Cryptography - PowerPoint PPT Presentation

1 / 33
About This Presentation
Title:

Cryptography

Description:

Cryptography Troy Latchman Byungchil Kim – PowerPoint PPT presentation

Number of Views:111
Avg rating:3.0/5.0
Slides: 34
Provided by: Repl
Category:

less

Transcript and Presenter's Notes

Title: Cryptography


1
Cryptography
  • Troy Latchman
  • Byungchil Kim

2
Fundamentals
  • We know that the medium we use to transmit data
    is insecure, e.g. can be sniffed.
  • Cryptography allows a sender to disguise data in
    hopes that an intruder can gain no information
    from the intercepted data.

3
Fundamentals
  • Alice and Bob are two innocent people.
  • Trudy is an intruder.

4
Fundamentals
  • Alice generates some data that is in plaintext.
    She then uses a key (Ka) and an encryption
    algorithm to transform the data into ciphertext.
  • The data is transmitted and sniffed along the
    way. Trudy gains no information about the
    contents of the message because the data is in
    ciphertext (encrypted).
  • Bob receives the ciphertext and uses a key (Kb)
    and a decryption algorithm to transform the data
    into plaintext.

5
Fundamentals
  • Shortened Notation
  • Alice starts with message m and applies her key
    as well as m to an encryption algorithm to get
    the ciphertext Ka(m)
  • Bob receives Ka(m) and applies this as well as
    his key to the decryption algorithm to get the
    original message Kb(Ka(m)) m
  • m gt Ka(m) gt Kb(Ka(m)) gt m

6
Keys
  • Symmetric Key
  • Alices and Bobs keys are identical and are
    private.
  • Public Key
  • Two keys are used. One of the keys is public (the
    whole world knows it). The other key is known
    either by Alice or Bob, not both.

7
Symmetric Key
  • Caesar cipher is a very old and simple symmetric
    key algorithm
  • Take each letter in the plaintext message and
    translate it into another letter.
  • The translation is done by adding a constant, k,
    to the plaintext letter.
  • The number for each letter is its position in the
    alphabet, e.g. A1, Z26. The alphabet has wrap
    around where A comes after Z.

8
Symmetric Key
  • Caesar cipher example
  • Let k3 (the key)
  • Plaintext BOB, I LOVE YOU. ALICE
  • Ciphertext ERE, L ORYH BRX. DOLFH
  • Note that Caesar cipher only has 25 possible
    keys, so a brute force method to break the
    encryption can be used.

9
Symmetric Key
  • Monoalphabetic cipher - an improvement over
    Caesar cipher
  • Each letter gets translated to a set random
    letter by a 1 to 1 algorithm.
  • 26! possible pairings (keys).
  • Monoalphabetic cipher was later improved by
    polyalphabetic encryption.

10
Symmetric Key
  • Data Encryption Standard (DES)
  • http//www.aci.net/kalliste/des.htm
  • Created in 1977 and updated in 1993. The
    algorithm works by manipulating input on the bit
    level.
  • The algorithm needs an input (limited to 64 bits)
    and a 64 bit key (effectively only 56 bits due to
    8 parity bits)

11
Symmetric Key
  • Basic operation of DES

12
Symmetric Key
  • The 56-bit DES is considered too insecure. The
    encryption was cracked in 22 hours in 2002 using
    a special purpose computer.
  • 3DES is more secure. This runs DES 3 times with 3
    different keys.
  • Advanced Encryption Standard (AES) is the
    successor to DES. It uses key lengths of 128,
    192, and 256 bits. It is estimated that a
    computer that could break 56-bit DES encryption
    in 1 second would take approximately 149 trillion
    years to crack 128-bit AES encryption.

13
Public Key
  • One short fall to using a symmetric key is that
    both parties must know the key before they start
    the encrypted communication.
  • How do the parties initially get the key?
  • They could meet in person so that the
    communication would be secure, but this is
    usually inconvenient.
  • Elegant Solution public key encryption.

14
Public Key
  • Instead of Alice and Bob having the same secret
    key. Bob will have 2 keys, a public key (Kb)
    which the whole world knows, and a private key
    that only Bob knows (Kb-).
  • This eliminates the need for distributing secret
    keys.

