Cyrtographic Security Identitybased Encryption Dennis Kafura CS 5204
Cyrtographic Security Identity-based Encryption Dennis Kafura – CS 5204 – Operating Systems 1
Cryptographic Security Diffie-Hellman Key Exchange n n How can two parties come to possess a shared secret using only insecure channels of communication? Assumes passive eavesdropping only (i. e. susceptible to active (wo)man-in-the-middle attack) Relies on prime number groups (more later) Same/similar techniques underlie more recent cryptographic methods Dennis Kafura – CS 5204 – Operating Systems 2
Cryptographic Security Diffie-Hellman Key Exchange n Some mathematics If p is prime number, then the numbers 1. . p-1 form a group of order p-1 with multiplication modulo p as its operator. ¨ A generator, g, is any number 1. . p-1 such that for all n in 1. . p-1 there is a power k such that n=gk mod p. ¨ Example: 3 is a generator for the group with p=7 ¨ Notation: ¨ ¨ Operations: ¨ Security based on computational infeasibility of solving the discrete logarithm problem (i. e. , finding x if y = gx mod p given y, g, and p). Dennis Kafura – CS 5204 – Operating Systems 3
Cryptographic Security Key Exchange Protocol n Public information A prime number, p ¨ A generator, g ¨ n Steps ¨ ¨ ¨ Alice chooses a random number a and computes u=ga mod p and sends u to Bob chooses a random number b and computes v=gb mod p and sends v to Alice. Bob computes the key k = ub = (ga)b mod p. Alice computes the key k = va = (gb)a mod p. (note: both Bob and Alice have k = (gab) mod p) Dennis Kafura – CS 5204 – Operating Systems 4
Cryptographic Security Identity-based encryption n Public-key encryption Identity is conveyed in a certificate from a certificate authority that binds the public key to the identity ¨ Certificate must be obtained in advance ¨ Certificate authority is trusted to validate claim of identity ¨ n Identity-based encryption Identity itself serves as the public key (e. g, bob@company. com) ¨ No advance preparation needed ¨ Trusted service validates claim of identity ¨ Key escrow issue (trusted service can recreate secret key associated with an identity) ¨ Dennis Kafura – CS 5204 – Operating Systems 5
Cryptographic Security Identity-based encryption Bob Alice y Encrypted with bob@company. com as public key n se Private Key Generator d va i r p e k e t authenticate bob@company. com Dennis Kafura – CS 5204 – Operating Systems 6
Cryptographic Security Identity-based Encryption Private Key Generator (PKG) master-key Extract Setup ID k ID params Receiver d. ID Decrypt C Encrypt M Dennis Kafura – CS 5204 – Operating Systems M Sender 7
Cryptographic Security Bilinear Maps n Some mathematics ¨ ¨ n n Fortunately, groups with these properties can be generated algorithmically using a positive integer seed value (security parameter) k. Dennis Kafura – CS 5204 – Operating Systems 8
Cryptographic Security Identity-based encryption n n Basic. Ident algorithms Setup Dennis Kafura – CS 5204 – Operating Systems 9
Cryptographic Security Identity-based Encryption n Extract n Encrypt n Decrypt Dennis Kafura – CS 5204 – Operating Systems 10
Cryptographic Security Why does this work? n Encryption bitwise exclusive-ors M with: n Decryption bitwise exclusive-ors V with: n These masks are the same since: Dennis Kafura – CS 5204 – Operating Systems 11
Cryptographic Security Extensions ID-based bilinear groups attribute/fuzzy ID threshold secret sharing key/policy-based access tree Dennis Kafura – CS 5204 – Operating Systems 12
- Slides: 12