Information security
Download
1 / 46

information security - PowerPoint PPT Presentation


  • 210 Views
  • Updated On :

Information Security. Methods and Practices in Classical and Quantum Regimes. Cryptography. What’s that mean? Kryptos : hidden, secret Gráphō : to write What does it do? Encryption: plaintext  ciphertext Decryption: ciphertext  plaintext Why would you want that? Confidentiality

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'information security' - arleen


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Information security l.jpg

Information Security

Methods and Practices in

Classical and Quantum Regimes


Cryptography l.jpg
Cryptography

  • What’s that mean?

    • Kryptos: hidden, secret

    • Gráphō: to write

  • What does it do?

    • Encryption: plaintext  ciphertext

    • Decryption: ciphertext  plaintext

  • Why would you want that?

    • Confidentiality

    • Integrity, authentication, signing, interactive proofs, secure multi-party computation


Cryptology cryptanalysis cryptolinguistics l.jpg
Cryptology, Cryptanalysis, Cryptolinguistics

  • Frequency analysis

  • Brute force

  • Differential

  • Integral

  • Impossible differential

  • Boomerang

  • Mod n

  • Related key

  • Slide

  • Timing

  • XSL

  • Linear

  • Multiple linear

  • Davies’ attack

  • Improved Davies’ attack


Demands for resilient crypto l.jpg
Demands for resilient crypto

  • AugusteKerckhoff’s principle

    • Cipher practically indecipherable

    • Cipher and keys not required to be secret

    • Key communicable and retainable

    • Applicable to telegraphic communication

    • Portable and human effort efficient

    • Easy to use

  • Bruce Shneier

    • “Secrecy … is a prime cause of brittleness… Conversely, openness provides ductility.”

  • Eric Raymond

    • “Any security software design that doesn't assume the enemy possesses the source code is already untrustworthy; therefore, *never trust closed source.”

  • Shannon’s maxim

    • “The enemy knows the system.”


Classical regime l.jpg

Classical Regime

Written language text


Transposition l.jpg
Transposition

  • Exchange the position of two symbols in the text

  • Like an anagram

  • Scytale

E.g. text  cipher

Hello world!  eHll oowlr!d


Substitution l.jpg
Substitution

  • Systematically exchange a symbol in the text with another symbol

  • Caesar cipher, EXCESS-3

E.g. text  cipher

Aabcd  Ddefg


Poly alphabetic substitution l.jpg
Poly-Alphabetic Substitution

  • Repeated and dynamic substitution(s)

  • Wehrmacht Enigma

  • Series of rotors


One time pad l.jpg
One Time Pad

  • Perfect secrecy

    • Coined by Shannon

    • H(M) = H(M|C)

  • Requirements

    • Perfect randomness

    • Secure key generation and exchange

    • Careful adherence to process


Classical regime10 l.jpg

Classical Regime

Binary bit sequence


Secret key crypto l.jpg
Secret Key Crypto

  • Perfect secrecy

    • Coined by Shannon

    • H(M) = H(M|C)

  • Requirements

    • Perfect randomness

    • Secure key generation and exchange

    • Careful adherence to process


Symmetric key crypto l.jpg
Symmetric Key Crypto

  • The same (or similar) key

    • For both encryption and decryption

  • Data Encryption Standard

    • 56 bit key

    • Feistel network

    • Broken in 1999 in 22 hours 15 minutes by Deep Crack

  • Triple-DES

    • 56 bit keys (3 unique)

    • en-de-en-crypt

  • Advanced Encryption Standard (Rijndael)

    • 128-192-256 bit keys

    • Substitution permutation network


Feistel network l.jpg
Feistel Network

  • Expansion

  • Key mixing

  • Substitution

  • Permutation


Substitution permutation network l.jpg
Substitution Permutation Network

  • Substitution

    • 1/n input change  1/2 output change

    • confusion

  • Permutation

    • mix up inputs

    • diffusion

  • Round keys


Public key crypto l.jpg
Public Key Crypto

  • Asymmetric keys

    • public and private

  • No secret key

  • Multiple use

  • TLS, SSL, PGP, GPG, digital signatures


Slide16 l.jpg
RSA

  • Ron Rivest, Adi Shamir, Leonard Adleman; 1978

  • Key generation

    • Pick two distinct, large prime numbers: p, q

    • Compute their product: n = pq

    • Compute its totient: phi = (p-1)(q-1)

