Escolar Documentos
Profissional Documentos
Cultura Documentos
A Model Of Cryptography
Terms
and Definitions
Palintext:
Ciphertext:
Encryption:
Symmetric:
If key is the same for both encryption and decryption the system is referred to as symmetric. Cryptosystem: Is a system for encryption and decryption of information. Cryptology: Is the science for encryption and decryption of information. Cryptography: Refers to the practice of using cryptosystems to maintain confidentiality of information.
techniques
The letters of the message are replaced by other letters or by numbers or symbols.
Transposition
techniques
Caesar Cipher
The
earliest known use of a substitution cipher was by Julius Caesar. message: meet me after the party cipher: phhw ph diwhu wkh sduwb C= (m+3) mod 26
C= (m+k) mod 26
Monoalphabetic Cipher
Use
any permutation of the 26 alphabetic characters abcdefghijklmnopqrstuvwxyz qeryuiopasdfgwhjklzxcvbnmt under attack we need help cwyulqxxqrdbuwuuypufj
8 6 4 2 0
3.5
3 2
3.5
3.75 2.75 2.75 3 1.5 1.5 0.25 0.5 0.5 0.5 2.25
1.25 0.25
A B C D E F GH I J K L MN O P Q R S T U VWX Y Z
Polyalphabetic Cipher
Using
Transposition
Performing
sort of permutation on the message letters message: meet me after the toga party me m a t r h tg p r y et e f e t e oa at
Ciphertext: MEMATRHTGPRYETEFETEOAAT
Practical Problems
Generating
a fully random key is practically very hard (sometimes impossible). To ensure the security of the system, key size should not be less than message size. Sending a not repeated key in same size of the message through a secure channel to the receiver is impossible.
Computational Security
An
encryption scheme is secure if it takes very long time to break the ciphertext Lifetime is defined in each application, for example:
Military orders = 1 hour to 3 years Check transaction = 1 year Business agreement = 10-15 years
Good News
With
enough number of the substitution and transposition modules we can make a strong encryption scheme
w bits F
w bits
round key
nonlinear function
DES
Encryption Decryption
k1
k2 Block size 64 bits Key size 56 bits k16 Permutation
k16 k15
k1
Triple DES
message DES ka kb
DES
DES
ka
cipher
Three categories: Encryption/decryption: The sender encrypts a message with the recipients public key. Digital signature: The sender signs a message with its private key. Key echange: Two sides cooperate two exhange a session key.
RSA and Diffie-Hellman RSA - Ron Rives, Adi Shamir and Len Adleman at MIT, in 1977.
RSA is a block cipher The most widely implemented Echange a secret key securely Compute discrete logarithms
Diffie-Hellman
Key
4.
5. 6.
7.
Select p,q p and q both prime Calculate n = p x q Calculate (n) ( p 1)(q 1) gcd((n), e) 1; 1 e (n) Select integer e 1 d e mod (n) Calculate d Public Key KU = {e,n} Private key KR = {d,n}
M<n C = Me (mod n)
C M = Cd (mod n)
Digital Signatures
digital
verify author, date & time of signature authenticate message contents be verified by third parties to resolve disputes
must depend on the message signed must use information unique to sender
must be relatively easy to produce must be relatively easy to recognize & verify be computationally infeasible to forge
with new message for existing digital signature with fraudulent digital signature for given message
Authentication Applications
will
consider authentication functions developed to support application-level authentication & digital signatures will consider Kerberos a private-key authentication service then X.509 directory authentication service
Kerberos
trusted
key server system from MIT provides centralised private-key third-party authentication in a distributed network
allows users access to services distributed through network without needing to trust all workstations rather all trust a central authentication server
two
Kerberos Requirements
first
implemented
Kerberos 4 Overview
a
users initially negotiate with AS to identify self AS provides a non-corruptible authentication credential (ticket granting ticket TGT)
have
users subsequently request access to other services from TGS on basis of users TGT
Kerberos 4 Overview
Kerberos Realms
a
this
is termed a realm
if
have multiple realms, their Kerberos servers must share keys and trust
Kerberos Version 5
developed
specified
References
Cryptography
and Network Security:Principles and Practice , William Stallings (Prentice Hall) Advanced Concepts in Operating Systems,Mukesh Singhal,Niranjan ECC Online tutorial , Certicome website,
http://www.certicom.com/resources/ecc_tutorial/ecc_tutorial.html
Cryptography
Any Questions?
Thank you