4-1.1Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © 2009.

Chapter 4, pp. 117-127. For educational use only. All rights reserved. Aug 26, 2009

• Here, we will look at general methods of making a secure connection, which are widely applicable.

• Later, look at the specifics for Grid computing, which has additional security requirements and constraints.

4-1.2

Secure connections needed in many computer related activities, including e-business and Grid computing.

Fundamental purpose: To able to send confidential information

from one point to another in a network without information being accessible by others not authorized to receive information along the path or at the end of the connection.

4-1.3

Term is used to describe an information exchange protected against eavesdroppers.

4-1.4

The term used to describe assurance that message was not modified in transit (intentionally or by accident).

Unfortunate reality that there are those that would try to access information not meant for them.

4-1.5

Secure connections imply that information is only sent by one that is identifiable by destination and the destination is identifiable by source.

Authentication Process of deciding whether a particular

identity is who he says he is (applies to humans and systems)

4-1.6

Coupled with authentication is allowing access.

Authorization Process of deciding whether a particular

identity can access with particular resource

Access control : Controlling specific types of access.

We will deal with authorization later

4-1.7

User enters a user name and password.

User name and password sent through network to server.

Server validates name and password and responds.

4-1.8

Typical sequence:

login% abwpassword% ******

where user enters his username (abw above) and password, shown here as ********.

Password not displayed so that no one can see it.

Server validates name and password and responds.

If username and password valid, access granted.

4-1.9

Consider a login prompt:

login% abwThere is no such userlogin%

4-1.10

A different login prompt behavior:

login% abwpassword% ******authentication failedlogin%

Second version a little more secure because it reveals less information to a potential intruder, but ...

4-1.11

If name and password sent in plain text, vulnerable to interference and being stolen.

Need to send information in a way it cannot be read by others during transmission.

4-1.12

Basic idea:

Encryption Convert the original message (clear text, or

plain text) to the encrypted message (ciphertext)

Decryption Reverse process of retrieving plaintext

from encrypted text

Term Cryptography used to describe process

4-1.13

Can either:

• Make encryption/decryption algorithm(s) hidden, so that an intruder cannot know it,

or, better:

• Use known algorithm and use a hidden key with the algorithm.

4-1.14

Converts data into scrambled binary patterns, using a large binary number called a key.

A key is also used to convert the scrambled patterns back to the original data.

Algorithms are well-known - it is a specific key(s) that must be kept secure.

4-1.15

Sender and receiver has a same secret key in their possession.

Sender uses secret key to encrypt data.

Receiver uses same key to decrypt data.

Known as symmetric cryptography. Key is called a symmetric key. 4-1.16

4-1.17Fig 4-1

Data (“abra”) has binary representation:

01100001011000100111001001100001

Choose random string of bits as key:

10011101010010001111010101011100

Exclusive-OR patterns to get encrypted message:

11111100001010101000011100111101

To get original message back, use same algorithm and key. (Don't use this algorithm!)

4-1.19

Data Encryption Standard (DES) 56-bit key plus 8 parity bits - IBM 1970’s.

Triple-DES 112 bit key plus 16 parity bits or 168-bit plus 24 parity bits.

RC2 and RC4 use variable sized keys, often between 40 to 128 bits. Designed by Ron Rivest in 1987 RC 2 - 64-bit block algorithm. RC 4 is stream algorithm that accepts a stream

of bits and modifies that stream to create output bits. Has been used in wireless computer connections but shown to be vulnerable to attack.

4-1.20

Need a way of both sender and receiver to obtain secret key without anyone else knowing the key.

Need a different key for each receiver that a sender may communicate with.

4-1.21

Fast encryption/decryption (compared to asymmetric key cryptography (see next).

4-1.22

Uses two keys.

Enables two parties each having a private key to obtain each other’s private key in a secure fashion. Once in possession of the other’s private key, can be used to encrypt messages

First public invention -- Whitfield Diffie, Martin Hellman, and Ralph C. Merkle in 1976.

Patent granted in 1980. However, method already known in UK

classified community in early 1970s.4-1.23

4-1.24

Site A Site B

ga mod p

gb mod p

Prime number, p and base, g, (not secret)

Private key, a Private key, b

Compute(gb mod p)a mod p

Compute (ga mod p)b mod p

Both same(ga mod p)b mod p = (gb mod p)a mod p

Becomes shared secret key Used to encrypt messages using symmetric cryptography.

Devised in 1977, by Rivest, Shamir, and Adleman shortly after Diffie-Hellman key exchange.

Widely adopted.

Also known UK classified community in early 1970s but again not publicly disclosed.

