Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.

Published byEdgar O’Brien’ Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that."— Presentation transcript:

1 1 Cryptography Troy Latchman Byungchil Kim

2 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that the medium we use to transmit data is insecure, e.g. can be sniffed. Cryptography allows a sender to disguise data in hopes that an intruder can gain no information from the intercepted data. Cryptography allows a sender to disguise data in hopes that an intruder can gain no information from the intercepted data.

3 3 Fundamentals Alice and Bob are two innocent people. Alice and Bob are two innocent people. Trudy is an intruder. Trudy is an intruder.

4 4 Fundamentals Alice generates some data that is in plaintext. She then uses a key (Ka) and an encryption algorithm to transform the data into ciphertext. Alice generates some data that is in plaintext. She then uses a key (Ka) and an encryption algorithm to transform the data into ciphertext. The data is transmitted and sniffed along the way. Trudy gains no information about the contents of the message because the data is in ciphertext (encrypted). The data is transmitted and sniffed along the way. Trudy gains no information about the contents of the message because the data is in ciphertext (encrypted). Bob receives the ciphertext and uses a key (Kb) and a decryption algorithm to transform the data into plaintext. Bob receives the ciphertext and uses a key (Kb) and a decryption algorithm to transform the data into plaintext.

5 5 Fundamentals Shortened Notation: Alice starts with message ‘m’ and applies her key as well as ‘m’ to an encryption algorithm to get the ciphertext Ka(m) Alice starts with message ‘m’ and applies her key as well as ‘m’ to an encryption algorithm to get the ciphertext Ka(m) Bob receives Ka(m) and applies this as well as his key to the decryption algorithm to get the original message: Kb(Ka(m)) = m Bob receives Ka(m) and applies this as well as his key to the decryption algorithm to get the original message: Kb(Ka(m)) = m m => Ka(m) => Kb(Ka(m)) => m m => Ka(m) => Kb(Ka(m)) => m

6 6 Keys Symmetric Key Symmetric Key –Alice’s and Bob’s keys are identical and are private. Public Key Public Key –Two keys are used. One of the keys is public (the whole world knows it). The other key is known either by Alice or Bob, not both.

7 7 Symmetric Key Caesar cipher is a very old and simple symmetric key algorithm: Take each letter in the plaintext message and translate it into another letter. Take each letter in the plaintext message and translate it into another letter. The translation is done by adding a constant, k, to the plaintext letter. The translation is done by adding a constant, k, to the plaintext letter. The number for each letter is its position in the alphabet, e.g. A=1, Z=26. The alphabet has wrap around where A comes after Z. The number for each letter is its position in the alphabet, e.g. A=1, Z=26. The alphabet has wrap around where A comes after Z.

8 8 Symmetric Key Caesar cipher example: Let k=3 (the key) Let k=3 (the key) Plaintext: BOB, I LOVE YOU. ALICE Plaintext: BOB, I LOVE YOU. ALICE Ciphertext: ERE, L ORYH BRX. DOLFH Ciphertext: ERE, L ORYH BRX. DOLFH Note that Caesar cipher only has 25 possible keys, so a brute force method to break the encryption can be used.

9 9 Symmetric Key Monoalphabetic cipher - an improvement over Caesar cipher Each letter gets translated to a set random letter by a 1 to 1 algorithm. Each letter gets translated to a set random letter by a 1 to 1 algorithm. 26! possible pairings (keys). 26! possible pairings (keys). Monoalphabetic cipher was later improved by polyalphabetic encryption. Monoalphabetic cipher was later improved by polyalphabetic encryption.

10 10 Symmetric Key Data Encryption Standard (DES) Data Encryption Standard (DES) http://www.aci.net/kalliste/des.htm Created in 1977 and updated in 1993. The algorithm works by manipulating input on the bit level. Created in 1977 and updated in 1993. The algorithm works by manipulating input on the bit level. The algorithm needs an input (limited to 64 bits) and a 64 bit key (effectively only 56 bits due to 8 parity bits) The algorithm needs an input (limited to 64 bits) and a 64 bit key (effectively only 56 bits due to 8 parity bits)

11 11 Symmetric Key Basic operation of DES

12 12 Symmetric Key The 56-bit DES is considered too insecure. The encryption was cracked in 22 hours in 2002 using a special purpose computer. The 56-bit DES is considered too insecure. The encryption was cracked in 22 hours in 2002 using a special purpose computer. 3DES is more secure. This runs DES 3 times with 3 different keys. 3DES is more secure. This runs DES 3 times with 3 different keys. Advanced Encryption Standard (AES) is the successor to DES. It uses key lengths of 128, 192, and 256 bits. It is estimated that a computer that could break 56-bit DES encryption in 1 second would take approximately 149 trillion years to crack 128-bit AES encryption. Advanced Encryption Standard (AES) is the successor to DES. It uses key lengths of 128, 192, and 256 bits. It is estimated that a computer that could break 56-bit DES encryption in 1 second would take approximately 149 trillion years to crack 128-bit AES encryption.

