Introduction to Computer Security Lecture Notes PDF

Introduction to Computer Security by Dr. Mohamed Abdel Hameed Computer Science Dept. Lecture 2 Lecture Outline  Part 1: Cryptographic Tools  Confidentiality with Symmetric Encryption  Symmetric Block Encryption Algorithms  Data Encryption Standard (DES)  Attacks of Symmetric Encryption  Advanced Encryption Standard (AES)  Practical Security  Message Authentication.  Public-Key Encryption.  Digital Signatures and Key Management  Random and Pseudorandom Numbers  Practical Application: Encryption of Stored Data Objectives The scope of this chapter is depended on - Explain the basic operation of symmetric block encryption algorithms. - Explain the basic operation of symmetric block encryption algorithms. Confidentiality with Symmetric Encryption Defined as the universal technique for providing confidentiality for transmitted or stored data. Encryption protects against passive attack (eavesdropping). There are two most important symmetric encryption algorithms: - Data Encryption Standard (DES) and - Advanced Encryption Standard (AES), which are block encryption algorithms. Symmetric Encryption Symmetric Encryption Cont. Plaintext: the original message or data that is fed into the algorithm as input. Encryption algorithm: performs various substitutions and transformations on the plaintext. Secret key: is also input to the encryption algorithm. The exact substitutions and transformations depend on the key. Symmetric Encryption Cont. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertext. Decryption algorithm: is the encryption algorithm run in reverse. It takes the ciphertext and the secret key and produces the original plaintext. Symmetric Encryption Cont. There are two requirements for secure use of symmetric encryption: A strong encryption algorithm is needed. Sender and receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure. Symmetric Block Encryption Algorithms The algorithm processes longer plaintext of fixed-size blocks. The most important symmetric algorithms are the Data Encryption Standard (DES), triple DES, and the Advanced Encryption Standard (AES). Symmetric Block Encryption Algorithms The most widely used encryption scheme was based on the Data Encryption Standard (DES) adopted in 1977. DES takes a plaintext block of 64 bits and a key of 56 bits, to produce a ciphertext block of 64 bits. Triple DES involves repeating the basic DES algorithm three times 3DES, using either two or three unique keys, for a key size of 112 or 168 bits. Advanced Encryption Standard (AES) was adopted by NIST in 1997 where AES must be a symmetric block cipher with a block length of 128 bits and support for key lengths of 128, 192, and 256 bits. Data Encryption Standard (DES) Strengths: - The algorithm itself. The possibility that cryptanalysis can be performed by exploiting the characteristics of the DES algorithm is not exist until now. - The use of a 56-bit key. With a key length of 56 bits, there are 2^56 possible keys, which is approximately 7.2 x 10^16 keys. Data Encryption Standard (DES) Example of using DES For ex. Seagate technology suggests that a rate of one billion (10^9) key combinations per second is reasonable for today’s multicore computers. - The original DES was designed for mid-1970s hardware implementation and does not produce efficient software code. Attacks of Symmetric Encryption There are two approaches for attacking a symmetric encryption scheme. The first attack is known as cryptanalysis. This type of attack exploits the characteristics of the algorithm to attempt and deduce a specific plaintext or to deduce the key being used. The second method, known as the brute-force attack. This is attack is used to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. On average, an attacker would discover the actual key after x/2 tries. Data Encryption Standard (DES) The following table shows how much time is required for a brute-force attack for various key sizes. A single PC can break DES in about a year; if multiple PCs work in parallel, the time is drastically shortened. Today, supercomputers should be able to find a key in about an hour. Data Encryption Standard (DES) Key sizes of 128 bits or greater are effectively unbreakable using simply a brute-force approach. Even if we managed to speed up the attacking system by a factor of 1 trillion (10^12), it would still take over 100,000 years to break a code using a 128-bit key. DES,3DES,AES brute-force attack Triple DES The life of DES was extended by the use of triple DES (3DES). Using either two or three unique keys, For a key size of 112 or 168-bits. 3DES was first standardized for use in financial applications in ANSI standard X9.17 in 1985. Strengths: - 168-bit key length, it overcomes the vulnerability to brute-force attack of DES. - The underlying encryption algorithm in 3DES is the same as in DES. - 3DES is very resistant to cryptanalysis. Triple DES Cont. Drawbacks: - The