Network Security Review. Secure channel Communication security Confidentiality Message Traffic...
-
date post
20-Dec-2015 -
Category
Documents
-
view
216 -
download
0
Transcript of Network Security Review. Secure channel Communication security Confidentiality Message Traffic...
Network Security
Review
Secure channel
Communication securityConfidentiality
• Message• Traffic
AuthenticationIntegrity
How to achieve?Establish shared keyEncrypt MACLeft out: non-repudiation, etc.
Shared Key Establishment
“Trusted third party”
Kerberos
• Tickets
Public key methods
SSL
IPSEC
“Out-of-band”
Public Key Crypto
Public Key techniques
Diffie-Hellman RSAN=pq; ed 1 (mod (N))Public:e,N;Private:d,N
Encrypt M: CMemodN
Decrypt C: MCdmodN
Sign M: S Mdmod N
Verify S: Se M (modN)
Alice Boba b
p, g
magamod p mbgbmod p
ma mb
mbamod p ma
bmod p=gabmod p=
shared secret key!•Discrete log:
•Given y,p,b
•Find x: bxmod p = y
?
•Factoring:
•Given N=pq
•Find p,q
Discrete log based schemes
DH (key establishment)
DSS/DSA (signatures)
El-Gamal (signatures, encryption)Elliptic Curves Cryptography (ECC)
Why modulus (p) is so large?Little-step/giant-step attack
Factoring based
RSA
Square Roots (=Factoring)Rabin (Encryption, Signature)
Fiat-Shamir (ID scheme, Signature)
World mod N
How many objects?|Z*
N|= (N); for all z Z*
N, z (N) mod N=1
If N=pq, then (N)= (p-1)(q-1)[If N=p, then (N)= p-1]
Blum integers: N=pq, pq3 (mod 4)
Thenx(p+1)/4 mod p= y; y2x(p+1)/2x(p-1)/2 x±x mod p
Chinese Remainder Theorem (CRT)
Given y2 x mod p; z2 x mod q; N=pq;Find s: s2 x mod N
More generally:Given a,A, b,B;Find x: x a mod A, x b mod B
Let u, v be s.t. uA 1 mod B, vB 1 modAThen x=uAb+vBa[indeed: x mod A = uAb+vBa = vBa = a;
x mod B = uAb+vBa = uAb = b]
How to find u,v?
Extended GCD
Euclid’s GCD algorithm(greatest common divisor):gcd(a,b) = gcd( b, a mod b) =…= gcd(a’,b’)=ca’=ib’+c, … , ax+by=c
If gcd(a,b)=1: ax 1 mod b
Summary (factoring-based)
RSAGiven p,q; Can compute (N), for N=pq;
With Extended gcd, can compute e, d 1/e mod (N);
• gcd(e, (N)) must be 1
RabinUsing Blum integers can compute SQRT mod p,q
Using CRT can combine them to SQRT mod N
Prime number generation
Why?
How?Exhaustive search
• Too long
Miller-Rabin• Little Fermat’s Theorem (again)
Prime Number Theorem#of primes between R and 2R is R/lnR
i.e. Prob[ random R is a prime ] 1/lnR
Efficiency for all
Exponentiation: Repetitive Squaring
bA mod N takes 1.5 lg A long multiplications
Cost of multiplication quadratic in length
Optimization: mod N (mod p) + (mod q) +CRT
Watch out!
Attacks on factoring
(N), N => factoring (quadratic equation)
Trick: obtain x, s.t. x0 mod p, x mod q 0
gcd(x, N)=p
SQRTmodN => Factoring
vy2mod N; zSQRTmodN(v)
If z ±y, then x y-z
Computing (mod p) + (mod q) + CRTRandom error mod p (or mod q) => factoring
Other Crypto
Encryption
Hashing
MACs
EncryptionOne time padBlock cipher
DES• Feistel approach
AES/RijndaelModes of operation
• EBC, CFB, CBC, etc.
Stream ciphersRC-4Pseudo-random generators
Hashing
Hashing algorithms
MD-5
SHA
Applications
Digital signatures
MAC
Systems
Certificates
SSL
IPSEC
Kerberos
Certificates
X-509
CA’s
Trust infrastructureHierarchical
• X.509
Networks of Trust• PGP
SSL
TCP level secure channelEstablish Shared Secret
• DH+Certificates [+signatures]• RSA+Certificates [+signatures]• Kerberos [TLS]
Do not confuse with Kerberos over SSL/TLS
Encrypt & MAC
Usually authenticates only serverClient authentication possible
Typical application: HTTPS
IPSEC
IP level secure channelSimilar tools to SSL
Some traffic confidentiality
Both ends authenticated
Tunneling
Typical application:VPN
Kerberos
Key-Distribution Centers approachTrusted Third Party – another term
Authentication Server
Ticket Granting Servers
Tickets
Realms
Other topics
Firewalls
Non-repudiation
SET
Final:
Tuesday May 10
9-11am
See you there!Best of Luck!!!