Cryptography

1
Cryptography

• Gerard Klonarides

2
What is cryptography?

• Symmetric Encryption
• Asymmetric Encryption
• Other cryptography
• Digital signatures
• PKI

3
What is Cryptography?

• Transforming plaintext to ciphertext

Hello I love you wont you tell me your
name? Hello I love you wont you tell me your
name?
4
Cryptography

• Transforming plaintext into ciphertext
• Substitution
• Transposition

5
Substitution

• 123453452345231
• This 1234
• Try and crack this one

6

• This is his hit
• 123453452345231

7
Transposition

• Plaintext elements rearranged
• This is his hit
• ihT sis sih tih

8
Plaintext is processed

• Block cipher
• A block at a time
• Stream cipher
• Processed continuously

9
The Cipher Process

• Keys
• Single Key
• Two-key encryption

10
About Keys

• Bigger does not mean better
• For example IDEA 128 is better than RSA 521
• One has to protect the integrity of the keys

11
What does 128 bit encryption mean?

• A 128-bit number has 2128 possible values.
• How big is that?
• 218 is how many IPv6 addresses we have
• 2170 is the of atoms in the earth
• 2190 is the of atoms in the sun

12
Encryption types

• Single key Encryption
• Conventional
• Symmetric
• Two-key Encryption
• Asymmetric
• Public-key

13
Symmetric Encryption

• A type of encryption where the same key is used
  to encrypt and decrypt the message. This differs
  from asymmetric (or public-key) encryption, which
  uses one key to encrypt a message and another to
  decrypt the message.

14
Asymmetric Encryption

• cryptographic system that uses two keys -- a
  public key known to everyone and a private or
  secret key known only to the recipient of the
  message. When John wants to send a secure message
  to Jane, he uses Jane's public key to encrypt the
  message. Jane then uses her private key to
  decrypt it.
• An important element to the public key system is
  that the public and private keys are related in
  such a way that only the public key can be used
  to encrypt messages and only the corresponding
  private key can be used to decrypt them.
  Moreover, it is virtually impossible to deduce
  the private key if you know the public key.
• Public-key systems, such as Pretty Good Privacy
  (PGP), are becoming popular for transmitting
  information via the Internet. They are extremely
  secure and relatively simple to use. The only
  difficulty with public-key systems is that you
  need to know the recipient's public key to
  encrypt a message for him or her. What's needed,
  therefore, is a global registry of public keys,
  which is one of the promises of the new LDAP
  technology.
• Public key cryptography was invented in 1976 by
  Whitfield Diffie and Martin Hellman. For this
  reason, it is sometime called Diffie-Hellman
  encryption. It is also called asymmetric
  encryption because it uses two keys instead of
  one key (symmetric encryption).

15
Algorithms

• A formula or set of steps for solving a
  particular problem. To be an algorithm, a set of
  rules must be unambiguous and have a clear
  stopping point. Algorithms can be expressed in
  any language, from natural languages like English
  or French to programming languages like FORTRAN.
• We use algorithms every day. For example, a
  recipe for baking a cake is an algorithm. Most
  programs, with the exception of some artificial
  intelligence applications, consist of algorithms.
  Inventing elegant algorithms -- algorithms that
  are simple and require the fewest steps possible
  -- is one of the principal challenges in
  programming.

16
The RSA Algorithm

• Developed by Ron Rivest, Adi Shamir, and Len
  Adlerman from MIT in 1977
• The only widely accepted public-key algorithm
• A block cipher algorithm
• 98

17
Authentication

• The ability to verify that the contents of a
  message have not been altered
• The ability to identify the owner of that message

18
The Authentication Process

• To create an authenticator
• To check for authenticity

19
Hash Algorithms

• MD5 -Message Digest Algorithm
• SHA - Secure Hash Algorithm
• DSS Digital Signature Standard

20
DSS FIPS 186-2

• SUMMARY The Secretary of Commerce approved
  Federal Information Processing Standard (FIPS)
  186-2, Digital Signature Standard (DSS), which
  supersedes Federal Information Processing
  Standard (FIPS) 186-1, Digital Signature Standard
  (DSS). FIPS 186-2 expands FIPS 186-1 by
  specifying an additional voluntary industry
  standard for generating and verifying digital
  signatures. This action will enable Federal
  agencies to use the Digital Signature Algorithm
  (DSA), which was originally the single approved
  technique for digital signatures, as well as two
  new ANSI Standards that were developed for the
  financial community. These new standards are ANSI
  X9.31, Digital Signature Using Reversible Public
  Key Cryptography, and ANSI X9.62, Elliptic Curve
  Digital Signature Algorithm (ECDSA).
• EFFECTIVE DATE This standard is effective June
  27, 2000.

21
Diffie-Hellman key agreement

• The Diffie-Hellman key agreement protocol (also
  called exponential key agreement) was developed
  by Diffie and Hellman DH76 in 1976 and
  published in the ground-breaking paper New
  Directions in Cryptography.'' The protocol allows
  two users to exchange a secret key over an
  insecure medium without any prior secrets.