13 13 Public Key One short fall to using a symmetric key is that both parties must know the key before they start the encrypted communication. One short fall to using a symmetric key is that both parties must know the key before they start the encrypted communication. How do the parties initially get the key? How do the parties initially get the key? They could meet in person so that the communication would be secure, but this is usually inconvenient. They could meet in person so that the communication would be secure, but this is usually inconvenient. Elegant Solution: public key encryption. Elegant Solution: public key encryption.

14 14 Public Key Instead of Alice and Bob having the same secret key. Bob will have 2 keys, a public key (Kb+) which the whole world knows, and a private key that only Bob knows (Kb-). Instead of Alice and Bob having the same secret key. Bob will have 2 keys, a public key (Kb+) which the whole world knows, and a private key that only Bob knows (Kb-). This eliminates the need for distributing secret keys. This eliminates the need for distributing secret keys.

15 15 Public Key Overview of public key encryption

16 16 Public Key Alice fetches Bob’s pubic key (Kb+) Alice fetches Bob’s pubic key (Kb+) She encrypts her message with the key to get: Kb+(m) She encrypts her message with the key to get: Kb+(m) Bob receives the ciphertext and applies his private key in order to extract the message: Bob receives the ciphertext and applies his private key in order to extract the message: Kb-(Kb+(m)) = m IMPORTANT: Kb+(Kb-(m)) = m (We will see the importance of this later)

17 17 Public Key RSA – a public key encryption algorithm named after its founders (Ron Rivest, Adi Shamir, and Leonard Adleman): Choose 2 large prime numbers ‘p’ and ‘q’. Choose 2 large prime numbers ‘p’ and ‘q’. Compute n = p*q Compute n = p*q Compute z = (p-1)*(q-1) Compute z = (p-1)*(q-1) Choose a number ‘e’ that is less than ‘n’ which has no common factors (besides 1) with z Choose a number ‘e’ that is less than ‘n’ which has no common factors (besides 1) with z Find a number ‘d’ such that e*d-1 is divisible by ‘z’ with no remainder Find a number ‘d’ such that e*d-1 is divisible by ‘z’ with no remainder Kb+ = (n,e) Kb+ = (n,e) Kb- = (n,d) Kb- = (n,d)

18 18 Public Key We now have (n,e) and (n,d), that is Kb+ and Kb-. We now have (n,e) and (n,d), that is Kb+ and Kb-. Alice obtains (n,e) and does the following to each letter of her message (again A=1 and Z=26): Alice obtains (n,e) and does the following to each letter of her message (again A=1 and Z=26): c = m^e mod n c = m^e mod n where ‘m’ is the numeric value of the letter and ‘c’ is the cipher output

19 19 Public Key Bob is the only one who has (n,d), that is Kb-, and does the following on each letter once he receives the ciphertext form Alice: Bob is the only one who has (n,d), that is Kb-, and does the following on each letter once he receives the ciphertext form Alice: m = c^d mod n m = c^d mod n where ‘m’ is the recovered message

20 20 Public Key RSA example: Bob does the following: Chooses p=5 and q=7 Chooses p=5 and q=7 - Thus, n=35 and z=24 Chooses e=5 since 5 and 24 have no common factors Chooses e=5 since 5 and 24 have no common factors Chooses d=29 since 5*29-1 is divisible by 24 Chooses d=29 since 5*29-1 is divisible by 24 So we have Kb+ = (35,5) and Kb- = (35,29) Suppose Alice wants to send ‘l’ ‘o’ ‘v’ ‘e’ to Bob…

21 21 Public Key

22 22 Integrity There is a short fall to using public key encryption - Trudy, the intruder, can claim she is Alice! There is a short fall to using public key encryption - Trudy, the intruder, can claim she is Alice! We didn’t have to worry about these false claims in symmetric key encryption because the mere fact that the user on the other end had the correct key (which is private) was proof enough they were who they said they were. We didn’t have to worry about these false claims in symmetric key encryption because the mere fact that the user on the other end had the correct key (which is private) was proof enough they were who they said they were. How do we regain the integrity that we lost? How do we regain the integrity that we lost?

