Public Key Encryption, Secure WWW Transactions & Digital Signatures.
-
Upload
vernon-conley -
Category
Documents
-
view
215 -
download
0
Transcript of Public Key Encryption, Secure WWW Transactions & Digital Signatures.
Public Key Encryption, Secure WWW Transactions & Digital Signatures
Securing Data Transmission
Most Internet communications are sent "in the clear," without the benefit of encryption– The primary reasons for that practice are speed
and simplicity– encrypting and decrypting data are
computationally intensive operations Encrypting all Internet traffic would burden
connected computers to the point where data processing would be unacceptably slow
Securing Data Transmission
Internet communications are inherently plain text, a byproduct of the Internet's design
To acquire sensitive data, attackers may employ – packet sniffing (reading all data on a particular data line)– gaining access to target systems by guessing user
passwords
Commercial transactions, however must be secured– Transmitting sensitive data in an unencrypted state
magnifies the possibility that any successful attack would lead to significant consequences
Securing Data Transmission
The goal of secure servers is to protect Internet communications in four ways: – Ensuring the communications are private– Verifying the communications have not been altered
by transmission errors or a third party– Ensuring server and client are who they claim to be– Ensuring the information to be transferred was
written by the signed author
Securing Data Transmission
These four types of protection are implemented through cryptographic techniques used to – secure World Wide Web (WWW) transactions– verify the server's identity– send encrypted requests and responses between
browsers and servers– provide for verification of document authorship
and browser user identity
Encryption Techniques
Simple Encryption– Cryptography ("secret writing") obscures a message's
meaning by replacing characters in the original message (plaintext) with other characters (ciphertext)
– One early encryption scheme was Caesar's Cipher, where each letter was replaced with the letter three places behind it in the alphabet (wrapping around as necessary)
Using this method, the plaintext "cat" would be encrypted as the ciphertext "fdw"
"buzz" becomes "excc"
Encryption Techniques
Computers make such simple algorithms worthless– Attackers can use freely available programs running on
home systems to break these simple ciphers quite easily– On the plus side, home computers also have the capacity to
run powerful encryption schemes which may only be broken by trying every possible key (a brute force attack)
It is possible to encrypt messages in such a way that– decryption with the key takes a few seconds – a brute force attack would have little chance of succeeding
in one million years
Modern Encryption
Contemporary cryptographic techniques use such complex transposition schemes that humans cannot perform the operations within a reasonable time– Computers are required
These methods may be divided into two general groups:– symmetric – asymmetric
Symmetric Algorithms
A cryptographic method is symmetric, or single-key, when the same key is used to encrypt and decrypt a message. Though symmetric algorithms are simple to use, they have two major drawbacks:
– The key must be communicated by another secure channel, such as a trusted courier
– Should the key be compromised, an attacker could read every message between the original parties and produce fake messages (provided the encryption algorithm is known)
Examples of symmetric encryption algorithms include the US developed Digital Encryption Standard (DES) and the Swiss International Data Encryption Algorithm (IDEA)
Asymmetric Algorithms
In 1974, Whitfield Diffie and Martin Hellman developed a cryptographic scheme known as public key cryptography
Their method has a tremendous advantage over symmetric cryptography: the key need not be passed in an unencrypted state
However, it is considerably slower than private-key encryption
What is public key encryption?
Public key encryption (PKE) uses a system of two keys:– a private key, which only you use– a public key, which other people use
Public keys are often stored on public key servers A document that is encrypted with one of these keys can be decrypted
only with the other key in the pair
Here is a sample PUBLIC KEY: -----BEGIN PGP PUBLIC KEY BLOCK-----Version: 5.0mQCNAi44C30AAAEEAL1r6ByIvuSAvOKIk9ze9yCK+ZPPbRZrpXIRFBbe+U8dGPMb9XdJS4L/cy1fXr9R9j4EfFsK/rgHV6i2rE83LjOrmsDPRPSaizz+EQTIZi4AN99jiBomfLLZyUzmHMoUoE4shrYgOnkc0u101ikhieAFje77j/F3596pT6nCx/9/AAURtCRBbmRyZSBCYWNhcmQgPGFiYWNhcmRAd2VsbC5zZi5jYS51cz6JAFUCBRAuOA6O7zYZz1mqos8BAXr9AgCxCu8CwGZRdpfSs65r6mb4MccXvvfxO4TmPi1DKQj2FYHYjwYONk8vzA7XnE5aJmk5J/dChdvfIU7NvVifV6AF=GQv9-----END PGP PUBLIC KEY BLOCK-----
PKE Example
Alice wants to send a message to Bob using PGP (a popular public key encryption system)
She encrypts the message with Bob's public key and sends it using her favorite email program
Once the message is encrypted with Bob's public key, only Bob can decrypt the message using his private key
Even major governments using supercomputers would have to work for a very long time to decrypt this message without the private key
What are digital signatures?
