The contents of this chapter include all of the following: Symmetric ciphers, asymmetric ciphers, cryptographic data integrity algorithms, mutual trust, network security and internet security, system security, legal and ethical issues.
Data Security and Encryption (CSE348) Revision Lectures 1-15 Course Outline Part One: Symmetric Ciphers: Provides a survey of symmetric encryption, including classical and modern algorithms The emphasis is on the two most important algorithms, the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES).This part also covers the most important stream encryption algorithm,RC4,and the important topic of pseudorandom number generation Course Outline Part Two: Asymmetric Ciphers: Provides a survey of public-key algorithms, including RSA (Rivest-Shamir-Adelman) and elliptic curve Course Outline Part Three: Cryptographic Data Integrity Algorithms: Begins with a survey of cryptographic hash functions This part then covers two approaches to data integrity that rely on cryptographic hash functions: message authentication codes and digital signatures Course Outline Part Four: Mutual Trust: Covers key management and key distribution topics and then covers user authentication techniques Course Outline Part Five: Network Security and Internet Security: Examines the use of cryptographic algorithms and security protocols to provide security over networks and the Internet Topics covered include transport-level security, wireless network security, e-mail security, and IP security Course Outline Part Six: System Security: Deals with security facilities designed to protect a computer system from security threats, including intruders, viruses, and worms This part also looks at firewall technology Course Outline Part Seven: Legal and Ethical Issues: Deals with the legal and ethical issues related to computer and network security Computer Security • Protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) 10 Why Public-Key Cryptography? • • Developed to address two key issues: – key distribution – how to have secure communications in general without having to trust a KDC with your key – digital signatures – how to verify a message comes intact from the claimed sender Public invention due to Whitfield Diffie & Martin Hellman at Stanford Uni in 1976 – known earlier in classified community 109 Public-Key Cryptography • • • • Asymmetric algorithms rely on one key for encryption And a different but related key for decryption These algorithms have the following important characteristic It is computationally infeasible to determine the 110 decryption key Public-Key Cryptography • • • Given only knowledge of the cryptographic algorithm and the encryption key In addition, some algorithms, such as RSA, also exhibit the following characteristic Either of the two related keys can be used for encryption, with the other used for decryption 111 Public-Key Cryptography • • Anyone knowing the public key can encrypt messages or verify signatures But cannot decrypt messages or create signatures, thanks to some clever use of number theory 112 Public-Key Cryptography • Public-key/two-key/asymmetric cryptography involves the use of two keys: – a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures – a related private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures • Infeasible to determine private key from public • is asymmetric because – those who encrypt messages or verify signatures cannot decrypt messages or create signatures 113 Public-Key Cryptography 114 Public-Key Cryptography • • • • Stallings Figure 9.1a “Public-Key Cryptography”, Shows that a public-key encryption scheme has six ingredients: Plaintext: the readable message /data fed into the algorithm as input Encryption algorithm: performs various transformations on the plaintext 115 Public-Key Cryptography • • Public and private keys: a pair of keys selected so that if one is used for encryption, the other is used for decryption The exact transformations performed by the algorithm depend on the public or private key that is provided as input 116 Public-Key Cryptography • • • Ciphertext: the scrambled message produced as output It depends on the plaintext and the key For a given message, two different keys will produce two different ciphertexts 117 Public-Key Cryptography • • Decryption algorithm: accepts the ciphertext and matching key And produces the original plaintext 118 Public-Key Cryptography • • • • Consider the following analogy using padlocked boxes Traditional schemes involve the sender putting a message in a box and locking it Sending that to the receiver And somehow securely also sending them the key to unlock the box 119 Public-Key Cryptography • • • The radical advance in public key schemes was to turn this around The receiver sends an unlocked box (their public key) to the sender Who puts the message in the box and locks it 120 Public-Key Cryptography • • • Easy - and having locked it cannot get at the message And sends the locked box to the receiver who can unlock it (also easy), having the (private) key An attacker would have to pick the lock on the box (hard) 121 Symmetric vs Public-Key 122 Revision Lectures 1-15 123 ... provide security over networks and the Internet Topics covered include transport-level security, wireless network security, e-mail security, and IP security Course Outline Part Six: System Security: ... algorithms, the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES).This part also covers the most important stream encryption algorithm,RC4 ,and the important topic of pseudorandom... distribution topics and then covers user authentication techniques Course Outline Part Five: Network Security and Internet Security: Examines the use of cryptographic algorithms and security protocols