Loading in 5 sec....

The Secrets of Keeping SecretsPowerPoint Presentation

The Secrets of Keeping Secrets

- 207 Views
- Uploaded on

Download Presentation
## PowerPoint Slideshow about 'The Secrets of Keeping Secrets' - jethro

**An Image/Link below is provided (as is) to download presentation**

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Crypto—ASCII style

- ASCII represents 27 bits (128) which can represent all of the English alphabet plus punctuation
- A = 1000001
- a = 1100001

- Because ASCII uses bits to represent letters, it’s a kind of cypher

Transposition Cipher

- One of the simplest transposition ciphers substitutes the first and second digits and the third and forth digits
- Megan
- ASCII— 1001101 1100101 1100111 1100001 1101110
- Cypher— 0110101 0011101 0011111 0011001 0010110

- 5 ) 1 % “

Key-Based Algorithm

The security of key-based algorithms is based on the secrecy of the algorithm, the key(s), or both

4DokTETykx

LwQB/9JZe

7eCzXW

9iYVNOT

HWjioKOI

Dear Cindy,

You are so

beautiful!

Private Key Cryptosystem(Symmetric)Same Encryption Key

ANQR1DBw

4DokTETykx

LwQB/9JZe

7eCzXW

9iYVNOT

HWjioKOI

Dear Cindy,

You are so

beautiful!

Cypher Text

Cypher Text

Clear Text

Clear Text

Modified Substitution Cipher

- Message = COOL
- In ASCII
- Key = MEGAN
- Ciphertext

Key longer than message is okay

1000010100111110011111001100

01101010011101001111100110010010110

1110111101001010100001010101

Whitfield Diffie

- Interested (obsessed!) with the key distribution problem
- Imagined two strangers meeting on the net—wondered how they would send secret messages

Martin Hellman

- Was reluctant to even talk to Diffie
- Eventually became Diffie’s crypto-partner
- Solved the key exchange problem

Cryptography: Algorithms and Keys

- A method of encryption and decryption is called a cipher
- Generally there are two related functions
- Encryption
- Decryption

- All modern algorithms use a key to control encryption and decryption
- Encryption key may be different from decryption key

Postman

Why the Postal Example Won’t Work

- Alice’s key
- abcdefghijklmnopqrstuvwxyz
- EDIRCTOYNUWAPFLMBGJZHKQXVS

- Bob’s key
- Abcdefghijklmnopqrstuvwxyz
- ZNAMSREVILYUCKOGJTBWDXQHPF

- Message lost my hotel key
- Encrypted with Alice’s key ALJZ PV YLZCA WCV
- Encrypted with Bob’s key UOBW CP VOWSU YSP
- Decrypted with Alice’s key HLDQ IM KLQJH VJM
- Decrypted with Bob’s key VUMJ IC YUJLV XLC

One-Way Functions

- Diffie and Hellman were not interested in two-way functions, only solving the problem with one-way functions
- Because they could imagine the postal example, there MUST be a solution

k

Types of AlgorithmsSymmetric (Encryption)Bob

Alice

Enck

sender

receiver

encryption

decryption

M ciphertext

ciphertext M

Deck

One-Way Function

Demonstration

8 + 31 (mod 12) = 3

Diffie/Hellman Key Exchange Technique

Demonstration

29

7N mod (98219)

7N mod (98219)

729 mod (98219) = 75149

756 mod (98219) = 67665

67665

75149

6766529 mod (98219)

7514956 mod (98219)

40912

40912

A Mathematical Genius?!

- Whitfield Diffie is best known for his 1975 discovery of the concept of Public Key Cryptography

Rivest ShamirAdleman

privkey

M ciphertext

ciphertext M

Encpubkey

Decprivkey

Types of AlgorithmsPublic Key (Asymmetric Encryption)sender

receiver

decryption

encryption

pubkey

privkey

Types of AlgorithmsPublic Key (Asymmetric Encryption)

sender

receiver

decryption

encryption

M ciphertext

ciphertext

Encpubkey

Dec

pubkey

pubkey

pubkey

privkey

Types of AlgorithmsPublic Key (Asymmetric Encryption)

sender

receiver

encryption

M ciphertext

decryption

Encpubkey

ciphertext TRASH!

