Public Key Cryptography
-
Upload
israel-herraiz -
Category
Education
-
view
491 -
download
0
description
Transcript of Public Key Cryptography
![Page 1: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/1.jpg)
1
http://herraiz.org
Public key cryptography: a practical Public key cryptography: a practical approachapproach
Israel Herraiz <[email protected]>
KeyID FE0A7AF3
Fingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF3
Slides and additional info athttp://mat.caminos.upm.es/~iht/pkc/
![Page 2: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/2.jpg)
2
http://herraiz.org
Privacy in electronic communicatiosPrivacy in electronic communicatios
Can we ensureprivacy in electroniccommunications?
![Page 3: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/3.jpg)
3
http://herraiz.org
Reaching GoogleReaching Google 1 10.8.0.1 (10.8.0.1) 2 192.168.1.1 (192.168.1.1) 3 62.81.125.179.static.user.ono.com (62.81.125.179) 4 10.115.49.217 (10.115.49.217) 5 10.127.151.49 (10.127.151.49) 6 10.127.10.137 (10.127.10.137) 7 10.127.10.133 (10.127.10.133) 8 10.127.3.82 (10.127.3.82) 9 213.242.71.21 (213.242.71.21)10 ae-5-5.ebr1.Paris1.Level3.net (4.69.141.42)11 ae-45-45.ebr1.London1.Level3.net (4.69.143.101)12 ae-1-51.edge3.London1.Level3.net (4.69.139.73)13 unknown.Level3.net (212.113.15.186)14 209.85.255.78 (209.85.255.78)15 66.249.95.173 (66.249.95.173)16 216.239.49.45 (216.239.49.45)17 * * *18 ww-in-f147.1e100.net (209.85.229.147)
1 10.8.0.1 (10.8.0.1) 2 192.168.1.1 (192.168.1.1) 3 62.81.125.179.static.user.ono.com (62.81.125.179) 4 10.115.49.217 (10.115.49.217) 5 10.127.151.49 (10.127.151.49) 6 10.127.10.137 (10.127.10.137) 7 10.127.10.133 (10.127.10.133) 8 10.127.3.82 (10.127.3.82) 9 213.242.71.21 (213.242.71.21)10 ae-5-5.ebr1.Paris1.Level3.net (4.69.141.42)11 ae-45-45.ebr1.London1.Level3.net (4.69.143.101)12 ae-1-51.edge3.London1.Level3.net (4.69.139.73)13 unknown.Level3.net (212.113.15.186)14 209.85.255.78 (209.85.255.78)15 66.249.95.173 (66.249.95.173)16 216.239.49.45 (216.239.49.45)17 * * *18 ww-in-f147.1e100.net (209.85.229.147)
![Page 4: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/4.jpg)
4
http://herraiz.org
Reaching GoogleReaching Google 1 10.8.0.1 (10.8.0.1) 2 192.168.1.1 (192.168.1.1) 3 62.81.125.179.static.user.ono.com (62.81.125.179) 4 10.115.49.217 (10.115.49.217) 5 10.127.151.49 (10.127.151.49) 6 10.127.10.137 (10.127.10.137) 7 10.127.10.133 (10.127.10.133) 8 10.127.3.82 (10.127.3.82) 9 213.242.71.21 (213.242.71.21)10 ae-5-5.ebr1.Paris1.Level3.net (4.69.141.42)11 ae-45-45.ebr1.London1.Level3.net (4.69.143.101)12 ae-1-51.edge3.London1.Level3.net (4.69.139.73)13 unknown.Level3.net (212.113.15.186)14 209.85.255.78 (209.85.255.78)15 66.249.95.173 (66.249.95.173)16 216.239.49.45 (216.239.49.45)17 * * *18 ww-in-f147.1e100.net (209.85.229.147)
1 10.8.0.1 (10.8.0.1) 2 192.168.1.1 (192.168.1.1) 3 62.81.125.179.static.user.ono.com (62.81.125.179) 4 10.115.49.217 (10.115.49.217) 5 10.127.151.49 (10.127.151.49) 6 10.127.10.137 (10.127.10.137) 7 10.127.10.133 (10.127.10.133) 8 10.127.3.82 (10.127.3.82) 9 213.242.71.21 (213.242.71.21)10 ae-5-5.ebr1.Paris1.Level3.net (4.69.141.42)11 ae-45-45.ebr1.London1.Level3.net (4.69.143.101)12 ae-1-51.edge3.London1.Level3.net (4.69.139.73)13 unknown.Level3.net (212.113.15.186)14 209.85.255.78 (209.85.255.78)15 66.249.95.173 (66.249.95.173)16 216.239.49.45 (216.239.49.45)17 * * *18 ww-in-f147.1e100.net (209.85.229.147)
