Cryptography and Computer Network-Security

Cryptography and Computer Network Security

	BASIC CONCEPTS
	KEY MANAGEMENT
	CLASSICAL CRYPTOALGORITHMS
	PUBLIC KEY CRYPTOALGORITHMS
	SECURITY SERVICES
	CRYPTOGRAPHIC STANDARDS AND SECURE INTERNET PROTOCOLS

BASIC CONCEPTS

The need for security services in today's computer networks

Threats to computer security

Security services in computer networks and relationships among them:

	confidentiality, integrity, authentication, non-repudiation
	identification, access control, auditing

Electronic commerce and other applications of security services in today's computer networks

Survey of domestic and foreign cryptographic products

Basic concepts of cryptology

	Cryptosystem, plaintext, ciphertext, key
	Examples of simple cryptosystems
	To publish or not to publish?
	Secret and open research in cryptology
	Software vs. hardware implementations of cryptography
	Evolution of cryptography and cryptanalysis.

Types of cryptosystems. Implementation of security services

Classical (symmetric) vs. public key (asymmetric) cryptosystems

Trapdoor one-way functions - main components of public key cryptosystems

Features required from today's ciphers

Implementing security services using cryptographic transformations

Block vs. stream ciphers

Measures of the cipher strength

KEY MANAGEMENT

Key Management

	Session keys and key encrypting keys
	Exchange of keys using Key Distribution Center
	The Diffie-Hellman key exchange protocol
	Exchange of symmetric keys using public key cryptosystems
	Generation and registration of the public key pair
	Concept of a public key certificate
	Formats of certificates
	Hierarchy of Certification Authorities - Public Key Infrastructure
	Certificate revocation

Pretty Good Privacy

E-mail Security

Implementation of Basic Security Services in PGP

General Format of PGP Messages

Key Rings

PGP Trust Model

CLASSICAL CRYPTOALGORITHMS

Mathematical Background

	Motivation
	Basic definitions
	Laws of modular arithmetic
	Euclid's algorithm
	Extended Euclid's algorithm
	Solving linear congruences

Historical ciphers

Substitution ciphers

	monoalphabetic
	polyalphabetic
	running-key
	polygram
	homophonic

Transposition ciphers

Breaking substitution ciphers using frequency analysis

Breaking polyalphabetic ciphers using Kasiski's method and method of the index of coincidance

Shannon's theory of perfect secrecy and its practical implications. One-time pad.

Product ciphers

Data Encryption Standard - first attempt to standardize protection of information in public computer networks

	History of the cryptosystem - the NBS-NSA-IBM roles
	Acceptance by government and commercial sectors
	Main features of the algorithm
	Design criteria
	Differential and linear cryptanalysis
	Vulnerability to the exhaustive key search attack
	Extensions of DES: Triple DES, DESX
	Modes of operation
	Security of different operational modes

Modes of operation of block ciphers

	Block ciphers vs. stream ciphers
	CTR, OFB, CFB, CBC
	Comparison of existing modes of operation
	Evaluation criteria for new modes of operation

Other symmetric-key block ciphers

	IDEA
	RC5
	Fast software encryption cryptoalgorithms
	Minimal key lengths for symmetric-key ciphers

Up

PUBLIC KEY CRYPTOALGORITHMS

RSA – Genesis, operation & security. Factorization records.

Genesis of RSA

RSA as a trapdoor one-way function

Factorization as a basis of the RSA security

	factorization records
	factoring big numbers using a distributed network of computers
	RSA challenge

Recommended key sizes for the RSA cryptosystem

RSA Implementation: Efficient encryption, decryption & key generation

	Basic exponentiation algorithm
	Using Chinese Remainder Theorem for fast exponentiation
	Basic algorithms for multiplication and modular reduction in software
	Basic architectures for multiplication and modular reduction in hardware
	Dependence between the key size and the times of cryptographic transformation
	Probabilistic tests for primality
	Deterministic tests for primality
	Constructing a random prime
	Optimal Assymetric Encryption Padding

Up

SECURITY SERVICES

Data integrity and authentication - two faces of the same problem. Hash functions and MACs

Requirements for secure hash functions.

Classification of hash functions.

Attacks against hash functions.

Standard and non-standard applications of hash functions.

	digital signatures and authentication codes
	virus detection
	password storage
	fast encryption

Families of hash function algorithms and their security

Requirements for Message Authentication Code (MAC).

Families of MACs and their security.

Authentication combined with confidentiality.

Up

CRYPTOGRAPHIC STANDARDS AND SECURE INTERNET PROTOCOLS

American and international cryptographic standards

Standard organizations

Main groups of cryptographic standards:

	federal standards
	ANSI standards
	informal industry standards
	IEEE standards
	ISO standards

Classical cryptography standards

Public-key cryptography standards

Secure Internet Protocols

Secure electronic mail

	S/MIME
	Open PGP

Secure WWW

SSL

Secure payment card protocols

Secure virtual private networks

IPSec

Export and import control of cryptographic devices

	Evolution of the U.S. policy
	Current U.S. regulations

Up