algorithm is relatively sluggish in software which requires three times as many calculations as DES. - Both DES and 3DES use a 64-bit block size which means that a little data can be used for encryption. Advanced Encryption Standard (AES) NIST selected Rijndael as the proposed AES algorithm from many algorithms accepted. Strengths - Security strength equal to or better than 3DES and significantly improved efficiency. - Also, it is better in computational efficiency which has been proposed by 5 algorithms. - AES is now widely available in commercial products. Practical Security Symmetric encryption is applied to a unit of data larger than a single 64-bit or 128-bit block. E-mail messages, network packets, database records, and other plaintext sources must be broken up into a series of fixed-length block for encryption by a symmetric block cipher. Example, multiple-block encryption, is known as electronic codebook (ECB) mode, in which plaintext is handled b bits at a time and each block of plaintext is Encrypted using the same key. Electronic code book ECB A plain text of length nb is divided into n b-bit blocks (P1, P2,… ,Pn). Each block is encrypted using the same algorithm and the same encryption key, to produce a sequence of n b-bit blocks of ciphertext (C1, C ,…. ,Cn). 2 ECB Cont. Disadvantages For lengthy messages, the ECB mode may not be secure. Cryptanalyst may be able to exploit regularities in the plaintext to ease the task of decryption. To increase the security of symmetric block encryption for large sequences of data, a number of alternative techniques have been developed, called modes of operation. These modes overcome the weaknesses of ECB; Block and Stream Ciphers A block cipher processes the input one block of elements at a time, producing an output block for each input block. A stream cipher processes the input elements continuously, producing output one element at a time, as it goes along. While pseudorandom number generator is done, The output is called a key stream which is combined one byte at a time with the plaintext stream using the bitwise exclusive- OR (XOR) operation. Block and Stream Ciphers Cont. Advantages: Stream ciphers are almost always faster and use far less code than do block ciphers. The advantage of a block cipher is that you can reuse keys. Block and Stream Ciphers Cont. For applications that require encryption/decryption of a stream of data, such as over a data communications channel or a browser/Web link, a stream cipher might be the better alternative. For applications that deal with blocks of data, such as file transfer, e-mail, and database, block ciphers may be more appropriate. Message Authentication Protects against active attacks Verifies received message is authentic - contents unaltered - from authentic source - timely and in correct sequence Can use conventional encryption - only sender & receiver have key needed or separate authentication mechanisms - append authentication tag to clear text message Message Authentication Codes (MAC) Involves the use of a secret key to generate a small block of data that is appended to the message. This technique assumes that two communicating parties, say A and B, share a common secret key KAB. When A has a message to send to B, it calculates the message authentication code as a function of the message and the key: MACM = F(KAB, M). The message plus code are transmitted to the intended recipient. The recipient performs the same calculation on the received message, using the same secret key, to generate a new message authentication code. The received code is compared to the calculated code to ensure that message has been received correctly. MAC Cont. Secure Hash Functions An alternative to the message authentication code is the one-way hash function. A hash function accepts a variable-size message M as input and produces a fixed-size message digest H(M) as output. Unlike the MAC, a hash function does not also take a secret key as input. Message Authentication using Hash Function Hash Function Requirements The purpose of a hash function is to produce a "fingerprint" of a file, message, or other block of data. To be useful for message authentication, a hash function H must have the properties listed here. - Applied to any size data. - H produces a fixed-length output. - H(x) is relatively easy to compute for any given x. - One-way property Computationally difficult to find x such that H(x) = h - Weak collision resistance Computationally difficult to find y ≠ x such that H(y) = H(x) - Strong collision resistance Computationally difficult to find any pair (x, y) such that H(x) = H(y) Hash Function Attacks With symmetric encryption, we have two attack approaches - Cryptanalysis Exploit logical weakness in algorithm. - Brute-force attack Trial many inputs. If strong collision resistance is required, then, strength proportional to size of hash code will be (2n/2). Secure Hash Algorithm (SHA) SHA most widely used hash