ECommerce Infrastructure

About This Presentation

Title:

ECommerce Infrastructure

Description:

'rot13' is a simple example of substitution cryptography 'V ybir ... SSH - secure shell like Telnet (putty) PKI Digital Signatures. Plain. text. Plain. text ... – PowerPoint PPT presentation

Number of Views:49

Avg rating:3.0/5.0

Slides: 27

Provided by: cimsCl

Category:

more less

Transcript and Presenter's Notes

Title: ECommerce Infrastructure

1
E-CommerceInfrastructure Security

Lecture 11
Encryption

2
Agenda

Project 4 Demos next Thurs.
Proj 4 5 due next Thurs.
Cryptography Basics
Symmetric vs. Asymmetric Cryptography
Attack Methods
PGP

3
Crypto Basics

Cryptography is thousands of years old
Caesar Cipher based upon substitution
AD, BE, etc.
rot13 is a simple example of substitution
cryptography
V ybir vasbezngvba grpubaybtl

4
Weaknesses in Older Crypto

Patterns are easily discovered
Letters are not randomized
Frequency of letters (esp. vowels)
Strength of the crypto is insufficient given
modern computers
Cryptoquotes for example

5
Encryption Decryption
Encryption
Plaintext
Ciphertext
Crypto Algorithm
Decryption
6
Symmetric Crypto

Also known as private key cryptography
Both sender and receiver have same key
Problems
Securing the key
Number of keys O(n2) so 100 people
communicating privately would need 10000 keys!

7
Symmetric Key Infrastructure
8
Asymmetric Crypto

Also known as public key cryptography
Sender and receiver have different keys
Each has a public key and a private key
Public keys are distributed via a KDC
This scheme requires O(n) key pairs

9
Asymmetric Key Infrastructure
KDC
10
Public Key Cyrpto
Plain text
Encryptionwith Public KeyReceiver
Cipher text
Plain text
Decryptionwith Private KeyReceiver
11
How Public Key Crypto Works

You get my public key from the KDC
You encode a message to me using my public key
Only my private key can unlock this
I receive the message
I decode it using my private key (that only I
have)
I can then read the message

12
Public Key Infrastructure

Requires validation of keys
Thus certificate authorities
Public key certificate contains
ID
Identifying information (name, e-mail)
Date created
Certifying authorities (their signatures)

13
Public Key Encryption
Encrypted with Bobs Public Key
Encrypted with Alices Public Key
Alice
Bob
Message is Garbageto Third Party
14
Attack Methods

Brute Force
Requires recognition of plaintext
Key length determines strength
Cryptanalysis
Mathematical attack
Faults in system
Hack into creator of the key pair

15
Attack Methods (cont)

Factoring Attacks
Security of asymmetric crypto resides in large
number theory
Its easy to generate a large composite number
(multiply two large primes)
But its (thought) difficult to factor these

16
Mathematical Underpinnings

Pick two large primes
P Q
Pick another large number (e) which does not have
common factors with (P-1)(Q-1)
Public key PxQ e
Private key e-1 mod ((p-1)(q-1))

17
Trap Door Theory

Easy to create private key
Difficult to reconstruct it
Its easy to create the large number N
But its difficult to factor it into P Q

18
An Example

Took seconds to generate N 114,381,625,757,888,8
67,669,235,779,976,146,612,010,218,296,721,242,362
,562,561,842,935,706,935,245,733,897,830,597,123,5
63,958,705,058,989,075,147,599,290,026,879,543,541
(RSA-129, 1977)
But can you find the two primes P Q such that
PxQN?

19
In Case You are Wondering

After 17 years, it took 8 computer months and
over 1600 computers working worldwide
P3,490,529,510,847,650,949,147,849,619,903,898,13
3,417,764,638,493,387,843,990,820,577
Q32,769,132,993,266,709,549,961,988,190,834,461,4
13,177,642,967,992,942,539,798,288,533
And this was only a 429-bit key youll be using
a key which is 2048 bits long (5 times as long)
which would require MUCH more time to decrypt
(about a million times more)

20
Publish or Perish?