Getafe
Barcelona
MinneapolisParis
LondonAtlanta
New YorkLos Angeles
Atlanta
![Page 5: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/5.jpg)
5
http://herraiz.org
Hops while attempting to reach Hops while attempting to reach GoogleGoogle
![Page 6: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/6.jpg)
6
http://herraiz.org
Is it that bad?Is it that bad?
What kind of privateInformation can be
captured?
![Page 7: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/7.jpg)
7
http://herraiz.org
Non-cyphered informationNon-cyphered information
● Geolocalization● Using your IP address
● Web browser and operating system● Any info written in a form
● Including passwords
● Cookies● Have a look and take care
– http://www.youtube.com/watch?v=yyLdxO6xvh8– http://www.youtube.com/watch?v=1FgKL2ywrX0
![Page 8: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/8.jpg)
8
http://herraiz.org
Is it important?Is it important?
● Strong PK crypto illegal in France up to 2004
● PK implementations in software considered weapons in the US
● Software export restrictions in EU and US
http://en.wikipedia.org/wiki/Phil_Zimmermann
http://en.wikipedia.org/wiki/Key_disclosure_lawhttp://en.wikipedia.org/wiki/Cryptography_law
http://en.wikipedia.org/wiki/Export_of_cryptography_in_the_United_States#History
![Page 9: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/9.jpg)
9
http://herraiz.org
Solution
Enforce cypheringusing public key
cryptography
![Page 10: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/10.jpg)
10
http://herraiz.org
CryptographyCryptography
● Traditionally, cyphering was done using a password and an algorithm
● Symmetric approach● Password shared by both peers
● Public key cryptography● Insecure channel● Private and secure communication without any
previous physical contact
![Page 11: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/11.jpg)
11
http://herraiz.org
Public key cryptography (PKP)Public key cryptography (PKP)
Pub Pri Pub Pri
![Page 12: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/12.jpg)
12
http://herraiz.org
Public key cryptographyPublic key cryptography
Pri PriPubPub
Pub Pub
Keyserver
![Page 13: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/13.jpg)
13
http://herraiz.org
Criptografía de clave públicaCriptografía de clave pública
Pri PriPubPub
Pub Pub
Keyserver
Hi there!
![Page 14: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/14.jpg)
14
http://herraiz.org
Public key cryptographyPublic key cryptography
Pri PriPubPub
Pub Pub
Keyserver
0F231A5
Pub
![Page 15: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/15.jpg)
15
http://herraiz.org
Public key cryptographyPublic key cryptography
Pri PriPubPub
Pub Pub
Keyserver
0F231A5
Pub
![Page 16: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/16.jpg)
16
http://herraiz.org
Public key cryptographyPublic key cryptography
Pri PriPubPub
Pub Pub
Keyserver
Hi there!
![Page 17: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/17.jpg)
17
http://herraiz.org
How does it work?How does it work?
