Title: Cryptography and the Web
1Cryptography and the Web
- Lincoln Stein
- Whitehead Institute/MIT Center for Genome Research
2Cryptography
- The art of secret message writing.
- Creating texts that can only be read by
authorized individuals only.
3Simple Cryptography
Ciphertext
the romans are coming today
Plaintext
Key
4Caesar Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZ NOPQRSTUVWXYZABCDEFGHI
JKLM
rotate 13 positions
Plaintext
THE GOTHS COMETH
Key
13
Ciphertext
FUR TAFUE PAYRFU
5Rotating Key Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZ BCDEFGHIJKLMNOPQRSTUVWX
YZA CDEFGHIJKLMNOPQRSTUVWXYZAB DEFGHIJKLMNOPQRSTUV
WXYZABC EFGHIJKLMNOPQRSTUVWXYZABCD FGHIJKLMNOPQRST
UVWXYZABCDE GHIJKLMNOPQRSTUVWXYZABCDEF HIJKLMNOPQR
STUVWXYZABCD...
plaintext
SOUND THE RETREAT
key
DEADFED
ciphertext
VSUPC XKG UEWWEX
6General Principles
- Longer keys make better ciphers
- Random keys make better ciphers
- Good ciphers produce random ciphertext
- Best keys are used once and thrown away
7Symmetric (Private Key) Cryptography
- Examples DES, RC4, RC5, IDEA, Skipjack
- Advantages fast, ciphertext secure
- Disadvantages must distribute key in advance,
key must not be divulged
8DES Data Encryption Standard
- Widely published used - federal standard
- Complex series of bit substitutions, permutations
and recombinations - Basic DES 56-bit keys
- Crackable in about a day using specialized
hardware - Triple DES effective 112-bit key
- Uncrackable by known techniques
9Asymmetric (Public Key) Cryptography
- Examples RSA, Diffie-Hellman, ElGamal
- Advantages public key widely distributable, does
digital signatures - Disadvantages slow, key distribution
10RSA
- Algorithm patented by RSA Data Security
- Uses special properties of modular arithmetic
- C Pe (mod n)
- P Cd (mod n)
- e, d, and n all hundreds of digits long and
derived from a pair of large prime numbers - Keys lengths from 512 to 1024 bits
11Public Key Encryption The Frills
Frill Technique Fast encryption/decryption Digita
l envelopes Authentication of sender Digital
signature Verification of message
integrity Message digests Safe distribution of
public keys Certifying authorities
12Digital Envelopes
13Digital Signatures
8
8
14Message Digests
15Certifying Authorities
16Hierarchy of Trust
17Secure, Verifiable Transmission
18Public Key Cryptography on the Web
- Secure Socket Layer (SSL)
- Netscape Communications Corporation
- Secure HTTP (SHTTP)
- Commerce Net
19SSL and SHTTP, similarities
- RSA public key cryptography
- MD5 message digests
- Variety of private key systems
- Strong cryptography for use in U.S.
- Weakened cryptography for export.
20SSL and SHTTP, differences
HTTP
FTP
SHTTP
TELNET
NNTP
Application
SSL
Transport
Internet
Network interface
Physical Layer
21Using SSL
22Signed Certificate
23Applying for a Server Certificate
24Filling out Certificate Request
25URLs
- SSL Protocol
- http//home.netscape.com/newsref/std/SSL.html
- SHTTP Protocol
- http//www.eit.com/projects/s-http/
- Verisign
- http//www.verisign.com/
- RSA Data Security
- http//www.rsa.com/