Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are...
-
Upload
gordon-martin -
Category
Documents
-
view
231 -
download
1
Transcript of Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are...
![Page 1: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/1.jpg)
SE571Security in Computing
Chap 2: Elementary Cryptography
![Page 2: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/2.jpg)
SE571 Security in Computing Dr. Ogara2
Chap 2 Examines… Concepts of encryption Cryptanalysis: how encryption systems are
“broken” Symmetric (secret key) encryption and the
DES and AES algorithms Asymmetric (public key) encryption and
the RSA algorithm Key exchange protocols and certificates Digital signatures Cryptographic hash functions
![Page 3: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/3.jpg)
SE571 Security in Computing Dr. Ogara3
Common Terminologies Cryptography - practice and study of
hiding information/using encryption to conceal text
Cryptoanalysis - to find some weakness or insecurity in a cryptographic scheme
Cryptology - research into and study of encryption and decryption; it includes both cryptography and cryptanalysis
![Page 4: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/4.jpg)
SE571 Security in Computing Dr. Ogara4
Common Terminologies Decryption – the method of turning
cipher text back into plaintext Encryption algorithm – set of rules or
procedures that dictates how to encrypt and decrypt data, also called an encryption cipher
Encryption – method of transforming data (plaintext) into an unreadable format
Plaintext – the format(usually readable) of data before encrypted
![Page 5: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/5.jpg)
SE571 Security in Computing Dr. Ogara5
Common Terminologies Ciphertext – the scrambled format of
data after being encrypted Key – a value used in the encryption
process to encrypt and decrypt/ also called cryptovariable
![Page 6: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/6.jpg)
SE571 Security in Computing Dr. Ogara6
Encryption
![Page 7: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/7.jpg)
SE571 Security in Computing Dr. Ogara7
Symmetric Encryption Uses one key for both encryption and
decryption Receiver and sender share same key
(private key) to lock and unlock Also called private key encryption Must securely distribute keys to other
parties
![Page 8: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/8.jpg)
SE571 Security in Computing Dr. Ogara8
Symmetric Encryption Anyone with key can either encrypt
or decrypt (similar to password) Very fast to encrypt or decrypt Provides authentication as long as
key remains secret Problem
• How do A and B obtain their shared secret key?
• Key distribution is e.g. n users communicating in pairs need n*(n-1)/2 keys
![Page 9: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/9.jpg)
SE571 Security in Computing Dr. Ogara9
Asymmetric Encryption Receiver and sender have two keys –
public and private Public key can be sent in an e-mail
message or posted in a public directory
Public key used to encrypt and private key to decrypt or vise-versa
Requires a lot of resources
![Page 10: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/10.jpg)
SE571 Security in Computing Dr. Ogara10
Asymmetric and Symmetric Encryption
Secret Key (Symmetric)
Public Key (Asymmetric)
No. of keys 1 2
Protection of keys
Must be kept secret One key must be kept secret; the other can be freely exposed
Best uses Cryptographic workhorse; secrecy and integrity of data—single characters to blocks of data, messages, files
Key exchange, authentication
Key distribution
Must be out-of-band Public key can be used to distribute other keys
Speed Fast Slow
![Page 11: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/11.jpg)
SE571 Security in Computing Dr. Ogara11
Encryption
![Page 12: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/12.jpg)
SE571 Security in Computing Dr. Ogara12
Cryptanalysis attempts to do six things…
break a single message recognize patterns in encrypted
messages, to be able to break subsequent ones by applying a straightforward decryption algorithm
infer some meaning without even breaking the encryption, such as noticing an unusual frequency of communication or determining something by whether the communication was short or long
![Page 13: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/13.jpg)
SE571 Security in Computing Dr. Ogara13
Cryptanalysis attempts to do six things…
deduce the key, to break subsequent messages easily
find weaknesses in the implementation or environment of use of encryption
find general weaknesses in an encryption algorithm, without necessarily having intercepted any messages
![Page 14: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/14.jpg)
SE571 Security in Computing Dr. Ogara14
Forms of Ciphers Confusion (substitution)
• One letter is exchanged for another• Basis of many cryptographic algorithms used
for diplomatic communication through the first half of the twentieth century
• Basis for some widely used commercial-grade encryption algorithms
• Examples: Ceasar cipher One-Time Pad The Vernam cipher
![Page 15: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/15.jpg)
SE571 Security in Computing Dr. Ogara15
Forms of Ciphers Diffusion (Transposition)
• Order of the letters is rearranged• Basis for some widely used commercial-
