Unformatted text preview: NETWORK SECURITY AND CRYPTOGRAPHY AUTHORS INFO SHEET
AUTHORS: INSTITUTE NAME: JHANSI M SRIKANTH SONI SR ENGINEERING COLLEGE INSTITUTE ADDRESS: WARANGAL506371 TITLE OF THE PAPER: NETWORK SECURITY& CRYPTOGRAPHY EMAIL ID: CONTACT NO.: [email protected] +919949966131, +919849376785 ABSTRACT However, a general overview of network security and cryptography is provided and various algorithms are This paper aims to provide a broad review of network security and cryptography, with particular regard to digital signatures. Network security and cryptography is a subject too wide ranging to coverage about how to protect information in digital form and to provide security services. discussed. A detailed review of the subject of network security and cryptography in digital signatures is then presented. The purpose of a digital signature is to provide a means for an entity to bind its identity to a piece of information. The common attacks on digital signature was reviewed. The first method was the RSA signature scheme, which remains today one of the most practical and versatile techniques available. FiatShamir signature schemes, DSA and related signature schemes are two other methods reviewed. Digital security, signatures including have many applications data in information and non authentication, integrity, repudiation was reviewed. INTRODUCTION The objective of this paper is to provide the reader with an insight into recent developments in the field of network security and cryptography, with particular regard to digital signatures .cryptography was used as a tool to protect national secrets and strategies. The proliferation of computers and communications systems in the 1960s brought with it a demand from the private sector for means to protect information in digital form and to provide security services. DES, the Data Encryption Standard, is the most wellknown cryptographic mechanism. It remains the standard means for securing electronic commerce for many financial institutions around the world. The most striking development in the history of cryptography came in 1976 when Diffie and Hellman published New Directions in Cryptography. A digital signature of a message is a number dependent on some secret known only to the signer, and, additionally, on the content of the message being signed. Signatures must be verifiable; if a dispute arises as to whether a party signed a document (caused by either a lying signer trying to repudiate a signature it did create, or a fraudulent claimant), an unbiased third party should be able to resolve the matter equitably, without requiring access to the signer’s secret information (private key). The first method discovered was the RSA signature scheme,Which remains today one of the most practical and versatile techniques available. Subsequent research has resulted in many alternative digital signature techniques. The FeigeFiatShamir signature scheme requires a oneway hash function. Information security and cryptography Cryptography, an understanding of issues related to information security in general is necessary. Information security manifests itself in many ways according to the situation and requirement. Over the centuries, an elaborate set of protocols and mechanisms has been created to deal with information security issues when the information is conveyed by physical documents. Often the objectives of information security cannot solely be achieved through require mathematical procedural algorithms and protocols alone, laws but to techniques and abidance of achieve.The concept of information will be taken to be an understood quantity. For example, privacy of letters is provided by sealed envelopes delivered by an accepted mail service. Randomized Message recovery Digital signature schemes Deterministi c Randomized Appendix Deterministi c Figure: taxonomy of signature schemes ATTACKS ON DIGITAL SIGNATURES 1. Keyonly attacks. only the signer’s public key. 2. Message attacks. Here an adversary is able to examine In these attacks, an adversary knows signatures corresponding either to known or chosen messages. Message attacks can be further subdivided into three classes: (a) Knownmessage attack. An adversary has signatures for a set of messages which are known to the adversary but not chosen by him. (b) Chosenmessage attack. An adversary obtains valid signatures from a chosen list of messages before attempting to break the signature scheme. This attack is nonadaptive in the sense that messages are chosen before any signatures are seen. Chosenmessage attacks against signature schemes are analogous to chosen cipher text attacks against publickey encryption schemes. (c) Adaptive chosenmessage attack. An adversary is allowed to use the signer as an oracle; the adversary may request signatures of messages which depend on the signer’s public key and he may request signatures of messages