    • Pick a public key exponent: 1 < e < phi, e and phi coprime

    • Compute private key exponent: de = 1 (mod phi)

  • Encryption

    • Forward padding

    • Cipher = text ^ e (mod n)

      • Exponentiation by squaring

  • Decryption

    • Text = cipher ^ d (mod n)

      • = text ^ de (mod n) = text ^ (1+k*phi) (mod n) = text (mod n)

    • Reverse padding


Hybrid crypto l.jpg
Hybrid Crypto

  • Diffe-Hellman key exchange

  • Alice and Bob agree on a finite cyclic group G (Multiplicative group of integers mod p)

    • Period p, prime number

    • Base g, primitive root mod p

  • Alice picks a random natural number a and sends gamod p to Bob.

  • Bob picks a random natural number b and sends gbmod p to Alice.

  • Alice computes (gb mod p)a mod p

  • Bob computes (ga mod p)b mod p

  • Both know gab mod p = gba mod p


Quantum regime l.jpg

Quantum Regime

Breaking classical crypto


Peter shor s factorization algorithm l.jpg
Peter Shor’s Factorization Algorithm

  • Polynomial time in log N: O( (log N)3 )

  • Polynomial gates in log N: O( (log N)2 )

  • Complexity class Bounded-Error Quantum Polynomial (BQP)

  • Transform from to periodicity

    • Pick 1 < r < N: ar = 1 mod N

    • ar -1 = (ar/2 +1)(ar/2 -1) = 0 mod N

    • N = (ar/2 +1)(ar/2 -1) = pq

  • Quantum Fourier Transform

    • Map x-space to ω-space

    • Measure with 1/r2 probability


Factor 15 l.jpg
Factor 15

  • In 2001 IBM demonstrated Shor’s Algorithm and factored 15 into 3 and 5

  • NMR implementation with 7 qubits

  • pentafluorobutadienylcyclopentadienyldicarbonyl-iron complex (C11H5F5O2Fe)


Dwave l.jpg
DWave

  • Superconducting processors

  • Adiabatic quantum algorithms

  • Solving Quantum Unconstrained Binary Optimization problems (QUBO is in NP)


Quantum regime22 l.jpg

Quantum Regime

Future proof cryptography


Quantum key distribution l.jpg
Quantum Key Distribution

  • Quantum communication channel

    • Single photon, entangled photon pair

  • Preparation

    • Alice prepares a state, sends to Bob, measures

  • Entanglement

    • Alice and Bob each receive half the pair, measure


Non orthogonal bases l.jpg
Non-Orthogonal Bases

  • Complementary bases

    • Basis A: { |0>, |1> }

    • Basis B: { |+>, |-> }

  • Indistinguishable transmission states

    • |+> = 0.5 |0> + 0.5 |1>

    • |-> = 0.5 |0> - 0.5 |1>

  • Random choice of en-de-coding bases

    • Succeeds ~ p = 0.5


True random number generation l.jpg
True Random Number Generation

  • Quantum mechanics at < atomic scale

    • Shot noise

    • Nuclear decay

    • Optics

  • Thermal noise

    • Resistor heat

    • Avalanche/Zener diode breakdown noise

    • Atmospheric noise


Slide26 l.jpg
EPR

  • Einstein, Podolsky, Rosen (1935)

  • Entangled qubits

  • Violation of Bell Inequality


Slide27 l.jpg
BB84

  • Charles A Bennett, Gilles Brassard (1984)

  • Single photon source, polarization

  • One way, Alice prepares sends to Bob

    • Psi encoded as random bits a, random bases b

  • Bob measures

    • Decoded in random bases b’

    • 50% successfully measured bits a’ = a

  • Measurement bases are shared publicly

    • Throw away a, a’ for b != b’


Slide28 l.jpg
E91

  • Artur Ekert (1991)

  • Entangled photon source

    • Perfect correlation, 100% a = a’ if b = b’

    • Non-locality, > 50% a <--> a’

    • Eve measurement reduces correlation


Slide29 l.jpg
B92

  • Charles A. Bennett (1992)

