S.R. Blackburn Royal Holloway · PDF fileS.R. Blackburn Royal Holloway Cryptography. Pre-1976...

Click here to load reader

  • date post

    15-Sep-2018
  • Category

    Documents

  • view

    213
  • download

    0

Embed Size (px)

Transcript of S.R. Blackburn Royal Holloway · PDF fileS.R. Blackburn Royal Holloway Cryptography. Pre-1976...

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Photo: V. Lee

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Cryptography

    Simon R. Blackburn

    Royal Holloway, University of London

    26th January 2009

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    This talk

    I Pre-1976 cryptography

    I The revolution of 1976

    I Modern cryptography

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Secrecy and scrambling

    Cryptography used to be all about secrecy and was mainly used bygovernments.

    I Secrecy: Shaving the head of a slave. (Histiaeus andAristagoras of Miletus, approx 500BC)

    I Scrambling: The Caesar Cipher (approx 50BC) KHOOR!

    I Keys: Leon Battista Alberti; the Argenti family (approx 1460- 1590)

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Secrecy and scrambling

    Cryptography used to be all about secrecy and was mainly used bygovernments.

    I Secrecy: Shaving the head of a slave. (Histiaeus andAristagoras of Miletus, approx 500BC)

    I Scrambling: The Caesar Cipher (approx 50BC) KHOOR!

    I Keys: Leon Battista Alberti; the Argenti family (approx 1460- 1590)

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Secrecy and scrambling

    Cryptography used to be all about secrecy and was mainly used bygovernments.

    I Secrecy: Shaving the head of a slave. (Histiaeus andAristagoras of Miletus, approx 500BC)

    I Scrambling: The Caesar Cipher (approx 50BC) KHOOR!

    I Keys: Leon Battista Alberti; the Argenti family (approx 1460- 1590)

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Secrecy and scrambling

    Cryptography used to be all about secrecy and was mainly used bygovernments.

    I Secrecy: Shaving the head of a slave. (Histiaeus andAristagoras of Miletus, approx 500BC)

    I Scrambling: The Caesar Cipher (approx 50BC) KHOOR!

    I Keys: Leon Battista Alberti; the Argenti family (approx 1460- 1590)

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    The science of cryptography

    Auguste Kerckhoffs La Cryptographie Militaire, 1883.

    Before Kerckoffs: security through obscurity

    Kerckoffs Law: Compromise of the system should notinconvenience the correspondents or:

    Secrecy resides entirely in the key

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    The science of cryptography

    Auguste Kerckhoffs La Cryptographie Militaire, 1883.

    Before Kerckoffs: security through obscurity

    Kerckoffs Law: Compromise of the system should notinconvenience the correspondents or:

    Secrecy resides entirely in the key

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    The science of cryptography

    Auguste Kerckhoffs La Cryptographie Militaire, 1883.

    Before Kerckoffs: security through obscurity

    Kerckoffs Law: Compromise of the system should notinconvenience the correspondents or:

    Secrecy resides entirely in the key

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Perfect secrecy

    Gilbert S. Vernam (1917): the one-time pad.

    Claude E. Shannon (1948/49): The one time pad is perfectlysecure!

    Problem: How do both sender and recipient know the key?

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Perfect secrecy

    Gilbert S. Vernam (1917): the one-time pad.

    Claude E. Shannon (1948/49): The one time pad is perfectlysecure!

    Problem: How do both sender and recipient know the key?

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Perfect secrecy

    Gilbert S. Vernam (1917): the one-time pad.

    Claude E. Shannon (1948/49): The one time pad is perfectlysecure!

    Problem: How do both sender and recipient know the key?

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Whit Diffie and Martin Hellman

    Diffie and Hellman (1976) solved this problem!

    I Two parties: Alice and Bob

    I All communications monitored by Eve.

    I Alice and Bob come to know the same key; Eve doesnt knowthe key

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Whit Diffie and Martin Hellman

    Diffie and Hellman (1976) solved this problem!

