by Xiang-Yang Li
Notice
This lecture note (Cryptography and Network Security) is prepared by Xiang-Yang Li. This lecture note has benefited from numerous textbooks and online materials. Especially the Cryptography and Network Security 2nd edition by William Stallings and the Cryptography: Theory and Practice by Douglas Stinson. You may not modify, publish, or sell, reproduce, create derivative works from, distribute, perform, display, or in any way exploit any of the content, in whole or in part, except as otherwise expressly permitted by the author. The author has used his best efforts in preparing this lecture note. The author makes no warranty of any kind, expressed or implied, with regard to the programs, protocols contained in this lecture note. The author shall not be liable in any event for incidental or consequential damages in connection with, or arising out of, the furnishing, performance, or use of these.
ABOUT INSTRUCTOR
About Instructor
Associate Professor IIT PhD/MS from UIUC 1997-2000 BS, BE Tsinghua University 1990-1995
Research Interests: Algorithm design and analysis Wireless networks Game theory Computational geometry Contact Information Phone 312-567-5207 Email: xli@cs.iit.edu Room 229C, SB
Cryptography and Network Security 4
Office hours
Prof. XiangYang Li
http://www.cs.iit.edu/~xli http://www.cs.iit.edu/~winet/ xli@cs.iit.edu Stuart Building 229C
Topics studied:
Hardware/system design and manufacturing Supported by NSF, NSF China, RGC HongKong
Representative Projects
Environment monitoring
Ocean
OceanSense (2007-)
GreenObs (2008-)
Applications
CWS
Ammonia sensor
Collaborators
Demo
Sensor nodes
Other Projects
BlueSense BlueSky WiFace
Theoretical Studies
Algorithm Design and Analysis of Practical
Questions
Wireless ad hoc networks Wireless sensor networks RFID Cognitive networks Online optimization (little regret) Computational geometry Game theory and its applications Information theory (such asymptotical behavior of large scale networks)
Where do we publish?
Journals
Conferences
ACM MobiCom, ACM Mobihoc, ACM STOC, ACM SODA, ACM EC IEEE INFOCOM, ICNP, ICDCS, and so on
Faculty at North Carolina Charlotte, Washington State University, Minnesota State University, BUPT Researcher at Google, Game designer Stock trader
31
Cryptography: Theory and Practice by Douglas R. Stinson CRC press Cryptography and Network Security: Principles and Practice; By William Stallings Prentice Hall
Handbook
of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, CRC Press
I have electronic version!
Cryptography and Network Security 32
Homework 20% Final Exam 30% (closed book on final exam week, 2012) Group Programming Projects 20% (select your own topic, ),
Programming project: include a final presentation and demo
India session
Homework 20%, final exam 40%, individual programming projects 25%, individual term paper 15%,
Policy
Do it yourself Can use library, Internet and so on, but you have to cite the sources when you use this information
Cryptography and Network Security 33
Homeworks
Do it independently
and programming)
For presentation by main campus students: You SHOULD collaborate with your group member and you SHOULD make enough contributions to get credit Others : do it yourself
Topics
Introduction Number Theory Traditional Methods: secret key system
35
Organization
Chapters
Introduction Number Theory Conventional Encryption Block Ciphers Public Key System Key Management Hash Function and Digital Signature Identification Secret Sharing Pseudo-random number Generation Email Security Others
Cryptography and Network Security 36
Introduction
Xiang-Yang Li
37
Introduction
The art of war teaches us not on the likelihood of the enemys not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. --The art of War, Sun Tzu
Cryptography and Network Security 38
Information Security
From wikipedia
Cryptography and Network Security 39
C.I.A
Confidentiality, Integrity and Availability Information Systems are decomposed in
with the purpose to identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers:
Physical, personal and organizational
40
Various Securities
Data security
Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled.
