Cryptographic

Tools

Demetrios Glinos
University of Central Florida

CIS3360 - Security in Computing

 Readings

"Computer Security: Principles and Practice", (3rd Edition), by William Stallings and
Lawrie Brown

Chapter 2

D. Glinos CIS3360 Security in Computing 2

 Outline

Confidentiality with Symmetric Encryption

Message Authentication and Hash Functions

Public-Key Encryption

Digital Signatures and Key Management

Random and Pseudorandom Numbers

D. Glinos CIS3360 Security in Computing 3

 Encryption
Encryption: a means to allow two parties, customarily called Alice and Bob, to
establish confidential communication over an insecure channel that is subject to
eavesdropping.

Alice Bob

Eve
D. Glinos CIS3360 Security in Computing 4
 Symmetric Encryption
Symmetric encryption
Also called: single-key encryption
Historically, the only type of encryption until public-key methods introduced in
late 1970s
Still, universally used for providing confidentiality for transmitted or stored
data
Basic idea: the same key is used by sender and receiver

Components
plaintext
encryption algorithm
secret key
ciphertext
decryption algorithm

D. Glinos CIS3360 Security in Computing 5

 Symmetric Encryption Model

source: Fig. 2.1, p. 42

Requirements for secure use of symmetric encryption

1. Strong encryption algorithm, where "strong" means that even if an
opponent knows the algorithm and has the ciphertext, he/she cannot
decipher the ciphertext or figure out the key.
2. Sender and receiver have obtained copies of the same secret key in a
secure manner
D. Glinos CIS3360 Security in Computing 6
 Attacking Symmetric Encryption
Cryptanalysis
Attacker knows the algorithm
Attacker has some knowledge of the general characteristics of the plaintext, or
even some plaintest-ciphertext pairs
Exploits the characteristics of the algorithm to attempt to recover the plaintext
or deduce the key that was used
If key deduced, effect is catastrophic: all past and future messages encrypted
with that key are compromised

Brute-force attack
Attacker tries all possible keys on some ciphertext until an intelligible
translation into plaintext is obtained
On average, half of all possible keys must be tried to achieve success

D. Glinos CIS3360 Security in Computing 7

 Symmetric Block Ciphers
Block cipher
processes plaintext input in fixed-size blocks
a long plaintext message is processed as a series of plaintext blocks
for each plaintext block, produces a ciphertext block of the same size
most important algorithms: DES, Triple DES, and AES

D. Glinos CIS3360 Security in Computing source: Table 2.2, p. 44 8

 Modes of Operation

Typically, symmetric encryption is applied to messages/files of many blocks

Simplest approach
use the same key to encrypt each block
this is called the "electronic codebook (ECB)" mode of operation
weakness: cryptanalysis may be able to exploit regularities in the plaintext

More complex modes of operation mix results of earlier encryptions into later
encryptions or modify the key used in various ways to overcome this weakness
we will cover modes of operation in a later lecture

D. Glinos CIS3360 Security in Computing 9

 Symmetric Stream Ciphers
Stream cipher
processes the input elements continuously
produces output one element at a time
element is typically a byte, but can be just a bit or larger than a byte
uses a key stream generated pseudorandomly from an input key
advantage: generally runs faster than a block cipher
good for streaming data over a communications channel or browser/Web link
block ciphers (far more common) are better for file transfer, email, databases

D. Glinos CIS3360 Security in Computing source: Fig. 2.2(b), p. 46 10

 Message Authentication
Encryption assures confidentiality

Message/data authentication assures data integrity

contents have not been altered
from authentic source
timely and in correct sequence

Message/data authentication can be performed either with or without encryption

Message authentication code (MAC)

one authentication technique
uses a shared secret key and a MAC algorithm
MAC is appended to message before transmission
MAC is computed separately by recipient and compared with received MAC

FIPS PUB 113 recommends use DES to compute MAC

MAC is last 16 or 32 bits of DES-encrypted message
D. Glinos CIS3360 Security in Computing 11
 Message Authentication using a MAC

source: Fig. 2.3, p. 49

If received and computed MACs match, the recipient is assured

1. the message has not been altered
2. the message came from the alleged sender (since used the shared key K)
3. if the message includes a sequence number, then sequence assured since
attacker couldn't modify it without affecting the MAC calculation
D. Glinos CIS3360 Security in Computing 12
 Secure Hash Function
Another method for message
authentication
also called "one-way hash function"
Uses an algorithm that sender and
receiver both know (and maybe
attacker, too)
Result is a fixed-length "hash value"
or "hash code"
Hash code can be encrypted by
symmetric or public-key encryption
Also possible to append a shared
secret key to message and hash the
combination
no encryption is needed in this
source: Fig. 2.4, p. 51
case (since only sender and
recipient know the secret key)
D. Glinos CIS3360 Security in Computing 13
 Requirements for Hash Functions
For any hash function
can be applied to an entire message or file of any size
produces a fixed-length output
computationally easy to compute

