Privacy and Authentication: An Introduction to Cryptography
-
Upload
beauregard-daniel -
Category
Documents
-
view
41 -
download
1
description
Transcript of Privacy and Authentication: An Introduction to Cryptography
![Page 1: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/1.jpg)
![Page 2: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/2.jpg)
What is Cryptography?
• Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like
• Google Image search for
cryptography →
![Page 3: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/3.jpg)
Cryptanalysis
• A system is “broken” if there exists a technique to decrypt a message that is at all faster than brute-force
• A larger keyspace is always more secure
• Trade-offs exist with large keys i.e. if you need a 3 million bit key to guarantee 100% security but a 256 bit key gives you 99%...
![Page 4: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/4.jpg)
Models of Attackers
• Ciphertext only attack (weakest system)– Can discern the key from only 1 ciphertext
• Known plaintext attack– Has both the unencrypted and encrypted message
• Chosen plaintext attack– Can chose the message and see the encrypted
version
• Chosen text attack (strongest system)– Can select message OR ciphertext at will
![Page 5: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/5.jpg)
Classical Cryptography
• Time period: 4500 BC – 1946ish• Stenography (sort of)• Substitution Ciphers (and Vigènere Ciphers)• One Time Pad• Transposition Ciphers• Polyalphabetic Ciphers• Codes• All WWII crypto systems (Enigma, Purple, etc)• Modern systems are distinguished by use of
mathematical systems and proofs of security
![Page 6: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/6.jpg)
One-Time Pad
• XOR a message with a random key of the same length
• Provably secure! Given any ciphertext of length m it can be decrypted to every message of length m
• Key can only be used once (or it is broken)
• Difficult to distribute keys
![Page 7: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/7.jpg)
Substitution (Caesar) Cipher
• OS IS NEARLY OVER = QY AY MCKBXW QZCB
• ROT-13
• Vulnerable to frequency analysis – ciphertext only attack succeeds
n o p q r s t u v w x y z
m q v d b y o u z f p w h
a b c d e f g h i j k l m
k i j n c t e s a l r x g
![Page 8: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/8.jpg)
WWII Crypto: Engima
• A rotor style machine• Key is how to set the rotors,
reflector and the plugboard• Keyspace ≈ 10114
• First computer, Colossus, built in Bletchley Park by Alan Turing’s team to perform cryptanalysis on Enigma. Biggest weakenesswas operator error
![Page 9: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/9.jpg)
Modern Cryptography: DES
• Adopted by NIST as national standard in 1976
• Developed by IBM as the Lucifer cipher
• A block cipher based on Feistel S-boxes
![Page 10: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/10.jpg)
DES Structure
![Page 11: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/11.jpg)
DES Problems
• 56-bit keys = broken in less than 24 hours
• Also vulnerable to chosen plaintext attacks
• Triple DES – run DES 3 times over the message with 2 different keys – is still practically secure
• Replaced with AES in 2002
![Page 12: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/12.jpg)
Public Key: RSA
• Select two large primes, p and q. N = pq• Φ(N)=(p-1)(q-1) (the # of #’s relatively prime to N)
• Select random E in [1, Φ(N)–1]
• Publish E and N -> public key
• ED = 1 mod Φ(N) -> D is the private key
• Encryption: C = ME modN
• Decryption: M = CD modN
![Page 13: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/13.jpg)
RSA - Continued
• Can do digital signatures (sign your outgoing message with your private key, then their public key)
• Exponentiation is computationally expensive • Most frequently used as a method for
exchanging keys for a symmetric system
• Many other public key systems, el-gamal, elliptic curves etc.
![Page 14: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/14.jpg)
Cryptographic Hash Functions
• One-way functions used as a checksum
• Important features:– “Impossible” to invert– Error-propagation– Fast– Few input collisions
• MD5 (128 bits, 1996), SHA-1 (160 bits, 2005), SHA-256, SHA-512
![Page 15: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/15.jpg)
Key Distribution
• Diffie-Hellman Key Exchange
• Link-encryption
• End-to-end encryption
• Key distribution center
• Couriers
• Pigeons
![Page 16: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/16.jpg)
Diffie-Hellman Key Exchange (1976)
• Relies on difficulty of modular logarithms• Secure if g and p are chosen well (can be chosen in
advance)
![Page 17: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/17.jpg)
Link-Encryption
• Encrypts and decrypts all traffic at each communication link
• Advantage: Each user needs to manage only 1 key
• Disadvantage: You must be able to trust the links. Not realistic.
![Page 18: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/18.jpg)
End-To-End Encryption
• Encrypted by sender with receiver’s key
• Advantage: Ensures privacy of the message contents
• Disadvantage: Requires each user to manage O(n) keys and system has O(n2) keys total
![Page 19: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/19.jpg)
Key Distribution Center
• Trusted third party
• See Kristen’s presentation!
![Page 20: Privacy and Authentication: An Introduction to Cryptography](https://reader036.fdocuments.net/reader036/viewer/2022062304/5681349e550346895d9b9383/html5/thumbnails/20.jpg)
Future Directions
• Quantum cryptography - can guarantee no eavesdropper. Creates a secure channel for exchanging keys.
• Identity-based encryption - your name is your public key. Eliminates key distribution problem.
I ♥ MBC