# Computer Security Chapter III.pdf

27 de May de 2023
1 de 66

### Computer Security Chapter III.pdf

• 1. School of Informatics Department of Computer Science Chapter III Cryptography and Encryption Techniques Compiled by Dawit Uta. (M. Tech.) Computer Science Department, WSU website address: www.davidtechnotips.com
• 2. Contents  3.1 Basic cryptographic terms  3.2 Historical background  3.3 Cipher Techniques  Transposition Cipher  Substitution Cipher  3.4 Conventional encryption algorithms  3.5 Cryptanalysis  3.6 Cryptographic Systems  Symmetric key cryptography (DES, 3DES, AES, Block Cipher Modes 2  Public key cryptography (Diffie- Hellman, RSA)  3.6.3 Digital Signature  Using Public Key  Using Message Digest(MD4family, SHA family, RIPEMD)  Public key Infrastructure (PKI)
• 3. 3.1 Basic Cryptographic Terms  Terminology • Cryptography: Schemes for encryption and decryption • It is an indispensable tool used to protect information in computing systems.  It is used everywhere and by billions of people worldwide on a daily basis.  It is used to protect data at rest and data in motion.  Cryptographic systems are an integral part of standard protocols, most notably the Transport Layer Security (TLS) protocol, making it relatively easy to incorporate strong encryption into a wide range of applications. • Encryption (encipherment): The process by which plaintext is converted into cipher- text, by performing various substitutions and transformations on the plaintext • Decryption (decipherment): Recovering plaintext from the cipher-text. 3
• 4. 3.1 Basic Cryptographic Terms cont…  This is essentially the encryption algorithm run in reverse.  It takes the ciphertext and the secret key and produces the original plaintext.  Secret key: Used to set some or all of the various parameters used by the encryption algorithm. In a classical (symmetric key) cryptography, the same secret key is used for encryption and decryption.  Cryptanalysis: The study of “breaking the code”.  Cryptology: Cryptography and cryptanalysis together constitute the area of cryptology. 4
• 5. 3.2 Historical background  Human being from ages had two inherent needs − (a) to communicate and share information and (b) to communicate selectively.  These two needs gave rise to the art of coding the messages in such a way that only the intended people could have access to the information. Unauthorized people could not extract any information, even if the scrambled messages fell in their hand.  The art and science of concealing the messages to introduce secrecy in information security is recognized as cryptography.  The word ‘cryptography’ was coined by combining two Greek words, ‘Krypto’ meaning hidden and ‘graphene’ meaning writing.  The art of cryptography is considered to be born along with the art of writing. As civilizations evolved, human beings got organized in tribes, groups, and kingdoms. This led to the emergence of ideas such as power, battles, supremacy, and politics.  These ideas further fueled the natural need of people to communicate secretly with selective recipient which in turn ensured the continuous evolution of cryptography as well. 5
• 6. 3.2 Historical background cont…  The roots of cryptography are found in Roman and Egyptian civilizations  The first known evidence of cryptography can be traced to the use of ‘hieroglyph’. Some 4000 years ago, the Egyptians used to communicate by messages written in hieroglyph  This code was the secret known only to the scribes who used to transmit messages on behalf of the kings  Later, the scholars moved on to using simple mono-alphabetic substitution ciphers during 500 to 600 BC. This involved replacing alphabets of message with other alphabets with some secret rule. This rule became a key to retrieve the message back from the garbled message.  The earlier Roman method of cryptography, popularly known as the Caesar Shift Cipher, relies on shifting the letters of a message by an agreed number (three was a common choice), the recipient of this message would then shift the letters back by the same number and obtain the original message. 6
• 7. 3.2 Historical background cont…  7 After the 19th century, cryptography evolved from the ad hoc approaches to encryption to the more sophisticated art and science of information security. In the early 20th century, the invention of mechanical and electromechanical machines, such as the Enigma rotor machine, provided more advanced and efficient means of coding the information. During the period of World War II, both cryptography and cryptanalysis became excessively mathematical. With the advances taking place in this field, government organizations, military units, and some corporate houses started adopting the applications of cryptography.
