Post on 29-Dec-2015
The History of SecretsCryptography and PrivacyThe History of SecretsCryptography and Privacy
Patrick Juola
Duquesne University
Department of Mathematics and Computer Science
Secret WritingsSecret Writings
• Used to write to authorized people
• Good guys :• Business partners, lovers, fellow soldiers
• Bad guys :• Competitors, parents, enemies, foreign agents
• Secrets can be military, diplomatic, commercial, personal, et cetera.
An Early ExampleAn Early Example
• Write in foreign alphabet
• Works surprisingly well in era of mostly illiterate people
attack at dawn
Caesar cypher (40 BCE)Caesar cypher (40 BCE)
YGYKNNCVVCEMQPVJGYGUVUKFGQHVJGECORCVFCYPUVQRRNGCUGDGTGCFAVQUQTVKGVQQWTCUUKUVCPEGLECGUCT
CVVC -- “bATTAlion”? “inDEED”? “ATTAck”? “cigarETTE”/ “bESSEmer converter”?CUUKU -- “pOSSESsion”? “ASSIStance”?
C -> A U -> S K -> I
Caesar cypher (cont.)Caesar cypher (cont.)
WEWILLATTACKONTHEWESTSIDEOFTHECAMPATDAWNSTOPPLEASEBEREADYTOSORTIETOOURASSISTANCEJCAESAR
• Caesar and his reader know something the enemy doesn’t
• Can be as simple as replacing letters
• Termed the “key” to a cypher
• Easier to solve with key than without
• Ratio of without/with defines “work factor”
Nomenclators (1500 ACE)Nomenclators (1500 ACE)
• Systematic replacement of one letter by a single other symbol : monoalphabet cypher
• Nomenclator : monoalphabetic cypher with codebook extension for specific words
• Weakness : every appearance of a given letter is encyphered identically
Polyalphabetics (16th-20th c.)Polyalphabetics (16th-20th c.)
• Use multiple alphabets to disguise frequent letters• Playfair cypher -- encrypt letters in groups, so
TA and TE may have nothing in common• Vigenere cypher -- vary Caesar “key” during
encryption• Considered “le chiffre indechiffrable” until early
20th century
Vigenere exampleVigenere example
• AT becomes both NH and SX in cyphertext
• O in cyphertext corresponds to both A, W
• Simple frequency analysis no longer works
ATTACKATDAWNNOSENOSENOSENHLEPYSXQOOR
Vigenere decryptionVigenere decryption
• Weakness : key letters repeat
• If the key is 4 characters long• 1st, 5th, 9th, etc. characters use same key letter• 2nd, 6th, 10th, 14th, etc. likewise• Frequency characteristic of monoalphabetic
(Caesar) cypher
• Crack four different Caesar cyphers, and you’re in!
What if the key doesn’t repeat?What if the key doesn’t repeat?
• A re-used key can give the same effect• BUT
• If the key is sufficiently random• Only used once• And never repeats
• The resulting cypher is called the Vernam cypher (1917) and is provably unbreakable.
• Sometimes called One-Time Pad
Who kept the secrets?Who kept the secrets?
• Development and use of cryptography to this point mostly military and diplomatic.
• “Obviously” required substantial talent to do, beyond what most people had
• Civilian cryptography -- secret notes to lovers, business codes -- still used monoalphabetic cyphers
• Methods of analysis becoming available in literature (The Gold Bug, The Dancing Men)
What’s a good cypher?What’s a good cypher?
• Kirchoff’s criteria (1883)• Security should reside in the key• System doesn’t need to be kept secret• System should be easy to use in the field• Keys/apparatus should be easily changeable
• Impossible to meet all in practice• Naval ships (submarines) can carry much more
equipment than PFC Ryan
EnigmaEnigma
• Machine cryptography developed in early 20th century; requires bulky apparatus, but far too complex to crack by hand
• ENIGMA -- Main code system of Nazi’s
• Three (later four) rotating wheels like odometer of car. Each wheel position yields different key.