15
Public Key
  • Overview of public key encryption

16
Public Key
  • Alice fetches Bobs pubic key (Kb)
  • She encrypts her message with the key to get
    Kb(m)
  • Bob receives the ciphertext and applies his
    private key in order to extract the message
  • Kb-(Kb(m)) m
  • IMPORTANT Kb(Kb-(m)) m
  • (We will see the importance of this later)

17
Public Key
  • RSA a public key encryption algorithm named
    after its founders (Ron Rivest, Adi Shamir, and
    Leonard Adleman)
  • Choose 2 large prime numbers p and q.
  • Compute n pq
  • Compute z (p-1)(q-1)
  • Choose a number e that is less than n which
    has no common factors (besides 1) with z
  • Find a number d such that ed-1 is divisible by
    z with no remainder
  • Kb (n,e)
  • Kb- (n,d)

18
Public Key
  • We now have (n,e) and (n,d), that is Kb and Kb-.
  • Alice obtains (n,e) and does the following to
    each letter of her message (again A1 and Z26)
  • c me mod n
  • where m is the numeric value of the letter and
    c is the cipher output

19
Public Key
  • Bob is the only one who has (n,d), that is Kb-,
    and does the following on each letter once he
    receives the ciphertext form Alice
  • m cd mod n
  • where m is the recovered message

20
Public Key
  • RSA example
  • Bob does the following
  • Chooses p5 and q7
  • - Thus, n35 and z24
  • Chooses e5 since 5 and 24 have no common factors
  • Chooses d29 since 529-1 is divisible by 24
  • So we have Kb (35,5) and Kb- (35,29)
  • Suppose Alice wants to send l o v e to
    Bob

21
Public Key
22
Integrity
  • There is a short fall to using public key
    encryption - Trudy, the intruder, can claim she
    is Alice!
  • We didnt have to worry about these false claims
    in symmetric key encryption because the mere fact
    that the user on the other end had the correct
    key (which is private) was proof enough they were
    who they said they were.
  • How do we regain the integrity that we lost?

23
Integrity
  • Bob can sign his message proving that the
    messages are coming from Bob.
  • All he has to do is a apply his private key to
    the data he sends Alice Kb-(m)
  • Alice then receives this and applies Bobs public
    key Kb(Kb-(m)) m
  • (This is the important part from slide 16)

24
Integrity
25
Integrity
  • But signing over the entire message is
    computationally expensive.
  • Want a less costly way to have integrity.
  • Answer Message Digest

26
Integrity
  • Message digest algorithms take a message m or
    arbitrary length and compute a fixed-length
    output known as a message digest H(m)
  • The algorithm is basically a many to one hash
    function.
  • A good algorithm will make it inconceivable for 2
    messages to hash to the same value (message
    digest).

27
Integrity
  • Now that we have a small summary of what is in
    the message, we can use this to obtain integrity
    when using public key encryption.
  • All Bob needs to do is to apply his private key
    to the message digest. This is much more
    efficient than applying it to the entire message
  • Kb-(H(m)) which is called a digital signature

28
Integrity
  • Now when Bob wants to communicate, he can just
    send m and Kb-(H(m))
  • When Alice receives these two items, she computes
    H(m) two different ways
  • Directly from m (like Bob did when sending the
    message)
  • By applying Bobs public key to the digital
    signature Kb(Kb-(H(m)) H(m)
  • Alice then compares the two message digests and
    see if they match.

29
Integrity
30
Integrity
31
Integrity
  • How do we compute H(m)?
  • There are widely used algorithms to do so.
  • MD5 and SHA-1 are examples of such algorithms.
  • MD5 computes a 128-bit message digest in a
    four-step process.
  • http//www.faqs.org/rfcs/rfc1321.html

32
The Lab
  • Be sure to thoroughly read and understand the
    previous slides.
  • We will be doing exercises with built in
    functions in Linux.
  • We will examine DES, RSA, MD5, and SHA-1.

33
References
  • All figures and tables throughout this
    presentation came from one source
  • Kurose, Charlie and Ross, Keith. Computer
    Networking A Top-Down Approach Featuring the
    Internet. New York, NY Addison Wesley, 2003.
Write a Comment
User Comments (0)
About PowerShow.com