Block 2: communication using symmetric crypto algorithms - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Block 2: communication using symmetric crypto algorithms

Description:

(1) Alice and Bob agree a key k and an encryption algorithm ... Lava lamp. Earthquake strength or interval. Chap 3: Key exchange protocols ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 25
Provided by: EEC86
Category:

less

Transcript and Presenter's Notes

Title: Block 2: communication using symmetric crypto algorithms


1
Block 2 communication using symmetric crypto
algorithms
  • Steps
  • (1) Alice and Bob agree a key k and an encryption
    algorithm
  • (2) Alice calculates E_k (message) and sends the
    cipher text to Bob
  • (3) Bob decrypts the message and gets the
    plaintext
  • Problems
  • How to determine the key must in a secret place
  • How to convince other people it is from Alice
    instead of Bob
  • Number of keys increases fast, not scalable

2
Block 3 communication using asymmetric crypto
algorithms
  • First appeared in 1976, proposed by Diffie and
    Hellman
  • Two keys public key and private key, it is
    almost impossible to get private key from public
    key.
  • A certain kind of trap door one way functions
    private key is the secret
  • Steps
  • Alice and Bob agree a public key encryption
    algorithm
  • Bob sends his public key to Alice
  • (3) Alice calculates E_pubB (message) and sends
    the cipher text to Bob
  • (4) Bob decrypts the message with the private
    key and gets the plaintext

3
Block 3 communication using asymmetric crypto
algorithms
  • Solve the problem in symmetric crypto methods
    the key can be transferred in public
  • More scalable, easy for multicast
  • New problems
  • How can we know that is Bobs public key
  • Trusted Third Party
  • Certificate for the public key
  • Some story about public key
  • NSA says it is unnecessary
  • But claims credit for it

4
Hybrid crypto systems
  • Symmetric methods are fast, easy to implement,
    but require special attention during key
    distribution
  • Asymmetric methods are slow, but more secure
  • Hybrid
  • Using asymmetric method to distribute key
  • Using symmetric method to encrypt data

5
Communication using hybrid crypto systems
  • Steps
  • Bob sends Alice his public key
  • Alice encrypts the session key with this public
    key and sends to Bob
  • Both Alice and Bob know the session key and can
    use it for data traffic

6
Dual encryption
  • Lets assume that everyone in the network has a
    public-private key pair. Alice wants to send a
    message to Bob and convince that it is from
    Alice.
  • Two possible format which is better??

7
Dual encryption
  • Answer
  • Alice should first sign the message, then use
    Bobs public key to encrypt the packet
  • Reason 1 If Alices private key is the outer
    layer, everyone with Alices public key will be
    able to decrypt it.
  • Reason 2 never sign a random string that you do
    not know what it is (Example of RSA)
  • Two pair of public-private key for everyone one
    for encryption, one for digital signature

8
Dual encryption
  • Dual encryption is too slow, how can we improve
    the efficiency??
  • Alice sign the hash result of the message, then
    use Bobs public key to encrypt the whole packet

9
Merkles puzzle
  • Make the life of an eavesdropper difficult

10
Block 4 Digital signature
  • Signature by symmetric encryption
  • TTP will get involved
  • How to send to a third party through TTP again
  • Signature with asymmetric encryption
  • Using the private key for signature
  • If the signature is like This is 100 check to
    Bob, a timestamp should also be included in the
    signature.
  • Application of digital signature nuclear test
    monitor

11
Resend attacks
  • Lets assume that the same public private key
    pair is used for both encryption and signature.
    And if every time after receiving the message, a
    receipt is given, a resend attack can be
    conducted.
  • Defending against such attacks using different
    methods, using different keys, or do timestamps

12
Block 5 Random number
  • Pseudo random numbers
  • Usually will repeat after a long sequence
  • Must long enough
  • Real random numbers
  • Lava lamp
  • Earthquake strength or interval

13
(No Transcript)
14
Chap 3 Key exchange protocols
  • Protocols 1 using symmetric cryptography
  • We assume that every node shares a key with KDC
  • Steps
  • Alice requests a key from KDC
  • KDC encrypts the key with Alice and Bobs key
    respectively and sends both to Alice
  • Alice forward Bobs copy to Bob

15
  • Problems of protocol 1
  • Alice knows both the plaintext and cipher text
    for Bob. Bad for Bob.
  • When Alice sends a copy to Bob, how can Bob makes
    sure this is a fresh key?

16
  • Protocol 2 Using public key
  • We assume that everyone has a public private key
    pair
  • Steps
  • Alice generates a session key and encrypts it
    with Bobs public key
  • Bob decrypts the message and gets the session key
  • Now they can talk safely

17
  • If the public keys of the nodes do not have
    certificate with them, they can be fake keys. And
    a min-in-the-middle attack can be conducted.
  • How the min-in-the-middle attacks are conducted.
  • How can the Interlock protocol mitigate the
    attack
  • Wormhole attack in wireless networks and the
    prevention mechanisms
  • Packet leash, directional antenna, multi-round
    response, visualization

18
  • Improvement to protocol 2
  • Public keys for Alice and Bob should be protected
    by the certificate from a TTP

19
Authentication
  • Authentication prove that you are who you claim
    you are
  • Method 1
  • The system stores your password, and compares it
    with the word you type in every time you login
  • Problem if the attacker gets access to the file,
    you are done.

20
  • Method 2
  • The system stores the hash result of the
    password, now if the attacker sees the hash
    value, it cannot recover the plaintext.
  • Problem
  • It is still not safe under dictionary attacks
  • The system can add a random number after the
    password, which is called salt
  • Public salt and private salt.

21
  • Method 3 Using public-private key
  • The system knows the public key and the user
    keeps the private key
  • During login, the system sends a random number to
    user and user encrypts it with the private key
  • System decrypts with public key and verifies the
    user
  • Problems
  • Blind signature
  • Chosen plaintext attack

22
Authentication (cntd)
  • Method 4 one key a time protocol
  • Hash chain
  • Unlimited one key a time system (2 possible
    solutions)
  • Both sides know a secret k
  • A knows R1, and B knows hash(k, R1)
  • During first login, A sends R1 and hash(k, R2)

23
  • Method 5 Mutual authentication with symmetric
    key SKID 3
  • A and B share a secret k
  • A sends a random number to B and B calculates the
    keyed hash value
  • Same way for A
  • Use random number to replace timestamp avoid
    synchronization
  • Man-in-the-middle attack
  • Compromise the authentication but cannot crack
    the key

24
  • Method 6
  • Typing the key and moving your mouse
  • User re-authentication via mouse movements (ACM
    VisSec)
  • User authentication through keystroke dynamics
    (ACM Trans. Inf. Syst. Secur. 2002)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Block 2: communication using symmetric crypto algorithms" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!