Feb 12, 2002Mårten Trolin1 Applied Cryptography Main goal –Give some practical experience on cryptographic technics used today. –Show how to use existing cryptographic software. Examination: Practical assignments and written exam Homepage containg latest course information: Check course program (from homepage) for detailed information First time course is given – feedback welcome!
Feb 12, 2002Mårten Trolin2 Requirements Attend lectures (if you want to) Solve the three assigments to get bonus points. (Not required, but highly recommended.) –Each assignment replaces a problem at the exam –By solving the assignments you don’t have to solve the problem at the exam –The assignments will be programming tasks to be solved in a language of your choice Pass the written exam!
Feb 12, 2002Mårten Trolin3 Outline of course program N.B. Course program is subject to change. Check the home page for the latest information Lectures 1-4: Basic cryptographic functions Lectures 5-8: SSL and PGP Lectures 9-10: Key management Lectures 11-12: Smartcards in financial transactions Lectures 13-14: To be decided. Possible areas: Hardware solutions, e-commerce, firewalls and intrusion detection. Input welcome!
Feb 12, 2002Mårten Trolin4 Why cryptography Reason for using cryptography –Protect from eaves-dropping (confidentiality) –Ensure data is not modified (integrity) –Certify identity of sender (authenticity) Requirements (application dependent) –Simple key management –Low hardware requirements (smart card applications, mobile phones) –Cost of bandwidth
Feb 12, 2002Mårten Trolin5 Simple example – substitution cipher The key is a permutation of the letters of the alphabet, i.e. a bijection Encryption is performed by substituting each letter for its corresponding letter Decryption is the same as encryption with the difference that the inverse is used
Feb 12, 2002Mårten Trolin6 Substitution cipher – example Example: Encrypt MY DOG ATE YOUR CAT using the key ABCDEFGHIJKLMNOPQRSTUVWXYZ UWGRPNQSBJXMECAIZOYTDFHKLV U
Feb 12, 2002Mårten Trolin7 Breaking the substitution cipher Substitution ciphers are easily broken using frequency analysis We use the fact that different letters (or combination of letters) occur with different probability Example – break TK IL KQ JKT TK IL TBST CR TBL OULRTCKJ Frequency of letters in English: ETAOINSHRDLU Most common two letter words: OF TO IN IS IT BE BY HE AS ON AT OR AN SO IF NO
Feb 12, 2002Mårten Trolin8 Symmetric vs. asymmetric cryptography Symmetric ciphers – sender and recipient use the same key –D key (E key (m)) = m Substitution cipher is an example of a symmetric cipher Impractical for big systems – number of keys is quadratic in the number of users The solution – asymmtric algorithms. Think of a locked mailbox! Different keys for encryption and decryption –D private key (E public key (m)) = m
Feb 12, 2002Mårten Trolin9 Asymmetric cryptography Each user has a public and a private key –The public key is published in a “phone book” –The private key is kept secret –Messages encrypted with the public key can be decrypted with the private key To send a message to Mårten, look up Mårten’s public key in the “phone book”. Mårten can then decrypt the message with his private key Number of keys is linear in the number of users
Feb 12, 2002Mårten Trolin10 RSA Asymmetric cryptographic algorithm published in 1978 The most popular asymmetric algorithm used today Now free to use – patent expired in 2000 Relies on the hardness of factoring a number consisting of two primes
Feb 12, 2002Mårten Trolin11 The RSA algorithm – key generation Generate two primes p, q and set n = pq Choose e such that gcd(e, (p – 1)(q – 1)) = 1 Compute d such that ed = 1 mod ((p – 1)(q – 1)) The public key is the pair (e, n) The private key is the pair (d, n)
Feb 12, 2002Mårten Trolin12 RSA – encryption and decryption Message m – number 0 < m < n Encryption E(m) = m e mod n Decryption D(m) = m d mod n Number theoretical exercise – check that D(E(m)) = m.
Feb 12, 2002Mårten Trolin13 Breaking RSA If we can factor n we can break RSA –Suppose we know p, q such that pq = n –We can compute (p – 1)(q – 1) –It is now trivial to compute d = e -1 mod ((p – 1)(q – 1)) The largest number that is (publicly) known to have been factored today is 512 bits Other attacks exist for certain uses of RSA