Security

Only available on StudyMode
  • Topic: Cryptography, Cryptographic hash function, RSA
  • Pages : 23 (3919 words )
  • Download(s) : 47
  • Published : April 17, 2013
Open Document
Text Preview
ePayment Security ECOM 6016 Electronic Payment Systems
• Keep financial data secret from unauthorized parties (privacy) – CRYPTOGRAPHY

Lecture 3 ePayment Security

• Verify that messages have not been altered in transit (integrity) – HASH FUNCTIONS

• Prove that a party engaged in a transaction ( (nonrepudiation) ) – DIGITAL SIGNATURES

• Verify identity of users (authentication)
– PASSWORDS, DIGITAL CERTIFICATES

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

Cryptography and Hash Functions yp g p y
• Message digest (hash) algorithms
– Secure Hash Algorithm: SHA-1, SHA-2, SHA-3 competition – Securing passwords

Hash Functions
• A “hash” is a short function of a message, f ti f sometimes called a “message digest” g g • BUT: a hash is not uniquely reversible • Many messages have the same hash Hash function H produces a fixed size hash of a message M, usually 128‐512 bits h = H(M)

• S Symmetric encryption ti ti
– DES and variations – AES: Rijndael

• Public-key algorithms
– RSA

• Defending against attacks
– Salting, nonces g

• Digital signatures

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

One-Way Hash Functions
• For any string s, H(s), the hash of s, is of fixed length (shorter than ) ( h t th s) • Hashes should be easy to compute • A “one-way” has is computationally difficult to invert: can’t find any message corresponding to a given hash This is a message M  This is a message M that we want to make  unalterable so it  cannot be forged or  modified.

One-Way Hash Functions
• There are plenty of hash functions but no obvious one-way h h f hash functions ti • Good one-way hashes have the diffusion property: Altering any bit of the message changes many bits of the hash • This prevents trying similar messages to see if they hash to the same thing We ll non reversibility • We’ll see how non-reversibility provides security

h = H(M) H
52f21cf7c7034a20 17a21e17e061a863
This is the hash of message M

M:

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

Uses of One Way Hash Functions One-Way
• • • • Password verification Message authentication (message digests) Prevention of replay attack Digital signatures

Key-Hashed Message Authentication Codes (HMACs)
Shared Key Original Plaintext

Hashing with MD5, SHA, etc. HMAC Key-Hashed Message Authentication Code (HMAC)

Appended to Plaintext Before Transmission HMAC Original Plaintext Note: No encryption; only hashing

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

Key-Hashed Message Authentication Codes (HMACs)
Receiver Repeats the HMAC Computation On the Received Plaintext Shared Key Received Original Plaintext

Nonce to Prevent Replay Attack p y
• Replay attack: repeating the messages in a challenge-response protocol (lik username/ h ll t l (like / password) to gain access to a system • Defense: make the messages different EVERY TIME the protocol is used. • But how? The username and password don’t change don t • Answer: use a random number, called a “nonce” each time. Require the user to include the nonce in his response • NOTE: Nonce is an obsolete word: “for the nonce” means “for the time being,” “just for now” THE UNIVERSITY OF HONG KONG FEB/MAR 2012 © 2012 MICHAEL I. SHAMOS

Hashing with same algorithm ith Computed HMAC



COMPARE



Received HMAC

If computed and received HMACs are the same, The sender must know the key and so is authenticated AND the message has not been altered

THE UNIVERSITY OF HONG KONG

FEB/MAR 2012

© 2012 MICHAEL I. SHAMOS

Password Verification
System sends nonce to...
tracking img