Cryptography vs. Security What's Cryptography? - Dipartimento di

Loading...
Cryptography vs. Security Giampaolo Bella Dipartimento di Matematica e Informatica Universita` di Catania - ITALY

What’s Cryptography? It’s the art of encoding information… It’s the art of encoding and decoding information.

Encoded information may be unintelligible!

Giampaolo Bella



Cryptography vs. Security

1

Cryptography Symmetric

Asymmetric

♦ Ancient!

♦ Recent (late 70’s)

♦ Each agent A has Ka

♦ A has Ka and Ka

♦ Ka kept private

♦ Ka kept private,

-1

-1

(shared)

Ka made public

Agents and public keys associated by a hierarchy of certification authorities. Giampaolo Bella



Cryptography vs. Security

Cryptosystem e_(_) ci mi

d_(_) For any message m and any key k :

dk ( ek (m) ) Giampaolo Bella



c = m

Cryptography vs. Security

2

RSA (Rivest-Shamir-Adleman, 1978),

the most popular asymmetric cryptosystem

♦ Pick large primes p, q; let n=p*q be public ♦ Choose r prime with h(n) = (p-1)*(q-1) ♦ Generate s such that r*s = 1 mod h(n) ♦ r is the public key; s is the private key

♦ek (x) = x k mod n; dk (x) = x k mod n Can verify that, if x is smaller than n, then

dr ( es (x) )

= x

[Exercise. Try it with p=3, q=7, r=5, s=17 and any input] Giampaolo Bella



Cryptography vs. Security

Perfect Cryptography Given eK (x) 1. K is never at risk 2. x can be obtained iff K is available Cryptography is rarely perfect in practice!

Giampaolo Bella



Cryptography vs. Security

3

A Cautionary Tale The BULL Recursive Protocol (BRL).

♦ Verified assuming perfect crypto (Paulson) ♦ Attacked if crypto is bit-wise XOR

(Ryan-Schneider) Is perfect crypto the way to security? Is perfect crypto a way to security? Giampaolo Bella



Cryptography vs. Security

Security?

A multilevel concept.

♦ Computers are insecure ♦ Networks are insecure ♦ Banks are insecure ♦ E-trading is insecure ♦… Blind reluctance vs. unsupported trust. Giampaolo Bella



Cryptography vs. Security

4

Breaches of Security humans

machines Possible at any level! processes

Giampaolo Bella



Cryptography vs. Security

Security? It’s a conjunctive-normal-form formula.

Security ( S ) ≡ P1 ( s1 ) ∧ P2 ( s2 ) ∧ ... ∧ Pn ( sn ) Definition is non-constructive! • How to design the right security formula? • How to verify each conjunct?? These are open issues. Giampaolo Bella



Cryptography vs. Security

5

Current focus? It’s on design and verification of the single conjunct.

Example. Secure communication across insecure means. Tasks. 1. designing a communication protocol that is secure in terms of specific goals; 2. verifying those goals.

Giampaolo Bella



Cryptography vs. Security

Designing a “secure” communication protocol Might use…

♦ Steganography – information is hidden. Example: change the low-order bits of a digital image. Another application: digital watermarking. Giampaolo Bella



Cryptography vs. Security

6

Designing a “secure” communication protocol Might use…

♦ Chaffing and Winnowing – information is mixed to other and then retrieved (Rivest). To winnow: to separate out or eliminate the poor or useless parts (Webster's Dictionary). It is often used when referring to the process of separating grain from chaff.

Scheme used for the goal of confidentiality. Giampaolo Bella



Cryptography vs. Security

Chaffing and Winnowing ♦ Sender and receiver agree upon a secret authentication key K. ♦ Sender wants to transfer M.

Sender creates a MAC for M concatenated to K (by standard algorithms, e.g. HMAC-SHA1). ♦ Sender transmits pair M, MAC(M,K). ♦ Sender adds chaff: sends a number of bogus pairs (fake messages with random, potential MAC’s). ♦ Receiver winnows the flow: checks all pairs for matching components.

Confidentiality of M only depends on strength of MAC. No cryptography used. Giampaolo Bella



Cryptography vs. Security

7

Designing a “secure” communication protocol Might use…

♦ Steganography – information is hidden. ♦ Chaffing and Winnowing – information is mixed to other and then retrieved. ♦ Cryptography – information is encoded and then decoded. Giampaolo Bella



Cryptography vs. Security

What we learn 1. Cryptography is not the only way to

security. 2. It is in fact a way to achieve “a portion” of security, which has to do with communication. Who said 2? Giampaolo Bella



Cryptography vs. Security

8

Cryptographic protocol ♦ It’s a sequence of exchanges of cryptographic

messages between agents over insecure means. ♦ Implemented as concurrent program. Example: Otway-Rees (symmetric crypto).

