Chaos, Communication and Consciousness Module PH19510 Lecture 13 Encryption in the Computer Age
Overview of Lecture Computers and Cryptography Exclusive Or and modulo arithmetic DES – the Data Encryption Standard Key Exchange Public Key Cryptography Quantum Cryptography
The Code Book Simon Singh Fourth Estate ISBN £ CD-ROM/Download Examples Animations
Cryptonomicon Novel Neal Stephenson ISBN:
General Cipher Process Plain Text Algorithm Cipher Text Algorithm Plain Text Key Encryption Decryption
Impact of Computers on Cryptography Pros Computer can mimic any machine (Turing) Ability to perform complicated encryption easily Working with binary numbers rather than letters, closer to mathematical process Cons Cryptanalysis eased Try many keys quickly Computer data tends to have fixed form known plaintext attacks
Exclusive OR Output true if and only if one of its inputs true Alternative symbols A B, A B Addition modulo 2 A B = B A (A B) C = C B A A B A = B Circuit Symbol AB ABAB Truth Table
DES the Data Encryption Standard Developed in 1970s Based on design of Horst Feistel, IBM Design modified by NSA Adopted as Federal Standard Nov 1976
Inside DES #1 Block cipher 64 bits of data (In/Out) 56 bits of key (7x10 16 ) 16 Rounds XOR left 32 bits with Fiestel function (F) of right 32 bits and 48 bits of subkey Swap left 32 and right 32 bits Decrypt by same process but with subkeys in reverse order F LnLn RnRn L n+1 R n+1 Subkey n One round of the DES cipher
Inside DES #2 The Fiestel function (F) E – Expansion Expand 32-bit half block to 48 bits by duplicating some bits XOR with 48 bit subkey Substitute using S- boxes 8x6bit 8x4bit Permute
DES Falls to technology 56-bit key not long enough weakened at request of NSA Original key length (IBM) 128 bits 1997 Competition to crack DES Distributed internet wide attack, DESCHALL 1998 – EFF DES Cracker Dedicated hardware 1,536 custom chips $250,000 2 days
Successors to DES Triple DES Apply DES 3x, different keys Blowfish, IDEA, NewDES, SAFER 64 bit data, 64/128 bit keys AES, Advanced Encryption Standard Adopted as standard 2002 128 bits data 128/192/256 bits key
Key Exchange Still need to distribute keys Diffie, Hellman & Merkle 1976 Ralph Merkle, Martin Hellman, Whitfield Diffie (c) Chuck Painter/Stanford News Service
Alice, Bob and Eve Alice wants to send a secret message to Bob Eve is eavesdropping
Alice sends a message to Bob Alice locks up message with padlock A Alice sends locked message to Bob Bob locks up message with padlock B Bob returns message to Alice Alice removes padlock A Alice returns message to Bob Bob remove padlock B & read message
How can this work with encryption ? Padlocks: A on, B on, A off, B off Most encryption functions need to be first on, last off Use one-way functions Y x (mod P) Bob & Alice can exchange keys Inconvenient multiple messages to exchange key
Public Key Cryptography Asymmetric Cryptography Concept due to Diffie, 1975 Public key - Encrypts messages Private Key - Decrypts messages Suitable function discovered 1977 by Ronald Rivest, Adi Shamir, Leonard Adelman (RSA)
Rivest, Shamir, Adelman (RSA) A Method for Obtaining Digital Signatures and Public-Key Cryptosystems by Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. Communications of the ACM 21,2 (Feb. 1978),
Public Key cryptography in use 2 prime numbers p and q Public key N = p × q Easy to multiply number Difficult to factor Make N >
Public Key Cryptography Details Encryption: C = M^e ( modulo n ) Decryption: M = C^d ( modulo n ) where: M = the plain-text message expressed as an integer number. C = the encrypted message expressed as an integer number. n = the product of two randomly selected, large primes p and q. d = a large, random integer relatively prime to (p-1)*(q-1). e = the multiplicative inverse of d, that is: ( e * d ) = 1 ( modulo ( p - 1 ) * ( q - 1 ) ) The public key is the pair of numbers ( n, e ). The private key is the pair of numbers ( n, d ).
Pretty Good Privacy (PGP) RSA algorithm ‘computer hungry’ Phil Zimmerman – Pretty Good Privacy Use RSA to encrypt message key Use message key to encrypt main message using DES or successor PGP wraps up encryption, key generation etc. in easy to use package Distributed freeware 1991
Quantum Cryptography – ultimate security Based on laws of quantum mechanics Send information by using polarisation of single photons Impossible to intercept without changing 1991 – 1 st exchange ≈30cm 1995 – 23km fibre optic 2007 – ≈100km
Quantum Cryptography using polarised photons #1 Charles H. Bennet, Gilles Brassard 1984 Photons are both waves & particles Waves may be polarised (direction of e/m vector) Select random bit (0,1) & polarisation scheme (+, ×) Transmit photon according to table, record bit & scheme Scheme01 Rectilinear+ Diagonal ×
Quantum Cryptography using polarised photons #2 - receiving Different detector for schemes (+, × ) Wrong detector will give incorrect output 50% Randomly select which detector to use Record (1,0) & (+, × ) Alice tells Bob which scheme she used Bob tells Alice when he used the correct detector Discard results using wrong detector Bob & Alice share same random stream of 1,0 random key for conventional crypto
Quantum Cryptography using polarised photons #3 - Summary Alice Bit Alice scheme + × ++ ×× ++ × + × Bob scheme × + × + × + × + × ++ Bob detected Correct? Sequenc e 10101
Quantum Cryptography using polarised photons – Eve’s problem Doesn’t know scheme used by Alice or Bob Can’t detect state of photon without changing it can’t intercept message w/o changing can’t ‘re-transmit’ message
Review of Lecture Computers and Cryptography Exclusive Or and modulo arithmetic DES – the Data Encryption Standard Key Exchange Public Key Cryptography Quantum Cryptography