Đang tải... (xem toàn văn)
Security in Information Systems: Chapter 4 - Cryptography & Key Exchange Protocols includes CryptographyCryptography -related conceptsrelated concepts, Key channel for symmetric cryptosystems, Perfect encryption, Dolev-Yao threat model, Protocol “message authentication”, Protocol “challenge-response”, Public-key cryptosystems.
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline Cryptography-related concepts Key channel for symmetric cryptosystems Perfect encryption Dolev-Yao threat model Protocol “message authentication” Protocol “challenge-response” Public-key cryptosystems Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Cryptography-related concepts Plaintext is the original content which is readable as textual material Plaintext needs protecting Ciphertext is the result of encryption performed on plaintext using an algorithm Ciphertext is not readable Encryption is the process of turning plaintext into ciphertext, decryption is the inverse of the encryption Encryption, decryption process needs keys Cryptosystems = encryption + decryption algorithms Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Cryptosystems KeyE Plaintext Ciphertext Hello, ắôĐả This content is confidential ……………… … Encryption Cryptosystem Decryption ……………… … ……………… … … KeyD Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Cryptography-related concepts Symmetric (shared-/secret-key) cryptosystem: the same key for (en/de)cryption algorithms Asymmetric (public-key) cryptosystem: public & private keys for (en/de)cryption algorithms ke = kd ke ≠ kd Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Cryptography-related concepts (Most popular) Symmetric techniques: DES, AES The same key is used for both encryption and decryption Faster than encryption and decryption in public-key (PK) cryptosystems Less security comparing to encryption and decryption in PK cryptosystems Asymmetric techniques: RSA, DSA, Rabin, … Hybrid scheme: Asymmetric technique: for the key encryption Symmetric technique: for the data encryption TLS/SSL protocols: how they work? Homework Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Symmetric encryption techniques Most popular symmetric enryption techniques: DES, Tripple DES, AES DES: Data Encryption Standard A message is divided into 64-bit blocks Key: 56 bits Brute-force or exhaustive key search attacks (now: some hours) Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Symmetric encryption techniques Triple DES: run the DES algorithm a multiple number of times using different keys εk3 (Dk2 (εk1 (m))) Encryption: c Decryption: m Dk1 (εk2 (Dk3 (c))) The triple DES can also use three different keys Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Symmetric encryption techniques AES: Advanced Encryption Standard (Rijndael) Jan 2, 1997, NIST announced the initiation of a new symmetric-key block cipher algorithm, AES, as the new encryption standard to replace the DES Oct 2, 2000: Rijndael was selected Rijndael is designed by two Belgium cryptographers: Daemen and Rijmen Rijndael is a block cipher with a variable block size and variable key size The key size and the block size can be independently specified to 128, 192 or 256 bits Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Asymmetric encryption techniques RSA: named after inventors Rivest, Shamir Adleman Two keys: public key and private key Public key is used for encrytion Private key is used for decrytion Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 10 Protocol “challenge-response" Symmetric-key Authentication Protocol Needham and Schroeder which they published in 1978 Nonce: a number used once Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 43 NA/NB: Nonce created by Alice/Bob Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Bob Trent Alice Giao thức “Challenge-response” Alice creates NA at random and sends to Trent: Alice, Bob, NA Trent generates K at random and sends to Alice: {NA, K, Bob, {K, Alice}KBT}KAT Alice decrypts, checks her Naand Bob ‘s identity, sends to Bob: Trent, {K, Alice}KBT Bob decrypts, checks Alice’s ID, creates NB randomly and sends to Alice: {I’m Bob! NB}K Alice sends to Bob: {I’m Alice!NB-1}K Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 44 Protocol “challenge-response" An attack on the Needham-Schroeder symmetric key authentication protocol: Bob thinks he is sharing a new session key with Alice while actually the key