1 ... 2 ... 3. S → B 4. B → A Giampaolo Bella



: e Ka ( Na , Kab ), e Kb ( Nb , Kab ) : e Ka ( Na , Kab )

Cryptography vs. Security

Key-Distribution Goal ♦ A protocol session informs the peers

that the session key is known to both. Achieved on Otway-Rees? 1 ...

2 ... 3. S → B 4. B → A

: e Ka ( Na , Kab ), e Kb ( Nb , Kab ) : e Ka ( Na , Kab )

Otway-Rees fails to achieve key-distribution even with perfect crypto. Giampaolo Bella



Cryptography vs. Security

9

Fixing Otway-Rees 3. S → B 4. B → A

: eKb ( Na, Kab, eKa ( Nb, Kab )) : eKa ( Na , Kab )

Cryptography must be used cautiously.

Giampaolo Bella



Cryptography vs. Security

The Woo-Lam Protocol •Uses symmetric crypto. •Aims at authentication of A with B.

1. A → 2. B → 3. A → 4. B →

B A B

:A : Nb : e Ka ( Nb )

S

: e Kb ( A , e Ka ( Nb ))



B

: e Kb ( Nb )

5. S Giampaolo Bella



Cryptography vs. Security

10

An attack on Woo-Lam 1. C



B

:A

1'. C



B

:C

2.

B



A

: Nb

2 '.

B



C

: Nb '

3. C



B

: e Kc ( Nb )

3'. C



B

: e Kc ( Nb )

4.

B



S

: e Kb ( A, e Kc ( Nb ))

4 '.

B



S

: e Kb (C , e Kc ( Nb ))

Giampaolo Bella



5. S



B

: e Kb ( Nb ' ' )

5 '. S



B

: e Kb ( Nb )

Serious failure of authentication!

Cryptography vs. Security

Conclusions ♦ Cryptography might be a way towards

security. ♦ Research towards perfect cryptography isn’t all that’s needed. ♦ Verifying a single security goal may be daunting. ♦ Security is a vague target yet.

Giampaolo Bella



Cryptography vs. Security

11

Loading...

Cryptography vs. Security What's Cryptography? - Dipartimento di

Cryptography vs. Security Giampaolo Bella Dipartimento di Matematica e Informatica Universita` di Catania - ITALY What’s Cryptography? It’s the art o...

290KB Sizes 0 Downloads 0 Views

Recommend Documents

System Security and Cryptography | Dipartimento di Informatica
The research focus on system security and cryptography. SYSTEM SECURITY GROUP: our interests range from vulnerability an

Cryptography Foundations 2016
A new problem set is distributed every week at the beginning of the lecture. Detailed solutions are handed out during th

CPE 776: Security & Cryptography
This is an introductory course on the methods, algorithms, techniques, and tools of data security and cryptography. ...

Security & Cryptography | IC
Information security is a very broad term that refers to all aspects of safeguarding or protecting information or data,

Security II: Cryptography – exercises
Security II: Cryptography. – exercises. Markus Kuhn. Lent 2014 – Part II. Exercise 1: Show that an encryption scheme

CRYPTOGRAPHY AND NETWORK SECURITY SEM
QUESTION BANK. SUBJECT CODE: YEAR : III. SUBJECT NAME: CRYPTOGRAPHY AND NETWORK SECURITY SEM : VI. UNIT I - FUNDAMENTALS

Cryptography
4 Aug 2015 - http://echidna.maths.usyd.edu.au/ kohel/tch/Crypto/vigenere.html. Consider those ciphertexts from previous

RSA.pdf | Cryptography | Key (Cryptography)
IJCSNS International Journal of Computer Science and Network Security, VOL.13 No. 7, July 2013 9. Data Encryption and De

CRYPTOGRAPHY AND NETWORK SECURITY - SlideShare
Aug 25, 2015 - System security – Intruders – Malicious software – viruses – Firewalls – Security Standards.

Cryptography and Network Security - cse.sc.edu
PDF files: Reproductions of all figures and tables from the book. • Test bank: A chapter-by-chapter set of questions w