CRYPTOGRAPHY

1

• CRYPTOGRAPHY
• A Possible Foundation Stone?
• Fred Piper

Information Security Group Royal Holloway,
University of London Egham, Surrey TW20 0EX
Codes Ciphers Ltd 12 Duncan Road Richmond,
Surrey TW9 2JD
2
Outline

• Information Security
• Cryptography
• Introduction
• Applications
• Implementation issues
• Identity management
• Impersonation attacks
• Digital signatures

3
What is Information Security?

• Some features include
• Confidentiality
• Protecting information from unauthorised
  disclosure
• Integrity
• Protecting information from unauthorised
  modification, and ensuring that information can
  be relied upon and is accurate and complete
• Availability
• Ensuring information is available to authorised
  users when they need it

4
Defences and Attacks

• Defences
• Introduce security mechanism to protect data
• Technical
• Procedural
• Contractual
• Legal
• Introduce strong authentication mechanism
• Attacks
• Break the technical security mechanism
• Impersonate an authorised entity by breaking
  procedural mechanism

5
Identity Fraud

• Someone adopts the name of another person in
  order to obtain goods or services
• UK losses estimated at over 1billion a year
• USA Today claims over 7,000,000 Americans have
  been the victim of some form of identity theft
• NB Not all through electronic identity

6
Security Automation

• Automation motivated by business considerations
• Automation not usually motivated by security
  issues
• Threats change
• Automation should not decrease level of security

7
The Essence of Security

• Recognition of those you know
• Introduction to those you dont know
• Written signature
• Private conversation

8
The Challenge

• Transplant these basic social mechanisms to the
  telecommunications and/or electronic environment.

9
The Security Issues

• Sender
• Am I happy that the whole world sees this ?
• Am I prepared to pay to stop them ?
• Am I allowed to stop them ?
• Recipient
• Do I have confidence in
• the originator
• the message contents and message stream
• no future repudiation
• Network Manager
• Do I allow this user on to the network ?
• How do I control their privileges ?

10
The Secure Channel Concept

• We achieve this by building a secure channel
  between two end points on an insecure network
• Typically offering
• Data origin authentication
• Data integrity
• Confidentiality
• Cryptography is an important tool
• NB Similar consideration for stored data

11
Cipher System
Decryption Key
Encryption Key
Message m
Message m

• Cryptogram
• c

Decryption Algorithm
Encryption Algorithm
Interceptor
12
The Attackers Perspective

• Unknown Key
• k(D)

Known c
Wants m
Deciphering Algorithm
Note k(E) is not needed unless it helps
determine k(D)
13
Two Types of Cipher System

• Conventional or Symmetric
• k(D) easily obtained from k(E)
• Public or Asymmetric
• Computationally infeasible to determine k(D) from
  k(E)

14
Mortice Lock. If you can lock it, then you can
unlock it.
Bevelled Sprung Lock. Anyone can lock it, only
keyholder can unlock it.
15
Breaking Algorithm

• Finding a method of determining message from
  cryptogram without being given deciphering key.
• Number of keys limits strength.

16
Exhaustive Key Search Attacks (Brute Force
Attacks)

• The security depends on the secrecy of the
  deciphering key
• One potential attack, if the algorithm is known,
  is to try all possible deciphering keys and to
  eliminate all incorrect ones
• To withstand this type of attack a large numbers
  of keys is required

17
Brute Force Attacks

• Overview
• Brute force attack is most basic attack
• Always applicable
• Well designed cipher if exhaustive search is
  best attack
• Practical security of a good cipher
• Key size 240 is easy key search
• Key size 264 is on the border of practicality
• Key size 290 is not currently feasible
• Key size 2128 is very strong indeed

18
Attacks on Cryptographic System

• Rarely involve breaking the algorithm
• Exploit poor implementation
• Exploit mistakes by users
• NOTE Good key management is a significant
  overhead

19
Adequate Security ?

• Theoretical versus Practical
• Academic versus Commercial ?

20
User Recognition

• 3 factors
• Something you know (Password/PIN)
• Something you own (Token)
• Personal characteristic (Biometrics)
• NOTE Usually one-way authentication
• Tokens and biometrics often require readers
• Danger of false readers

21
Impersonation Attacks

• 2-way authentication
• Man-in-the-middle
• 1-way authentication
• Steal and/or copy token
• Guess or observe password/PIN
• Con the user into divulging password/PIN eg
  phishing
• NOTE For 2-factor system, compromise of one
  factor should not enable impersonation.
  Password/PIN plus virtual token is 1-factor

22
Data Integrity

• Cryptographic Check Sums
• Value that depends on message and a cryptographic
  process
• Message Authentication Codes (symmetric)
• Digital Signature (asymmetric)
• The message is sent in clear with the
  cryptographic check sum appended

23
Comparing Hand-Written Signatures and Digital
Signatures

• Handwritten Signatures
• Same on all documents
• Physically attached to message
• Beware plastic cards
• Digital Signatures
• Use of secret parameter
• Message dependent

24
Digital Signature

• Cryptographic checksum
• Identifies sender
• Provides integrity check for data
• Can be checked by third party

25
Principle of Digital Signatures

• There is a (secret) number which
• Only one person can use
• Is used to identify that person
• Anyone can verify that it has been used
• NB Anyone who knows the value of a number can
  use that number.

26
Attacks on Digital Signature Schemes

• To impersonate As signature I must either
• Obtain As private key
• Substitute my public key for As

27
Obtaining a Private Key

• Mathematical attacks
• Physical attacks
• NB It may be sufficient to obtain a device
  which contains the key. Knowledge of actual
  value is not needed.

28
Certification Authority

• AIM
• To guarantee the authenticity of users
• public keys.
• METHOD
• The Certification Authority guarantees the
  authenticity by signing it with its private key.
• REQUIREMENT
• All users must have an authentic copy of the
  Certification Authoritys public key.

29
Certification Process

• Verifies
• credentials

Creates Certificate
Centre
Distribution
Owner
Generates Key Set
Receives (and checks) Certificate
Presents Public Key and credentials
30
How Does it Work?

• The Certificate can accompany all Freds messages
• The recipient must directly or indirectly
• Trust the CA and know their public key

The CA certifies that Fred Pipers public key
is..
Electronically signed by the CA
31
Fundamental Requirement
Infrastructure to support secure technological
implementation
32
Attitudes to Cryptography

• Some comparisons 1976 and 2001
• 1976 DES Design details secret
• 2001 AES Continuous public scrutiny
• 1976 Cryptography was Black Art
• 2001 Cryptography is popular science
• 1976 Strict Export Control
• 2001 Strong algorithms freely available

33
Cryptographic Implementation

• 1976 Minimum strength to provide adequate
  security
• 2001 Maximum strength that implementation
  constraints allow