
Cryptography
and
Computer Network Security
BASIC
CONCEPTS

The need for security services in today's
computer networks

Threats to computer security


Security services in computer
networks and relationships among them:

confidentiality,
integrity, authentication,
nonrepudiation


identification, access
control, auditing



Electronic commerce and other
applications of security services in today's
computer networks


Survey of domestic and foreign
cryptographic products


Basic
concepts
of cryptology. Types of cryptosystems.

Cryptosystem, plaintext, ciphertext,
key


Examples of simple cryptosystems


To publish or not to publish?


Secret and open research in
cryptology


Software vs. hardware implementations
of cryptography


Evolution of cryptography and
cryptanalysis.


Implementation
of security services

Classical (symmetric) vs. public key
(asymmetric) cryptosystems


Trapdoor oneway functions  main
components of public key cryptosystems


Features required from today's
ciphers


Implementing security services using
cryptographic transformations


Block vs. stream ciphers


Measures of the cipher strength


Key
Management

Session keys and key encrypting keys


Exchange of keys using Key
Distribution Center


The DiffieHellman key exchange
protocol


Exchange of symmetric keys using
public key cryptosystems


Generation and registration of the
public key pair


Concept of a public key certificate


Formats of certificates


Hierarchy of Certification
Authorities  Public Key Infrastructure


Certificate revocation


Pretty
Good
Privacy

Email Security


Implementation of Basic Security
Services in PGP


General Format of PGP Messages


Key Rings


PGP Trust Model

CLASSICAL CRYPTOALGORITHMS

Mathematical Background

Motivation


Basic definitions


Laws of modular arithmetic


Euclid's algorithm


Extended Euclid's algorithm


Solving linear congruences


Historical
ciphers

Substitution ciphers

monoalphabetic


polyalphabetic


runningkey


polygram


homophonic



Transposition ciphers


Breaking substitution ciphers using
frequency analysis


Breaking polyalphabetic ciphers using
Kasiski's method and method of the index of
coincidance


Shannon's theory of perfect secrecy
and its practical implications. Onetime pad.


Product ciphers


Data
Encryption
Standard  first attempt to standardize
protection of information in public computer
networks

History of the cryptosystem  the
NBSNSAIBM roles


Acceptance by government and
commercial sectors


Main features of the algorithm


Design criteria


Differential and linear cryptanalysis


Vulnerability to the exhaustive key
search attack


Extensions of DES: Triple DES, DESX


Modes of operation


Security of different operational
modes


Modes of operation of block ciphers

Block ciphers vs. stream ciphers


CTR, OFB, CFB, CBC


Comparison of existing modes of
operation


Evaluation criteria for new modes
of operation


Other symmetrickey block ciphers

IDEA


RC5


Fast software encryption
cryptoalgorithms


Minimal key lengths for
symmetrickey ciphers

PUBLIC
KEY CRYPTOALGORITHMS

RSA
–
Genesis, operation & security.
Factorization records.



RSA as a trapdoor oneway function


Factorization as a basis of the RSA
security


Recommended key sizes for the RSA
cryptosystem


RSA Implementation: Efficient encryption,
decryption & key generation

Basic exponentiation algorithm


Using Chinese Remainder Theorem for
fast exponentiation


Basic algorithms for multiplication
and modular reduction in software


Basic architectures for
multiplication and modular reduction in
hardware


Dependence between the key size and
the times of cryptographic transformation


Probabilistic tests for primality


Deterministic tests for primality


Constructing a random prime


Optimal Asymmetric Encryption Padding


Data
integrity
and authentication  two faces of the same
problem. Hash functions and MACs

Requirements for secure hash
functions.


Classification of hash functions.


Attacks against hash functions.


Standard and nonstandard
applications of hash functions.

digital signatures and
authentication codes


virus detection


password storage


fast encryption



Families of hash function algorithms
and their security


Requirements for Message
Authentication Code (MAC).


Families of MACs and their security.


Authentication combined with
confidentiality.

CRYPTOGRAPHIC STANDARDS AND SECURE INTERNET PROTOCOLS

American and international cryptographic
standards

Standard organizations


Main groups of cryptographic
standards:

federal standards


ANSI standards


informal industry
standards


IEEE standards


ISO standards



Classical cryptography standards


Publickey cryptography standards


Secure
Internet
Protocols

Secure electronic mail

S/MIME


Open PGP



Secure WWW

SSL



Secure payment card protocols


Secure virtual private networks

IPSec


