1 today’s topics security –demo from rsa security () –slides taken from kevin wayne &...
TRANSCRIPT
![Page 1: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/1.jpg)
1
Today’s topics
• Security– Demo from RSA Security (www.rsa.com)– Slides taken from Kevin Wayne & Robert
Sedgewick at Princeton University– For further reference “Applied Cryptography” by
Bruce Schneier• Upcoming
– Complexity• Reading
– Sections 4.6 and 11 in Brookshear.– Chapters 11,13 in Great Ideas.
![Page 2: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/2.jpg)
2
Security• Computer Security is the prevention of, or protection
against:– Access to information by unauthorized recipients– Intentional but unauthorized destruction or
alteration of that information.• Authentication: verifying the identity of a person or
system– Username and Password– What is an example of a good password?– Change your password often. A particular
implementation of this idea is ONE-TIME PASSWORDS.
– Physical security of the system is also important.
![Page 3: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/3.jpg)
3
Cryptography
Cryptography: science of creating secret codes.
Cryptanalysis : science of code breaking
Cryptology: science of secret communication.
Goal: Information Security in presence of malicious adversaries.– Confidentiality…– Integrity…– Authentication…– Authorization…– Non-repudiation…
RSA PRESENTATION
![Page 4: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/4.jpg)
4
Algorithms & KeysRestricted Algorithm• If the security depends on keeping the working of the
algorithm secret.• Can’t support a large or changing group of users…Why?• No quality control.Modern cryptology solves this with a KEY (K).• Key might be any of a large number of values.• Range of possible values called a keyspace.• Now security depends on the security of the Key.• The algorithms for encrypting and decrypting can be mass
produced and optimized.
![Page 5: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/5.jpg)
5
Algorithms & Keys
Two general types of Key based algorithms
• Symmetric Algorithms– Symmetric => same key for encryption and
decryption– Also called Private key algorithms.
• Public-Key Algorithms– Different encryption and decryption keys.
![Page 6: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/6.jpg)
6
Attacks!
• Ciphertext-only Attack..
• Known-plaintext Attack..
• Chosen-plaintext Attack..
• Chosen-ciphertext Attack..
• Rubber-hose cryptanalysis..
![Page 7: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/7.jpg)
7
Security levels ?
• Total Break!– Cryptanalyst find the key.
• Global Deduction.– Cryptanalyst finds alternate algorithm equivalent to the decrypting (or
encrypting) algorithm without the key.• Local Deduction.
– Cryptanalyst finds plaintext of a particular intercepted ciphertext.• Information Deduction
– Cryptanalyst gains some incomplete knowledge about the key or plaintext.
• Unconditionally Secure.– Not breakable by even brute-force attack..EVER..
• Computationally secure.– Can’t be broken given the current available resourses.
![Page 8: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/8.jpg)
8
Private Key EncryptionAssume message is encoded as binary string.ASCI
![Page 9: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/9.jpg)
9
Public Key Encryption
![Page 10: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/10.jpg)
10
Public Key EncryptionBob has N-Bit message to send to Alice.• Alice has public and secret key.
– PUBLIC key = published on Web in digital phonebook (VERISIGN).
– PRIVATE key = known only by Alice.
• Bob encrypts message using Alice’s public key.• Alice decrypts message using her private key.
To achieve security, need following properties:• Can encrypt message efficiently with public key.• Can decrypt message efficiently with private key.• CANNOT decrypt message efficiently with public key alone.
![Page 11: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/11.jpg)
11
Factoring!Factoring of large numbers is HARD.• This is the underlying assumption in RSA and
many other public key algorithms.
Is it hard?...• Review the process for factoring a number.• The one we follow is Brute-force approach!• Will be extremely hard even for a computer if
the number is (say) 200 digits or more.
![Page 12: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/12.jpg)
12
RSA Public-Key CryptosystemRSA cryptosystem (Rivest-Shamir-Adleman,1978).• Most widely used public-key cryptosystem (500 million users).• Sun, Microsoft, Apple, browsers, cell phones, ATM machines,…
Key generations.• Select two large prime numbers p and q at random.• Compute n= pq, and = (p-1)(q-1).• Choose integer e such that it is relatively prime to .• Compute d such that d e = e d = 1 (mod ).• Publish (e , n) as Public key.• Keep (d, n ) as Secret key.
Note: Don’t even need to store p, q, or . only needed to compute d.• Saving p, q speeds up decryption (Chinese Remainder Theorem).
![Page 13: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/13.jpg)
13
RSA DetailsHow large should n = p q be?• 1,024 bits for long term security. • IE, Netscape: 40, 56 , 128 bit.• Too small => easy to break.• Too large => time consuming to encrypt/decrypt.
Number Theory => n / logen prime numbers between 2 and n.
How to compute d efficiently ?• Existence guaranteed since gcd(e,) = 1.• Fancy version of Euclid’s algorithm.
![Page 14: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/14.jpg)
14
RSA AttacksFactoring.• Factor n = pq.• Then compute .• Then compute e.
Timing attacks.• Reconstruct d by sending C and monitoring
how long it takes to compute Cd(mod n).
Other means?• Long-standing open research question.
![Page 15: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/15.jpg)
15
Digital SignatureAlice sends Bob a response.• Bob wants to be really sure Alice really sent it, and not
some imposter.
![Page 16: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/16.jpg)
16
RSA Digital SignatureAlice wants to send Bob a response S.• Alice uses private key d and computes: S’= Sd (mod n).• Alice sends ( S, S’).
Bob receives digital signed response ( S, S’) .• Bob uses Alice’s public key e and checks if S = (S’)e (mod n ).• If yes, then Bob concludes S sent by Alice.• If no, then Bob concludes S or S’ corrupted in transmission, or
message is forgery.
Third party.• Bob verifies Alice’s signature on digitally signed message (e.g.
electronic check).• Bob forwards digitally signed message to bank.• Bank re-verifies Alice’s signature.
![Page 17: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/17.jpg)
17
RSA ApplicationsSecure Internet Communication.• Browsers.• S/MIME, SSL, S/WAN.• PGP.• Microsoft Outlook.
Operating Systems.• Sun, Microsoft, Apple, Novel.
Hardware.• Cell phones.• ATM machines.• Wireless Ethernet cards.• Smart cards.• Palm Pilots.
![Page 18: 1 Today’s topics Security –Demo from RSA Security () –Slides taken from Kevin Wayne & Robert Sedgewick at Princeton University –For further](https://reader036.vdocument.in/reader036/viewer/2022080902/56649ec15503460f94bcd814/html5/thumbnails/18.jpg)
18
Bad Cryptology.Good introductory explanation & details on Gregory Kesden’s site
(CMU)http://www-2.cs.cmu.edu/~dst/DeCSS/Kesden/
Content Scrambling System (CSS).• Use to encrypt DVD’s.• Each disc has 3 40-bit keys.• Each DVD decoder (software/hardware) has unique 40-bit key.• “Not possible” to play back on computer without disc.
DeCSS. (Canman and SoupaFrog, 1999).• Decryption algorithm written by two Norwegians.• Used “in-circuit emulator” to monitor hardware activity.
Why CSS is fatally flawed. (Policy and Legal issues..)