Lecture 3b public key_encryption

Public-Key Cryptography &
Message Authentication

Authentication

• Requirements - must be able to verify that:
 Message came from apparent source or author Authentic
 Contents have not been altered message
 Sometimes, it was sent at a certain time or sequence

• Protection against active attack (falsification of data and
transactions)

2

ET2437 - Network Security
RAJA M KHURRAM SHAHZAD

Approaches to Message Authentication

• Authentication Using Conventional Encryption
 Only the sender and receiver should share a key

• Message Authentication without Message Encryption
 An authentication tag is generated and appended to each message

• Message Authentication Code - MAC
 The use of secret key to generate a small block of data, MAC
Or
 Calculate the MAC as a function of the message and the key.
 MAC = F(K, M)

3


Message Authentication Code

• Need not to be reversible
• A & B Share a common secret key KAB

• A send message to B
 A calculates message authentication code as a function of the message
and the key.
 MACM1 = F(KAB, M)
 The message + MAC are transmitted to B.
 B performs the same calculation on the recieved message, using same
KAB
 MACM2 = F(KAB, M)

 If MACM1 = F(KAB, M) = MACM2 = F(KAB, M)
– Message has not been altered
– From intended sender 4

– Addition of sequence number, give more surity

Message Authentication with MAC

5


One-way HASH function

• Alternative to MAC

• Input: A variable size message
• Output: Fixed size message digest H(M)

• No secret Key

• Message digest is sent with message in such a way that message
digest is authentic
 Using conventional encryption
 Using Public-Key encryption
 Using Secret Value

6

One-way HASH function

7


One-way HASH function cont.

• Secret value (known to sender and receiver both) is added before
calculating the hash and removed before transmission.

• Variation of this technique is HMAC
8


Secure HASH Functions

• Purpose of the one-way or secure HASH function is to produce a
”fingerprint” of a file, message or block of data

• Properties of a HASH function H :
§ H can be applied to a block of data at any size
§ H produces a fixed length output
§ H(x) is easy to compute for any given x.
§ For any given value h, it is computationally in-feasible to find x such
that H(x) = h  one-way property / pre-image resistant
§ For any given block x, it is computationally infeasible to find
y ≠ x with H(y) = H(x)  weak collision resistance
§ It is computationally infeasible to find any pair (x, y) such that
H(x) = H(y)  strong collision resistance
9


Block cipher VS Hash function

• Block cipher – symmetric encryption method:
 input: blocks of plain-text of a fixed length
 output: blocks of cipher-text of the same length

• Hash function – both symmetric and asymmetric encryption method
 input: binary string of arbitrary length
 output: string of some fixed length

10


Other Secure HASH functions

SHA-1 MD5 RIPEMD-160

Digest length 160 bits 128 bits 160 bits
Basic unit of 512 bits 512 bits 512 bits
processing

Number of steps 80 (4 rounds of 64 (4 rounds of 160 (5 paired
20) 16) rounds of 16)

Maximum message 264-1 bits
size

11


HMAC
• A keyed-hash message authentication code, or HMAC, is a type of
message authentication code (MAC) calculated using a cryptographic
hash function in combination with a secret key.

• The cryptographic strength of the HMAC depends upon the cryptographic
strength of the underlying hash function and on the size and quality of the
key.

• An iterative hash function breaks up a message into blocks of a fixed size
and iterates over them with a compression function.

• Motivations:
 Cryptographic hash functions executes faster in software than encryption
algorithms such as DES
 Library code for cryptographic hash functions is widely available
 No export restrictions from the US
12


HMAC

HMACK(m) = h((K ⊕ opad) ‖ h((K ⊕ ipad) ‖ m ))
• h is an iterated hash function,

• K is a secret key padded with extra zeros to the block size of the
hash function

• m is the message to be authenticated.

• ‖ denotes concatenation

• ⊕ denotes Exclusive Or (XOR)
• The two constants ipad and opad, each one block long, are defined
as ipad = 0x363636...3636 and opad = 0x5c5c5c...5c5c. That is, if
block size of the hash function is 512, ipad and opad are 64
repetitions of the (hexadecimal) bytes 0x36 and 0x5c respectively
13


HMAC Structure

Initialization Vector (IV):
a fixed-size input to a
cryptographic function. IV
is typically random or
pseudorandom

14

HMACK(m) = h((K ⊕ opad) ‖ h((K ⊕ ipad) ‖ m ))

Public Key / Asymmetric Encryption

• Based on mathematical functions.
• The use of two separate keys has consequences in:
 key distribution
 confidentiality
 authentication

• The scheme has six ingredients
 Plain-text Encryption algorithm
 Public Key Private Key
 Cipher text Decryption algorithm

15


Encryption with Public Key

16


Encryption with Private Key (Authentication)

17


Applications for Asymmetric Encryption

• Encryption/Decryption: The sender encrypts a message with the
recipient’s public key.

• Digital signature: The sender ”signs” a message with its private
key.

• Key exchange: Both sides (i.e. Sender & Reciever) co-operate to
exchange a session key

18


Requirements for Asymmetric Encryption

1. Computationally easy for a party B to generate a pair (PUblic key
PUb, PRivate key PRb)
2. Easy for sender to generate cipher-text: C = E(Pub, M)
3. Easy for the receiver to decrypt cipher-text using private key:
M = D(PRb, C) = D[PRb, E(PUb, M)]

5. Computationally in-feasible to determine Private Key (PRb) knowing
Public Key (PUb)

6. Computationally infeasible to recover message M, knowing PUb and
cipher-text C
7. Either of the two related keys can be used for encryption, with the
other used for decryption:
19
M = D[PUb, E(PRb,M) = D[PRb, E(PUb,M)]

Asymmetric Cryptographic Algorithms

• RSA - Ron Rivest, Adi Shamir and Len Adleman at MIT, in 1977.
 Published in 1978
 RSA is a block cipher in which plaintext and ciphertext are integers
between 0 and n-1 for some n.
 The most widely implemented

• Diffie-Hellman

 Enable two users to exchange a secret key securely that can be used
for subsequent encryption message
 Algorithm itself is limited to exchange of keys
 Compute discrete logarithms

20


The RSA Algorithm

Encryption
• Plain-text: M<n

• Cipher-text: C = Me (mod n)

Decryption
• Cipher-text: C

• Plain-text: M = Cd (mod n) = Med mod n

• Both sender and reciever must know the values of n and e
• Only reciever knows the value of d
• Public Key PU = {e,n} and Private Key PR= {d,n}
21


The RSA Algorithm - Key Generation

Select p,q p and q both prime p=17, q=11
Calculate n=pxq 17 x 11 = 187
Calculate 16 x 10 = 160
Select integer e e=7
Calculate d d = 23
Public Key PU = {e,n} 7,187
Private key PR = {d,n} 23,187

22

Example of the RSA Algorithm

23


Other Algorithms

• Digital Signature Standard (DSS)
 Makes use of the SHA-1
 Not for encryption or key exchange

• Elliptic-Curve Cryptography (ECC)
 Good for smaller bit size
 Low confidence level, compared with RSA
 Very complex
 Decryption algorithm

24


25


Lecture 3b public key_encryption

More Related Content

What's hot (20)

Viewers also liked (14)

Similar to Lecture 3b public key_encryption (20)

More from rajakhurram (13)

Recently uploaded (20)

Lecture 3b public key_encryption