Cryptography A Brief History - PowerPoint PPT Presentation

1 / 38
About This Presentation
Title:

Cryptography A Brief History

Description:

Mechanical Device: Gears/Plugs. Essentially a complex polyalphabetic cipher ... Turning point in the war. Demo. A Taxonomy of Ciphers ... The Crypto Wars ... – PowerPoint PPT presentation

Number of Views:154
Avg rating:3.0/5.0
Slides: 39
Provided by: prasenje
Category:

less

Transcript and Presenter's Notes

Title: Cryptography A Brief History


1
CryptographyA Brief History
  • Prasenjeet Dutta
  • Program Manager
  • Cybernet Software Systems Inc.

pd_at_cybernetsoft.com
2
In Todays Session
  • Part I The Ciphers
  • Part II The Politics
  • Part III Security and Privacy
  • Part IV Questions

3
Basic Definitions
  • Cryptography The Science of creating coded
    messages
  • Cryptanalysis The Art of breaking coded messages
  • Cleartext the original message
  • Ciphertext the encoded message
  • Key Input to the cryptographic algorithm
  • Passphrase User input from which the key is
    usually derived

4
Part IThe Ciphers
  • ? contents

5
Early History Caesar Cipher
  • Classically attributed to Julius Caesar
  • Simple Shift By Three to the Right Rule
  • ATTACK would become DWWDFN
  • Easily Breakable if you knew the Rule
  • Today, easily breakable otherwise as well
  • Demo

6
Transposition Ciphers
  • Message Written in a Rectangular Block
  • Letters transposed in Pre-arranged order
  • ATTACK CORSICA AT DAWN becomes
  • A T T A C AKID TCCA TOAW ARAN CSTX
  • K C O R S
  • I C A A T
  • D A W N X
  • Demo

7
Vigenère Cipher
  • Attributed to French mathematician Blaise de
    Vigenère, 1585
  • Generalization of the Caesar Cipher
  • Bidirectional n-Shift cipher
  • Considered secure until 1863
  • The Kasiski/Kerchoff method of Frequency Analysis
    and the Index of Coincidence
  • Demo

8
One Time Pad (Vernam Ciphers)
  • Special Case of the Vigenère Cipher
  • Plaintext length Key length
  • Key is assumed to be random
  • Proven to be mathematically secure against all
    attacks
  • Randomness not easy to generate
  • Non-randomness of key makes algorithm breakable
  • Has been used for ultra-sensitive telephonic
    hotlines

9
WWII The Enigma
  • Mechanical Device Gears/Plugs
  • Essentially a complex polyalphabetic cipher
  • Key Transport major issue
  • GCHQ cracked it
  • Turning point in the war
  • Demo

10
A Taxonomy of Ciphers
  • Substitution Ciphers The Ciphertext is formed by
    mathematically transforming the Plaintext
  • Most commonly Used
  • Transposition Ciphers The Ciphertext is formed
    by re-arranging the Plaintext
  • Considered Primitive
  • Concealment Ciphers The Plaintext is hidden
    away from ordinary view

11
Substitution Ciphers
  • Monoalphabetic only one sort of substitution is
    used, e.g. Caesar
  • Polyalphabetic more than one substitution, e.g.
    Vigenère, Enigma
  • Block Cipher Operates on discrete blocks of
    plaintext, outputs discrete blocks of ciphertext,
    e.g. DES, Blowfish, Rijndael
  • Ideal for offline encryption of large blocks of
    data at a time

12
Substitution Ciphers, contd.
  • Stream Cipher generates a keystream and combines
    with plaintext to form ciphertext, e.g. RSAs RC4
  • Suitable for online encryption of smaller chunks
    of data, e.g. Encrypting Voice Comms
  • Approximates a One Time Pad when used this way
  • Much faster than block ciphers for online work
  • Block ciphers can also emulate stream ciphers,
    though slowly

