Information system security wk4-cryptography-2

IT346 Information System Security
Week 4: Cryptography (Continue)
อ.พงษ์ ศักดิ์

Faculty of Information Technology

ไผ่แดง

Page

Cryptography
ก
Cryptography
F F
F graph
Fก
F ก
F F
Cryptography F ก ˂ ก F
ก F 3
ก
‣ Symmetric Key Cryptography

F
F
‣ Asymmetric Key Cryptography
F
F
‣ Hash Function ก
F


ก F crypto
Cryptography

Secret Key Cryptography ก
Public Key Cryptography ก
F

Page

Symmetric Key Cryptography
F
ก

Cryptography
ก
Plaintext

(Block Cipher)
ก F

‣

1

Symmetric Key
F F ˈ
ก

ก

F

• DES: 1 Data Block = 64 bits
• 3DES: 1 Data Block = 64 bits
• AES: 1 Data Block = 128 bits

(Stream Cipher)
ก F

‣
• RC4

Page

Stream Ciphers
ก
‣

F

ˈ ก

Key

bit
ก

bit

F ก

(Stream)

F

ˈ

‣ Keystream

ก

keystream
‣ Pseudorandom
F
กก

ก F
ก
กก


F

F

F

ก

ก F Keystream

Stream Cipher ˈ pseudorandom
F F

F F

ˈ F F

F

F

Page

Stream Ciphers
F bit
bit
F

Keystream

ก

ก ( F ก XOR) ก

random keystream
plaintext ( F
ก
plaintext)
F ก F Keystream
F Key
ก encrypt F

F

plaintext

Ci = Pi XOR StreamKeyi


Page

Stream Ciphers
F Secret Key
Stream Cipher ก
F Pseudorandom Keystream

F Seed

˂

Key
K

Key
K

KeyStream Generator
(Pseudorandom byte
generator)

Fก

KeyStream Generator
(Pseudorandom byte
generator)

Plaintext
Byte
Stream
P

+
ENCRYPTION


Ciphertext
Byte
Stream
C

+

Plaintext
Byte
Stream
P

DECRYPTION

Page

One-Time-Pad (OTP)
Stream Cipher F
Vernam Cipher)
ˈ
ก
break F (unbreakable cipher)

ก One-Time-Pad (
F
F F

กF

‣ Keystream

OTP ˈ random number F
F
F F F
ก Secret Key F Pseudorandom number generator
‣ Secret Key
OTP
Keystream F
F F F
F ก plaintext
Fก
F
OTP
F ก
F ˈ
F F
F
ก


Page

Stream Cipher Properties
F

ก

F Stream Cipher

Fก ก Encryption
F
ˈ
F
ก
กF
ก
ก
‣ Keystream
F
F random F ก
random ก F
F
F
‣ Secret Key
F
˂ ก Brute-force Attack
ก
F ก F 128 bits
‣

F

F F ก F Block Cipher
F ก
Stream Cipher
F
F
F ก Block Cipher F Key
Fก

ก

F

F

Page

RC4
ก
Ron Rivest
RC4 ˈ Stream Cipher
Security (Security Company)
F Key
F (variable key size) ก
(Byte-oriented Stream Cipher)
ก
random permutation
RC4 ˈ
F
F
F ก กก ก
F
F SSL/TLS
wireless WEP


Fก RSA
F

Page

RC4 Keystream Generation
RC4 F keystream ก secret internal state
F
F กF
‣

F

FS

ˈ F
‣ Pointer i

ก

F: ก F Permutation (
F
256 bytes
j: Pointer
8 bits
ก

ก

F

2

F


F

S

F กF

F Key ( ก
F 40 256 bits) ก ก
F
F FS
F Key Scheduling Algorithm (KSA)
‣
F FS F ก
ก
F key stream
random generation algorithm (PRGA)
‣

2

F)

256

Keystream Generation

F

F

Fก

F pseudo-

Page

Key Scheduling Algorithm (KSA)
KSA F ก ก
ก

‣

F
F

Fก F
F
ก 00000001, ... )

F

FS

ก F
ก
กก

Fก
F

F

FS

ก F
ก F byte
F
( F S[0] ก 00000000, S[1]
ก F F Identity Permutation

for i from 0 to 255
S[i] := i
endfor

‣

S

ก 256
F Key

F

ก Permute (

F) F

for i from 0 to 255
j := (j + S[i] + key[i mod keylength]) mod 256
swap S[i] and S[j]
endfor

Page

Pseudo-Random Generation Algorithm (PRGA)
PRGA F ก
‣

F
byte
Keystream


F Keystream
ก
F ก

PRGA
ก
F ก encryption

F keystream ก
Fก
Byte

1

Page

PRGA ˈ

ก
F

‣
‣

F
•
•
•
•

F pointer i
ก

i
(
j
(
F S[i]
S[j]
F
F Keystream
(S[i] + S[j]) mod 256


j F
PRGA

F 0
ก
F

)1
F ก F
) F ก F S[i] F
Fก F

F

F S[i] ก
F ก F
FS

F S[j]

