CryptographyCryptography

Presented by:Ronan CrowleyAinsley PhillipsJim Somers

2

AgendaAgenda

• What is Cryptography• The Birth and Uses of Cryptography• DES, TDES and AES Encryption Standards• Modern Encryption Methods• Public Key Infrastructure (PKI)• HTTPS• The Future : Quantum Cryptography• Summary• Questions??

3

IntroductionIntroduction

• Cryptography is a means of converting information from its normal, comprehensible form into an incomprehensible format, rendering it unreadable without secret knowledge.

• Innovation was through necessity from war’s

• Modern Cryptography is just the same, however it is used to hide information from hackers / competitors.

4

Julius Caesar & Julius Caesar & The birth of Cryptography The birth of Cryptography

• Julius Caesar is credited with the creation of the first widely-used Cipher.

• In order to communicate with remote generals and to ensure that if his messages were intercepted that the would not be readable by the enemy, he created “The Caesar Cipher”

• This is where the modern phase “Don’t shoot the messenger” comes from, as messengers were often tortured killed by frustrated enemies who could not decipher the messages.

5

The Caesar CipherThe Caesar Cipher

Is a “Shift-Substitute Cipher”Easy to build upon

6

Uses for CryptographyUses for Cryptography

• SecrecySecrecy: Obscure the contents of messages or stored data from eavesdroppers.

• IntegrityIntegrity: Detect any alteration performed after message or stored data is generated

• AuthenticationAuthentication: Verify the identity of the source of a message or stored data. (Authentication of messages is useful in making authorisation decisions

• Non-repudiationNon-repudiation: Establish for a third-party the source and contents of a message or stored data.

7

The Caesar Cipher (Worked Examples)The Caesar Cipher (Worked Examples)

Plain Text

Shift 1

Shift 1++

You can build extremely good Cipher’s really quickly with a few small changes. For example,write the text downwards in a Matrix and encrypt across !

H E L L O H O W A R E Y O U

I F M M P I P X B S F Z P V

I G O P T N V E J B P K B I

8

The Enigma MachineThe Enigma Machine

• The Enigma Machine was the device used by the Nazi’s in WWII to encrypt and decrypt messages (orders) around Europe.

• The machine had 3 26 point rings, that were wired up to pass current through them in a different way.

• Each time a key was pressed the rings all shifted up one position

• Each day the machines were set with a different startup position to add security.

• One of the turning points in the war was the capture of a working Enigma Machine from a Nazi submarine by the British (Not American’s as seen in movie U-571 )

9

The Enigma MachineThe Enigma Machine

10

The need for modern CryptographyThe need for modern Cryptography

• Worldwide Electronic Funds Transfer (EFT)• Global Explosion in Online selling

• E.g. eBay > $10bn turnover in 5 years

• No fixed route (except via WAN or VPN) from Buyer to Seller, computers must communicate via the Internet, with no idea who could be listening.

• Plain passwords are not enough.

• What is a “Hacker” ?• A Hacker is someone that uses programming skills to

gain illegal access to a computer network or file.• Why ? ….. Why not ?

11

Modern Encryption MethodsModern Encryption Methods

1975 – Data Encryption Standard (DES)56-bit KeysWorks by splitting message in half and performing XOR

operationsSusceptible to Brute force attacksConsidered a HUGE mistake by NSA.

1978 – Triple DES (3DES)168-bit Keys ( 3 x 56 )Basically call DES 3 times with 3 different Keys

1991 – International Data Encryption Algorithm (IDEA)Developed as a Direct replacement for DESCombines Substitution AND mathematical (+, X & XOR)

operations

2001 – Advanced Encryption Standard (AES)Much faster than DES or IDEAWorks on 4x4 blocks of data from message

1976 – 1997 – now : PKI

Incr

easi

ng

ly C

om

ple

x

12

The Data Encryption Standard (DES)The Data Encryption Standard (DES)

• Developed by IBM Corporation – LUICIFER

• Most prevalent encryption algorithm

• Adopted by the U.S. government in 1977, as the federal standard for encryption of commercial and sensitive-yet-unclassified data

• Is a Block cipher• - Encryption algorithm that encrypts block of data all at once,

then goes on to the next block.

