Cryptography Steganography MinShiang Hwang Department of Computer Science

  • Slides: 38
Download presentation
Cryptography & Steganography Min-Shiang Hwang (黃明祥) Department of Computer Science & Information Engineering Asia

Cryptography & Steganography Min-Shiang Hwang (黃明祥) Department of Computer Science & Information Engineering Asia University Email: mshwang@asia. edu. tw http: //isrc. ccs. asia. edu. tw/ Room: I-420 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 1

Workshop: Cryptography and Steganography Agenda Time Topics 14: 30 – 15: 50 Cryptography 15:

Workshop: Cryptography and Steganography Agenda Time Topics 14: 30 – 15: 50 Cryptography 15: 50 – 16: 20 Take a break 16: 20 – 17: 20 Steganography 2021/2/19 Speakers Prof. Min-Shiang Hwang Prof. Yung-Chen Chou Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 2

Cryptography Outline ØIntroduction to Cryptography ØMy Research Topics ØCall For Authors (Writers) 2021/2/19 Min-Shiang

Cryptography Outline ØIntroduction to Cryptography ØMy Research Topics ØCall For Authors (Writers) 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 3

Introduction to Cryptography 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ )

Introduction to Cryptography 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 4

Introduction to Cryptography Wikipedia Definition Cryptography is the practice and study of techniques for

Introduction to Cryptography Wikipedia Definition Cryptography is the practice and study of techniques for secure communication in the presence of third parties called adversaries (or attackers). Cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Various aspects in information security such as data confidentiality, data integrity, authentication, and nonrepudiation are central to modern cryptography. 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 5

Introduction to Cryptography Modern cryptography exists at the intersection of the disciplines of mathematics,

Introduction to Cryptography Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, electrical engineering, communication science, and physics. Applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. https: //en. wikipedia. org/wiki/Cryptography 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 6

Introduction to Cryptography The art and science of concealing the messages to introduce secrecy

Introduction to Cryptography The art and science of concealing the messages to introduce secrecy in information security is recognized as Cryptography. https: //www. tutorialspoint. com/cryptography/cryptosystems. htm 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 7

Introduction to Cryptography A cryptosystem is an implementation of cryptographic techniques and their accompanying

Introduction to Cryptography A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure to provide information security services. 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 8

Introduction to Cryptography Components of a Cryptosystem Plaintext. It is the data to be

Introduction to Cryptography Components of a Cryptosystem Plaintext. It is the data to be protected during transmission. Encryption Algorithm. It is a mathematical process that produces a ciphertext for any given plaintext and encryption key. It is a cryptographic algorithm that takes plaintext and an encryption key as input and produces a ciphertext. Ciphertext. It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. The ciphertext is not guarded. It flows on public channel. It can be intercepted or compromised by anyone who has access to the communication channel. 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 9

Introduction to Cryptography Decryption Algorithm. It is a mathematical process, that produces a unique

Introduction to Cryptography Decryption Algorithm. It is a mathematical process, that produces a unique plaintext for any given ciphertext and decryption key. It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. Encryption Key. It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the ciphertext. Decryption Key. It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the ciphertext in order to compute the plaintext. 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 10

Introduction to Cryptography Types of Cryptosystems Fundamentally, there are two types of cryptosystems based

Introduction to Cryptography Types of Cryptosystems Fundamentally, there are two types of cryptosystems based on the manner in which encryption-decryption is carried out in the system: Ø Symmetric Cryptosystems Ø Asymmetric Cryptosystems 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 11

Introduction to Cryptography Symmetric Cryptosystems (Secret-Key or One. Key Cryptosystems) The encryption process where

Introduction to Cryptography Symmetric Cryptosystems (Secret-Key or One. Key Cryptosystems) The encryption process where same keys are used for encrypting and decrypting the information. A few well-known examples of symmetric key encryption methods are − AES, DES, etc. 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 12

Introduction to Cryptography Symmetric Cryptosystems Secret Keys (Shared by Sender and Receiver) Plaintext Encrypt

Introduction to Cryptography Symmetric Cryptosystems Secret Keys (Shared by Sender and Receiver) Plaintext Encrypt Decrypt Sender Alice 2021/2/19 Ciphertext Send Ciphertext Decrypt Plaintext Ciphertext Encrypt Plaintext Public Channel Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) Receiver Bob 13

Introduction to Cryptography Asymmetric Cryptosystems (Public Key or Two -Key Cryptosystems) The encryption process