23 23 Integrity Bob can sign his message – proving that the messages are coming from Bob. Bob can sign his message – proving that the messages are coming from Bob. All he has to do is a apply his private key to the data he sends Alice: Kb-(m) All he has to do is a apply his private key to the data he sends Alice: Kb-(m) Alice then receives this and applies Bob’s public key: Kb+(Kb-(m)) = m Alice then receives this and applies Bob’s public key: Kb+(Kb-(m)) = m (This is the important part from slide 16)

24 24 Integrity

25 25 Integrity But signing over the entire message is computationally expensive. But signing over the entire message is computationally expensive. Want a less costly way to have integrity. Want a less costly way to have integrity. Answer: Message Digest Answer: Message Digest

26 26 Integrity Message digest algorithms take a message ‘m’ or arbitrary length and compute a fixed- length output known as a message digest: H(m) Message digest algorithms take a message ‘m’ or arbitrary length and compute a fixed- length output known as a message digest: H(m) The algorithm is basically a many to one hash function. The algorithm is basically a many to one hash function. A good algorithm will make it inconceivable for 2 messages to hash to the same value (message digest). A good algorithm will make it inconceivable for 2 messages to hash to the same value (message digest).

27 27 Integrity Now that we have a small “summary” of what is in the message, we can use this to obtain integrity when using public key encryption. Now that we have a small “summary” of what is in the message, we can use this to obtain integrity when using public key encryption. All Bob needs to do is to apply his private key to the message digest. This is much more efficient than applying it to the entire message: All Bob needs to do is to apply his private key to the message digest. This is much more efficient than applying it to the entire message: Kb-(H(m)) which is called a digital signature

28 28 Integrity Now when Bob wants to communicate, he can just send ‘m’ and Kb-(H(m)) Now when Bob wants to communicate, he can just send ‘m’ and Kb-(H(m)) When Alice receives these two items, she computes H(m) two different ways: When Alice receives these two items, she computes H(m) two different ways: Directly from ‘m’ (like Bob did when sending the message) By applying Bob’s public key to the digital signature: Kb+(Kb-(H(m)) = H(m) Alice then compares the two message digests and see if they match. Alice then compares the two message digests and see if they match.

29 29 Integrity

30 30 Integrity

31 31 Integrity How do we compute H(m)? How do we compute H(m)? There are widely used algorithms to do so. There are widely used algorithms to do so. MD5 and SHA-1 are examples of such algorithms. MD5 and SHA-1 are examples of such algorithms. MD5 computes a 128-bit message digest in a four-step process. http://www.faqs.org/rfcs/rfc1321.html http://www.faqs.org/rfcs/rfc1321.html http://www.faqs.org/rfcs/rfc1321.html

32 32 The Lab Be sure to thoroughly read and understand the previous slides. Be sure to thoroughly read and understand the previous slides. We will be doing exercises with built in functions in Linux. We will be doing exercises with built in functions in Linux. We will examine: DES, RSA, MD5, and SHA-1. We will examine: DES, RSA, MD5, and SHA-1.

33 33 References All figures and tables throughout this presentation came from one source: Kurose, Charlie and Ross, Keith. Computer Networking: A Top-Down Approach Featuring the Internet. New York, NY: Addison Wesley, 2003. Kurose, Charlie and Ross, Keith. Computer Networking: A Top-Down Approach Featuring the Internet. New York, NY: Addison Wesley, 2003.

Download ppt "1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that."

Similar presentations

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:

Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies

Cryptographic Technologies
CSE401n:Computer Networks

CSE401n:Computer Networks
Overview of Cryptography Oct. 29, 2002 Su San Im CS Dept. EWU.

Overview of Cryptography Oct. 29, 2002 Su San Im CS Dept. EWU.
Public Key Cryptography

Public Key Cryptography
Public Encryption: RSA

Public Encryption: RSA
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Security Module – Part 1 Spring 2006 V.T. Raja, Ph.D., Oregon State University.

Security Module – Part 1 Spring 2006 V.T. Raja, Ph.D., Oregon State University.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.

Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.

Similar presentations

Ads by Google