Network Security Section 3: Public Key, Digital Signature.
-
Upload
asher-jefferson -
Category
Documents
-
view
229 -
download
0
Transcript of Network Security Section 3: Public Key, Digital Signature.
Network Security
Section 3: Public Key,
Digital Signature
New Algorithm Requirements
• Definitions:– E = Encryption Key– D = Decryption Key
• New Requirements:1. D(E(P)) = P
2. E #> D
3. E not crack-able by “known texts” attack.
Example
AliceEa, Da
BobEb,Db
Eb
Ea
ABCDEFGHI
ABCDEFGHI
P Eb(P) ******************
******************
Send to Bob
******************
******************
Eb(P)D(Eb(P))ABCDEFGHI
ABCDEFGHI
Bob reads P
Rivest
ShmirAdelman
RSA
RSA
• One of the public key algorithms• RSA Algorithm:
1. Chose two number p & q (1024bit)2. n=p×q and z=(p-1)×(q-1)3. Choose a number d that is relatively prime to z4. e: e×d mod z = 15. Divde P to blocks, 0 <= block length < n6. C = Pe mod n7. Exit.
• OK. Where is the security location?
RSA Example
• p = 3, q = 11
• n = 33, z = 20, d = 7, e = 3OK!
Lets finish cryptography algorithmsHOOORAY!
No more cryptography
algorithms PLEASE!
Digital Signatures
• Why do we use signatures?
Authorization and Validity
• What is the problem of signature in digital world?
1. Authorize sender
2. Message must be undeniable from sender’s prospective.
3. Receiver can not produce fake messages.
Symmetric-Key Signatures
• Store signature on valid institute (BB: Big Brother).
• What is the problem of this method?
Do you trust
Big Brother?
Public-Key SignaturesE(D(P)) = PD(E(P)) = P
Can Alice evade message P?
Yes! How?
No! Why?
1. Be lost Da!!2. Changing Da!!
Message Digests
• Digital Signature do both authorization and confidentiality of message
• Message Digests only authorize messages.
• MD features:– Easy Calculation of MD(P)– MD(P) #> P– MD(P) # MD(Q)– MD(P) # MD(P+1)
MD5• MD5: 5th Message Digest. 128bit buffer• md5(apple) = 1f3870be274f6c49b3e31a0c6728957f
SHA-1
• Secure Hash Algorithm
• Developed by NSA
• 160bit buffer
The Birthday attack
• Problem: If it is easy to find two random messages that map to the same signature then a birthday attack is easy
• Example: the probability of 2 people having the same birthday in a group of 23 people is more than 0.5