Computer Security- Lecture 2
From Cryptography
to Security
Symmetric vs Asymmetric Cryptography
Sym- also known as secret key
when there is only one secret key
This is shared between entities
e.g. encrypting and decrypting agent
Asym- also known as public key
encryption key is different but related to the
decryption key where one is public other is secret
In an asymmetric key encryption
scheme, anyone can encrypt messages using the public key, but only the
holder of the paired private key can decrypt.
Symmetric- key crypto
Keygen (k) = KS
It is the
generation of a secret key, KS
K is initial
seed data to which keygen is applied
Keygen is a key
generator function
Pseudorandom Number Generator is an example of one
So think that
the keygen is random number gen with K being the number
Encrypt(plaintext,
KS) = ciphertext
Decrypt
(ciphertext, KS)= plaintext
Example taken from lecture is below
So we can see 375… is the keygen which is the
password
A message is
sent with the key- but is commanded to be encrypted and as such becomes the new
figure 835…
Decryption of
the message, using the encryption and keygen gives the message
Another
example- plain text dot and symmetric key are encrypted and become cipher text
Using the
cipher text and symmetric key, is decrypted
So the SAME key
is used to both encrypt and decrypt the message/doc
Some algorithms
include- AES, DES and triple DES
Asymmetric-key
cryptography
PK(K)= Kpb
SK(K)= Kpr
Pb and pr are
public and private
K is some
initial seed data to which operators PK and SK are applied
Note! pk
– public key, known by everyone sk – secret (or private) key
In protocol form it is
Encrypt(plaintext, Kpb) = ciphertext
Decrypt(ciphertext, Kpr) = plain text
Encrypt(plaintext, Kpr) = ciphertext
Decrypt(ciphertext, Kpb) = plain text
A public key is
made freely available to anyone who might want to send you a message. A second,
private key is kept secret, so that only you know it.
Any message (text, binary files, or documents) that are encrypted by using the public key can only be decrypted by applying the same algorithm, but by using the matching private key. Any message that is encrypted by using the private key can only be decrypted by using the matching public key.
Any message (text, binary files, or documents) that are encrypted by using the public key can only be decrypted by applying the same algorithm, but by using the matching private key. Any message that is encrypted by using the private key can only be decrypted by using the matching public key.
So think about
it- Bob sends message to Alice using Public key, she decrypts using private
No one can
understand message unless they have this private key
Alice sends Bob a
message encrypted with her private key, but bob can understand as it is
decrypted by public key!
So in 1st
one, using the public key, message is encrypted as 534…
But using
secret key 534… is decrypted by the secret key 234… and thus shows message
Same in 2 but
swap keys around
Algorithms
include; ElGamal, RSA, DSS,DSA
Extracting
Security Properties from Cryptography
Important term-
Crypto net, which refers to a group sharing a key
Authenticity preserving in ASYM
Encrypt message
with senders private key
Communicate it
Recipient
retrieves senders public key
Decrypts with
that public key
Integrity and Cryptographic Hash Functions
Functions that
convert data D into a unique random integer, N
Protocol is
Hash (D) = N
Characterised
by EIII
Easy to compute
Infeasible to
find data that has given hash
Infeasible to
modify without changing hash
Infeasible to
