### Create a StudySoup account

#### Be part of our community, it's free to join!

Already have a StudySoup account? Login here

# 597 Class Note for CSE 543 with Professor McDaniel at PSU

### View Full Document

## 17

## 0

## Popular in Course

## Popular in Department

This 20 page Class Notes was uploaded by an elite notetaker on Friday February 6, 2015. The Class Notes belongs to a course at Pennsylvania State University taught by a professor in Fall. Since its upload, it has received 17 views.

## Similar to Course at Penn State

## Popular in Subject

## Reviews for 597 Class Note for CSE 543 with Professor McDaniel at PSU

### What is Karma?

#### Karma is the currency of StudySoup.

#### You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 02/06/15

Systems and Internet Infrastructure Security CSE543 lntreduetion to Cemputer and Newark Security ModuleApplliiedl Crypmgraphy Professor Patrick McDaniel Fall 2008 PENNSTAT Key DistributionAgreement a Key Distribution is the process where we assign and transfer keys to a participant gt Out of band eg passwords simple gt During authentication eg Kerberos gt As part of communication eg skipencryption Key Agreement is the process whereby two parties negotiate a key gt 2 or more participants Typically key distributionagreement this occurs in conjunction with or after authentication gt However many applications can preload keys CSE543 Introduction to Computer and Network Security DiffieHellman Key We The DH paper really started the modern age of cryptography and indirectly the security community gt Negotiate a secret over an insecure media gt Eg in the clear seems impossible gt Idea participants exchange intractable puzzles that can be solved easily with additional information Mathematics are very deep gt Working in multiplicative group G gt Use the hardness of computing discrete logarithms in nite eld to make secure CSE543 Introduction to Computer and Network Security PENNSTAT DiffieHellman Protocol g For two participants p39 and p2 SetupWe pick a prime number p and a base 9 ltp gt This information is public gt Egp13 g4 Step I Each principal picks a private value X ltp 1 Step 2 Each principal generates and communicates a new value y 9X mOd P Step 3 Each principal generates the secret shared key 2 z yX mod p Perform a neighbor exchange CSE543 Introduction to Computer and Network Security PENNSTAT Attacks on DiffieHellman g This is key agreement not authentication gt You really don t know anything about who you have exchanged keys with gt The man in the middle x 39 l x A l I y x l l x x X 4 Ni x Hr K gt Alice and Bob think they are talking directly to each other but Mallory is actually performing two separate exchanges You need to have an authenticated DH exchange gt The parties sign the exchanges more or less gt See Schneier for a intuitive description CSE543 Introduction to Computer and Network Security PENNSTAT Public Key Cryptography g Public Key cryptography gt Each key pair consists of a public and private component k public key k39 private key DEp W k p DEp k k 29 Public keys are distributed typically through public key certi cates gt Anyone can communicate secretly with you if they have your certi cate gt Eg SSLbase web commerce RSA Rivest Shamir Adelman PENN A dominant public key algorithm gt The algorithm itself is conceptually simple gt Why it is secure is very deep number theory gt Use properties of exponentiation modulo a product of large primes quotA method for obtaining Digital Signatures and Public Key Cryptosystems Communications of the ACM Feb I978 22 pages l20 l 26 CSE543 Introduction to Computer and Network Security RSA Key Generation Pick two large primes p and q P3 q Calculate n pq Picke such that it is relatively 2 n 3I I 33 Prime to mm qP gt Euler sTotient Function Phln de39 modphim or 4 e 7 GCD207 I de mod phin l 5 Euclid sAlgorithm d 7quot mod 20 quotquot d d7 mod 20 an llllllllll RSA EncryptionDecryption PENN Public key k is en and private key k39 is dn Encryption and Decryption EkP ciphertext plaintexte mod n Dk C plaintext ciphertextd mod n Example gt Public key 733 Private Key 333 gt Data 4 encoding of actual data gt E7334 47 mod 33 6384 mod 33 I6 gt D333I6 I63 mod 33 4096 mod 33 4 CSE543 Introduction to Computer and Network Security PENNSTAT Encryption using private key a Encryption and Decryption Ek39P ciphertext plaintextd mod n DkC plaintext ciphertexte mod n Eg gt E3454 43 mod 33 64 mod 33 3 D7459 37 mod 33 275l264 mod 33 4 QWhy encrypt with private key CSE543 Introduction to Computer and Network Security Digital Signatures Models physical signatures in digital world gt Association between private key and document gt and indirectly identity and document gt