13
Symmetric Ciphers
  • Used for most heavy-duty encryption today
  • DES, Blowfish, Twofish, Rijndael
  • One Common Key for Encryption and Decryption
  • Decryption is the mathematical inverse of
    encryption, i.e.
  • F(plaintext, key) ciphertext
  • F(ciphertext, key) plaintext

14
The Key Distribution Problem
  • Throughout history, ciphers were symmetric
  • Symmetric Ciphers share encryption and decryption
    keys
  • Key Dist presents practical problems
  • Prone to Man-in-the-middle attacks
  • This situation lasted until 1976

15
Enter Public Key Cryptography
  • Known to British and American Intelligence since
    the 1960s as non-secret encryption
  • Non-classified invention would take 15 more years
  • Practical only with large scale computer
    resources
  • Concept and Key-Exchange technique proposed by
    Diffie/Hellman, 1976
  • No Cryptosystem implementation

16
R, S and A
  • First Practical of a Diffie/Hellman Cryptosystem
  • Rivest, Shamir, Adelman 1978
  • System allowed Encryption/Decryption, Key
    Exchange and Message Signing
  • Other PK algorithms today
  • Diffie/Hellman, ElGamal, DSA
  • Even today, RSA probably most versatile

17
The RSA Algorithm
  • Choose two primes p and q.
  • Compute n pq and s (p-1)(q-1).
  • Choose e such that e is relatively prime to s and
    e lt s. Find d such that de 1 mod s and d lt s.
  • The private key KR d, n.
  • The public key KU e, n.
  • Encryption is C me (mod n).
  • Decryption is M Cd (mod n).

18
RSA for Encryption
  • Let p7 and q17.
  • Thus n pq 119.
  • Thus s (p-1)(q-1) 96.
  • We choose e 5.
  • We determine d to be 77, since 77x5 385
    4x96 1, that is, de1 mod s and d lt s
  • Encryption (for a plaintext M 19).
  • (195) 119 66
  • Decryption (for a ciphertext M 19).
  • (6677) 119 19

19
RSA For Signing
  • Using the same parameters as before, we will
    encrypt our plaintext (19) using our private key.
    This is equivalent to signing
  • Signing (for a plaintext M 19)
  • (1977) 119 66.
  • The corresponding decryption using our public key
    is called verification.
  • Decryption (for a signed text S 66)
  • (665) 119 19.

20
PK vs. Symmetric Ciphers
  • Symmetric Algorithms not obsolete
  • PK Ciphers far too slow
  • PK ciphers better suited to transporting
    symmetrical keys or message digests than general
    purpose encryption.
  • PK Ciphers require very large keys to attain
    decent security
  • a 128 bit RSA key is very weak compared to a 128
    bit Blowfish key.
  • PK Algorithms tend to be simple mathematically,
    depending on the NP-hardness of their algorithms
    for security
  • Symmetric algorithms tend to be convoluted
    because of multiple steps, many of them
    non-linear.

21
Hashes and Steganography
  • Hashes Verify Message Integrity
  • Creates a fixed size output from variable-length
    input using a one-way series of transforms
  • MD5 and SHA-1 are the most used algorithms
  • Steganography attempts to hide real messages
    within a larger, innocent message
  • Often used to disguise the fact that any message
    is being transmitted at all
  • Demo

22
Part IIThe Politics
  • ? contents

23
The Politics of Crypto
  • Cryptography doesnt occur in a vacuum
  • Crypto exists because bad guys exist
  • Crypto products are munitions according to the US
    BXA
  • Illegal Export is a federal felony
  • After 9/11, can be a terrorist-abetment offence
  • If you work on crypto, know your laws!

