1 / 40

Public-Key Cryptography: Ensuring Secure Communication

Explore the concept of public-key cryptography and its applications in ensuring privacy, integrity, and non-repudiation in communication. Learn about modern symmetric ciphers and the RSA algorithm.

leekatherine
Download Presentation

Public-Key Cryptography: Ensuring Secure Communication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Class 36: Public-Key Cryptography • A billion billion is a large number, but it's not that large a number. • Whitfield Diffie David Evans http://www.cs.virginia.edu/evans CS200: Computer Science University of Virginia Computer Science

  2. Last Time • How to store securely • Store the hash of the password • One-way, collision resistant hashing function (e.g., md5) • Check the hash of the entered password matches the stored hash • The password is transmitted over the Internet CS200 Spring 2003

  3. Sending Passwords Encrypt The Internet User Server CS200 Spring 2003

  4. The Internet Ciphertext Encrypt Decrypt Plaintext Plaintext K K User C = EncryptK (P) P = DecryptK (C) Server CS200 Spring 2003

  5. Lorenz Cipher From http://www.codesandciphers.org.uk/lorenz/fish.htm CS200 Spring 2003

  6. Modern Symmetric Ciphers A billion billion is a large number, but it's not that large a number.— Whitfield Diffie • Same idea but: • Use digital logic instead of mechanical rotors • Larger keys • Encrypt blocks of letters at a time CS200 Spring 2003

  7. Modern Ciphers • AES (Rijndael) successor to DES selected 2001 • 128-bit keys, encrypt 128-bit blocks • Brute force attack • Try 1 Trillion keys per second • Would take 10790283070806000000 years to try all keys! • If that’s not enough, can use 256-bit key • No known techniques that do better than brute force search CS200 Spring 2003

  8. The Internet Ciphertext Encrypt Decrypt Plaintext Plaintext K K User Server How do User and Server agree on K (without sending it over the Internet)? CS200 Spring 2003

  9. Padlocked Boxes Hi! Alice CS200 Spring 2003

  10. Alice’s Padlock Alice’s Padlock Key Padlocked Boxes Hi! Alice CS200 Spring 2003

  11. Shady Sammy’s Slimy Shipping Service Padlocked Boxes Alice Alice’s Padlock Key CS200 Spring 2003

  12. Bob’s Padlock Bob’s Padlock Key Padlocked Boxes Alice Hi! Bob Alice’s Padlock Key CS200 Spring 2003

  13. Bob’s Padlock Key Padlocked Boxes Hi! Alice Bob Alice’s Padlock Key CS200 Spring 2003

  14. Bob’s Padlock Key Padlocked Boxes Hi! Alice Bob Alice’s Padlock Key CS200 Spring 2003

  15. Padlocked Boxes Alice Hi! Bob Bob’s Padlock Key CS200 Spring 2003

  16. Padlocked Boxes Hi! Alice Hi! Bob Bob’s Padlock Key CS200 Spring 2003

  17. Asymmetric Cryptosystems • Encryption and Decryption are done with different keys • Keep one of the keys secret, reveal the other EKRA (EKUA (M)) = M Alice’s Public Key: KUA Alice’s Private Key: KRA Only KRA can decrypt a message encrypted using KUA. CS200 Spring 2003

  18. Course Evaluations • SEAS Official Course Evaluation • Generic questions – not useful for improving courses or teaching • Administrators read results to decide if CS200 should be offered again (it is not a real course yet) and if I should be fired • I also read them, and make them available on the web to future students • CS200 Course Improvement Survey • Specific questions to help me improve course (if it is offered again, see SEAS survey) CS200 Spring 2003

  19. Transparencies • If you have a laptop, its easy • If not, you will probably need to resize the image to make it line up (all the CRT monitors are slightly different sizes) • Should see a 3 letter passphrase (only the first 2 letters are checked, hard to see 3rd) • If you can’t see it, click “Give Up” to go straight to the survey CS200 Spring 2003

  20. Remember your Course Pledge I will provide useful feedback. I realize this is an evolving course and it is important that I let the course staff know what they need to improve the course. I will not wait until the end of the course to make the course staff aware of any problems. I will provide feedback either anonymously (using the course feedback form) or by contacting the course staff directly. I will fill out all course evaluation surveys honestly and thoroughly. CS200 Spring 2003

