1. No category

Reviews

Reviews
Rocky K. C. Chang
20 April 2007
Foci of this course
Understand the 3 fundamental
cryptographic functions and how they are
used in network security.
 Understand the main elements in securing
today’s Internet infrastructure.
 Exposed to some current Internet security
problems.

2
Rocky K. C. Chang
Types of attacks

Passive attacks (eavesdropping), e.g.,

ciphertext-only attacks (recognizable plaintext attacks)


known-plaintext attacks


Fred has obtained some <plaintext, ciphertext> pairs.
chosen-plaintext attacks


Fred has seen some ciphertext.
Fred can choose any plaintext he wants.
Active attacks, e.g.,





pretend to be someone else (impersonation)
introduce new messages in the protocol
delete existing messages
substituting one message for another
replay old messages
3
Rocky K. C. Chang
Three cryptographic functions



Hash functions: require 0 key
Secret key functions: require 1 key
Public key functions: require 2 keys
Secret key
functions
Secrecy
service
Public key
functions
Authentication
service
Hash
functions
Message
integrity service
Nonrepudiation
service
4
Rocky K. C. Chang
Secret key
functions
Secrecy
service
Public key
functions
Authentication
service
Hash
functions
Message
integrity service
Nonrepudiation
service
5
Rocky K. C. Chang
Symmetric cryptography

Secret key functions




Stream cipher vs block cipher
Symmetric cryptography based on substitution
(confusion) and diffusion
64-bit DES and 128/192/256-bit AES
Secrecy service


Encrypting data of any size: cipher block chaining (CBC)
Security problems with CBC, e.g., identical and
nonidentical ciphertext blocks.
6
Rocky K. C. Chang
Secret key
functions
Secrecy
service
Public key
functions
Authentication
service
Hash
functions
Message
integrity service
Nonrepudiation
service
7
Rocky K. C. Chang
Cryptographic hash functions and MAC

Hash functions


3 properties: pre-image resistance, collision resistance,
and mixing transformation
The birthday problem and attack





k  1.774q, where q is the number of distinct hash
outputs
The length of a secure hash output ≥ 256 bits
Hash function standards (MDx, SHA-x)
2 problems: length extension and partial message
collision
Message authentication codes


A successful attack on MAC
CBC-MAC and HMAC
8
Rocky K. C. Chang
Secret key
functions
Secrecy
service
Public key
functions
Authentication
service
Hash
functions
Message
integrity service
Nonrepudiation
service
9
Rocky K. C. Chang
The public-key cryptography




Prime numbers, modulo a prime
A group for the set of numbers modulo a prime p
without 0 under multiplication
Compute the multiplicative inverse using the
extended Euclid algorithm.
Generate a large prime number.


The Rabin-Miller test determines whether an odd integer
is prime.
Each party involved in a public-key cryptographic
system is one secret and one public “key”.
10
Rocky K. C. Chang
The Diffie-Hellman (DH) protocol

The DH protocol uses the multiplicative group
modulo p, where p is a very large prime.



The basic Diffie-Hellman (DH) protocol



A generator g generates a set of numbers 1, g, g2, …, gt1 (gt = 1 again).
Subgroups (t < p-1) and group (t = p-1)
(g, p) and a random number in (1, 2, …, p-1)
The discrete logarithm problem
Security problems



Using a smaller subgroup ({1}, {1, p-1}) and a safe
prime
Squares and nonsquares
Man in the middle attack
11
Rocky K. C. Chang
Alice
Bob
Check (p, q, g)
Check (p, q, g)
Randomly pick x
from {1, …, q-1}
X = gx
Check 1 < X < p
and Xq = 1
Y = gy
Randomly pick y
from Z*p
Check 1 < Y < p
and Yq = 1
k  Yx mod p
k  Xy mod p
12
Rocky K. C. Chang
The RSA algorithm

In RSA, we perform modulo a composite number
n = p  q, where p and q are large primes.





