Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Slides:



Advertisements
Similar presentations
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Advertisements

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Feb 12, 2002Mårten Trolin1 Applied Cryptography Main goal –Give some practical experience on cryptographic technics used today. –Show how to use existing.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Creating Secret Messages. 2 Why do we need to keep things secret? Historically, secret messages were used in wars and battles For example, the Enigma.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
RSA Exponentiation cipher
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography and Network Security Chapter 9. Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
Chapter 9 – Public Key Cryptography and RSA Private-Key Cryptography  traditional private/secret/single key cryptography uses one key  shared by both.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
A Cryptography Tutorial Jim Xu College of Computing Georgia Tech
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Introduction to Public Key Cryptography
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
David Froot.  How do we transmit information and data, especially over the internet, in a way that is secure and unreadable by anyone but the sender.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Prime Numbers Prime numbers only have divisors of 1 and self
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
CIS 725 Security. Cryptosystem Quintuple ( E, D, M, K, C ) M set of plaintexts K set of keys C set of ciphertexts E set of encryption functions e: M 
RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Network Security Lecture 17 Presented by: Dr. Munam Ali Shah.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
Public-Key Cryptography CS110 Fall Conventional Encryption.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.
Feb 11, 2003Mårten Trolin1 Applied Cryptography Main goal –Give some practical experience on cryptographic technics used today. –Show how to use existing.
Darci Miyashiro Math 480 April 29, 2013
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Computer and Network Security Rabie A. Ramadan Lecture 6.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
Chapter 9 Public Key Cryptography and RSA. Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender.
Cryptography Readings Encryption, Decryption, & Digital Certificates.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Computer Security Lecture 5 Ch.9 Public-Key Cryptography And RSA Prepared by Dr. Lamiaa Elshenawy.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
CS/COE 1501 Recitation RSA Encryption/Decryption Extended Euclidean Algorithm Digital Signatures.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Cryptography: Basics (2)
Presentation transcript:

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography

Cryptographic Systems There has always been a need to have "secure" communications. This means that two people are able to send a message, so that even if someone else saw it, they would not be able to understand it This has led to the rise of "cryptography" – the study of number systems that can hide information The Internet has grown fast because it is open and easy to connect to, but it is also unsecure. Data travels through many different routers until it reaches it's destination. There are many chances to view and change data. Different cryptographic methods have been made that allow different computers to talk to each other securely.

Cryptographic Systems Cryptography has led to useful ideas like: Encryption/Decryption: –If a message M, called the "plaintext," is changed into a meaningless string of characters C, called "ciphertext," then the process is called "encryption" –After C is received, it is changed back to M using the inverse function. This is called "decryption" Digital Signatures: –The author of message M creates another message S that comes from M and a secret password known by the author. The message S is a digital signature –Another person is than able to verify that the author of M was the only one who could create S

Cryptographic Uses Data Integrity: –When a digital signature is used, the "integrity" of the message can be checked. This means that you are able to check if the data is correct and does not have errors in it. Authentication: –Password authentication will take a user's password, encrypt it, then check it against a stored encrypted version of the password. If the password's match, then the user is authenticated Confidentiality: –Information can be kept secret from people who are not authorized to view it

Symmetric Encryption There are a few ways that people can use to encrypt data Traditional cryptography relies on a common secret shared by the people sending and receiving the data. This is called Symmetric encryption because both groups must have the same (or symmetric) secret to open the encryption One of the first examples of cryptography is the "substitution cipher" which was used by the Romans and Julius Caesar

Substitution Ciphers A Substitution cipher takes a plaintext M and changes it into ciphertext C by replacing each character x in M with a character y = P(x). Decryption can be done by knowing the inverse of P, so that x = P -1 (y) One example of this is –y = x + k mod n –Where n is the size of the alphabet and k, where k is 1 < k < n, is the secret key –Thus, if you have the string "cat" with a secret key of 3 –y = P(c)  y = c + 3 mod 26 = c + 2 = e –y = P(a)  c y = P(t)  v –Ciphertext: "ecv" This is not very secure and can be "broken" by statistical analysis. Meaning, if we look at how often letters occur, we can compare this to other examples and find out what it says

One-time Pads There are other symmetric ciphers that are more secure. One of the most secure is called the "one-time pad" In the one-time pad, two people share a random string of bits "k" that is at least as big as the message being sent. The ciphertext C can be found by doing an exclusive or: –C = M xor k C can then be sent on any communications channel. When the other person gets C, they can decrypt it easily by using an exclusive or on the C with the k –M = C xor k  This is because of the following properties of xor –M = (M xor k) xor k –M = M xor (k xor k) –M = M xor 0 –M = M

One time pads Not only is this very secure, but it is also very fast to compute. The problem is that if "k" is re-used, there are several ways that can "break" the cryptography because of the way that the XOR works So, it is best when k is used just once. That is why they are called one-time pads.

