Public Key Encryption, Secure WWW Transactions & Digital Signatures

Securing Data Transmission

Most Internet communications are sent "in the clear," without the benefit of encryption– The primary reasons for that practice are speed

and simplicity– encrypting and decrypting data are

computationally intensive operations Encrypting all Internet traffic would burden

connected computers to the point where data processing would be unacceptably slow

Securing Data Transmission

Internet communications are inherently plain text, a byproduct of the Internet's design

To acquire sensitive data, attackers may employ – packet sniffing (reading all data on a particular data line)– gaining access to target systems by guessing user

passwords

Commercial transactions, however must be secured– Transmitting sensitive data in an unencrypted state

magnifies the possibility that any successful attack would lead to significant consequences

Securing Data Transmission

The goal of secure servers is to protect Internet communications in four ways: – Ensuring the communications are private– Verifying the communications have not been altered

by transmission errors or a third party– Ensuring server and client are who they claim to be– Ensuring the information to be transferred was

written by the signed author

Securing Data Transmission

These four types of protection are implemented through cryptographic techniques used to – secure World Wide Web (WWW) transactions– verify the server's identity– send encrypted requests and responses between

browsers and servers– provide for verification of document authorship

and browser user identity

Encryption Techniques

Simple Encryption– Cryptography ("secret writing") obscures a message's

meaning by replacing characters in the original message (plaintext) with other characters (ciphertext)

– One early encryption scheme was Caesar's Cipher, where each letter was replaced with the letter three places behind it in the alphabet (wrapping around as necessary)

Using this method, the plaintext "cat" would be encrypted as the ciphertext "fdw"

"buzz" becomes "excc"

Encryption Techniques

Computers make such simple algorithms worthless– Attackers can use freely available programs running on

home systems to break these simple ciphers quite easily– On the plus side, home computers also have the capacity to

run powerful encryption schemes which may only be broken by trying every possible key (a brute force attack)

It is possible to encrypt messages in such a way that– decryption with the key takes a few seconds – a brute force attack would have little chance of succeeding

in one million years

Modern Encryption

Contemporary cryptographic techniques use such complex transposition schemes that humans cannot perform the operations within a reasonable time– Computers are required

These methods may be divided into two general groups:– symmetric – asymmetric

Symmetric Algorithms

A cryptographic method is symmetric, or single-key, when the same key is used to encrypt and decrypt a message. Though symmetric algorithms are simple to use, they have two major drawbacks:

– The key must be communicated by another secure channel, such as a trusted courier

– Should the key be compromised, an attacker could read every message between the original parties and produce fake messages (provided the encryption algorithm is known)

Examples of symmetric encryption algorithms include the US developed Digital Encryption Standard (DES) and the Swiss International Data Encryption Algorithm (IDEA)

Asymmetric Algorithms

In 1974, Whitfield Diffie and Martin Hellman developed a cryptographic scheme known as public key cryptography

Their method has a tremendous advantage over symmetric cryptography: the key need not be passed in an unencrypted state

However, it is considerably slower than private-key encryption

What is public key encryption?

Public key encryption (PKE) uses a system of two keys:– a private key, which only you use– a public key, which other people use

Public keys are often stored on public key servers A document that is encrypted with one of these keys can be decrypted

only with the other key in the pair

Here is a sample PUBLIC KEY: -----BEGIN PGP PUBLIC KEY BLOCK-----Version: 5.0mQCNAi44C30AAAEEAL1r6ByIvuSAvOKIk9ze9yCK+ZPPbRZrpXIRFBbe+U8dGPMb9XdJS4L/cy1fXr9R9j4EfFsK/rgHV6i2rE83LjOrmsDPRPSaizz+EQTIZi4AN99jiBomfLLZyUzmHMoUoE4shrYgOnkc0u101ikhieAFje77j/F3596pT6nCx/9/AAURtCRBbmRyZSBCYWNhcmQgPGFiYWNhcmRAd2VsbC5zZi5jYS51cz6JAFUCBRAuOA6O7zYZz1mqos8BAXr9AgCxCu8CwGZRdpfSs65r6mb4MccXvvfxO4TmPi1DKQj2FYHYjwYONk8vzA7XnE5aJmk5J/dChdvfIU7NvVifV6AF=GQv9-----END PGP PUBLIC KEY BLOCK-----

PKE Example

Alice wants to send a message to Bob using PGP (a popular public key encryption system)

She encrypts the message with Bob's public key and sends it using her favorite email program

Once the message is encrypted with Bob's public key, only Bob can decrypt the message using his private key

Even major governments using supercomputers would have to work for a very long time to decrypt this message without the private key

What are digital signatures?