• 8. 3.2 Historical background cont…  60 BC: Julius Caesar invents a substitution cipher that shifts characters by three places: A becomes D, B becomes E and etc.  Early 1970s: IBM forms a 'crypto group', which designs a block cipher to protect the company's customers' data.  In 1973, the US adopts it as a national standard - the Data Encryption Standard, or DES. It remains in use until it was cracked in 1997.  In 1976, Whitfield Diffie and Martin Hellman published a research paper on what would be defined as the Diffie-Hellman key exchange.  2000: DES is replaced by the Advanced Encryption Standard, which is found through a competition open to the public.  2005: Elliptic-curve cryptography (ECC) is an advanced public-key cryptography scheme that allows shorter encryption keys. Elliptic curve cryptosystems are more challenging to break than RSA and Diffie-Hellman. 8
• 9. 3.2 Historical background cont…  This method is perfect for smart cards (banking cards, ID cards..), smartphones, and IoT devices (connected objects.)  It's the mechanism used to protect bitcoins or messages on Signal or Telegram.  WhatsApp also uses ECC from the open-source Signal Protocol developed by Open Whisper Systems. The US government is also using it to protect internal communications.  ECC is becoming the preferred solution for digital privacy and security.  Encryption is what keeps your personal data secure when you're shopping or banking online. It scrambles data like your credit card details and home address to ensure hackers can't misuse this information.  Today, AES is available royalty-free worldwide and is approved for use in classified US government information. Today as more and more services move to the cloud, encrypting data in transit is crucial, and cryptographers are constantly developing and refining solutions to this challenge. 9
• 10. 3.3 Cipher Techniques  Transposition Cipher: is type of cipher where the order of the alphabets in the plaintext is rearranged to create the cipher text. The actual plaintext alphabets are not replaced.  An example is a ‘simple columnar transposition’ cipher where the plaintext is written horizontally with a certain alphabet width. Then the ciphertext is read vertically as shown. 10 For example, the plaintext is “golden statue is in eleventh cave” meaning የወርቅ ሐውልት በአስራ አንደኛው ዋሻ ውስጥ ነው። and the secret random key chosen is “five”. We arrange this text horizontally in table with number of column equal to key value. The resulting text is shown below.
• 11.  The ciphertext is obtained by reading column vertically downward from first to last column. The ciphertext is ‘gnuneaoseenvltiltedasehetivc’.  To decrypt, the receiver prepares similar table. The number of columns is equal to key number. The number of rows is obtained by dividing number of total ciphertext alphabets by key value and rounding of the quotient to next integer value.  The receiver then writes the received ciphertext vertically down and from left to right column. To obtain the text, he reads horizontally left to right and from top to bottom row. 11
• 12. 3.4 Conventional encryption algorithms  Conventional Encryption involves transforming plaintext messages into cipher text messages that are to be decrypted only by the intended receiver  In conventional encryption, it is assumed that it is mathematically impossible to derive the plaintext from the ciphertext without the key Therefore, it is essential that the key remains secret.  Cryptography has five ingredients: • Plaintext • Encryption algorithm • Secret Key • Ciphertext • Decryption algorithm  Security depends on the secrecy of the key, not the secrecy of the algorithm. 12
• 13. 3.4 Conventional encryption algorithms cont… Simplified Encryption Model: 13
• 14. 3.4 Conventional encryption algorithms cont… Description:  A sender S want to transmit message M to a receiver R  To protect the message M, the sender first encrypts it into an unintelligible message M’  After receipt of M’, R decrypts the message to obtain M  M is called the plaintext • What we want to encrypt  M’ is called the ciphertext • The encrypted output 14
• 15. 3.4 Conventional encryption algorithms cont… Notation:  Given • P=Plaintext • C=Ciphertext • k=key shared by sender and receiver  C = EK (P) Encryption  P = DK (C) Decryption 15
• 16. 3.4 Conventional encryption algorithms cont… Example:  Caesar Cipher: The earliest known example of a substitution cipher in which each character of a message is replaced by a character three position down in the alphabet. A becomes D, B becomes E, and so on. • Plaintext: are you ready • Ciphertext: duh brx uhdgb  If we represent each letter of the alphabet by an integer that corresponds to its position in the alphabet:  The formula for replacing each character ‘p’ of the plaintext with a character ‘c’ of the ciphertext can be expressed as: c = E3(p ) = (p + 3) mod 26 16
