Applied Cryptography Lecture 8 - Cryptography II PDF

Summary

This document provides a comprehensive overview of public key cryptography, focusing on the Diffie-Hellman key exchange. It also explores the core concepts of hash functions, including their uses and properties, with an emphasis on their role in ensuring information security.

Full Transcript

Applied Cryptography

Lecture #8
Public Key Cryptography II

College of Computing and IT 1
Remember (Lect.07)

Public key Private key
Diffie–Hellman Key Exchange
 The Diffie–Hellman key exchange (DHKE),
proposed by Whitfield Diffie and Martin
Hellman in 1976 provides a practical solution
to the key distribution problem.
 It enables two parties to derive a common
secret key by communicating over an insecure
channel.
 The security of the Diffie-Hellman key
exchange is based on the discrete logarithm
problem (DLP).
Diffie–Hellman Key Exchange

DHKE Description
 In this protocol we have two parties, Alice and
Bob, who would like to establish a shared
secret key.
 It is possible that Alice or Bob generate the
public parameters which are needed for the
key exchange.
 The DHKE consists of two protocols, the set-
up protocol and the main protocol, which
performs the actual key exchange.
DHKE Description
 The set-up protocol consists of the following
steps:

 These two values (p, α) are sometimes referred
to as domain parameters.
DHKE Description
 If Alice and Bob both know the public
parameters p and α computed in the set-up
phase, they can generate a joint secret key k
with the following key-exchange protocol:
DHKE Description
 Alice and Bob in fact compute the same session
key kAB:

 Thus Alice and Bob both share the session key kAB
≡ αab mod p. The key is used to establish a secure
communication between Alice and Bob, e.g., by
using kAB as key for a symmetric algorithm like AES
or 3DES.
DHKE Example
 Example 1: The Diffie–Hellman domain
parameters are p = 29 and α = 2.
 The key-exchange protocol as follows:
DHKE Example
 During the actual protocol, we first have to
choose the private keys a and b.
 They should stem from a true random
generator in order to prevent an attacker from
guessing them.
 The public keys A and B are typically
precomputed.
 The main computation that needs to be done
for a key exchange is thus the exponentiation
for the session key.
Hash Functions
 A hash function h usually means a function that
compresses or compute a digest of a message
which is a short, fixed-length bitstring.
Hash Functions
 The message digest, or hash value, can be seen
as the fingerprint of a message, i.e., a unique
representation of a message.
 If the message digest is transmitted securely,
then changes to the message can be detected.
 Hash functions are used in many parts of
cryptography, and there are many different
types of hash functions, with differing security
properties.
Uses of Hash Functions
 Message authentication
 Integrity checks
 Digital signature
 Timestamping
 Password hashing
Uses of Hash Functions
 Practical hash functions have output lengths
between 128–512 bits.
 The computed fingerprint should be highly
sensitive to all input bits. That means even if we
make minor modifications to the input x, the
fingerprint should look very different.
Hash Functions Properties

Hash Functions Properties
2. 2nd-preimage resistance—it is essential
that two different messages do not hash to
the same value. This means it should be
computationally infeasible to create two
different messages x1 ≠ x2 with equal hash
values z1 = h(x1)= h(x2)= z2.
Hash Functions Properties
Hash Functions Properties
3. collision resistance—We call a hash
function collision resistant or strong collision
resistant if it is computationally infeasible to
find two different inputs x1 ≠ x2 with h(x1)=
h(x2). (Note that here there is free choice of
both inputs.)
Message-Digest Family (MD)
 Family of cryptographic hash functions designed
by Ron Rivest starting in 1989.
 MD2: produces a 128-bit hash value, perceived
as slower and less secure than MD4 and MD5.
 MD4: produces a 128-bit hash of the message,
using bit operations on 32-bit operands for fast
implementation.
 MD5: produces a 128-bit output, specified as
Internet standard in 1992; till relatively recently
was widely used.
Secure Hash Algorithm Family (SHA)
 SHA was designed by NIST and is the US
federal standard for hash functions, specified in
1993. (SHA-0)
 SHA-1, revised version of SHA, produces 160-
bit hash values specified in 1995.
 NIST have issued a revision that adds 3
additional hash algorithms: SHA-256, SHA-384,
SHA-512, designed for compatibility with
increased security provided by AES.
Cryptographic Hash Functions
 An overview of the main parameters of the
cryptographic hash functions.
SHA-256 Compression Function
 The value of K[i] in all rounds is pre-initialized,
W[i] is calculated individually for each block.
Properties of Hash Functions
 We summarize all important properties of hash
functions h(x).
Microsoft Hash
 In a Windows machine, passwords aren't stored
in cleartext, and they're not even stored in an
encrypted format, they're actually stored as
hashes.
 Local Area Network (LAN) Manager (LM
Hash): Original version of password hashing
used by Windows that uses Data Encryption
Standard (DES) and is limited to 14 characters.
 Network LM Hash (NTLM Hash): Replacement
for LM Hash that uses RC4 instead of DES and
was released with Windows NT 3.1 in 1993.
Microsoft Hash
 NTLMv2 Hash: It relies on the HMAC-MD5
hash and is considered difficult to crack.
 Hash-based Message Authentication Code
(HMAC): is a cryptographic authentication
technique that uses a hash function and a
secret key.
 Kerberos: using AES encryption for tickets in
Kerberos authentication.
Hashing Attacks
 Pass the Hash: A technique that allows an attacker
to authenticate to a remote server or service by
using the underlying NTLM or LM hash instead of
requiring the associated plaintext password.
 Birthday Attack: occurs when an attacker is able to
send two different messages through a hash
algorithm and it results in the same identical hash
digest causing a collision.
 So, the hacker can use this as an attack against
your system.
Hashing Attacks
 To prevent the Pass the Hash attack:
1. Only use a trusted operating systems
2. Use multifactor authentication
3. Patch/update workstations
4. Use least privilege
Increasing Hash Security
1. Key Stretching: A technique that is used to
mitigate a weaker key by increasing its
effectiveness and thereby increasing the time
needed to crack it.
◦ WiFi Protected Access (WPA), WPA2, and other
algorithms utilize key stretching.
◦ A “nonce” is used to prevent password reuse.
Increasing Hash Security
2. Salting: Adding random data into a one-way
cryptographic hash to help protect against
password cracking techniques.
Exercise

What is the common secret key of the Diffie-Hellman
protocol works with the following parameters:
p = 17, α = 3, a=7, b = 4
Thank you

 Any questions?

31