algorithm. SHA was developed by the National Institute of Standards and Technology (NIST) and published as a federal information processing standard (FIPS 180) in 1993. - SHA-1 gives hash value of 160-bits. - More recent SHA-256, SHA-384, SHA-512 provide improved size and security where, hash value lengths are 256, 384, and 512 bits respectively, Public Key Encryption Public-key algorithms are based on mathematical functions rather than on simple operations on bit patterns. Public-key cryptography is asymmetric, involving the use of two separate keys, while the symmetric conventional encryption, which uses only one key. The use of two keys has difficult consequences in the areas of confidentiality, key distribution, and authentication. Public Key Encryption (preserve confidentiality) Public Key Ingredients Plaintext: the readable message or data that is fed into the algorithm as input. Encryption algorithm: performs various transformations on the plaintext. Public and private key: a pair of keys selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the encryption algorithm depend on the public or private key that is provided as input. Public Key Ingredients Ciphertext: the scrambled message produced as output that depends on the plaintext and key. For a given message, two different keys produce two different ciphertext. Decryption algorithm: takes ciphertext and key to produces the original plaintext. Public Key Authentication preserve data integrity Authentication and/or data integrity Public Key Requirements 1. It is computationally easy for a party B to generate a pair (public key PUb, private key PRb). 2. It is computationally easy for a sender A, knowing the public key and the message to be encrypted, M, to generate the corresponding ciphertext: C=E(PUb,M) 3. It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private key to recover the original message: M=D(PRb,C) Public Key Requirements Cont. 4. It is computationally very difficult for an opponent, knowing the public key PUb to determine the private key, PRb. 5. It is computationally very difficult for an opponent, knowing the public key, PUb, and a ciphertext C to recover the original message M. 6. We can add a sixth requirement that, although useful, is not necessary for all public-key applications: - Either of the two related keys can be used for encryption, with the other used for decryption. Public Key Algorithms RSA (Rivest, Shamir, Adleman) - Developed in 1977 - The plaintext and ciphertext are integers between 0 and n – 1 for some n. - only widely accepted public-key encryption algorithm - Given tech advances need 1024+ bit keys. Public Key Algorithms Diffie-Hellman key exchange algorithm - Only allows exchange of a secret key. Digital Signature Standard (DSS) - Provides only a digital signature function with SHA-1. Elliptic curve cryptography (ECC) - New, security like RSA, but with much smaller keys. Public key Application Digital Envelopes The digital envelope is an application of public key algorithm, which can be used to protect a message without needing to first arrange for sender and receiver to have the same secret key. Steps of this application are: 1. Prepare a message 2. Encrypt that message using conventional encryption with a one-time conventional session key. 3. Encrypt the session key using public-key encryption with Alice's public key. 4. Attach the encrypted session key to the message and send it to Alice. Digital Envelopes Another application of public key algorithm Random Numbers Random numbers have a range of uses requirements: - Randomness Based on statistical tests for uniform distribution and independence. - Unpredictability Successive values not related to previous. Clearly true for truly random numbers. But more commonly use generator. Pseudorandom Vs. Random Numbers Often use algorithmic technique to create pseudorandom numbers. These algorithms are deterministic and therefore produce sequences of numbers that are not statistically random. - which satisfy statistical randomness tests - but likely to be predictable True random number generators (TRNG) use a nondeterministic source - e.g. radiation, gas discharge, leaky capacitors - increasingly provided on modern processors Practical Application: Encryption of Stored Data Common to encrypt transmitted data. Much less common for stored data. - which can be copied, backed up, recovered Approaches to encrypt stored data: - back-end system (hardware device close to data storage; encrypt close to wire speed). - library based tape encryption (co-processor board embedded in tape drive). - background laptop/PC data encryption. Assignment Why 3DES is not a reasonable candidate for long- term use? What are the six evaluation criteria must be considered when we choose the encryption algorithm? The public-key encryption be used to distribute a secret key, Explain?

Introduction to Computer Security Lecture Notes PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue