crypto2_new

crypto2_new - IS 5371 Cryptography CIS 5371 Cryptography 2....

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: IS 5371 Cryptography CIS 5371 Cryptography 2. Safeguard and Attack 1 Encryption t i encryption key Encryption decryption key Plaintext Ciphertext Decryption 2 Encryption algorithms otation Notation Message M lgorithm Algorithm A Key K Cryptographic transformation: M = A ( K,M ) If A is an encryption algorithm with key K and A is the corresponding decryption algorithm with key K , we require that: M = A ( K, A ( K,M )) 3 So A ( K, ) = A ( K, )- 1 Dolev-Yao threat model Notation Principal or entity or user: a computer, device, resource, t person, etc Attacker (adversary, enemy. Intruder, eavesdropper, imposter) Setting A large open network h d i f l d l i The adversary is very powerful and clever in manipulating communication The adversaries techniques are unpredictable 4 Dolev-Yao threat model The attacker, Can obtain any message passing through the network. May be a legitimate user and can initiate any conversation with any other user (insider) as the opportunity to become any receiver to any user Has the opportunity to become any receiver to any user Can send messages to any user by impersonating another user. 5 Dolev-Yao threat model Unless explicitly stated, The attacker is not omnipotent. In particular, The attacker cannot guess a random number selected from a set with X with probability better than 1/| X |. e cannot encrypt data or decrypt encrypted data without He cannot encrypt data, or decrypt encrypted data without the correct key (for sufficiently large key space) Has cannot find the correct encryption/decryption key. Typically, the actions and resources of the adversary are polynomially bounded to be explained later. 6 Authentication Servers Trust Management systems lice and Bob wish to communicate privately over an insecure Alice and Bob wish to communicate privately over an insecure network---in the presence of the adversary, Malice. They have to encrypt the messages they send each other. Suppose they have never met before: how do they exchange keys? One way is to get the keys from a Trusted Third Party (TTP), Trent. The TTP can be an Authentication Server. In general parties may use different Servers, which must then trust each other. Trust Management (TM) systems will support security 7 applications for entities that have no direct trust links. Trust Management The n ( n-1)/2 problem If Alice and Bob meet physically they can exchange a secret key (or knowledge about each others public keys). If there are n users in the communication system then n ( n-1)/2 need to be exchanged. For many applications the cost of storing this many keys may be excessive....
View Full Document

Page1 / 30

crypto2_new - IS 5371 Cryptography CIS 5371 Cryptography 2....

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online