• Divides 64-bit plaintext into blocks of fixed length (ciphertext)

• Enciphers using a 56-bit secret internal key

13

Triple-DES ConceptTriple-DES Concept

• More powerful and more secure

• Equivalent to performing DES 3 times on plaintext with different keys

• TDES uses 2 or 3 56-bit keys

• With one key- TDES performs the same as DES

• TDES implementation : serial and parallel• Parallel improves performance and reduces gate count

14

Advanced Encryption Standard Advanced Encryption Standard (AES) (Rijndael)(AES) (Rijndael)

• AES (Rijndael) chosen by the National Institute of Standards and Technology (NIST) as the cryptographic algorithm for use by the U.S. Government organisations to protect sensitive (unclassified) information

• Aimed to replace DES over long term• - Des has been successfully attached using dedicated

hardware and parallel computer networks• DES is to be phased out

• Triple-DES expected to remain for foreseeable future

15

AES (Rijndael) – Cipher DetailsAES (Rijndael) – Cipher Details

• The cipher has a variable block length and key length

• Keys with a length of 128,192 or 256 bits to encrypt

• Extremely robust• - Assuming a machine that could crack a DES key in a

second (i.e. try 255 keys per sec), it would take that machine 149 thousand-billion (149 trillion) years to crack a 128-bit AES Key

• Note – the universe is < 20 billion years old!

16

Public Key Infrastructure (PKI)Public Key Infrastructure (PKI)

17

Public Key Infrastructure (PKI)Public Key Infrastructure (PKI)

• PKI is a mechanism that enables confidentiality, message integrity and user authentication.

• With Public Key Encryption:• Users have a PUBLIC and PRIVATE key• Users publish their PUBLIC key• Messages are encrypted using the PUBLIC key• Messages can be decrypted using the PRIVATE key

• Typical use’s include:• E-Mail encryption• Document encryption• Smart-Card authentication

• Implementing Algorithms include: PGP (Free), DSA (Free) & RSA (Commercial)

18

Breaking PKIBreaking PKI

1. Run Outlook Express2. Work Offline3. Click on Tools4. Click on Options5. Click the Security tab6. Click on Digital IDs7. Click on their certificate8. Click on Export - this brings up the friendly Certificate Manager Export Wizard.9. Click on Next10. Click on Next again to export the private key11. Click on Next again to Enable Strong Protection 12. Supply a password - use the single letter x - and click on Next13. Supply a filename - key - and click on Next14. Click on Finish15. Click on OK, and OK again16. Visit www.openssl.org, and download and install openssl Version 0.9.5a or later, which

creates the openssl utility17. c:\>openssl pkcs12 -in key.pfx -nodes18. Supply your "password" x19. Out pops the private key!20. Use the private key to decrypt all their "encrypted" emails, including all those

intercepted over the past year. Use it also to sign legally binding agreements on behalf of your victim.

19

HTTPSHTTPS

You will often see this “Lock” icon in secure WebPages

Clicking on the Icon brings up an information dialog about the Sites security, including its PUBLIC key.

20

Quantum CryptographyQuantum Cryptography

•Quantum theory is the theory that energy can only be absorbed or radiated in discrete values or quanta. All particles are subject to quantum theory

•Quantum cryptography was discovered independently in the US and Europe in the 70’s

•It is a superior technology which overcomes limitations and drawbacks of classical cryptographic schemes by utilizing quantum physical effects.

•Based on the laws of nature.

•Quantum Key Distribution is created at the sender and receiver site immediately.

•The key is a completely random sequence.

•Eavesdropping is easily detected due to the fragile nature of the qubits (unit of quantum information) invoked for the quantum key distribution.

•Heisenberg uncertainty principle. It is possible to encode information into some quantum properties of a photon in such a way that any effort to monitor them necessarily disturbs them in some detectable way.

•The effect arises because in quantum theory, certain pairs of physical properties are complementary in the sense that measuring one property necessarily disturbs the other.

•Commercial quantum cryptography devices are on the market from a few vendors.

21

SummarySummary

• Cryptography on Internet – need for continued growth in ecommerce and internet in securing websites, online banking, personal and business email, online trading all need cryptography to ensure that data is not compromised.

• E-commerce is increasing at a very rapid rate –turn of the century, commercial transactions on the Internet are expected to total hundreds of billions of dollars a year. This level of activity could not be supported without cryptographic security. These levels of security, though not yet widely used, give the means to strengthen the foundation with which e-commerce can grow.

• Authentication• Future

22

ResourcesResources

Wikipedia Cryptography Portalhttp://en.wikipedia.org/wiki/Portal:Cryptographyhttp://en.wikipedia.org/wiki/Quantum_cryptography

Mike Scott’s (DCU Lecturer) Webpagehttp://www.computing.dcu.ie/~mike/mike.html

Computer Networks Third Edition, 1996Andrew S. Tanenbaum

http://www.cryptomathic.com/company/aes.html http://www.cryptogrphy.org

RSA Laboratorieshttp://www.rsasecurity.com