DOC PREVIEW
PSU CSE 543 - Applied Cryptography

This preview shows page 1-2-14-15-29-30 out of 30 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 30 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page CSE 543 - Computer SecurityLecture 6 - Applied CryptographySeptember 13, 2007URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerProject Assignments•Pretty narrow selection–23 people picked IM security–Some projects untouched•7 project groups defined (26 students)•9 students not assigned–Pick again among (by 5pm tonite -- 9/13)–Secure Network Computing–Password Cracking/Keylogging–User-compatible Security•Students–Murthy, Bala, Borcic, Chen, Gopalrathnam, Srikar, Shawaran, Tannous, McLaughlin2CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerApplied Cryptography•How do we use these (and other) constructs to achieve security goals?–What are the goals?3CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerMeet Alice and Bob ….•Alice and Bob are the canonical players in the cryptographic world. –They represent the end points of some interaction–Used to illustrate/define a security protocol•Other players occasionally join …–Trent - trusted third party–Mallory - malicious entity–Eve - eavesdropper–Ivan - an issuer (of some object)4CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerSome notation …•You will generally see protocols defined in terms of exchanges containing some notation like–All players are identified by their first initial •E.g., Alice=A, Bob=B–d is some data –pwA is the password for A–kAB is a symmetric key known to A and B–KA+,KA- is a public/private key pair for entity A–E(k,d) is encryption of data d with key k–H(d) is the hash of data d–Sig(KA-,d) is the signature (using A’s private key) of data d–“+” is used to refer to concatenation5CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerSome interesting things you want to do …•… when communicating.–Ensure the authenticity of a user–Ensure the integrity of the data •Also called data authenticity–Keep data confidential–Guarantee non-repudation6CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerBasic (User) AuthenticationAliceBob•Bob wants to authenticate Alice’s identity–(is who she says she is)[pwA]1[Y/N]27CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerHash User AuthenticationAliceBob•Bob wants to authenticate Alice’s identity–(is who she says she is)[h(pwA)]1[Y/N]28CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerChallenge/Response User AuthenticationAliceBob•Bob wants to authenticate Alice’s identity–(is who she says she is)[h(c+pwA)]21[c][Y/N]39CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerUser Authentication vs. Data Integrity•User authentication proves a property about the communicating parties–E.g., I know a password•Data integrity ensures that the data transmitted...–Can be verified to be from an authenticated user–Can be verified to determine whether it has been modified•Now, lets talk about the latter, data integrity10CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerSimple Data Integrity?AliceBob•Alice wants to ensure any modification of the data in flight is detectable by Bob (integrity)[d,h(d)]111CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerHMAC IntegrityAliceBob•Alice wants to ensure any modification of the data in flight is detectable by Bob (integrity)[d,hmac(k,d)]112CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerSignature IntegrityAliceBob•Alice wants to ensure any modification of the data in flight is detectable by Bob (integrity)[d, Sig(KA-, d)]113CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerData Integrity vs. Non-repudiation•If the integrity of the data is preserved, is it provably from that source?–Hash integrity says what about non-repudiation?–Signature integrity says what about non-repudiation?14CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerConfidentialityAliceBob•" Alice wants to ensure that the data is not exposed to anyone except the intended recipient (confidentiality)[E(kAB,d), hmac(kAB, d)]115CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page Question•If I already have an authenticated channel (e.g., the remote party’s public key), why don’t I simply make up a key and send it to them?CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger•" Alice wants to ensure that the data is not exposed to anyone except the intended recipient (confidentiality)•" But, Alice and Bob have never met!!!!•" Alice randomly selects key kx to encrypt withConfidentialityAliceBob[E(kx,d), hmac(kx, d),E(KB+,kx)]117CSE543 Computer (and Network) Security - Fall 2005 - Professor McDanielCSE543 Computer (and Network) Security - Fall 2007 - Professor JaegerReal Systems Security•The reality of the security is that 90% of the frequently used protocols use some variant of these constructs.–So, get to know them … they are your friends–We will see them (and a few more) over the semester•They also apply to systems construction–Protocols need not necessarily be online–Think about how you would use these constructs to secure files on a disk drive (integrity, authenticity,


View Full Document

PSU CSE 543 - Applied Cryptography

Documents in this Course
Agenda

Agenda

14 pages

HYDRA

HYDRA

11 pages

PRIMA

PRIMA

15 pages

CLIMATE

CLIMATE

15 pages

Load more
Download Applied Cryptography
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Applied Cryptography and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Applied Cryptography 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?