Basic Cryptography Overview
-
Upload
ereddick -
Category
Technology
-
view
76 -
download
1
Transcript of Basic Cryptography Overview
![Page 1: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/1.jpg)
Instructor: Mr. E. Anwar Reddick
![Page 2: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/2.jpg)
Internet and computer communications technologies are inherently insecure
Without security, anyone with access to the communications infrastructure can READ AND MODIFY the messages your computer sends out
![Page 3: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/3.jpg)
Security techniques make use of a process called encryption ◦ “en” means to make ◦ “crypt” means secret or hidden
Cryptography – use of secret writing (use of encryption) ◦ “graphy” means writing or some form or
representation
Cryptology – study of secret writing Cryptanalysis – “breaking” secret writing aka
uncovering the secret
![Page 4: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/4.jpg)
Encryption is the process of taking a “clear-text” message and making it uncomprehensible
Example:
Transforming the clear-text message such as “Hello World” into some cipher-text such as “n3$1#ved9”
![Page 5: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/5.jpg)
Secure Sockets Layer (SSL)
Transport Layer Security (TLS)
Internet Protocol Security (IPsec) ◦ Used by Virtual Private Networks (VPNs)
Wired Equivalent Privacy (WEP)
WiFi Protected Access (WPA)
![Page 6: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/6.jpg)
An encryption algorithm is like a treasure chest
Put your secret in a chest and lock it with a key
Whoever has the right key can reveal the secret
Revealing the secret (opening the chest) with a key is called decryption
![Page 7: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/7.jpg)
Modern encryption (and decryption) algorithms are based on mathematical operations ◦ Messages and keys are converted to numbers
◦ Remember computers operate on binary!
Let: ◦ E -> encryption algorithm, D -> decryption algorithm
◦ M -> clear-text message, C -> cipher-text
◦ K -> key
E(M, K) = C
D(C, K) = M
![Page 8: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/8.jpg)
The math is extremely complex
If a hacker obtained C, but did not have K, the hacker “should” not be able to use D to produce M in a reasonable amount of time with a reasonably powerful computer
Reasonably powerful computer? ◦ Think the most powerful supercomputer times 2
Reasonable amount of time? ◦ Think thousands of years!
![Page 9: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/9.jpg)
Cryptography is only good until someone figures out how to take C and D and produce M without knowing K in a short amount of time
At that point, it’s time for a new algorithm! ◦ Think about how WEP was found to be insecure and led
to the development of WPA
◦ DES was found to be insecure and led to the development of Triple-DES and AES
Really, really, really smart people (good-natured and bad) called cryptographers work tirelessly trying to break cryptographic algorithms
![Page 10: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/10.jpg)
Symmetric Cryptography ◦ The key that is used for encryption is also used for
decryption
Asymmetric Cryptography ◦ One key is used for encryption and a different key
is used for decryption
![Page 11: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/11.jpg)
If Leia wants to send a secret message “death star location” to Luke…
They first need to have a copy of the same key – called a secret key ◦ Remember they must keep the key secret!
Secret Key 1
![Page 12: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/12.jpg)
Then Leia must find a chest made to use the key ◦ I.e., Leia must find a suitable symmetric encryption
algorithm
![Page 13: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/13.jpg)
Then Leia can put the message into the chest, lock it, and have it sent to Luke
I.e., Leia can encrypt the message and send it across the insecure Internet to Luke (via E-mail, WWW, etc)
![Page 14: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/14.jpg)
Luke has the secret key, so he can retrieve the message and do his job
I.e., Luke uses the secret key to decrypt the message
![Page 15: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/15.jpg)
Since only Luke and Leia have the secret key, only they can open the chest
If the message gets intercepted in transit (which happens on the Internet), the message remains uncomprehensible
If the message gets destroyed in transit, Leia can just try again
![Page 16: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/16.jpg)
Luke and Leia must agree on a key to use before they can communicate secretly
This is not always feasible
Asymmetric Cryptography addresses this problem
Symmetric Cryptography is nevertheless still important for computer security
![Page 17: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/17.jpg)
Leia and Luke, separately, create two keys, called a key-pair ◦ Leia has her pair, and Luke has his own, different pair
One of Leia’s keys is called her private key and the other is called her public key
Let Kpre denote Leia’s private key ◦ Kpbe deontes Leia’s public key
E(M1, Kpre) = C’ ◦ D(C’, Kpbe) = M1
E(M1, Kpbe) = C” ◦ D(C”, Kpre) = M1
![Page 18: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/18.jpg)
Did you catch that? Go back and double check.
If a message is encrypted (with an asymmetric algorithm) with a private key, then the resulting cipher text can be decrypted only with the corresponding public key
If a message is encrypted with a public key, then the cipher text can be decrypted only with the corresponding private key
There’s complex math to make this work
![Page 19: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/19.jpg)
RSA is a set of asymmetric algorithms created by Ron Rivest, Adi Shamir, and Leonard Adleman
They figured out how to make the math work in 1977 ◦ Following research done by Whitfield Diffie, Martin
Hellman, and Ralph Merkle
No one has been able to break it yet Web (SSL, TLS), and e-mail encryption is based
on RSA Translation: pretty much your entire digital life is
protected by RSA ◦ Online banking, E-commerce ◦ Online access to school, health, personal records, etc
![Page 20: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/20.jpg)
Why the names “private” and “public” keys?
You keep your private key private ◦ Only you should have access to your private key!
Anyone can know your public key and the cryptography still works just fine ◦ It’s okay even for bad guys to know your public key
![Page 21: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/21.jpg)
Leia has her key-pair, and Luke has his own
Assume there are magical treasure chests that work with key-pairs ◦ Complex math can often seem like magic
public
private
Kpbe
Kpre
Kpbu
Kpru
![Page 22: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/22.jpg)
Leia wants to send the message “death star location” to Luke in a way that only Luke can read the message
Leia has a magic asymmetric chest (aka asymmetric algorithm)
Which key should Leia use to encrypt the message?
The answer is on next slide
![Page 23: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/23.jpg)
Luke’s public key! ◦ Remember it’s okay for everyone to have your
public key, even the bad guys
◦ Here, we’re assuming that Leia can reliably access Luke’s public key
Why Luke’s public key? ◦ Only Luke’s private key can be used to decrypt the
message
And only Luke should have Luke’s private key
![Page 24: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/24.jpg)
Leia puts the message in a chest, locks it with Luke’s public key, and has it sent to Luke
No one, besides Luke, can open the chest ◦ Not Vader, not even Leia
Kpbu
![Page 25: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/25.jpg)
Luke uses his private key that he keeps private to open the chest, see the message, and can do his job
I.e., Luke decrypts the message with his private key
Kpru
![Page 26: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/26.jpg)
What if Vader alters Leia’s chest (alters the cipher text)?
What if Vader replaces Leia’s chest with his own chest with a fake message that he locks with Luke’s public key?
How does Leia get Luke’s public key?
What happens if Luke looses his private key?
What happens if Luke’s private key gets stolen?
Why is symmetric cryptography still used?
How do Leia and Luke agree on a symmetric key if they’re not together?
![Page 27: Basic Cryptography Overview](https://reader031.fdocuments.in/reader031/viewer/2022032620/55cdacb3bb61eb4a6a8b4621/html5/thumbnails/27.jpg)
After the 1st death star is destroyed, the Empire builds another one at another location. With symmetric cryptography, what if Vader captures Leia’s new chest for the 2nd death star but replaces it with a copy of Leia’s original chest with the old location?
What if a chest (or encryption algorithm) is defective?
This information is just the basics
Wikipedia is an excellent source of more information