slides8

slides8 - CS 531, Fall 2007 CS531 Cryptography Concepts...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
T 1 CS 531, Fall 2007 Copyright © William C. Cheng CS531 Cryptography Concepts (Part 3) Bill Cheng http://merlot.usc.edu/cs531-f07
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
T 2 Protocols and Mechanisms CS 531, Fall 2007 Copyright © William C. Cheng a mechanism is a more general term encompassing protocols, algorithms (steps followed by a single entity), and non-cryptographic techniques (e.g., hardware protection and procedural controls) to achieve specific security objectives A cryptographic protocol is a distributed algorithm defined by a sequence of steps precisely specifying the actions required of two or more entities to achieve a specific security objective Example of a protocol over an unsecured channel Bob sends public key to Alice over the channel Alice genereates a secret key for symmetric-key encryption Alice encrypts key using Bob’s public key and send to Bob Bob decrypts to recover the secret key Alice and Bob communicate with privacy using the secret key
Background image of page 2
T 3 Protocol and Mechanism Failures CS 531, Fall 2007 Copyright © William C. Cheng in a manner whereby an adversary gains advantage not by breaking an underlying primitive such as an encryption algorithm directly A protocol or mechanism failure occurs when a mechanism fails to meet the goals for which it was intended but by manipulating the protocol or mechanism itself Some causes of protocol failure e.g., assume that a stream cipher is a one-time pad 1) weakness in a particular cryptographic primitive which may be amplified by the protocol or mechanism 2) 3) claimed or assumed security guarantees which are overstated or not clearly understood oversight of some principle applicable to a broad class of primitives such as encryption
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Ex: mechanism failure Alice and Bob communicates over a Vernam Cipher Messages are known to have a special form: first 20 bits carry a numeric value representing a monetary amount an active adversary can simply XOR a bitstring into the first 20 bites of ciphertext and change the amount encryption was not compromised but the protocol failed T 4 Protocol Failure Examples CS 531, Fall 2007 Copyright © William C. Cheng assumption that encryption provides data integrity is incorrect Ex: forward search attack 32-bit field used to record the amount in a bank transaction encrypted using a public-key for privacy brute-force attack can recover the value in the transaction similar to a dictionary attack
Background image of page 4
T 5 Protocol Design CS 531, Fall 2007 Copyright © William C. Cheng identify all assumptions in the protocol or mechanism design When designing cryptographic protocols and mechanisms, the following two steps are essential 1) for each assumption, determine the effect on the security objective if that assumption is violated 2)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Communication with symmetric-key cryptography requires pairwise secret keys T 6 Key Establishment/Management/Certification CS 531, Fall 2007 Copyright © William C. Cheng including replacing older keys with new keys Key establishment is any process whereby a shared secret key becomes available to two or more parties, for subsequent
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/05/2008 for the course CSCI 531 taught by Professor Cheng during the Spring '08 term at USC.

Page1 / 26

slides8 - CS 531, Fall 2007 CS531 Cryptography Concepts...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online