Cryptography - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Cryptography

Description:

... Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design, O'Reilly & Associates, Sevastopol, California, 1998, online at http: ... – PowerPoint PPT presentation

Number of Views:1659
Avg rating:3.0/5.0
Slides: 25
Provided by: M738
Category:

less

Transcript and Presenter's Notes

Title: Cryptography


1
Cryptography
  • Algorithms, Digital Signatures, and Pragmatics
  • Arun A Tharuvai
  • CSC8530
  • November 25, 2003

2
Introduction
  • Cryptographic Algorithms
  • Digital Signatures
  • Cryptography Pragmatics

3
Cryptographic Algorithms
  • Convert plaintext message M to ciphertext MK
    using an encryption algorithm E, and a key K
  • E(K,M) M K
  • Secrecy should lie in the key, not the algorithm

4
Cryptographic Algorithms
  • Symmetric Algorithms (Secret key)
  • Same key is used for encryption and decryption,
    and shared by both parties
  • Asymmetric Algorithms (Public key)
  • A public key, used by anyone for encryption
  • A corresponding private key is used for
    decryption.

5
Cryptographic Algorithms
  • Block Ciphers
  • Operate on fixed-size blocks of data. 64 bits is
    a common size. Useful for non-realtime data,
    including email and data.
  • Stream Ciphers
  • Operate on single bits of data. A stream of bits
    is used by a function known as a keystream
    generator. In practice very similar to block
    ciphers.
  • CBC mode
  • Each plain text block is combined with the
    preceding ciphertext block using XOR before it is
    encrypted
  • Prevents similar blocks from encrypting to the
    same result.

6
Design Techniques
  • Confusion
  • Use of reversible mathematical operations like
    XOR and bitshifting to combine each block of
    plaintext with a key
  • Diffusion
  • Use of techniques like transposing portions of
    each plaintext to reduce regular patterns in
    plaintext

7
Secret-key Algorithms
  • TEA
  • DES
  • IDEA
  • AES (Rijndael)

8
DES
  • Data Encryption Standard
  • Designed to be fast in hardware and slow in
    software. 56-bit key is used to encrypt 64 bit
    blocks
  • Bit permutation, combined with 16 rounds of
    performing the XOR operation with different
    48-bit subsets of the key.
  • Chosen in 1977. In 1998, the EFF showed that it
    was possible to build a machine to crack DES keys
    in lt 3 days for under 250,000, including design
    costs.
  • Triple DES (3DES) applies DES three times using
    2 keys, as follows E3DES(K1,K2,M) EDES
    (K1,DDES (K2,EDES (K1,M))) and is effectively as
    strong as a 112-bit private key. However, its
    very slow.

9
Public-key Algorithms
  • RSA
  • Diffie-Helman
  • El-Gamal
  • Elliptic curve algorithms

10
RSA
  • Most widely used public key encryption standard.
  • Based upon the difficulty of factoring the
    product of two very large numbers.
  • To generate a key-pair
  • Choose two large prime numbers, P and Q.
  • N P Q
  • Z (P-1) (Q-1)
  • d is any number relatively prime to Z.
  • e is a number, such that ed 1 mod Z
  • The encryption key is e,N and the decryption key
    is the pair d,N
  • To encrypt plaintext M, E(e,N,M) Me mod N
  • To decrypt ciphertext c, D(d,N,C) cd mod N

11
Hybrid Protocols
  • SSL/TLS
  • Negotiable encryption and authentication
    algorithms.
  • SSH
  • PGP/GPG
  • Uses RSA to encrypt a secret key which is then
    used for encrypting a document via IDEA, or 3DES

12
Properties of Digital Signatures
  • Authentic
  • Unforgeable
  • Non-repudiable

13
Digital Signatures
  • Digital Signing
  • Digest Functions

14
Public Key Signatures
  • A computes a digest of M, H(M), and encrypts it
    with his private key.
  • A then sends it along with M to B
  • B then uses As K_pub to decrypt

15
Secret Key signatures
  • Useful when two participants have already agreed
    upon shared key via a different channel, or
    public key cryptography.
  • A concatenates M with K, and computes the digest,
    H(MK) h, sending M,h
  • B concatenates M with K, H(MK) h comparing
    with h. If theyre equal the message was sent by
    someone with K.

16
Secure digest Functions properties
  • Ease of computing hash
  • Difficulty of generating message from hash
  • Difficulty of finding another message that maps
    to the same hash value

17
Secure Digest Functions
  • MD5
  • SHA
  • Symmetric algorithm using CBC

18
Secure Digest Functions
  • Birthday attack
  • I am writing this memo to demand
    request unform you that Fred Mr. Fred
    Jones must be fired terminated at
    once immediately. As the July 11 11 July
    memo memorandum from issued by personnel
    human resources states, to meet our the
    corporate quarterly third quarter budget
    targets goals, we must eliminate all
    discretionary spending all discretionary
    spending must be eliminated.
  • Despite Ignoring that memo memorandum
    order , Fred ordered purchased PostIts
    nonessential supplies in a flagrant disregard
    for the companys budgetary crisis current
    financial difficulties.

19
Certificate standards, Authorities
  • X.509
  • SPKI

20
Cryptography Pragmatics
  • Performance
  • Legal Issues
  • Key sizes and speed

21
Cryptographic Performance
22
Legal and Political Issues
  • Until recently, there were severe restrictions on
    cryptography, especially export controls,
    including teaching of such knowledge to foreign
    nationals in the US.
  • The FBI and NSA wanted restrictions for ease of
    decrypting both foreign and domestic
    communications.
  • Algorithms approved for export were limited to
    40-bit encryption. Easily breakable with modern
    technology.
  • Proposals in the mid-90s called for mandatory
    key-recovery for products exported, and even
    those used internally.
  • Currently, export controls now only exist on the
    T-7 countries.
  • As of 2000, Cryptographic source code can be
    exported as long as copies are sent to the Bureau
    of Industry and Security of Commerce department.

23
Conclusion
  • The end

24
References
  • Charlie Kaufman, Radia Perlman, Mike Speciner,
    Network Security Private Communication in a
    Public World, Prentice Hall, Inc, Upper Saddle
    River, New Jersey, 1995 505pp.
  • Schneier, B., Applied Cryptography, 2nd ed., John
    Wiley Sons, New York, 1996, 675 pp.
  • Electric Frontier Foundation, Cracking DES
    Secrets of Encryption Research, Wiretap
    Politics, and Chip Design, OReilly Associates,
    Sevastopol, California, 1998, online at
    http//cryptome.org/cracking-des.htm
  • George Coulouris, Jean Dollimore, Tim Kindberg,
    Distributed Systems Concepts and Design 3rd ed,
    Addison-Wesley, New York, 2001, pp 272-291.
Write a Comment
User Comments (0)
About PowerShow.com