Scribd
Upload
30 views21 pages

Assymmetric Keys

The document discusses key concepts in information security, focusing on cryptography and encryption methods. It covers conventional encryption, public key encryption, and hybrid systems, detailing their mechanisms, algorithms, and security implications. Additionally, it addresses message authentication, hash functions, and the requirements for secure hash functions.

Uploaded by

jandriolli
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
30 views21 pages

Assymmetric Keys

The document discusses key concepts in information security, focusing on cryptography and encryption methods. It covers conventional encryption, public key encryption, and hybrid systems, detailing their mechanisms, algorithms, and security implications. Additionally, it addresses message authentication, hash functions, and the requirements for secure hash functions.

Uploaded by

jandriolli
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 21

Information Security

Cryptography
Hiding the secrets
Objectives
Present the main concepts of System
Engineering

2
Encryption
Encryption = the tool used for network and
communication security
It protects against passive attacks
Types:
Conventional encryption
Public-key encryption
Hybrid of the precedent ones
Conventional Encryption
Two parties share a single
encryption/decryption key

Encryption
algorithm Transmitted Decryption
(e.g. DES) ciphertext algorithm

Plaintext input Plaintext output

Secret key Secret key


Conventional encryption
Approaches to attacking a conventional
encryption scheme:
Cryptanalysis – relies on the nature of the
algorithms and some plaintext-ciphertext
pairs
Brute-force attacks – try every possible key
Time for key search

Key size Number of Time required at Time required at


(bits) alternative keys 1 encryption/sec 106 encryptions/sec

32 232 = 4.3x109 231 sec = 35.8 mins 2.15 millisecs


56 256 = 7.2x1016 1142 years 10.01 hours
128 3.4x1038 5.4x1024 years 5.4x1018 years
Conventional encryption
algorithms
Block ciphers – process the plaintext input in
fixed-size blocks and produce a block of
ciphertext of equal size for each plaintext
block
It is symmetric
DES (Data encryption standard)
DEA (Data encryption algorithm)
TDEA (Triple data encryption algorithm)
AES (Advanced encryption standard)
DEA
DES was developed by NIST
DEA key size is 56 bits and the blocks are of 64
bits
Since 1977, every 5 years, NIST approved DES
for use
In 1997, NIST solicited a new secret key
algorithm called Advanced Encryption Standard
(it uses 128-bit block size and a key length of
minimum 128 bits)
In 1998 EFF (Electronic Frontier Foundation)
announced that it had broken DES
In October 2000, successor to DES was selected
and it was called Rijndael
Double and triple DES is also common
 Triple DEA uses 3 keys and 3 executions of DEA:
Location of encryption devices
Link encryption
Decrypt each
packet at every
switch
End-to-end
encryption
the source
encrypts and the
destination
decrypts
Hybrid
Both link and end-
to-end are needed
High security
Key distribution
For encryption to work over a network,
the two
parties (sender and receiver) must
exchange and
share the same keys, while protecting
access to the
keys from others.
 A key could be selected by A and physically
distributed to B
 A third party could select the key and
physically deliver it to A and B.
 If A and B have previously and recently used
a key, one party could transmit the new key
to the other, encrypted using the old key
 If A and B could have an encrypted
Public key encryption
Public key algorithms are based on
mathematical function rather than on
simple operations on bit patterns
Public key cryptography is asymmetric,
involving the use of two separate keys
The key ingredients are similar to that of
conventional secret key algorithms, except
that there are two keys – a public key and
a private key used as input to the
encryption and the decryption algorithm
Public key encryption
Encryption
algorithm Transmitted Decryption
(e.g. RSA) ciphertext algorithm

Plaintext input Plaintext output

Destination’s Destination’s
public key private key
Public key encryption
Steps:
Generation of a pair of keys to be used for
encryption and decryption of message
Placing one of the keys in a public register and
maintaining a collection of public keys from the
other users
Encrypting the message with the destination’s
public key
When the destination receives the message, it
decrypts it with the private key
Digital signature
Encryption
algorithm Transmitted Decryption
(e.g. RSA) ciphertext algorithm

Plaintext input Plaintext output

Source’s Source’s
private key public key

Safe from alteration but not safe from


eavesdropping
Public key encryption
algorithms
RSA – invented in 1973 by three MIT
professors
In contrast to DES, RSA uses
sophisticated mathematics instead of
simple manipulation and substitution
Mostly 1024 bit keys are used
Public key encryption and decryption
using RSA is 1000 times slower than
secret key methods using DES
DSA (Digital signature algorithm) – used
for digital signatures

Hybrid of Conventional and Public key
encryption
A encrypts the message using conventional
encryption with a one-time conventional
session key
A encrypts the session key using public key
encryption with B’s public key
Attach the encrypted session key to the
message and send it to B
Message Authentication and
Hash function
It protects against active attacks
It proves that the message has not been
altered and that the source is authentic
MAC (Message Authentication Code)
K

M M M MAC algo

Compa
re
MAC algo MAC
One-way Hash Function
It accepts a variable-size message M as input
and produces a fixed-size message digest
H(M) as output
H(M) is sent with the message
It does not take a secret key as input
The message digest can be encrypted using
Conventional encryption
Public-key encryption
Secret value
Message digest encrypted using
conventional encryption

M M M H

Compare
H K K

E D
Message digest encrypted using
public-key encryption

M M M H

Compare
H Kprivate Kpublic

E D
Message digest encrypted using
secret value

M M M H

H Compare
Secure Hash Function
Requirements:
H can be applied to a block of data of any size
H produces a fixed-length output
H(x) is easy to compute for every x
For any given code h, it is computationally
infeasible to find x such that H(x)=h
For any given block x, it is computationally
infeasible to find y!=x with H(y)=H(x)
It is computationally infeasible to find any pair
(x,y) s.t. H(x)=H(y)
One of the most important hash function is
SHA-1 (every bit of the hash code is a
function of every bit in the input)

You might also like