grade encryption algorithms• Goal - widely spread the information from
the message or the key across the ciphertext (diffusion)
• Also known as permutation (rearrangement of symbols of a message)
![Page 16: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/16.jpg)
SE571 Security in Computing Dr. Ogara16
Ceasar cipher Romans used a shift cipher called
Ceasar cipher Shift ciphers simply shift characters in
an alphabet
Advantages• Easy to memorize and implement
Disadvantage• Pattern is obvious
![Page 17: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/17.jpg)
SE571 Security in Computing Dr. Ogara17
One-Time Pads Large, non-repeating set of keys is
written on sheets of paper, glued together into a pad
Requires a prearranged chart called Vigenere table (contains 26 letters in each column in some scrambled order)
Receiver needs a pad similar to the sender
![Page 18: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/18.jpg)
SE571 Security in Computing Dr. Ogara18
One-Time Pads Example:
• Message has 300 characters in length • Keys are 20 characters long• Sender needs 15 pages of keys• Sender writes keys one at a time above the
letters of plain text • Sender encipher plain text with Vigenere
chart• Receiver uses appropriate number of keys
to decipher message
![Page 19: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/19.jpg)
SE571 Security in Computing Dr. Ogara19
One-Time Pads Problems
• Requires absolute synchronization between sender and receiver
• Difficult to store and account for the keys
![Page 20: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/20.jpg)
SE571 Security in Computing Dr. Ogara20
The Vernam Cipher Developed by Gilbert Vernam for AT&T Is immune to most cryptanalytic attacks Uses long non-repeating sequence of
numbers that are combined with the plaintext Used long punched paper tape that fed into a
teletype machine Tape contained random numbers that were
combined with characters typed into the teletype
sequence of random numbers had no repeats, and each tape was used only once
![Page 21: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/21.jpg)
SE571 Security in Computing Dr. Ogara21
The Vernam Cipher
![Page 22: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/22.jpg)
SE571 Security in Computing Dr. Ogara22
The Vernam Cipher - Example
Plain text - VERNAM CIPHER Ciphertext - tahrsp itxmab
![Page 23: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/23.jpg)
SE571 Security in Computing Dr. Ogara23
Columnar Transposition Plaintext characters are rearranged
into columns Example:
• Plain text - THIS IS A MESSAGE TO SHOW HOW A COLUMNAR TRANSPOSITION WORKS
• Ciphertext - tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc nasns
![Page 24: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/24.jpg)
SE571 Security in Computing Dr. Ogara24
Columnar Transposition
![Page 25: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/25.jpg)
SE571 Security in Computing Dr. Ogara25
Characteristics of Good Ciphers
The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption
The set of keys and the enciphering algorithm should be free from complexity
![Page 26: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/26.jpg)
SE571 Security in Computing Dr. Ogara26
Characteristics of Good Ciphers
The implementation of the process should be as simple as possible
Errors in ciphering should not propagate and cause corruption of further information in the message
The size of the enciphered text should be no larger than the text of the original message
![Page 27: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/27.jpg)
SE571 Security in Computing Dr. Ogara27
Properties of Trustworthy Encryption Systems
It is based on sound mathematics It has been analyzed by competent
experts and found to be sound It has stood the test of time
![Page 28: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/28.jpg)
SE571 Security in Computing Dr. Ogara28
Stream and Block Ciphers Stream ciphers - encrypt one bit or
character or symbol of plaintext into bit or symbol of Ciphertext at a time e.g. diffusion
Block ciphers encrypt a group of plaintext symbols as one block e.g. columnar transposition
Block ciphers can effectively act as a stream cipher
![Page 29: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/29.jpg)
SE571 Security in Computing Dr. Ogara29
Stream and Block CiphersStream ciphers
Block ciphers
![Page 30: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/30.jpg)
SE571 Security in Computing Dr. Ogara30
Advantages of Stream Ciphers
Speed of transformation - the time to encrypt a symbol depends only on the encryption algorithm itself, not on the time it takes to receive more plaintext
Low error propagation - error in the encryption process affects only a character
![Page 31: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/31.jpg)
SE571 Security in Computing Dr. Ogara31
Disdvantages of Stream Ciphers
Low diffusion - Each symbol is separately enciphered. Therefore, all the information of that symbol is contained in one symbol of the ciphertext.
Susceptibility to malicious insertions and modifications - Because each symbol is separately enciphered, an active interceptor who has broken the code can splice together pieces of previous messages and transmit a spurious new message that may look authentic.
