CRYPTOGRAPHY

1
CRYPTOGRAPHY

• Modern techniques

2
Computers and Cryptography

• Computers allow more sophisticated enciphering
  than mechanical devices
• Computers are faster at enciphering and
  deciphering
• Computers scramble numbers instead of letters
  each letter is represented by a 7 digit binary
  number,
• e.g. a1100001, !010001 etc. encryption then
  proceeds by substitution and transposition.

3
Bit encryption example 1

• Substitution and transposition are still the
  ingredients for encipherment.
• HELLO 1001000 1000101 1001100 1001100 1001111
• The simplest transposition cipher involves
  reversing every 2 digits
• 10010001000101100110010011001001111
• 01100010001010011001100011000110111
• Note that the transposition occurs within
  letters!

4
Bit encryption example 2

• Substitution and transposition are still the
  ingredients for encipherment.
• HELLO 1001000 1000101 1001100 1001100 1001111
• A simple substitution cipher uses the word DAVID
  and adds the digits of DAVID to the digits of
  HELLO
• 10010001000101100110010011001001111 HELLO
• 10001001000001101011010010011000100 DAVID
• 00011000000100001101000001010001011 enciphered

5
Computer encryption

• In the 1960s, computers became more powerful and
  more available. Many businesses had them and had
  a need to send encrypted messages. The National
  Bureau of Standards had to find a standard
  encryption
• One candidate was Lucifer. Developed by Horst
  Feistel. The NSA was not happy about his
  research in ciphers. They put pressure on his
  workplaces to make him stop. In the early 1970s,
  working at IBM, he managed to work out Lucifer.

6
Lucifer

• A message is fed in and converted to binary
• The string of digits is split into blocks of 64
  digits, and encryption is performed separately on
  each block
• Each block is split into 2 32-digit blocks
  labeled left0 and right0

7
Lucifer

• The digits in right0 are put through a function
  which changes the digits by a complex
  substitution. The details of this substitution
  can vary.
• This substitution depends on the key, which is a
  number.
• Once the number is known by the sender and
  receiver, Lucifer can encipher and decipher

8
Lucifer

• The mangled right0 is added to left0 to create a
  new half-block called right1
• The original right0 is relabeled left1
• Now the process begins again starting with left1
  and right1 and ending up with left2 and right2
• After 16 rounds, the kneaded message is sent.

9
Lucifer

• Lucifer was very strong, it was a prime candidate
  for a standard encryption.
• The NSA didnt like this.
• Rumor is that they wanted to weaken an aspect of
  Lucifer the number of possible keys.
• The NSA wanted to limit the number of keys to
  100,000,000,000,000,000 (known as 56 bits,
  because thats how it appears in binary).

10
Lucifer

• The NSA felt that a 56 bit key would be large
  enough to be safe for the users, while still
  being small enough that the NSAs powerful
  computers could crack it.
• The 56 bit version of Lucifer was adopted in 1976
  and called Data Encryption Standard (DES)

11

• So, how do you distribute the key?!

12
Whitfield Diffie Martin Hellman

• The beginnings of the internet The ARPAnet
  (1969) prompted Diffie to foresee the tremendous
  difficulties involved in key distribution.
• In 1974 he heard about Martin Hellman, and went
  to meet him.
• Key distribution is a catch-22 problem how do
  you securely exchange the information to securely
  exchange the information?

13
Diffie Hellman

• Classic problem Alice and Bob wish to
  communicate securely, but Eve wants to listen in.
• If Alice and Bob can meet occasionally, they can
  exchange keys in person. But this is not
  convenient and may become impossible.
• Lets say Alice wants to send something to Bob,
  but is afraid the postoffice will open it on the
  way. Alice can send it to Bob in a locked box,
  but then Bob cant open it either.

14
Diffie Hellman

• But if Alice puts it in a box and secures it with
  a lock and sends it to Bob
• And Bob adds his lock and sends it back (with 2
  locks now) to Alice
• And Alice removes her lock and sends it back to
  Bob, still with Bobs lock on
• Now Bob can open the box
• But Eve cant!

15
Diffie Hellman

• This conceptually solves the problem of key
  distribution!
• The problem is that encryption is typically a
  last on, first off process (e.g. if they put a
  locked box inside a locked box this process would
  not work)
• If the order is incorrect, this wont work.
• How can you make it work?!

16
Diffie Hellman

• Diffie and Hellman looked at mathematical
  functions for which the order does not matter,
  e.g. f(g(x))g(f(x))
• This is simple, most straightforward functions
  will do this.
• But most straightforward functions can be easily
  undone (2 way functions), and we want a function
  that is hard to undo (1 way function). Such a
  function, for example the cracking of an egg . .
  .
• One way functions are sometimes called
  humpty-dumpty functions.

17
Diffie Hellman

• Modular arithmetic is rich in 1-way functions
• Pick a number x2
• Raise 3 to the power x 9
• Now calculate 9 1 (mod 2)
• Now what if you dont know x, but you know that
• 3x 1 (mod 7) you can never tell if you are
  going in the right direction with successive
  guesses!
• How can you solve this? Make a table of all the
  possible values, and see what happens.
• This is very reasonable for this function . . .