Consider Alice and Bob again: – how can Bob be sure that it was really Alice who sent
the message, and not the criminally-minded Eve pretending to be Alice?
– This is where digital signatures come in Before encrypting the message to Bob, Alice can sign the
message using her private key when Bob decrypts the message, he can verify the signature
using her public key
Steps in using digital signatures
1. Alice creates a digest of the message — a sort of digital fingerprint A message can be easily confirmed as the source of a digest
2. Alice then encrypts the digest with her private key The encrypted digest is the digital signature
3. The encrypted digest is sent to Bob along with the message4. When Bob receives the message, he decrypts the digest using
Alice's public key 5. Bob then creates a digest of the message 6. Bob compares the digest that he created with the one that Alice
encrypted If the digests match, then Bob can be confident that the signed
message is indeed from Alice If they don't match, then the message has been tampered with — or
isn't from Alice at all
Digital Signatures & Encrypted Message
1. Alice creates a digest of the message 2. Alice then encrypts the digest with her private key3. Alice creates an augmented message
1. Message + encrypted digest
4. The augmented message is encrypted using Bob's public key5. The message is sent to Bob6. When Bob receives the message, he decrypts the augmented message
using his private key7. Bob decrypts the digest using Alice's public key 8. Bob then creates a digest of the message 9. Bob compares the digest that he created with the one that Alice encrypted
If the digests match, then Bob can be confident that the signed message is indeed from Alice
If they don't match, then the message has been tampered with — or isn't from Alice at all
A weakness in PKE
What if I need to verify a signature from someone I don't know, or be sure that the key is really theirs?
– This scheme has a weakness in that it is possible for attackers to
intercept a public key in transit substitute another compromise any subsequent communications until the change
is discovered– This is called a man-in-the-middle attack
Certificate Authorities
An attacker must monitor the communications channel and alter every message sent between two parties to avoid discovery, so completing this type of attack is far from trivial
– However, a determined party could make such an effort and either gain valuable information or substitute false messages.
Fortunately, this weakness may be overcome by having a trusted authority external to the communication verify the legitimacy of the keys in use
These parties, known as Certification Authorities (CA's), issue certificates which attest to varying degrees of confidence in the certificate holder's identity and affiliation
Secure Socket Layer Protocol
Computer communications may be thought of as a series of layers, starting from the hardware (machine) level and moving up to the data being transmitted
The network layer refers to the link between machines, whether it be the Internet, a corporate Local Area Network (LAN) or a satellite link
A socket is an abstraction of the point where the computer and network intersect; following this analogy, the SSL Protocol ensures that the communications channel itself is encrypted "from socket to socket"
Establishing a SSL Connection
When a SSL client and server begin communicating, they need to establish how messages will be handled during the session
Specifically, the machines must select cryptographic algorithms, optionally authenticate each other, and use public-key encryption techniques to generate random values to be used as keys for this session only
– These processes are performed in the connection initialization sequence, or handshake
To initiate a session, the client sends a message to the server requesting a connection
The server will accept the connection and respond with– a list of its cryptographic capabilities– its public key– (optionally) a copy of its certificate with a request for the client's certificate
Establishing a SSL Connection
The client matches its capabilities to those of the server and responds with similar information, encoded with the server's public key and any symmetrical encryption or hashing requested by the server
Certificates are optional as SSL supports three authentication modes: – authentication of both parties– server authentication with an unauthenticated client– total anonymity
completely anonymous sessions are vulnerable to man-in-the-middle attacks Once the connection has been established, SSL
– takes messages to be transmitted– fragments the data into manageable blocks– optionally compresses the data– generates a fingerprint (signature)– encrypts– and transmits the result