Download presentation
Presentation is loading. Please wait.
1
Digital Signatures
2
Anononymity and the Internet
3
Potential For Mischief
4
Potential For Mischief
5
Dilemma Need encryption for security Encryption needs shared key
6
Dilemma Need encryption for security Encryption needs shared key
Diffie Hellman produces shared key
7
Dilemma Need encryption for security Encryption needs shared key
Diffie Hellman produces key But with who???
8
Symmetric Cryptography
Traditional cryptography Same secret encrypts and decrypts: Shift by three letters XOR with bits
9
Asymmetric Cryptography
Symmetric cryptography: Key for encoding same as key for decoding Shift three letters
10
Asymmetric Cryptography
Asymmetric cryptography: Key for encoding different than for decoding
11
Asymmetric Cryptography
Keys work in both directions
12
Asymmetric Cryptography
You can't unlock with key used to lock
13
Public/Private Keys Make an A/B pair of asymmetric keys
Give one away : Public Key Keep one secret : Private Key
14
Private Key Message is "Signed" Only owner can lock with private key
Anyone can unlock Message is "Signed"
15
Public Key Everyone can lock with public key
Only private key holder can unlock
16
Key Distribution Problem
How do you get the right public key from Wells Fargo?
17
Key Distribution Problem
How do you get the right public key from Wells Fargo? Sure, I'm Wells Fargo, here is my public key!!!
18
Signature Bank Record of signatures
19
Authenticating a Key Official key bank?? Wells Fargo
20
Can't Trust Internet Bank
Same problem: Key Bank Sure, I'm the key bank, here is Wells Fargo's key!!!
21
Authenticating a Key Computers & Browsers come with public keys from Certification Authorities
22
Authenticating a Key Browsers come with public keys of known banks called Certification Authorities
23
Authenticating a Key Certification Authorities use private key to lock up public keys of other companies "Certificate"
24
Authenticating a Key If your computer can open box with Verisign public key you can trust what is inside "Certificate"
25
Chain Of Trust Reality may involve chain of locks
26
Chain Of Trust Reality may involve chain of locks
27
Web Security HTTPS : Secure web connection
Browser asks server for certificated public key Browser picks shared secret Encrypts with public key, sends to server
28
Web Security HTTPS : Secure web connection
Browser asks server for public key Browser picks shared secret, encrypts with public key, sends to server
29
Asymmetric Math Use same tricks as Diffie-Hellman: Exponents Mod
30
Asymmetric Math Possible to pick numbers A, B, C so that:
31
Asymmetric Math Example: A = 3, B = 7, C = 22
Encrypt with A, decrypt with B
32
Asymmetric Math Example: A = 3, B = 7, C = 22
OR encrypt with B, decrypt with A
33
RSA How do we pick A, B, C that work together???
RSA algorithm invented in (Rivest, Shamir, Adelman)
34
Picking Keys Start with two prime numbers p, q – multiply to make clock size (C)
35
Picking Keys Start with two prime numbers p, q – multiply to make clock size (C) Pick (A) that will be part of your private key: {A, C}
36
Picking Keys Start with two prime numbers p, q – multiply to make clock size (C) Pick (A) that will be part of your private key: {A, C} Calculate (B) from p, q and (A). This makes your public key: {B, C}
37
Picking Keys Start with two prime numbers p, q – multiply to make clock size (C) Pick (A) that will be part of your private key: {A, C} Calculate (B) from p, q and (A). This makes your public key: {B, C} If anyone figures out p and q they can use B to calculate A !!!
38
Picking Keys Start with two prime numbers p, q – multiply to make clock size (C) … If anyone figures out p and q they can use B to calculate A !!! To get p and q you have to factor C
39
Factoring Factoring large numbers is hard But we are getting faster
40
Factoring Factoring large numbers is hard
But we are getting faster Larger keys : 2048 bits (prime numbers with 100's of digits)
41
Signed Message Messages can be anything
Data, Other keys Any attempt to modify encrypted box will mess up the message
42
Four messages: Message 5 4 15 8 Encrypted Version 11 30 12 2 I sent four messages "signed" with private key My public key: exponent 3, clock 34 message = encrypted ^ exponent mod clock One message was modified, which one is it? Three should check out, one should not private key 11
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.