Previous lecture - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Previous lecture

Description:

Encryption and decryption is fast, cipher text not much larger than the ... middle knows the symmetric key k, and can decrypt (or modify) data as he wishes. ... – PowerPoint PPT presentation

Number of Views:18
Avg rating:3.0/5.0
Slides: 18
Provided by: mortens
Category:

less

Transcript and Presenter's Notes

Title: Previous lecture


1
Previous lecture
  • More on hash functions
  • Digital signatures
  • Message Authentication Codes
  • Padding

2
This lecture
  • General differences between asymmetric and
    symmetric cryptography
  • General design of interactive protocols
  • Key exchange
  • Man-in-the-middle

3
Symmetric vs. asymmetric cryptography
  • Asymmetric cryptography has easier key management
  • Why not always use asymmetric cryptography
  • Slower
  • Needs longer keys

4
When to use what type
  • Symmetric
  • Speed
  • Key size
  • Signature size (MACs)
  • Asymmetric
  • Key distribution
  • Parties with no secure side-channel (for key
    distribution)

5
Communication with many parties
  • Example Users want to connect securely to web
    sites
  • There are many web sites
  • There are even more users
  • Impossible for each web site to know all its
    potential visitors
  • The solution use public key cryptography
  • What if public key cryptography is too slow?

6
Designing interactive protocols
  • The web surfer (user) and the web server wishes
    to exchange large amount of information
  • The user will send a request, and the server will
    answer (think http!)

TCP/IP
User
Web server
7
Interactive protocols first approach
  • We try with public key cryptography

TCP/IP
User
Web server
Users public key pu
Servers public key ps
Request encrypted under ps
Response encrypted under pu
8
Problems with first approach
  • Speed
  • Each public key operation takes a significant
    amount of time. When used on large messages this
    becomes significant.
  • The server may have to handle several hundred
    connections simultanously, making encryption
    slow.
  • Size
  • For encryption the message has to split into
    smaller messages that can be encrypted.
  • Since public key cryptography is more vulnerable
    to weak clear texts (e.g., small numbers) some
    padding technique must be used on every block.
    This makes the cipher text much longer than the
    clear text.

9
Interactive protocols second approach
  • We try with secret key cryptography

TCP/IP
User
Web server
User and web server decideson a symmetric key k
Request encrypted under k
Response encrypted under k
10
Problems with second approach
  • Encryption and decryption is fast, cipher text
    not much larger than the clear text, but...
  • How does the user and the web server decide on a
    common secret key?
  • The user and the web server physically exchange
    data
  • The web server sends the key to the user via a
    secure off-line channel (registered mail etc.)
  • Feasible only when the number of users is low,
    and there is time to do key-exchange off-line
  • Possible solution for Internet banking, but not
    for e-commerce

11
Interactive protocols
  • Both the public key and secret key approach has
    serious problems.
  • What we want use symmetric cryptography for
    encryption of the traffic, but avoid the need for
    complicated off-line key exchange schemes.

12
Key exchange
  • The symmetric key can be sent encrypted under the
    public key
  • Either party can create the key (or they can
    create it together)
  • Other techniques for key exchange exist
    (Diffie-Hellman)

13
Key exchange general idea
TCP/IP
User(pu, su)
Web server
Users public key pu
Generates symmetric key k
Symmetric key k encrypted under pu
Decrypts k using su
Communication encrypted under k
14
Key exchange possible enhancements
  • Both parties can take part in key generation
  • Assuming the length of the symmetric key s is n,
    the following variants are possible
  • First n / 2 bits of s are created by user, last n
    / 2 by server
  • User creates n-bit su, server n-bit ss. The key s
    is computed as s su ? ss
  • Key exchange should be repeated at regular
    intervals

15
Man-in-the-middle
  • Access to the key exchange does not give you any
    useful information about the key.
  • A person that can modify messages can use this to
    gain knowledge of the symmetric key.
  • This kind of attack is for obvious reasons known
    as a man-in-the-middle attack.

16
User(pu, su)
Man in the middle(pm, sm)
Web server
Users public key pu
Replaces pu with his own pm
pm
Generates symmetric key k
Decrypts k using sm and reencrypts using pu
Symmetric key k encrypted under pm
Symmetric key k encrypted under pu
Decrypts k using su
Communication encrypted under k
17
Man-in-the-middle
  • After this scheme, the Man-in-the-middle knows
    the symmetric key k, and can decrypt (or modify)
    data as he wishes.
  • Different techniques exist to address this
    problems
  • Public key certificates
Write a Comment
User Comments (0)
About PowerShow.com