Cryptography

1
Cryptography
2
(No Transcript)
3
(No Transcript)
4
Alice and Bob
Plaintext Cyphertext
Plaintext
5
Caesar Cipher
6
Substitution Cipher
http//25yearsofprogramming.com/fun/ciphers.htm
The U.S. government is still struggling with key
cybersecurity issues more than a year after
President Obama deemed the protection of computer
systems a national priority. In 2009 the
administration revealed a cyberspace policy
review, while the president appointed White House
cybercoordinator Howard Schmidt to bring the
government's initiatives into sync--but the
administration is still debating whether it
requires new legal authorities or whether such
actions are permitted by existing statutes.
Critics also charge that officials have failed to
allay privacy fears or determine the extent to
which the government should regulate or cooperate
with the private sector to ensure that critical
industries are shielded against hackers.
Meanwhile, Congress has drafted numerous
cybersecurity bills, but the White House has yet
to assume a stance on any of them. "You've got a
lot of agreement on what the problem is but very
little agreement on the solution, both within the
government and outside," notes James A. Lewis
with the Center for Strategic and International
Studies. Deputy Defense secretary William J. Lynn
III recently said that the threat to the
intellectual property of the government,
universities, and businesses may represent "the
most significant cyberthreat" facing the United
States. Schmidt stresses the importance of
private-public collaboration to secure the U.S.'s
computer networks, and says that progress has
been made.
7
Substitution Cipher
http//www.cryptograms.org/letter-frequencies.php
8
Too Easy to Crack
http//www.simonsingh.net/The_Black_Chamber/maryqu
eenofscots.html
9
Vigenère Cipher
Plaintext ATTACKATDAWN Key LEMONLEMONLE Cipherte
xt LXFOPVEFRNHR
10
Vigenère Cipher
http//sharkysoft.com/misc/vigenere/
Four score and seven years ago our fathers
brought forth on this continent, a new nation,
conceived in Liberty, and dedicated to the
proposition that all men are created equal. Now
we are engaged in a great civil war, testing
whether that nation, or any nation so conceived
and so dedicated, can long endure. We are met on
a great battle-field of that war. We have come to
dedicate a portion of that field, as a final
resting place for those who here gave their lives
that that nation might live. It is altogether
fitting and proper that we should do this. But,
in a larger sense, we can not dedicate -- we can
not consecrate -- we can not hallow -- this
ground. The brave men, living and dead, who
struggled here, have consecrated it, far above
our poor power to add or detract. The world will
little note, nor long remember what we say here,
but it can never forget what they did here. It is
for us the living, rather, to be dedicated here
to the unfinished work which they who fought here
have thus far so nobly advanced. It is rather for
us to be here dedicated to the great task
remaining before us -- that from these honored
dead we take increased devotion to that cause for
which they gave the last full measure of devotion
-- that we here highly resolve that these dead
shall not have died in vain -- that this nation,
under God, shall have a new birth of freedom --
and that government of the people, by the people,
for the people, shall not perish from the earth.
11
Vigenère Cipher
A reproduction of the U.S. Confederacys cipher
disk.
12
Vigenère Cipher
Letter frequencies are less obvious, but there is
still information because a single key repeats.
13
Enigma
Early 1920s post WWII
Try it http//russells.freeshell.org/enigma/
14
Cracking the Enigma

• An Enigma machine captured by the Poles in 1928.
• Poles and British built Bombes, analog
  computers that searched for the right
  combinations.
• Cat and mouse game and Germans upgraded machines
  and Allies broke new codes.
• Exact role disputed, but some estimate that
  breaking the Enigma code shortened the war in
  Europe by two years.