find 2 diff data with same hash
Examples; MD5,
SHA
Digital
signatures
Encryptions of
hashes of any data by some entity
Used to
authenticate or hold senders accountable
So message is
hashed then encrypted then concatenated
Must validate
to prove source which is to decrypt
Equations: PK
(K)= Kpb (Generation of public key)
SK(K)= Kpr
(Generation of private key)
Sign
(plaintext, Kpr)= signature
= (M,
encrypt(hash(M), Kpr))
so signing the
plaing text with private key is a signature
then message is
encrypted and hashed with this key
so knowing the
key, could decrypt and prove its from sender
Algorithm used-
DSA
Conclusion
and summary
Symmetric based
on single key
Asymmetric
based on pub and private key
Can achieve
secrecy, authenticity, integrity and accountability
Remember sim is
same key
Pub known by
all but Priv known by one
So can say hi
to bob with public key
Only bob can
decrypt as has relevant private key
He could also
say hi to me with private key
And I decrypt with
public key
Lab notes
Lab session 2
openssl dgst - md5 -out testdgst.txt test.txt
Used- gave an MD5 hash to document, created new doc
Did command to make key- openssl genrsa -out privatekey.pem 1024
Generated the key and made a 1024 bit file
Cat key showed contents of key with beginning and end noted:
MIICXAIBAAKBgQCZJboEHsUGVErTAxNpWHkxERXCcAl7gmoeXB90U/KpRFUyPHEZ
g6O1Y2TguzM01kDkgqdACkNPfiiFDll89ilHqx9coZ08bk7w/RNwrJ3vOtmbItX4
18fAQ51IZE68BJ8sMuOfojaBlGc1bL1p0s9gw2ZfznyASiugKZvDvg6KqwIDAQAB
AoGACUnvgWZ4XszoCOpr1/zkxOQbZMK04IflddfylHSvCDM706M03O5OFKdlq/fO
wEqqfvGpwUmeEYk+Xeuj499uW3FvtmMi0BI9t6dWEGSkQhLvAcl5eOD2aGTUA4HH
H2dp5JQ/gIggKSrnkl8npw9Pyaw+SLPt4CUp1Om0LM3+1WkCQQDLENoVzTR04Xb4
4uNSllJ5meABom9reukZKxOT3/d30uqhqHmeAMKGtZXGG9K5L7Z31oG5B/O0LHOM
KgT5so9VAkEAwRGtUbVraIkcsZRUPt/Uc2GPbwwZhyM2qNeN5XOmkXrqjOkto9G1
1vfu8rBjlJPx6KR602fK7NAXU+QXX7ix/wJAar/NJbDeZqMv+96qSfwkFzDBBZry
n7nZWBXBEPeoDCGgnqMGa/1SRaanuaFewWNHtO/a+f4oKwtDIufj/a/UkQJAAQZz
ASgRdfCkclzzRZIyspomBNTvncQWGjdqzXkbvVIFxNHIKEKI0KdoYWmGXdebRTz6
Wf0HGtLQDOX9Kcj1SQJBAL78LHc7bpuWShV+5utv2OsAvBwlrQjrq2/fHSesHbQL
yH2znJWeAVP6tT45xUdGbGucCNmrfXJ75hin7L31vss=
Tried command openssl rsa -in key.pem -pubout -out pubkey.pem
Created the public key but could not display it
Decided to cat it- found that cat showed the following:
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCZJboEHsUGVErTAxNpWHkxERXC
cAl7gmoeXB90U/KpRFUyPHEZg6O1Y2TguzM01kDkgqdACkNPfiiFDll89ilHqx9c
oZ08bk7w/RNwrJ3vOtmbItX418fAQ51IZE68BJ8sMuOfojaBlGc1bL1p0s9gw2Zf
znyASiugKZvDvg6KqwIDAQAB
Did the signed test command but came up with random looking document
Still not access to public key through file
Tried to verify but rsautl not recognised as a command
Managed to decrypt the contents of signedtext.txt which was the signed text document, which in return displayed the content of Test.txt
openssl rsautl -verify -in signedtest.txt -inkey privatekey.pem verefied the raw signature
Did same but with hex dump, showe doc in hex format
Digital signature verification of publick key
Used command
openssl rsautl -verify -pubin -inkey publickey.pem -in signedtest.txt -out Verfiedtext1.txt
Checked Verfied (spelt wrong) doc, showed content of test
openssl rsautl -verify -pubin -inkey publickey.pem -in signedtest.txt -out Verifytext.txt
Showed the text in doc- contents matched
Created a hash using command below
openssl dgst -sha256 -sign privatekey.pem -out signedhash.txt Test.txt
and then verified using command below
openssl dgst -sha256 -verify publickey.pem -signature signedhash.txt Test.txt
Verified ok
Comments
Post a Comment