approaches to attack a secure hash function

– cryptanalysis

• exploit logical weaknesses in the algorithm

– brute-force attack

• strength of hash function depends solely on the length of

the hash code produced by the algorithm

• additional secure hash function applications:

– Passwords : hash of a password is stored by an

operating system

– intrusion detection : store H(F) for each file on a

system and secure the hash values

Public-Key Encryption Structure

publicly

proposed by

Diffie and

Hellman in 1976

based on

mathematical

functions

asymmetric

  • uses two

separate keys

  • public key and

private key

  • public key is

made public for

others to use

some form of

protocol is needed for

distribution

Private-Key Encryption

Requirements for Public-Key Crypto.

computationally

easy to create

key pairs

computationally easy for

sender knowing public

key to encrypt messages

computationally easy for

receiver knowing private

key to decrypt

ciphertext

computationally

infeasible for opponent

to determine private key

from public key

computationally

infeasible for opponent

to otherwise recover

original message

useful if either key can

be used for each role

Applications for Public-Key Cryptosystems

Digital Signatures

• used for authenticating both source and data

integrity

• created by encrypting hash code with private

key

• does not provide confidentiality

– even in the case of complete encryption

– message is safe from alteration but not

eavesdropping

Digital Envelopes

• protects a message

without needing to

first arrange for

sender and receiver

to have the same

secret key

• equates to the same

thing as a sealed

envelope containing

an unsigned letter

Random Numbers

  • Uses include generation of:
    • keys for public-key algorithms
    • stream key for symmetric

stream cipher

  • symmetric key for use as a

temporary session key or in

creating a digital envelope

  • handshaking to prevent replay

attacks

  • session key

Random versus Pseudorandom

• cryptographic applications typically use algorithms for

random number generation

– algorithms are deterministic and therefore produce sequences of

numbers that are not statistically random

• pseudorandom numbers are:

– sequences produced that satisfy statistical randomness tests

– likely to be predictable

• true random number generator (TRNG):

– uses a nondeterministic source to produce randomness

– most operate by measuring unpredictable natural processes

  • e.g. radiation, gas discharge, leaky capacitors

– increasingly provided on modern processors

Application: Encryption of Stored Data

common to encrypt transmitted data

there is often little much less common for stored data protection beyond domain authentication and operating system access controls

data are archived for indefinite periods

even though erased, until disk sectors are reused data are recoverable

approaches to encrypt stored data:

use a commercially available encryption package

back-end appliance

library based tape encryption

background laptop/PC data encryption