Post on 16-Jan-2016
transcript
COEN 351 E-Commerce Security
Essentials of Cryptography
Cryptography
Scrambles a plain-text into crypto-text.
Enables to descramble plain text.
Symmetric Cryptography
Uses the same key for encryption, decryption
Asymmetric Cryptography
Uses different key for encryption, decryption
Message Authentication Codes
Condenses message into a short hash
• SHA1, … MD5, … are appropriate cryptographically secure hash functions• For example, encrypt only the MAC with a key known to sender and receiver.
Message Authentication Code
Alternatively, use a secret key. This also provides authentication.
Use of Asymmetric Cryptography
Generic idea:Make one key public. How?
Website Website can be spoofed.
On your business card Works for individuals, requires recipient to
type in several lines of gibberish correctly. From a trusted source
Going back and back: Where does the trust stem from?
Use of Asymmetric Cryptography
Notations: E – public key, D – secret key EC (M) – encryption of M using key C.
DC(M) – decryption of M using key C.
Asymmetric cryptography key identities DEED(M) = M
DDEE(M) = M
Use of Asymmetric Cryptography
Secret Transmission of messages Alice uses public key of Bob to
encrypt her messages to him: EE(Bob)
(M). Bob uses his private key to decrypt
the message: DD(Bob)EE(Bob)(M).
Use of Asymmetric Cryptography
Signing a message I: Alice encrypts the message with her private
key: ED(Alice)(M).
Bob decrypts with her public key and
obtains M = DE(Alice) ED(Alice)(M).
If M makes sense, Bob knows that someone with Alice secret key send the message.
Use of Asymmetric Cryptography Signing a message II
This method avoids encryption of the whole message.
Asymmetric cryptography is very compute intensive.
Alice uses a MAC of her message: MAC(M). She sends Bob M and ED(Alice)(MAC(M)). Bob calculates
MAC(M) = DE(Alice) (ED(Alice)(MAC(M))). Bob verifies that this is the correct MAC. Bob concludes that the message was sent
by someone knowing Alice’s private key.
Key Management
Generic Rules: Use symmetric cryptography as much
as possible for performance. Never use keys more than once.
Key Management becomes an issue.
Key Management
Keys have limited lifetimes: Cryptanalysis is easier with more
material. Breaking WEP involves harvesting a large
number of packets. Once found, a compromised key
continues to do damage.
Key Management
Key Management Life Cycles: Key establishment
Key generation Key distribution
Key backup / recovery, key escrow Key replacement / update (rekeying) Key revocation Key expiration / Key termination / Key
destruction
Key Management
Key generation Uses random number generation
Pseudo-random generation derived from a seed
WEP: seed based on user key word. Not as random as appeared.
Hardware random number generation Combined methods
Key Management
Key distribution Has issues of authentication and confidentiality. Diffie-Hellman protocol solves confidentiality:
Allows two parties to agree on a common secret. Subject to the man-in-the-middle attack
Alice thinks that she shares a secret with Bob. In reality, she communicates with M, and shares the
secret with him. M shares another secret with Bob.
Key Management Key backup / recovery
Accidental loss of key hardware failure, forgotten password …
Control of encrypted information Employer cannot entrust enterprise-critical data to
complete control of a single / group of employees. Key escrow
To preserve possibility of access by law enforcement agencies.
In the UK, it is a crime to withhold a key to encrypted data under subpoena.
In the US, such a law is seen to contradict 5th amendment protection.
Key Management
Key destruction Secure key destruction is far easier
than secure file erasure. Key destruction destroys accessibility
to encrypted data. Key archiving
Necessary for validation of old signatures, of integrity of old messages, …
Key Management
Symmetric key transport: Send symmetric key along, protected
by public key of recipient. Saves on processing time
Diffie-Hellman Uses calculation modulo p, p a large
prime. Chooses generator g.
Ideally, gx, x = 0, …, p -2 runs through all numbers 1, … p -1.
Uses the fact that calculating powers gx is computationally feasible.
But discrete logarithm (given gx find x) is not.
Diffie Hellman Alice generates random number a mod p. Bob generates random number b mod p. Alice sends Bob ga mod p. Bob sends Alice gb mod p. Alice calculates (gb)a mod p. Bob calculates (ga)b mod p. These numbers are identical and the
shared key.
Diffie Hellman
Secure against eavesdroppers. Can be secured against man-in-
the-middle by using authenticated gb mod p or by using a published value gb mod p.