• 17. 3.4 Conventional encryption algorithms cont…  A more general version of this cipher that allows for any degree of shift: • c = Ek(p ) = (p + k) mod 26  The formula for decryption would be • p = Dk(c ) = (c - k) mod 26  In these formulas • ‘k’ is the secret key. The symbols ’E’ and ’D’ stand for Encryption and Decryption respectively, and p and c are characters in the plain and cipher text respectively. 17
• 18. 3.5 Cryptanalysis  Cryptanalysis is a process of finding weaknesses in cryptographic algorithms and using these weaknesses to decipher the ciphertext without knowing the secret key (instance deduction).  Sometimes the weakness is not in the cryptographic algorithm itself, but rather in how it is applied that makes cryptanalysis successful.  Cryptanalysis experts study ciphers, cryptosystems, and ciphertext to understand their functions. Then, they use that knowledge to find or improve techniques to weaken or defeat them. However, as we're about to see, it can be used for good or nefarious purposes.  Who Uses Cryptanalysis?  Unsurprisingly, hackers use cryptanalysis. Would-be hackers use cryptanalysis to root out cryptosystem vulnerabilities rather than a brute force attack.  Governments use cryptanalysis to decipher the encrypted messages of other nations.  Companies specializing in cybersecurity products and services use cryptanalysis to test their security features.  Even the world of academia gets in on the action, with researchers and academicians looking for weaknesses in cryptographic algorithms and protocols. 18
• 19. Cryptography and Intruders  Eavesdropping (listening/spying the message) • An intruder may try to read the message • If it is well encrypted the intruder will not know the content • However, just the fact the intruder knows that there is communication may be a threat (Traffic analysis)  Modification • Modifying a plaintext is easy, but modifying encrypted messages is more difficult  Insertion of messages • Inserting new message into a cipher-text is difficult 19
• 21. 3.6 Cryptographic Systems Symmetric and Public Key Cryptography  3.6.1 Symmetric encryption or secret key encryption, uses a common key and the same cryptographic algorithm to encrypt and decrypt the message.  The security of the transmitted data depends on the assumption that eavesdroppers and cryptanalysts with no knowledge of the key are unable to read the message.  However, for a symmetric encryption scheme to work, the key must be shared between the sender and the receiver. The sharing is usually done through passing the key from the sender to the receiver.  Keep the key secure while being transported from the sender to the receiver. Common practice for the key to be transferred is using telephone.  Symmetric algorithms are faster than their counterparts, the public key algorithms. 21
• 22. 22 De
• 23.  Secure file transfer protocols like SFTP, FTPS, HTTPS, and WebDAVS (Web Distributed Authoring and Versioning is a protocol whose basic functionality includes enabling users to share, copy, move and edit files through a web server) encrypt data through symmetric key ciphers.  These ciphers can be classified into two groups: stream ciphers and block ciphers.  Block Cipher and Stream Cipher are the methods used for converting the plain text into cipher text directly and belong to the family of symmetric key ciphers.  A stream cipher is an encryption algorithm that encrypts 1 bit or byte of plaintext at a time.  RC4, which stands for Rivest Cipher 4, is the most widely used of all stream ciphers, particularly in software.  Rivest Cipher 4 is a type of encryption most common and earliest stream ciphers that has been around since the 1980s.  It has been widely used in the Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols, Wired Equivalent Privacy (WEP), and IEEE 802.11 wireless LAN standard 23
• 24.  Because RC4 is a stream cipher, it is more flexible than common block ciphers. If not used together with a strong message authentication code (MAC), then encryption is vulnerable to a bit-flipping attack. The cipher is also vulnerable to a stream cipher attack if not implemented correctly. Shorter length keys are easily broken using brute force attacks.  Experts recommend that the minimum length of the key should be 128 bits for protection against cyber-attacks.  These recent findings will surely allow other stream ciphers (e.g. SALSA, SOSEMANUK, PANAMA, and many others, which already exist but never gained the same popularity as RC4) to emerge and possibly take its place.  A block cipher encrypts a fixed size of n-bits of data - known as a block - at one time.  The usual sizes of each block are 64 bits, 128 bits, and 256 bits. So for example, a 64-bit block cipher will take in 64 bits of plaintext and encrypt it into 64 bits of ciphertext.  In cases where bits of plaintext is shorter than the block size, padding schemes are called into play.  Majority of the symmetric ciphers used today are actually block ciphers. DES, Triple DES, AES, IDEA, and Blowfish are some of the commonly used encryption algorithms that fall under this group. Lets see each of their details. 24