For a secure hash function, all above, plus

must be one-way
infeasible to find x from H( x ), i.e., to find message given hash value
must be collision resistent
for a given message, infeasible to find another message that generates
the same hash value
also, infeasible to find 2 messages that generate the same hash value

Uses for secure hash functions

MACs, digital signatures, and integrity checking

D. Glinos CIS3360 Security in Computing 14

 Public-Key Encryption
Proposed publicly by Diffie and Hellman in 1976

Basic idea
use a different key for decryption than for encryption
the keys are related mathematically to make this possible

Each person has two keys: a private key that only he/she knows, and a public key
that is broadcast widely; other components are the same as for symmetric systems

To send a message, the sender encrypts the message using the recipient's public key

On receipt, the recipient uses his private key to decrypt the message.

Solves key distribution and digital signature issues, but algorithms run much slower
than symmetric algorithms.

Still need some form of protocol for distributing keys

Computationally expensive: as a result, symmetric encryption still the method

most used for data encryption
D. Glinos CIS3360 Security in Computing 15
 Public-Key Encryption Model

source: Fig. 2.6(a), p. 57

D. Glinos CIS3360 Security in Computing 16
 Applications of Public-Key Algorithms
Encryption, but computationally expensive, so not often done

Diffie-Hellman key exchange

uses public-key encryption to compute a shared secret key
the shared secred key is thereafter used for symmetric data encryption

Authentication
Sender encrypts using his private key
Recipients can decrypt using sender's public key, which they all know
Since only sender has the corresponding private key, authenticity is assured

Digital signature
use authentication scenario, but encrypt a hash value, not the message

Key management and distribution

used with certificate authorities (CAs) to assure recipients that alleged public
key is genuine

D. Glinos CIS3360 Security in Computing 17

 Digital Certificates
Digital certificates (DCs) address the question: How can Alice know that the public
key she is using for Bob is really his public key?

Issued by trusted entities called certificate authorities (CA)

A digital certificate vouches for an entity (e.g., Bob) and contains Bobs public key

The DC is digitally signed by the CA using its private key; Alice uses the CAs public
key to verify the CAs signature

Entities (e.g., Alice) wishing to communicate with Bob can now trust that they
have a valid public key for Bob, since they trust the CA.

This is not fool-proof. It is merely strong evidence of Bobs public key

D. Glinos CIS3360 Security in Computing 18

 Digital Envelopes
Another way to use
public-key encryption
to protect a symmetric
key

Does not need for

sender and recipient
to negotiate a shared
secret key

Uses a one-time
symmetric key

Key is encrypted using

recipient's public key
and sent to recipient

source: Fig. 2.8, p. 63

D. Glinos CIS3360 Security in Computing 19
 Random Numbers
Random numbers are used extensively in cryptographic applications, for
generation of keys for public-key algorithms
generation of stream keys for symmetric stream ciphers
generation of one-time symmetric keys for use in digital envelopes
session key generation by key distribution centers or parties to communication
also used in handshake protocols to prevent replay attacks

Requirements
Randomness
uniform distribution each value is equally likely
independence cannot infer any value from other values
Unpredictability
opponent should not be able to predict future element of sequence on
basis of earlier elements (similar to statistical independence, above)

D. Glinos CIS3360 Security in Computing 20

 Pseudorandom Numbers
Cryptographic applications (and programming languages) typically use algorithms
to generate "random" numbers
algorithms are deterministic
therefore, sequences produced are not truly random
such sequences are called "pseudorandom"

Pseudorandom number generators (PRNGs)

use algorithms that produce sequences that satisfy statistical randomness
tests (uniformity, independence)
neveretheless, can be predictable

True random number generators (TRNGs)

typically measure unpredictable natural processes
e.g., radiation events, gas discharge, leaky capacitors
increasingly provided on modern processors
e.g., Intel chip that samples thermal noise across undriven resistors
D. Glinos CIS3360 Security in Computing 21