•9/11/03
Lecture 2: Private Key Cryptography CS 392/6813: Computer Security Fall 2010
*Adopted from Previous Lectures by Nasir Memon
Course Administration
HW#1 due by midnight today
HW#2 will be posted by the weekend
Solution will be posted soon Would be due in 10 days
TA Session for Jon Voris:
Email:
[email protected] 5-6pm Mondays or Tuesdays (subject to room availability) – please wait for further announcement
9/16/2010
Lecture 2 - Private Key Cryptography
2
•1
•9/11/03
Course Administration -- Partners
Please indicate the name of your partner on your HW1 submission In case you are not able to find a partner yourself, please send me an email notifying me about this (if you haven't already done so). Please do this by tomorrow midnight. Instructions to submit team homeworks will be provided a bit later
9/16/2010
Lecture 2 - Private Key Cryptography
3
Outline of today’s lecture
Cryptography Overview Private Key Cryptography: Encryption
9/16/2010
Lecture 2 - Private Key Cryptography
4
•2
•9/11/03
Cryptography
Etymology: Secret (Crypt) Writing (Graphy) Study of mathematical techniques to achieve various goals in information security, such as confidentiality, authentication, integrity, nonrepudiation, etc. Not the only means of providing information security, rather a subset of techniques. Quite an old field!
9/16/2010
Lecture 2 - Private Key Cryptography
5
Private Key/Public Key Cryptography
Private Key: Sender and receiver share a common (private) key
Encryption and Decryption is done using the private key Also called conventional/shared-key/single-key/ symmetric-key cryptography
Public Key: Every user has a private key and a public key
Encryption is done using the public key and Decryption using private key Also called two-key/asymmetric-key cryptography
9/16/2010
Lecture 2 - Private Key Cryptography
6
•3
•9/11/03
Cryptography: Cast of Characters
Alice (A) and Bob (B): communicating parties Eve (E): Eavesdropping (or passive) adversary Mallory (M): Man-in-the-Middle (or active adversary Trent (T): a trusted third party (TTP)
9/16/2010
Lecture 2 - Private Key Cryptography
7
Common Terminologies
Plaintext Key Encrypt (encipher) Ciphertext Decrypt (decipher) Cipher Cryptosystem Cryptanalysis (codebreaking) Cryptology: Cryptography + Cryptanalysis 9/16/2010
Lecture 2 - Private Key Cryptography
8
•4
•9/11/03
Private key model
9/16/2010
Lecture 2 - Private Key Cryptography
9
Open vs Closed Design
Closed Design (as was followed in military communication during the World War I/II)
Keep the cipher secret Also sometimes referred to as the “proprietary design” Bad practice! (why?)
Open Design (Kerckhoffs' principle)
Keep everything public, except the key Good practice – this is what we focus upon!
9/16/2010
Lecture 2 - Private Key Cryptography
10
•5
•9/11/03
Private Key Encryption: main functions 1.
KeyGen: K = KeyGen(l) (l is a security parameter)
2.
Enc: C = Enc(K,M)
3.
Dec: M = Dec(K,C)
9/16/2010
Lecture 2 - Private Key Cryptography
11
Security Model and Adversaries 1.
Ciphertext only
2.
Known plaintext
3.
Adversary knows a set of plaintext-ciphertext pairs
Chosen (and adaptively chosen) plaintext (CPA attack)
4.
Adversary knows only the ciphertext(s)
Adversary chooses a number of plaintexts and obtains the corresponding ciphertexts
Chosen (and adaptively chosen) ciphertext attack (CCA attack)
Adversary chooses a number of ciphertexts and obtains the corresponding plaintexts
9/16/2010
Lecture 2 - Private Key Cryptography
12
•6
•9/11/03
Security Model and Adversaries
Hardest attack…………..............................easiest attack
1