• 159,000,000,000.000,000,000 keys
The Computer RevolutionThe Computer Revolution
• Rejewski/Turing cracked Enigma, but had to invent the computer to do it.• And were also scarily, scarily good
mathematicians…
• Early computers (bombes) could search entire keyspace in about five hours.
Viva la revolution!Viva la revolution!
• Enigma breakthrough classified MOST SECRET until 1975(!); some of Turing’s papers are still classified. Computer encryption is just too dangerous.
• BUT, it’s also too useful, especially for civilian/industrial uses like financial transfers
• Enter Data Encryption System (DES)
DESDES
• Approved in 1975 by US govt. (NSA)
• Non-classified uses only
• 32,000,000,000,000,000 possible keys
• Created “civilian” cryptography
• Most analyzed system ever
Questions about DESQuestions about DES
• Why so few keys (fewer than 30 year old Enigma, but better mathematical structure)?
• NSA approved IBM’s initial design only after making a few changes. Why?
• Is there a secret “back door”? Is the government holding a master key?
• Is there a good replacement?
Replacing DESReplacing DES
• DES held out much longer than originally planned, but (as expected) had too few keys.
• Modern computers can crack DES very fast.
• … but no one really had a good replacement
• 3DES used (late 90s) to extend keyspace
• Advanced Encryption System (Rijndahl) finally designed in 2001 as replacement.
• No “secret” governmental involvement
Public key encryptionPublic key encryption
• Problem with all cryptography, AES included -- a need for shared secret prior to communication
• How do I establish a shared secret with Amazon.com if I don’t work there? Can we avoid this?
• Surprising answer : Yes!• Decryption key can be different than
encryption key, allowing “public” keys!
Merkle Puzzles (1975)Merkle Puzzles (1975)
• I publish a huge collection of “puzzles.” You pick one to solve, and send me the solution.
• I look up the solution, and recognize which puzzle you solved. Everyone else has to solve all of the puzzles to recognize the solution.
• Work factor is number of puzzles• Avoids having to communicate beforehand
RSA EncryptionRSA Encryption
• Named for inventors : Rivest, Shamir, and Adelman (Turing award winners, 2003)
• Uses a large product of two primes -- easy to multiply, but very hard to factor
• Two keys, d and e : you encrypt with e, while only I know (and can decrypt with) d.
• Reversible! I encrypt with d, you decrypt with e and you know I encrypted it!. In other words, it can be used as a signature!
• Work factor can be arbitrarily large -- “It’s easier to break thumbs than it is to break RSA”
Power to the People : PGPPower to the People : PGP
• Pretty Good Privacy
• Written c. 1990 by Phil Zimmermann. Military/diplomatic strength encryption, using private and public key cryptography.
• Believed unbreakable by anyone short of major governments, but “freely” available for personal/corporate use
• PGPfone -- similar technology for phones
Political issuesPolitical issues
• Should people be permitted this kind of security technology?
• I can keep secrets from my competitors, but also from law enforcement/national security enforcers!
• ITAR -- cryptographic equipment regulated as munitions (like machine guns)
• Only govt-approved (breakable) encryption permitted.
More politicsMore politics
• Clipper/Capstone chip -- “secure” phone with Law Enforcement Access Field to ensure wiretap capacity
• 40-bit (1,000,000,000,000 key) limit on commercially exported software
• Criminalization of cryptography per se (France, some other countries)
• USA/PATRIOT wiretap provisions• FBI operation CARNIVORE
Discussion pointsDiscussion points
• The genie appears to be out of the bottle, in that the technology for secure encryption is widely available
• The roadblocks to widespread implementation are primarily social and political.
• Is civilian/personal cryptography a good thing or not?
ConclusionsConclusions
• Secret writing has a long (2000 yr) history
• Military/diplomatic communications driving force for most of history; personal/industrial privacy is secondary
• Modern cryptographic systems are both highly secure and widely available
• Omnipresent computers and ‘Net forcing us to re-evaluate view on security and privacy