is an old one and may be known to Malice Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 45 Bob Trent Alice “Challenge-response” protocol Malice 3’ Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Alice sends to Trent: Alice, Bob, NA Trent sends to Alice: {NA, K, Bob, {K, Alice}KBT}KAT Alice sends to Malice(“Bob”): Trent, {K, Alice}KBT 3’ Malice(“Alice”) sends to Bob: Trent, {K’, Alice}KBT Bob decrypts, checks Alice’s ID, creates NB randomly and sends to Malice(“Alice”): {I’m Bob! NB}K’ Malice(“Alice”) sends to Bob: {I’m Alice!NB-1}K’ Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 46 Protocol “challenge-response" Solutions: More message flows (between Bob & Trent) Timestamps Detailed discussions: 2.6.5 Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 47 Protocol “Challenge-response” with Timestamps Alice sends to Trent: Alice, Bob Trent sends to Alice: {Bob, K, T, {Alice, K, T}KBT}KAT Alice checks T and sends to Bob: {Alice, K, T}KBT Bob checks T and sends to Alice: {I’m Bob! NB}K Alice sends to Bob: {I’m Alice!NB-1}K Condition: |Clock – T| < ∆t1 + ∆t2 Clock: local clock T: timestamp at Trent ∆t1 , ∆t2 Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 48 Outline Cryptography-related concepts Key channel for symmetric cryptosystems Perfect encryption Dolev-Yao threat model Protocol “message authentication” Protocol “challenge-response” Public-key cryptosystems Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 49 Public-key Cryptosystems KA, K-1A: public & private keys of Alice Similarly: KB, K-1B , KT, K-1T, KM, K-1M {M}KA: encrypt M using public key KA {M}K-1A: sign on M by using private key K-1A Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 50 Bob Trent Alice Public-key Cryptosystems Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Alice sends to Trent: Alice, Bob Trent sends to Alice: {KB, Bob}K-1T Alice verifies Trent’s signature, creates NA at random and sends to Bob: {NA, Alice}KB Bob decrypts, checks Alice’s ID and sends to Trent: Bob, Alice Trent sends to Bob: {KA, Alice}K-1T Bob verifies Trent’s signature, creates NB and sends to Alice: {NA, NB}KA Alice decrypts and sends to Bob: {NB}KB Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 51 Public-key Cryptosystems An attack on public key authentication protocol Found after 17 years Result: Bob thinks he is sharing secrets NA, NB with Alice while actually sharing them with Malice Method: Malice makes use of Alice as she is trying to establish a connection with him (Alice provides an oracle service) Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 52 (3): {NA, Alice}KM Bob Alice Malice Public-key Cryptosystems (3’): {NA, Alice}KB (6’): {NA, NB}KA (6): {NA, NB}KA (7): {NB}KM First run between Alice & Malice Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 (7’): {NB}KB Second run between Malice(“Alice”) & Bob Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 53 Public-key Cryptosystems Malice may ask for a session key and Bob may believe that this request is from Alice Then, an example if Bob is a bank, Malice(“Alice”) sends to Bob the following command: ' {NA, NB, "Transfer £1B from my account to Malice's"}KB Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 54 Public-key Cryptosystems How to cope with this attack? Homework: see 2.6.6.4, 17.2.3 data integrity This is what we are using nowadays !! The Needham-Schroeder Public-key Authentication Protocol in Refined Specification Alice sends to Bob : {[NA, Alice]KA}KB; Bob sends to Alice : {NA, [NB]KB}KA; Alice sends to Bob : {[NB]KA}KB Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 55 Summary Cryptography-related concepts (symmetric/asymmetric techniques, digital signatures, PKI, …) Key channel establishment for symmetric cryptosystems Perfect encryption Dolev-Yao threat model Protocol “message authentication” Protocol “challenge-response“ Public-key cryptosystems Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 56 Q&A Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 57 ... … KeyD Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols Cryptography- related... Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 15 Outline Cryptography- related concepts Key channel for symmetric cryptosystems... Chi Minh City University of Technology Faculty of Computer Science and Engineering © 2011 Information Systems Security Chapter 2: Cryptography & Key Exchange Protocols 21 Outline Cryptography- related