Slide 1Slide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Slide 13Slide 14Slide 15Slide 16Slide 17Slide 18Slide 19Slide 20Exam 1 ReviewCS461/ECE422 Fall 2007Exam guidelinesA single page of supplementary notes is allowedClosed bookA calculator is allowed. (and strongly suggested for this exam)Students should show work on the exam. They can use supplementary sheets of paper if they run out of room.Students can use scratch paper if desired.Exam logisticsExam will be given in the evening (7-8:15pm) in 112 and 114 of the Transportation Buildinghttp://webtools.uiuc.edu/ricker/CampusMap?target=search&building=42Students will be split by last nameTopicsIntroductory definitionsRisk AnalysisHistorical CryptographySymmetric CryptographyPublic or Asymmetric CryptographyKey ManagementSecurity PoliciesRisk AnalysisUnderstandAssetsVulnerabilitiesThreatsRiskQualitative vs Quantitative AnalysisQuantitative identifies absolute numbers for risk probability and asset value, so can calculate risk exposure, risk leverageSecurity PolicyDefines what needs to be done, not howHow is mechanism or controlOrganizational or natural language policiesFormal policy languagesControl mechanism operationIn theory policy language could be applied to multiple types of mechanismsHistorical CiphersTranspositionN-columnar transpositionSubstitutionCaesar, vigenere, book, one-time pad, enigmaLanguage-based statistical attacksSymmetric EncryptionBlock vs stream encryptionP = b0, b1, .. bnE(P,k) = E(b0, k0) || E(b1, k1) || ....If all ki's are equal and sizeof(bi) generally > 1, E(P,k) is a block cipherDESFeistel networkCombination of p-boxes and s-boxes56 bit key and 64 bit blockSymmetric EncryptionAESIterative encryptionMultiple key sizes: 128, 192, 256Block size: 1281 S box and various permutationsBlock Encryption ModesDescribed in section 7.2.2 of the Handbook of Applied Cryptography http://www.cacr.math.uwaterloo.ca/hac/about/chap7.pdfElectronic Codebook (ECB)Cipher Block Chaining (CBC)Output Feedback (OFB)CounterCipher Feedback (CFB)11 Mode ?EkEkPi-1PiPi+1Ci-1CiCi+1Ri-112Mode ? init. vectorm1DESc1m2DESc2sentsent………13Mode ?kEk(r)r…E…mici14 Mode ?EkEkPi-1PiPi+1Ci-1CiCi+1EkCtri-1CtriCtri+1Multiple EncryptionsDouble Encryption doesn't gain muchMeet-in-the-middleBoth decrypt and encrypt with test keySave both and check against the other for middle values as you check new keysPublic/Asymmetric EncryptionTwo keysOne key public, eases some bootstrap issuesBased on “hard problems”RSA – factoring composites of large primesDiffie Hellman – computing discrete logarithmsKnow equations for RSA and DHWhat values are public and what are privateBe able to compute with calculator for small valuesDivide and Conquer exponentiationCryptographic hashesDifference from regular checksumsKeyed and keylessWhen is each appropriateBrute force attackFind another message with the same hash valueBirthday attackStandard algorithmsSHA, MD5, block ciphers in CBC modeHMAC to make keyless hash keyedKey ManagementLong lived vs session keysRandomness and pseudo randomBasic key distributionTrusted third party, public keyCertificatesHierarchical and web of trustDigital signaturesSeveral reasons why it is bad to encrypt firstKey managementKey storageKey escrowShould be integrated in to the user's crypto system, authenticated to access escrow system, time bounded message access on unescrowESS/Clipper exampleGood
View Full Document