Digital Log

    Csep-564-Lec-4

    Cryptography

    Shit. Prof has repeated, don't write cryptographic code. Hm. Oh well.

    Big Picture

    Cryptography is just one small piece of math that does one thing, it is a tool that is just a small part of the larger computer security arena.

    • Common goals:
      • Privacy of data: prevent exposure of information
      • Integrity of data: Prevent modification of information.
    • In our examples, Eve will try to eavesdrop on private info, and Mallory will try to modify it.
    • rubber-hose cryptanalysis: is the cryptosystem secure to the key holder being wacked repeatedly with a rubber hose?

    Definitions

    • Layered approach: Cryptographic protocols are built on top of cryptographic primitives.
    • Primitives:
      • Symmetric block ciphers
        • AES / DES / etc
      • Asymmetric encryption
        • RSA / ElGamal / Elliptic Curve
    • Modes
      • Block modes (CBC, ECB, CTR,...)
      • Padding structures
    • Protocols
      • TLS / SSL / SSH / tc
    • Usage of Protocols:
      • Browser security
      • Secure remote logins
    • Kerckhoff's Principle: Every single thing about the crytosystem is public except the secret key.

    Flavors

    • Symmetric encryption:
      • Both parties hold a single shared secret key $K$ for both encryption and decryption.
      • Challenge: how do you privately share a key?
    • Asymmetric encryption:
      • Each party creates a public key and secret key
      • Alice uses her secret key $sk_a$ and Bob's public key $pk_b$ to encrypt her message.
      • Notice there are four keys here.
      • Challenge: how do you validate a public key?

    Randomness

    A key building block is randomness - something that the adversaries won't know, can't predict, and can't figure out.

    • Uses
      • Secrets
      • Init vectors for encryption
      • Generating passwords
      • Shuffle votes
    • PS3 used a hardcoded value instead of a random nonce
      • Hackers found and released the private root key
    • Recent example: keypair JS library had a good source of randomness, but due to a double use of charFromByte, the seed ended up being mostly zeroes.
    • For security applications, we want cryptographically secure pseudorandom numbers (CSPRNG: cryptographically secure pseudorandom number generators).
      • On Linux:
        • /dev/random: blocking, waits for enough entropy
        • /dev/urandom: nonblocking, possibly less entropy
        • Use getrandom() sys call instead!!
      • Internally, an entropy pool is gathered from multiple sources (mouse, keyboard, network, etc.).
      • Challenges: embedded systems, saved VMs.
        • If you save a VM and copy to different nodes, by default they have the same entropy pool!
        • Embedded systems like your router don't have specific hardware for generating randomness.
        • Check out the Mining Your P's and Q's paper.
    • How do you test randomness?
      • Run the dieharder test!

    Symmetric Encryption

    One-TIme Pad

    This scheme just XORs a key with a message.

    • Pros:
      • Enc/dec via the same operation
      • Enc/dec very cheap to compute
      • As secure as theoretically possible (assuming key seq truly random)
    • Problems:
      • Key must be as long as the plaintext
      • Insecure if keys are reused
      • Does not guarantee integrity at all

    Block Ciphers

    • Operates on a single chunk (block) of plaintext
    • Given some input block, there's a table of possible output permutations
      • The key determines which permutation column to use.
      • Note: this table is public information, but the key that chooses which column is private.
    • This is a keyed permutation, not just a shuffling of bits!
      • An N-bit block cipher permutes over $2^N$ inputs.
    • Goals:
      • Should look like a random permutation.
      • Should be hard to crack in a given amount of time (more security needed for greater amounts of time).
    • Example: AES, DES