- 210 Views
- Uploaded on

Download Presentation
## PowerPoint Slideshow about 'information security' - arleen

**An Image/Link below is provided (as is) to download presentation**

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

### Classical Regime

### Classical Regime

### Quantum Regime

### Quantum Regime

### Quantum Regime

### Quantum Regime

Cryptography

- What’s that mean?
- Kryptos: hidden, secret
- Gráphō: to write
- What does it do?
- Encryption: plaintext ciphertext
- Decryption: ciphertext plaintext
- Why would you want that?
- Confidentiality
- Integrity, authentication, signing, interactive proofs, secure multi-party computation

Cryptology, Cryptanalysis, Cryptolinguistics

- Frequency analysis
- Brute force
- Differential
- Integral
- Impossible differential
- Boomerang
- Mod n
- Related key
- Slide
- Timing
- XSL
- Linear
- Multiple linear
- Davies’ attack
- Improved Davies’ attack

Demands for resilient crypto

- AugusteKerckhoff’s principle
- Cipher practically indecipherable
- Cipher and keys not required to be secret
- Key communicable and retainable
- Applicable to telegraphic communication
- Portable and human effort efficient
- Easy to use
- Bruce Shneier
- “Secrecy … is a prime cause of brittleness… Conversely, openness provides ductility.”
- Eric Raymond
- “Any security software design that doesn\'t assume the enemy possesses the source code is already untrustworthy; therefore, *never trust closed source.”
- Shannon’s maxim
- “The enemy knows the system.”

Written language text

Transposition

- Exchange the position of two symbols in the text
- Like an anagram
- Scytale

E.g. text cipher

Hello world! eHll oowlr!d

Substitution

- Systematically exchange a symbol in the text with another symbol
- Caesar cipher, EXCESS-3

E.g. text cipher

Aabcd Ddefg

Poly-Alphabetic Substitution

- Repeated and dynamic substitution(s)
- Wehrmacht Enigma
- Series of rotors

One Time Pad

- Perfect secrecy
- Coined by Shannon
- H(M) = H(M|C)
- Requirements
- Perfect randomness
- Secure key generation and exchange
- Careful adherence to process

Binary bit sequence

Secret Key Crypto

- Perfect secrecy
- Coined by Shannon
- H(M) = H(M|C)
- Requirements
- Perfect randomness
- Secure key generation and exchange
- Careful adherence to process

Symmetric Key Crypto

- The same (or similar) key
- For both encryption and decryption
- Data Encryption Standard
- 56 bit key
- Feistel network
- Broken in 1999 in 22 hours 15 minutes by Deep Crack
- Triple-DES
- 56 bit keys (3 unique)
- en-de-en-crypt
- Advanced Encryption Standard (Rijndael)
- 128-192-256 bit keys
- Substitution permutation network

Feistel Network

- Expansion
- Key mixing
- Substitution
- Permutation

Substitution Permutation Network

- Substitution
- 1/n input change 1/2 output change
- confusion
- Permutation
- mix up inputs
- diffusion
- Round keys

Public Key Crypto

- Asymmetric keys
- public and private
- No secret key
- Multiple use
- TLS, SSL, PGP, GPG, digital signatures

RSA

- Ron Rivest, Adi Shamir, Leonard Adleman; 1978
- Key generation
- Pick two distinct, large prime numbers: p, q
- Compute their product: n = pq
- Compute its totient: phi = (p-1)(q-1)
- Pick a public key exponent: 1 < e < phi, e and phi coprime
- Compute private key exponent: de = 1 (mod phi)
- Encryption
- Forward padding
- Cipher = text ^ e (mod n)
- Exponentiation by squaring
- Decryption
- Text = cipher ^ d (mod n)
- = text ^ de (mod n) = text ^ (1+k*phi) (mod n) = text (mod n)
- Reverse padding

Hybrid Crypto

- Diffe-Hellman key exchange
- Alice and Bob agree on a finite cyclic group G (Multiplicative group of integers mod p)
- Period p, prime number
- Base g, primitive root mod p
- Alice picks a random natural number a and sends gamod p to Bob.
- Bob picks a random natural number b and sends gbmod p to Alice.
- Alice computes (gb mod p)a mod p
- Bob computes (ga mod p)b mod p
- Both know gab mod p = gba mod p

Breaking classical crypto

Peter Shor’s Factorization Algorithm

- Polynomial time in log N: O( (log N)3 )
- Polynomial gates in log N: O( (log N)2 )
- Complexity class Bounded-Error Quantum Polynomial (BQP)
- Transform from to periodicity
- Pick 1 < r < N: ar = 1 mod N
- ar -1 = (ar/2 +1)(ar/2 -1) = 0 mod N
- N = (ar/2 +1)(ar/2 -1) = pq
- Quantum Fourier Transform
- Map x-space to ω-space
- Measure with 1/r2 probability

Factor 15

- In 2001 IBM demonstrated Shor’s Algorithm and factored 15 into 3 and 5
- NMR implementation with 7 qubits
- pentafluorobutadienylcyclopentadienyldicarbonyl-iron complex (C11H5F5O2Fe)

DWave

- Superconducting processors
- Adiabatic quantum algorithms
- Solving Quantum Unconstrained Binary Optimization problems (QUBO is in NP)