Consider Alice and Bob again: – how can Bob be sure that it was really Alice who sent

the message, and not the criminally-minded Eve pretending to be Alice?

– This is where digital signatures come in Before encrypting the message to Bob, Alice can sign the

message using her private key when Bob decrypts the message, he can verify the signature

using her public key

Steps in using digital signatures

1. Alice creates a digest of the message — a sort of digital fingerprint A message can be easily confirmed as the source of a digest

2. Alice then encrypts the digest with her private key The encrypted digest is the digital signature

3. The encrypted digest is sent to Bob along with the message4. When Bob receives the message, he decrypts the digest using

Alice's public key 5. Bob then creates a digest of the message 6. Bob compares the digest that he created with the one that Alice

encrypted If the digests match, then Bob can be confident that the signed

message is indeed from Alice If they don't match, then the message has been tampered with — or

isn't from Alice at all

Digital Signatures & Encrypted Message

1. Alice creates a digest of the message 2. Alice then encrypts the digest with her private key3. Alice creates an augmented message

1. Message + encrypted digest

4. The augmented message is encrypted using Bob's public key5. The message is sent to Bob6. When Bob receives the message, he decrypts the augmented message

using his private key7. Bob decrypts the digest using Alice's public key 8. Bob then creates a digest of the message 9. Bob compares the digest that he created with the one that Alice encrypted

If the digests match, then Bob can be confident that the signed message is indeed from Alice

If they don't match, then the message has been tampered with — or isn't from Alice at all

A weakness in PKE

What if I need to verify a signature from someone I don't know, or be sure that the key is really theirs?

– This scheme has a weakness in that it is possible for attackers to

intercept a public key in transit substitute another compromise any subsequent communications until the change

is discovered– This is called a man-in-the-middle attack

Certificate Authorities

An attacker must monitor the communications channel and alter every message sent between two parties to avoid discovery, so completing this type of attack is far from trivial

– However, a determined party could make such an effort and either gain valuable information or substitute false messages.

Fortunately, this weakness may be overcome by having a trusted authority external to the communication verify the legitimacy of the keys in use

These parties, known as Certification Authorities (CA's), issue certificates which attest to varying degrees of confidence in the certificate holder's identity and affiliation

Secure Socket Layer Protocol

Computer communications may be thought of as a series of layers, starting from the hardware (machine) level and moving up to the data being transmitted

The network layer refers to the link between machines, whether it be the Internet, a corporate Local Area Network (LAN) or a satellite link

A socket is an abstraction of the point where the computer and network intersect; following this analogy, the SSL Protocol ensures that the communications channel itself is encrypted "from socket to socket"

Establishing a SSL Connection

When a SSL client and server begin communicating, they need to establish how messages will be handled during the session

Specifically, the machines must select cryptographic algorithms, optionally authenticate each other, and use public-key encryption techniques to generate random values to be used as keys for this session only

– These processes are performed in the connection initialization sequence, or handshake

To initiate a session, the client sends a message to the server requesting a connection

The server will accept the connection and respond with– a list of its cryptographic capabilities– its public key– (optionally) a copy of its certificate with a request for the client's certificate

Establishing a SSL Connection

The client matches its capabilities to those of the server and responds with similar information, encoded with the server's public key and any symmetrical encryption or hashing requested by the server

Certificates are optional as SSL supports three authentication modes: – authentication of both parties– server authentication with an unauthenticated client– total anonymity

completely anonymous sessions are vulnerable to man-in-the-middle attacks Once the connection has been established, SSL

– takes messages to be transmitted– fragments the data into manageable blocks– optionally compresses the data– generates a fingerprint (signature)– encrypts– and transmits the result