Академический Документы
Профессиональный Документы
Культура Документы
Public-Key Cryptography
and Message
Authentication
Henric Johnson
OUTLINE
Approaches to Message
Authentication
Secure Hash Functions and HMAC
Public-Key Cryptography Principles
Public-Key Cryptography Algorithms
Digital Signatures
Key Management
Henric Johnson
Authentication
Requirements - must be able to verify that:
1. Message came from apparent source
or author,
2. Contents have not been altered,
3. Sometimes, it was sent at a certain
time or sequence.
Protection against active attack
(falsification of data and transactions)
Henric Johnson
Approaches to Message
Authentication
Authentication Using Conventional
Encryption
Henric Johnson
Henric Johnson
Henric Johnson
1.
2.
3.
4.
Henric Johnson
10
Henric Johnson
11
MD5
Digest length
Basic unit of
processing
160 bits
512 bits
128 bits
512 bits
Number of
steps
80 (4
rounds of
20)
Maximum
message size
264-1 bits
64 (4
160 (5
rounds of paired
16)
rounds of
16)
Henric Johnson
RIPEMD160
160 bits
512 bits
12
HMAC
Use a MAC derived from a cryptographic
hash code, such as SHA-1.
Motivations:
Cryptographic hash functions executes faster
in software than encryptoin algorithms such as
DES
Library code for cryptographic hash functions
is widely available
No export restrictions from the US
Henric Johnson
13
HMAC Structure
Henric Johnson
14
Public-Key Cryptography
Principles
The use of two keys has consequences in:
key distribution, confidentiality and
authentication.
The scheme has six ingredients (see Figure 3.7)
Plaintext
Encryption algorithm
Public and private key
Ciphertext
Decryption algorithm
Henric Johnson
15
Henric Johnson
16
Henric Johnson
17
18
19
20
Public-Key Cryptographic
Algorithms
RSA and Diffie-Hellman
RSA - Ron Rives, Adi Shamir and Len
Adleman at MIT, in 1977.
RSA is a block cipher
The most widely implemented
Diffie-Hellman
Henric Johnson
21
Select p,q
p and q both prime
Calculate n = p x q
Calculate (n) ( p 1)(q 1)
gcd((n), e) 1; 1 e (n)
Select integer e
1
d e mod (n)
Calculate d
Public Key
KU = {e,n}
Private key
KR = {d,n}
Henric Johnson
22
Henric Johnson
23
M<n
Ciphertext:
C = Me (mod n)
Henric Johnson
24
Plaintext:
M = Cd (mod n)
Henric Johnson
25
Henric Johnson
26
Other Public-Key
Cryptographic Algorithms
Digital Signature Standard (DSS)
Makes use of the SHA-1
Not for encryption or key echange
27
Key Management
Public-Key Certificate Use
Henric Johnson
28