15
Alan Turing

• (1912 1954) British mathematician
• (1937) Defined a simple formal model of computing
  and showed that there are uncomputable functions
• (WW II) Worked on the breaking the Enigma code
• (1950) Described a test for intelligence
• (1948 -1952) Described a chess-playing algorithm
• (1954) Committed suicide
• (2009) British government apologizes

16
One-Time Pads
17
How Hard is Brute Force?
1 2   23 8388608
2 4   24 16777216
3 8   25 33554432
4 16   26 67108864
5 32   27 134217728
6 64   28 268435456
7 128   29 536870912
8 256   30 1073741824
9 512   31 2147483648
10 1024   32 4294967296
11 2048   33 8589934592
12 4096   34 17179869184
13 8192   35 34359738368
14 16384   36 68719476736
15 32768   37 137438953472
16 65536   38 274877906944.00
17 131072   39 549755813888.00
18 262144   40 1099511627776.00
19 524288   41 2199023255552.00
20 1048576   42 4398046511104.00
21 2097152   43 8796093022208.00
22 4194304   44 17592186044416.00
18
Moores Law
http//www.intel.com/technology/mooreslaw/
19
How It Has Happened
20
Hiding in Plain Sight
qANQR1DBwU4D/TlT68XXuiUQCADfj2o4b4aFYBcWumA7hR1Wvz
9rbv2BR6WbEUsy ZBIEFtjyqCd96qF38sp9IQiJIKlNaZfx2GL
RWikPZwchUXxBAA5lqsG/ELBvRa c9XefaYpbbAZ6z6LkOQ
eE0XASe7aEEPfdxvZZT37dVyiyxuBBRYNLN8Bphdr2zv
z/9Ak4/OLnLiJRk05/2UNE5Z0a3lcvITMmfGajvRhkXqocavP
OKiin3hv7Vx88 uLLem2/fQHZhGcQvkqZVqXx8SmNw5gzuvwj
V1WHj9muDGBY0MkjiZIRI7azWnoU9 3KCnmpR60VO4rDRAS5uG
l9fioSvzeq8XqxubaNsgdKkoDtB/4u4c4tznLfw1L2
YBSdzFDw5desMFSo7JkecAS4NB9jAu9Kf7PTAsesCBNETDd4
9BTOFFTWWavAfE gLYcPrcn4s3EriUgvL3OzPR4P1chNu6sa3Z
JkTBbriDoA3VpnqG3hxqfNyOlqAka mJJuQ53Ob9ThaFH8YcE/
VqUFdwbQtrAJ6NpjIxi/x0FfOInhC/bBw7pDLXBFNaX
HdlLQRPQdrmnWskKznOSarxq4GjpRTQo4hpCRJJ5aU7tZO9HPT
ZXFG6iRIT0wa47 AR5nvkEKoIAjW5HaDKiJriuWLdtN4OXecWv
xFsjR32ebz76U8aLpAK87GZEyTzBx dVlH0hwyT/y1cZQ/E5U
SePP4oKWF4uqquPee1OPeFMBo4CvuGyhZXD/18Ft/53Y
WIebvdiCqsOoabK3jEfdGExce63zDI0 MpRf
21
Steganography
F o r e s c o r e a n d s e v en y e a r s a g o
becomes Five oranges remained. Every
student could order ripe examples. .
22
Steganography
23
Steganography
http//houseof3d.com/pete/applets/tools/colors/
24
Public Key Encryption
Public key
Encrypt(Plaintext, Public key) Cyphertext
Decrypt(Cyphertext, Private key)

25
Public Key Encryption
Is different because

• Different keys used for encryption and decryption
• No need for secrecy in transmitting keys
• The encryption key is public.
• The decryption key is private and doesnt need to
  be transmitted at all.

26
How RSA Works
Assume that Alice wants to send a message to Bob

• Bob chooses a private key.
• Bob computes and publishes his public key
• public f(private)
• Alice exploits Bobs public key to compute
• ciphertext encrypt(plaintext, public)
• Bob exploits his private key to compute
• plaintext decrypt(ciphtertext, private).

In order for this last step to work, encrypt and
decrypt must be designed so that one is the
inverse of the other.
27
What About Eve?
public
Encrypt(plaintext,public)
Decrypt(ciphertext,private)
Alice
Bob
ciphertext
Eve

• Eve knows the algorithms encrypt and decrypt.
• She could eavesdrop if she could
• infer Bobs private key from his public one, or
• compute decrypt without knowing Bobs private
  key.
• RSA guarantees that Bob and Alice can perform
  their tasks efficiently but Eve cannot, because
  of
• the mathematical properties of modular
  arithmetic, and
• the computational properties of prime numbers.