Use 2 different exponents e (public) and d (private),
such that e  d = 1 mod t, where t = lcm(p – 1, q – 1).
To encrypt m, compute c = me mod n; to decrypt
c, compute cd mod n = m.
To sign m, compute s = m1/e mod n; to verify the
signature, compute se = m mod n.
Choices of e, p, and q
Pitfalls of using RSA, e.g., encrypting a small
message, message signing.
13
Rocky K. C. Chang
Secret key
functions
Secrecy
service
Public key
functions
Authentication
service
Hash
functions
Message
integrity service
Nonrepudiation
service
14
Rocky K. C. Chang
Authentication


Network-based, password-based
Cryptographic authentication
Symmetric and asymmetric
 Challenge and response
 Mutual authentication  2 x one-way authentication.
 Reflection attack and man in the middle attack
Principles:
 One-way: Have the responder influence on what she
encrypts or hashes.
 Have both parties have some influence over the quantity
signed.


15
Rocky K. C. Chang
Secret key
functions
Secrecy
service
Public key
functions
Authentication
service
Hash
functions
Message
integrity service
Nonrepudiation
service
16
Rocky K. C. Chang
Authenticated key exchange

Authenticated Diffie-Hellman exchange

Perfect forward secrecy
Allow both sides to agree on the crypto.
algorithms and the DH parameters.
 A partial solution to denial-of service
attacks using cookies
 It is prudent to couple the key exchange
with authentication.

17
Rocky K. C. Chang
Alice
Bob
s  min p size
Randomly pick Na
from {0, …,2256-1}
s, Na
Choose (p, q, g)
Randomly pick x
from {1, …, q-1}
(p, q, g), X = gx, AUTHB
Check (p, g, q), X,
AUTHB
Randomly pick y
from {1, …, q-1}
k  h(Xy mod p)
Y = gy, AUTHA
Check Y, AUTHA
k  h(Yx mod p)
18
Rocky K. C. Chang
Secure network protocols
in practice
Secret key
functions
Secrecy
service
Public key
functions
Authentication
service
Hash
functions
Message
integrity service
Nonrepudiation
service
20
Rocky K. C. Chang
PKI

Alice generates her public/private key pair.





There will never be a single CA for all or most of
all.



Keep the private key.
Take the public key to the CA, say k
The CA has to verify that Alice is who she says she is.
The CA then issues a digital statement stating that k
belongs to Alice.
There are going to be a large number of PKIs.
Use different key pairs in different PKIs.
Choose between a key server approach and a PKI
approach.
21
Rocky K. C. Chang
IPSec
Unicast, unidirectional security association
at the IP layer
 Authentication Header and Encapsulation
Security Payload
 Partial solution to the replay attack
 Tunnel mode and transport mode
 Encryption without authentication is
useless.
 Outbound and inbound packet processing

22
Rocky K. C. Chang
IKEv.1


IKE phase 1 (ISAKMP association) and phase 2
The main mode consists of 3 message pairs.




The phase 1 is protected with encryption and
authentication.


1st pair: ISAKMP SA negotiation
2nd pair: a D-H exchange and an exchange of nonces
3rd pair: Peer authentication
Establish IPSec associations and the necessary keys.
A new issue here is hiding the identities of the
end points
23
Rocky K. C. Chang
TLS 1.0/ SSL 3.0
Pros and cons of providing security
services at the transport layer instead of
the IP layer.
 The TLS Handshake and Record layers.
 Session states and connection states



The session states can be reused to establish a
new connection.
Server and client authentication
24
Rocky K. C. Chang
Network security is more than the above
Wireless security: IEEE 802.11i, RFID,
Bluetooth, IP telephony, etc
 Worms and buffer overflow attacks
 Denial-of-service and degradation-ofservice attacks
 Data security
 Covert channel, privacy protection

25
Rocky K. C. Chang
Network security is more than the above









Security policies
Operational issues
Human issues
Vulnerability analysis
Auditing
Intrusion detection
System security
Program security
etc
26
Rocky K. C. Chang
“Security is a chain; it’s only as secure as
the weakest link.”
“Security is not a product; it itself is a
process.”
Bruce Schneier
27
Rocky K. C. Chang

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2025 Paperzz