Cryptography And Secure Systems
0 likes•512 views
The document discusses what it means for a system to be secure and how cryptography is used to build trust in systems. It defines security goals like confidentiality, integrity, authentication, and non-repudiation. It explains how cryptographic techniques like encryption, hashing, digital signatures, and certificates can provide these security properties. Finally, it stresses that the security of a system depends on the strength of the underlying cryptographic tools and protocols used.
Cryptography And Secure Systems
- 2. What does it mean a system to be secure?
- 3. It boils down to the trust you place on the system! Guru Trust on the system How secure is the system
- 4. You decide to safeguard your valuable assets like hardly used gold jewelries in a bank instead of keeping them in your house. Guru You are placing more trust on the bank’s ability to safeguard your valuable asset than your own house. You learn this fact by experience – you friends valuable assets kept at home got robbed. None of your friends have had any bad experience with the bank safeguarding their assets.
- 5. Secure systems are built to satisfy the following security goals. Guru Integrity Availability Confidentiality Authentication Non- repudiation
- 6. We will not discuss availability in this presentation as cryptography is not generally used to assure availability (i.e. the service is available whenever you need it)Guru Denial of Service (DoS) attacks disrupts the available it of a service.
- 7. Can I trust the system not to show my sensitive data to any unauthorized parties? Guru Can I trust the system not to modify my data by any unauthorized parties? Can I trust the system not to allow to impersonate me to the system? Can I trust the system to hold each individual accountable of their actions? Confidentiality Integrity Authentication Non-repudiation
- 8. Confidentiality Integrity Authentication Non-repudiation Cryptography Can’t read! Can’t modify! Can’t impersonate! Can’t deny doing!
- 9. Trust sounds intuitive, but how do I objectively measure trust?
- 10. What does it mean a system to be secure?
- 11. Guru The measure of trust (how secure your system) depends on who you are trying to protect against. We call it the attack model. An Attack model captures the capabilities, collisions and intentions of adversaries. An adversary is a bad user who want to break the security of your system.
- 12. Guru In order to demonstrate trust in the system under the given attack model We need to prove the security of the cryptographic protocols under that attack model. A cryptographic protocol secure under one attack model (e.g. attacker can see one message) may not be secure under more stronger attack model (e.g. attacker can see many messages).
- 13. Guru Usually, most of us will be using time tested and proven cryptographic primitives such as ciphers, message authentication codes, digital signatures. We will be constructing new protocols using these primitives. However, we need to make sure that our protocols are secure under the chosen attack model. A cryptographic protocol built using secure cryptographic primitives may not necessarily be secure if not built right.
- 14. Adversary Capabilities Intentions In cryptography, we assume that attackers have limited computational power. In other words, they are computationally bounded. There could be passive attackers or active attackers. Passive attackers simply listens to your messages whereas much more powerful active attacks modify your messages. Collisions Multiple adversaries may collude together to break a cryptographic protocol.
- 15. Let’s look at the security goals that are directly tied to cryptography mentioned earlier. Guru
- 16. Confidentiality Can’t read! Ciphertext (C)EncryptPlaintext (M) Plaintext(M)DecryptCiphertext(C) Use cipher. The message to be encrypted is called “plaintext” The encrypted message is called “ciphertext”
- 17. Ciphers Symmetric ciphers Asymmetric ciphers Also called “Symmetric Key Cryptosystems” Also called “Public Key Cryptosystems” Alice Bob Alice and Bob share the same key. Alice Bob Alice and Bob do not share the same key.Public key & Private key pair
- 18. Roughly speaking, a cipher is secure if it is hard to obtain plaintext from the ciphertext without knowing the key used.Guru In a cipher, only the key is secret; everything else (encryption algorithm, decryption algorithm) is public. Alice Bob Messages exchanged in a TLS protocol are encrypted using a symmetric cipher.
- 19. Integrity Can’t modify! Cryptographic Hashing Algorithm Document Key Secure Hash Alice Bob Messages exchanged in a TLS protocol are hashed using a keyed hash algorithm. Send the hash along with the document to the receiver. Receiver can compute the hash and compare to verify. Message Hash Use hashing.
- 20. Authentication Can’t impersonate! Use hashing, Public Key Ciphers (certificates). Three ways to authenticate Use what you have (e.g. key, badge, certificates) Use what you know (e.g. passwords, PINs) Use what you are (e.g. fingerprints, iris)
- 21. Password authentication (Server: am I talking to Alice?) Alice Server (www.example.com) Hash pwd Salt Password Certificate based authentication (Alice: Am I taking to example.com?) Alice Server (www.example.com) Example.com certificate Example.com certificate Check if the certificate is signed by a trusted root authority. Check if the new hash matches the stored one.
- 22. Transfer $1M to Bob Non-repudiation Can’t deny doing! Use Public Key Ciphers (digital signatures). Alice Public key Private key Transfer $1M to Bob Digitally signed using Alice’s private key Alice cannot later deny that she did not order bank to transfer as it has her digital signature on it (only she can produce that signature) Verify signature using Alice’s public key
- 23. The security of a system boils down to the trust. Cryptography is a tool that we can use to build trust in security services (confidentiality, integrity, authentication and non-repudiation) and in turn in systems build using these security services. If the foundation of your house (cryptographic tools used) is not strong, your house (software system) will collapse! Guru