# lecture 36 (ppt) ( Security )

Networking and Communications

Nov 20, 2013 (4 years and 7 months ago)

89 views

Network Security

Chapter 8

Cryptography

Cryptography functions

Secret key (e.g., DES)

Public key (e.g., RSA)

Message digest (e.g., MD5)

Security services

Privacy: preventing unauthorized release of information

Authentication: verifying identity of the remote
participant

Integrity: making sure message has not been altered

Encryption Algorithms

Private Key (DES)

64
-
bit key (56
-
bits + 8
-
bit
parity)

16 rounds

Round 1

Round 2

Round 16

. . .

plain text

Initial Permutation

Final Permutation

56bit

Key

Encrypt w/

Secret Key

Decrypt w/

Secret Key

plaintext

plaintext

ciphertext

Each round

Function F and generation of
K
i

for
each round not shown

Repeat for larger messages

L

i
-
1

R

i 1

L

i

R

i

F

+

i

K

cipher

1

block

1

DES

+

IV

cipher

block

DES

+

2

2

cipher

block

DES

+

3

3

cipher

block

DES

+

4

4

Multiplicative inverse
for public key

With n=7

4*2 mod 7 = 1

4

and
2

are multiplicative inverses mod 7

4
*3 mod 7 = 12 mod 7 = 5

2
*5 mod 7 = 10 mod 7 = 3

If you multiply any number by 4, take the
result and multiply it by 2, you will get the
original number back

Encryption & Decryption

c = m
e

mod n

m = c
d

mod n

Encrypt w/

Public Key

Decrypt w/

Private Key

plaintext

plaintext

ciphertext

Public Key (RSA)

Based on multiplicative group operations

Generate a public and private key

choose two large prime numbers
p

and
q

(each 256 bits)

multiply
p

and
q

together to get
n (at most 512 bits)

choose the encryption key
e
, such that
e

and
(p
-
1
)
x

(q
-
1
)

are relatively prime

two numbers are relatively prime if they have no common factor
greater than one.

compute decryption key
d
such that

d = e
-
1

mod((p
-
1)*(q
-
1))

construct public key as <
e, n
>

construct private key as <
d, n
>

discard (do not disclose) original primes
p

and
q

Example

p=5, q=11, n=p*q=55, m=message=9,

(p
-
1)(q
-
1)=40, e=23 and (p
-
1)*(q
-
1) are relatively
prime

We want d*e=1mod 40, d*23=1mod40

You can try all values less than 40

23*2=46=6mod40, 23*3=69=29mod40, 23*4=92=12mod40,
23*5=115=35mod40, 23*6=138=18mod40

23*7=161=1mod40, d=7

For a message m=9

c=m
e
modn=9
23
mod55 How big is this?

= 9
10
mod55*9
13
mod55= 1*14 mod 55

m=c
d
modn=14
7
mod55=105413504mod55=9

Breaking RSA

1977 challenge to break 430
-
bit message

Estimated 40 Quadrillion years to factor large
composites

April 1994 broken with 5000 MIP
-
years of
CPU

Breakage can be easier if something is
known about the key generation (time of day)

Message Digest

Cryptographic checksum:

just as a regular checksum protects the
receiver from accidental changes to the
message, a cryptographic checksum
changes to the message.

One
-
way function:

given a cryptographic checksum for a
message, it is virtually impossible to figure
out what message produced that
checksum; it is not computationally feasible
to find two messages that hash to the
same cryptographic checksum.

Relevance:

if you are given a checksum for a message
and you are able to compute exactly the
same checksum for that message, then it
is highly likely this message produced the
checksum you were given.

Speed

175MHz DEC Alpha

Custom Hardware

Sonicwall claims 54Mbps DES3 in hardware

Md5 1.27Gbps

SHA 1.02Gbps

RSA 400 keys/second

Three
-
way handshake

Authentication
Protocols

CHK, SHK are
keys known by
both sides

When this message is
server, the identity of
the client is not
known

At this point the
client knows
the identity of
the server since
it decrypted x

At this point the
server knows the
client because it was
able to decrypt y

A new session key is
exchanged so CHK and SHK
aren’t as vulnerable to attacks

Client

Server

Three Way Handshake

Assumes both sides know CHK and
SHK

This could correspond to a password

We still need a way to distribute keys
assuming the client and server share no
keys

Kerberos

Trusted third party (Kerberos)

A

S

B

S shares K
A

with A, but B does
not know K
A
, A does not know
K
B

A Asks S for a key to
communicate with B

S responds encoding the session
key K and timestamp T and
length of time to expire L

A can’t decrypt the second
message

A proves it knows the
encryption key K

Forwarded from S

B Proves it was able to
decrypt message from S

Kerberos

K is used like a DES session Key

Key exchange depends on a trusted 3
rd

party

A

B

Public key
authentication

Message Integrity
Protocols

Digital signature using RSA

special case of a message integrity where
the code can only have been generated by
one participant

compute signature with private key and
verify with public key

Making Signatures

Compute checksum of signed document

Encrypt checksum, time and date, and
other information using private key

Attach digital signature to end of
document

Optionally, encrypt signed document

Checking Signatures

Decrypt signed document, if necessary,
using private key

Decrypt digital signature using public
key

Verify checksum for document

Display the time and date of the
document

Keyed MD5 Old Version

sender

m

+ MD5(
m

+
k
) + E(
k
,
private
)

recovers random key using the sender's public key

applies MD5 to the concatenation of this random
key message

compares result with checksum sent with
message

Man
-
in
-
the middle can intercept, change
message, and the receiver wont know

Sender

m

+ MD5(
m

+
k
) + E(
k
, r
-
public)

recovers random key using the receivers private
key

applies MD5 to the concatenation of this random
key message

compares result with checksum sent with
message

Man
-
in
-
the middle can make up a new key
and send it using the receivers public key

Keyed MD5

Sender

m

+ MD5(
m

+
k
) + E(E(
k
, r
-
public), s
-
private)

recovers random key using the sender's public key

applies MD5 to the concatenation of this random
key message

compares result with checksum sent with
message

Man
-
in
-
the middle can not intercept k
because it is encrypted with the public key of

MD5 with RSA signature

Sender

m

+ E(MD5(
m), s
-
private)

recovers MD5 using the sender's public key

applies MD5 to the message

compares result with checksum sent with message

Man
-
in
-
the middle can not generate an encrypted
MD5, but it does expose RSA to a known encrypted
value