Confidentiality with Secretkey Ciphers

1
Confidentialitywith Secret-key Ciphers

• ???
• ?????
• ????

2
Potential locations for confidentiality attacks
3
Where to put encryption algorithms

• Link-to-link encryption
• End-to-end encryption

4
Link-to-link encryption

• Host A?(encryption)-(transmitted)-(decryption)
  ?Router1?(encryption)-(transmitted)- ???
  (decryption) ?Rounter2?????Router
  n?(encryption)-(transmitted)-(decryption)?Host B

5
(No Transcript)
6
Link-to-link encryption (cont.)

• Advantages
• Encryption is transparent to the application
  programs. Therefore, we need not modify existent
  application programs.
• Disadvantages
• Messages are plaintext in the routers
• It needs one encryption and decryption for each
  link and therefore it consumes much time.

7
End-to-end encryption

• Host A?(encryption)---(transmitted)---?Router1?R
  ounter2?????Router n?---(transmitted)---(decrypti
  on)?Host B

8
End-to-end encryption (cont.)

• Advantages
• Messages are ciphertext during transmission.
• It needs only one encryption and one decryption.
• Disadvantages
• We need modify the existing application programs
  to assure confidentiality during transmission.

9
Where to put encryption in theOSI network layers

• OSI has 7 network layers
• The encryption function can be put in any layer.
• Lower layers transparent to application programs
• Higher layers end-to-end encryption

10
(No Transcript)
11
What data are encrypted

• The dark parts are encrypted.

12
(No Transcript)
13
Key distribution

• To establish a (session) key between two parties
  Alice and Bob.
• Methods
• A key is selected by A and sent to B physically.
• A third party selects a key and sends it to A and
  B physically.
• If A and B has previously and recently used a
  key, one party can select a new key, encrypt it
  with the old key, and send it to another party.
• If A and B each has an encrypted connection to a
  third party C, C can deliver a key on the
  encrypted links to A and B.

14
Key distribution (cont.)

• Without a third party, N users need establish
  N(N-1)/2 secret keys in advance, one for each
  pair of users.

15
Key distribution (cont.)
16
A key distribution scenario

• It is desirable to have a third party (key
  distribution center, KDC) since only N secret
  keys have to be established for N users in
  advance.
• Each user establishes a secret key with the KDC.
• When two users want to communicate, they
  establish a (session) key with the help from the
  KDC.
• Since each user has encrypted communication with
  the KDC, this approach is feasible.

17
A key distribution scenario (cont.)

• Key Distribution Center
• Let Kx be the secret key between KDC and user X.
• Since it is not easy to set up a secret key
  between a user and KDC, the secret key should not
  be used frequently. Therefore, when two users
  want to communicate, they set up a session key
  for the current communication session.
• A key distribution scheme

18
(No Transcript)
19
(No Transcript)
20
Decentralized key distribution
21
Controlling Key Usage
22
Random number generators

• Usage
• Generating secret and session keys.
• Generating public keys, such as, RSA.
• Generating nonces used in authentication schemes

23
Random number generators (cont.)

• A sequence of random numbers is thought as
  random if it has the properties
• Uniform distribution every number should appear
  with the same frequency.
• Independence no one value in the sequence can be
  inferred from other numbers.
• Statistical tests
• We say a sequence of numbers is random if it
  passes some well-known statistical tests, such
  as, the uniform test, chi-square test, etc.

24
Random number generators (cont.)

• Unpredictability
• given a prefix of the sequence, one cannot
  predict what the next value is.
• True random sources are hard to come by.
  Therefore, we use deterministic programs to
  generate pseudorandom numbers which has good
  statistical properties.

25
Pseudorandom generators

• Pseudorandom numbers are not random. It is only
  semi-random.
• It expands a short random number (seed) to a long
  pseudorandom number

26
Pseudorandom generators (cont.)

• Linear congruential generator
• Parameters
• m mgt0, the modulus
• a 0?altm, the multiplier
• c 0 ?cltm, the increment
• X0, 0 ?X0ltm , the start value, or seed
• Xn1(aXnc) mod m, for n?0.
• For example
• a3, m7, c2, X01,then X15, X23, X34, X40,
  X52, X61,
• If gcd(a, m)1, then the period T is the maximum
  m-1.

27
Pseudorandom generators (cont.)

• Cyclic encryption
• () C?C1
• XiEK(C)
• Goto ()

28
Pseudorandom generators (cont.)

• ANSI X9.17 pseudorandom number generator
• Parameters
• DTi date/time value at the beginning of the ith
  generation stage.
• Vi seed value at the beginning of the ith
  generation stage.
• Ri Pseudorandom number produced by the ith
  generation stage.
• K1, K2 DES keys used for each stage.

29
(No Transcript)
30
Pseudorandom generators (cont.)

• Blum, Blum, Shub (BBS) generator
• Parameters
• npq, where p?q?3 (mod 4),
• p and q are prime and of the same length.
• S is the seed, 1?s?n-1
• Algorithm
• X0s2 mod n,
• XiXi-12 mod n, for i ? 1
• Let Bi be the last bit of Xi
• Output B1B2B3
• Remark
• In practice, n is of length ? 512 bits

31
BBS generator (cont.)

• Example
• n 192649 383503
• seed 101355

32
Cryptographically secure pseudorandom bit
generator (CSPB)

• CSPB use the concept of polynomial
  indistinguishability between true random bits
  and pseudorandom bits.
• BBS generator is considered as a CSPB generator.
• BBS generator is secure if and only if factoring
  is hard.