![Page 32: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/32.jpg)
SE571 Security in Computing Dr. Ogara32
Advantages of Block Ciphers High diffusion - Information from the
plaintext is diffused into several ciphertext symbols. One ciphertext block may depend on several plaintext letters
Immunity to insertion of symbols - Because blocks of symbols are enciphered, it is impossible to insert a single symbol into one block. The length of the block would then be incorrect, and the decipherment would quickly reveal the insertion
![Page 33: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/33.jpg)
SE571 Security in Computing Dr. Ogara33
Disdvantages of Block Ciphers
Slowness of encryption - The person or machine using a block cipher must wait until an entire block of plaintext symbols has been received before starting the encryption process
Error propagation - An error will affect the transformation of all other characters in the same block
![Page 34: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/34.jpg)
SE571 Security in Computing Dr. Ogara34
Three commonly used encryption schemes
DES – Data Encryption Standards AES – Advanced Encryption
Standards RSA – Rives-Shamir-Adelman
Encryption
![Page 35: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/35.jpg)
SE571 Security in Computing Dr. Ogara35
DES Developed by U.S government for
general public (adopted in 1976) Based on data encryption algorithm
developed by IBM Combines two fundamental building
blocks of encryption – substitution and transposition
Uses only standard arithmetic and logical operations on numbers up to 64 bits long
![Page 36: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/36.jpg)
SE571 Security in Computing Dr. Ogara36
Double and Tripple DES Lack of trust with DES 56-bit key length Development of double encryption for
greater secrecy Two keys perform two encryptions thus
making it hard to unlock [C=E(k2, E(k1,m))]
Unfortunately the assumption is false Three keys adds significant strength [C
= E(k3, E(k2, E(k1,m)))]
![Page 37: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/37.jpg)
SE571 Security in Computing Dr. Ogara37
Double and Tripple DES 1997 researchers using over 3,500
machines in parallel were able to infer a DES key in four months’ work
1998 for approximately $100,000, researchers built a special “DES cracker” machine that could find a DES key in approximately four days
Hence need for better and stronger algorithm
![Page 38: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/38.jpg)
SE571 Security in Computing Dr. Ogara38
AES Algorithm is called Rijndael – named
after the two creators (Vincent Rijmen and Joan Daemen)
Adopted in 2001 Uses substitution; transposition; and
the shift, exclusive OR, and addition operations
Keys based on 128, 192 and 256 bits
![Page 39: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/39.jpg)
SE571 Security in Computing Dr. Ogara39
AES Does it have flaws? How long will it remain sound? Cryptanalysts have not found any
flaws yet
![Page 40: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/40.jpg)
SE571 Security in Computing Dr. Ogara40
Rives-Shamir-Adelman Encryption (RAS)
Public key system introduced in 1978 Named after three inventors Uses two keys for encryption and
dceryption
![Page 41: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/41.jpg)
SE571 Security in Computing Dr. Ogara41
Four applications of encryption Hash functions Key exchange Digital signatures Certificates
![Page 42: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/42.jpg)
SE571 Security in Computing Dr. Ogara42
Hash Functions Important for integrity Put a shield or seal around a file by
computing a cryptographic function called hash or checksum or message digest of a file
Examples:• MD4, MD5 (Message Digest) – produce 128
bit• SHA/SHS (Secure Algorithm or Standards) –
produce 160-bit digest
![Page 43: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/43.jpg)
SE571 Security in Computing Dr. Ogara43
Key exchange Example: Web browser connecting to
shopping website Encrypted session must be established S = sender of protected information R = receiver of protected information Establish assurance that information
came from S Public key cryptography can help here
![Page 44: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/44.jpg)
SE571 Security in Computing Dr. Ogara44
Key exchange Use lockboxes and keys S puts protected information into
lockbox that can be opened by S public key
S puts lockbox into another one that can be opened by ONLY by R’s private key
R uses private key to open outer box and S public key to open inner box (proof it came from S)
![Page 45: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/45.jpg)
SE571 Security in Computing Dr. Ogara45
Diffie–Hellman key exchange protocol
Does not require preshared public keys S and R uses simple arithmetic to exchange
a secret They agree on field number n and starting
number g Each thinks of a secret number, say, s and r. S sends to R gs and R sends to S gr. Then S computes (gr)s and R computes (gs)r,
which are the same, so grs = gsr becomes their shared secret.
![Page 46: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/46.jpg)
SE571 Security in Computing Dr. Ogara46
Digital Signatures Provide reliable means to ensure the
origin of data Cryptographic hash codes are used to
support digital signatures Cryptographic hash codes offer a
fast, fairly reliable way of determining whether a piece of data has been modified between sender and receiver
![Page 47: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/47.jpg)
SE571 Security in Computing Dr. Ogara47
Digital Signatures It must be unforgeable It must be authentic It is not alterable It is not reusable
![Page 48: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/48.jpg)
SE571 Security in Computing Dr. Ogara48
Public Key Encryption Ideally suited to digital signatures If S wishes to send M to R, S uses the
authenticity transformation to produce D(M, KS). S then sends D(M, KS) to R. R decodes the message with the public key transformation of S
![Page 49: Chap 2: Elementary Cryptography. Concepts of encryption Cryptanalysis: how encryption systems are “broken” Symmetric (secret key) encryption and.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649d355503460f94a0ccce/html5/thumbnails/49.jpg)
SE571 Security in Computing Dr. Ogara49
Cetificates Binds a public key and users’ identity Signed by Certificate of Authority (CA) Example – Two people Edward posts his public key in public but
retains private key Diana creates public key and includes it into
message with her identity Edward signs (affirms Diana’s public key and
identity) by creating has value and then encrypting message and hash value with private key