Computer Security
The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. Malware: malicious software
includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware,
Network Security
protect the network and the network-accessible resources from unauthorized access, consistent and continuous monitoring and measurement of its effectiveness Cryptography and Network Security
41
Network Security
network security and information security are
Network security starts from authenticating any user, most likely a username and a password An intrusion prevention system (IPS)[2] helps detect and prevent such malware. IPS also monitors for suspicious network traffic for contents, volume and anomalies to protect the network from attacks such as denial of service
Cryptography and Network Security 42
Practical Efficiency Space, time and so on Explicitness About its environment assumptions, security service offered, special cases in math assumptions, Protection tuned to application needs No less, no more Security protocols cannot do all: man does what man can do, machine does what machine can do Openness
Cryptography and Network Security 43
Most important
Security first Efficiency, resource utilization, and
security tradeoffs
This is especially the case for resource constrained networks such as wireless sensor networks
Limited power supply (thus limited communication, and computation), limited storage space
44
Cryptography
Cryptography (from Greek
means of converting information from its normal, comprehensible form into an incomprehensible format, rendering it unreadable without secret knowledge the art of encryption. Past: Cryptography helped ensure secrecy in important communications, such as those of spies, military leaders, and diplomats. In recent decades, cryptography has expanded its remit in two ways
mechanisms for more than just keeping secrets: schemes like digital signatures and digital cash, for example. in widespread use by many civilians, and users are not aware of it.
Cryptography and Network Security 45
called cryptanalysis, or codebreaking. Cryptography and cryptanalysis are sometimes grouped together under the umbrella term cryptology, encompassing the entire subject. In practice, "cryptography" is also often used to refer to the field as a whole; crypto is an informal abbreviation. Cryptography is an interdisciplinary subject,
linguistics Mathematics: number theory, information theory, computational complexity, statistics and combinatorics engineering
46
http://en.wikipedia.org/wiki/Traffic_analysis
47
Steganography
Some techniques
Concealing messages within the lowest bits of noisy images or sound files. Invisible ink Concealing data within encrypted data
48
Stenography Example
Last 2 bits
49
atrix.htm
50
(sender)
(receiver)
Security transformation
Security transformation
attacker
Cryptography and Network Security 51
52
Attacks
Passive attacks
Interception
Release of message contents Traffic analysis
Active attacks
53
Information Transferring
54
Attack: Interruption
55
Attack: Interception
Wiring, eavesdrop
Cryptography and Network Security 56
Attack: Modification
intercept
Replaced info
57
Attack: Fabrication
Ali: this is
59
only an authorized recipient should be able to extract the contents of the message from its encrypted form. Otherwise, it should not be possible to obtain any significant information about the message contents. the recipient should be able to determine if the message has been altered during transmission. the recipient should be able to identify the sender, and verify that the purported sender actually did send the message. the sender should not be able to deny sending the message.
Cryptography and Network Security 60
Integrity:
Authentication:
Non-repudiation:
Secure Communication
protecting data locally only solves a minor part of
the problem.
Web Service security requirements is to secure data transport between the different components.
Web Services protocol stack can help secure data transport (see figure next page).
61
Secure Communication
62
Secure Communication
The combined protocol HTTP/TLS or SSL is often
referred to as HTTPS (see figure). SSL was originally developed by Netscape for secure communication on the Internet, and was built into their browsers. SSL version 3 was then adopted by IETF and standardized as the Transport Layer Security (TLS) protocol. Use of Public Key Infrastructure (PKI) for session key exchange during the handshake phase of TLS has been quite successful in enabling Web commerce in recent years. TLS also has some known vulnerabilities: it is susceptible to man-in-the-middle attacks and denial-of-service attacks.
Cryptography and Network Security 63
SOAP security
SOAP (Simple Object Access Protocol) is designed to pass
through firewalls as HTTP. This is disquieting from a security point of view. Today, the only way we can recognize a SOAP message is by parsing XML at the firewall. The SOAP protocol makes no distinction between reads and writes on a method level, making it impossible to filter away potentially dangerous writes. This means that a method either needs to be fully trusted or not trusted at all. The SOAP specification does not address security issues directly, but allows for them to be implemented as extensions.
As an example, the extension SOAP-DSIG defines the syntax and processing rules for digitally signing SOAP messages and validating signatures. Digital signatures in SOAP messages provide integrity and non-repudiation mechanisms.
