1 / 13

Applied Cryptography

Applied Cryptography. Main goal Give some practical experience on cryptographic technics used today. Show how to use existing cryptographic software. Examination: Practical assignments and written exam

marly
Download Presentation

Applied Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Applied Cryptography • Main goal • Give some practical experience on cryptographic technics used today. • Show how to use existing cryptographic software. • Examination: Practical assignments and written exam • Homepage containg latest course information: http://www.nada.kth.se/~marten/AppliedCryptography • Check course program (from homepage) for detailed information • First time course is given – feedback welcome! Mårten Trolin

  2. Requirements • Attend lectures (if you want to) • Solve the three assigments to get bonus points. (Not required, but highly recommended.) • Each assignment replaces a problem at the exam • By solving the assignments you don’t have to solve the problem at the exam • The assignments will be programming tasks to be solved in a language of your choice • Pass the written exam! Mårten Trolin

  3. Outline of course program • N.B. Course program is subject to change. Check the home page for the latest information • Lectures 1-4: Basic cryptographic functions • Lectures 5-8: SSL and PGP • Lectures 9-10: Key management • Lectures 11-12: Smartcards in financial transactions • Lectures 13-14: To be decided. Possible areas: Hardware solutions, e-commerce, firewalls and intrusion detection. Input welcome! Mårten Trolin

  4. Why cryptography • Reason for using cryptography • Protect from eaves-dropping (confidentiality) • Ensure data is not modified (integrity) • Certify identity of sender (authenticity) • Requirements (application dependent) • Simple key management • Low hardware requirements (smart card applications, mobile phones) • Cost of bandwidth Mårten Trolin

  5. Simple example – substitution cipher • The key is a permutation of the letters of the alphabet, i.e. a bijection • Encryption is performed by substituting each letter for its corresponding letter • Decryption is the same as encryption with the difference that the inverse is used Mårten Trolin

  6. Substitution cipher – example • Example: Encrypt MY DOG ATE YOUR CAT using the key Mårten Trolin U

  7. Breaking the substitution cipher • Substitution ciphers are easily broken using frequency analysis • We use the fact that different letters (or combination of letters) occur with different probability • Example – breakTK IL KQ JKT TK IL TBST CR TBL OULRTCKJ • Frequency of letters in English: ETAOINSHRDLU • Most common two letter words: OF TO IN IS IT BE BY HE AS ON AT OR AN SO IF NO Mårten Trolin

  8. Symmetric vs. asymmetric cryptography • Symmetric ciphers – sender and recipient use the same key • Dkey(Ekey(m)) = m • Substitution cipher is an example of a symmetric cipher • Impractical for big systems – number of keys is quadratic in the number of users • The solution – asymmtric algorithms. Think of a locked mailbox! Different keys for encryption and decryption • Dprivate key(Epublic key(m)) = m Mårten Trolin

  9. Asymmetric cryptography • Each user has a public and a private key • The public key is published in a “phone book” • The private key is kept secret • Messages encrypted with the public key can be decrypted with the private key • To send a message to Mårten, look up Mårten’s public key in the “phone book”. • Mårten can then decrypt the message with his private key • Number of keys is linear in the number of users Mårten Trolin

  10. RSA • Asymmetric cryptographic algorithm published in 1978 • The most popular asymmetric algorithm used today • Now free to use – patent expired in 2000 • Relies on the hardness of factoring a number consisting of two primes Mårten Trolin

  11. The RSA algorithm – key generation • Generate two primes p, q and set n = pq • Choose e such that gcd(e,(p–1)(q–1)) = 1 • Compute d such that ed = 1 mod ((p–1)(q–1)) • The public key is the pair (e, n) • The private key is the pair (d, n) Mårten Trolin

  12. RSA – encryption and decryption • Message m – number 0 < m < n • Encryption E(m) = me mod n • Decryption D(m) = md mod n • Number theoretical exercise – check that D(E(m)) = m. Mårten Trolin

  13. Breaking RSA • If we can factor n we can break RSA • Suppose we know p, q such that pq = n • We can compute (p – 1)(q – 1) • It is now trivial to compute d = e-1 mod ((p – 1)(q – 1)) • The largest number that is (publicly) known to have been factored today is 512 bits • Other attacks exist for certain uses of RSA Mårten Trolin

More Related