Secure communication

Informatics for economists II

Jan Přichystaljprich@pef.mendelu.cz

Present-days problems

People work daily with private and secure information.

Most information are created and stored on computers and also shared on internet.

• Company or personal documents,

• E-mail communication,

• Internet banking,

• ...

Present-days problems

But computers are not bank vaults. Information could be stolen, modified or abused.

Everybody is responsible for safety of his/her documents.

How to be sure nobody could steal our data or read our e-mails?

Secure communication

Similar problems solve people during centuries.

Solution is in usage of secured systems, passwords and secure communication.

There are various ways how to secure our private data and information.

Secure communication

Secure communication

Steganography

(hidden message)

Cryptography

(unreadable message)

Substitution

Transposition

Code

(word subst.)

Cipher

(letter subst.)

Steganography

• Steganos — (from greek) means hidden

• Graphein — means to write

The aim is to hide message:

• Messages under hair on skin

• Messages on clay tables covered with wax

• Messages in microdots

• Messages hidden in pictures, audio, video ...

Cryptography

Cryptos — means secret

We don't hide message but sense

• We need to encrypt and decrypt.

• Cryptography uses various scientific disciplines (mathematics, linguistic ...).

Protection against unauthorized reading

• Cryptography — science of secret communication. Provides safety to sender and recipient of message.

• Cryptoanalysis — science of how to solve encrypted message without knowing the key.

Protection against unauthorized reading

• Encryption — protect message against unauthorized reading. Change original letters with new letters, thus result seems to be nonsense.• Decryption — restoration of origin message.

Message Message

AlgorithmAlgorithm

Key Key

Unreadable

secret

message

Encryption

• Encryption key — defines the sort of cipher alphabet. Example of key: Nancy

• Encryption algorithm — system of replacing each letter of plain text with letter of cipher alphabet.

Cryptography

Two ways how to encrypt:

• Transposition — uses the same letters but their position in text is different

hallo => laolh

• Substitution — changes letters to another

hallo => ibmmp

Skytale

Historicall first usage of cryptography

Leather ribbon on wooden stick

Caesar's cipher

a b c d e f g h i j k l m n o p q r s t u v w x y z

d e f g h i j k l m n o p q r s t u v w x y z a b c

Message:

Cypher:

veni, vidi, vici

yhql, ylgl, ylgl

Each letter in the message is shifted three places right (a = d).

Decryption −frequence analysis

With knowledge of letter frequency in common alphabet and frequency of letters in cipher alphabet is possible to identify original message.

Create the frequency table of both alphabets and compare them.

Vigener's cipher

For each letter is used different cipher alphabet.Cipher alphaber changes according to key word.

w h i t e w h i t e w h i t e w h i t e w h i

d i v e r t t r o o p s t o e a s t r i d g e

Key: Msg: Ciph:

z p d x v p a z h s l z b h i w z b k m z n m

Enigma

Cryptographic machine used by German army in WWII.

Sophisticated system with several components: a plug board, a light board, a keyboard, a set of rotors, and a reflector (half rotor). The original machine looked a lot like a typewriter.

When a key is pressed, an electrical current is sent through the machine. The current first passes through the plug board, then through the three rotors, through the reflector which reverses the current, back through the three rotors, back through the plug board and then the encrypted letter is lit on the display.

Enigma

Two types of encryption

Symmetric encryption:— easy key creating;— quick;— problem with key distribution;

Asymmetric encryption:— difficult key creating;— slow;— known key length;

Symmetric encryption

All historic encryption methods mentioned above are symmetric. It is easy to use them.

Symmetric methods are still usable, but algorithms are more complicated.

One key is needed both for encryption and decryption.

Modern methods provides secure passwords, web authorization etc.

DES, 3DES, AES

Asymmetric encryption

• Two parts of key — public and private

• Usage 1 — for encryption use recipient public key, for decryption use recipient private key:Message can read ONLY authorized recipient

• Usage 2 — for encryption use sender private key, for decryption use sender public key:Recipient is sure about sender identity

Key distribution

• Certification authority — proves that certain private key is owned by certain person.Can prove sender identity

• Main functions of CA:— key generating;— key giving, evidence, resuming;— proving of key ownership.

Protection against unauthorized modification

Fingerprint — binary sequence generated by special algorithm; it is unique for each message.Fingerprint check — after message transfer, new fingerprint is calculated and compared to transfered

Electronic signature — sender private key encrypted fingerprint.

Sending safe and signed message

Message

Sym. key

c

c

c

Calculation

Recipient public key

Sender private key

Safe key

Safe message

Electronic

signatureFingerprint

Recieving of safe and signed message

Safe key

Safe message

Electronic

signature

d

Recipient private key

d Message

d

Sender public key

Fingerprint 1

Fingerprint

Calculation

=?