Public Key Cryptosystems A big problem of symmetric key cryptography is "key transfer." How do both groups get the secret key in the first place, especially if the channel is not secure? A public-key cryptosystem solves this problem. The encryption method is public, which means anyone can use it. But the decryption method is a secret so that only one person can open it.

Public Key Cryptosystems Specifically if you have a message M, encryption method E and decryption D, then there are three properties 1.D(E(M)) = M 2.It is impossible to find out D from E 3.E(D(M)) = M The first property says if you decrypt the encrypted M, then you get M The second property is important. It says that E goes one way, which means it is almost impossible to find the inverse of E unless you already know D. So E can be made public. Anybody can send a message, but only one person can open it The last property solves the "digital signature" problem, which asks "How do we know the person who sent this is really that person?" If someone uses their secret decryption method on M, then anyone else can use the public E to find and ensure that M is the actual message

Public Key Algorithms The hard part about public key cryptosystems is finding an algorithm that satisfies the properties. One idea that has been used is to find a very hard problem in computer science and tie a cryptosystem to it. The goal is that if you break the cryptosystem it would be the same as solving the problem. We already know about very hard problems (NP Complete) Encrypting means turning the message into an instance of the problem (reducibility)

Public Key Algorithms One of the oldest, and best, algorithms is called RSA and it relies on the difficulty of factoring large numbers. RSA starts by choosing two large prime numbers that it uses to get an encryption and decryption key. Then it uses the algorithms: –Encrypting: C = M e mod n –Decrypting: M = C d mod n –Where e and d are encryption and decryption keys and n is the product of the two primes chosen The encryption key can then be made public.

RSA Example 1: Generate two large prime numbers p and q. –Example (not large though): p = 7, q = 19 2: Let n = p*q –n = 7*19 = 133 3: Let m = (p-1)(q-1) –m = (7-1)(19-1) = 6*18 = 108 4: Choose a small number e, coprime to m –Coprime means find a number e, so that the largest number that can exactly divide e and m is 1 (also known as gcd). There's an algorithm to find this, but you can start the search at two and keep checking –If e = 2, then the gcd(e, 108) is 2, no good –If e = 3, then the gcd(e,108) is 3, no good –If e = 4, then the gcd(e,108) is 4, no good –If e = 5, then the gcd(e,108) is 1, GOOD!, so e = 5 5: Find d, so that e*d % m = 1 –This is the same as e*d = 1 + mn, where n is any integer –Which means d = (1+mn)/e. Now we just go through values of n until we get one that works n = 0, so d = 1/5, no good | n = 1, so d = 109/5, no good n = 2, so d = 217/5, no good | n = 3, so d = 325/5 = 65, GOOD!

RSA Example So, we found an –n = 133 –e = 5 –d = 65 To encrypt, we use C = M e mod n Our public key is e=5 and n=133. With this, people can encrypt messages so only we can decrypt the message So, if the message was 4, then –C = 4^5 mod 133 = 93 –We can send C = 93 to the person we want to see it Then the person gets the message 93 and uses the secret key –d = 65, n = 133 –M = C d mod n –M = 93^65 mod 133 = 4

Factoring Large Numbers The key to the RSA is that it assumes no one can factor large numbers quickly. (It is a NP problem right now) No one has proved that it cannot be done quickly, but no one has been able to do it quickly Because the product of the numbers is already publicly known, if it could only be factored then the decryption key could be found easily. This is very challenging, especially if the "n" is a 1024 bits. That means the number is and to find two prime factors could not be finished before the universe died. But if a quick method was found to solve this, then all encryption is vulnerable and no one could do communicate securely

Digital Signatures Digital signatures using public-key solves one of the trickiest parts of communication: making sure the person who sent the message is really the correct person It is very simple to fake an address on the computer, so it's important when there is valuable data to ensure no one has changed it. Public key cryptosystems are able to do that because of it's special nature: a private key and a public key

Digital Signatures Making sure no one has changed your data relies on a one-way hash (also called a message digest). A one way hash has the following properties: –The value you get from the hash is different for any piece of data. If you change even just one bit, you will get a very different hash –You cannot go the reverse direction. That means if you have the hashed data, you cannot get the original data from the hashed data. If you think about public-key, you'll notice you can use either the public or the private key for either encrypting or decrypting. Although encrypting with the private key is possible, it is not used because then anyone can decrypt. But with digital signatures it becomes very important to do this

Digital Signatures To create a digital signature: –Make a one way hash of the original message –Encrypt the hash with your private key –This encrypted hash is the digital signature To check the digital signature –The receiver decrypts the hash with the public key –Then takes the original message and applies the hashing function. –If the two hashes are the same, then you know the data has been sent by that person only

Digital Signatures Pictures from Netscape Online Documentation

Summary Cryptography is crucial to business and government today. There are many, many algorithms that are available for encryption, but there have been many times when an encryption was broken because it was not based on a sufficiently hard problem to solve The reason the Allies won World War II was because the British had broken the German communications encryption using the first computer built, called Colossus You should be aware of it's importance and the basic idea of how it works