Homework Assignment 03 Problems 1.1, 1.2, 1.4 shpark/VSU/CSCI451-...

Post on 24-Dec-2015

212 views 0 download


Transcript of Homework Assignment 03 Problems 1.1, 1.2, 1.4 shpark/VSU/CSCI451-...

CSCI 451 Computer Security – Fall 2011 1

Homework Assignment 03 Problems 1.1, 1.2, 1.4 http://people.cs.vt.edu/~shpark/VSU/CSCI451-



CSCI 451 Computer Security – Fall 2012 2

Cryptographic ToolsSung Hee Park

Computer Science

Dept. of Math & Computer Science

Virginia State University

Petersburg, VA 23806



Lecture Objective Understand the concept of cryptographic

algorithms Understand the concept of symmetric (secrete

key) encryption Understand the concept of public-key

(asymmetric) encryption Understand the concept of digital signatures and

key management Understand the concept of secure hash

functions8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Outline Cryptographic algorithms

Important element in security services Help achieve

Confidentiality Integrity Authenticity

Review various types of elements symmetric encryption secure hash functions

Message authentication

public-key (asymmetric) encryption digital signatures and key management

Examples8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Symmetric Encryption

Major elements Encryption algorithm Decryption algorithm Secret\ key (shared by sender and recipient) Plaintext input Plaintext output (ciphertext)

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Example – A classical but trial symmetric encryption algorithm Shift Cipher Secret key

An integer: k Encryption algorithm

c = (m + k) % n Decryption algorithm

m = (c – k) % n Example

n = 26 for English alphabet k = 3 Encrypt

Plaintext input the quick brown fox jumps over the lazy dog

Ciphertext output wkh txlfn eurzq ……

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


In-Class Exercise k = 8 Encrypt

Hurricane Irene shut down the university!

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012

CSCI 451 Computer Security – Fall 2011 8

Hurricane Irene shut down the university!


P}zzqkivm(Qzmvm({p}|(lwDELv(|pm(}vq~mz{q|start of heading)


Attacking Symmetric Encryption Cryptanalysis

Rely on nature of the algorithm Plus some knowledge of plaintext characteristics Even some sample plaintext-ciphertext pairs Exploits characteristics of algorithm to deduce specific

plaintext or key Brute-force attack

Try all possible keys on some ciphertext until get an intelligible translation into plaintext

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Cryptanalysis – Simple Example (1) English letter frequency

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Cryptanalysis – Simple Example (2) Alphabet: ASCII table Encrypt a large chunk of text using the shift

cipher Novel “Mobby Dick”

Based on letter frequency Much of the plaintext input can be recovered from the

cipher text

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Brute-force attack – Simple Example Alphabet: ASCII table Encrypt a large chunk of text using the shift

cipher Novel “Mobby Dick”

Try key 1, 2, …, alphabet size – 1, until the result makes sense

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Exhaustive Key Search

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Symmetric Encryption Algorithms

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


DES and Triple-DES Data Encryption Standard (DES) is the most

widely used encryption scheme Uses 64 bit plaintext block and 56 bit key to produce a

64 bit ciphertext block Concerns about algorithm & use of 56-bit key

Triple-DES Repeats basic DES algorithm three times Using either two or three unique keys Much more secure but also much slower

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Advanced Encryption Standard (AES) Needed a better replacement for DES NIST called for proposals in 1997 Selected Rijndael in Nov 2001 Published as FIPS 197 Symmetric block cipher Uses 128 bit data & 128/192/256 bit keys Now widely available commercially

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Block verses Stream Ciphers

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Summary Introduced cryptographic algorithms Symmetric encryption algorithms for


8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012

CSCI 451 Computer Security – Fall 2011 19

In-Class Activity Find a standard publication regarding Data

Encryption Standard (DES) on the Internet. Answer the questions below.

1. Standard recommendation number? 2. Which institution proposed DES? 3. What does FIPS stands for? 4. In this document, what else algorithm has been

proposed other than DES?



Message Authentication Protects against active attacks

whereas Encryption against passive attacks (Eavesdropping)

Verifies received message is authentic contents unaltered from authentic source timely and in correct sequence

Can use conventional encryption only sender & receiver have shared key needed

Or separate authentication mechanisms append authentication tag to cleartext message

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Message Authentication Codes(MAC)

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012

16-,32-bit code


CSCI 451 Computer Security – Fall 2012 22

Homework Assignment 04-Implement Shift Cipher https://blackboard.vsu.edu/bbcswebdav/pid-246




One-way Hash Functions: Alternative to the MAC

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012



Message Authen-tification

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012

Message Digest


Hash Function Requirements(Very Important) Applied to any size data H produces a fixed-length output. H(x) is relatively easy to compute for any given x One-way property

computationally infeasible to find x such that H(x) = h Weak collision resistance

computationally infeasible to find y ≠ x such thatH(y) = H(x)

