Embed Size (px)
English for Comp. Science I Introduction to Cryptography Amir Neziri & Jurlind Budurushi2/3/2011
Introduction
Let’s make the introduction...
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 2
Introduction
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 3
Content
History of Cryptography
Goals of Cryptography
Symmetric Cryptography Message Authentication Codes
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 4
Content
Asymmetric Cryptography
Public Key Encryption
Digital Signatures
Digital Certificates
Demo(CrypTool)
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 5
History of Cryptography
Substitution ciphers: a->Z, b->T, c->E,…
Encryption determined by Permutation of alphabet
Special case of Caesar Cipher: a->D, b->E, c->F,…
Example: amir -> DPMLU
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 6
Goals of Cryptography
Confidentially Encryption
Integrity MAC / Digital Signatures
Authenticity MAC / Digital Signatures
Non-Repudiation Digital Signatures
Others...
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 7
Symmetric Cryptography
The key for encryption and decryption is the same
Key exchange problem!!!
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 8
Symmetric Algorithms
Stream ciphers
Block ciphers
Data Encryption Standard (DES)
Advanced Encryption Standard (AES)
Triple DES (3DES)
Blowfish
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 9
Message Authentication Codes (MAC)
Allow to test the integrity of a document
3 algorithms: key generation, tagging, verification Verification is usually done by re-computing the MAC
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 10
Asymmetric Cryptography
The key for encryption and decryption are different
Key exchange problem solved
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 11
Asymmetric Algorithms
Rivest, Shamir and Adleman (RSA)
Elgamal
Chor-Rivest
Rabin
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 12
RSA
Frist practical asymmetric encryption algorithm proposed by Rivest, Shamir and Adleman
Security is based on the intractability of factoring large numbers
Slower than symmetric algorithms
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 13
RSA
Key generation: Public key: (n, e), Private key: d
Encryption: c = Enc(m, e) = m^e mod n, where m is a message
Decryption m = Dec(m, d) = c^d mod n
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 14
Public key encryption
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 15
Digital Signatures
Allow to test authenticity and integrity of documents Non-repudiation: a third party can be convinced of
authenticity
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 16
RSA signatures: “signing by decryption”
RSA has a commutative encryption/decryption operations: Enc(Dec(m)) = Dec(Enc(m)) = m, where m := Message
Key generation Similar to RSA, public key: (n, e), private key: d Uses a collision-resistant hash function H
Signing s = [H(m)]^d mod n, where s := Signature
Verification Test if, H(m) ≡ s^e mod n
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 17
Digital Certificates
How can I be sure that a public key really belongs to the right person?
Solution: Digital Certificates
A digital certificate is a message signed by a trusted party that contains the identity of a person and a public key
Contents of a digital certificate: name of issuer, date, expiration date, public key, name of a person, ...
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 18
X.509 Digital Certificates
Centralized architecture
Hierarchical system
Each department has its own certificatioin authority
(CA)
The public key of this CA is signed by a “higher” CA
“Root certificates”
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 19
Demo (CrypTool)
Symmetric Algorithms XOR Triple DES(ECB) ….
Asymmetric Algorithms RSA ….
Others…
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 20
Questions???
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 21
Discussion(1)
Q: Give some other Goals of Cryptography.
A: Availability, Anonymity, Untraceability, Unlinkability, Being dated…
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 22
Discussion(2)
Q: Can you give an example as a solution to the key exchange problem for the symmetric cryptography?
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 23
Discussion(3)
Q: Why do we use a collision-resistant hash function H by signing?
A: We sign the hash value of a message, because it is faster than signing the whole message and even more secure.
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 24
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 25
References
Trusted System lecture (WS10/11) http://www.seceng.informatik.tu-darmstadt.de/ts10/
C. Eckert. IT-Sicherheit: Konzepte - Verfahren – Protokolle. Oldenbourg, 2009.
J. Buchmann. Einführung in die Kryptographie. Springer, 2010
Public Key Infrastructures lecture (SS10) http://www.cdc.informatik.tu-darmstadt.de/lehre/SS10/vorlesung/PKI/PKI_Chapter03.4pp.al.pdf
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 26
