Encryption 2 Tom Chothia Computer Security: Lecture 3
This Lecture Counter Mode (CTR) enryption Diffie Helleman key exchange Public Key Encryption RSA Signing Combining public and symmetric key encryption
Tutorial Groups Please sign up for a tutorial group now. Your tutor will contact you to arrange a time and place to meet on Thursday or Friday. Don t understand something? E-mail your tutor, he will discuss it in tutorials.
WorkSheet 1 Worksheets are small exercise. You get a few token marks. We will use virtual machines, for some exercises. The first worksheet is just to get a VM working and install Truecrypt. It will be marked in the first tutorial on Thursday or Friday.
Lab Session Lab session Wednesday 10-12 in LG04 Bring your laptop, or use a school machine. Myself and/or tutors will be present to give you individual help with your programs, tools, exercises. Come along on Wednesday, with your laptop, and we will help get a VM installed.
Last Lecture: Symmetric Key Encryption Ciphers Frequency Analysis One time pads AES, DES and 3-DES Block cipher modes Truecrypt
Xor (M k) k = M 0 xor 0 = 0 1 xor 0 = 1 0 xor 1 = 1 1 xor 1 = 0 ascii Hello Alice 01011001 01100101 01110011 Key 11001011 01001101 11110001 10010010 00101000 10000010
Xor (M k) k = M 0 xor 0 = 0 1 xor 0 = 1 0 xor 1 = 1 1 xor 1 = 0 ascii Hello Alice 01011001 01100101 01110011 Key 11001011 01001101 11110001 10010010 00101000 10000010
Cipher Block Chaining mode (CBC) Plain text = B 1,B 2, B 3, IV = random number (sent in clear) Cipher text = C 1,C 2, C 3, where C 1 = encrypt K (B 1 xor IV), C 2 = encrypt K (B 2 xor C 1 )... C i = encrypt K (B i xor C i-1 ).
CBC encrypt http://en.wikipedia.org/wiki/block_cipher_modes_of_operation
CBC decrypt Receive IV Receive cipher text = C 1,C 2, C 3, Plain text = B 1,B 2, B 3, where: B 1 = decrypt K (C 1 ) xor IV, B 2 = decrypt K (C 2 ) xor C 1,.. B i = decrypt K (B i ) xor C i-1.
CBC decrypt http://en.wikipedia.org/wiki/block_cipher_modes_of_operation
Block Cipher Modes Original ECB CBC http://en.wikipedia.org/wiki/block_cipher_modes_of_operation
Sony PlayStation Sony needs to stop games being copied. CD & full disk encryption User can read and write particular areas of the hard disk.
Sony PlayStation With CBC, you need to encrypt, or decrypt, the whole file to get to the end. The Sony PlayStation uses ECB full disk encryption, to stop people copying games. User can access files they made themselves (notes, music, video ) Hardware controls user access to data.
Sony PlayStation Disk Encryption Attack 1. Remove disk and make a copy. 2. Write a user accessible file to the disk. 3. Find the bit of disk that changed (that s your encrypted file). 4. Over write this with what you want to decrypt. 5. Restart the PlayStation and ask for your file back. 6. PlayStation decrypts the file and gives you the plain text.
Counter Mode (CTR) Plain text = B 1,B 2, B 3, IV = random number (sent in clear) Cipher text = C 1,C 2, C 3, where C 1 = B 1 xor encrypt K (IV), C 2 = B 2 xor encrypt K (IV+1), C 3 = B 3 xor encrypt K (IV+2),.. C i = B i xor encrypt K (IV+ i-1 ),
http://en.wikipedia.org/wiki/block_cipher_modes_of_operation
This Lecture Counter Mode (CTR) enryption Diffie Helleman key exchange Public Key Encryption RSA Signing Combining public and symmetric key encryption
Some History Before cheap powerful computers, unbreakable encryption was almost impossible. Cipher machines looked like this: Governments wanted to read the codes of others. They could control the export of these machines. When IBM designed DES they could get it weakened.
Some History During 1970-1990 all that changed. Personal computers could do anything a cipher machine could do. University academics worked on encryption with the aim of making it available to everyone.
Public Key Encryption Public key encryption helps (but doesn t solve) this problem. The idea of public key encryption is that you have two keys: one for encryption and another for decryption. The encryption key is made public, the decryption key is always secret.
Diffie-Hellman Diffie-Hellman is a widely used key agreement protocol. It relies on some number theory: a mod b = n where for some m : a = m.b + n The protocol uses two public parameters generator g (often 160 bits long) prime p (often 1024 bits long)
Diffie-Hellman Alice and Bob pick random numbers r A and r B and find t A = g r A mod p and t B = g r B mod p The protocol just exchanges these numbers: 1. A B : t A 2. B A : t B Alice calculates t A r A mod p and Bob t A r B mod p this is the key: K = g r A r B mod p
Diffie-Hellman An observer cannot work out r A and r B from t A and t B therefore the attacker cannot calculate the key So we have a Good Key but know nothing about the participants. We did not need to share any keys at the start, therefore this is a very powerful protocol. In practice: use DH to set up a secure channel, then use something else to authenticate the person at the other end.
Elgamal Elgamal, is Diffie-Hellmen turned into a public key scheme. It uses a fix g & p Alice picks r A as her private key & t A = g r A mod p is the public key. To encrypt message M, Bob picks r A finds and sends (g rb mod p, M. t A rb )
RSA RSA is the most popular public key cipher. More efficient that Elgamal, and allows for signing. It uses two large primes p & q. We set n = p.q and o(n) = (p-1)(q-1) Pick random e such that 1 e o(n) and e and o(n) are co-prime. d such that d.e mod o(n) = 1 The public key is (e,n) and the private key is (d,n)
RSA To encrypt a message, turn it into numbers m that are less than n The encrypt as cipher text c do: c = m e mod n To decrypt a cipher text c as a message m do: m = c d mod n
Some More History These ciphers make encryption pretty much unbreakable. They made encryption available to everyone and the Internet, as we know it, possible But Diffie, Rivset, etc. weren t the first. At the British intelligent service GCHQ:" James Ellis invented the concept of public keys in the 1960 s" Malcolm J. Williamson invented DH in 1974" Clifford Cocks invented RSA in 1973" But GCHQ distributed their keys via embassies, so never used it."
Signatures Using RSA E pub (D priv (M)) = M This can be used to sign messages. Sign a message with the private key and this can be verified with the public key. Any real crypto suite will not just encrypt with a public key, as this can be used to trick people into decrypting. Usually sign just the hash of the message.
Elliptic curve crypto Public key encryption based on elliptic curves. Functionally very like RSA, but more efficient. No full security proof, by recommended by NSA. Becoming the most popular web public key encryption system.
This Lecture Counter Mode (CTR) enryption Diffie Helleman key exchange Public Key Encryption RSA Signing Combining public and symmetric key encryption
Further Reading See links on the website. Eike s Cryptology module Coursera Cryptology module www.coursera.org/course/crypto Bruce Schneier: Applied Cryptography The Code Book, by Simon Singh.
Next Lecture Practical encryption. How to do encryption in Java. How to use a keystore to look after your keys.