Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography & Security

Published byMarybeth Malone Modified over 6 years ago

Similar presentations

Presentation on theme: "Cryptography & Security"— Presentation transcript:

1 Cryptography & Security
CSC 103 Lecture 12 Nicholas R. Howe

2 What does this message say?
Frqjudwxodwlrqv, brx kdyh iljxuhg rxw krz wr wudqvodwh wkh vhfuhw phvvdjh. Zhoo grqh! How did you figure it out? What techniques did you use? Can you figure out the one below? Oelp kz ymssfql cbwpvt kvllkxi. Zqp xpomjufc nqfgvk jlsszt bz grr ehivank ry kenn o vgxjhjnr ndr.

3 Encryption Schemes The first shifts every letter by 3:
Congratulations, you have figured out how to… , … Frqjudwxodwlrqv, brx kdyh iljxuhg rxw krz wr… The second uses a one-time pad: This is another secret message. + Vxdx ch yzezymu kxuyra yrttkre. Oelp kz ymssfql cbwpvt kvllkxi. One-time pad is unbreakable if used just once. This would be ideal cipher The problem is distributing it!

4 Generated Cipher E-commerce: Delivery of keys is a problem
Idea: generate pseudorandom ciphers using short keys Cipher sequence impossible to guess without key Still a problem of key delivery Example: Key = 4-digit number Square it & take middle 4 digits Repeat using new key, etc. 4472 x 4472 9987 x 9987

5 Codebreaking in WWII Germans in WWII used mechanical cipher generators
Allies able to deduce mechanism and decipher messages Significant factor in war effort Early application of computers at Bletchley Park, U.K. Interesting books on topic Lorenz cipher Enigma cipher

6 Code Breaking Scenario: Alice wants to speak with Bob
Eve is listening to their communications Can Alice and Bob converse without Eve learning anything? Alice Bob Eve

7 Public Key Cryptography
Key distribution remains problem 1970s: Public key schemes published Rely on one-way function Example: multiplying two numbers is easy Factoring a number into two components is hard Setup: two keys, one public, one private Encryption via one key is undone using the other Impossible* to decrypt otherwise 1531 x 1811 = ? = ? x ? M =M

8 Key Exchange Alice and Bob independently select public & private keys
Eve

9 Key Exchange Alice and Bob independently select public & private keys
Alice & Bob exchange public keys B A B A A B Alice Bob B A Eve B A

10 Secure Communication (?)
Alice sends messages to Bob encrypted using Bob’s public key Only Bob has the private key that can decrypt the message M A B B A B Alice Bob ? B A Eve B

11 Man In The Middle Attack
What if Eve is able to alter messages sent between Alice and Bob? Eve can intercept key exchange & substitute new key! A B A E A B Alice Bob A E Eve E E A

12 Man In The Middle Attack
What if Eve is able to alter messages sent between Alice and Bob? Eve can intercept key exchange & substitute new key! All subsequent messages read & altered A M B M E E A B Alice Bob E A E A Eve E E A B

13 Secure Key Distribution
To prevent man-in-the-middle, must ensure correct identity of public keys Need a trusted source to hold keys Source must verify identity of entities for which it holds keys Verification in person, not electronically Keys also handed over in person Web: trusted source is Certificate Authority

14 Certificates Public/private keys can also establish identity
Browsers have CA public keys built in CA can send unforgeable messages Can distribute public keys for other sites Secure, verifiable communication M This message can only be generated using the CA private key. It can be decoded using the CA public key. CA CA M Message readable only by B, sendable only by A B A

15 How Secure? Best encryption systems based upon one-way functions with no known solution Alternative is brute force: try every possible key Time to break based upon key length Key size Time to Crack 40-bits (pre-1996) Seconds 56 bits (DES) Days 64 bits (RC5) Years bits (AES) Secure (currently)

16 Crypto Algorithms Many developments in 1990’s:
U.S. law prohibited export of crypto greater than 40 bits as “munitions” Government using Data Encryption Standard (DES) 54 bit key considered weak Fear of NSA “backdoor” NIST announces competition for Advanced Encryption Standard (AES) in 1997, adopted 2000

17 Personal Crypto You can make a personal encryption key
OpenPGP (Pretty Good Privacy) offers free encryption standards & tools Exchange public keys with friend Can encrypt before sending Can also create a key with public CA Must verify your identity to CA Send and receive encrypted messages in GMail

18

19 Key Exchange Alice and Bob independently select public & private keys
Bob’s public key available from trusted source Alice sends her public key to Bob encoded using Bob’s public key Alice Bob Eve A B A B

20 Key Exchange Alice and Bob independently select public & private keys
Bob’s public key available from trusted source B A B A B Alice Bob B Eve B

Download ppt "Cryptography & Security"

Similar presentations

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
CS110: Computers and the Internet Encryption and Certificates.

CS110: Computers and the Internet Encryption and Certificates.
Encryption: A Brief History Author: Margery Waldron.

Encryption: A Brief History Author: Margery Waldron.
1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.

1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.
Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?

Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.

Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
Lecture 2: Introduction to Cryptography

Lecture 2: Introduction to Cryptography
Overview of Cryptography & Its Applications

Overview of Cryptography & Its Applications
Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.

Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.
Encryption CS110: Computer Science and the Internet.

Encryption CS110: Computer Science and the Internet.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Department of Computer Science Chapter 5 Introduction to Cryptography 2016 - Semester 1.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.

SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
Secret Key Cryptography

Secret Key Cryptography

Similar presentations

Ads by Google