• 25. 3.6.1.1 Data Encryption Standard (DES)  The Data Encryption Standard (DES) is a system developed for the U.S. government, was intended for use by the general public. It has been officially accepted as a cryptographic standard both in the United States and abroad. Moreover, many hardware and software systems have been designed with the DES. However, recently its adequacy has been questioned.  In 1972, the NBS (National Bureau of Standards, now called NIST - National Institute of Standards and Technology) published a request for an encryption algorithm that would meet the following criteria: have a high security level and easily understandable not depend on the algorithm's secrecy available to all users, adaptable for use in diverse applications economical to implement in electronic devices efficient to use, able to be validated, exportable 25
• 26. 3.6.1.1 Data Encryption Standard (DES) cont… Few organizations responded to the call, so the NBS issued a second announcement in August 1974. The most promising suggestion was the Lucifer algorithm on which IBM had been working for several years Later it became known as the Data Encryption Standard, although its proper name is DEA (Data Encryption Algorithm) in the United States and DEA1 (Data Encryption Algorithm-1) in other countries. The DES was officially adopted as a U.S. federal standard in November 1976, authorized by NBS for use on all public and private sector unclassified communication. Eventually, DES was accepted as an international standard by the International Standards Organization. 26
• 27. 3.6.1.1 Data Encryption Standard (DES) cont….  In DES, plaintext is affected by a series of cycles of a substitution followed by a permutation.  DES Utilizes block cipher, which means that during the encryption process, the input plaintext is divided into fixed length blocks of 64 bits. The 64 data bits are permuted by a socalled initial permutation.  The key is 56 bits wide. Out of the total 64-bit block key, 8-bit is ignored are assumed to be parity bits that carry no information in the key.  56-bit key gives 256 ( 7.2*1016) possible key variations  DES algorithm involves carrying out combinations, substitutions and permutations between the text to be encrypted and the key, while making sure the operations can be performed in both directions (for decryption).  The combination of substitutions and permutations is called a product cipher. 27
• 28. 3.6.1.1 Data Encryption Standard (DES) cont…. 28 DES General Architecture
• 29. 3.6.1.1 Data Encryption Standard (DES) cont….  DES Encryption starts with an initial permutation (IP) of the 64 input bits. These bits are then divided into two 32-bit halves called L and R. The encryption then proceeds through 16 rounds, each using the L and R parts, and a subkey.  The R and subkeys are processed in the so called f-function, and exclusive-or of the output of the f-function with the existing L part to create the new R part. The new L part is simply a copy of the incoming R part.  In the final round, the L and R parts are swapped once more before the final permutation (FP) producing the output block.  Decryption is identical to encryption, except that the subkeys are used in the opposite order. That is, subkey 16 is used in round 1, subkey 15 is used in round 2, etc., ending with subkey 1 being used in round 16. 29
• 30. 3.6.1.1 Data Encryption Standard (DES) cont…. 30 LEi = REi−1 REi = LEi−1 ⊕ F (REi−1, Ki) Mathematical description for f function in the encryption process
• 31. 3.6.1.1 Data Encryption Standard (DES) cont….  Compared to public-key ciphers, such as RSA, the structure of DES and most symmetric ciphers is very complex and cannot be explained as easily as RSA and similar algorithms.  Cryptanalysis of DES: Using current technology, 56-bit key size is vulnerable to a brute force attack.  Brute Force: Known-Plaintext Attack (the cryptanalyst knows one or several pairs of ciphertext and the corresponding plaintext.)  DES is an early data encryption standard endorsed by the U.S. NBS; (now the National Institute of Standards and Technology).  It was phased out at the start of the 21st century by a more secure encryption standard, known as the Advanced Encryption Standard (AES), which was better suited for securing commercial transactions over the Internet. 31
• 32. Decryption of DES  The decryption algorithm is exactly the same as the encryption algorithm with the only difference that the round keys are used in the reverse order.  The output of each round during decryption is the input to the corresponding round during encryption except for the left-right switch between the two halves.  This property holds true regardless of the choice of the Feistel function F.  To prove the above claim, let LDi and RDi denote the left half and the right half of the output of the ith round.  The relationship between the two halves that are input to the first decryption round and what is output by the encryption algorithm is: LD0 = RE16 RD0 = LE16 32
• 33. Decryption of DES cont….  We can write the following equations for the output of the first decryption round LD1 = RD0 = LE16 = RE15 RD1 = LD0 ⊕ F (RD0, K16) = RE16 ⊕ F (LE16, K16) = [LE15 ⊕ F (RE15, K16)] ⊕ F (RE15, K16) = LE15 33
