The Role of Cryptography

in Cyberscurity

International Colloquium on ICT

19 November 2014, Brussels

Cybersecurity

Cyberspace

Cyberspace is becoming the real space

Hackers of the 1980’s, 1990’s

Advanced Persistent Threats of 2010’s

Communications security

• Basic Internet protocols do not have adequate security

o TCP/IP

o DNS

• Reluctance to modify successful protocols

• In theory, however, these problems can be solved

Computer security

• Data at rest

o Database security

o OS security

• Secure execution

o basic PC components do not have adequate security

o Sandboxing

o Correctness of execution

Difficult problems, even in theory

Data confidentiality

Alice Bob

Eve

Entity authentication

BobEve

Hello,

I am Alice

Data authentication

Nonrepudiation (origin)

Alice

Nonrepudiation (receipt)

Denial of service

Cryptography: the setup

E D#!C& #!C&

Kerckhoffs’ principle

A cryptosystem should be secure, even if everything about

the system, except the key, is public knowledge

Perfect secrecy: One Time Pad

• Red telephones

• Fresh random symbol

added to each data symbol

• Problems:

• Production of random

symbols

• Transport

Non-perfect security

Short key

Random-like

sequence

Expansion

01100011…

01100

(to replace true

randomness)

Conventional cryptography

• Partners share a short secret key

• Public algorithms provide confidentiality, authentication

• Military and government applications

• Communication points are known and fixed

• What if this is not the case?

o E.g. commercial environments

Limitation of symmetric cryptology

• Reduce security of information to security of keys

• But: how to establish these secret keys?

o cumbersome and expensive

o or risky: all keys in 1 place

• Do we really need to establish secret keys?

Shamir’s 3-pass protocol

Asymmetric cryptography

Asymmetric mathematics

• “Easy problem”: find integer numbers x, k satisfying

• “Difficult problem”: find integer numbers y, l satisfying

• Discrete logarithm problem

o Computationally infeasible when prime number > 10600

17483

= x + k × 23497

17y

= 811+ l × 23497

Diffie-Hellman key agreement protocol

Alice and Bob agree on large prime number and on base z

Alice generates a,

computes A = za

Bob generates b,

computes B = zb

Alice computes Ka = Ba Bob computes Kb = Ab

Ka = Ba = zba = zab = Ab = Kb

A

B

• Alice and Bob compute the same

key!

• Eve sees only A, B

Asymmetric encryption: the principle

• Store A, B, … in a public database

• When sending message to user:

1. Generate random x

2. Obtain U from public database and compute Ku = Ux

3. Encrypt message with symmetric cryptography using Ku

4. Transmit encrypted message and X = zx

• User computes Xu = Ku and decrypts message

Asymmetric encryption: the application

• Everyone can encrypt messages

• Only one person can decrypt

o Using the private key

• We don’t need to transmit or share secret keys

• We only need to share public keys

• Public-key cryptography

Asymmetric encryption: caveat

• How can we be sure that A is indeed the public key of

Alice?

• How can we be sure that any digital document is not

forged or modified?

o Data authentication

Data authentication

• Can’t attach a scan of hand-written signature

• Electronic signature should be different for every new

document

o Only way to avoid cut-and-paste

• Desired properties?:

o Only one person can create signature

o Everyone can verify the signature

• Sounds familiarly asymmetric?

Digital signature

“Asymmetric encryption backwards”

• In order to sign message m:

o Use private key to “decrypt” message m

o Output = signature s

• In order to verify signature s on message m

o Use public key to “encrypt” s and check if m reappears

• (Details may vary)

Electronic signatures

The law distinguishes:

1. Electronic signatures

o Basically, anything that is electronic

2. Advanced electronic signatures

o Should use asymmetric cryptography

3. Qualified electronic signatures

o Should use asymmetric cryptography

o “Hardware” must guarantee that private key remains

private

Guarantee correctness of signature

Guarantee correctness of public key

• Put the public key in a file, together with information

allowing to uniquely identify the owner

• Place an electronic signature on the file

Mr. Jan Peeters of

Peeters Book shop

Has public key 12A5678.

Signed,

Yvo Bros

Some official

Certificate chain

Now we only need to guarantee the correctness of the key

that was used to sign the certificate ;-)

Peeters Book Shop

Clark at the city hall

Home office

Public Key Infrastructure (PKI)

Root key

• Endpoint of the chain must be authenticated by different

means

• Easy in closed environments

o Root key is initialized during set-up

• Difficult in open environments

o No clear hierarchy

o Root keys “trusted” by the browser, the OS, …

Applications of cryptography

• Authenticity of software updates, of web sites (https),

DNSsec, IPsec, …

o Digital signatures

• Strengthening of password-based mechanisms

o Diffie-Hellman techniques

• Trusted computing & Remote attestation

o Digital signatures with extra properties

Cryptography complicates

• Packet-filter firewalls

o Because the packets are encrypted

• Recovery of data when people leave the organization or

forget their password

• Law-enforcement access

• Tuning

Most common cryptography problem

• Cryptography decreases processing speed

o Often not in a significant way!

• Changing standard cryptographic mechanisms in order to

improve performance is usually a BAD IDEA

o WEP (IEEE 802.11)

o Debian (Linux) key generator

o …

Cryptographic protection works only if …

• Software vendor, website owner, … update timely their

cryptographic algorithms

o Some industry code is not upgradable

• People don’t install software without valid electronic

signature

o Cf. phishing emails

• No false root keys have been installed

Conclusion

�Communication security in closed environment

�Open environment

�Computer security

� “Fool-proof”