28
Modular Arithmetic
Define (for integer p and positive integer n) p
(mod n) remainder when dividing p by n
29
Modular Arithmetic
Define (for integer p and positive integer n) p
(mod n) remainder when dividing p by n
Examples 9 mod 7 52 mod 7 52 mod 5
30
Using RSA Before the Message is Sent

• Bob constructs his public and private keys
• Bob chooses two large prime numbers p and q. He
  computes n p ? q.
• Bob finds a value e 1 lt e lt p ? q and
• gcd(e, (p - 1)?(q - 1)) 1
• Bob publishes (n, e) as his public key.
• Bob computes his private key, a value d such
  that
• d ? e (mod (p 1) ? (q - 1)) 1.

31
Using RSA Sending and Receiving

• Alice breaks plaintext into segments such that no
  segment corresponds to a binary number that is
  larger than n. Then, for each plaintext segment,
  Alice computes
• ciphertext plaintexte (mod n).
• Then she send ciphertext to Bob.
• Bob recreates Alices original message by
  computing
• plaintext ciphertextd (mod n).

32
Why RSA Works
Recall e and (p - 1)?(q -1) are relatively
prime. d ? e (mod (p 1) ? (q - 1)) 1.
encrypt(plaintext) plaintexte (mod n).
decrypt(cyphertext) ciphertextd (mod n).

• The functions encrypt and decrypt are inverses of
  each other. The proof follows from Eulers
  generalization of Fermats Little Theorem.

33
Why RSA Works

• Bob can choose primes efficiently using the
  following algorithm
• Randomly choose two large numbers as candidates.
  
• Check the candidates to see if they are prime.

There exist efficient algorithms to test whether
a number p is prime. But these algorithms just
say prime or not prime. They do not report
factors of non-primes.
34
Why RSA Works

• Bob can choose primes efficiently using the
  following algorithm
• Randomly choose two large numbers as candidates.
  
• Check the candidates to see if they are prime.
• Repeat steps 1 and 2 until two primes have been
  chosen. By the Prime Number Theorem, the
  probability of a number near x being prime is
  about 1/ln x. So, for example, suppose Bob wants
  to choose a 1000 bit number. The probability of
  a randomly chosen number near 21000 being prime
  is about 1/693. So he may have to try 1000 or so
  times for each of the two numbers that he needs.

35
Why RSA Works

• Bob can check gcd efficiently, so he can compute
  e.

36
GCD

• gcd-obvious(n, m integers)
• 1. Compute the prime factors of both n and m.
  
• 2. Let k be the product of all factors common
  to n and m
• (including duplicates).
• 3. Return k.
• Example The prime factors of 40 are 2, 2, 2,
  5.
• The prime factors of 60 are 2, 2, 3, 5.
• So gcd(40, 60) 2?2?5 20.
• But no efficient algorithm for prime
  factorization is known.

37
Euclids Algorithm
gcd-Euclid(n, m integers) If m 0 return
n. Else return gcd-Euclid(m, n (mod
m)). Example gcd-Euclid(40, 60)
gcd-Euclid(60, 40) gcd-Euclid(40, 20)
gcd-Euclid(20, 0) 20
38
Euclids Algorithm
gcd-Euclid(n, m integers) If m 0 return
n. Else return gcd-Euclid(m, n (mod
m)). Example gcd-Euclid(2546, 1542)
gcd-Euclid(1542, 984) gcd-Euclid(984,
558) gcd-Euclid(558, 426) gcd-Euclid(426
, 132) gcd-Euclid(132, 30)
gcd-Euclid(30, 12) gcd-Euclid(12, 6)
gcd-Euclid(6, 0) 6 Try it yourself.
39
Why RSA Works

• Bob can check gcd efficiently (using Euclids
  algorithm), so he can compute e.
• Bob can compute d efficiently, using an extension
  of Euclids algorithm that exploits the quotients
  that it produces at each step.

40
Why RSA Works

• Alice can implement encrypt efficiently. It is
  not necessary to compute plaintexte and then take
  its remainder mod n. Modular exponentiation can
  be done directly by successive squaring.
• Similarly, Bob can implement decrypt efficiently.

41
Why RSA Works
Recall n p ? q. d ? e (mod (p 1) ? (q -
1)) 1. encrypt(plaintext) plaintexte (mod
n). decrypt(cyphertext) ciphertextd (mod n).