• 34. Decryption in DES cont….. 34
• 35. 3.6.1.2 Triple DES  Triple DES (3-DES), provides enhanced security by executing the DES algorithm three times in a row.  With triple length key of three 56-bit keys K1, K2 & K3, encryption is: Encrypt with K1 Decrypt with K2 Encrypt with K3  Decryption is the reverse process: Decrypt with K3 Encrypt with K2 Decrypt with K1  It is more secure than the original DES cipher but as compared to other modern algorithms, triple DES is quite slow and inefficient. 35
• 36.  Because of the concerns about the fixed-sized key of DES and the fact that computing power was continually increasing against that stationary target, security analysts began to search for a replacement for DES. In January 1997, NIST called for cryptographers to develop a new encryption system  The DES replacement would also have to be a symmetric block cipher that could operate on blocks of at least 128 bits.  Finally, to overcome the key length limitation of DES, NIST required the new algorithm to be able to use keys 128,192, and 256 bits long.  In August 1998, fifteen algorithms were chosen from among those submitted; in August 1999, the field of candidates was narrowed to five finalists  The final selection was made on the basis not only of security but also of cost or efficiency of operation and ease of implementation in software.  The winning algorithm, submitted by two Dutch cryptographers, was Rijndael (pronounced RINE dahl); the algorithm’s name is derived from the creators’ names, Vincent Rijmen and Joan Daemen 36 3.6.1.3 Advanced Encryption Standard (AES)
• 37.  AES has replaced the DES algorithm and has been adopted by the U.S. government. It is a symmetric key cipher and uses blocks in multiple 32 bits with minimum length fixed at 128 bits and maximum at 256 bits. The original name of AES is Rijndael.  AES is more popular and widely adopted symmetric encryption algorithm likely to be encountered nowadays. It is found at least six time faster than triple DES.  The algorithm consists of 10, 12 or 14 cycles, for a 128-, 192-, or 256-bit key, respectively. Each cycle (called a “round” in the algorithm) consists of four steps.  Except for the last round in each case, all other rounds are identical  Each round of processing includes one single-byte based substitution step, a row-wise permutation step, a column-wise mixing step, and the addition of the round key.  The order in which these four steps are executed is different for encryption and decryption. 37 3.6.1.3 Advanced Encryption Standard (AES)
• 38.  Byte substitution:- this step uses a substitution of each byte of a 128-bit block according to a substitution table. 38 3.6.1.3 Advanced Encryption Standard (AES)  Shift row:- Certain bits are shifted to other positions.  Mix column:- this step involves shifting left and XORing bits with themselves.  Add round key:- Here, a portion of the key unique to this cycle is XORed with the cycle result. The Structure of AES AES Encryption process AES Decryption process performed in reverse order: Add round key =>Mix column=>Shift row=>Byte substitution
• 39.  These are procedural rules for a generic block cipher. Interestingly, the different modes result in different properties being achieved which add to the security of the underlying block cipher.  A block cipher processes the data blocks of fixed size. Usually, the size of a message is larger than the block size. Hence, the long message is divided into a series of sequential message blocks, and the cipher operates on these blocks one at a time.  Electronic Code Book (ECB) Mode: this mode is a most straightforward way of processing a series of sequentially listed message blocks. This mode is deterministic  The user takes the first block of plaintext and encrypts it with the key to produce the first block of ciphertext.  Then also takes the second block of plaintext and follows the same process with same key and so on until the plain text block finishes. 39 3.6.1.4 Block Cipher Modes
• 40. 40 3.6.1.4 Block Cipher Modes cont…  A ciphertext from ECB can allow an attacker to guess the plaintext by trial-and- error if the plaintext message is within predictable.  For example, if a ciphertext from the ECB mode is known to encrypt a salary figure, then a small number of trials will allow an attacker to recover the figure.  In general, it is not good wish to use an ECB mode in most applications  Cipher Block Chaining (CBC) Mode: this mode of operation provides message dependence for generating ciphertext and makes the system non-deterministic.  This mode uses what is known as an initialization vector (IV) of a certain length.  Other modes are also available such as Cipher feedback (CFB), Output Feedback (OFB), Counter(CTR)
