### Present Remotely

Send the link below via email or IM

CopyPresent to your audience

Start remote presentation- Invited audience members
**will follow you**as you navigate and present - People invited to a presentation
**do not need a Prezi account** - This link expires
**10 minutes**after you close the presentation - A maximum of
**30 users**can follow your presentation - Learn more about this feature in our knowledge base article

# Unit 32 - Cryptography for Network Security

Unit 32 Network systems security

by

Tweet## Christine Boxer

on 24 May 2013#### Transcript of Unit 32 - Cryptography for Network Security

Definitions Cryptography for Network Security Modern Cryptography History of Substitution cipher Vigenère cipher Rotor machines INTRODUCTION cryptography Public-key

cryptography Cryptography

applications What cryptography is? Cryptography could be defined as a part of cryptology which handles the algorithms or techniques that alter the linguistic representation of messages Cipher/Encryption Ciphertext Key Plaintext A message in its natural format readable by anyone Sequence that controls the operation and behaviour of the cryptographic algorithm The process that convert the plaintext into an unreadable text An unreadable text obtained by applying a cipher Decryption The process of decoding data that have been encrypted into a secret format What it is not? -Stenography (writing hidden messages)

-The solution to all security problems

-Something you should try to invent yourself k := c := E(k, "BZAC") = "WACN"

D(k, c) = "BZAC" A B C . . . Z

C W N . . . A How to break a substitution cipher? Using frequency of english letters E = 12.7% T = 9.1% A = 8.1% . . . k = C R Y P T O C R Y P T O C R Y P T

m = W H A T A N I C E D A Y T O D A Y

c = Z Z Z J U C L U D T U N W G C Q S Early example: the Hebern machine (1 rotor) Most famous: the Enigma (3 - 5 rotors) 16'th

century 1870 -

1943 Computer

era Why cryptography has become so important in the last years? Internet shopping

Managing bank accounts

Social networks

... Nowadays we have many activities that require security: We can encrypt the information before sending it to the receptor in order to ensure that nobody else can understand it, even if it is intercepted during the transmission Cryptographic

methods / ciphers Stream ciphers A5, RC4 ... Public-key DES, TDES,

IDEA, AES Exponentiation Sum / Product RSA, ElGamal Elliptic Curve Block ciphers Symmetric-key Stream ciphers

Generates a pseudorandom sequence of bits using the cipher key as seed value

Reads the plaintext bit-by-bit

Applies XOR operation to each bit with the mentioned values Bit-stream generator Bit-stream generator Plaintext Ciphertext Plaintext Key Criptographic bit stream Criptographic bit stream Block ciphers Splits the plaintext into relatively large blocks (64b, 128b, 192b...)

Encrypts each block separately with the same key

The size of the block is not altered during the encryption process Plaintext Block 0 Block 1 Block n Size s input block (plaintext) input block

(ciphertext) Encryption Decryption enciphering key deciphering key output block

(ciphertext) output block

(recovered plaintext) Conclusions Cryptography for Network Security References: Objectives? Confidentiality: prevent the disclosure of information to unauthorized individuals or systems

Authenticity: validate that both parties involved are who they claim they are

Integrity: data cannot be modified undetectably

Non-repudiation: implies that every member of the contract/ communication cannot deny his/her participation We cannot always ensure these four issues using just one method Questions? sender receiver Encryption Decryption m c m Symmetric-key

cryptography c same key! Transmission Simplicity

Quickness Key distribution problem

Large networks = many keys Advantages Disadvantages Transmission distinct keys! sender receiver Encryption Decryption m c m c Keys are easy to share

Provides a method Slower than Sym-key

Key size is longer (512b, 1024b...) Advantages Disadvantages Data Encryption Standard - DES Advanced Encryption Standard- AES RSA algorithm ElGamal encryption for digital signtures The security of RSA relies on the problem of factoring large integers as a product of prime numbers (there is no efficient method to do this) It generates two very large and distinct prime numbers and then applies several complex mathematical operation to obtain the keys and to encrypt/decrypt In this case, ElGamal works by calculating discrete logarithms, because this problem is also computationally unfeasible Core idea - Feistel Network DES is based on a 16 round Feistel Network -16 different keys are generated from the original one (key expansion)

Each function f uses a different round key (16 keys, 16 functions) -DES works with 64-bit blocks and 64-bit key (8 of them for parity checks) -The decryption process is the same,

but it uses the keys in the

inverse order 1 block -Block size: 128 bits (original Rijndael 128 - 256 bits)

-Key size: 128, 192 or 256 bits

-Decryption: it is exactly the inverse of the encryption process -Digital Signature: Generate a digest of the message (hash function)

Encrypt this digest with the private-key and attach it to the message

Everyone can check our identity by decrypting using our public-key How can we trust that a certain private-key belongs to a certain person? -Digital certificate: There are entities, such as goverment, police, universities or some companies in that we can trust and they are committed to ensure the real identity of every person Symmetric-key and Public-key cryptography complement each other: we can use Public-key methods in order to distribute keys that will be used later by Symmetric-key algorithms in the encryption of the actual message to be transmitted. Thus, the security is increased without compromising the performance. 1. Dan Boneh, "Introduction to Cryptography", coursera.org

