Web Security

A 5-tuple $(M,C,K,E_k,D_k)$, where $M$: plaintext space $C$: ciphertext space $K$: key space $E_k$: Encryption transformation $D_k$: Decryption transformation Attacks Ciphertext-only attack: only know ciphertext $c$. Known-plaintext attack: know ciphertext-plaintext pair $(c,m)$. Security Requirements $E_k$ and $D_k$ are known to all. It should be computationally infeasible to determine $m$, given $c$. It should be computationally infeasible to determine $D_k$ and $k$, given $c$ and $m$. Transposition Ciphers Let $f$ be a permutation of $Z_d$. ...

Confidentiality Service $$ Alice \rightarrow E_k(m) \rightarrow Bob $$ Authentication and Data Integrity In PGP and S/MIME, $$ Alice \rightarrow m||Alice’s\ digital\ signiture\ on\ m \rightarrow Bob $$ In most real-world security systems, $$ Alice \rightarrow m||h_k(m) \rightarrow Bob $$ Providing Mutual Authentication Type-1: Kerberos-like protocol, $$ Alice \rightarrow E_k(ID_A||ID_B||timestamp) \rightarrow Bob \ Alice \leftarrow E_k(ID_B||ID_A||timestamp) \leftarrow Bob $$ where $k$ is a pre-shared secret key. Type-2: challenge-response protocol, $$ Alice \rightarrow E_{K_e^B}(N_1) \rightarrow Bob \ Alice \leftarrow N_1 \leftarrow Bob $$ This is to allow Alice to authenticate Bob. Authentication in the other direction is similar. ...