• 41.  Here are a few notable examples of where developers can use the AES encryption  VPNs (Virtual Private Networks): As the job of a VPN is to securely connect you to another server online, only the best methods of encryption can be considered so that your data wouldn’t leak. The VPNs that use the advanced encryption standard with 256-bit keys include NordVPN, Surfshark, and ExpressVPN.  Wi-Fi:-That’s right - wireless networks also use AES encryption (usually, together with WPA2). This is not the only type of encryption Wi-Fi networks can use, however, most of the other encryption methods are far less safe.  Mobile applications:- Many popular apps (like Snapchat and Facebook Messenger) use AES encryption in order to safely send info like photos and messages.  Archive and compression tools:- All major file compression programs use AES to prevent data from leaking. These tools include 7z, WinZip, and RAR. 41 3.6.1.5 Application areas of AES
• 42.  OS system components: Some operating system components (like file systems) use the advanced encryption standard for an extra layer of safety.  Programming language libraries: The libraries of such coding languages like Java, Python, and C++ implement AES encryption.  Password managers: These are the programs that carry a lot of sensitive information.  That’s why password managers like LastPass and Dashlane don’t skip the important step of AES implementation.  Aside from all the things mentioned before, you will encounter the AES encryption algorithm in various file systems and disk encryption systems, as well as web browsers. 42 Application areas of AES cont…
• 43.  Points to remember  AES is a block cipher.  The key size can be 128/192/256 bits.  Encrypts data in blocks of 128 bits each.  That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text as output.  AES relies on substitution-permutation network principle which means it is performed using a series of linked operations which involves replacing and shuffling of the input data.  AES performs operations on bytes of data rather than in bits. Since the block size is 128 bits, the cipher processes 128 bits (or 16 bytes) of the input data at a time. 43 Summary of AES
• 44.  Online available AES Encryption and Decryption Online Tool(Calculator), you can practice using the link below  https://www.devglan.com/online-tools/aes-encryption-decryption  https://www.javainuse.com/aesgenerator 44 Advanced Encryption Standard (AES) online tools
• 45. Symmetric and Public Key cont…. Problems with Symmetric Encryption  The biggest problem is that a single key must be shared in pairs of each sender and receiver. In a distributed environment with large numbers of combination pairs involved in many-to-one communication topology, it is difficult for the one recipient to keep so many keys in order to support all communication.  The integrity of data can be compromised because the receiver cannot verify that the message has not been altered before receipt.  It is possible for the sender to repudiate the message because there are no mechanisms for the receiver to make sure that the message has been sent by the claimed sender.  The method does not give a way to ensure secrecy even if the encryption process is compromised.  The secret key may not be changed frequently enough to ensure confidentiality. 45
• 46. Symmetric and Public Key cont…. 3.6.2 Public Key encryption/cryptography  Public key cryptography, commonly known asymmetric encryption, uses two different keys, a public key known to all and a private key known only to the sender and the receiver.  It has made cryptography available for the general public and made many of today’s on-line application feasible  It uses Mathematical functions whose inverse is not known by Mathematicians of the day. Both the sender and the receiver own a pair of keys, one public and the other a closely guarded private one.  Keys for encryption and decryption are different but form a unique pair. P = D [E (P) ]  Only one of the keys need to be private while the other can be public. 46
• 47. 47
• 48. Examples of Asymmetric Encryption Algorithm 3.6.2.1 Diffie-Hellman key exchange 48  The Diffie-Hellman key exchange (sometimes called an Exponential key exchange) is a protocol used to secretly share information with keys. With Diffie-Hellman, two parties can exchange certain public values, and then combine those with private values they never shared. The result is a third value, known only to the two parties. This third value is the Diffie-Hellman Shared Secret. Secure protocols, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS), Secure Shell (SSH), and Internet Protocol Security (IPsec), use Diffie- Hellman.
• 49. 49 3.6.2.1 Diffie-Hellman key exchange Example
• 50. 3.6.2.2 RSA Cryptosystem  RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, who first publicly described the algorithm in 1977.  RSA is one of the first practicable public-key cryptosystems and is widely used for secure data transmission.  One of the reasons that RSA is so popular is because it provides secrecy, authentication, and encryption all in one neat little package.  It is embedded in the SSL/TLS protocol which is used to provide communications security over a computer network.  In such a cryptosystem, the encryption key is public and differs from the decryption key which is kept secret.  In RSA, this asymmetry is based on the practical difficulty of factoring the product of two large prime numbers, the factoring problem.  RSA used for both public key encryption and digital signatures. 50