which depend on previously obtained signatures or messages. The RSA signature scheme The message space and cipher text space for the RSA publickey encryption scheme are both Z n = {0, 1, 2… n1} where n = pq is the product of two randomly chosen distinct prime numbers. Since the encryption transformation is a bijection , digital signatures can be created by reversing the roles of encryption and decryption. The RSA signature scheme is a deterministic digital signature scheme which provides message recovery. The signing space MS and signature space S are both Z redundancy function R: M Z Knowledge. Algorithm: Key generation for the RSA signature scheme SUMMARY: Each entity creates an RSA public key and a corresponding private key. Each entity A should do the following:
n n .A is chosen and is public 1. Generate two large distinct random primes p and q, each roughly the same size. 2. Compute n = pq and Φ = (p 1)(q  1). 3. Select a random integer e, 1 < e < Φ, such that gcd (e, Φ) =1. 4. Use the extended Euclidean algorithm (Algorithm 2.107) to compute the unique integer d, 1 < d<Φ, such that ed Ξ 1 (mod Φ ). 5. A’s public key is (n, e); A’s private key is d. Algorithm: RSA signature generation and verification SUMMARY: Entity A signs a message m € M. Any entity B can verify A’s signature and recover the message m from the signature. 1. Signature generation. Entity A should do the following: (a) Compute m = R (m), an integer in the range [0, n1]. (b) Compute s = m d mod n. (c) A’s signature for m is s. 2. Verification. To verify A’s signature s and recover the message m, B should: (a) Obtain A’s authentic public key (n; e). (b) Compute m = se mod n. (c) Verify that m € MR; if not, reject the signature. (d) Recover m = R ‾1 (m). FeigeFiatShamir signature scheme The FeigeFiatShamir signature scheme and requires a oneway hash function h:{0, 1}*{0,1}k for some fixed positive integer k. Here {0, 1}k denotes the set of bit strings of bit length k , and {0, 1}* denotes the set of all bit strings (of arbitrary bit lengths). Algorithm: Key generation for the DSA SUMMARY: Each entity creates a public key and corresponding private key. Each entity A should do the following: 1. Select a prime number q such that 2
159 < q < 2160. 2. Choose t so that 0≤ t ≤ 8, and select a prime number p where 2 2
511+64t < p< , with the property that q divides (p  1). 512+64t 3. (Select a generator α of the unique cyclic group of order q in Z*p.) 3.1 Select an element g €Z*p and compute α = g 3.2 If α = 1then go to step 3.1. 4. Select a random integer a such that 1 ≤ a ≤ q  1. 5. Compute y = αa mod p. 6. A’s public key is (p, q, α, y); A’s private key is a.
(p1)/q mod p. Algorithm: DSA signature generation and verification SUMMARY: Entity A signs a binary message m of arbitrary length. Any entity B can verify this signature by using A’s public key. 1. Signature generation. Entity A should do the following: (a) Select a random secret integer k; 0 < k<q. (b) Compute r = (αk mod p) mod q (c) Compute k‾1 mod q. (d) Compute s = k ‾1 {h (m) + ar} mod q. (e) A’s signature for m is the pair (r; s). 2. Verification. To verify A’s signature (r, s) on m, B should do the following: (a) Obtain A’s authentic public key (p, q, α, y). (b) Verify that 0 < r < q and 0 < s <q; if not, then reject the signature. (c) Compute w = s‾1 mod q and h(m). (d) Compute u1 = w .h(m) mod q and u2 = rw mod q. (e) Compute v = (αu1y
u2 mod p) mod q. (f) Accept the signature if and only if v = r. APPLICATIONS: Digital security, signatures including have many applications data in information and non authentication, integrity, repudiation. One of the most significant applications of digital signatures is the certification of public keys in large networks. Certification is a means for a trusted third party (TTP) to bind the identity of a user to a public key, so that at some later time, other entities can authenticate a public key without assistance from a trusted third party. CONCLUSION: This paper has provided a broad review of network security and cryptography signatures algorithms with particular SA regard to digital VA The transformations (SIGNING) and (VERIFICATION) are typically characterized more compactly by a key that is, there is a class of signing and verification algorithms publicly known, and each algorithm is identified by a key. Thus the signing algorithm SA of A is determined by a key kA and A is only required to keep kA secret. Similarly, the verification algorithm VA of A is determined by a key lA which is made public. REFERENCES: 1. Applied Cryptography, by A. Menezes, P. van Oorschot, and S. Vanstone, CRC Press, 1996. http:// Cacr.math.uwaterloo.com www.prenticehall.com 2. Network Security and Cryptography by William Stallings ...
View
Full Document
 Spring '07
 dontknow
 Cryptography, Publickey cryptography, digital signatures, signature scheme

Click to edit the document details