Confidentiality with Secretkey Ciphers - PowerPoint PPT Presentation

1 / 32
About This Presentation
Title:

Confidentiality with Secretkey Ciphers

Description:

A key is selected by A and sent to B physically. A third party selects a key and sends it to A and B physically. ... Random number generators (cont. ... – PowerPoint PPT presentation

Number of Views:17
Avg rating:3.0/5.0
Slides: 33
Provided by: csieNc
Category:

less

Transcript and Presenter's Notes

Title: Confidentiality with Secretkey Ciphers


1
Confidentialitywith Secret-key Ciphers
  • ???
  • ?????
  • ????

2
Potential locations for confidentiality attacks
3
Where to put encryption algorithms
  • Link-to-link encryption
  • End-to-end encryption

4
Link-to-link encryption
  • Host A?(encryption)-(transmitted)-(decryption)
    ?Router1?(encryption)-(transmitted)- ???
    (decryption) ?Rounter2?????Router
    n?(encryption)-(transmitted)-(decryption)?Host B

5
(No Transcript)
6
Link-to-link encryption (cont.)
  • Advantages
  • Encryption is transparent to the application
    programs. Therefore, we need not modify existent
    application programs.
  • Disadvantages
  • Messages are plaintext in the routers
  • It needs one encryption and decryption for each
    link and therefore it consumes much time.

7
End-to-end encryption
  • Host A?(encryption)---(transmitted)---?Router1?R
    ounter2?????Router n?---(transmitted)---(decrypti
    on)?Host B

8
End-to-end encryption (cont.)
  • Advantages
  • Messages are ciphertext during transmission.
  • It needs only one encryption and one decryption.
  • Disadvantages
  • We need modify the existing application programs
    to assure confidentiality during transmission.

9
Where to put encryption in theOSI network layers
  • OSI has 7 network layers
  • The encryption function can be put in any layer.
  • Lower layers transparent to application programs
  • Higher layers end-to-end encryption

10
(No Transcript)
11
What data are encrypted
  • The dark parts are encrypted.

12
(No Transcript)
13
Key distribution
  • To establish a (session) key between two parties
    Alice and Bob.
  • Methods
  • A key is selected by A and sent to B physically.
  • A third party selects a key and sends it to A and
    B physically.
  • If A and B has previously and recently used a
    key, one party can select a new key, encrypt it
    with the old key, and send it to another party.
  • If A and B each has an encrypted connection to a
    third party C, C can deliver a key on the
    encrypted links to A and B.

14
Key distribution (cont.)
  • Without a third party, N users need establish
    N(N-1)/2 secret keys in advance, one for each
    pair of users.

15
Key distribution (cont.)
16
A key distribution scenario
  • It is desirable to have a third party (key
    distribution center, KDC) since only N secret
    keys have to be established for N users in
    advance.
  • Each user establishes a secret key with the KDC.
  • When two users want to communicate, they
    establish a (session) key with the help from the
    KDC.
  • Since each user has encrypted communication with
    the KDC, this approach is feasible.

17
A key distribution scenario (cont.)
  • Key Distribution Center
  • Let Kx be the secret key between KDC and user X.
  • Since it is not easy to set up a secret key
    between a user and KDC, the secret key should not
    be used frequently. Therefore, when two users
    want to communicate, they set up a session key
    for the current communication session.
  • A key distribution scheme

18
(No Transcript)
19
(No Transcript)
20
Decentralized key distribution
21
Controlling Key Usage
22
Random number generators
  • Usage
  • Generating secret and session keys.
  • Generating public keys, such as, RSA.
  • Generating nonces used in authentication schemes

23
Random number generators (cont.)
  • A sequence of random numbers is thought as
    random if it has the properties
  • Uniform distribution every number should appear
    with the same frequency.
  • Independence no one value in the sequence can be
    inferred from other numbers.
  • Statistical tests
  • We say a sequence of numbers is random if it
    passes some well-known statistical tests, such
    as, the uniform test, chi-square test, etc.

24
Random number generators (cont.)
  • Unpredictability
  • given a prefix of the sequence, one cannot
    predict what the next value is.
  • True random sources are hard to come by.
    Therefore, we use deterministic programs to
    generate pseudorandom numbers which has good
    statistical properties.

25
Pseudorandom generators
  • Pseudorandom numbers are not random. It is only
    semi-random.
  • It expands a short random number (seed) to a long
    pseudorandom number

26
Pseudorandom generators (cont.)
  • Linear congruential generator
  • Parameters
  • m mgt0, the modulus
  • a 0?altm, the multiplier
  • c 0 ?cltm, the increment
  • X0, 0 ?X0ltm , the start value, or seed
  • Xn1(aXnc) mod m, for n?0.
  • For example
  • a3, m7, c2, X01,then X15, X23, X34, X40,
    X52, X61,
  • If gcd(a, m)1, then the period T is the maximum
    m-1.

27
Pseudorandom generators (cont.)
  • Cyclic encryption
  • () C?C1
  • XiEK(C)
  • Goto ()

28
Pseudorandom generators (cont.)
  • ANSI X9.17 pseudorandom number generator
  • Parameters
  • DTi date/time value at the beginning of the ith
    generation stage.
  • Vi seed value at the beginning of the ith
    generation stage.
  • Ri Pseudorandom number produced by the ith
    generation stage.
  • K1, K2 DES keys used for each stage.

29
(No Transcript)
30
Pseudorandom generators (cont.)
  • Blum, Blum, Shub (BBS) generator
  • Parameters
  • npq, where p?q?3 (mod 4),
  • p and q are prime and of the same length.
  • S is the seed, 1?s?n-1
  • Algorithm
  • X0s2 mod n,
  • XiXi-12 mod n, for i ? 1
  • Let Bi be the last bit of Xi
  • Output B1B2B3
  • Remark
  • In practice, n is of length ? 512 bits

31
BBS generator (cont.)
  • Example
  • n 192649 383503
  • seed 101355

32
Cryptographically secure pseudorandom bit
generator (CSPB)
  • CSPB use the concept of polynomial
    indistinguishability between true random bits
    and pseudorandom bits.
  • BBS generator is considered as a CSPB generator.
  • BBS generator is secure if and only if factoring
    is hard.
Write a Comment
User Comments (0)
About PowerShow.com