• 51. 3.6.2.2 RSA Cryptosystem cont……  Steps in RSA Key Generation (Algorithm) Encryption Decryption Digital signing Signature verification 51
• 52. 3.6.2.2 RSA Cryptosystem cont…… RSA- Key Generating Algorithm 1. Generate two large random primes, p and q (more than hundred digits). 2. Compute modulus (n) = pq and totient function (φ), phi = (p-1)(q-1), 3. Choose an integer e, 1 < e < φ, such that gcd(e, phi) = 1 4. Compute the secret exponent d, 1 < d < φ, such that d = e-1 mod φ , i.e. φ divides (ed-1) 5. The public key is (n, e) and the private key is (n, d).  Keep all the values d, p, q and φ secret  n is known as the modulus  e is known as the public exponent or encryption exponent  d is known as the secret exponent or decryption exponent. 52
• 53. 3.6.2.2 RSA Cryptosystem cont…… RSA- Encryption Sender A does the following  Obtains the recipient B's public key (n, e)  Represents the plaintext message as a positive integer m  Computes the ciphertext c = me mod n  Sends the ciphertext c to B RSA- Decryption Recipient B does the following  Uses his private key (n, d) to compute m = cd mod n  Extracts the plaintext from the message representative m 53
• 54. 3.6.2.2 RSA Cryptosystem cont…… RSA- Key Generation Simple Example 1. Select primes p=11, q=3. 2. n = pq = 11*3 = 33 phi = (p-1)(q-1) = 10*2 = 20 3. Choose e=3 Check gcd(e, p-1) = gcd(3, 10) = 1 (i.e. 3 and 10 are relatively prime - have no common factors except 1) and check gcd(e, q-1) = gcd(3, 2) = 1,therefore gcd(e, phi) = gcd(e, (p-1)(q-1)) = gcd(3, 20) = 1 4. Compute d (1<d<phi) such that d = e-1 mod phi = 3-1 mod 20 i.e. find a value for d such that phi divides ed-1 (20 divides 3d-1.) Simple testing (d = 2, 3 ...) gives d = 7 Check: ed-1 = 3*7 - 1 = 20, which is divisible by phi (20). 5. Public key = (n, e) = (33, 3) Private key = (n, d) = (33, 7). 54
• 55. 3.6.2.2 RSA Cryptosystem cont…… RSA- Encryption Example  Now say we want to encrypt the message m = 20 • c = me mod n = 203 mod 33 = 8000 mod 33 = 14 • Hence the ciphertext c = 14  To check decryption we compute • m = cd mod n = 147 mod 33 = 20 RSA- Decryption Example Given Public key = (n, e) = (33, 3) Private key = (n, d) = (33, 7) 55
• 56. 3.6.2.2 RSA Cryptosystem cont…… RSA Meaningful Example  Message: ATTACK AT SEVEN  Grouping the characters into blocks of three and computing a message representative integer for each block: x represents space  ATT ACK xAT xSE VEN  In the same way that a decimal number can be represented as the sum of powers of ten, e.g. 135 = 1 x 102 + 3 x 101 + 5, we could represent our blocks of three characters in base 26 using A=0, B=1, C=2, ..., Z=25,x=26. ATT = 0 x 262 + 19 x 261 + 19 = 513 ACK = 0 x 262 + 2 x 261 + 10 = 62 xAT = 26 x 262 + 0 x 261 + 19 = 17595 xSE = 26 x 262 + 18 x 261 + 4 = 18048 VEN = 21 x 262 + 4 x 261 + 13 = 14313 56
• 57. 3.6.2.2 RSA Cryptosystem cont…… RSA Meaningful Example 1. Let us "generate" primes p=137 and q=131 2. n = pq = 137*131 = 17,947 phi = (p-1)(q-1) = 136*130 = 17680 3. Select e = 3 check gcd(e, p-1) = gcd(3, 136) = 1, OK and check gcd(e, q-1) = gcd(3, 130) = 1, OK. 4. Compute d = e-1 mod phi = 3-1 mod 17680 = 11787. 1. d = e-1 mod phi , i.e. phi divides (ed-1) 5. Hence 1. public key, (n, e) = (17947, 3) and 2. private key (n, d) = (17947, 11787). 57
• 58. 3.6.2.2 RSA Cryptosystem cont……  To encrypt the first integer that represents "ATT“ (513), we have  c = me mod n = 5133 mod 17947 = 8363  We can verify that our private key is valid by decrypting  m = cd mod n = 836311787 mod 17947 = 513  Overall, our plaintext is represented by the set of integers m  (513, 62, 17595, 18048, 14313)  We compute corresponding cipher text integers c = me mod n  (8363, 5017, 14949, 7322, 13366)  The disadvantages of public key cryptography • It involves high computational requirements. • It is slower than symmetric key cryptography. 58 Given Public key = (n, e) = (17947, 3) Private key = (n, d) = (17947, 11787) RSA-Meaningful Example – Encryption/Decryption
• 59. 3.6.3 Digital Signature Digital signing: is a mathematical technique which validates the authenticity and integrity of a message, software or digital documents. It allows us to verify the author name, date and time of signatures, and authenticate the message contents. The digital signature offers far more inherent security and intended to solve the problem of tampering and impersonation (Intentionally copy another person's characteristics) in digital communications. 59 3.6.3.1 Digital Signature: Using Public key  Sender A does the following • Creates a message digest of the information to be sent • Represents this digest as an integer m between 0 and n-1 • Uses her private key (n, d) to compute the signature s = md mod n. • Sends this signature s to the recipient, B.