Asserts that document is authentic and nonreDutable To sign a document gt Given document d private key k Signature Sd E k39vhd Validation gt Given document d signature Sd public key k gt Validate Dkv Sd Hd A Protocol Story NeedhamSchroeder Public Key Protocol gt De ned in I978 Assumed Correct gt Many years without a flaw being discovered Proven Correct gt BAN Logic 50 It s Correct Right rimmdummn in Computer and Neiwmi NeedhamSchroeder Public Key PM Does It Still Look OK Nonce 1 Message a A gt B AB NAAPKB gt A initiates protocol with fresh value for B Message a2 B gtA BA NA NBPKA gt B demonstrates knowledge of NA and challengesA Message a3 A gt B AB NBPKB gt A demonstrates knowledge of N3 A and B are the only ones who can read NA and NB CSE543 Introduction to Computer and Network Security Gavin Lowe Attack PENNSTAT n W An active intruder X participates Message a I A gt X AX NAAPKX XA gt B AB NAAPKB gt X asA initiates protocol with fresh value for B B gt XA BANA NBPKA X gtA XA NA NBPKA gt X asksA to demonstrates knowledge of N3 Message a3 A gt X AX NBPKX gt A tells X NB thanks A XA gt B AB NBPKB gt X completes the protocol asA Message b Message b2 Message a2 Message b3 CSE543 Introduction to Computer and Network Security PENNSTAT What Happened g X can getA to act as an oracle for nonces gt Hey A what s the N3 in this message from any B A assumes that any message encrypted for it is legit gt Badidea X can enable multiple protocol executions to be interleaved gt Should be part of the threat model 39 4 X I III zquot ll A IIII CSE543 Introduction to Computer and Network Security T h e F PENNSTAT IN w lt s Trivial nd it Message a A gt B AB NAAPKB gt A initiates protocol with fresh value for B Message a2 B gtA BA NA NB BPKA gt B demonstrates knowledge of NA and challengesA Message a3 A gt B AB NBPKB gt A demonstrates knowledge of N3 CSE543 Introduction to Computer and Network Security PENNSTAT Impact on Protocol g Protocol Analysis Took a Black Eye gt BAN Logic ls Insuf cient gt BAN Logic ls Misleading Protocol Analysis Became a Hot Topic gt Lowe s FDR Meadow s NRL Analyzer Millen s Interrogator V V V Rubin s Nonmonotonic protocols gt In the end could nd known flaws but gt attacker model is too complex CSE543 Introduction to Computer and Network Security PENNSTAT DolevYao Result Strong attacker model gt Attacker intercepts every message gt Attacker can cause one of a set of operators to be applied at any time Operators for modifying generating any kind of message gt Attacker can apply any operator except other s decryption Theoretical Results gt Polynomial Time for One Session gt Undecidable for Multiple Sessions gt MoraIAnaIysis is Dif cult Because Attacker Can Exploit Interactions of Multiple Sessions End Result Manual Induction and ExpertAnaIysis are CSE543 Introduction to Computer and Network Security Page 18 PENNSTAT Review secret vs public a secret ke Cryptography Public key cryptography Symmetric keys WhereA Single ke Each key pair consists of a public and k is used is used for E and D Private component D E P k y k P k public key k private key All intended receivers have D Epk k p access to key D Ep k k p Note Management of keys Public keys are distributed determines who has access to typically through public key encrypted data certi cates gt Eg password encrypted email Anyone can communicate secretly Also known as symmetric key With You if they have Your cryptography certi cate Eg SSLbased web commerce CSE543 Introduction to Computer and Network Security Page 19 The symmetricasymmetric key tradeoff PM Symmetric shared key systems gt Ef cient Many MBsec throughput gt Dif cult key management Kerberos Key agreement protocols Asymmetric public key systems gt Slow algorithms so far gt Easy easier key management PKl public key infrastructures Webs of trust PGP

### BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.

### You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

## Why people love StudySoup

#### "I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

#### "I signed up to be an Elite Notetaker with 2 of my sorority sisters this semester. We just posted our notes weekly and were each making over $600 per month. I LOVE StudySoup!"

#### "I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

#### "Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

### Refund Policy

#### STUDYSOUP CANCELLATION POLICY

All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email support@studysoup.com

#### STUDYSOUP REFUND POLICY

StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here: support@studysoup.com

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to support@studysoup.com

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.