CRYPTOGRAPHY Modern techniques
Computers and Cryptography Computers allow more sophisticated enciphering than mechanical devices Computers are faster at enciphering and deciphering Computers scramble numbers instead of letters: each letter is represented by a 7 digit binary number, e.g. a= , != etc. encryption then proceeds by substitution and transposition.
Bit encryption example 1 Substitution and transposition are still the ingredients for encipherment. HELLO = The simplest transposition cipher involves reversing every 2 digits: Note that the transposition occurs within letters!
Bit encryption example 2 Substitution and transposition are still the ingredients for encipherment. HELLO = A simple substitution cipher uses the word DAVID and adds the digits of DAVID to the digits of HELLO: HELLO DAVID enciphered
Computer encryption In the 1960s, computers became more powerful and more available. Many businesses had them and had a need to send encrypted messages. The National Bureau of Standards had to find a standard encryption One candidate was Lucifer. Developed by Horst Feistel. The NSA was not happy about his research in ciphers. They put pressure on his workplaces to make him stop. In the early 1970s, working at IBM, he managed to work out Lucifer.
Lucifer A message is fed in and converted to binary The string of digits is split into blocks of 64 digits, and encryption is performed separately on each block Each block is split into 2 32-digit blocks labeled left0 and right0
Lucifer The digits in right0 are put through a function which changes the digits by a complex substitution. The details of this substitution can vary. This substitution depends on the key, which is a number. Once the number is known by the sender and receiver, Lucifer can encipher and decipher
Lucifer The mangled right0 is added to left0 to create a new half-block called right1 The original right0 is relabeled left1 Now the process begins again starting with left1 and right1 and ending up with left2 and right2 After 16 rounds, the “kneaded” message is sent.
Lucifer Lucifer was very strong, it was a prime candidate for a standard encryption. The NSA didn’t like this. Rumor is that they wanted to weaken an aspect of Lucifer: the number of possible keys. The NSA wanted to limit the number of keys to 100,000,000,000,000,000 (known as 56 bits, because that’s how it appears in binary).
Lucifer The NSA felt that a 56 bit key would be large enough to be safe for the users, while still being small enough that the NSA’s powerful computers could crack it. The 56 bit version of Lucifer was adopted in 1976 and called Data Encryption Standard (DES)
So, how do you distribute the key?!
Whitfield Diffie & Martin Hellman The beginnings of the internet: The ARPAnet (1969) prompted Diffie to foresee the tremendous difficulties involved in key distribution. In 1974 he heard about Martin Hellman, and went to meet him. Key distribution is a catch-22 problem: how do you securely exchange the information to securely exchange the information?
Diffie & Hellman Classic problem: Alice and Bob wish to communicate securely, but Eve wants to listen in. If Alice and Bob can meet occasionally, they can exchange keys in person. But this is not convenient and may become impossible. Let’s say Alice wants to send something to Bob, but is afraid the postoffice will open it on the way. Alice can send it to Bob in a locked box, but then Bob can’t open it either.
Diffie & Hellman But if Alice puts it in a box and secures it with a lock and sends it to Bob And Bob adds his lock and sends it back (with 2 locks now) to Alice And Alice removes her lock and sends it back to Bob, still with Bob’s lock on Now Bob can open the box – But Eve can’t!
Diffie & Hellman This conceptually solves the problem of key distribution! The problem is that encryption is typically a “last on, first off” process (e.g. if they put a locked box inside a locked box this process would not work) If the order is incorrect, this won’t work. How can you make it work?!
Diffie & Hellman Diffie and Hellman looked at mathematical functions for which the order does not matter, e.g.f(g(x))=g(f(x)) This is simple, most straightforward functions will do this. But most straightforward functions can be easily undone (2 way functions), and we want a function that is hard to undo (1 way function). Such a function, for example the cracking of an egg... One way functions are sometimes called humpty- dumpty functions.
Diffie & Hellman Modular arithmetic is rich in 1-way functions: Pick a number x=2 Raise 3 to the power x = 9 Now calculate 9 = 1 (mod 2) Now what if you don’t know x, but you know that 3 x = 1 (mod 7) you can never tell if you are going in the right direction with successive guesses! How can you solve this? Make a table of all the possible values, and see what happens. This is very reasonable for this function...
