Upload
shadyproject
View
7.274
Download
1
Embed Size (px)
DESCRIPTION
A very basic introduction to cryptography, used for a test teach at my old job.
Citation preview
Introduction to Cryptography
Christopher Martin
What is Cryptography?
“There are two kinds of cryptography in the world: the kind that will keep your kid sister from reading your files, and the kind that will keep major governments from reading your files” - Bruce Schneier, preface to Applied Cryptography
Cryptography is the science of keeping things secret, this is known formally as confidentiality.
Cryptography can be asked to do other things as well.
But what can crypto do for me?
AuthenticationProof of identity
IntegrityProof of content
NonrepudiationProof of transmission
Terminology
1. Plaintext or Cleartext• The message
2. Ciphertext• The encrypted message
3. Encryption or Enciphering• The process of turning plaintext into
ciphertext• E(M) = C
4. Decryption or Deciphering• The opposite of the above• D(C) = M or D(E(M)) = M
Son of Terminology
1. Cryptography• Art and science of keeping secrets secret• Practitioners are called Cryptographers
2. Cryptanalysis• The art and science of making secrets not.
Breaking Cryptography• Practitioners are called Cryptanalysts
3. Cryptology• The branch of mathematics that encompasses
both of the above.• Practitioners are called Cryptologists
Return of Son of Terminology1. Key
• The “shared secret” used to keep the message secret.
• Can be one value from any sized range, called the keyspace
2. Cryptographic Algorithm• The series of steps applied to the message and
the key• Also called a cipher
3. Cryptosystem• A single algorithm, plus all possible
plaintexts, ciphertexts, and keys
A brief digression on secrecy
All secrecy resides in the keyKerchoffs’ Law
Restricted Algorithms
Types of encryption algorithms
Asymmetric Also known as public key Uses two keys, public and private
Symmetric Uses one key that is shared between parties
Historical/Classical Substitution ciphers, polyalphabetic cipers, codes
Hash Not technically encryption algorithms but are part of cryptography
Symmetric Encryption
Ek(M) = C, Dk(C) = M, Dk(Ek(M)) = M The encryption key can be calculated from the decryption key, and vice versa Usually, however, there is only one key
The primary Achilles heel is that the key must be shared between n parties
DES, 3DES, Blowfish, Twofish, Serpent, IDEA, AES (Rijndael)
Can operate in two modes: stream and block, and most modern algorithms have variable key size
One Time Pads
Subset of Symmetric ciphersOffers theoretically perfect securityKey is comprised of a large sheet of truly random letters.
Each key is used only onceEncryption is the addition modulo 26 of the key letter, and the plaintext letter
Asymmetric Encryption
Ek-pub(M) = C, Dk-priv(C) = M,
Dk-priv(Ek-pub(M)) = M
Given the public key, it is computationally infeasible to calculate the private key
Can also be used for digital signaturesExamples: RSA, DSA, ElGamal,Diffe-Hellman
Hashing Algorithms
Hashing is about integrityThere is no key involved in hashing
Takes an arbitrary sized input, and produces a unique fixed size output
The smallest change in the input should produce a totally different output
The process is non reversibleExamples: MD4, MD5, SHA-1, SHA-128, SHA-256
Attacking Cryptography
CryptanalysisCiphertext Only AttackKnown Plaintext AttackChosen Plaintext Attack
Adaptive chosen plaintextChosen Ciphertext AttackChosen Key AttackRubber Hose Cryptanalysis
Where to use cryptography?Anywhere you want to have something remain secret SSL, TLS, IPv6, SSH, IPSec all keep information secure in transit
Any Symmetric Algorithm can keep your files safe in storage There are file systems available that will
encrypt your data on the fly. EncFS and Loop-AES for unix, EFS for windows, FileVault for Mac OS X
You can add encryption at the application level, or at the server level for storing database information securely
Where can I get cryptography?Your best bet it to have it bundled with the Operating System, or to buy supported add-on hardware that does what you want. OpenBSD is the de facto standard for operating system supported cryptography.
Add on libraries like OpenSSL and libTomCrypt are also available for most unix like platforms.
Roll Your Own Not really recommended unless you are an expert
Conclusions
Cryptography is only one part of a multi layered security system
It’s not a magic bulletIt’s fun
Sources
1.Applied Cryptography, Bruce Schneier1996, Wiley and Sons
2.Practical Cryptography, Bruce Schneier and Niels Ferguson2003, Wiley Publishing
3.Silence on the Wire, Michael Zalewski2005, No Starch Press