•9/11/03

Lecture 2: Private Key Cryptography CS 392/6813: Computer Security Fall 2010

*Adopted from Previous Lectures by Nasir Memon

Course Administration „

HW#1 due by midnight today „

„

HW#2 will be posted by the weekend „

„

Solution will be posted soon Would be due in 10 days

TA Session for Jon Voris: „ „

Email: [email protected] 5-6pm Mondays or Tuesdays (subject to room availability) – please wait for further announcement

9/16/2010

Lecture 2 - Private Key Cryptography

2

•1

•9/11/03

Course Administration -- Partners „

„

„

Please indicate the name of your partner on your HW1 submission In case you are not able to find a partner yourself, please send me an email notifying me about this (if you haven't already done so). Please do this by tomorrow midnight. Instructions to submit team homeworks will be provided a bit later

9/16/2010

Lecture 2 - Private Key Cryptography

3

Outline of today’s lecture

„ „

Cryptography Overview Private Key Cryptography: Encryption

9/16/2010

Lecture 2 - Private Key Cryptography

4

•2

•9/11/03

Cryptography „ „

„

„

Etymology: Secret (Crypt) Writing (Graphy) Study of mathematical techniques to achieve various goals in information security, such as confidentiality, authentication, integrity, nonrepudiation, etc. Not the only means of providing information security, rather a subset of techniques. Quite an old field!

9/16/2010

Lecture 2 - Private Key Cryptography

5

Private Key/Public Key Cryptography „

Private Key: Sender and receiver share a common (private) key „

„

„

Encryption and Decryption is done using the private key Also called conventional/shared-key/single-key/ symmetric-key cryptography

Public Key: Every user has a private key and a public key „

„

Encryption is done using the public key and Decryption using private key Also called two-key/asymmetric-key cryptography

9/16/2010

Lecture 2 - Private Key Cryptography

6

•3

•9/11/03

Cryptography: Cast of Characters „ „

„

„

Alice (A) and Bob (B): communicating parties Eve (E): Eavesdropping (or passive) adversary Mallory (M): Man-in-the-Middle (or active adversary Trent (T): a trusted third party (TTP)

9/16/2010

Lecture 2 - Private Key Cryptography

7

Common Terminologies „ „ „ „ „ „ „ „ „

Plaintext Key Encrypt (encipher) Ciphertext Decrypt (decipher) Cipher Cryptosystem Cryptanalysis (codebreaking) Cryptology: Cryptography + Cryptanalysis 9/16/2010

Lecture 2 - Private Key Cryptography

8

•4

•9/11/03

Private key model

9/16/2010

Lecture 2 - Private Key Cryptography

9

Open vs Closed Design „

Closed Design (as was followed in military communication during the World War I/II) „ „ „

„

Keep the cipher secret Also sometimes referred to as the “proprietary design” Bad practice! (why?)

Open Design (Kerckhoffs' principle) „ „

Keep everything public, except the key Good practice – this is what we focus upon!

9/16/2010

Lecture 2 - Private Key Cryptography

10

•5

•9/11/03

Private Key Encryption: main functions 1.

KeyGen: K = KeyGen(l) (l is a security parameter)

2.

Enc: C = Enc(K,M)

3.

Dec: M = Dec(K,C)

9/16/2010

Lecture 2 - Private Key Cryptography

11

Security Model and Adversaries 1.

Ciphertext only „

2.

Known plaintext „

3.

Adversary knows a set of plaintext-ciphertext pairs

Chosen (and adaptively chosen) plaintext (CPA attack) „

4.

Adversary knows only the ciphertext(s)

Adversary chooses a number of plaintexts and obtains the corresponding ciphertexts

Chosen (and adaptively chosen) ciphertext attack (CCA attack) „

Adversary chooses a number of ciphertexts and obtains the corresponding plaintexts

9/16/2010

Lecture 2 - Private Key Cryptography

12

•6

•9/11/03

Security Model and Adversaries

Hardest attack…………..............................easiest attack

1