- 112 Views
- Uploaded on
- Presentation posted in: General

Growing Up with Alice and Bob: Three Decades with the RSA Cryptosystem

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

**1. **Growing Up with Alice and Bob: Three Decades with the RSA Cryptosystem Burt Kaliski, RSA Security April 7, 2006

**2. **The Vision, c. 1976 Secure communications for everyone, including Alice and Bob:
Confidentiality, integrity, non-repudiation

**3. **The Challenge Alice and Bob don’t have an easy way to set up encryption keys
k2 problem for pairwise keys
Trusted third parties not always mutual

**4. **The Technology: Public-Key Cryptography Diffie and Hellman 1976
What if encryption, decryption keys were different?
Publish one, keep other secret
Alice and Bob can set up keys just by reading a public directory!
Diffie-Hellman key agreement achieved most of the goals
RSA 1977 has the rest – including digital signatures
Contemporaneous work by Merkle, and in classified arena

**5. **RSA Public-Key Cryptosystem Rivest, Shamir, Adleman 1977
Public key = (n, e)
n: modulus, product of two (or more) large random primes p, q
e: public exponent, typically 3, or 65537
Private key = (n, d)
d: private exponent, such that e*d ? 1 mod (p-1)(q-1)
Key observation: Computing private key requires factors of n, and factoring is a hard problem

**6. **RSA Public-Key Cryptosystem (cont’d) Encryption:
c = me mod n
Decryption:
m = cd mod n
Signature:
s = md mod n
Verification:
m =? se mod n

**7. **The Vision, cont’d Secure communications for everyone, including Alice and Bob, via public-key cryptography:

**8. **The Vision, cont’d Secure communications for everyone, including Alice and Bob, via public-key cryptography:

**9. **Other “Characters” in Cryptography
Alice and Bob are joined by several other characters in research papers and books (e.g., Schneier’s Applied Cryptography)

**10. **Lessons Learned along the Road to Commercialization RSA algorithm invented in 1977
Today, the algorithm is in widely implemented
How did we get here? 10 lessons learned along the way.

**11. **#1: Validation
Publication, peer review
RSA Factoring Challenge
RSA Laboratories
Cryptographic technologies can take years to validate

**12. **#2: Partnership
IETF Privacy & Security Research Group
Lotus Notes®
Apple, IBM, Microsoft, Motorola, Novell, Sun, Xerox, …

**13. **#3: Product
Patent license?
Hardware circuit?
Software application?
? Software development toolkit

**14. **#4: Marketing
RSA Conference
Frequently Asked Questions about Today’s Cryptography
RSA Laboratories Seminar Series

**15. **#5: Companion Technologies
Hash functions
Public-key infrastructure
depends on Internet
Desktop computing
depends on Moore’s Law

**16. **RSA Signature Times, over Time (Illustrative)

**17. **#6: Standards
Public-Key Cryptography Standards
PKCS #1: RSA Encryption & Signatures
PKCS #7: Cryptographic Message Syntax
PKCS #11: Cryptographic Token Interface
IETF PKIX, S/MIME

**18. **#7: Competition
Diffie-Hellman algorithm (Cylink)
Digital Signature Standard (NIST & NSA)
Elliptic Curve Cryptography (Certicom)

**19. **#8: Application
Secure e-mail?
Signed documents?
? Encrypted Web transactions: Netscape SSL
only server has a public key, at least initially

**20. **The Vision, Revised Secure communications for everyone via public-key cryptography, server-side first:

**21. **The Vision, Revised Secure communications for everyone via public-key cryptography, server-side first:

**22. **#9: Patience
RC2 and RC4: Exportable ciphers
Actually, the vision is being realized – the original technology was just a catalyst that got things started

**23. **#10: People
R-S-A, especially Ron Rivest – founders
Jim Bidzos – CEO
Addison Fischer – lead investor
Steve Dussé, Jeff Fassett, Ginny Kirkley, Kurt Stammberger, Jeff Thompson, Matt Robshaw, Yiqun Lisa Yin, Coni Garcia, Shari Oto and many more …

**24. **Summary of Lessons Learned Validation
Partnership
Product
Marketing
Companion technologies Standards
Competition
Application
Patience
People

**25. **Timeline 1976: Diffie-Hellman invented
1977: RSA invented
1982: RSA Data Security founded
1983: RSA patent issues
1991: RSA Laboratories launched
1991: PKCS documents published
1991: 1st RSA Conference
1994: Netscape introduces SSL
1995: VeriSign spun out of RSA Data Security
1996: Security Dynamics acquires RSA Data Security
1999: Security Dynamics renamed RSA Security
2000: RSA patent expires
2006: 15th RSA Conference, 1200+ employees, ~50 countries

**26. **Questions?

**27. **Contact Information Burt Kaliski Chief Scientist, RSA Laboratories Vice President of Research, RSA Security [email protected] http://www.rsasecurity.com/rsalabs