Cryptography and The Internet

1
CryptographyandThe Internet
2
Secure communication
where can I find the best jeans?
west 52nd but dont tell anyone!
INTERNET
Internet
3
Digital Signatures
Ill need your signature on a check
get a pair for me tooIll pay you back
INTERNET
Internet
4
Authentication
how can I be sure?
please, this is Micha
INTERNET
Internet
5
E-cash
with the same coin you pay everyone?
Ill pay you electronically
INTERNET
Internet
6
Goals

• Secure Transfer of messages
• message cannot be decrypted except by parties
• Digital Signatures
• Signing party cannot disclaim signature
• Authentication
• Only authorized can pass the identification
  protocol
• E-cash
• Pay merchants anonymously, no double spending

7
Cryptographic Technology

• Classic Encryption
• Assuming a secret key known only to parties
• Finger Prints
• Using one-way hash functions
• Public-Key Cryptography
• Encryption
• Digital Signature
• Etc.

8
Cryptographic Principles
Algorithms usually public

• Fixed algorithm variable key

plain text
cipher text
plain text
E
D
key
key
Decryption computationally hard (without
access to the key)How hard? depends how long
the key
Keys secret randomly chosen
9
Classic Cryptography

• Same key, different algorithms

plain text
cipher text
plain text
E
D
key
key
Commonly applied methods DES, IDEA
(Simplistic) Example permutation key in S26
Another simple example XOR with the key
10
Attacks

• Cipher-text only
• No knowledge of the data
• Known plain-text
• always those jeans
• Chosen plain-text
• would you pass this on to ..

11
Data Encryption Standard

• DES
• Suggested by IBM in 73. US standard since 76.
  Re-approve every 5 years. Today?
• Easily implemented, hardware efficient
• Public algorithm (some magic parameters)
• Criteria for strength
• How much would cost a machine to break within 24
  hours?

64 bits block
encrypted 64 bits block
DES
56 bits key
12
DES Links

• www.cs.wm.edu/hallyn/des/
• anansi.panix.com/userdirs/flusardi/samples/DESTest
  .html

13
Public-Key Cryptography

• Key 2 is not efficiently computable given key 1

plain text
cipher text
plain text
E
D
Key 1
Key 2
14
Public Key Encryption

• ALICE produces a pair of keys
• SA private, secret
• PA public
• Publishes PA - Keeps SA a secret
• BOB sends a message to ALICE by
• cipher-text EPA ( plain-text )
• Only ALICE can decrypt
• plain-text DSA ( cipher-text )

Assume DSA (EPA (x))x
15
Digital Signature

• ALICE produces a pair of keys
• SA private, secret
• PA public
• Publishes PA - Keeps SA a secret
• In order to sign a message, ALICE sends
• signed-message DSA( message )
• Everyone can verify signature
• message EPA ( signed-message )
• ALICE cannot disclaim signature (no one else is
  capable of computing DSA )

Assume EPA ( DSA (x ))x
16
Authentication

• Goal
• ALICE to BOB Im indeed ALICE
• Problematic solution
• BOB remembers ALICEs password
• Classic solution
• BOB ALICE set a key KAB
• BOB to ALICE encrypt sdlkfjhlkh
• ALICE to BOB EKAB (sdlkfjhlkh)

17
An Improved solution

• Signature
• ALICE picks PA, SA publishes PA
• BOB to ALICE sign sdlkfjhlkh
• ALICE to BOB sdlkfjhlkh signed by ALICE

18

• Finger Print - One-way Hash - Message Digest
• So that
• one cannot find two distinct messages of same
  finger-print
• Simplistic algorithm (though probably works)
• act strange
• Methods MD4, MD5, ...

MD
long message
short block
short block