F

i := 0 , j := 0
while GeneratingOutput:
i := (i + 1) mod 256
j := (j + S[i]) mod 256
swap S[i] and S[j]
K := S[(S[i] + S[j]) mod 256]
output K
endwhile
Page

F


ก

PRGA

Page

Attack on Cryptography
ก
F F
plaintext
F F
Cryptanalysis ก
Key F ˈ ก break ก encrypt
F F ˈ 3
‣ Ciphertext-only attack ciphertext encrypt

ก
‣ Known-plaintext attack
ก
ก
‣ Chosen-plaintext attack
ก
attacker
F F ciphertext


ก key
F plaintext
ciphertext plaintext
F key F
ciphertext plaintext
ก plaintext
˂
Fก plaintext
F ˈ
F key F

ก ˈ
key F
ก key
ก key
F
F

Page

15

Asymmetric Key Cryptography
(Public Key Cryptography)


Page

F
key

symmetric key cryptography
ก ก encrypt
decrypt
F

‣

ก
F F

ˆ

‣
‣
‣

ˆ

F
F

F F

F

F

F

F

ก

key กF
F F
F F ก ก F
F
Fก กF
ก ก ก Key
ก ก ก
ก Key
F ˈ
ก
F
F
ก F
F F key
ก F F
ก F
F
ก F
ก
F ciphertext ก F
F
ก
Symmetric Key Encryption F
non-repudiation

Public Key Encryption F key
Asymmetric Encryption
F ก ก encrypt
decrypt F

Page

17

cryptosystem
key 2
F กF
‣ Public Key

FF
‣ Private Key
F ˁ

asymmetric key cryptography
ˈ key

F

ˈ key ก

F F

ก Encryption

ก

F ˈ
F F

F

ˁ
ˁ

ˈ

F

‣ F F F

public key
F
ก
ˈ
F
ก F กF
F
ก encrypt F
F public key
F
F private key
Fก
‣ F decrypt F
‣
ก
encrypt F
F
F
public key ˈ
F
F
F
private key
decrypt F

Page

18



Page

Asymmetric Encryption
Public-Key Cryptosystem
‣

encrypt F
plaintext ก
ก

E(P, PKreceiver) = C

F ciphertext

decrypt F

P = Plaintext
C = Ciphertext
PK = Public Key
SK = Private Key

E(C, SKreceiver) = P

public key
private key
decryption F F F
‣ ก
ʽ
public key ˈ
private key
Fก F F
Public Key

‣ F

Plaintext

Encryption

Ciphertext

F

F

ก encryption

F
Private Key
Decryption

Plaintext
Page

20

Public Key Cryptography
Public Key Cryptography
function
‣ One-Way Function

ˆ กF
ก F F

F

F

ก F one-way

ˈ

F
ก ก F
‣ ก
(Multiplication)
•
•

F
F
F
ก ก

F F 12x12
F F
F F 144
F กF ก
144 = 12x12 = 144x1 = 24x6,

F
ก

ก

F

F

(Factorization)

F F 12x12 = 144
กก
ก

ก Logarithms
‣ Exponential
• F
F F 3ก 6
กก
•
F F
F F 729
F ก F ก กก
(x=?, y=?)

F

FF

36 =729
ก
logx 729 = y
Page

21

ก

F

RSA Algorithm
Diffie-Hellman Algorithm (
Elliptic Curve Cryptography
Digital Signature Algorithm


F
ก

F Key Exchange)

Page

22

RSA
F

RSA
ก


F (Ron Rivest)
(Len Adleman) MIT

F (Adi Shamir)
RSA
ก

3

Page

23

ก

ก F

ก
‣

RSA

(prime number) p
ก ก
F Fก

ก

ก
Fก

n = pq
m = (p-1)(q-1)
ก F e 1<e<m
e
m
ˈ
‣

ก

F e

q

F

F

ก

F ก

F ก F ก

F

F

ก (gcd)
ก
ก

F gcd(e, m) ˈ 1

eก m ˈ 1
F

d
ed mod m = 1
Public Key = F (e, n)
Private Key = F (d, n)

Page

24

ก
RSA Encryption
F ก F F
Key (e, n)
F
‣ Ciphertext

F
M

F

F Public

C = Me mod n

RSA Decryption
ciphertext C
‣ Message

M<n ก

F Private Key (d, n)

F

M = Cd mod n

F
‣ p = 5, q = 7, n = 35, m = 24
‣ e = 5, d = 29

Page

25

F ก

F

n = 35, e = 5
Plaintext

M

Me

Ciphertext = Me mod n

L

12

248832

17

O

15

759375

15

V

22

5153632

22

E

5

3125

10


Page

26

F ก
n = 35, d = 29
Cd

Ciphertext

M= Cd mod n

Plaintext

17

48196857210675091509141182522307000

12

L

15

12783403948858939111232757568359400

15

O

22

8.5164331908653770195619449972111e+38

22

V

10

100000000000000000000000000000

5

E


Page

27

Information system security wk4-cryptography-2

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Andere mochten auch

Andere mochten auch (13)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Information system security wk4-cryptography-2