l15 Security 2

l15 Security 2 - Recall from last lecture To a first...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Recall from last lecture To a first approximation, attackers control network Next two lectures: How to defend against this 1. Communicate securely despite insecure networks cryptography 2. Secure small parts of network despite wider Internet Cryptography Crypto important tool for securing communication- But often misused- Have to understand what it guarantees and what it doesnt How Cryptography Helps Secrecy- Encryption Integrity- Cryptographic hashes- Digital signatures- Message authentication codes (MACs) Authentication- Certificates, signatures, MACs Availability- Cant usually be guaranteed by cryptography alone [Symmetric] Encryption Both parties share a secret key K Given a message M , and a key K :- M is known as the plaintext- E ( K,M ) C ( C known as the ciphertext )- D ( K,C ) M- Attacker cannot efficiently derive M from C without K Note E and D take same argument K- Thus, also sometimes called symmetric encryption- Raises issue of how to get K : more on that later Example algorithms: AES, Blowfish, DES, RC4, ... One-time pad Share a completely random key K Encrypt M by XORing with K : E ( K,M ) = M K Decrypt by XORing again: D ( K,C ) = C K Advantage: Information-theoretically secure- Given C but not K , any M of same length equally likely- Also: fast! Disadvantage: K must be as long as M- Makes distributing K for each message difficult Idea: Computational security Distribute small K securely (e.g., 128 bits) Use K to encrypt far larger M (e.g., 1 MByte file) Given C = E ( K,M ) , may be only one possible M- If M has redundancy But believed computationally intractable to find- E.g., could try every possible K , but 2 128 keys a lot of work! Types of encryption algorithms Stream ciphers pseudo-random pad- Generate pseudo-random stream of bits from short key- Encrypt/decrypt by XORing with stream as if one-time pad- But NOT one-time PAD! (People who claim so are frauds!)- In practice, many stream ciphers uses have run into problems More common algorithm type: Block cipher- Operates on fixed-size blocks (e.g., 64 or 128 bits)- Maps plaintext blocks to same size ciphertext blocks- Today should use AES; other algorithms: DES, Blowfish, ... Example stream cipher (RC4) Initialization:- S [0 ... 255] permutation h ,... 255 i (based on key); i ; j 0; Generating pseudo-random bytes: i ( i + 1) mod 256; j ( j + S [ i ]) mod 256; swap S [ i ] S [ j ]; return S [( S [ i ] + S [ j ]) mod 256]; Example stream cipher (RC4) Initialization:- S [0 ... 255] permutation h ,... 255 i (based on key); i ; j 0; Generating pseudo-random bytes: i ( i + 1) mod 256; j ( j + S [ i ]) mod 256; swap S [ i ] S [ j ]; return S [( S [ i ] + S [ j ]) mod 256]; Example stream cipher (RC4) Initialization:- S [0 ... 255] permutation h ,... 255 i (based on key); i ; j 0; Generating pseudo-random bytes:...
View Full Document

This note was uploaded on 04/02/2012 for the course CS 144 at Stanford.

Page1 / 39

l15 Security 2 - Recall from last lecture To a first...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online