This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Requirements - must be able to verify that:1. Message came from apparent source or author,2. Contents have not been altered,3. Sometimes, it was sent at a certain time or sequence.
Sometimes we would like to provide authentication without encryption (public statements do not need privacy). Still, authentication requires that the sender know something that the forger does not ( a secret key).
Conventional encryption can be used, but the sender must share the secret key with the receiver.
Authentication
3
(b) Using public-keyencryption
4
Secret Value is added by both parties to message before the “hash,” function is used to get the Message Integrity Check (MIC). It is removed before transmission.
MIC MIC
It is critical that a forger can not compose a different message that would produce the same MIC value.
5
6
SHA-1
Secure Hash Algorithm 1
7
8
HMAC Structure 9
Public-Key Cryptography(Public-Private Key)
plaintext (data file or message)
encryption by key-1 decryption by key-1
ciphertext (stored or transmitted safely)
decryption by key-2encryption by key-2
plaintext (original data or message)
10
Encryption using aPublic-Key System
11
Authentication using aPublic-Key System
12
RSA (Rivest, Shamir, and Adleman)Key length is variable, 512 bits most common.
• The plaintext block ("m") must be less than the key
length.Key Generation
• Choose two large prime numbers, p and q (secret)
• n = pq, Ø(n) = (p-1)(q-1)
• Find a number, e, that is relatively prime to Ø(n)
• The public key is e and n (e,n)
• Find d, the multiplicative inverse to e mod Ø(n)(by “Number Theory”: d * e mod Ø(n) = 1)
The private key is d and n (d,n), public key is (e,n)
Encryption: c = m^e mod n ("m" is message)
Decryption: m = c^d mod n ("c" is ciphertext)13
Is RSA Secure?
To factor a 512-bit number (to find p and qfrom n) with the best known technique would
take 500,000 MIPs-years• In 500 years on a 1000 MIP/s CPU, an
eavesdropper can encrypt a list of all possible messages (using the Public Key), and compare the corresponding ciphertext to the transmitted ciphertext.• If the message is your password, make sure you
picked a good one (not in any dictionary).
• A defense is to add random bits to the message.
MIPs - Millions of Instructions per second.
14
How Efficient are RSA Operations
Efficient techniques for doing exponentiation:
X * Y mod n = (X mod n) * (Y mod n)
• Do a "mod n" operation whenever a multiplier isbigger than n