### Create a StudySoup account

#### Be part of our community, it's free to join!

Already have a StudySoup account? Login here

# Lecture 5 - Chapter 21: Public-Key Encryption and Message Authentication CSCI 4531

GWU

GPA 3.01

### View Full Document

## About this Document

## 5

## 0

## Popular in Computer Security

## Popular in Computer science

This 4 page Class Notes was uploaded by Leslie Ogu on Wednesday September 28, 2016. The Class Notes belongs to CSCI 4531 at George Washington University taught by Mohamed Tamer Abdelrahman Refaei in Fall 2016. Since its upload, it has received 5 views. For similar materials see Computer Security in Computer science at George Washington University.

## Reviews for Lecture 5 - Chapter 21: Public-Key Encryption and Message Authentication

### What is Karma?

#### Karma is the currency of StudySoup.

#### You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/28/16

Leslie Ogu CSCI 4531 09/20/2016 - Chapter 21: Public-Key Encryption and Message Authentication Secure Hash Algorithm ● SHA was originally developed by NIST ● Published as FIPS 180 in 1993 ● Was revised in 1995 as SHA-1 ○ Produces 160-bit hash values ● NIST issued revised FIPS 180-2 in 2002 ○ Adds 3 additional versions of SHA ○ SHA-256, SHA-384, SHA-512 ○ With 256 / 384 / 512-bit hash values ○ Same basic structure as SHA-1 but greater security ● In 2005, NIST announced the intention to phase out approval of SHA-1, and move to a reliance on the other SHA version by 2010 SHA Comparisons on slides N 1024 bits diagram in slides SHA-3 ● SHA-2 shares same structure and mathematical operations as its predecessors and causes concern ● Due to time required to replace SHA-2 should it become vulnerable, NIST announced in 2007 a competition to produce SHA-3 ● Requirements: ○ Must support hash value lengths of 224, 256, 384, and 512 bits ○ Algorithm must process small blocks at a time instead of requiring the entire message to be buffered in memory before processing it HMAC ● Interest in developing a MAC derived from a cryptographic hash code ○ Cryptographic hash functions generally execute faster ○ Library code is widely available ○ SHA-1 was not designed for use as a MAC because it does not rely on a secret key ○ Issued as RFC2014 ○ Has been chosen as the mandatory-to-implement MAC for IP security ■ Used in other Internet protocols such as Transport Layer Security (TLS) and Secure Electronic Set (SET) HMAC Design Objectives ● To use, without modifications, available hash functions ● To preserve the original performance of the hash function without incurring a significant degradation ● To use and handle keys in a simple way ● To have a well-understood cryptographic analysis of the strength of the authentication mechanism based on reasonable assumptions on the embedded hash function ● To allow for easy replaceability of the embedded hash function in case faster or more secure hash functions are found or required Security of HMAC ● Security depends on the cryptographic strength of the underlying hash function ● For a given level of effort on messages generated by a legitimate user and seen by attacker, the probability of successful attack on HMAC is equivalent to one of the following attacks on the embedded hash function: ○ Either attacker computes output even with random secret IV n ■ Brute force key (O(2 ), or use birthday attack ○ Or attacker finds collisions in hash function even when IV is random and secret ■ Ie. find M and M’ such that H(M) = H(M’) ■ Birthday attack O(2n/2) ■ MD5 secure in HMAC since only observe RSA Public-Key Encryption ● By Rivest, Shamir and Adleman of MIT in 1977 ● Best known and widely used public-key algorithm ● Uses exponentiation of integers modulo a prime ● Encrypt: C = C = M mod n d e d ● Decrypt: M = C mod n = (M ) mod n = M ● Both sender and receiver know values of n and e ● Only receiver knows value of d ● Public-ke y encryption algorithm with public key P U = {e,n} and private key PR = {d,n} The RSA Algorithm + Key Generation + Select p, q p and q are both prime, p = / q + Calculate n = p x q + Calculate Φ(n) = (p−1)(q−1) + Select integer e gcd(Φ(n),e) = 1;1 < e < Φ(n) + Calculate d de mod Φ(n) = 1 + Public key KU = {e ,n} + Private key KR = {d ,n} + Encryption + Plaintext: M < n e + Ciphertext: C = M (mod n) + Description + Ciphertext: C + Plaintext: M = C (mod n) Security of RSA ● Brute Force ○ Involves trying all possible private keys ● Mathematical Attacks ○ There are several approaches, all equivalent in effort to factoring the product of two primes ● Timing Attacks ○ These depend on the running time of the decryption algorithm ● Chosen Ciphertext Attacks ○ This type of attack exploits properties of the RSA algorithm Diffie-Hellman Key Exchange ● First published public-key algorithm *** ● By Diffie and Hellman in 1976 along with the exposition of public key concepts ● Used in a number of commercial products ● Practical method to exchange a secret key securely that can then be used for subsequent encryption of messages ● Security relies on difficulty of computing discrete algorithms NOTE: Example of Diffie-Hellman in the next 2 slides, as well as diagram Man-in-the-Middle Attack - Attack is: 1. Darth generates private keys X(D1) and X(D2), and their public keys Y(D1) and Y(D2) 2. Alice transmits Y(A) to Bob 3. Darth intercepts Y(A) and transmits Y(D1) to Bob. Darth also calculates K2 4. Bob receives Y(D1) and calculates K1 5. Bob transmits X(A) to Alice 6. Darth intercepts X(A) and transmits Y(D2) to Alice. Darth calculates K1 7. Alice receives Y(D2) and calculates K2 - All subsequent communications compromised Other Public-Key Algorithms + Digital Signature Standard (DSS) + FIPS PUB 186 + Makes use of SHA-1 and the Digital Signature Algorithm (DSA) + Originally proposed in 1991, revised in 1993 due to security concerns, and another minor revision in 1996 + Cannot be used for encryption or key exchange + Used an algorithm that is designed to provide only the digital signature function + Elliptic-Curve Cryptography (ECC) + Equal security for smaller bit size than RSA + Seen in standards such as IEEE P1363 + Confidence level in ECC is not yet as high as that in RSA + Based on mathematical construct known as elliptic curve

### BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.

### You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

## Why people love StudySoup

#### "There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

#### "I bought an awesome study guide, which helped me get an A in my Math 34B class this quarter!"

#### "Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."

#### "Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

### Refund Policy

#### STUDYSOUP CANCELLATION POLICY

All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email support@studysoup.com

#### STUDYSOUP REFUND POLICY

StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here: support@studysoup.com

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to support@studysoup.com

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.