Scribd Logo
Upload

Welcome to Scribd!

  • Cryptography - Lecture14

    Uploaded by

    Abhijeet
    29 views12 pages

    Original Title

    Cryptography - lecture14

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    29 views12 pages

    Cryptography - Lecture14

    Uploaded by

    Abhijeet

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Cryptography and Network Security

    Spring 2006
    http://www.abo.fi/~ipetre/crypto/

    Lecture 14: Folklore, Course summary, Exam


    requirements

    Ion Petre
    Academy of Finland and
    Department of IT, Åbo Akademi University

    April 27, 2006 1


    Folklore on cryptography and network security

    „ Change keys periodically


    „ Use different keys for encryption, for authentication, and for signing
    „ Use different keys for different purposes
    „ Have both sides contribute to the master key
    ‰ Both sides have to be broken to find the key
    „ Do not let one side to determine the key
    „ Hash in a constant when hashing a password
    „ Randomly chosen IVs
    ‰ Random is good but what one really needs is very different IVs; hashing a sequence count
    will work
    „ Do not let encrypted data start with a constant or a predictable value
    „ Compress data before encrypting it
    ‰ Less data to handle, compressed data may look more random than the original plaintext,
    careful with fixed headers
    „ Overestimate the size of the key rather than following “official” default values
    „ Timing attacks – useful for smart card-based systems, less useful for network-based
    applications

    April 27, 2006 2


    Summary of the course
    Exam requirements

    April 27, 2006 3


    Overview of the course

    „ I. CRYPTOGRAPHY „ III. NETWORK SECURITY


    ‰ Secret-key cryptography ‰ Email security
    „ Classical encryption techniques ‰ Web security (SSL, secure
    „ DES, AES, RC5, RC4 electronic transactions)
    ‰ Public-key cryptography ‰ IP security
    „ RSA ‰ Firewalls
    ‰ Key management ‰ Wireless security
    „ II. AUTHENTICATION
    ‰ MAC ‰ Viruses
    ‰ Hashes and message digests
    ‰ Digital signatures
    ‰ Kerberos

    April 27, 2006 4


    Symmetric-key cryptosystems

    „ Classical systems
    ‰ Caesar cipher – encryption/decryption, attack
    ‰ Monoalphabetic ciphers – frequency attack
    ‰ Playfair cipher – encryption/decryption
    ‰ Polyalphabetic ciphers (Vigenere) – encryption/decryption, cryptanalysis
    ‰ One-time pad
    ‰ Transpositions: rail-fence, row-transpositions
    ‰ Enigma: description
    „ DES
    ‰ Structure of a Feistel cipher, encryption, decryption
    ‰ DES scheme: key length, input/output length, structure of the algorithm,
    main ingredients (S-boxes, permutations, subkey generation), cipher
    modes of operations and their purposes

    April 27, 2006 5


    Symmetric-key cryptosystems

    „ AES
    ‰ AES scheme: key length, input/output length, structure of the algorithm,
    main ingredients (byte substitution, shift rows, mix columns, add round
    key), key expansion
    ‰ AES decryption using the same algorithm
    „ 2DES: meet-in-the-middle attack
    „ 3DES – scheme
    „ RC5
    ‰ Parameters, key expansion, encryption/decryption scheme
    „ RC4
    ‰ Principle of stream ciphers
    ‰ RC4 scheme

    April 27, 2006 6


    Public-key cryptography

    „ Principle of public-key systems – keys, encryption/decryption,


    authentication
    „ RSA
    ‰ RSA scheme
    ‰ Fast modular exponentiation
    ‰ Miller-Rabin primality test
    ‰ Pseudo-random number generators

    April 27, 2006 7


    Key management and authentication

    „ Distribution of public keys


    ‰ Public key authority and the distribution protocol
    ‰ Certificate authority and the distribution protocol
    ‰ Public-key infrastructures – principle
    „ Distribution of secret keys
    ‰ Using public-key cryptosystems – the protocol
    „ Diffie-Hellman key exchange protocol and the man-in-the-middle attack
    ‰ Using key distribution centers – the protocol
    „ Authentication using Kerberos
    ‰ Protocol

    April 27, 2006 8


    Digital signatures

    „ Arbitrated digital signatures


    ‰ Protocol
    „ Direct digital signatures
    ‰ Principle, weaknesses

    April 27, 2006 9


    Message authentication

    „ Message authentication code (MAC)


    ‰ Principle
    ‰ DES-based MAC
    „ Hash functions
    ‰ Principle
    ‰ Birthday attack
    ‰ MD5 – scheme, main ingredients
    ‰ SHA-1 – scheme, main ingredients
    „ HMAC
    ‰ Principle
    ‰ Scheme

    April 27, 2006 10


    Network security

    „ Email security
    ‰ PGP: scheme, key management
    ‰ S/MIME: scheme, key management
    „ Web security
    ‰ Secure naming: cracking DNS, DNSsec, self-certifying names
    ‰ Secure connections: SSL (protocol), TLS
    ‰ Secure electronic transactions: overview, dual signatures
    „ IP security
    ‰ Tunnel mode
    ‰ Transport mode
    „ Firewalls – generalities
    „ Wireless security – generalities

    April 27, 2006 11


    System security – generalities

    „ Intruder detection techniques


    „ Password management
    „ Malicious software

    April 27, 2006 12

    You might also like