18
Diffie Hellman Merkle

• But what if the problem you are trying to solve
  is 453x (mod 21997)? This is a one-way function.
  It takes seconds to generate but days to solve!
• In terms of a key, this is how it works

19
Alice and Bob agree that they will use the
function 7x (mod 11)

• Alice chooses a number A (e.g. 3) and keeps it
  secret
• Alice puts A into the one way functionand gets
  343 (mod 11) 2
• Alice calls this a2 and sends it to Bob
• Alice takes Bobs answer and takes bA (mod 11)
  64 (mod 11) 9

• Bob chooses a number B (e.g. 6) and keeps it
  secret
• Bob puts B into the one-way function and gets
  117649 (mod 11) 4
• Bob calls this b4 and sends to Alice
• Bob takes Alices answer a2 and takes aB (mod
  11) 64 (mod 11) 9

Bob and Alice have ended up with the same key.
But Eve does not have the needed information to
deduce it!
20
Alice and Bob agree that they will use the
function 7x (mod 11)

• Alice chooses a number A (e.g. 3) and keeps it
  secret
• Alice puts A into the one way functionand gets
  343 (mod 11) 2
• Alice calls this a2 and sends it to Bob
• Alice takes Bobs answer and takes bA (mod 11)
  64 (mod 11) 9

• Bob chooses a number B (e.g. 6) and keeps it
  secret
• Bob puts B into the one-way function and gets
  117649 (mod 11) 4
• Bob calls this b4 and sends to Alice
• Bob takes Alices answer a2 and takes aB (mod
  11) 64 (mod 11) 9

Bob and Alice have ended up with the same key.
But Eve does not have the needed information to
deduce it!
21
A KEY CAN BE SECURELY SHARED WITHOUT
MEETING.BUT, THIS PROCESS IS NOT CONVENIENT,
EVERYONE HAS TO BE AVAILABLE AT THE SAME TIME.
22
Diffie had another idea what about an
asymmetric cipher? In an asymmetric cipher, the
encryption key and the decryption key are not the
same. So Alice has a public key, which everyone
uses to encrypt messages to her, but she also has
a private key, which is necessary for decrypting
the message.
23
The concept is simple The process of locking
the lock is not the same process as unlocking it!
24
This idea completely avoids the key distribution
problem!You dont need the private key to
encode, only to decode, so the private key is
never shared.But Diffie could not come up with
an enciphering function that worked this way.
The concept was his, but someone needed tofind
an asymmetric cipher function
25
RSA

• Ron Rivest, Adi Shamir, and Leonard Adleman
  started looking into this in 1977
• They came up with an asymmetric cipher function.

26
RSA

• Alice picks 2 primes p and q and keeps them
  secret
• Alice finds Npq and picks a number e (which
  should be relatively prime to (p-1)(q-1))
• Alice publishes N and e. N should be unique to
  Alice, but many people may use e
• The message is converted into a binary string or
  some other number M, which is encrypted by the
  formula C Me (mod N)
• Alice calculates her private key using the
  formulas e d 1 (mod (p-1)(q-1))
• To decrypt the message, Alice uses the formula
  MCd (mod N)

27
RSA example

• Alice picks p17 and q11 and keeps them secret
• Alice finds Npq 187 and picks a e 7
  publishes
• Bobs message X is converted into a binary string
  M1011000 88 in decimal
• M88 is encrypted C 887 (mod 187) 11
• Alice calculates her private key using the
  formulas e d 1 (mod (p-1)(q-1)) or 7d 1
  mod(160) so that d23 (theres an algorithm that
  helps)
• To decrypt the message
• MCd (mod N) 1123 (mod 187) 88

28
RSA

• The catch here is that knowing N it is very
  difficult to compute p and q, but knowing p and q
  it is easy to calculate N
• Multiplication is easy, factoring is hard.

29
The secret history of public key cryptography

• James Ellis, a British cryptographer working for
  the government, together with Clifford Cocks, did
  this earlier. But it was top secret. This
  became public in 1997.

30
Pretty Good Privacy

• http//www.animatedsoftware.com/hightech/philspgp.
  htm
• http//www.webmonkey.com/06/17/index4a.html

31

• Philip R. Zimmermann is the creator of Pretty
  Good Privacy, an email encryption software
  package. Originally designed as a human rights
  tool, PGP was published for free on the Internet
  in 1991. This made Zimmermann the target of a
  three-year criminal investigation, because the
  government held that US export restrictions for
  cryptographic software were violated when PGP
  spread worldwide. Despite the lack of funding,
  the lack of any paid staff, the lack of a company
  to stand behind it, and despite government
  persecution, PGP nonetheless became the most
  widely used email encryption software in the
  world. After the government dropped its case in
  early 1996, Zimmermann founded PGP Inc. That
  company was acquired by Network Associates Inc
  (NAI) in December 1997, where he stayed on for
  three years as Senior Fellow. In August 2002 PGP
  was acquired from NAI by a new company called PGP
  Corporation, where Zimmermann now serves as
  special advisor and consultant. Zimmermann
  currently is consulting for a number of companies
  and industry organizations on matters
  cryptographic, and is also a Fellow at the
  Stanford Law School's Center for Internet and
  Society.