GS: Chapter 3 Encryption, Authentication and Java CryptographyCryptography & JavaEncryptionSlide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Alternative Data-hiding MethodsAuthenticationAuthentication MethodsSlide 16Slide 17Slide 18CryptanalysisKey Management (storage)Cryptographical ProtocolsJCA/JCESlide 23JCAJCESlide 26Nextcsci5931 Web Security 1GS: Chapter 3Encryption, Authentication and Java Cryptographycsci5931 Web Security 2Cryptography & JavaA. EncryptionB. AuthenticationC. Java Cryptographycsci5931 Web Security 3EncryptionEncryption Basics:An algorithm (or cipher) and a key are required in order to encrypt or decrypt messages.Example: the Caesar cipher (p.34)oA symmetric, stream cipheroExercise: Encrypt “DDAY” using Caesar cipher (5).oAnswer: “IIFD”.oQ: What is the algorithm?oQ: What is the key?oQ: How would the cipher be decrypted?csci5931 Web Security 4EncryptionSymmetric Encryptions:Both the encrypter and the decrypter share the same key.Key space: The set of possible keys that work with a cipher; determined by the number of bits used in the cipher.The larger the key space is, the more secure the encryption will be.Each additional bit added to the key length doubles its security.csci5931 Web Security 5EncryptionSymmetric Encryptions:Two types of symmetric ciphers: block ciphers and stream ciphers.Examples of symmetric encryptions:oDES (Data Encryption Standard) & TripleDES: block ciphersoBlowfish: a faster and more secure replacement of DESoRC4 (Rivest’s Code 4): a stream cipheroAES (Advanced Encryption Standard): a block ciphercsci5931 Web Security 6EncryptionLimitations of Symmetric Encryptions:Key distribution can be a vulnerability.If the key is exposed, the encrypted message and all future communication using the same key will suffer the eavesdropping attack.Key management problems: distribution, update, revokingcsci5931 Web Security 7EncryptionAsymmetric Encryptions:Also known as ‘public key encryption’Messages encrypted with the public key can only be decrypted by the corresponding private key.The public key can be made known to the public, but the private key is kept as secret and only known to the owner of the key.Examples of asymmetric encryption algorithms:oMerkel Hellman KnapsacksoRSA: Rivest, Shamir, AdlemanoEl Gamalcsci5931 Web Security 8EncryptionLimitations of asymmetric Encryptions:Asymmetric encryption requires much larger keys than symmetric encryption.oA 1024-bit asymmetric key ~= a 128-bit symmetric keyoWhy?Asymmetric encryption is much slower (~ 1000 times slower) than symmetric encryption.It is subject to man-in-the-middle attack. Solution? Digital certificates (Ch. 6)csci5931 Web Security 9EncryptionSession-key EncryptionA session-key is a symmetric key that is used to encrypt the plaintext message. The session key itself is encrypted using a public key.Sender: C = Spub ( S ) + Sencrypt (message) RecipientRecipient: Spriv ( Spub (S) ) SSdecrypt (Sencrypt (message)) messageAlternatively, the session key may be assigned an expiration time and be used over several sessions.csci5931 Web Security 10EncryptionExamples of Session-key EncryptionPGP (Pretty Good Privacy): Originally (1991) used to encrypt e-mail using session-key encryptionSupports RSA, TripleDES, etc.http://www.pgp.com/S/MIME (Secure/MIME):Invented by RSA to secure e-mailBacked by Microsoft, RSA, and AOLSSL/TLS (Secure Socket Layer/Transport Layer Security): Ch. 9Originally an attempt to secure TCP/IP traffic using encryptionscsci5931 Web Security 11EncryptionKey Agreement AlgorithmA key agreement algorithm takes the private and the public keys of two distinct parties (Apriv + Bpub or Apub + Bpriv) and generates a common shared secret key, which is then used to generate a session key. See the diagram on p.41.Diffie-Hellman Key Agreement Algorithm: The first ever public key encryptionAllows two parties to independently generate the shared key; The session key is never transmitted.References: See http://www.apocalypse.org/pub/u/seven/diffie.html IETF RFC2631: http://www.ietf.org/rfc/rfc2631.txtcsci5931 Web Security 12EncryptionStrength of Encryption AlgorithmsTwo factors:The algorithm used + The size of the key spaceSee the tables comparing symmetric ciphers (p.42) and asymmetric ciphers (p.43)csci5931 Web Security 13Alternative Data-hiding MethodsSteganography: hiding messages inside another message or in a picture. See “Steganography: Hidden Data”. By Deborah Radcliff. ComputerWorld. June 10, 2002.Elliptic Curve Cryptography (ECC): based on the elliptic curve logarithm problem; a more efficient public key encryption (faster, smaller key size)An intro: http://world.std.com/~dpj/elliptic.html Codes, one-time pads, etc.csci5931 Web Security 14AuthenticationThe process of determining the authenticity of a message or user.Methods:A. Message Digesta check value generated from a document, usually generated by a hash functionto prove that the data in the document has not been tampered with.Commonly used for password authentication (i.e., one-way authentication)Examples: MD4, MD5, SHA (secure hash algorithm)Any problem? Man-in-the-middle attack Why?csci5931 Web Security 15Authentication MethodsB. MAC (Message Authentication Codes)A message digest created with a keyTypically used for data verification in a context where a secure connection is already available.Example: SSL uses MACs to verify the data received, using a secret key that is exchanged at the beginning of the session.Example MACs:oHmacMD5 (Hashing MAC using MD5)oHmacSHA1 (Hashing MAC using SHA-1)csci5931 Web Security 16Authentication MethodsC. Digital SignaturesBased on public key encryptionComputed with a person’s private key and verified with the person’s public keyAn example of creating a digital signature: p.481. The sender applies a message digest algorithm to get a message digest (md) out of the message to be sent.2. The message digest is then encrypted by the person’s private key. The ciphertext is the digital signature (ds).To check the digital signature:1. The recipient applies the digest algorithm to get a message digest (md-2).2. The recipient decrypts the ds using the sender’s public key. 3. The output from step 2 is verified against md-2.csci5931 Web Security 17Authentication
View Full Document