Upload
stuart-hodge
View
231
Download
2
Embed Size (px)
Citation preview
ITS 451 – Crypto Basics
1
Cryptography
ITS 451 – Crypto Basics
2
A simple example…• Text: U-M• ASCII Encoded:
01010101 00101101 01001101
• “Encoding” refers to convenient reformatting.
• No secrecy here. Call it plaintext.• Let’s “Encrypt” it, i.e. hide its
meaning from nosy 3rd parties.
ITS 451 – Crypto Basics
3
A simple example…• Let’s generate 24 random bits, call it a
key.– Say, by coin flips. – Tails 1. Heads 0
-------- -------- --------
01010101 00101101 01001101
• For each bit, if the same, result is 0. If they’re different, result is 1. This is the XOR (exclusive OR) function.
ITS 451 – Crypto Basics
4
A simple example…_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
• The result is an encrypted string. Call it ciphertext.
• This simple XOR method is unbreakable.– Even by the CIA or NSA or Microsoft.– Even by the most hard working
hacker.
•IF…
ITS 451 – Crypto Basics
5
Simple XOR• To decrypt, need to know:
– That simple XOR is in use.– The key pattern.
• Strength of the system depends on:– Secrecy of the key
ITS 451 – Crypto Basics
6
Encryption
• Generally, you need to understand the process and have the key.
• In the Practical Cryptography’s notation:c := E(Ke, m)
Plaintext EncryptionProcess
Ciphertext
Key
ITS 451 – Crypto Basics
7
Decrypting• Undoing the encryption is easy for
this simple example.-------- -------- --------
-------- -------- --------
Once more: For each bit, if the same, result is 0. If they’re different, result is 1. This is the XOR (exclusive OR) function.
ITS 451 – Crypto Basics
8
Decryption
PlaintextDecryptionProcess
Ciphertext
Key
• Generally, you need to understand the encryption method and have the key.
• In the Practical Cryptography’s notation:m := D(Ke, c)
• We have assumed the same key is used for encryption and decryption.
ITS 451 – Crypto Basics
9
Secrecy of XOR Example?
• Unbreakable, if:– Key remains secret– Key never reused
ITS 451 – Crypto Basics
10
SKE
• Using the same key for both encryption and decryption is called SKE:– Symmetric Key Encryption– Secret Key Encryption
ITS 451 – Crypto Basics
11
SKE – The Whole Thing
Plaintext EncryptionProcess
Ciphertext
Plaintext DecryptionProcess
Ciphertext
Transmission
Key
Key
ITS 451 – Crypto Basics
12
PCs Changed The World• Evolution of encryption methods:
– Pencil & paper– Machines, e.g. German Enigma– Computers, e.g. PC
• Computers allow much more sophisticated methods.
• Internet allows rapid dissemination of information, including computer code, algorithms, commentary, and analysis.
ITS 451 – Crypto Basics
13
Kerckhoffs’ Principle
•Genuine security lies in keeping the key secret, not in keeping the process secret.
• Why?– Public algorithms have public
analysis.– Weaknesses are publicly exposed.
• Analogous to open source software.• This is a machine era notion.
ITS 451 – Crypto Basics
14
How can I attack SKE?•For any encryption scheme there are
two strategies: Brute Force and Analytic Attacks.
•Brute Force– I know the algorithm, so I just try
different keys until I get lucky.–Highly dependent on machine
power.»The bigger the “key space” the
more tries it takes to get lucky.
ITS 451 – Crypto Basics
15
Moore’s Law• Often quoted as “Computers double in
speed every two years.”– Gordon Moore noted exponential
growth in the # of transistors per integrated circuit.
– 1965• A brute force attack that takes 8 days
with current technology will take 4 days in two years…?!?– Practical Cryptography suggests 50-
year horizon…
ITS 451 – Crypto Basics
16
“Computationally Impractical”
• You know what to do and can write a program to do it, but the program takes so long to run that it’s effectively useless.
ITS 451 – Crypto Basics
17
Analytic Attack
• Instead of systematically trying all the keys, we attempt to determine the key based on:– The ciphertext– What we know about the
plaintext– What we know about the
algorithm
ITS 451 – Crypto Basics
18
Symmetric Key Encryption
Plaintext EncryptionProcess
Ciphertext
Plaintext DecryptionProcess
Ciphertext
Transmission
Key
Key
ITS 451 – Crypto Basics
19
The Problem with SKE• The intended recipient must know
the process and have the key.• A cracker seeks these, too.• The problem, then, is to get the
key to the recipient.– Worse if you communicate with
many people!
•The Key Distribution Problem
ITS 451 – Crypto Basics
20
Some Key Distribution Solutions
• “One time pads.”– Run out eventually.