2. Cryptography, <<http://x5.net/faqs/crypto/q4.html>>

3. Criptografía y esquemas de clave pública, <<https://zonatic.usatudni.es2012 /ca/aprenentatge/desenvolupa-sobre-el-dnie/57-aspectos-tecnicos/196-criptografia-y-esquemas-de-clave-publica.html>>

4. Wikipedia, <<http://en.wikipedia.org/wiki/Cryptography>>

5. Francisco Dios, "Cryptography for Network Security", Network Software

Full transcriptcryptography Cryptography

applications What cryptography is? Cryptography could be defined as a part of cryptology which handles the algorithms or techniques that alter the linguistic representation of messages Cipher/Encryption Ciphertext Key Plaintext A message in its natural format readable by anyone Sequence that controls the operation and behaviour of the cryptographic algorithm The process that convert the plaintext into an unreadable text An unreadable text obtained by applying a cipher Decryption The process of decoding data that have been encrypted into a secret format What it is not? -Stenography (writing hidden messages)

-The solution to all security problems

-Something you should try to invent yourself k := c := E(k, "BZAC") = "WACN"

D(k, c) = "BZAC" A B C . . . Z

C W N . . . A How to break a substitution cipher? Using frequency of english letters E = 12.7% T = 9.1% A = 8.1% . . . k = C R Y P T O C R Y P T O C R Y P T

m = W H A T A N I C E D A Y T O D A Y

c = Z Z Z J U C L U D T U N W G C Q S Early example: the Hebern machine (1 rotor) Most famous: the Enigma (3 - 5 rotors) 16'th

century 1870 -

1943 Computer

era Why cryptography has become so important in the last years? Internet shopping

Managing bank accounts

Social networks

... Nowadays we have many activities that require security: We can encrypt the information before sending it to the receptor in order to ensure that nobody else can understand it, even if it is intercepted during the transmission Cryptographic

methods / ciphers Stream ciphers A5, RC4 ... Public-key DES, TDES,

IDEA, AES Exponentiation Sum / Product RSA, ElGamal Elliptic Curve Block ciphers Symmetric-key Stream ciphers

Generates a pseudorandom sequence of bits using the cipher key as seed value

Reads the plaintext bit-by-bit

Applies XOR operation to each bit with the mentioned values Bit-stream generator Bit-stream generator Plaintext Ciphertext Plaintext Key Criptographic bit stream Criptographic bit stream Block ciphers Splits the plaintext into relatively large blocks (64b, 128b, 192b...)

Encrypts each block separately with the same key

The size of the block is not altered during the encryption process Plaintext Block 0 Block 1 Block n Size s input block (plaintext) input block

(ciphertext) Encryption Decryption enciphering key deciphering key output block

(ciphertext) output block

(recovered plaintext) Conclusions Cryptography for Network Security References: Objectives? Confidentiality: prevent the disclosure of information to unauthorized individuals or systems

Authenticity: validate that both parties involved are who they claim they are

Integrity: data cannot be modified undetectably

Non-repudiation: implies that every member of the contract/ communication cannot deny his/her participation We cannot always ensure these four issues using just one method Questions? sender receiver Encryption Decryption m c m Symmetric-key

cryptography c same key! Transmission Simplicity

Quickness Key distribution problem

Large networks = many keys Advantages Disadvantages Transmission distinct keys! sender receiver Encryption Decryption m c m c Keys are easy to share

Provides a method Slower than Sym-key

Key size is longer (512b, 1024b...) Advantages Disadvantages Data Encryption Standard - DES Advanced Encryption Standard- AES RSA algorithm ElGamal encryption for digital signtures The security of RSA relies on the problem of factoring large integers as a product of prime numbers (there is no efficient method to do this) It generates two very large and distinct prime numbers and then applies several complex mathematical operation to obtain the keys and to encrypt/decrypt In this case, ElGamal works by calculating discrete logarithms, because this problem is also computationally unfeasible Core idea - Feistel Network DES is based on a 16 round Feistel Network -16 different keys are generated from the original one (key expansion)

Each function f uses a different round key (16 keys, 16 functions) -DES works with 64-bit blocks and 64-bit key (8 of them for parity checks) -The decryption process is the same,

but it uses the keys in the

inverse order 1 block -Block size: 128 bits (original Rijndael 128 - 256 bits)

-Key size: 128, 192 or 256 bits

-Decryption: it is exactly the inverse of the encryption process -Digital Signature: Generate a digest of the message (hash function)

Encrypt this digest with the private-key and attach it to the message

Everyone can check our identity by decrypting using our public-key How can we trust that a certain private-key belongs to a certain person? -Digital certificate: There are entities, such as goverment, police, universities or some companies in that we can trust and they are committed to ensure the real identity of every person Symmetric-key and Public-key cryptography complement each other: we can use Public-key methods in order to distribute keys that will be used later by Symmetric-key algorithms in the encryption of the actual message to be transmitted. Thus, the security is increased without compromising the performance. 1. Dan Boneh, "Introduction to Cryptography", coursera.org

2. Cryptography, <<http://x5.net/faqs/crypto/q4.html>>

3. Criptografía y esquemas de clave pública, <<https://zonatic.usatudni.es2012 /ca/aprenentatge/desenvolupa-sobre-el-dnie/57-aspectos-tecnicos/196-criptografia-y-esquemas-de-clave-publica.html>>

4. Wikipedia, <<http://en.wikipedia.org/wiki/Cryptography>>

5. Francisco Dios, "Cryptography for Network Security", Network Software