T101 Networks

T101 Networks 12 – Key Exchange

Updated Notes • the original notes from last week contained an error in the transposition cipher • new notes are on moodle

Practical Demo • Competency-based assessment • tick list is on moodle • take the pressure off the final week • optional… • …but you have to do it sometime • no penalty if you don’t succeed, you’ll get another go if there is time • exam conditions apply

Lesson Objectives • explain problems with key exchange • describe a solution to the key exchange problem • explain problems with asymmetric ciphers

But first… • Zodiac killer and his first cipher • was a substitution cipher • used multiple symbols to represent the same letter • awkward to crack because the frequency analysis fails, and he also made spelling mistakes and cipher errors • cracked by hand by guessing that: • the first letter would be ‘I’ • the message would contain “kill’ or ‘killing’ or ‘killed’ etc…

Cryptography Basics • Cryptography is… • protecting privacy • authentication of identities • preservation of integrity • …in an environment of mistrust

Symmetric Ciphers • same key to encrypt as to decrypt • on a network, both parties must have the same key • the key is called a shared key • big problem is key exchange • how big was this problem?

Key Exchange: the Good old days

Asymmetric Ciphers • … but asymmetric ciphers can solve the big problem that symmetric ciphers have • this week, solving the big problem • but first…

Lab Results • old substitution ciphers are very easy to crack • the strength of modern symmetric ciphers is entirely based on the length of the key • 128 bits (16 bytes) is a good strength key because:

How long is that? • 3e26 years is 3 followed by 26 zeroes • 300,000,000,000,000,000,000,000,000 • so if we had 10,000,000 computers that were all running 1,000 times faster the lab computers, you would crack the code in about… • …30,000,000,000,000,000 years • the universe is 13,700,000,000 years old

Key Choice • so symmetric ciphers are secure provided that • the key length is long enough not to be brute forced • 128 bits looks good, shorter keys are problematic • the key is chosen randomly • but humans are not very good at remembering random numbers

Short Keys Example 1 • WEP initially used a 40 bit key • giving at most 240 different keys • some keys are weaker than others, so fewer keys are available • there are other problems with WEP • hence WEP can be cracked in a few minutes if you have enough ciphertext

Short Keys Example 2 • DVDs are protected using CSS which uses 40 bit keys • there are problems with the way CSS uses the key, reducing the effective key length to 32 bits • the key can be recovered in less than 1 minute even on slow hardware • hence DVDs can be copied easily

Why 40 bits? • the US considered strong security as “munitions” and therefore came under the export of arms legislation • 40 bit encryption was considered weak, and therefore not munitions • restrictions were lifted in 1996

Shared Key ProblemsHow many keys are needed?

How many keys?

Key Exchange • as the number of people gets big, the problems get worse • how to exchange keys securely with all these people? • how to keep a (secure) record of all those keys? • how to (securely) change a key if one gets lost?

Idea 1 – A KDC • Key Distribution Centre (KDC) • if everybody exchanges a key securely with the KDC, we can communicate with it securely • to communicate with a third party, we ask the KDC for a key • the KDC gives you and the third party the same key

KDC I need a key for Alice Here is your shared key

KDC Problems • who do you trust to be the KDC? • who does everybody trust to be the KDC? • the KDC knows all your secrets • how do you exchange initial keys with the KDC? • …and other problems

KDC today • KDCs are a good option for LANs • computers on a LAN, generally trust other computers on a LAN inside the same organisation • Microsoft’s Active Directory is an example of a KDC • how does AD get your initial password?

Key Exchange Problem • originally solved by Whitfield Diffie and Martin Hellman, called Diffie-Hellman key exchange • still used but currently the most common method is to use asymmetric encryption • mostly RSA encryption • elliptic curves getting to be popular because they use smaller numbers than RSA so the arithmetic is easier

Asymmetric Encryption • key used to encrypt is called the public key • key used to decrypt is called the private key • the two keys are related to each other • the private key cannot be easily discovered from the public key • how does this help?

Shared Key Exchange using Asymmetric ciphers • Alice wants to talk to Bob • Alice asks for Bob’s public key • Bob sends his public key Send me your public key Here is my public key

Shared Key Exchange with using Asymmetric ciphers • Alice creates a shared key and encrypts it with Bob’s public key Bob’s Public key Asymmetric Encryption Ciphertext = Encrypted key Cleartext = Shared key Send the encrypted shared key to Bob

Shared Key Exchange with using Asymmetric ciphers • Bob gets encrypted shared key • Bob uses his private key to decrypt the shared key Bob’s Private key Asymmetric Encryption Cleartext = Shared key Ciphertext = Encrypted Shared key

Shared Key Exchange with using Asymmetric ciphers • all messages between Alice and Bob can now be encrypted with symmetric ciphers using the shared key Encrypted Message = “Hello”

Key Exchange • using asymmetric encryption to exchange a shared key is a good solution because • the asymmetric encryption and decryption tasks only happen once, and at the start of the communication • so it takes a little longer to set the communication channel up but… • …fast symmetric encryption is used for the rest of the communication

Exercise • see page 4 of this week’s notes

Eve the Eavesdropper • what does an eavesdropper see? • request for Bob’s public key • Bob’s public key • a message encrypted with Bob’s public key • messages encrypted with a shared key • in order to read the messages, Eve would need to either • get Bob’s private key or • brute force the private key or the shared key

Are we there yet? • we have now got • privacy using symmetric encryption • key exchange using asymmetric encryption • we still have a big problem • before next week, work out how Alice can be duped by Eve!

Asymmetric Cipher Uses • why not just use asymmetric ciphers, then everybody just needs one private/public key pair? • we don’t need to use symmetric ciphers??? • but…

Problems with Asymmetric Ciphers • all current asymmetric systems rely on some awkward arithmetic • coding errors in the arithmetic have been known • about 1,000 times slower than symmetric (although Elliptic Curves are better) • produce big chunks of ciphertext (because of those big numbers that are used) • so not suitable for encrypting lots of small packets, especially if speed is important

More problems… • an advance in mathematics may break asymmetric encryption • remember that RSA relies on the notion that it is easy to multiply two large numbers together, but there is no known quick way to factor very large numbers • perhaps someone has already made this breakthrough • it is hoped that the promise of instant fame and a Nobel prize will be enough to ensure publication

and another one… • imagine using asymmetric encryption to encrypt votes in a poll • poll site sends you their public key • you encrypt the message “NATIONAL” or “LABOUR” or “GREEN” etc… using the public key, and send your vote • Eve intercepts the encrypted message • Eve can work out who you voted for!!! • how does she do it?

Summary • key exchange is a problem when there are many users • a KDC can help on the LAN • asymmetric encryption solves the key exchange problem… • …almost

T101 Networks

T101 Networks

Presentation Transcript

Networks

Networks

Networks

Extreme Networks Optimized Networks

Computer Networks: Wireless Networks

Networks

T101 Networks

T101 Networks

Networks

Networks

T101 Networks

Networks

Networks

T101 Networks

T101 Networks

Networks

NETWORKS

NETWORKS

Networks

Networks