Cryptography A Brief History

1
CryptographyA Brief History

• Prasenjeet Dutta
• Program Manager
• Cybernet Software Systems Inc.

pd_at_cybernetsoft.com
2
In Todays Session

• Part I The Ciphers
• Part II The Politics
• Part III Security and Privacy
• Part IV Questions

3
Basic Definitions

• Cryptography The Science of creating coded
  messages
• Cryptanalysis The Art of breaking coded messages
• Cleartext the original message
• Ciphertext the encoded message
• Key Input to the cryptographic algorithm
• Passphrase User input from which the key is
  usually derived

4
Part IThe Ciphers

• ? contents

5
Early History Caesar Cipher

• Classically attributed to Julius Caesar
• Simple Shift By Three to the Right Rule
• ATTACK would become DWWDFN
• Easily Breakable if you knew the Rule
• Today, easily breakable otherwise as well
• Demo

6
Transposition Ciphers

• Message Written in a Rectangular Block
• Letters transposed in Pre-arranged order
• ATTACK CORSICA AT DAWN becomes
• A T T A C AKID TCCA TOAW ARAN CSTX
• K C O R S
• I C A A T
• D A W N X
• Demo

7
Vigenère Cipher

• Attributed to French mathematician Blaise de
  Vigenère, 1585
• Generalization of the Caesar Cipher
• Bidirectional n-Shift cipher
• Considered secure until 1863
• The Kasiski/Kerchoff method of Frequency Analysis
  and the Index of Coincidence
• Demo

8
One Time Pad (Vernam Ciphers)

• Special Case of the Vigenère Cipher
• Plaintext length Key length
• Key is assumed to be random
• Proven to be mathematically secure against all
  attacks
• Randomness not easy to generate
• Non-randomness of key makes algorithm breakable
• Has been used for ultra-sensitive telephonic
  hotlines

9
WWII The Enigma

• Mechanical Device Gears/Plugs
• Essentially a complex polyalphabetic cipher
• Key Transport major issue
• GCHQ cracked it
• Turning point in the war
• Demo

10
A Taxonomy of Ciphers

• Substitution Ciphers The Ciphertext is formed by
  mathematically transforming the Plaintext
• Most commonly Used
• Transposition Ciphers The Ciphertext is formed
  by re-arranging the Plaintext
• Considered Primitive
• Concealment Ciphers The Plaintext is hidden
  away from ordinary view

11
Substitution Ciphers

• Monoalphabetic only one sort of substitution is
  used, e.g. Caesar
• Polyalphabetic more than one substitution, e.g.
  Vigenère, Enigma
• Block Cipher Operates on discrete blocks of
  plaintext, outputs discrete blocks of ciphertext,
  e.g. DES, Blowfish, Rijndael
• Ideal for offline encryption of large blocks of
  data at a time

12
Substitution Ciphers, contd.

• Stream Cipher generates a keystream and combines
  with plaintext to form ciphertext, e.g. RSAs RC4
• Suitable for online encryption of smaller chunks
  of data, e.g. Encrypting Voice Comms
• Approximates a One Time Pad when used this way
• Much faster than block ciphers for online work
• Block ciphers can also emulate stream ciphers,
  though slowly

13
Symmetric Ciphers

• Used for most heavy-duty encryption today
• DES, Blowfish, Twofish, Rijndael
• One Common Key for Encryption and Decryption
• Decryption is the mathematical inverse of
  encryption, i.e.
• F(plaintext, key) ciphertext
• F(ciphertext, key) plaintext

14
The Key Distribution Problem

• Throughout history, ciphers were symmetric
• Symmetric Ciphers share encryption and decryption
  keys
• Key Dist presents practical problems
• Prone to Man-in-the-middle attacks
• This situation lasted until 1976

15
Enter Public Key Cryptography

• Known to British and American Intelligence since
  the 1960s as non-secret encryption
• Non-classified invention would take 15 more years
• Practical only with large scale computer
  resources
• Concept and Key-Exchange technique proposed by
  Diffie/Hellman, 1976
• No Cryptosystem implementation

16
R, S and A

• First Practical of a Diffie/Hellman Cryptosystem
• Rivest, Shamir, Adelman 1978
• System allowed Encryption/Decryption, Key
  Exchange and Message Signing
• Other PK algorithms today
• Diffie/Hellman, ElGamal, DSA
• Even today, RSA probably most versatile

17
The RSA Algorithm

• Choose two primes p and q.
• Compute n pq and s (p-1)(q-1).
• Choose e such that e is relatively prime to s and
  e lt s. Find d such that de 1 mod s and d lt s.
• The private key KR d, n.
• The public key KU e, n.
• Encryption is C me (mod n).
• Decryption is M Cd (mod n).

18
RSA for Encryption

• Let p7 and q17.
• Thus n pq 119.
• Thus s (p-1)(q-1) 96.
• We choose e 5.
• We determine d to be 77, since 77x5 385
  4x96 1, that is, de1 mod s and d lt s
• Encryption (for a plaintext M 19).
• (195) 119 66
• Decryption (for a ciphertext M 19).
• (6677) 119 19

19
RSA For Signing

• Using the same parameters as before, we will
  encrypt our plaintext (19) using our private key.
  This is equivalent to signing
• Signing (for a plaintext M 19)
• (1977) 119 66.
• The corresponding decryption using our public key
  is called verification.
• Decryption (for a signed text S 66)
• (665) 119 19.

