Encryption

1
Encryption

• Coursepak
• little bit in chap 10 of reed

2
Encryption

• A message sent over a network can be read by any
  site between the source and the destination (e.g.
  each hop in email).
• Encryption is the process of encoding a message
  so that it is decipherable only by its intended
  recipient (anyone intercepting the message would
  be unable to interpret it)

3
Encryption

• Cryptography - study of methods to encrypt text.
• Cryptanalysis - study of how to decode an
  encypted text.
• Strong Encryption - infeasible to crack
• Weak Encryption - can be cracked

4
Example

• Substitution cipher - each letter of the alphabet
  is substituted with a different letter or symbol.
  
• Ceasar's method - replace every letter in the
  alphabet with the letter 3 places after it
• A - gt D
• B - gt E
• Y - gt B
• Z - gt C

5
Encryption

• The sender encrypts the message
• The sender transmits the message to the receiver
• The receiver decodes the message
• How does the receiver decode the message? The
  sender needs to send the key to the receiver.
  BUT, now this can be intercepted.

6
Symmetric-Key Encryption

• Symmetric (Private, Single)-key encryption
  assumes that the sender and the recipient use a
  shared key.
• Same key is used for encryption and decryption.
• Introduces key security risk
• how communicate the key? Intercepted?
• Imagine shopping from online catalog. Shared by
  too many

7
Symmetric-Key Encryption

• Problem is that the privacy of the message is
  only as good as the secrecy of the key.
• If a cracker learns the key by sniffing it in an
  internet transmission or being told by a traitor
  (e.g. an employee who was fired), the complexity
  of the algorithm wont do any good.

8
Asymmetric (Public)-Key Encryption

• In 1976 Whitfield Diffie and Martin Hellman
  proposed public-key encryption
• generate a pair of associated keys, one is public
  and the other is private
• a message encoded with a public key requires the
  corresponding private key for decoding, and vice
  versa. Each undoes the other (in either order).
• It should be computationally infeasible to derive
  the private key from the public key.
• almost all secure communications on the Internet
  use asymmetric key encryption

9
Asymmetric (Public)-Key Encryption

• Spose you want to send me a message.
• I have published my public key.
• Website, PKI (Public Key Infrastructure)
• You use it to encrypt the message and send it to
  me.
• I use my private key to decrypt the message.

10
Digital Signature

• Authenticate identity of sender
• You create a digital signature using your private
  key and add it to the message.
• I use your public key to decrypt it.
• Signature is also a function of the text in the
  document.
• Cant be copied to another document
• I can verify that document hasnt been altered
  (integrity).

11
Asymmetric (Public)-Key Encryption

• allows for double encryption to encrypt text and
  verify the identity of the sender. sender can
  encode messages with his private key and the
  recipients public key, and the recipient decodes
  the message in reverse.

12
RSA

• Ron Rivest, Adi Shamir, and Len Adleman invented
  the most popular instantiation of public-key
  encryption, which has become known as RSA.
• Alice, the sender, wants to send Bob, the
  receiver a message that Eve, the eavesdropper,
  cannot decrypt.
• Bob has published a public key, KR, which Alice
  is to use to encrypt her message.

13
RSA

• Alice partitions her cleartext message T into
  32-byte groups of ASCII letters, T0T1 ... Tn-1.
• For i 0 to n-1, she sends Ci, the remainder of
  (Ti)3/KR.
• Bob's public key KR pq, where p and q are primes,
  each 2 greater than a multiple of 3.
• To decrypt the message Bob computes s
  (1/3)(2(p-1)(q-1) 1).
• He then decrypts each Ci by computing the
  remainder of (Ci)s)/KR, which we can show is Ti.

14
RSA Example

• We can choose p 5, q 11, so KR 55, s 27.
• Suppose Ti 42 (101010 in binary). Then Ci is
  the remainder of 423/55, that is, 7408855 3.
  To decrypt 3, Bob computes 32755
  7,625,597,484,98755 42.
• RSA is based on a theorem by Euler (1736)
  Suppose p and q are distinct primes, K pq, 0
  T lt K, and r gt 0. Then Tr(p-1)(q-1)) 1K T.
• In our example r 2, because (T3)(1/3)(2(p-1)(q-1
  ) 1)) T2(p-1)(q-1) 1)

15
RSA

• M the message
• C - the encrypted message
• e the public exponent
• d the private exponent
• n a very large integer
• The message is encrypted by C Me mod n
• (mod means divide by n and keep the remainder)
• The message is decrypted by M Cd mod n where
  n p q , p and q are prime numbers, d e 1
  mod((p-1)(q-1))

16
RSA

• Public key n,e
• Private key n,d

17
RSA

• If n is a large number (128 bits or 256 bits), it
  is computationally infeasible to find p and q.
  Why?
• find all factors of n
• determine which are prime
• try all pairs of primes to find p and q

18
RSA

• These methods hinge on the fact that it is
  relatively easy (computationally) to multiply two
  large numbers, but it is quite difficult to
  factor a large number if the only factors are
  large prime numbers. Example Try to factor 3233.
  See how long it takes.

19
RSA

• 53 and 61.

20
Attacking RSA

• Try to find primes p and q such that pq KR.
• In 1977, Rivest, Shamir and Adleman issued a
  challenge to the world break a small cipher text
  encrypted with RSA129, a 129-digit key.
• RSA129 was cracked with the largest computation
  of all time (about 1000 computers around the
  world working 8 months). The secret message was
  THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE.
• It is estimated that with 250 digit keys and
  current factoring algorithms, you'd need 1000
  computers for about 800 million months (or 100
  billion computers for 8 months).
• Thus, RSA is still deemed to be strong
  encryption.

21
Asymmetric-Key Encryption

• Advantages
• One can send secure message to someone without
  having to share any secret keys. Only public key
  is distributed.
• The recipient can verify the identity of the
  sender.

22
Asymmetric-Key Encryption

• Disadvantage
• SLOW

23
PGP

• Pretty Good Privacy (Phil Zimmerman)
• Uses both Single key and Public-private- key
  pair.
• Nice compromise
• Use slow public key to encrypt single key
• Use quick single key to encrypt large file.
• Send both

24
PGP (Sender)

• PGP compresses the message - saves transmission
  time and increases security We previously
  discussed compression of graphics files. (e.g.
  simple compression - replace multiple copies of a
  character with a single character and the number
  of repeats.) How would compression increase
  security?

25
PGP (Sender)

• PGP creates a session key that is used only once
  during this session. Created from randomly
  selected mouse movements and keystrokes.
• The session key used to encrypt the message.

26
PGP (Sender)

• The receiver's public key is used to encrypt the
  session key.
• The encrypted message and encrypted session key
  are sent to the receiver.

27
PGP (Receiver)

• The receiver uses private key to decrypt session
  key
• The session key is used to decode the message
  text.
• The text is decompressed.
• The session key is discarded.
• (diagram)

28
PGP

• Advantages
• Only a very small content (the session key) is
  publicly encrypted
• The session key is used just once - hard to
  decode by repeated attacks
• Symmetric-key encryption is 10,000 times faster
  than asymmetric-key encryption. (Fast session key
  is used on large file)