Strong collision resistance computationally infeasible to find any pair (x, y) such

that H(x) = H(y)8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Hash Functions two attack approaches

cryptanalysis exploit logical weakness in alg

brute-force attack trial many inputs strength proportional to size of hash code (2n/2)

SHA most widely used hash algorithm SHA-1 gives 160-bit hash more recent SHA-256, SHA-384, SHA-512 provide

improved size and security

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012

CSCI 451 Computer Security – Fall 2011 27

Secure Hash Algorithm(SHA-1)


Source: FIPS PUB 180-1, Secure Hash Algorithm, http://www.itl.nist.gov/fipspubs/fip180-1.htm, Retrieved

September 5, 2012

CSCI 451 Computer Security – Fall 2011 28

In-Class Exercise Find a standard recommendation document regarding the

latest Secure Hash Algorithm(SHA) on the Internet: NIST, FIPS PUB 180-2: Secure Hash Function, http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf.

Read the first page of the publication and answer the questions below. (10pts) 1. Name of Standard? (20pts) 2. One-way hash functions can process a message to

produce a condensed representation. What is the condensed representation called?

(30pts) 3. What bit ranges do SHAs’ output have? (40pts) 4. Secure hash algorithms are typically used with several

cryptographic algorithms. Give at least two examples among those algorithms?



Public Key Encryption (Asymmetric Encryption)

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Public Key Authentication

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Public Key Requirements1. computationally easy to create key pairs2. computationally easy for sender knowing

public key to encrypt messages3. computationally easy for receiver

knowing private key to decrypt ciphertext

4. computationally infeasible for opponent to determine private key from public key

5. computationally infeasible for opponent to otherwise recover original message

6. useful if either key can be used for each role

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Public Key Algorithms RSA (Rivest, Shamir, Adleman)

developed in 1977 only widely accepted public-key encryption alg given tech advances need 1024+ bit keys

Diffie-Hellman key exchange algorithm only allows exchange of a secret key

Digital Signature Standard (DSS) provides only a digital signature function with SHA-1

Elliptic curve cryptography (ECC) new, security like RSA, but with much smaller keys

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Public Key Certificates

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Digital Envelopes

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Random Numbers random numbers have a range of uses requirements: randomness

based on statistical tests for uniform distribution and independence

unpredictability successive values not related to previous clearly true for truly random numbers but more commonly use generator

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Pseudorandom verses Random Numbers often use algorithmic technique to create

pseudorandom numbers which satisfy statistical randomness tests but likely to be predictable

true random number generators use a nondeterministic source e.g. radiation, gas discharge, leaky capacitors increasingly provided on modern processors

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Practical Application: Encryption of Stored Data

common to encrypt transmitted data much less common for stored data

which can be copied, backed up, recovered approaches to encrypt stored data:

back-end appliance library based tape encryption background laptop/PC data encryption

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012


Summary introduced cryptographic algorithms symmetric encryption algorithms for

confidentiality message authentication & hash functions public-key encryption digital signatures and key management random numbers

8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012

CSCI 451 Computer Security – Fall 2011 39

In-Class Activity Download putty.exe from the link to


Try to connect blackwell manchine Hostname: blackwell.mathcs.vsu.edu Username: firstnamelastname Password: your VSU #ID


CSCI 451 Computer Security – Fall 2011 40

In-Class Activity Example for creating encrypted private key

and self-signed certificate for the CA.

openssl req -new -x509 -keyout private/cakey.pem -out cacert.pem -days 365 -config openssl.cnf

Locate openssl.cnf Cp <path> . openssl req -new -x509 -keyout

private/cakey.pem -out cacert.pem -days 365 -config openssl.cnf


CSCI 451 Computer Security – Fall 2011 41

Example of CertificateCertificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: md5WithRSAEncryption Issuer: C=FJ, ST=Fiji, L=Suva, O=SOPAC, OU=ICT, CN=SOPAC Root CA/Email=administrator@sopac.org Validity Not Before: Nov 20 05:47:44 2001 GMT Not After : Nov 20 05:47:44 2002 GMT Subject: C=FJ, ST=Fiji, L=Suva, O=SOPAC, OU=ICT, CN=www.sopac.org/Email=administrator@sopac.org Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:ba:54:2c:ab:88:74:aa:6b:35:a5:a9:c1:d0:5a: 9b:fb:6b:b5:71:bc:ef:d3:ab:15:cc:5b:75:73:36: b8:01:d1:59:3f:c1:88:c0:33:91:04:f1:bf:1a:b4: 7a:c8:39:c2:89:1f:87:0f:91:19:81:09:46:0c:86: 08:d8:75:c4:6f:5a:98:4a:f9:f8:f7:38:24:fc:bd: 94:24:37:ab:f1:1c:d8:91:ee:fb:1b:9f:88:ba:25: da:f6:21:7f:04:32:35:17:3d:36:1c:fb:b7:32:9e: 42:af:77:b6:25:1c:59:69:af:be:00:a1:f8:b0:1a: 6c:14:e2:ae:62:e7:6b:30:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: FE:04:46:ED:A0:15:BE:C1:4B:59:03:F8:2D:0D:ED:2A:E0:ED:F9:2F X509v3 Authority Key Identifier: keyid:E6:12:7C:3D:A1:02:E5:BA:1F:DA:9E:37:BE:E3:45:3E:9B:AE:E5:A6 DirName:/C=FJ/ST=Fiji/L=Suva/O=SOPAC/OU=ICT/CN=SOPAC Root CA/Email=administrator@sopac.org serial:00