  • Dim signal pulse, bright reference pulse

    • Maintains phase with a single qubit transmitted

  • Bases: rectilinear, circular

    • P0 = 1 - |u1><u1|

      • P0 |u0> = 1 ; p= 1 - |< u0 | u1 >|2 > 0

      • P0 |u1> = 0

    • P1 = 1 - |u0><u0|

      • P1 |u0> = 0

      • P1 |u1> = 1 ; p= 1 - |< u0 | u1 >|2 > 0

  • Throw away measurements != 1


Sarg04 l.jpg
SARG04

  • Scarani et. al. (2004)

  • Attenuated laser pulses


Information reconciliation l.jpg
Information Reconciliation

  • 1992 Bennett, Bessette, Brassard, Salvail, Smolin

  • Cascade protocol, repititious

  • Compare block parity bits

    • Odd 1 count: parity = 1; even 1 count transmitted

    • Even 1 count: parity = 0; even 1 count transmitted

  • Two-out-of-five code

    • Every transmission has two 1s and three 0s

  • Hamming codes

    • Additional bits used to identify and correct errors


Privacy amplification l.jpg
Privacy Amplification

  • Shortened key length

  • Universal hash function

    • Range r

    • Collision probability p < 1/r



Intercept and resend l.jpg
Intercept and Resend

  • Eve measures the qubit in basis b’’

    • 50% probability of correct measurement

  • Eve sends to a’’ Bob

    • 25% probability of correct measurement

  • Probability of detection

    • P = 1 – (0.75)n

    • 99% in n = 16 bits


Security proofs l.jpg
Security Proofs

  • BB84 is proven unconditionally secure against unlimited resources, provided that:

    • Eve cannot access Alice and Bob's encoding and decoding devices

    • The random number generators used by Alice and Bob must be trusted and truly random

    • The classical communication channel must be authenticated using an unconditionally secure authentication scheme


Man in the middle l.jpg
Man in the Middle

  • Senders and recipients are indistinguishable on public channels

  • Eve could pose as Bob

    • Receiving some large portion of messages

    • Responding promptly, at least before Bob

  • Wegman-Carter authentication

    • Alice and Bob share a secret key


Photon number splitting l.jpg
Photon Number Splitting

  • No true single photon sources

  • Attenuated laser pulses

    • Some small number of photons per pulse, i.e. 0.1

  • If > 1 photon are present, splitting can occur without detection during reconciliation

  • A secure key is still possible, but requires additional privacy amplification


Hacking l.jpg
Hacking

  • Gain access to security equipment

    • Foil random number generation

    • Plant Trojan horse

  • Faked state attack

    • Eve - actively quenched detector module

  • Phase remapping attack

    • Move from { |0>, |1>, |+>, |-> } to { |0>, |δ/2>, |δ>, |3δ/2> }

  • Time-shift attack

    • Demonstrated to have ~ 4% mutual information gathered from the idQuantique ID-500 QKD


Denial of service l.jpg
Denial of Service

  • Stop Alice and Bob from communicating

    • Via Classical channel(s)

    • Via Quantum channel(s)

  • Physically block transmissions

  • Introduce large volume of errors


Quantum regime40 l.jpg

Quantum Regime

Commercially available devices


Magiq qpn 8505 l.jpg
MagiQ – QPN 8505

  • “Any sufficiently advanced technology is indistinguishable from magic.” –Arthur C Clarke

  • Transmits qubit polarization over optical fiber

  • 256 bit AES; 1,000 keys per second

  • 140 km range, more with repeaters


Idquantique cerberis centauris l.jpg
idQuantique – Cerberis, Centauris

  • Transmits qubit phase over optical fiber

  • High speed layer 2 encryption

  • 256 bit AES; 12 key-devices per minute, 100 km range


Smartquantum keygen defender l.jpg
SmartQuantum – KeyGen, Defender

  • Generate and distribute secret keys over quantum channel

  • Use classical encryption and communication


Quintessence labs l.jpg
Quintessence Labs

  • G2 QKD

  • Continuous variable brightness laser beams

    • Cheaper than SPS

  • Dense wavelength division multiplexing

    • Erbium doped fiber amplifiers ~ 1550 nm


Bbn technologies l.jpg
BBN Technologies

  • DARPA QNet

    • Fully operational October 23, 2003

    • Harvard University

    • Boston University

    • BBN Technologies

  • QKD

    • Weak coherence

    • 5 MHz pulse rate

    • 0.1 mean photons/pulse


John krah university of washington physics department l.jpg

John Krah

University of Washington

Physics Department


ad