• 60. Digital Signature: Using Public key  Recipient B does the following • Uses sender A's public key (n, e) to compute integer v = se mod n • Extracts the message digest from this integer • Independently computes the message digest of the information that has been signed • If both message digests are identical, the signature is valid RSA- Signature verification 60
• 61. Digital Signature Example 61 Alice chooses p = 11 , q = 23, e = 3. She obtains n = 253, d = 147. Alice's public key is (253,3). Her private key is (253, 147). Alice wants to obtain \$ 111 from an automated teller machine. She signs 111. She computes The cash dispenser computes The machine knows that Alice wants to withdraw \$ 111 and it can also prove it to third parties. 3.6.3.2 Digital Signature Using Message Digest  A message digest (also known as a cryptographic checksum or cryptographic hashcode) is nothing more than a number - a special number that is effectively a hashcode produced by a function that is very difficult to reverse.  Hashing is a tool that ensures data integrity by taking binary data the message and producing a fixed-length representation called the hash value or message digest.  Message digests are also called one-way hash functions because they produce values that are difficult to invert, resistant to attack, effectively unique, and widely distributed. Here is a sampling of more popular functions:
• 62. 3.6.3.2.1 Message digest 5 (MD5) algorithm  There are many modern hashing algorithms widely used today. Two of the most popular are MD5 and SHA. MD2, MD4, MD5 These were all developed by Ronald Rivest. In 1992  MD5 is used in SSL and in Microsoft’s Authenticode technology and several Internet applications use it today.  MD5 is a one-way function that makes it easy to compute a hash from the given input data but makes it very difficult to compute input data from a hash value. MD5 produces a 128-bit hash value.  However, the Flame malware compromised the security of MD5 in 2012. The authors of the Flame malware used an MD5 collision to forge a Windows code-signing certificate. 3.6.3.2.2 Secure hash algorithm (SHA)  The U.S. National Institute of Standards and Technology (NIST) developed SHA, the algorithm specified in the Secure Hash Standard (SHS). NIST published SHA-1 in 1994. SHA-2 replaced SHA-1 with four additional hash functions to make up the SHA family:  SHA-224 (224 bit), SHA-256 (256 bit), SHA-384 (384 bit), SHA-512 (512 bit).  SHA-2 is a stronger algorithm, and it is replacing MD5. SHA-256, SHA-384 and SHA-512 are the next-generation algorithms 62
• 63. 3.6.3.2.3 RIPEMD  RIPEMD(RACE Integrity Primitives Evaluation Message Digest) is a group of hash function which is developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel in 1992. The development idea of RIPEMD is based on MD4 which in itself is a weak hash function. It is developed to work well with 32-bit processors. Types of RIPEMD:  RIPEMD-128  RIPEMD-160  RIPEMD-256  RIPEMD-320  RIPEMD-160 is a 160-bit cryptographic hash function. It is intended for use as a replacement for the 128-bit hash functions MD4, MD5, and RIPEMD  Using RIPEMD-160 when creating Bitcoin addresses reduces the address space  One important difference is that it is still considered unbroken 63
• 64. 3.6.4 Public key Infrastructure (PKI)  A PKI is a combination of policies, procedures and technology needed to manage digital certificates in a public key cryptography scheme.  A digital certificate is an electronic data structure that binds an entity, being an institution, a person, a computer program, a web address etc., to its public key.  People associate PKI with SSL or TLS. It is the technology which encrypts the server communication and is responsible for HTTPS and padlock that we can see in our browser address bar. PKI solve many numbers of cybersecurity problems and deserves a place in the organization security suite.  PKI can also be used to:  Enable Multi-Factor Authentication and access control  Create compliant, Trusted Digital Signatures.  Encrypt email communications and authenticate the sender's identity.  Digitally sign and protect the code.  Build identity and trust into IoT ecosystems. 64
• 65. 3.6.4 Public key Infrastructure (PKI) cont..  Digital certificates are used for secure communication, using public key cryptography, and digital signatures. The purpose of a PKI is to make sure that the certificate can be trusted.  A digital certificate is an electronic signature from one or more trusted third parties that guarantees the validity and authenticity of a public key.  This certificate is the digital identifying proof that confirms an entity is what it says it is, as passports are identity proofs for citizens. There are two trust models used in practice: "Web of Trust" and central "Certification Authority" based. 65
• 66. 3.6.4 Public key Infrastructure (PKI) cont..  Web of Trust:- The "Web of Trust" scheme is applicable in cases where certified entities are people.  In this case people can sign certificates of other people they personally know or whose identity they have verified by official documents at a physical meeting. Certification Authority  A Certification Authority (CA) is a trusted third party specialized in issuing and managing digital certificates.  A CA can issue a certificate to a client directly or, as it is often the case, authorize another entity to do so, thus creating a "certification chain". Using a central CA reduces the number of third parties necessary to verify a certificate and also ensures that proper professional procedures are followed. 66 End of Chapter III Any Question???