Introduction to Cryptography Asymmetric Cryptosystems (Public Key or Two -Key Cryptosystems) The encryption process where different keys are used for encrypting and decrypting the information. A few well-known examples of asymmetric cryptosystems are − RSA, El. Gamal, ECC, etc. 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 14

Introduction to Cryptography Asymmetric Cryptosystems CA Keys Bob’s Privacy Key Bob’s Public Key Plaintext

Introduction to Cryptography Asymmetric Cryptosystems CA Keys Bob’s Privacy Key Bob’s Public Key Plaintext Encrypt Decrypt Sender Alice Ciphertext Send Ciphertext Decrypt Plaintext Ciphertext Encrypt Plaintext Public Channel Alice’s Privacy Key 2021/2/19 Send Receiver Bob Alice’s Public Key Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 15

My Research Topics 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ )

My Research Topics 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 16

Research Topics Ø Ø Ø Ø Cryptosystems and Its Applications Security in Cloud Computing

Research Topics Ø Ø Ø Ø Cryptosystems and Its Applications Security in Cloud Computing Security in Sensor Networks (IOT) Security in RFID Security in P 2 P Networks Security in Mobile Communications Steganography Others: Blockchain, Security in Big Data, AI, VR, … 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 17

Cryptosystems and Its Applications Please download Cryptosystems slides from the following dropbox: https: //www.

Cryptosystems and Its Applications Please download Cryptosystems slides from the following dropbox: https: //www. dropbox. com/s/j 51 d 5 abiqgfrqkh/Key. Hierarchy. ppt? dl=0 Please download Applications slides from the following dropbox: https: //www. dropbox. com/s/g 2912 hrtlmnu 5 ek/Applications. ppt? dl=0 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 18

Security in Cloud Computing Please download slides from the following dropbox: https: //www. dropbox.

Security in Cloud Computing Please download slides from the following dropbox: https: //www. dropbox. com/s/03 ojxor 5 kh 2 u 2 jn/Cloud. Computing. pptx? dl=0 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 19

Design and Implementation of Privacy Cloud Storages Please download slides from the following dropbox:

Design and Implementation of Privacy Cloud Storages Please download slides from the following dropbox: https: //www. dropbox. com/s/tpoi 3 dp 8 thi 8 qgs/Privacy_Cloud_Storages. pptx? dl=0 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 20

Security in Sensors Networks (IOT) Please download slides from the following dropbox: https: //www.

Security in Sensors Networks (IOT) Please download slides from the following dropbox: https: //www. dropbox. com/s/27 qwgjff 26 fo 2 e 9/Sensor. Networks. pptx? dl=0 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 21

Security in RFID Please download slides from the following dropbox: https: //www. dropbox. com/s/yhs

Security in RFID Please download slides from the following dropbox: https: //www. dropbox. com/s/yhs 7 x 3 vkjfc 8 xy 7/RFID. ppt? dl=0 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 22

Security in P 2 P Networks Please download slides from the following dropbox: https:

Security in P 2 P Networks Please download slides from the following dropbox: https: //www. dropbox. com/s/r 1 k 58253 x 3 surjp/P 2 P-Security. ppt? dl=0 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 23

Security in Mobile Communications Please download slides from the following dropbox: https: //www. dropbox.

Security in Mobile Communications Please download slides from the following dropbox: https: //www. dropbox. com/s/82 kftxxkl 1 ejwjt/Mobile. Communications. pptx? dl=0 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 24

Steganography Please download slides from the following dropbox: https: //www. dropbox. com/s/wkyx 2 ttk

Steganography Please download slides from the following dropbox: https: //www. dropbox. com/s/wkyx 2 ttk 7 oafsy 4/Steganography. ppt? dl=0 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 25

Call For Authors (Writers) 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/

Call For Authors (Writers) 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 26

An Improvement of Hou-Wang’s Remote User Authentication Scheme Guifa Hou, Zhijie Wang, “A Robust

An Improvement of Hou-Wang’s Remote User Authentication Scheme Guifa Hou, Zhijie Wang, “A Robust and Efficient Remote Authentication Scheme from Elliptic Curve Cryptosystem”, International Journal of Network Security, Vol. 19, No. 6, 2017, pp. 904 -911 Department of Computer Science & Information Engineering Asia University 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 27

Outline ØIntroduction ØReview of Hou-Wang’s Scheme ØWeaknesses of Hou-Wang’s Scheme ØThe Proposed Scheme ØConclusion

Outline ØIntroduction ØReview of Hou-Wang’s Scheme ØWeaknesses of Hou-Wang’s Scheme ØThe Proposed Scheme ØConclusion 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 28

Introduction User Authentication ID, PW User ID, PW Internet Server 2021/2/19 Min-Shiang Hwang (

Introduction User Authentication ID, PW User ID, PW Internet Server 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 29

Review of Hou-Wang’s Scheme Notations 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu.

