1 Hello World and Welcome to The simple crypt Key=23 {txzr7c x7Cr 7d~zg{r 7tengc Private-key Cryptography

2 ALICE BOB Eve

3 ALICE BOB Eve Bob’s Public KeyBob’s Private Key Alice’s Public Key Bob’s Public Key Alice’s Public KeyAlice’s Private Key

4 Bob’s Public Key Locked for Bob Encryption

5 Locked for Bob Decryption Bob’s Private Key

6 Bob’s Public Key Signed by Alice & Locked for Bob Encryption Singed by Alice Signing Alice’s Private Key Singed by Alice Alice’s Private Key

7 Signed by Alice& Locked for Bob Decryption Bob’s Private Key Singed by Alice Alice’s Public Key Verification Singed by Alice Yes/No!

8 Message This is a big secret Message I?~jhYU WEKUia The Internet Message This is a big secret Message I?~jhYU WEKUia Recipient’s private key Recipient’s PUBLIC key

9 PGP,Version Manual, NetworkAssociates, 1999.

10 PGP,Version Manual, NetworkAssociates, 1999.

11 Certificate Authorities The Certificate Authority (CA) is a trusted third party Provides the necessary authentication and security infrastructure The CA creates and issues certificates

12 PGP,Version Manual, NetworkAssociates, 1999.

13 Sondra Schneider, IFsec, June 11, 1999.

14 Using the CA to Establish Trust Customer Merchant The CA 1- Establish a Certificate 2- send signed request and certificate 3- Check Signature 4-Merchant can trust customer and may continue with trade

15 Sondra Schneider, IFsec, June 11, 1999.

16 Sondra Schneider, IFsec, June 11, 1999.

17 Authentication Protocols General-purpose secure messaging protocols include: –SSL –S/MIME Secure protocols for electronic commerce include: –EDI/MIME. –SET

18 SET Byte, June 1997

19 June 1997

20 June 1997

21 The Use of Smartcards Byte, June 1997

22 Minimal Key Lengths for Symmetric Ciphers, Matt Blaze and others, 1996.

23 Avoiding bogus encryption products, Matt Curtin, 1998.

24 RSA from the RSA FAQ RSA is a public-key cryptosystem –take two large primes, p and q, –find their product n = pq; (n is called the modulus) –Choose, e, less than n and relatively prime to (p- 1)(q-1), and find its inverse, d, mod (p-1)(q-1), which means that: ed = 1 mod (p-1)(q-1) ; – e and d are called the public and private exponents, respectively. –The public key is the pair (n,e); –the private key is d. –The factors p and q must be kept secret, or destroyed.

25 Two numbers are relatively prime when they share no factors in common other than 1. In other words, if the greatest common divisor of a and n is equal to 1. This is written: gcd(a,n) = 1

26 It is difficult (presumably) to obtain the private key d from the public key (n,e). If one could factor n into p and q, however, then one could obtain the private key d. Thus the entire security of RSA is predicated on the assumption that factoring is difficult.

27 RSA encryption: suppose Alice wants to send a private message, m, to Bob. Alice creates the ciphertext c = m^e mod n, e and n are Bob's public key. To decrypt, Bob computes: m = c^d mod n, and recovers the original message m; the relationship between e and d ensures that Bob correctly recovers m. Since only Bob knows d, only Bob can decrypt.

28 public-key operations take O(k^2) steps, private key operations take O(k^3) steps, key generation takes O(k^4) steps where k is the number of bits in the modulus