Future proof cryptography

Quantum Key Distribution

- Quantum communication channel
- Single photon, entangled photon pair
- Preparation
- Alice prepares a state, sends to Bob, measures
- Entanglement
- Alice and Bob each receive half the pair, measure

Non-Orthogonal Bases

- Complementary bases
- Basis A: { |0>, |1> }
- Basis B: { |+>, |-> }
- Indistinguishable transmission states
- |+> = 0.5 |0> + 0.5 |1>
- |-> = 0.5 |0> - 0.5 |1>
- Random choice of en-de-coding bases
- Succeeds ~ p = 0.5

True Random Number Generation

- Quantum mechanics at < atomic scale
- Shot noise
- Nuclear decay
- Optics
- Thermal noise
- Resistor heat
- Avalanche/Zener diode breakdown noise
- Atmospheric noise

EPR

- Einstein, Podolsky, Rosen (1935)
- Entangled qubits
- Violation of Bell Inequality

BB84

- Charles A Bennett, Gilles Brassard (1984)
- Single photon source, polarization
- One way, Alice prepares sends to Bob
- Psi encoded as random bits a, random bases b
- Bob measures
- Decoded in random bases b’
- 50% successfully measured bits a’ = a
- Measurement bases are shared publicly
- Throw away a, a’ for b != b’

E91

- Artur Ekert (1991)
- Entangled photon source
- Perfect correlation, 100% a = a’ if b = b’
- Non-locality, > 50% a <--> a’
- Eve measurement reduces correlation

B92

- Charles A. Bennett (1992)
- Dim signal pulse, bright reference pulse
- Maintains phase with a single qubit transmitted
- Bases: rectilinear, circular
- P0 = 1 - |u1><u1|
- P0 |u0> = 1 ; p= 1 - |< u0 | u1 >|2 > 0
- P0 |u1> = 0
- P1 = 1 - |u0><u0|
- P1 |u0> = 0
- P1 |u1> = 1 ; p= 1 - |< u0 | u1 >|2 > 0
- Throw away measurements != 1

SARG04

- Scarani et. al. (2004)
- Attenuated laser pulses

Information Reconciliation

- 1992 Bennett, Bessette, Brassard, Salvail, Smolin
- Cascade protocol, repititious
- Compare block parity bits
- Odd 1 count: parity = 1; even 1 count transmitted
- Even 1 count: parity = 0; even 1 count transmitted
- Two-out-of-five code
- Every transmission has two 1s and three 0s
- Hamming codes
- Additional bits used to identify and correct errors

Privacy Amplification

- Shortened key length
- Universal hash function
- Range r
- Collision probability p < 1/r

Attacks

Intercept and Resend

- Eve measures the qubit in basis b’’
- 50% probability of correct measurement
- Eve sends to a’’ Bob
- 25% probability of correct measurement
- Probability of detection
- P = 1 – (0.75)n
- 99% in n = 16 bits

Security Proofs

- BB84 is proven unconditionally secure against unlimited resources, provided that:
- Eve cannot access Alice and Bob\'s encoding and decoding devices
- The random number generators used by Alice and Bob must be trusted and truly random
- The classical communication channel must be authenticated using an unconditionally secure authentication scheme

Man in the Middle

- Senders and recipients are indistinguishable on public channels
- Eve could pose as Bob
- Receiving some large portion of messages
- Responding promptly, at least before Bob
- Wegman-Carter authentication
- Alice and Bob share a secret key

Photon Number Splitting

- No true single photon sources
- Attenuated laser pulses
- Some small number of photons per pulse, i.e. 0.1
- If > 1 photon are present, splitting can occur without detection during reconciliation
- A secure key is still possible, but requires additional privacy amplification

Hacking

- Gain access to security equipment
- Foil random number generation
- Plant Trojan horse
- Faked state attack
- Eve - actively quenched detector module
- Phase remapping attack
- Move from { |0>, |1>, |+>, |-> } to { |0>, |δ/2>, |δ>, |3δ/2> }
- Time-shift attack
- Demonstrated to have ~ 4% mutual information gathered from the idQuantique ID-500 QKD

Denial of Service

- Stop Alice and Bob from communicating
- Via Classical channel(s)
- Via Quantum channel(s)
- Physically block transmissions
- Introduce large volume of errors

Commercially available devices

MagiQ – QPN 8505

- “Any sufficiently advanced technology is indistinguishable from magic.” –Arthur C Clarke
- Transmits qubit polarization over optical fiber
- 256 bit AES; 1,000 keys per second
- 140 km range, more with repeaters

idQuantique – Cerberis, Centauris

- Transmits qubit phase over optical fiber
- High speed layer 2 encryption
- 256 bit AES; 12 key-devices per minute, 100 km range

SmartQuantum – KeyGen, Defender

- Generate and distribute secret keys over quantum channel
- Use classical encryption and communication

Quintessence Labs

- G2 QKD
- Continuous variable brightness laser beams
- Cheaper than SPS
- Dense wavelength division multiplexing
- Erbium doped fiber amplifiers ~ 1550 nm

BBN Technologies

- DARPA QNet
- Fully operational October 23, 2003
- Harvard University
- Boston University
- BBN Technologies
- QKD
- Weak coherence
- 5 MHz pulse rate
- 0.1 mean photons/pulse

Download Presentation

Connecting to Server..