Review of Hou-Wang’s Scheme Notations 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 30

Review of Hou-Wang’s Scheme The Registration Phase 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs.

Review of Hou-Wang’s Scheme The Registration Phase 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 31

Review of Hou-Wang’s Scheme The Login Phase 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs.

Review of Hou-Wang’s Scheme The Login Phase 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 32

The Authentication and Session Key Exchange Phase 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs.

The Authentication and Session Key Exchange Phase 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 33

Review of Hou-Wang’s Scheme Registration Phase: Smart Card: {Bi, H(), G, Ek()/Dk()} Bi =

Review of Hou-Wang’s Scheme Registration Phase: Smart Card: {Bi, H(), G, Ek()/Dk()} Bi = EAi(H(x||ni), ni. G) Ai = H(IDi||PWi) Login Phase: Ui Server: {Ci, Di} Input IDi, PWi Ai = H(IDi||PWi) DAi(Bi) Bi = EAi(H(x||ni), ni. G) Ci = t G Ki=t Pubs Di=EKi(IDi, H(x||ni)) 2021/2/19 Authentication Phase: Server Ui: {Ei, Fi} Ki = x C i (IDi, H(x||ni) =DKi(Di) Check Database (IDi and ni) Check H(x||ni) Ei = s G Fi = s Ci +ni G Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 34

Weakness of Hou-Wang’s Scheme Login Phase: Ui Server: {Ci, Di} Input IDi, PWi Ai

Weakness of Hou-Wang’s Scheme Login Phase: Ui Server: {Ci, Di} Input IDi, PWi Ai = H(IDi||PWi) DAi(Bi) Bi = EAi(H(x||ni), ni. G) Ci = t G Ki=t Pubs Di=EKi(IDi, H(x||ni)) Authentication Phase: Server Ui: {Ei, Fi} Ki = x C i (IDi, H(x||ni) =DKi(Di) Check Database (IDi and ni) Check H(x||ni) Ei = s G Fi = s Ci +ni G {C’i, D’i} Smart Card + Guessing Attack: Guess PW’i and get H’(x||ni), n’i. G {Ei, Fi} C’i = t’ G K’i=t’ Pubs D’i=EK’i(IDi, H’(x||ni)) 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) Server 35

An Improved User Authentication Scheme Login Phase: Ui Server: {Ci, Di} Input IDi, PWi

An Improved User Authentication Scheme Login Phase: Ui Server: {Ci, Di} Input IDi, PWi IDi Ai = H(IDi||PWi) DAi(Bi) ID 1 Bi = EAi(H(x||ni), ni. G) ID 2 Ci = t G : Ki=t Pubs Di=EKi(IDi, H(x||ni)) Nonce n 1 n 2 Authentication Phase: Server Ui: {Ei, Fi} Ki = x C i Counter (IDi, H(x||ni) =DKi(Di) (< 3) Check Database (IDi and ni) 1 Check H(x||ni) 2 Ei = s G Fi = s Ci +ni G {C’i, D’i} Smart Card + Guessing Attack: Guess PW’i and get H’(x||ni), n’i. G {Ei, Fi} C’i = t’ G K’i=t’ Pubs D’i=EK’i(IDi, H’(x||ni)) 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) Server 36

The International Conference on Information and Communications Technology 2018 (ICOIACT 2018) will be held

The International Conference on Information and Communications Technology 2018 (ICOIACT 2018) will be held on 6 – 8 March 2018 in Grand Zuri Malioboro Hotel, Yogyakarta, Indonesia. http: //icoiact. org/ If you are interesting to submit a paper for presentation in ICOIACT 2018 or other international conference, please contact us. 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 37

Welcome to join our research team & Thanks you for your listening! 2021/2/19 Min-Shiang

Welcome to join our research team & Thanks you for your listening! 2021/2/19 Min-Shiang Hwang ( http: //isrc. ccs. asia. edu. tw/ ) 38