Secure Key Communication: Methods, Protocols, and Security
Secure Key Communications
Three Methods for Secure Key Exchange:
- Trusted Third Party: A central server delegates keys. Every user has a secret key, and the server knows everyone’s keys.
- A → T: { A, B }
- T → A: { Na, Kab, B, {Kab, A}Kb }Ka
- A → B: { Kab }Kb
Problems with Trusted Third Party:
- B doesn’t know who is communicating.
- Replay attack.
- If the server is compromised, it’s a single point of failure, and all user keys are compromised.
- The server can crash due to a denial-of-service attack.
Needham-
Read MoreCryptography Fundamentals: Encryption, Authentication, PKI
Cryptography Fundamentals
1. General Model for Communication
- Alice wants to send a message m to Bob.
- Eve is an adversary who may try to eavesdrop or modify the message.
- The goal of cryptography is to ensure that Eve cannot read or alter the message without authorization.
2. Encryption: Preventing Eavesdropping
- Encryption is used to prevent Eve from reading the message.
Key Concepts:
- Secret Key (Ke): A shared key between Alice and Bob. The longer the key, the higher the security.
- Plaintext (m): The original
Cryptography: Ciphers, Security, and MAC
Miscellaneous: Secret (Symmetric), Public (Asymmetric).
Math:
- XOR (a ⊕ b) is 0 if the values are the same, 1 if they are different. c = (x ⊕ k) is random and independent of the original X.
- Addition: Given x is a binary string of length n, and a is an integer, then (a+x) is the n least significant bits of the binary encoding of adding the values a and x.
- Given n bits, Pr[any one string] = 1/2n.
Classical Ciphers/Principles:
- Shift: Shifts all letters by the same amount (key). It can be cracked by brute-
TCP Acknowledgments and Digital Certificate Verification
Understanding TCP Acknowledgments
(A) Why is acknowledgment 701 sent when the segment with sequence 801-900 is received? Because in TCP, acknowledgments are cumulative, which means that the acknowledgment number refers to the next expected byte, indicating that all previous bytes have been successfully received and are in order.
The sender sends segments with sequence numbers 501-600, 601-700, and 701-800. The segment with sequence number 701-800 is lost. The receiver successfully receives segments
Read MoreCryptography and Authentication: Principles and Techniques
Cryptography and Authentication: Core Concepts
Confidentiality: Can you keep a secret? Integrity: Did you get the same message I sent you? Identification/Authentication: Who are you? Can you prove it? Authorization & Access Control: What are you allowed to do? Availability: Are you there when needed?
Symmetric Key Cryptography (SKC)
Secure Key Cryptography: Vigenere Cipher: P XOR k = C, C XOR k = P. The first byte of the plaintext is XOR’ed with the first character of k, the second byte with the
Read MoreCryptography: Hash Functions, Public Key, SSL, and PGP
Hash Function Algorithms
MD5: A widely used hash function (RFC 1321) that computes a 128-bit message digest in a 4-step process. For any arbitrary 128-bit string x, it appears difficult to construct a message m whose MD5 hash is equal to x.
SHA-1: Another hash function in use. It is a US standard [NIST, FIPS PUB 180-1] and produces a 160-bit message digest.
Public-Key Certification
Motivation: Trudy plays a pizza prank on Bob.
- Trudy creates an e-mail order: “Dear Pizza Store, Please deliver to me four