24
Indian Law
  • Import not restricted
  • License may be required
  • The IT Act 1999 requires mandatory key surrender
    if required for national security

25
US Cryptographic Law
  • US prohibits export of certain grades of
    cryptographic products
  • Though they are very easily downloadable over the
    Net
  • Most cryptographic functions in US software used
    to be crippled badly before export
  • MSIE 4, 5 with 56 bit security
  • Lotus Notes with 64-24 bit security
  • Today, general export (except to the Terrorist
    T-7 nations) is permitted

26
US Laws, contd.
  • Allowed (2002 Rules)
  • Nearly all Symmetric Algorithms
  • Lengths above 64 bits require mandatory
    notification
  • PK Ciphers up to 512 bits
  • Elliptic Curve Ciphers up to 112 bits
  • Why is US Law so Important?
  • Largest exporter of Software
  • Most European Countries have a problem with this
  • Germany currently funding GPG

27
Part IIISecurity and Privacy
  • ? contents

28
The Crypto Wars
  • Daniel Bernstein waged a legal battle to declare
    the US Crypto Export Regulations illegal
  • Philip Zimmerman wrote PGP to take crypto to the
    masses
  • The hope was that good, ubiquitous crypto would
    make computing secure for everyone
  • Eventually, the Crypto Regulations crumbled
  • Is secure computing there yet?

29
The Bigger Picture
  • Cryptography is one step towards achieving a
    secure system, or our privacy
  • By itself, it guarantees nothing
  • Security is a Process
  • No silver bullets
  • Not even cryptography
  • All crypto is breakable, given enough time and
    computer resources

30
The Black Hats Strike Back
  • BonziBuddy, Kazaa and Nimda
  • Threats for a new generation
  • Crypto too hard to use for common users
  • Despite S/MIME, secure email has not taken off
  • Palladium (MS) and TCPA (Intel) now aim to take
    crypto into hardware
  • But not all the security infrastructure in the
    world will help protect non-security-minded users

31
Pretty Bad Privacy
  • In God we trust. All others we monitor.
  • Tongue-in-cheek NSA motto
  • 28 dishes
  • 100k simultaneous calls
  • 2 million messages/hr
  • 17.5 billion messages/yr
  • And thats just one station Menwith Hill, UK
  • Plus satellite interceptors, undersea taps, etc

32
And it gets worse
  • With strong crypto proliferating, NSA stated
    policy is to now go beyond crypto
  • Keystroke Logging to capture keystrokes
  • Van Eck Phreaking to read characters from
    Electromagnetic Radiation from monitors
  • Spy Satellites can now spot 10cm2 objects from
    orbit
  • Mandated ISP taps (Carnivore)
  • Social Engineering
  • 9/11 has added urgency
  • Intelligence agencies must combine/pool databases
  • The goal is Total Information Awareness

33
That Said
  • crypto is not totally useless
  • Good crypto is good enough to stop industrial
    espionage, network snoopers and casual
    crackers/script kiddies
  • Crypto-enabled protocols are much more secure
    than vanilla FTP, Telnet or HTTP

34
Improving Computer Security
  • Become Security Aware
  • Security is a Process
  • No Magic Bullets
  • Windows, Linux, Trusted Solaris all need work
  • Encrypt Network Traffic SSH, HTTPS, SFTP
  • Use IPSec and DNSSec if you can
  • Avoid Single Points of Failure
  • Audit !

35
Thanks for Listening!
  • Questions?
  • ? contents

36
Further Exploration
  • Light Reading
  • The Code Book, Simon Singh
  • Introduction
  • Cryptography and Network Security, William
    Stallings
  • Graduate Level
  • Handbook of Applied Cryptography
  • http//www.cacr.math.uwaterloo.ca/hac/

37
On the Internet
  • sci.crypt FAQ
  • http//www.faqs.org/faqs/by-newsgroup/sci/sci.cryp
    t.html
  • Crypto Link Farm
  • http//www.cs.auckland.ac.nz/pgut001/links.html
  • Crypto-Gram
  • http//www.counterpane.com/crypto-gram.html

38
The End
Write a Comment
User Comments (0)
About PowerShow.com