• Eve cant recreate plaintext because
• She cant simply invert encrypt because modular
  exponentiation isnt invertible. She could try
  every candidate plaintext and see if she gets one
  that produces ciphertext, but there are too many
  of them for this to be feasible.
• She cant compute d from n and e. If she could
  factor n into p and q, she could. But no
  efficient factoring algorithm is known.

42
The Prime Factorization Problem
Lets factor 636
43
The Prime Factorization Problem
So the number of candidates grows as .
But now consider just binary numbers. Suppose we
add a bit 10101 101011 Now whats the
largest number we can represent?
44
Largest Number That Uses n Bits
1 2   23 8388608
2 4   24 16777216
3 8   25 33554432
4 16   26 67108864
5 32   27 134217728
6 64   28 268435456
7 128   29 536870912
8 256   30 1073741824
9 512   31 2147483648
10 1024   32 4294967296
11 2048   33 8589934592
12 4096   34 17179869184
13 8192   35 34359738368
14 16384   36 68719476736
15 32768   37 137438953472
16 65536   38 274877906944.00
17 131072   39 549755813888.00
18 262144   40 1099511627776.00
19 524288   41 2199023255552.00
20 1048576   42 4398046511104.00
21 2097152   43 8796093022208.00
22 4194304   44 17592186044416.00
45
An Example

• Bob is expecting to receive messages. So he
  constructs his keys as follows
• He chooses two prime numbers, p 19 and q 31.
  He computes n p?q 589.
• He finds an e that has no common divisors with
  18?30 540. The e he selects is 49.
• He finds a value d 1069. Notice that 1069?49
  52,381. Bob needs to assure that the remainder,
  when 52,381 is divided by 540, is 1. And it is
  52,381 540?97 1. Bobs private key is now
  1069.
• Bob publishes (589, 49) as his public key.

46
An Example, Continued

• Alice wishes to send the simple message A. The
  ASCII code for A is 65. So Alice computes
  6549 (mod 589). She does this without
  actually computing 6549. Instead, she exploits
  two facts about modular exponentiation

47
Modular Exponentiation
Two important facts nij ni?nj. (n?m)
(mod k) (n (mod k)?m (mod k)) (mod k).
Combining these, we have nij (mod k)
(ni(mod k)?nj(mod k)) (mod k).
48
Modular Exponentiation
Suppose that we want to compute 6549(mod 589).
49 can be expressed in binary as 110001. So 49
1 16 32. Thus 6549 6511632. 651
(mod 589) 65. 652 (mod 589) 4225 (mod 589)
102. 654 (mod 589) 1022 (mod 589) 10404
(mod 589) 391. 658 (mod 589) 3912 (mod 589)
152881 (mod 589) 330. 6516 (mod 589) 3302
(mod 589) 108900 (mod 589) 524. 6532 (mod
589) 5242 (mod 589) 274576 (mod 589) 102.
6549 (mod 589) 65(11632) (mod 589).
(651?6516?6532) (mod 589). ((651 (mod
589))?(6516 (mod 589))?(6532 (mod 589))) (mod
589). (65?524?102) (mod 589). ((34060
(mod 589))?102) (mod 589). (487?102) (mod
589). 49674 (mod 589). 198.
49
An Example, Continued

• Alice sends Bob the message 198.
• Bob uses his private key (1069) to recreate
  Alices message by computing 1981069 (mod 589).
  Using the same process Alice used, he does this
  efficiently and retrieves the message 65.

50
What Would Kill RSA?
51
Public Key Cryptography
52
Another Example of the Security vs Commercial
Application Tradeoff
53
Another Example of the Security vs Commercial
Application Tradeoff
54
GPS

• GPS includes a Selective Availability (SA)
  featuare that adds intentional, time varying
  errors of up to 100 meters (328 ft) to the
  publicly available navigation signals.

55
GPS

• GPS includes a Selective Availability (SA)
  featuare that adds intentional, time varying
  errors of up to 100 meters (328 ft) to the
  publicly available navigation signals.
• In 1996, President Clinton signed an executive
  order declaring GPS to be a dual use
  technology. It required that SA be set to 0 by
  2006.
• It was set to 0 in 2000.

56
But We Keep Going Back and Forth
http//www.nytimes.com/2010/09/27/us/27wiretap.htm
l?_r1