Đang tải... (xem toàn văn)
Chapter 5 (part 1) include objectives: Explain general cryptography concepts, explain basic hashing concepts, basic encryption concepts, explain and implement protocols, explain core concepts of public key cryptography.
Cryptography Basics Objectives v Explain general cryptography concepts v Explain basic hashing concepts v Basic encryption concepts v Explain and implement protocols v Explain core concepts of public key cryptography Cryptography v Cryptography – science of encrypting information v “scrambles” (xáo trộn) data so only authorized parties can “unscramble” and read data using two methods v v v Can substitute – change one letter with a different letter (thay thế) Can transpose – scramble the order of letters, without actually changing one for another (chuyển vị) The best cryptosystems both substitute and transpose Basic Idea Cryptographic Terminology v Cryptography - a method of storing and transmitting data in a form only intended for authorized parties to read or process v Cryptanalysis (phân tích mật mã) - science of studying, breaking, and reverse engineering algorithms and keys v Encryption (mã hóa)– the method of transforming data (plaintext) into an unreadable format v Plain text (cleartext): dữ liệu gốc – the format (usually readable) of data before being encrypted v Cipher text (dữ liệu mã hóa) – the “Scrambled” format of data after being encrypted Cryptographic Terminology v Decryption (giải mã) – the method of turning cipher text back into plain text v Encryption algorithm – a set or rules or procedures that dictates how to encrypt and decrypt data Also called an encryption “cipher” v Key – (crypto variable) a values used in the encryption process to encrypt and decrypt Cryptographic Terminology v Key space (không gian khóa) – the range of possible values used to construct keys v example: v if a key can be digits (0-9) v key space = 10,000 (0000 – 9999) v if it can be digits v key space = 1,000,000 (000,000 – 999,999) v Key Clustering – Instance when two different keys generate the same cipher text from the same plaintext v Work factor – estimated time and resources to break a cryptosystem Các mục tiêu mã hóa confidentiality/privacy (Tính bí mật) Integrity (Tính tồn vẹn) Authentication (Tính xác thực) nonrepudiation (Tính khơng chối bỏ) Cryptography History v Romans used a shift cipher called a “CEASAR” cipher Shift Ciphers simply shift characters in an alphabet ROT13 / shift cipher http://www.rot13.com Normal use of Hash Hash MiM attack (phase 1) Hash MiM attack (phase 2) HMAC v Hash-based Message Authentication Code HMAC function hmac (key, message) if (length(key) > blocksize) then key = hash(key) // keys longer than blocksize are shortened end if if (length(key) < blocksize) then key = key ∥ zeroes(blocksize length(key)) // keys shorter than blocksize are zero-padded end if Hash algorithms – SHA v Secure Hash Algorithm v Designed/Published by NIST and NSA v Designed for use in the DSS v Modeled after MD4 v SHA-1 (SHA-160) – 160 bit digest v 512 bit blocks v SHA-256 – 256 bit digest v 512 bit blocks v SHA-384 – 384 bit digest v 1024 bit blocks MD2 v Developed by Ronald Rivest (of RC and RSA fame) v Optimized to run on bit computers v 128 bit digest v 128 bit blocks MD4 v Optimized for 32 bit computers v 128 bit digest v Collisions can be found in under minute on a PC ;( MD5 v Similar to MD4, but more secure v Slower and more secure v 128 bit digest v 512 bit blocks v Was part of the NTLM authentication protocol v Collisions in hours on a PC v Moving away from, to SHA Hash overview v Know what a hash is v Concept v Fixed length digest v What is a hash used for v Know what a collision is v Know it’s susceptible to MiM v Know what HMAC is, and what it tries to accomplish v Be familiar with MDx, and SHA-x v Understand that SHA is considered the best algorithm Digital Signatures Digital Signing Digital Signing v Generally when I digital sign something I don’t encrypt the whole message Instead v Run message through hash algorithm, generated message digest v Sign the “message digest” v Send both the original message and the encrypted message digest Digital Signing v Provides v Integrity v Non repudiation v NOT confidentiality Digital Signing ... to securely communicate v # keys = (n*(n-1)) / v = (5* 4)/2 = 10 keys v 10 = (10*9)/2 = 45 keys v 100 = (100*99)/2 = 4 950 keys v 1000 = (1000*999)/2 = 49 950 0 keys Symmetric Algorithms – DES v Data... general cryptography concepts v Explain basic hashing concepts v Basic encryption concepts v Explain and implement protocols v Explain core concepts of public key cryptography Cryptography v Cryptography. .. changing one for another (chuyển vị) The best cryptosystems both substitute and transpose Basic Idea Cryptographic Terminology v Cryptography - a method of storing and transmitting data in a form