Cryptography & Network Security Introduction - Free Download PDF

1m ago
8 Views
1 Downloads
1.01 MB
29 Pages
Transcription

Cryptography & Network SecurityIntroductionChester RebeiroIIT MadrasCR

The Connected WorldCR2

Information StorageCR3

Increased Security Breaches81% more in ecutive-summary-02.pdf4

Security Threats(why difficult to prevent?)Networks / Communication linksHardwareSystem Software(Operating Systems / Hypervisor)ApplicationsAttackers need to target theweakest link in the chainCRPeripherals5

Security Studies (Research)(an ocean)Networks / Communication linksNetwork SecurityHardwareHardware SecuritySystem SecuritySystem Software(Operating Systems / Hypervisor)OS SecurityApplicationsCloud SecurityWeb SecurityCryptographyDBMS SecurityCRPeripherals Embedded Security6

Cryptography A crucial component in all security systems Fundamental component to achieve– ConfidentialityAllows only authorized users access to dataCR7

Cryptography(its use) A crucial component in all security systems Fundamental component to achieve– Confidentiality– Data IntegrityCryptography can be used to ensure that onlyauthorized users can make modifications(for instance to a bank account number)CR8

Cryptography(its use) A crucial component in all security systems Fundamental component to achieve– Confidentiality– Data Integrity– AuthenticationCryptography helps prove identitiesCR9

Cryptography(its use) A crucial component in all security systems Fundamental component to achieve– Confidentiality– Data Integrity– Authentication– Non-repudiationI did notsend thatThe sender of a message cannotclaim that she did not send itCR10

Scheme for Confidentialityuntrusted communication linkAliceBobmessageAttack at Dawn!!Problem : Alice wants to send a messageto Bob (and only to Bob) through an untrustedcommunication linkCRMallory11

EncryptionKEAlicemessage“Attack at Dawn!!”untrusted communication linkD#%AR3Xf34 decryptionencryption(ciphertext)ESecrets Only Alice knows the encryption key KE Only Bob knows the decryption key KDCRKDBob“Attack at Dawn!!”MalloryOnly sees ciphertext.cannot get the plaintext messagebecause she does not know the keys12

Encryption AlgorithmsKEAliceKDuntrusted communication linkBobD#%AR3Xf34( “Attack at Dawn!!”decryptionencryption(ciphertext)E Should be easy to compute for Alice / Bob (who know the key) Should be difficult to compute for Mallory (who does not know the key) What is ‘difficult’? Ideal case : Prove that the probability of Mallory determining the encryption /decryption key is no better than a random guess Computationally : Show that it is difficult for Mallory to determine the keyseven if she has massive computational powerCR13

Algorithmic Attacks Can Mallory use tricks to break the algorithmE There by reducing the ‘difficulty’ of getting thekey.CR14

Encryption KeysKEAliceKDuntrusted communication linkBobD#%AR3Xf34( “Attack at Dawn!!”decryptionencryption(ciphertext)E How are keys managed– How does Alice & Bob select the keys?– Need algorithms for key exchangeCR15

Ciphers Symmetric Algorithms– Encryption and Decryption use the same key– i.e. KE KD– Examples: Block Ciphers : DES, AES, PRESENT, etc. Stream Ciphers : A5, Grain, etc. Asymmetric Algorithms– Encryption and Decryption keys are different– KE KD– Examples: RSA ECCCR16

Cipher ImplementationsCryptography is always an overhead !! For security, the algorithms need to be computationintensive. Often require large numbers, complex mathematicaloperations. Design Challenges: Performance, Size, Power. Algorithms to achieve thisCR17

Encryption DevicesKEAlicemessage“Attack at Dawn!!”untrusted communication linkBobD“Attackat Dawn!!”#%AR3Xf34( decryptionencryption(ciphertext)ESide ChannelsEg. Power consumption / radiationof device, execution time, etc.CRKDMalloryGets information about the keys by monitoringSide channels of the device18

Side Channel Analysis00111AliceEencryptionmessage“Attack at Dawn!!”Radiation fromDeviceSecret informationCR0011119

Ciphers Design ChallengesTradeoffs between Security , Speed, Side-Channel AttacksWe want crypto algorithms to be fast and smallFor security, the algorithms arecomputationally intensive.Typically use large numbers,complex operationsCRNeed to protect against sidechannel attacks.

Cryptography Study Mathematics EngineeringMathematicsElectrical Engg.cryptographyPhysicsCRComputer Sc.21

Some Hot Research Trendsefficient implementationscryptanalysispost-quantum cryptographyLeakage resilient cryptographyside channel analysisCRprivacy enhancing securitylight weight cryptographycloud securityhomomorphic encryption22

The Plan Ahead How are ciphers designed?––––Ideal security vs Computational securityBlock ciphers / Stream ciphersAsymmetric key ciphersTrade offs between security and implementation Attacks– Algorithmic / Side Channel Analysis Applications– How are they used to achieve confidentiality, integrity,authentication, non-repudiation Case Studies– Network security aspects, BitcoinsCR23

Course Structure Classical Cryptography Shannon’s Theory Block Ciphers– DES, AES, their implementations and their attacks Stream Ciphers Digital Signatures and Authentication– Hash functions Public key ciphers– RSA, implementations, and attacks Side channel analysis Network Security aspects Case Studies : BitcoinsCR24

Expected Learning Outcomes What you would learn by the end of the courseDistinguish between cipher algorithms- Where to use what algorithm?Evaluate ciphers and their implementations for security- Mathematical cryptanalysis of some algorithms- Side channel based attacks on cipher implementationsApply algorithms to solve security problems in networksand real-world systemsCR25

Books / ReferencesTextbooks(STINSON) ''Cryptography: Theory and Practice", Third Edition, by Douglas R.Stinson, CRC Press, Taylor and Francis GroupReferences(STALLINGS) ''Cryptography and Network Security: Principles and Practices'',Sixth Edition, by William Stallings(HANDBOOK) ''Handbook of Applied Cryptography'', Fifth Printing, by Alfred J.Menezes, Paul C. van Oorschot, and Scott A. Vanstone, CRC Press(HARDSEC) ''Hardware Security : Design, Threats, and Safeguards", byDebdeep Mukhopadhyay and Rajat Subhra Chakraborty, CRC Press, Taylorand Francis GroupCR26

Grading Quiz 1 : 20%Quiz 2 : 20%End semester : 40%Assignments : 20%– Surprise tests / Tutorials / Programming assignments /minute papers / Google groups / etc.Self Study vs Attending Classes Same tutorials / assignments / quizzes / etc. Grading policy is differentCR27

Course Webpages For slides / syllabus / schedule etc.http://www.cse.iitm.ac.in/ chester/courses/16e cns/index.html For discussions / announcements / submissionsCSE MoodleGoogle Groups (cnsiitm 2016)CR28

Logistics CS26 Time:––––CRTuesdays : 11:00 - 11:50 AMWednesdays : 10:00 - 10:50 AMThursdays : 8:00 - 8:50 AMFridays : 2:00 – 2:50 PM29

Sixth Edition, by William Stallings (HANDBOOK) ''Handbook of Applied Cryptography'', Fifth Printing, by Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, CRC Press (HARDSEC) ''Hardware Security : Design, Threats, and Safeguards", by