Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA...
Transcript of Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA...
![Page 1: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/1.jpg)
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Fun with Certificates part Ia Deep Dive into Cryptography and RSA for all ages
Brian Epstein(he/him/his)
Institute for Advanced Study
Computer Manager, Network and Security
Information Security Officer
[email protected] - @epepepep
![Page 2: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/2.jpg)
https://security.ias.edu 2
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
The Institute for Advanced Study
![Page 3: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/3.jpg)
https://security.ias.edu 3
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 4: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/4.jpg)
https://security.ias.edu 6
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Topics● Cryptography
● History and Concepts● Symmetric and Asymmetric (RSA/ECC)
● Certificates● Trust● Key Size (bit-length)
● Lab and Demonstrations
![Page 5: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/5.jpg)
https://security.ias.edu 7
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Cryptography
Goal: pass messages secretly between entities through an insecure medium
![Page 6: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/6.jpg)
https://security.ias.edu 8
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 7: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/7.jpg)
https://security.ias.edu 9
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Symmetric Cryptography● Cereal box decoder ring/Cryptograms● Decode secret message (“zsad”).● Translate each letter with decoder ring● Secret message is (“easy”).● Reverse to encode.● Fast.
![Page 8: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/8.jpg)
https://security.ias.edu 10
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
tpuud JimmyJimmJimJiJttptputpuutpuud
![Page 9: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/9.jpg)
https://security.ias.edu 11
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Symmetric Box Demo
![Page 10: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/10.jpg)
https://security.ias.edu 12
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Symmetric Key Cryptography
n*(n-1)/2 = 6*(5-1)/2 = 30/2 = 15 unique keys
![Page 11: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/11.jpg)
https://security.ias.edu 13
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 12: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/12.jpg)
https://security.ias.edu 14
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 13: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/13.jpg)
https://security.ias.edu 15
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 14: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/14.jpg)
https://security.ias.edu 16
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
One way function
X
![Page 15: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/15.jpg)
https://security.ias.edu 17
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Asymmetric Keys● Private key that you keep to yourself● Public key that you give to everyone
![Page 16: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/16.jpg)
https://security.ias.edu 18
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Asymmetric Box Demo
![Page 17: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/17.jpg)
https://security.ias.edu 19
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Math
![Page 18: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/18.jpg)
https://security.ias.edu 20
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
51
3 17
1 3 1 17
41
1 41
Prime Numbers
1 * 41 = 41
1 * 3 * 1 * 17 = 3 * 17 = 51
![Page 19: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/19.jpg)
https://security.ias.edu 21
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Exponents
27 = 2*2*2*2*2*2*2 = 128
2^7 = 128
![Page 20: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/20.jpg)
https://security.ias.edu 22
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Modulus
55 1282
11018
r 18 128 ÷ 55 = 2 r 18128 mod 55 = 18128 ≡ 18 (mod 55)
55 1282
11018
r 18
![Page 21: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/21.jpg)
https://security.ias.edu 23
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Modulus 5 r 05 25 25 0
5 r 15 26 25 1
5 r 25 27 25 2
5 r 35 28 25 3
5 r 45 29 25 4
6 r 05 30 30 0
6 r 15 31 30 1
mod 5
![Page 22: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/22.jpg)
https://security.ias.edu 24
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 23: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/23.jpg)
https://security.ias.edu 25
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Modulus● Think of modulus like a circle● Examples
● clock - 59 minutes becomes 0 minutes : (mod 60)● date - 365th day of the year becomes the 1st : (mod
365)● numbers - ones column goes from 9 to 0 : (mod 10)● circular degrees - 359° goes to 0° : (mod 360)
![Page 24: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/24.jpg)
https://security.ias.edu 26
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
RSA Private Key Contents● Two large Prime Numbers (p and q)● Modulus (n = p*q)● Private exponent (d)
![Page 25: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/25.jpg)
https://security.ias.edu 27
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Private Exponent● Private exponent (d) must solve
(d*e) mod φ(n) = 1
![Page 26: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/26.jpg)
Fun with Certificates
![Page 27: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/27.jpg)
Fun with Certificates
![Page 28: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/28.jpg)
Fun with Certificates
![Page 29: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/29.jpg)
Fun with Certificates
![Page 30: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/30.jpg)
Fun with Certificates
![Page 31: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/31.jpg)
https://security.ias.edu 33
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
RSA Public Key Contents● Modulus (n)● Public exponent (e)
![Page 32: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/32.jpg)
Fun with Certificates
![Page 33: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/33.jpg)
https://security.ias.edu 35
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Public Exponent● Public exponent (e) must be relatively
prime to p-1 for all primes p which divide the modulus
![Page 34: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/34.jpg)
https://security.ias.edu 38
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Jimmy 1414 1314 13 1814 13 18 1814 13 18 18 36
One way function for RSA
![Page 35: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/35.jpg)
https://security.ias.edu 39
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
14 13 18 18 36
One way function for RSA
14 13 18 18 36
![Page 36: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/36.jpg)
https://security.ias.edu 40
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
14 13 18 18 36
One way function for RSA
14
13
18
18
36
![Page 37: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/37.jpg)
https://security.ias.edu 44
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
One way function for RSA
14
13
18
18
36
147 mod 55
137 mod 55
187 mod 55
187 mod 55
367 mod 55
= 105413504 mod 55= 9 = “g”
= 7
= 17
= 17
= 31
= “e”
= “l”
= “l”
= “v”
E(Jimmy) = gellv
![Page 38: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/38.jpg)
https://security.ias.edu 45
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
One way function for RSA
9
7
17
17
31
923 mod 55
723 mod 55
1723 mod 55
1723 mod 55
3123 mod 55
= 14 = “J”
= 13
= 18
= 18
= 36
= “i”
= “m”
= “m”
= “y”
D(gellv) = Jimmy
![Page 39: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/39.jpg)
https://security.ias.edu 46
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Asymmetric Key Demo
Modulo Calculatorhttps://tinyurl.com/rsacalc
![Page 40: Fun with Certificates part I - IAS Security · 5/13/2019 · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think](https://reader033.fdocuments.in/reader033/viewer/2022060323/5f0d9e067e708231d43b3dea/html5/thumbnails/40.jpg)
https://security.ias.edu 47
Fun with Certificates part IRSA Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Asymmetric Key Cryptography
2*n = 2 * 6 = 12 unique keys