20
PK vs. Symmetric Ciphers

• Symmetric Algorithms not obsolete
• PK Ciphers far too slow
• PK ciphers better suited to transporting
  symmetrical keys or message digests than general
  purpose encryption.
• PK Ciphers require very large keys to attain
  decent security
• a 128 bit RSA key is very weak compared to a 128
  bit Blowfish key.
• PK Algorithms tend to be simple mathematically,
  depending on the NP-hardness of their algorithms
  for security
• Symmetric algorithms tend to be convoluted
  because of multiple steps, many of them
  non-linear.

21
Hashes and Steganography

• Hashes Verify Message Integrity
• Creates a fixed size output from variable-length
  input using a one-way series of transforms
• MD5 and SHA-1 are the most used algorithms
• Steganography attempts to hide real messages
  within a larger, innocent message
• Often used to disguise the fact that any message
  is being transmitted at all
• Demo

22
Part IIThe Politics

• ? contents

23
The Politics of Crypto

• Cryptography doesnt occur in a vacuum
• Crypto exists because bad guys exist
• Crypto products are munitions according to the US
  BXA
• Illegal Export is a federal felony
• After 9/11, can be a terrorist-abetment offence
• If you work on crypto, know your laws!

24
Indian Law

• Import not restricted
• License may be required
• The IT Act 1999 requires mandatory key surrender
  if required for national security

25
US Cryptographic Law

• US prohibits export of certain grades of
  cryptographic products
• Though they are very easily downloadable over the
  Net
• Most cryptographic functions in US software used
  to be crippled badly before export
• MSIE 4, 5 with 56 bit security
• Lotus Notes with 64-24 bit security
• Today, general export (except to the Terrorist
  T-7 nations) is permitted

26
US Laws, contd.

• Allowed (2002 Rules)
• Nearly all Symmetric Algorithms
• Lengths above 64 bits require mandatory
  notification
• PK Ciphers up to 512 bits
• Elliptic Curve Ciphers up to 112 bits
• Why is US Law so Important?
• Largest exporter of Software
• Most European Countries have a problem with this
• Germany currently funding GPG

27
Part IIISecurity and Privacy

• ? contents

28
The Crypto Wars

• Daniel Bernstein waged a legal battle to declare
  the US Crypto Export Regulations illegal
• Philip Zimmerman wrote PGP to take crypto to the
  masses
• The hope was that good, ubiquitous crypto would
  make computing secure for everyone
• Eventually, the Crypto Regulations crumbled
• Is secure computing there yet?

29
The Bigger Picture

• Cryptography is one step towards achieving a
  secure system, or our privacy
• By itself, it guarantees nothing
• Security is a Process
• No silver bullets
• Not even cryptography
• All crypto is breakable, given enough time and
  computer resources

30
The Black Hats Strike Back

• BonziBuddy, Kazaa and Nimda
• Threats for a new generation
• Crypto too hard to use for common users
• Despite S/MIME, secure email has not taken off
• Palladium (MS) and TCPA (Intel) now aim to take
  crypto into hardware
• But not all the security infrastructure in the
  world will help protect non-security-minded users

31
Pretty Bad Privacy

• In God we trust. All others we monitor.
• Tongue-in-cheek NSA motto
• 28 dishes
• 100k simultaneous calls
• 2 million messages/hr
• 17.5 billion messages/yr
• And thats just one station Menwith Hill, UK
• Plus satellite interceptors, undersea taps, etc

32
And it gets worse

• With strong crypto proliferating, NSA stated
  policy is to now go beyond crypto
• Keystroke Logging to capture keystrokes
• Van Eck Phreaking to read characters from
  Electromagnetic Radiation from monitors
• Spy Satellites can now spot 10cm2 objects from
  orbit
• Mandated ISP taps (Carnivore)
• Social Engineering
• 9/11 has added urgency
• Intelligence agencies must combine/pool databases
• The goal is Total Information Awareness

33
That Said

• crypto is not totally useless
• Good crypto is good enough to stop industrial
  espionage, network snoopers and casual
  crackers/script kiddies
• Crypto-enabled protocols are much more secure
  than vanilla FTP, Telnet or HTTP

34
Improving Computer Security

• Become Security Aware
• Security is a Process
• No Magic Bullets
• Windows, Linux, Trusted Solaris all need work
• Encrypt Network Traffic SSH, HTTPS, SFTP
• Use IPSec and DNSSec if you can
• Avoid Single Points of Failure
• Audit !

35
Thanks for Listening!

• Questions?
• ? contents

36
Further Exploration

• Light Reading
• The Code Book, Simon Singh
• Introduction
• Cryptography and Network Security, William
  Stallings
• Graduate Level
• Handbook of Applied Cryptography
• http//www.cacr.math.uwaterloo.ca/hac/

37
On the Internet

• sci.crypt FAQ
• http//www.faqs.org/faqs/by-newsgroup/sci/sci.cryp
  t.html
• Crypto Link Farm
• http//www.cs.auckland.ac.nz/pgut001/links.html
• Crypto-Gram
• http//www.counterpane.com/crypto-gram.html

38
The End