Professional Documents
Culture Documents
Cryptographic Tools
Cryptographic Tools
1
CONTENT
1. Symmetric Encryption
2. Message Authentication and Hash Functions
3. Public-Key Encryption
4. Digital Signatures and Key Management
5. Random and Pseudorandom Numbers
6. Practical Application: Encryption of Stored Data
7. Symmetric vs Asymmetric
2
2.1 Symmetric Encryption
3
Symmetric Encryption
4
2.1.1 Attacking Symmetric
Encryption
Cryptanalytic Attacks Brute-Force Attack
• rely on: • try all possible keys on some
– nature of the algorithm ciphertext until an intelligible
– plus some knowledge of the general translation into plaintext is
characteristics of the plaintext obtained
– even some sample plaintext- – on average half of all possible
ciphertext pairs keys must be tried to achieve
• exploits the characteristics of the success
algorithm to attempt to deduce a
specific plaintext or the key
being used
– if successful all future and past
messages encrypted with that key
are compromised
5
2.1.2 Symmetric Encryption
Algorithms
6
Block Cipher
Encryption
Stream
Encryption
7
Block & Stream Ciphers
Block Cipher
Stream Cipher
• processes the input elements continuously
• produces output one element at a time
• primary advantage is that they are almost always
faster
and use far less code
• encrypts plaintext one byte at a time
• pseudorandom stream is one that is unpredictable
without knowledge of the input key
8
2.2 Message
Authentication
protects against
active attacks
altered
message is • from authentic source
authentic • timely and in correct
sequence
can use
conventional
• only sender &
receiver
s
h
a
r 9
e
2.2.1 Message Authentication
Codes
10
Secure Hash
Functions
11
Message
Authentication
Using a
One-Way
Hash Function
12
2.2.3 Hash Function
Requirements
• can be applied to a block of data of any size
• produces a fixed-length output
• H(x) is relatively easy to compute for any given x
• one-way or pre-image resistant
– infeasible to find x such that H(x) = h
• second pre-image or weak collision resistant
– infeasible to find y ≠ x such that H(y) = H(x)
• collision resistant or strong collision resistance
– infeasible to find any pair (x, y) such that H(x) = H(y)
13
2.2.4 Security of Hash
Functions
• approaches to attack a secure hash function
– cryptanalysis
• exploit logical weaknesses in the algorithm
– brute-force attack
• strength of hash function depends solely on the length of the
hash code produced by the algorithm
asymmetric
• uses two
publicly separate keys
• public key and some form of
proposed by based on
private key protocol is
Diffie and mathematical • public key is needed for
Hellman in functions made public for distribution
1976 others to use
15
2.3.1 Public-Key Encryption
Confidentiality
16
Private-Key Encryption
Authentication
17
2.3.2 Requirements for Public-Key Crypto.
computationall
y easy to create
key pairs
computationally easy for
useful if either key can sender knowing public
be used for each role key to encrypt messages
enables two
Diffie-Hellman users to securely limited to the
key exchange reach exchange of the
agreement keys
algorithm about a shared
secret
19
2.3.4 Applications for Public-Key Cryptosystems
20
2.4 Digital Signatures
21
2.4.1 Digital Envelopes
• protects a message
without needing to
first arrange for
sender and receiver to
have the same secret
key
22
2.4.1 Public Key Certificates
23
2.5 Random Numbers
24
2.5.2 Random Number Requirements
1. Randomness 2. Unpredictability
• criteria: • each number is statistically
– uniform distribution independent of other
• frequency of occurrence numbers in the sequence
of each of the numbers • opponent should not be
should be approximately able to predict future
the same elements of the sequence
– independence on the basis of earlier
• no one value in the elements
sequence can be inferred
from the others
25
2.5.3 Random versus Pseudorandom
• cryptographic applications typically use algorithms for
random number generation
– algorithms are deterministic and therefore produce sequences of numbers
that are not statistically random
27
2.7 Symmetric vs
Asymmetric
Secret Key (Symmetric) Public Key (Asymmetric)
Number of keys 1 per pair 2 per person
Protection of key Must be kept secret One key must be kept secret; the
other can be freely exposed
Best uses Cryptographic workhorse; secrecy Key exchange, authentication
and integrity of datasingle
characters to blocks of data,
messages, files
Key distribution Must be out-of-band Public key can be used to
distribute other keys
Speed Fast Slow; typically, 1,000 times
slower than secret key
28