《信息安全指南课件:Chapter 7 Confidentiality Using Symmetric Encryption》由会员分享,可在线阅读,更多相关《信息安全指南课件:Chapter 7 Confidentiality Using Symmetric Encryption(33页珍藏版)》请在金锄头文库上搜索。
1、Computer Science&Technology School of Shandong UniversityInstructor: Hou Mengbo Email: houmb AT Office: Information Security Research GroupGuide to Information SecurityChapter 7 Confidentiality Using Symmetric EncryptionChapter 7 Confidentiality UsingSymmetric EncryptionConfidentiality using Symmet
2、ric Encryptiontraditionally symmetric encryption is used to provide message confidentialityconsider typical scenarioworkstations on LANs access other workstations & servers on LANLANs interconnected using switches/routerswith external lines or radio/satellite linksconsider attacks and placement in t
3、his scenariosnooping from another workstationuse dial-in to LAN or server to snoopuse external router link to enter & snoopmonitor and/or modify traffic one external linksConfidentiality using Symmetric Encryptionhave two major placement alternativeslink encryptionencryption occurs independently on
4、every linkimplies must decrypt traffic between linksrequires many devices, but paired keysend-to-end encryptionencryption occurs between original source and final destinationneed devices at each end with shared keysTraffic Analysiswhen using end-to-end encryption must leave headers in clearso networ
5、k can correctly route informationhence although contents protected, traffic pattern flows are notideally want both at onceend-to-end protects data contents over entire path and provides authenticationlink protects traffic flows from monitoringPlacement of Encryptioncan place encryption function at v
6、arious layers in OSI Reference Modellink encryption occurs at layers 1 or 2end-to-end can occur at layers 3, 4, 6, 7 as move higher less information is encrypted but it is more secure though more complex with more entities and keysTraffic Analysisis monitoring of communications flows between parties
7、useful both in military & commercial spherescan also be used to create a covert channellink encryption obscures header detailsbut overall traffic volumes in networks and at end-points is still visibletraffic padding can further obscure flowsbut at cost of continuous trafficKey Distributionsymmetric
8、schemes require both parties to share a common secret keyissue is how to securely distribute this keyoften secure system failure due to a break in the key distribution scheme Key Distributiongiven parties A and B have various key distribution alternatives:1.A can select key and physically deliver to
9、 B2.third party can select & deliver key to A & B3.if A & B have communicated previously can use previous key to encrypt a new key4.if A & B have secure communications with a third party C, C can relay key between A & BAnalysisMethods 1/2 are suitble for link encryptionBut not suitable for end-end e
10、ncryptionKeys number?For all n nodes: n(n-1)/2If n very large,.Another method(based on KDC):Master key / Session keyKey Distribution ScenarioPOPE79 MethodPrerequisite: KDC and Master key for every nodes For A and B, master keys are Ka Kb (1) A KDC, IDA | IDB | N1 (2) KDC A, EKaKs | A | B | N1 | EKb(
11、Ks,IDA) (3) A B, EKb(Ks,IDA) (4) B A, EKs(N2) (5) AB, Eksf(N2) Key Distribution Issueshierarchies of KDCs required for large networks, but must trust each othersession key lifetimes should be limited for greater securityuse of automatic key distribution on behalf of users, but must trust systemuse o
12、f decentralized key distributioncontrolling purposes keys are used forAutomatic key distributionDecentralized key distribution Prerequisite: need n(n-1)/2 master keys for all sysytemRandom Numbersmany uses of random numbers in cryptography nonces in authentication protocols to prevent replaysession
13、keyspublic key generationkeystream for a one-time padin all cases its critical that these values be statistically randomwith uniform distribution, independentunpredictable cannot infer future sequence on previous valuesNatural Random Noisebest source is natural randomness in real world find a regula
14、r but random event and monitor eg. radiation counters, radio noise, audio noise, thermal noise in diodes, leaky capacitors, mercury discharge tubes etc problems of bias or uneven distribution in signal have to compensate for this when sample and use best to only use a few noisiest bits from each sam
15、ple Published Sourcesa few published collections of random numbers Rand Co, in 1955, published 1 million numbers generated using an electronic roulette wheel has been used in some cipher designs earlier Tippett in 1927 published a collection issues are that:these are limitedtoo well-known for most u
16、ses Pseudorandom Number Generators (PRNGs)algorithmic technique to create “random numbers”although not truly randomcan pass many tests of “randomness”Linear CongruentialGeneratorcommon iterative technique using:Xn+1 = (aXn + c) mod mgiven suitable values of parameters can produce a long random-like
17、sequencesuitable criteria to have are:function generates a full-periodgenerated sequence should appear randomefficient implementation with 32-bit arithmeticnote that an attacker can reconstruct sequence given a small number of valuesParameters choise problemsIf a=c=1 ,then .bad!If a=7,c=0,m=32, x0=1
18、,then 7,17,23,1,7 only used 4 of 32,bad!If a=5, 5,25,29,17,21,9,13,1, .8,bad!For m, generally chose nearly to CPU sizePRNGs Criteria T1: generation function should be full-periodT2: generated numbers should be looked as randomT3: suitble for 32 bits CPU to implement easilyHow to choose parametersFor
19、 T1, if m is prime and c=0,then we can choose some a to achieve period of m-1 Eg. Xn+1 = (aXn) mod (231-1) for a, such as 75=16807 (IBM 360)Attacks: x1=(ax0+c) mod m x2=(ax1+c) mod m a,c,m x3=(ax2+c) mod mUsing Block Ciphers as Stream Cipherscan use block cipher to generate numbersuse Counter ModeXi
20、 = EKmc+1use Output Feedback ModeXi = EKmXi-1ANSI X9.17 PRNGuses date-time + seed inputs and 3 triple-DES encryptions to generate new seed & randomANSI X9.17 PRNGuses date-time + seed inputs and 3 triple-DES encryptions to generate new seed & randomBlum Blum Shub(BBS) Generatorbased on public key al
21、gorithmsuse least significant bit from iterative equation:xi+1 = xi2 mod n where n=p.q, and primes p,q=3 mod 4Algrithm : (s,n)=1 (s,p)=1 (s,q)=1 x0=s2 mod n for i=1 to xi=(x i-1)2 mod n Bi= xi mod 2Characteristicunpredictable, passes next-bit testsecurity rests on difficulty of factoring N is unpredictable given any run of bits slow, since very large numbers must be usedtoo slow for cipher use, good for key generationSummaryhave considered:use of symmetric encryption to protect confidentialityneed for good key distributionuse of trusted third party KDCsrandom number generation
