Upload
mari-jefferson
View
67
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Cryptography. Yiwei Wu. Outline. Why have cryptography History Modern cryptography Private key Public key Pretty Good Privacy Conclusion Reference. Why Have Cryptography [1]. - PowerPoint PPT Presentation
Citation preview
Outline
• Why have cryptography• History• Modern cryptography– Private key– Public key
• Pretty Good Privacy• Conclusion• Reference
Why Have Cryptography [1]
• In the most abstract sense, we can describe a distributed system as a collection of clients and servers communicating by exchange of messages.
• Authentication of principals and messages is the major issue in secure distributed systems.
Why Have Cryptography [3,4]• Security Requirements– Confidentiality
• Protection from disclosure to unauthorised persons– Integrity
• Maintaining data consistency– Authentication
• Assurance of identity of person or originator of data– Availability
• Legitimate users have access when they need it– Access control
• Unauthorised users are kept out
History [2, 3,4]• Earliest recorded us around 1900BC in Egypt• Atbash cipher (Old Testament, reversed Hebrew alphabet,• 600BC)• Around 100BC Julius Caesar used substitution cipher
– letter = letter + 3 => ‘fish’ -> ‘ilvk’• Cipher Machines
– most notable Enigma machine in WWII• Block Ciphers
– Originated with early 1970’s IBM effort to develop banking security systems
– 1970’s - Dr. Horst Feistal invented DES• RSA 1977
– Rivest-Shamir-Adelman
Modern cryptography [4]
• Private key cryptography– Problem of communicating a large message in
secret is reduced to communicating a small key in secret
Private key cryptography [1]
• Encryption algorithm E turns plain text message M into a cipher text C– C = E(M)
• Decrypt C by using decryption algorithm D which is an inverse function of E– M = D(C)
Private key cryptography [1]
• Confidentiality kept by keeping algorithms secret.
• Not practical over distributed systems – too many algorithms.
• Solution is to decompose algorithm– Function - public– Key – private
Private key cryptography [1]
• Encryption algorithm with secret key Ke• Decryption key Kd– M=Dkd(Eke(M))
• The function must have the properties that different messages with the same key and a same message with different keys will result in distinct cipher text.
• It is easy to compute the cipher text from the plaintext but difficult the other way.
Private key cryptography [4]
• DES – developed by IBM, 1977– Key size = 56 bits– Brute force = 255 attempts– The plaintext is broken down into 64 bit blocks
• DES was designed for efficiency in early-70’s hardware. • Made it easy to build pipelined brute-force breakers in
late-90’s hardware• EFF (US non-profit organization) broke DES in 2½ days• AES– Advanced Encryption Standard, replacement for DES
Private key cryptography [4]
• Hash Functions– Creates a unique “fingerprint” for a message– Hash has to be protected in some way
Private key cryptography [4]
• Message authentication codes (MACs) – secret key is used to authenticate the hash value
Public key cryptography [4]
• A significant disadvantage of symmetric ciphers is the key management necessary to use them securely.
• Uses matched public/private key pairs• Anyone can encrypt with the public key, only one
person can decrypt with the private key
Public key cryptography [1, 2]• Each principal keeps a set of encryption keys (Ke
& Kd)• Encryption algorithm E is public and so is the key
Ke• Decryption algorithm D and decryption key Kd is
kept private• Data sent to a principal is encrypted using that
corresponding Ke• E and D can be made public if Ke and Kd are
chosen such that it is impossible to infer Kd from Ke.
Public key cryptography [1, 2]
• RSA (Rivest-Shamir-Adelman), 1977– The algorithms E and D are inverses– Plain text messages are limited to a size is limited
to k bits• Integer k is chosen such that 2k < N
– N =p * q where p & q are LARGE prime numbers– Kp (public encyrption key) and Ks (private
decryption key) are derived from p & q– Relies on computational complexity in factoring
large numbers upon which keys are placed.
Public key cryptography [4]
• public-key cryptography can be used to implement digital signature schemes
Public key cryptography [4]
• DH (Diffie-Hellman), 1976– Key exchange algorithm– the discrete logarithm problem
• Elgamal– DH variant, one algorithm for encryption, one for
signatures– Attractive as a non-patented alternative to RSA
(before the RSA patent expired)
Pretty Good Privacy (PGP) [7]
• PGP encryption uses public-key cryptography and includes a system which binds the public keys to a user name and/or an e-mail address.
Pretty Good Privacy (PGP) [5,6,8]
• Early history– Phil Zimmermann created the first version of PGP
encryption in 1991.– PGP very rapidly acquired a considerable following around
the world.– RSA complains to Phil that PGP violates their PK patents .– USG decides that they don't like PRZ because the NSA
can't tap all those internet mail messages anymore.– Zimmermann was criminally investigated by the Customs
Service and the FBI for several years.– Investigation was dropped in January 1996 with no
charges laid.
Conclusion
• Private Key DES is computationally efficient• Public Key RSA is computationally expensive• Possible best use is RSA for short/important
data and DES for long or less critical• One or more security mechanisms are
combined to provide a security service
Reference1. Chow, Randy; Johnson, Theodore; “Distributed Operating
Systems & Algorithms”, 19982. Aiden A. Bruen and Mario A. Forcinito, “Cryptography,
Information Theory, and Error-Correction a Handbook for the 21st Century”, John Wiley & Sons, Inc. (2005) ISBN 0-471-65317-9.
3. Coron, J.-S., “What is cryptography?” Security & Privacy, IEEEVolume 4, Issue 1, Jan.-Feb. 2006 Page(s):70 - 73
4. http://www.cs.auckland.ac.nz/~pgut001/tutorial/, Oct. 20085. http://en.wikipedia.org/wiki/Cryptography, Oct. 20086. http://www.cypherspace.org/adam/timeline, Oct. 20087. http://en.wikipedia.org/wiki/Pretty_Good_Privacy, Oct. 20088. http://www.pgpi.org/doc/pgpintro/, Oct. 2008