    I Two parties: Alice and Bob

    I All communications monitored by Eve.

    I Alice and Bob come to know the same key; Eve doesnt knowthe key

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Whit Diffie and Martin Hellman

    Diffie and Hellman (1976) solved this problem!

    I Two parties: Alice and Bob

    I All communications monitored by Eve.

    I Alice and Bob come to know the same key; Eve doesnt knowthe key

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Whit Diffie and Martin Hellman

    Diffie and Hellman (1976) solved this problem!

    I Two parties: Alice and Bob

    I All communications monitored by Eve.

    I Alice and Bob come to know the same key; Eve doesnt knowthe key

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Modular arithmetic

    Suppose we only know about the numbers 0, 1, 2, 3, . . . , 10, 11, 12.

    I 22 = 4

    I 23 = 4 2 = 8I 24 = 8 2 = 16 = 3 (subtract 13)I Using 28 = 9, we calculate 29 = 9 2 = 18 = 5.

    i 1 2 3 4 5 6 7 8 9 10 11 12 13 14

    2i 2 4 8 3 6 12 11 9 5 10 7 1 2 4

    If we are just given 2i , it is difficult to find i .If we are just given i , it is easy to find 2i .

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Modular arithmetic

    Suppose we only know about the numbers 0, 1, 2, 3, . . . , 10, 11, 12.

    I 22 = 4

    I 23 = 4 2 = 8I 24 = 8 2 = 16 = 3 (subtract 13)I Using 28 = 9, we calculate 29 = 9 2 = 18 = 5.

    i 1 2 3 4 5 6 7 8 9 10 11 12 13 14

    2i 2 4 8 3 6 12 11 9 5 10 7 1 2 4

    If we are just given 2i , it is difficult to find i .If we are just given i , it is easy to find 2i .

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Modular arithmetic

    Suppose we only know about the numbers 0, 1, 2, 3, . . . , 10, 11, 12.

    I 22 = 4

    I 23 = 4 2 = 8I 24 = 8 2 = 16 = 3 (subtract 13)I Using 28 = 9, we calculate 29 = 9 2 = 18 = 5.

    i 1 2 3 4 5 6 7 8 9 10 11 12 13 14

    2i 2 4 8 3 6 12 11 9 5 10 7 1 2 4

    If we are just given 2i , it is difficult to find i .If we are just given i , it is easy to find 2i .

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    How to exchange keys

    Alice Eve Bob

    Pick i andcalculate 2i 2i

    Pick j and2j calculate 2j

    Calculate (2j)i Calculate (2i )j

    The common key: the secret number 2ij

    Eve only knows 2i and 2j . How can she calculate 2ij from this?

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    How to exchange keys

    Alice Eve Bob

    Pick i andcalculate 2i 2i

    Pick j and2j calculate 2j

    Calculate (2j)i Calculate (2i )j

    The common key: the secret number 2ij

    Eve only knows 2i and 2j . How can she calculate 2ij from this?

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    Photo: D. Spisak

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    What else can you do?

    Modern cryptography is about authenticity as well as secrecy, andis now used by business as much as government.

    I Public key cryptography: RSA (1977) ElGamal (1984)

    I Digital signatures: RSA (1977)

    I Zero knowledge: Goldwasser, Micali, Rackoff (1985)

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    What else can you do?

    Modern cryptography is about authenticity as well as secrecy, andis now used by business as much as government.

    I Public key cryptography: RSA (1977) ElGamal (1984)

    I Digital signatures: RSA (1977)

    I Zero knowledge: Goldwasser, Micali, Rackoff (1985)

    S.R. Blackburn Royal Holloway

    Cryptography

  • Pre-1976 cryptography The revolution of 1976 Modern cryptography

    What else can you do?

    Modern cryptography is about authenticity as well as secrecy, andis now used by business as mu