• Keep using the same key.– Every transmission provides
data for crackers.• Transmit new keys using old keys.
– Or have a special key used only for transmission of new keys.
ITS 451 – Crypto Basics
21
Some Key Distribution Solutions
• Couriers– Can be intercepted/bribed.
• Algorithmic key construction– Key based on day of month– Key based on readily available data
»from newspapers? radio broadcast?
• Special hardware for key construction
ITS 451 – Crypto Basics
22
Gotcha• If the key is secret, SKE can be
made very secure.– long keys– complex processes
• Weakness is the necessity to distribute the key.
ITS 451 – Crypto Basics
23
SKE & Big Five Attributes of Security
• Availability – Need to make sure algorithm isn’t too computationally onerous.
• Integrity – Will mostly handle separately.
• If key uncompromised & algorithm chosen well:– Confidential – Sure.– Authenticated – Sure. – Non-repudiated – Sure.
ITS 451 – Crypto Basics
24
PKE - Public Key Encryption• Suppose we could encrypt and decrypt
with different, but uniquely corresponding keys.
• The public key is public – – Hand it out freely– Post it on web– Email it to your friends
• The private key is private –– Guard it closely.
• aka Asymmetric Key Encryption
ITS 451 – Crypto Basics
25
PKE, More Formally• The ciphertext is based on the
recipient’s public key:
– c := E(PBob, m)
• The decryption process uses the recipient’s private key:
– m := D(SBob, c)
• This means:
– m = D(SBob, E(PBob, m)) Always.
ITS 451 – Crypto Basics
26
PKE, Graphically
Plaintext EncryptionProcess
Ciphertext
Plaintext DecryptionProcess
Ciphertext
Transmission
PublicKey
PrivateKey
ITS 451 – Crypto Basics
27
The Secrecy Here . . .• . . . is in the keys.• Usually the processes themselves
are publicly available.• Most commonly used:
– RSA»Rivest, Shamir and Adleman
ITS 451 – Crypto Basics
28
Message Authentication• You can encrypt using either key
of the pair. You then decrypt with its partner.
• If you can decrypt using my public key, the encryption must have been done with my private key.
• If I can decrypt using my private key, the encryption must have been done with my public key.
ITS 451 – Crypto Basics
29
Hash Functions
• Consider this text: “John went to OSU.”
• Count the occurrences of the letters.
• a b c d e f g h i j k l m n
ITS 451 – Crypto Basics
30
Another simple example…• Text: U-M• ASCII Encoded:
01010101 00101101 01001101
ITS 451 – Crypto Basics
31
Another simple example…• Let’s XOR them sequentially:
01010101
00101101
01111000
01001101
00110101
• What’s the connection between “U-M” and 00110101?
• Let’s call this function H for hash.– 00110101 = H(“U-M”)
ITS 451 – Crypto Basics
32
Another simple example…• It’s not unique.
– Other strings give 00110101 as their H value.»Easy to find others.»Note:
There are 28 (= 256) 8-bit strings.
There are an infinite number of possible text strings.
ITS 451 – Crypto Basics
33
Another simple example…• It’s not reversible.
– Given 00110101, it’s not possible to say “this came from ‘U-M’”.»Easy to find others.
ITS 451 – Crypto Basics
34
Suppose• H(“U-M”) = MD5(“U-M”) =
c57b94ee2455d6932eae85efa2bfc091• This is the MD5 function.
– All input strings produce 16-byte output, usually written as hex string.»MD5(451 syllabus) =
86721e0212256155e170a413a899a76a
– Not unique, but ‘computationally impractical’ to find others.
– Not reversible except by trial & error.
ITS 451 – Crypto Basics
35
What Good Is It?
• Error Detection– Transmit block of data, append
MD5.– Recipient calculates MD5,
compares.
ITS 451 – Crypto Basics
36
Suppose
• We have a document: important, but not necessarily confidential.
• I do this:– Compute the MD5 digest.– Encrypt the digest with my
private PKE key.– Call the result a signature.
ITS 451 – Crypto Basics
37
Then you…
• You get the document & signature.• You can…
– Compute the MD5 digest of the file.
– Decrypt the signature file using my public PKE key, yielding a message digest.
– Compare the two.• This means… what?
ITS 451 – Crypto Basics
38
ITS 453 – Encrypted Communication
• How, when, where to use encryption methods.– What protocol layer?– What specific encryption
techniques?– Solving key distribution
problems.
ITS 451 – Crypto Basics
39
ITS 453 – Encrypted Communication
• Basics of encryption, hash functions.– NSA, RSA, etc.
• PGP: encrypted files / digital signatures
• Public Key Infrastructure– Trust arrangements– Digital certificates, etc.
• Authentication– Kerberos
• WEP / WPA wireless encryption