● PKP Algorithms● Prime number factorization
● From a mathematical point of view, all messages can be decrypted
● From a computational point of view, decrypting a message without the private key takes too long
– Key length is a crucial property
![Page 18: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/18.jpg)
18
http://herraiz.org
Public key samplePublic key sample
-----BEGIN PGP PUBLIC KEY BLOCK-----Version: GnuPG v2.0.19 (GNU/Linux)
JeP5F/eRS9G8EE1fObRRW6mRf+bGSeluFEMiOi3UB/5P0GBx8iM0QIjezR0R+2n8bMjuJmWHTjvEeplnx9iual4J4BT/9FznFs7o4tFVVfYBacFrhWjQyAf2xoP3gyn35OlV55VHVB+oidXUVNSNHZbXwrd1sH42x7x8o17PDFJrWjiq4kAb2EfSOIuSS6naK9Y06bqh3yRbVtRdZOuCLcY8QJwt/mx//uQqG6NuSvYhx1QyC6g==XuDESOIuSSamQINBEtUTeQBEACejdGQhscmsDXM7xG2/ZYFpMQg/GmPlJ85uJJUkLr2T+5Rw8XvVfZjNZkMwsq94BGFrBxu477tKhQ5wiUBBz/jJ01a39Wrazgp21fvEon2T0Vay45t2BYbU4AF815UL6o74YlW5SLdAofwylZS8pX4CKjGAB0T+fDiwkAepQl45nzX0ulv
-----END PGP PUBLIC KEY BLOCK-----
![Page 19: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/19.jpg)
19
http://herraiz.org
Private key samplePrivate key sample
-----BEGIN PGP PRIVATE KEY BLOCK-----Version: GnuPG v2.0.19 (GNU/Linux)
mQINBEtUTeQBEACejdGQhscmsDXM7xG2/ZYFpMQg/GmPlJ85uJJUkLr2T+5Rw8XvJeP5F/eRS9G8EE1fObRRW6mRf+bGSeluFEMiOi3UB/5P0GBx8iM0QIjezR0R+2n8VfZjNZkMwsq94BGFrBxu477tKhQ5wiUBBz/jJ01a39Wrazgp21fvEon2T0Vay45t2BYbU4AF815UL6o74YlW5SLdAofwylZS8pX4CKjGAB0T+fDiwkAepQl45nzX0ulvbMjuJmWHTjvEeplnx9iual4J4BT/9FznFs7o4tFVVfYBacFrhWjQyAf2xoP3gyn35OlV55VHVB+oidXUVNSNHZbXwrd1sH42x7x8o17PDFJrWjiq4kAb2EfSOIuSS6naK9Y06bqh3yRbVtRdZOuCLcY8QJwt/mx//uQqG6NuSvYhx1QyC6g==XuDESOIuSSa
-----END PGP PRIVATE KEY BLOCK-----
![Page 20: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/20.jpg)
20
http://herraiz.org
KeyserversKeyservers
● Internet hosts that contain public keys● Federated services
● All servers contain all the public keys in the world
● Public keyserver in Spain thanks to RedIRIS● URL: pgp.rediris.es
![Page 21: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/21.jpg)
21
http://herraiz.org
Message signingMessage signing
Pri PriPubPub
Pub Pub
Keyserver
Hi there!
![Page 22: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/22.jpg)
22
http://herraiz.org
Message signingMessage signing
Pri PriPubPub
Pub Pub
Keyserver
Hi there!
Created with theprivate key
![Page 23: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/23.jpg)
23
http://herraiz.org
Message signingMessage signing
Pri PriPubPub
Pub Pub
Keyserver
Hi there!
![Page 24: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/24.jpg)
24
http://herraiz.org
Signing and encryptingSigning and encrypting
Pri PriPubPub
Pub Pub
Keyserver
Hi there!
![Page 25: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/25.jpg)
25
http://herraiz.org
Signing and encryptingSigning and encrypting
Pri PriPubPub
Pub Pub
Keyserver
FAD43A
Pub
![Page 26: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/26.jpg)
26
http://herraiz.org
Signing and encryptingSigning and encrypting
Pri PriPubPub
Pub Pub
Keyserver
FAD43A
Pub
![Page 27: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/27.jpg)
27
http://herraiz.org
Signing and encryptingSigning and encrypting
Pri PriPubPub
Pub Pub
Keyserver
Hi there!
