Scribd
Upload
71 views22 pages

Applied Cryptography Fundamentals

This document provides an overview of fundamental concepts in data security and applied cryptography. It introduces encryption techniques like symmetric encryption which uses one key, and asymmetric encryption which uses two keys. It discusses how public key cryptography can be used to securely exchange a session key for symmetric encryption between two parties like a web browser and server. Digital signatures and certificate authorities are also introduced to authenticate public keys.

Uploaded by

tin nguyen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
71 views22 pages

Applied Cryptography Fundamentals

This document provides an overview of fundamental concepts in data security and applied cryptography. It introduces encryption techniques like symmetric encryption which uses one key, and asymmetric encryption which uses two keys. It discusses how public key cryptography can be used to securely exchange a session key for symmetric encryption between two parties like a web browser and server. Digital signatures and certificate authorities are also introduced to authenticate public keys.

Uploaded by

tin nguyen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 22

Fundamental Concepts of

Data Security
Applied Cryptogr phy

Le H i Duong, PhD. ([email protected])


a
a
Objectives

• Overview the uses of cryptography


• Introduce concept of encryption, message authentication, and
public key system

2
How to keep your data secret?
Web
Browser Data sent in plaintext in HTTP
Server

Web
Browser Data encrypted in HTTPS
Server

3
Encryptions

• Symmetric encryption (one key)


• Asymmetric encryption (two keys)

4
Symmetric Encryption

5
Troubles when using symmetric key

• How to share the key??? (Key Exchange)


• Share over the phone
• Send by… “Grabkey”
• Timing problem

6
How many keys should Google server keep?

Google
Server

Shared key K1
Shared key Kn

Shared key K2

Browser 1 Browser 2 ... Browser n

7
How about 2 keys system?

Alice Bob
Lock with K1.
(1) Put the secret message in the box
(2) Lock the box with key K1.

Lock with both K1 and K2. (3) Lock the box with key K2.

(4) Unlock with K1.


Lock with K2.
(5) Unlock with K2.
(6) Get the message

8
The Yellow Pages Idea

9
Alice Bob

Alice want to send secret message to


Bob?
(1) Look up “Yellow Pages” for the
Bob’s public key PUB
Ciphertext C
(2) Encrypt message with that key and
send the ciphertext C
(3) Bob decrypt the cipher text C with
his private (secret) key PRB
Public Key System

Public key encryption use public key to encrypt!!!


Key ring on macOS
Use public key crypto to encrypt web traf ic/data encryption???

• NOPE
• Public key algorithm runs… too slow compared to symmetric
key encryption

• Solution: Combine both asymmetric key + symmetric key


• Asymmetric key system —> exchange session key
• Symmetric key encryption using session key
f
Public key crypto system
(1) ECDHE for exchange session key
(2) RSA for digital signature of the certi icate

Symmetric key encryption uses session key for encrypting


exchanged data between browser and web server
f
Example of Using Public Key CryptoSystem for Key Exchange

Browser Web Server


(B) (WS)
Browser wants to exchange a session key KS
(1) Encrypt session key KS with public key
PUWS of the web server
E(PUWS , KS)
KS

(2) Web Server uses its private key PRWS to


decrypt and obtains the session key KS

E(KS , data_from_browser)

E(KS , data_from_server)
How to distribute the public key???
(1) Post public key on the Key Server, e.g. pgp.mit.edu

Call me to con irm my


public key’s ingerprint

FINGERPRINT of the public key = Hash of the public key


f
f
How to distribute the public key???
(2) Web server sends public key inside a certi icate

f
How do we trust the public key inside a certi icate??
• Certi icate containing the public key is SIGNED (digitally) by an
issuer (a trusted party)
f
f
Digital Signature Signature veri ication with PUBLIC key

Signature generation with PRIVATE key

Encrypt using private key —-> digitally sign!!!


f
Hash Function

• It’s infeasibleind two


inputs producing the
same hash value, i.e.
a hash collision.

• Given M1 and h = H(M1),


it’s infeasible to ind M2
that H(M2) = H(M1) = h
—> can’t create fake
message with the same
hash value
f
f
Exercises

(1) Design a system for encrypting iles on your computer using


combination of public key encryption and symmetric key
encryption.

(2) Generate secret key for symmetric key encryption using a


password and hash function?

(3) How to secure the private key on your computer?


f

You might also like