2. Why is it worth presenting
cryptography?
• Top concern in security
• Fundamental knowledge in computer
security
A review for those who have taken the
course Computer Security (and Integrity)
A need for those who have not
3. Two kinds of
Cryptography
Symmetric
1)
2)
3)
4)
5)
Alice and Bob agree on a
cryptosystem
Alice and Bob agree on a
key
Alice takes her plaintext
message and encrypts it
using the encryption
algorithm and the key.
This creates a ciphertext
message
Alice sends the ciphertext
message to Bob
Bob decrypts the
ciphertext message with
the same algorithm and
key and reads it
Asymmetric
1)
2)
3)
4)
Alice and Bob agree on a
public-key cryptosystem
Bob sends Alice his public
key
Alice encrypts her
message using Bob’s
public key and sends it to
Bob
Bob decrypts Alice’s
message using his
private key
4. Problems
Symmetric
• Keys must be distributed
in secret
• If a key is compromised,
Eve (eavesdropper) can
decrypt any message
pretend to be one of the
parties
• A network requires a great
number of keys
Asymmetric
• slow (~1000 times slower
than the symmetric)
• vulnerable to chosenplaintext attacks
5. Public-key algorithms
• are not a substitute for symmetric
algorithms
• are not used to encrypt messages,
they are used to encrypt keys
(session keys used with symmetric
algorithms to secure message traffic)
6. Hybrid Cryptosystems
1) Bob sends Alice his public key.
2) Alice generates a random session key, K,
encrypts it using Bob’s public key, and
sends it to Bob.
EB(K)
3) Bob decrypts Alice’s message using his
private key to recover the session key.
DB(EB(K)) = K
4) Both of them encrypt their
communications using the same session
key.
7. Signing Documents
1)
2)
3)
4)
5)
Symmetric
Alice encrypts her
message to Bob with KA
and sends it to Trent
Trent decrypts the
message with KA
Trent takes the decrypted
message and a statement
that he has received this
message from Alice, and
encrypts the whole
bundle with KB
Trent sends the
encrypted bundle to Bob
Bob decrypts the bundle
with KB. He can now read
both the message and
Trent’s certification that
Alice sent it
1)
2)
3)
Asymmetric
Alice encrypts the
document with her
private key, thereby
signing the document
Alice sends the signed
document to Bob
Bob decrypts the
document with Alice’s
public key, thereby
verifying the signature
8. Digital Signatures with
Encryption
1) Alice signs the message with her private key
SA(M)
2) Alice encrypts the signed message with Bob’s
public key and sends it to Bob
EB(SA(M))
3) Bob decrypts the message with his private key
DB(EB(SA(M))) = SA(M)
4) Bob verifies with Alice’s public key and recovers
the message
VA(SA(M)) = M
9. Problem with resending
the message as a Receipt
• Bob signs the message
with his private key,
encrypts it with Alice’s
public key, and sends it
back to Alice
EA(SB(M))
• If Mallory captures the
message that Alice sent to
Bob and claims that it
came from him
VM(SA(M)) = ?
• Bob still sends Mallory a
receipt:
EM(SB(VM(SA(M))))
=
EM(DB(EM(DA(M))))
Mallory can read the
message M by using his
private key and public keys
of Alice and Bob.
10. Attacks against
Public-key Cryptography
• How Alice gets Bob’s public key?
from secure database
• How to protect the public key?
database is read-only to everyone, only
writable to Trent
Trent can sign each public key by his
own private key (Key Certification
Authority or Key Distribution Center)
11. Conclusion
• No perfect method
each has its own weaknesses
be aware of being attacked
• Good to combine different methods
12. Reference
[1] Thomas H. Cormen, Charles E. Leiserson, Ronald L.
Rivest, and Clifford Stein. Introduction to Algorithms. MIT
Press and McGraw-Hill, 2001. ISBN 0-262-03293-7. Section
31.7: The RSA public-key cryptosystem, pp.881–887
[2] Bruce Schneier. Applied Cryptography. John Wiley &
Sons, Inc. 1996. (ISBN: 0471128457)