1CryptographyCryptographysecretsecret--key and and publickey and and public--key technologieskey technologiesSeptember 5, 2014Calendar schedule Calendar schedule (w/midterm)(w/midterm)Fri lecture Topic lab meeting week of: due:9/5 Cryptography 9/89/12 Authentication 9/159/19 Authorization 9/229/26 Application security 9/2910/3 Packet sniffing 10/610/10 Firewalls (remote)- 10/17 Midterm –Firewalls (remote) 10/24 Fri10/24 Intrusion detection 10/2710/31 arp spoofing (remote) 11/14 Fri11/7 Tunnels and VPNs (remote) 11/21 Fri11/14 Computer forensics (remote) 11/30 Sun2Administrative Administrative ––platform, per labplatform, per labn/aComputer forensics (DETER)n/aTunnels and vpns (DETER)n/aArp spoofing (DETER)CentOS 4.3 min-gdbIntrusion detectionn/aFirewalls (DETER)CentOS-6.4Packet sniffingCentOS 4.3 min-gdbkali linuxCentOS-6.4Application securitystack overflowheartbleedc sign extensionCentOS-6.4Authorizationkali linuxAuthenticationCentOS-6.4CryptographyAdministrative Administrative ––lab schedulelab schedule three meetings weeklyMondays 12:30pm-13:50pm Wednesdays 10:30am-11:50amFridays 3:00pm-4:20pm your individual assigned time is at website link entitled “Student lab times” if your name is not on “Student lab times” please view the instructions on our web page for another round of timeslot assignments (2ndround and 2ndpriority)3Administrative Administrative ––submittal deadlinessubmittal deadlines by labtime each week, for lab exercise performed previous week example, current topic of cryptography– attend lecture Sep 5 4:30pm– perform exercise Sep 8, 10, or12; orDEN/remote– submit by Sep 15, 17, or19; or19 4:30pmAdministrative Administrative --DENDEN I emailed DEN students Wednesday weekly due dates for DEN– same as for last on-campus students: Fri 4:30pm4Administrative Administrative ––upcoming labupcoming lab you’ll need to take a file from the lab– ftp it to somewhere you have access– local usb flash drivedetermine drive’s name (dmesg, tail /var/log/messages)mount it, eg, “mount /dev/sdb1 /mnt/”graders or fellow students will help read instructions before labtime– in general, advance examination a good idea– in particular, first part of RSA instructions this weekAdministrative Administrative ––submittal instructionssubmittal instructions answer the lab assignment’s questions in written report form, as a text, pdf, or Word document file (no obscure formats please) email to [email protected] exact subject title must be “cryptolab” deadline is start of your lab session the following week reports not accepted (zero for lab) if– late– you did not attend– email subject title deviatesOur filterthanks you!5This lab exercise usesThis lab exercise uses…… GPG (GNU Privacy Guard)– implements OpenPGP"GnuPG is the GNU project's...implementation of the OpenPGP standard..." OpenPGP – a cryptography standard RFC4880“OpenPGP … provide[s]…confidentiality, key management, authentication, and digital signatures” bc – an arbitrary precision calculatorable to perform the arithmetic necessary to operate the RSA algorithmCrypto covered in this lecture or lab?Crypto covered in this lecture or lab?keys, encryption, signing with GPGmodular arithmeticDigital Signature Algorithm (DSA)manual RSA operation with the bc calculatormodular arithmeticRivest-Shamir-Adelman algorithm (RSA)public-keysimplified-des (omitted)serial substitutions & permutationsData Encryption Standard (DES)nonecarryless addition & half-borrow subtractionJapanese Naval Code 25 (JN-25)secret-keylab exerciseselemental* data transformation method(s) usedhistorical instancescryptographic technology*Ultimately all ciphers are substitution ciphers in that, ultimately, they substitute ciphertext for plaintext! But this characterizes what the cipher does to each “element” of the plaintext (e.g., byte or block), as it processes elements.!! Not enough time !! …6JNJN--2525First code group for a wordFirst code group for a word drawn from the “codebook” amounts to a dictionary entries are fixedlike41712you64479I72084eat80514bananas95280apples39318WordCode groupEnglish demo example code book:7A codebookA codebookJapanese codebook from 1933 on display at Bletchley Park Museumhttp://www.mkheritage.co.uk/bpt/JapCDSCH1.htmlAn exampleAn examplethe Zimmerman notethe Zimmerman noteA message enciphered througha word-to-number codebook“dictionary.” The numbers mapto German words.(The note, from Germany proposingthat Mexico go to war with the US,was intercepted, decoded, and publicized.It catalyzed US entry into World War Isoon after.)8Footnote: WWIFootnote: WWIDESDESsimplified academic version Ssimplified academic version S--DESDESa conventional (i.e., 1a conventional (i.e., 1--key) substitution cipherkey) substitution cipherrepresented by the following procedural examplerepresented by the following procedural example9SS--DES* process flowDES* process flowCredit to Cryptography and Network Security, Principles and Practice, William Stallings, Prentice Hall, 1999 for figure and precision of explanation. *simplified version of the DES algorithm for tutorial purposes, by Edward Schaefer, Santa Clara University Credit to Cryptography and Network Security, Principles and Practice, William Stallings, Prentice Hall, 1999 for figures and precision of explanation. SS--DES DES encryption encryption component component process flowprocess flow10Time does not allowTime does not allow…… discussion of DES procedural details here manual exercise performing a simplified version in lab or as homeworkGPGGPGand publicand public--key cryptography generally,key cryptography generally,of which it is an implementationof which it is an implementation11Functional purposes of Functional purposes of cryptograhycryptograhy Confidentiality– ensuring illegibility to outsiders Authentication– ensuring ostensible and actual sender are one and the same Data integrity– ensuring non-alteration in transitCryptographic processingCryptographic processingplaintextciphercryptogramcryptograminverse cipherplaintextEncryption(data sender)Decryption(data receiver)122 broad technologies2 broad technologies Secret-key cryptographyversus Public-key cryptographynew!( 1970 )Known synonymously as:Known synonymously as: One technology– single-key– private-key– symmetric– secret-key– shared-key–
View Full Document
Unlocking...