CSCI 451 Computer Security – Fall 2011 42

Example of Certificate Signature Algorithm: md5WithRSAEncryption
































CSCI 451 Computer Security – Fall 2011 43

In-Class Activity Example for a user to generating the

certificate request to be signed by the CA openssl req -nodes -new -x509 -keyout

csci451privatekey.pem -out csci451req.pem -days 365 -config openssl.cnf


CSCI 451 Computer Security – Fall 2011 44

Parameters -new

this option generates a new certificate request. It will prompt the user for the relevant field values. The actual fields prompted for and their maximum and minimum sizes are specified in the configuration file and any requested extensions.

If the -key option is not used it will generate a new RSA private key using information specified in the configuration file.


CSCI 451 Computer Security – Fall 2011 45

-x509 this option outputs a self signed certificate instead of

a certificate request. This is typically used to generate a test certificate or a self signed root CA. The extensions added to the certificate (if any) are specified in the configuration file.

-keyout filename this gives the filename to write the newly created

private key to. If this option is not specified then the filename present in the configuration file is used.


CSCI 451 Computer Security – Fall 2011 46

-out filename This specifies the output filename to write to or standard

output by default. In this case, the output file will contain the self-signed certificate.

-days n when the -x509 option is being used this specifies the

number of days to certify the certificate for. The default is 30 days.

-config filename this allows an alternative configuration file to be specified,

this overrides the compile time filename or any specified in the OPENSSL_CONF environment variable.


CSCI 451 Computer Security – Fall 2011 47

In-Class Activity Generate certificate request openssl x509 -x509toreq -in csci451req.pem -

signkey csci451privatekey.pem -out csci451certrequest.pem


CSCI 451 Computer Security – Fall 2011 48

Parameters -x509toreq

converts a certificate into a certificate request. The -signkeyoption is used to pass the required private key.

-in filename

This specifies the input filename to read a certificate from orstandard input if this option is not specified. Here cs691req.pem is the certificate generated by the previous req command.

-out filename

This specifies the output filename to write to or standard outputby default. Here the output file contains the certificate request generated.

-signkey filename


CSCI 451 Computer Security – Fall 2011 49

Parameters this option causes the input file to be self signed using the

supplied private key. Here we used the private key of CS691 to sign the certificate request.

If the input file is a certificate it sets the issuer name to thesubject name (i.e. makes it self signed) changes the public key tothe supplied value and changes the start and end dates. The startdate is set to the current time and the end date is set to a valuedetermined by the -days option. Any certificate extensions areretained unless the -clrext option is supplied.

If the input is a certificate request then a self signedcertificate is created using the supplied private key using thesubject name in the request.


CSCI 451 Computer Security – Fall 2011 50

In-Class Activity CA sign certificate request openssl ca -config openssl.cnf -policy

policy_anything -out csci451signedcert.pem -infiles csci451certrequest.pem


CSCI 451 Computer Security – Fall 2011 51

In-Class Activity to generate the public key from the private key. openssl rsa -in csci451privatekey.pem -

passin pass:cs03se -pubout -out csci451publickey.pem


CSCI 451 Computer Security – Fall 2011 52

In-Class Activity # create, sign, and verify message digest

openssl sha1 -out digest.txt plain.txt Given the plain.txt, the above command

generates the SHA-1 based message digest in digest.txt file.



CSCI 451 Computer Security – Fall 2011 53

In-Class Activity openssl sha1 -sign csci451privatekey.pem -out

rsasign.bin plain.txt Given the plain.txt, the above command

generates the SHA-1 based hash and then sign it with the private key of CSCI451. The signed hash is save in rsasign.bin (binary data) file.


CSCI 451 Computer Security – Fall 2011 54

In-Class Activity openssl sha1 -verify csci451publickey.pem -

signature rsasign.bin plain.txt Given the plain.txt and the signed hash

received, the above command verified if it is indeed signed by CSCI451 using its public key and indeed the hash is correct.

[csci451@blackwell spark]$ openssl sha1 -verify csci451publickey.pem -signature rsasign.bin plain.txtVerified OK