64
PKI
PKI key management provides a sophisticated framework for
securely exchanging and managing keys. The two main technological features, which a PKI can provide to Web Services, are:
Encryption of messages: by using the public key of the recipient Digital signatures: non-repudiation mechanisms provided by PKI and defined in SOAP standards may provide Web Services applications with legal protection mechanisms
basic needs as those that are recognized by the standardization organizations as being important in a Web Services context. In Web Services, PKI mainly intervenes at two levels:
At the SOAP level (non-repudiation, integrity) At the HTTPS level (TLS session negotiation, eventually assuring authentication, integrity and privacy)
Cryptography and Network Security 65
66
Cryptography
Cryptography is the study of
Conceal the context of some message from all except the sender and recipient (privacy or secrecy), and/or Verify the correctness of a message to the recipient (authentication) Form the basis of many technological solutions to computer and communications security problems
67
Basic Concepts
Cryptography
encompassing the principles and methods of transforming an intelligible message into one that is unintelligible, and then retransforming that message back to its original form The original intelligible message The transformed message Is treated as a non-negative integer hereafter
Cryptography and Network Security 68
Plaintext
Ciphertext
Message
Basic Concepts
Cipher An algorithm for transforming an intelligible message into unintelligible by transposition and/or substitution, or some other techniques Keys Some critical information used by the cipher, known only to the sender and/or receiver Encipher (encode) The process of converting plaintext to ciphertext Decipher (decode) The process of converting ciphertext back into plaintext
Cryptography and Network Security 69
Basic Concepts
cipher
an
algorithm for encryption and decryption. The exact operation of ciphers is normally controlled by a key some secret piece of information that customizes how the ciphertext is produced
Protocols
specify the details of how ciphers (and other cryptographic primitives) are to be used to achieve specific tasks. A suite of protocols, ciphers, key management, userprescribed actions implemented together as a system constitute a cryptosystem; this is what an end-user interacts with, e.g. PGP
Encipher C = E(K1)(P)
K1, K2: from keyspace These two keys could be different; could be difficult to get one from the other
Cryptography and Network Security 71
What is Security?
Two fundamentally different securities Unconditional security
No matter how much computational power is available, the cipher cannot be broken Using Shannons information theory The entropy of the message I(M) is same as the entropy of the message I(M|C) when known the ciphertext (and possible more) Given limited computing resources (e.g time needed for calculations is greater than age of universe), the cipher cannot be broken What do we mean broken? Proved by some complexity equivalence approach
Computational security
72
Visual Cryptography
By:
Visual Cryptography
Visual Cryptography is a secret-sharing method that
encrypts a secret image into several shares but requires neither computer nor calculations to decrypt the secret image. Instead, the secret image is reconstructed visually: simply by overlaying the encrypted shares the secret image becomes clearly visible
A Visual Cryptography Scheme (VCS) on a set of n
participants is a method of encoding a 'secret' image into n shares such that original image is obtained only by stacking specific combinations of the shares onto each other.
dependency Decryption algorithm not required (Use a human Visual System). So a person unknown to cryptography can decrypt the message. We can send cipher text through FAX or E-MAIL Infinite Computation Power cant predict the message.
Introduction:
Cryptography:
Encryption Decryption
Cipher Text
Visual Cryptography:
Plaintext (in form of image)
Encryption (creating shares) Channel (Fax, Email) Decryption (Human Visual System)
Example:
Secret Image
share secret
Share2
Encoding of Pixels:
Original Pixel
Share1 Share2 overlaid
Original Pixel
s0=
overlaid Image
(2,2) Model
1. Construct two 2x2 basis matrices as:
s0=
1 0
0 1
s1= 1 1
0 0
2.Using the permutated basis matrices, each pixel from the secret image will be encoded into two sub pixels on each participant's share. A black pixel on the secret image will be encoded on the ith participant's share as the ith row of matrix S1, where a 1 represents a black sub pixel and a 0 represents a white sub pixel. Similarly, a white pixel on the secret image will be encoded on the ith participant's share as the ith row of matrix S0.
Cont..
3. Before encoding each pixel from the secret image onto each share, randomly permute the columns of the basis matrices S0 and S1 3.1 This VCS (Visual Cryptography Scheme) divides each pixel in the secret image into m=2 sub pixels. 3.2 It has a contrast of (m)m=1 and a relative contrast of (m)=1/2.