network security section 3: public key, digital signature
TRANSCRIPT
![Page 1: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/1.jpg)
Network Security
Section 3: Public Key,
Digital Signature
![Page 2: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/2.jpg)
New Algorithm Requirements
• Definitions:– E = Encryption Key– D = Decryption Key
• New Requirements:1. D(E(P)) = P
2. E #> D
3. E not crack-able by “known texts” attack.
![Page 3: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/3.jpg)
Example
AliceEa, Da
BobEb,Db
Eb
Ea
ABCDEFGHI
ABCDEFGHI
P Eb(P) ******************
******************
Send to Bob
******************
******************
Eb(P)D(Eb(P))ABCDEFGHI
ABCDEFGHI
Bob reads P
![Page 4: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/4.jpg)
Rivest
ShmirAdelman
RSA
![Page 5: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/5.jpg)
RSA
• One of the public key algorithms• RSA Algorithm:
1. Chose two number p & q (1024bit)2. n=p×q and z=(p-1)×(q-1)3. Choose a number d that is relatively prime to z4. e: e×d mod z = 15. Divde P to blocks, 0 <= block length < n6. C = Pe mod n7. Exit.
• OK. Where is the security location?
![Page 6: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/6.jpg)
RSA Example
• p = 3, q = 11
• n = 33, z = 20, d = 7, e = 3OK!
Lets finish cryptography algorithmsHOOORAY!
No more cryptography
algorithms PLEASE!
![Page 7: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/7.jpg)
Digital Signatures
• Why do we use signatures?
Authorization and Validity
• What is the problem of signature in digital world?
1. Authorize sender
2. Message must be undeniable from sender’s prospective.
3. Receiver can not produce fake messages.
![Page 8: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/8.jpg)
Symmetric-Key Signatures
• Store signature on valid institute (BB: Big Brother).
• What is the problem of this method?
Do you trust
Big Brother?
![Page 9: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/9.jpg)
Public-Key SignaturesE(D(P)) = PD(E(P)) = P
Can Alice evade message P?
Yes! How?
No! Why?
1. Be lost Da!!2. Changing Da!!
![Page 10: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/10.jpg)
Message Digests
• Digital Signature do both authorization and confidentiality of message
• Message Digests only authorize messages.
• MD features:– Easy Calculation of MD(P)– MD(P) #> P– MD(P) # MD(Q)– MD(P) # MD(P+1)
![Page 11: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/11.jpg)
MD5• MD5: 5th Message Digest. 128bit buffer• md5(apple) = 1f3870be274f6c49b3e31a0c6728957f
![Page 12: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/12.jpg)
SHA-1
• Secure Hash Algorithm
• Developed by NSA
• 160bit buffer
![Page 13: Network Security Section 3: Public Key, Digital Signature](https://reader035.vdocuments.us/reader035/viewer/2022070404/56649f355503460f94c532e2/html5/thumbnails/13.jpg)
The Birthday attack
• Problem: If it is easy to find two random messages that map to the same signature then a birthday attack is easy
• Example: the probability of 2 people having the same birthday in a group of 23 people is more than 0.5