200 likes | 374 Views
Privacy and Authentication: An Introduction to Cryptography. Very Brief. Whitfield Diffie, Martin Hellman (and Isabelle Stanton). What is Cryptography?. Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like
E N D
Privacy and Authentication: An Introduction to Cryptography Very Brief Whitfield Diffie, Martin Hellman (and Isabelle Stanton)
What is Cryptography? • Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like • Google Image search for cryptography→
Cryptanalysis • A system is “broken” if there exists a technique to decrypt a message that is at all faster than brute-force • A larger keyspace is always more secure • Trade-offs exist with large keys i.e. if you need a 3 million bit key to guarantee 100% security but a 256 bit key gives you 99%...
Models of Attackers • Ciphertext only attack (weakest system) • Can discern the key from only 1 ciphertext • Known plaintext attack • Has both the unencrypted and encrypted message • Chosen plaintext attack • Can chose the message and see the encrypted version • Chosen text attack (strongest system) • Can select message OR ciphertext at will
Classical Cryptography • Time period: 4500 BC – 1946ish • Stenography (sort of) • Substitution Ciphers (and Vigènere Ciphers) • One Time Pad • Transposition Ciphers • Polyalphabetic Ciphers • Codes • All WWII crypto systems (Enigma, Purple, etc) • Modern systems are distinguished by use of mathematical systems and proofs of security
One-Time Pad • XOR a message with a random key of the same length • Provably secure! Given any ciphertext of length m it can be decrypted to every message of length m • Key can only be used once (or it is broken) • Difficult to distribute keys
Substitution (Caesar) Cipher • OS IS NEARLY OVER = QY AY MCKBXW QZCB • ROT-13 • Vulnerable to frequency analysis – ciphertext only attack succeeds
WWII Crypto: Engima • A rotor style machine • Key is how to set the rotors, reflector and the plugboard • Keyspace ≈ 10114 • First computer, Colossus, built in Bletchley Park by Alan Turing’s team to perform cryptanalysis on Enigma. Biggest weakeness was operator error
Modern Cryptography: DES • Adopted by NIST as national standard in 1976 • Developed by IBM as the Lucifer cipher • A block cipher based on Feistel S-boxes
DES Problems • 56-bit keys = broken in less than 24 hours • Also vulnerable to chosen plaintext attacks • Triple DES – run DES 3 times over the message with 2 different keys – is still practically secure • Replaced with AES in 2002
Public Key: RSA • Select two large primes, p and q. N = pq • Φ(N)=(p-1)(q-1) (the # of #’s relatively prime to N) • Select random E in [1, Φ(N)–1] • Publish E and N -> public key • ED = 1 mod Φ(N) -> D is the private key • Encryption: C = ME modN • Decryption: M = CD modN
RSA - Continued • Can do digital signatures (sign your outgoing message with your private key, then their public key) • Exponentiation is computationally expensive • Most frequently used as a method for exchanging keys for a symmetric system • Many other public key systems, el-gamal, elliptic curves etc.
Cryptographic Hash Functions • One-way functions used as a checksum • Important features: • “Impossible” to invert • Error-propagation • Fast • Few input collisions • MD5 (128 bits, 1996), SHA-1 (160 bits, 2005), SHA-256, SHA-512
Key Distribution • Diffie-Hellman Key Exchange • Link-encryption • End-to-end encryption • Key distribution center • Couriers • Pigeons
Diffie-Hellman Key Exchange (1976) • Relies on difficulty of modular logarithms • Secure if g and p are chosen well (can be chosen in advance)
Link-Encryption • Encrypts and decrypts all traffic at each communication link • Advantage: Each user needs to manage only 1 key • Disadvantage: You must be able to trust the links. Not realistic.
End-To-End Encryption • Encrypted by sender with receiver’s key • Advantage: Ensures privacy of the message contents • Disadvantage: Requires each user to manage O(n) keys and system has O(n2) keys total
Key Distribution Center • Trusted third party • See Kristen’s presentation!
Future Directions • Quantum cryptography - can guarantee no eavesdropper. Creates a secure channel for exchanging keys. • Identity-based encryption - your name is your public key. Eliminates key distribution problem. I ♥ MBC