![Page 28: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/28.jpg)
28
http://herraiz.org
Signing and encryptingSigning and encrypting
Pri PriPubPub
Pub Pub
Keyserver
Hi there!
![Page 29: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/29.jpg)
29
http://herraiz.org
Identity certificationIdentity certification
How do you know thatpublic keys belong to their
legitimate owners?
Public key
Barack Obama
Can we ensure that thekey does belong to
Barack Obama?
![Page 30: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/30.jpg)
30
http://herraiz.org
Identity certificationIdentity certification
Certificate Authorities
Trust chain
![Page 31: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/31.jpg)
31
http://herraiz.org
Public key signingPublic key signing
● Public keys are plain text documents that can be cryptographically signed
● Mutual public signing adds identity certification to PKP schemes
![Page 32: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/32.jpg)
32
http://herraiz.org
Public key signingPublic key signing
Pri PriPubPub
Pub Pub
Keyserver
Barack Obama
![Page 33: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/33.jpg)
33
http://herraiz.org
Public key signingPublic key signing
Pri PriPubPub
Pub Pub
Keyserver
Barack Obama
Key FE0A7AF2Name Barack ObamaFingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
![Page 34: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/34.jpg)
34
http://herraiz.org
Public key signingPublic key signing
Pri PriPubPub
Pub Pub
Keyserver
Barack Obama
Key FE0A7AF2Name Barack ObamaFingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
![Page 35: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/35.jpg)
35
http://herraiz.org
Public key signingPublic key signing
Pri PriPubPub
Pub Pub
Keyserver
Barack Obama
Show meyour passport
Key FE0A7AF2Name Barack ObamaFingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
![Page 36: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/36.jpg)
36
http://herraiz.org
Passport
BarackObama
Public key signingPublic key signing
Pri PriPubPub
Pub Pub
Keyserver
Barack Obama
Key FE0A7AF2Name Barack ObamaFingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
Show meyour passport
![Page 37: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/37.jpg)
37
http://herraiz.org
Public key signingPublic key signing
PriPub
Pub Pub
Keyserver
Key FE0A7AF2Name Barack ObamaFingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
Pub
Barack ObamaD0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
Download key FE0A7AF2
![Page 38: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/38.jpg)
38
http://herraiz.org
Public key signingPublic key signing
PriPub
Pub Pub
Keyserver
Key FE0A7AF2Name Barack ObamaFingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
Pub
Barack ObamaD0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
![Page 39: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/39.jpg)
39
http://herraiz.org
Public key signingPublic key signing
PriPub
Pub Pub
Keyserver
Key FE0A7AF2Name Barack ObamaFingerprint D0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
Pub
Barack ObamaD0DA E915 BFDD E5CD 8BA0 B159 7E97 2ACB FE0A 7AF2
![Page 40: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/40.jpg)
40
http://herraiz.org
Public key signingPublic key signing
PriPub
Pub Pub
Keyserver
PriPub
Barack Obama
Key signing isoften mutual
![Page 41: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/41.jpg)
41
http://herraiz.org
Public key signingPublic key signing
Barack Obama
Pub
Pub
Pub
Is he Barack Obama?
Trust chain
![Page 42: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/42.jpg)
42
http://herraiz.org
Signing partySigning party
![Page 43: Public Key Cryptography](https://reader035.fdocuments.in/reader035/viewer/2022062418/5568758ed8b42a3b7b8b4ced/html5/thumbnails/43.jpg)
43
http://herraiz.org
Take awayTake away
PK Cryptog.Secure comms.
throughinsec. channels
Each user createsa public-private
key pair
Keyserverscontain every
key in the world
Trust chainIdentity cert.
through public key signing