Diffie Hellman Merkle But what if the problem you are trying to solve is 453 x (mod 21997)? This is a one-way function. It takes seconds to generate but days to solve! In terms of a key, this is how it works:
Alice and Bob agree that they will use the function 7 x (mod 11) Alice chooses a number A (e.g. 3) and keeps it secret Alice puts A into the one way function and gets 343 (mod 11)= 2 Alice calls this a=2 and sends it to Bob Alice takes Bob’s answer and takes b A (mod 11) = 64 (mod 11) = 9 Bob chooses a number B (e.g. 6) and keeps it secret Bob puts B into the one-way function and gets (mod 11) = 4 Bob calls this b=4 and sends to Alice Bob takes Alice’s answer a=2 and takes a B (mod 11)= 64 (mod 11) = 9 Bob and Alice have ended up with the same key. But Eve does not have the needed information to deduce it!
Alice and Bob agree that they will use the function 7 x (mod 11) Alice chooses a number A (e.g. 3) and keeps it secret Alice puts A into the one way function and gets 343 (mod 11)= 2 Alice calls this a=2 and sends it to Bob Alice takes Bob’s answer and takes b A (mod 11) = 64 (mod 11) = 9 Bob chooses a number B (e.g. 6) and keeps it secret Bob puts B into the one-way function and gets (mod 11) = 4 Bob calls this b=4 and sends to Alice Bob takes Alice’s answer a=2 and takes a B (mod 11)= 64 (mod 11) = 9 Bob and Alice have ended up with the same key. But Eve does not have the needed information to deduce it!
A KEY CAN BE SECURELY SHARED WITHOUT MEETING. BUT, THIS PROCESS IS NOT CONVENIENT, EVERYONE HAS TO BE AVAILABLE AT THE SAME TIME.
Diffie had another idea: what about an asymmetric cipher? In an asymmetric cipher, the encryption key and the decryption key are not the same. So Alice has a public key, which everyone uses to encrypt messages to her, but she also has a private key, which is necessary for decrypting the message.
The concept is simple: The process of locking the lock is not the same process as unlocking it!
This idea completely avoids the key distribution problem! You don’t need the private key to encode, only to decode, so the private key is never shared. But Diffie could not come up with an enciphering function that worked this way. The concept was his, but someone needed to find an asymmetric cipher function
RSA Ron Rivest, Adi Shamir, and Leonard Adleman started looking into this in 1977 They came up with an asymmetric cipher function.
RSA Alice picks 2 primes p and q and keeps them secret Alice finds N=pq and picks a number e (which should be relatively prime to (p-1)(q-1)) Alice publishes N and e. N should be unique to Alice, but many people may use e The message is converted into a binary string or some other number M, which is encrypted by the formula C= M e (mod N) Alice calculates her private key using the formulas e d = 1 (mod (p-1)(q-1)) To decrypt the message, Alice uses the formula M=C d (mod N)
RSA example Alice picks p=17 and q=11 and keeps them secret Alice finds N=pq= 187 and picks a e =7 & publishes Bob’s message X is converted into a binary string M= = 88 in decimal M=88 is encrypted C= 88 7 (mod 187) =11 Alice calculates her private key using the formulas e d = 1 (mod (p-1)(q-1))or 7d = 1 mod(160) so that d=23 (there’s an algorithm that helps) To decrypt the message M=C d (mod N) = (mod 187) = 88
RSA The catch here is that knowing N it is very difficult to compute p and q, but knowing p and q it is easy to calculate N Multiplication is easy, factoring is hard.
The secret history of public key cryptography James Ellis, a British cryptographer working for the government, together with Clifford Cocks, did this earlier. But it was top secret. This became public in 1997.
Pretty Good Privacy htech/philspgp.htm dex4a.html
Philip R. Zimmermann is the creator of Pretty Good Privacy, an encryption software package. Originally designed as a human rights tool, PGP was published for free on the Internet in This made Zimmermann the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread worldwide. Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP nonetheless became the most widely used encryption software in the world. After the government dropped its case in early 1996, Zimmermann founded PGP Inc. That company was acquired by Network Associates Inc (NAI) in December 1997, where he stayed on for three years as Senior Fellow. In August 2002 PGP was acquired from NAI by a new company called PGP Corporation, where Zimmermann now serves as special advisor and consultant. Zimmermann currently is consulting for a number of companies and industry organizations on matters cryptographic, and is also a Fellow at the Stanford Law School's Center for Internet and Society.dropped its casePGP CorporationconsultingStanford Law School's Center for Internet and Society