
Cryptography
and Computer Network Security
BASIC CONCEPTS

The need for security services in today's computer networks

Threats
to computer security


Security
services in computer networks and relationships among them:

confidentiality, integrity, authentication, nonrepudiation


identification, access control, auditing



Electronic commerce and other applications of security services in
today's computer networks


Survey
of domestic and foreign cryptographic products


Basic
concepts of cryptology

Cryptosystem,
plaintext, ciphertext, key


Examples
of simple cryptosystems


To
publish or not to publish?


Secret
and open research in cryptology


Software
vs. hardware implementations of cryptography


Evolution
of cryptography and cryptanalysis.


Types
of cryptosystems. Implementation of security services

Classical
(symmetric) vs. public key (asymmetric) cryptosystems


Trapdoor
oneway functions  main components of public key cryptosystems


Features
required from today's ciphers


Implementing
security services using cryptographic transformations


Block
vs. stream ciphers


Measures
of the cipher strength


Key
Management

Session
keys and key encrypting keys


Exchange
of keys using Key Distribution Center


The
DiffieHellman key exchange protocol


Exchange
of symmetric keys using public key cryptosystems


Generation
and registration of the public key pair


Concept
of a public key certificate


Formats
of certificates


Hierarchy
of Certification Authorities  Public Key Infrastructure


Certificate
revocation


Pretty
Good Privacy

Email
Security


Implementation
of Basic Security Services in PGP


General
Format of PGP Messages


Key
Rings


PGP
Trust Model

CLASSICAL CRYPTOALGORITHMS

Mathematical Background

Motivation


Basic
definitions


Laws
of modular arithmetic


Euclid's
algorithm


Extended
Euclid's algorithm


Solving
linear congruences


Historical
ciphers

Substitution
ciphers

monoalphabetic


polyalphabetic


runningkey


polygram


homophonic



Transposition ciphers


Breaking
substitution ciphers using frequency analysis


Breaking
polyalphabetic ciphers using Kasiski's method and method of the index
of coincidance


Shannon's
theory of perfect secrecy and its practical implications. Onetime pad.


Product
ciphers


Data
Encryption Standard  first attempt to standardize protection of
information in public computer networks

History
of the cryptosystem  the NBSNSAIBM roles


Acceptance
by government and commercial sectors


Main
features of the algorithm


Design
criteria


Differential
and linear cryptanalysis


Vulnerability
to the exhaustive key search attack


Extensions
of DES: Triple DES, DESX


Modes
of operation


Security
of different operational modes


Modes of operation of block ciphers

Block
ciphers vs. stream ciphers


CTR,
OFB, CFB, CBC


Comparison
of existing modes of operation


Evaluation
criteria for new modes of operation


Other symmetrickey block ciphers

IDEA


RC5


Fast
software encryption cryptoalgorithms


Minimal
key lengths for symmetrickey ciphers

PUBLIC KEY CRYPTOALGORITHMS

RSA
– Genesis, operation & security. Factorization records.



RSA
as a trapdoor oneway function


Factorization
as a basis of the RSA security


Recommended
key sizes for the RSA cryptosystem


RSA Implementation: Efficient encryption, decryption & key
generation

Basic
exponentiation algorithm


Using
Chinese Remainder Theorem for fast exponentiation


Basic
algorithms for multiplication and modular reduction in software


Basic
architectures for multiplication and modular reduction in hardware


Dependence
between the key size and the times of cryptographic transformation


Probabilistic
tests for primality


Deterministic
tests for primality


Constructing
a random prime


Optimal
Assymetric Encryption Padding


Data
integrity and authentication  two faces of the same problem. Hash
functions and MACs

Requirements
for secure hash functions.


Classification
of hash functions.


Attacks
against hash functions.


Standard
and nonstandard applications of hash functions.

digital signatures and authentication codes


virus detection


password storage


fast encryption



Families of hash function algorithms and their security


Requirements
for Message Authentication Code (MAC).


Families
of MACs and their security.


Authentication
combined with confidentiality.

CRYPTOGRAPHIC STANDARDS AND SECURE
INTERNET PROTOCOLS

American and international cryptographic standards

Standard
organizations


Main
groups of cryptographic standards:

federal standards


ANSI standards


informal industry standards


IEEE standards


ISO standards



Classical cryptography standards


Publickey
cryptography standards


Secure
Internet Protocols

Secure
electronic mail

S/MIME


Open PGP



Secure WWW

SSL



Secure payment card protocols


Secure virtual private networks

IPSec



Export
and import control of cryptographic devices

Evolution
of the U.S. policy


Current
U.S. regulations