  21. Asymmetric Cryptosystems • Encryption and Decryption are done with different keys • Keep one of the keys secret, reveal the other EKRA (EKUA (M)) = M Alice’s Public Key: KUA Alice’s Private Key: KRA Only KRA can decrypt a message encrypted using KUA. CS200 Spring 2003

  22. Public-Key Applications: Privacy Bob Alice • Alice encrypts message to Bob using Bob’s Private Key • Only Bob knows Bob’s Private Key only Bob can decrypt message Decrypt Ciphertext Encrypt Plaintext Plaintext Bob’s Public Key Bob’s Private Key CS200 Spring 2003

  23. Signatures Bob Alice Signed Message Decrypt Encrypt • Bob knows it was from Alice, since only Alice knows Alice’s Private Key • Non-repudiation: Alice can’t deny signing message (except by claiming her key was stolen!) • Integrity: Bob can’t change message (doesn’t know Alice’s Private Key) Plaintext Plaintext Alice’s Public Key Alice’s Private Key CS200 Spring 2003

  24. Asymmetric Cryptosystems • Need a hard problem (like symmetric cryptosystems) • With a trap door: if you know a secret, the hard problem becomes easy CS200 Spring 2003

  25. RSA[Rivest, Shamir, Adelman 78] E(M) = Me mod n Public key (e, n) D(C) = Cd mod n Private key d e, d and n chosen so Med mod n = M D(E(M)) = E(D(M)) = M CS200 Spring 2003

  26. Choosing e, d, n Choose 2 secret primespandq n = pq ed  1 mod (p – 1)(q – 1) Depends on number theory theorems of Euler and Fermat Finding d is easy if you know p and q, but hard if you don’t. CS200 Spring 2003

  27. Security of RSA • n is public, but not p and q where n = pq • If we can find p and q, easy to find d (private key) n is ~200 digits – would take quintillions of years Factoring is probably NP-Complete (but not proven to be) CS200 Spring 2003

  28. The Internet Ciphertext Encrypt Decrypt Plaintext Plaintext KUS KRS User Server Public Key Private Key How does User know the public key to use? CS200 Spring 2003

  29. Key Management CS200 Spring 2003

  30. Approach 1: Meet Secretly • User and Server Operator meet secretly and swap public keys • If you can do that, might as well agree on a secret (symmetric key) instead • Doesn’t work for Internet transactions CS200 Spring 2003

  31. Approach 2: Public Announcement • Publish public keys in a public forum • Append to email messages • Post on web site • New York Time classifieds • Easy for rogue to pretend to be someone else • Forge email, alter web site, lie to New York Times CS200 Spring 2003

  32. Approach 3: Public Directory • Trusted authority maintains directory mapping names to public keys • Entities register public keys with authority in some secure way • Authority publishes directory • Print using watermarked paper, special fonts, etc. • Allow secure electronic access • Depends on secure distribution of directory’s key CS200 Spring 2003

  33. KUS CS = EKRVeriSign[“Server”, KUS] Request CS Approach 4: Certificates VeriSign $$$$ User Server EKUVeriSign (CS) = [“Server”, KUS] Knows KRS CS200 Spring 2003

  34. KRCA[Server Identity, KUS] KUS[K] Secure channel using K SSL (Secure Sockets Layer) Server Browser Hello Check Certificate using KUCA Pick random K Find K using KRS CS200 Spring 2003

  35. Data encrypted using secret key exchanged using some public key associated with some certificate. CS200 Spring 2003

  36. CS200 Spring 2003

  37. CS200 Spring 2003

  38. CS200 Spring 2003

  39. How do you make yourweb site password form encrypt its input? https:// http:// CS200 Spring 2003

  40. Charge • Remember to do the course evaluations • Don’t count on the SEAS site being up right until the last minute • Friday: Secret of Life • Monday: PS8 Presentations • No more than 5 minutes for teams of 3 or more, 3 minutes for 2 or less (strictly enforced) • There will be token prizes for the most impressive, best contribution and best presentation CS200 Spring 2003

More Related