Described in a classified report in 1970 by James Ellis (UK). Declassified in 1987.

Interestingly, in classified documents, RSA discovered first, and then Diffie-Hellman, which was opposite to order of public discovery.

4-1.25

Two keys formed:

Public key Private key

Public and private keys are pairs such that a message encrypted with the public key can only be decrypted with the private key (and vice versa).

4-1.26

4-1.27Fig 4-2

Public key, as name suggests, is available to all.

Private key only known by it’s owner.

Not possible to find the private key from the public key for all practical purposes.

4-1.28

Find P and Q, two large prime numbers (e.g., 1024-bit).

Choose E such that:

E is greater than 1, E is less than PQ, and E and (P-1)(Q-1) have no prime factors in

common (relatively prime).

E does not have to be prime, but it must be odd. (P-1)(Q-1) can't be prime because it's an even number.

4-1.29

Compute D such that (DE - 1) is evenly divisible by (P-1)(Q-1) (Leave no remainder with divided by, i.e. (DE - 1) / (P-1)(Q-1) is an integer.)

4-1.30

Encryption function is:

C = (TE) mod PQwhere: C is the encrypted message

(ciphertext) a positive integer), T is the message being encrypted

plaintext (a positive integer).

T must be less than the modulus, PQ. 4-1.31

Decryption function is:

T = (CD) mod PQwhere:

C is the encrypted message (ciphertext) a positive integer),

T is the message being encrypted plaintext (a positive integer).

4-1.32

Public key is the pair (PQ, E). Private key is the number D

No known easy methods of calculating D, P, or Q given only (PQ, E) if P and Q are very large (1024 bit or more).

If P and Q could be obtained from PQ, i.e. PQ factorized, private key D could easily be obtained

4-1.33

• Though it is widely suspected to be true, it is not yet proven that no easy methods of factoring exist.

• It is not yet proven that the only way to crack RSA is to factor PQ.

• See http://en.wikipedia.org/wiki/RSA for interesting attempts to break code.

4-1.34

Choose first prime number: P = 19Choose second prime number Q = 13

Modulus: PQ = 247

Choose E such that 1 < E < 247 and no factors with 216. Let E = 17

Choose D. Simplest: DE - 1 = (P - 1)(Q - 1), i.e. DE = 217. Then with E = 7, D = 31

Destroy P and Q after computing E and D.4-1.35

Your public key is (E, PQ) = 7, 247 Your private key is D = 31.

Encryption function

(T17) mod 3233

Decryption function

(C2753) mod 3233

4-1.36

To encrypt the plaintext value 123, do this:

encrypt(123) = (12317) mod 3233 = 855

To decrypt the ciphertext value 855, do this:

decrypt(855) = (8552753) mod 3233 = 123

4-1.37

Like secret key schemes, brute force exhaustive search attack is always theoretically possible

but

Requires the use of very large numbers Hence slower than secret key schemes

4-1.38

Public key cryptography can provide for non-repudiation

Sender cannot deny they sent out a message if encrypted with their private key. Can be read with their public key.

4-1.39

4-1.40Fig 4-3

4-1.41

My message that must be kept secret

Original data

Cipher data

Original data

1SEJGDAKLIRD4BNIOAWNM69CVPQEKTDGE

My message that must be kept secretPublic

keyPrivate

Key

Receiver’s

Anyone has access access to the public key and could send the message.

4-1.42

4-1.43

Slow but secure.Fig 4-4

The public key actually must be truly from the owner and the private key must be held securely by the owner.

If the receiver’s public key is used to encrypt the message, anyone can do that as the public key is available to all, so there has to be an additional method to ensure the identity of the sender.

Public key cryptography is slow. Double encryption is even slower.

4-1.44

It requires the key be known by both parties ahead of time or transmitted over a secure channel. (Diffie-Hellman key exchange algorithm could be used.)

Each pair of communicating sites needs its own secret key.

4-1.45

So what is the solution?

Public key infrastructure (PKI) provides a solution. Use public key cryptography to establish identity

and exchange secret key and then use symmetric Cryptography to encrypt messages

See next section.

4-1.46

In security, what is meant by the term "Authentication"?

Answer(a)The process of deciding whether a particular identity can access a particular resource.

(b) The process of giving authority to another identity.

(c) The process of deciding whether a particular identity is who he says he is.

(d) None of the other answers.

4-1.47

QuestionWhat is a Public-Key Cryptography?

Answer(a) Cryptography that uses a single key called a public key

(b) Cryptography that must use double encryption

(c) Cryptography that uses a pair of keys

(d) Cryptography that uses keys held in a public library

4-1.48