Security

Security Needs

Computers and data are used by the authorized persons

Computers and their accessories, data, and information are available to the genuine users

Security policy is to ensure thatSecurity policy is to ensure that

Security Services

Authentication Access control Data confidentiality Data integrity Non-repudiation

Security Services

A user proves its identity to another party

A data sender proves that the data is actually sent by him/her

Authentication

Security Services

Guard against unauthorized use of resources

Access control

Security Services

Data and its meanings are only available to those who are the genuine receivers

For other parties, the data would appear to be “rubbish”

Data confidentially

Security Services

Guards against active attack – modification, insertion, deletion, replay

If a piece of data is changed, such a change can be detected

Data integrity

Security Services

When a party sends a piece of information, it can be proved that the sender is actually that party

The sender cannot subsequently deny the act of having sent a piece of information

Non-repudiation

Security Mechanisms

Encipherment Digital signature Access control

To provide security services, some specific security mechanisms may be implemented:

DES

The Data Encryption Standard (DES) is a private key encryption system developed by the U.S. government in the 1970s

It was based on a previous IBM encryption system called “Lucifer”

It was adopted as a U.S. federal standard in 1976, and then as an international standard

DES Overview

Plaintext size : 64 bits Key size : 64 bits input, only 56 bits are

used Ciphertext size : 64 bits

64 bit ciphertextEncryption64 bit message

56 bit key

Strength of DES

DES has been cryptanalyzed for many years by many people, no serious flaws have been revealed up to now

The 56-bit key size : there are 256=7.2x1016 different possible keys

May not be sufficient to resist brute-force key search attack

Strength of DES

If it takes 1 sec to test 1 key then 228 million years are needed to test all keys

If it takes 1 μsec to test 1 key then 2,280 years to test all keys

If there are 1 million machines working in parallel then the key can be found in a day!

Triple DES

Triple DES employs the Encrypt-Decrypt-Encrypt (EDE) mode of operation with two different keys – equivalent to a key of 112 bits

k2

DESDecrypt

DESEncrypt

k1

plaintext DESEncrypt

k1

ciphertext

Triple DES

The decryption process is:

k2

DESEncrypt

DESDecrypt

k1

ciphertext DESDecrypt

k1

plaintext

Triple DES

Triple DES can use the existing DES block

When K2=K1, the triple DES system “falls back” to the single DES system

It is “backward compatible” with single key DES

AES

AES stands for “Advanced Encryption System”

NIST (National Institute of Standards and Technology) of USA announced AES in 1997, and then called for algorithms from the public on 12 Sept 1997

AES

Researchers from 12 different countries submitted 15 algorithms for the AES

As at Aug 1999, 5 algorithms have been chosen by NIST for further consideration

On 3-Oct-2000, the proposal by Rijdael [pro. Rhine doll] – Joan Daemen and Vincent Rijmen of Belgium was selected

Public Key Encryption

Public Key Encryption

Each user will have a pair of keys K1 & K2

Use keys K1 to encrypt and K2 to decrypt

Keep K1 private and top secret Gives out K2 to anybody who needs it K1 is called the private key K2 is called the public key

Two Keys

In a public key encryption system, the encryption key and the decryption key are different

Plaintext Encryption

Key K1

Decryption

Key K2

Proof of Identity

Alice sends a message to Bob Bob can prove that the message could

only have been created by Alice

EnglishMessage

Encryption

Alice’sPrivateKey K1

Decryption

Alice’sPublicKey K2Alice

EnglishMessage

Bob

Confidentiality + Identity

Alice sends an encrypted message to Bob so that only Bob can decrypt the message and Bob can later prove that the creator was Alice

EnglishMessage

Encryption

Alice’sPrivate Key

Encryption

Bob’sPublic Key Alice

EncryptedMessage

RSA Algorithm

The most widely used public key algorithm Proposed by Rivest, Shamir, and Adleman Security is based on the difficulty in factorizing a

large integer that is the product of two large prime numbers

E.g. 437 = ? x ? 437 = 19 x 23 Reference web page:

http://www.rsa.comhttp://www.orst.edu/dept/honors/makmur/

Hash Function

A Hash Functionis a one-way function y=H(x), designed to produced a fixed length “message digest” or a “fingerprint” of a variable-length message

Input = x(variableLength) Hash Function

Output = y(fixed length)

MD5

MD5 – Message Digest 5 Designed by Prof. R. Rivest of MIT Internet standard – RFC1321 Thought to be a strong hash function The message digest is 128 bits Message is processed in 512-bit blocks

Secure Hash Algorithm (SHA)

SHA was FIPS PUB 180-1, designed by the U.S. National Security Agency (NSA)

To be used in the Digital Signature Algorithm (DSA) – part of the Digital Signature Standard (DSS)

Input data length is less than 264 bits Message digest is 160 bits

Digital Signature

A digital signature has functions similar to those of conventional signature

Support authentic messages: Signer of document can be confirmed Contents of a signed document can be

verified

Digital Signature Generation

A widely adopted scheme is based on hash function and public key encryption

…..………..…..

Hash Encrypt

Alice’s Private key

…..………..…..

DS

Alice

Digital Signature Verification

Hash

Decrypt

Alice’s Public key

…..………..…..

DS

Bob

Compare

Equal => authentic messageNot equal => non-authentic

Public Key Infrastructure

How to give your public key to your friend?

How can you be sure that the public key you obtain is indeed your friend’s public key?

For a small number of mutually trusted users, a “web of trust” system is O.K.

Web of Trust

Bob

Alice

DavidEve

Public key

Public key

Public key

Public key

Certification Authority

For a large population of users, a central trusted party can act as a Certification Authority (CA)

Users may deposit their public keys in a CA who they trust

The CA may pass out the public keys to any user who need them in certificates

A CA Supporting Many Users

CA

a b c

d

Certificate

A certificate for a user (also called a subscriber) contains the user’s particulars and the user’s public key

The certificate is an electronic document signed by the CA who issue it

Certificate

CA

Alice’s certificate

Cert. I.D.:123716Name:AlicePublic key:001010…Valid date:xx to yy…………Sign:________ Signed by CA

Other certificatesto other users

Revocation

A user may revoke the validity of his/her certificate before the actual expiry date

Revocation information about a CA’s subscribers are published in a Certificate Revocation List (CRL)


When there are many CA’s and many subscribers, a hierarchy can be formed linking all the CA’s and the subscribers

This form a public key infrastructure The subscribers can communicate

securely by using digital signature techniques


CA 1

user 1 user 2 user 3 user 4 user 5 user 6

CA 2CA 3

CA 4

Security

Documents

Transcript of Security