Introduction to Cryptography. Vasil Slavov William Jewell College

Transcription

1 Introduction to Cryptography Vasil Slavov William Jewell College

2 Crypto definitions Cryptography studies how to keep messages secure Cryptanalysis studies how to break ciphertext Cryptology branch of mathematics, the union of the above two

3 Goals of cryptography Confidentiality hiding the content of messages (only intended recipient understands transmission) Authentication proof of user s identity (assurance for origin of message) Data integrity data received was data sent (assurance for the message not being modified) Nonrepudiation proof of origin of message (ability to hold somebody responsible for sending a message)

4 Encryption with restricted algorithms Encryption process of desguising a message to hide its substance restricted algorithms "closed source" security by obscurity Identity which must be true D(E(M)) = M plaintext -> ENCRYPTION -> ciphertext -> DECRYPTION -> original plaintext

5 Encryption with keys Identity which must be true Dk2(Ek1(M)) = M encryption decryption key key V V plaintext -> ENCRYPTION -> ciphertext -> DECRYPTION -> original plaintext A cryptosystem includes algorithm plaintexts ciphertexts keyes

6 Key-based algorithms Types of key-based algorithms Symmetric (secret-key) stream algorithm/cipher: operate a bit/byte at a time block algorithm/cipher: operate on groups of bits only one key used for both encryption and decryption Assymetric (public-key) encryption key--public decryption key--private Hybrid

7 Classical cryptography codes (words with special meaning) vs. ciphers substitution ciphers substitute characters transposition ciphers shuffle characters rotor machines (Enigma)

8 One-time pads invented in 1917 by Major Joseph Mauborgne and AT&T s Gilbert Vernam unbreakable "a large, nonrepeating set of truly random key letters" constant change of keys (every key is unique) same input generates different output sender: message hashed against a pad of random data with _same length_ receiver: message hashed against key doesn t provide authenticity

9 Computer cryptography "exclusive domain of the world s militaries since World War II" simple XOR symmetric algorithm P XOR K = C C XOR K = P

10 Common computer crypto algorithms DES (Data Encryption Standard) most popular encryption international standard symmetric slow RSA (creators: Rivest, Shamir, Adleman) most popular public-key used for encryption and digital signatures DSA (Digital Signature Algorithm) public-key used only for digital signatures

11 Diffie-Hellman crypto challenge: key management introduced by Whitfield Diffie and Martin Hellman in 1976 first to use assymetric keys _method_ to securely exchange keys that encrypt data key encryption key, shared secret (assymetric) -> data encryption key (symmetric) public and private keys, mathematically linked Certificate Authority avoids need to exchange keys user queries CA prevents MIM

12 Diffie-Hellman (cont.) symmetric challenges exchange/distribution of keys direct key attack assymetric challenges slow for bulk encryption hybrid encrypt data with symmetric system encrypt the symmetric keys with assymetric system

13 Diffie-Hellman (cont.)

14 RSA algorithm public-key cryptosystem p and q, large primes n = pq (a.k.a. modulus) e, no common factor with (p - 1)(q - 1) except 1 (ed - 1), divisible by (p - 1)(q - 1) e and d, public and private exponents (n, e) and (n, d), public and private keys encryption: c = m^e mod n decryption: m = c^d mod n security: impossibility of factoring n

15 Hashes encryption mode transport mode (data portion) tunnel mode (entire packet) checksums, hash functions (message digest) CRC, MD4, MD5, SHA, SHA-1 variable length input -> mathematical transformation -> fixed length output cannot be reversed collisions: same output for different input: 1 in 2^n messages problem: recalculation of hash during transmission improvement: keyed hashes

16 Steganography hide message inside a message (hide secret s existence) replace LSB of each byte of an image with bits of secret message

17 Cryptanalitic Attacks crypto algorithm strength depends on bit size value of data must remain less than cost of breaking its protection best algorithms--public algorithms ciphertext-only known-plaintext chosen-plaintext adaptive-chosen-plaintext chosen-ciphertext chosen-key purchase-key

18 Cryptanalitic Attacks (cont.) breaking an algorithm total break: key found global deduction: alternate algorithm found instance (or local) deduction: find plaintext information deduction: info about key/plaintext found attack complexities data complexity processing complexity storage requirements quantum computing will end public key crypto as we know it symmetric crypto will work (will need longer keys)

19 Assumptions strong pseudo-random number/bit generator to keep secret session keys secret keys (in sym.) private keys (in assym.) pseudorandom number/bit generator seed message once decrypted

20 Export Restrictions past: 40-bit US restriction djb 1997 software source code language protected by the First Amendment

21 key generation: Misc. everyday examples of use of crypto: - PGP - SSH - IPSec - SSL crypto101ol.html: algorithm table, steps at end blowfish: fast, large bit size important public-key exchange algorithms: RSA DSA Fiat-Shamir Diffie-Hellman digital signatures: encrypt w/ private, decrypt with public