Dec

pubkey

Encryption and Decryption

M is the message, E is encryption, C is Ciphertext, D is decryption

C

M

M

D

E

The following identity must hold true

D(C) = M, where C = E(M)

Secret Key Cryptography

K

K

C

M

M

S

R

D

E

K is the secret key shared by both the

sender (S) and receiver (R)

Symmetric Encryption

Public Key Cryptography

KR(pub)

KR(pri)

C

M

M

S

R

D

E

KR(pub) is Receiver’s public key and KR(pri) is Receiver’s private key

Asymmetric Encryption

- RSA works by using a mathematical function that is (comparatively) easy to compute while encrypting, but very difficult to reverse without knowing the private key
- RSA works by selecting two large prime numbers

RSA Key Generation

- Pick large random primes p,q
- Let p*q = n and =(p-1)(q-1)
- Choose a random number e such that: 1<e< and gcd(e, )=1 (relative primes)
- Calculate the unique number d such that 1<d< and d*e 1 (mod ) (d is inverse of e)
- The public key is {e,n} and the private key is {d,n}
- The factors p and q may be kept private or destroyed

Pierre de Fermat

- Discovered that—if you use a prime number for the modulus, then raising a number to the power (prime-1) is always 1
- m(p-1) mod p = 1
- According to Fermat, this works with any prime number p and any positive m that’s less than p, therefore
1 < m < p

- What is 710 mod 11

The answer is 1

Leonhard Euler (pronounced “Oiler”)

- Discovered Fermat’s relationship held true when using the product of two primes as the modulus
- n = pq
- m(p-1)(q-1) mod n = 1
- Works so long as p and q are relative prime to one another

- If p = 11 and q=5, what is [m(p-1)(q-1) mod 55] ?

RSA Key Generation

- Pick large random primes p,q
- p = 5, q = 11

- Let p*q = n and =(p-1)(q-1)
- The encrypting modulus n = pq = 55
- = (p-1)(q-1) = (4)(10) = 40

- + 1 = e * d(we’re looking for both e and d)
- 41 = e * d (but no two number multiplied together equal 41)
- 41 is prime but, using modular math — 41 becomes 1 mod 40
- e * d = 1 mod 40

RSA Key Generation

- We’ll use 3 for e
- 3 * d = 1 mod 40
- Using Extended Euclidian algorithm, d = 27

Encrypting Using RSA (Review)

- Step 1: generate two prime numbers, p and q
- Step 2: Combine the primes n=pq
- Step 3: Combine the primes another way, =(p-1)(q-1)
- Step 4: Using , generate a key pair, e and d
- Step 5: Using e, d, and n, encrypt and decrypt

RSA Mechanical Overview

- Basically
- Alice: me mod n → c
- Bob: cd mod n → m

Encrypting/Decrypting, Step—by—Step

- Lets encrypt the letter “G” (for Gary)
- For simplicity sake, we’ll represent “g” as 7, the 7th letter of the alphabet

- So, 7public key * encrypting modulus
- 73 * mod 55 = 13

- To decrypt, 13private key * encrypting modulus
- 1327 * mod 55 = 7

Gary J Porter’s PGP Public Key

-----BEGIN PGP PUBLIC KEY BLOCK-----

Version: PGP Personal Security 7.0.3

mQGiBDtsK/URBAD+OujjPRvMu22fq9T78fRA2ijOzzKH9HeXHZ81x8C3D/wJF7ea

1ToD42sk6kV6+fcI2JGV4YrApXkzu7TfmU8T5eUxPsk4YY7q4ZP7JCmTVwPWeROJ

ZH6QHjyBQUm792trCFbmuOl+t5PjY8TZwBBo4Hrm/kvgex+OfqzZEi4hlwCg/2YV

HCcvjAKa/tfDgaq9ei9NZW8D/0WiVnOqZUSqlBfG69oi0PGWtRXiJqIKsZj6Ljtw

qtxk3W5G+BqWOcI+Az3m2pGoaXzlz7z9n1iDx0ZufNzLu38/wh9FZe86817V9Y8X

jvSTf0UY/T7+BbMNF1OquUz9BaSis+a6tvsoF1Ya/657IkLhCO4CEHOc+eggFtkV

r+0eBACfHMZ4x5dxj+YtOV5eN5gxQcyjAB2NFBj+GFnBV2wezX3D6TaHpx3VwEZh

AHDeSLySoRs6bmhmd16mVdsgE/u5Em49Sc1Y59WzJGwfKAis6hHhDt4Htyhum281

impMbkEZAxIgbQplWoUivxk8LwuLjMfrfdq0+WWeLF4fJUGWBLQkR2FyeSBKIFBv

cnRlciA8cG9ydGVyQGRpZ2l0YWxtZS5jb20+iQBYBBARAgAYBQI7bCv1CAsDCQgH

AgEKAhkBBRsDAAAAAAoJENkIAq1B47uW7F8AoNfRgtp+9IYs/gpcLxT8XVlul54f

AKDH6bA2D4CR2l1sxW71RFIWEMX+CrkCDQQ7bCv1EAgA9kJXtwh/CBdyorrWqULz

Bej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHT

UPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq

01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O

9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcK

ctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TIL

OwACAggA7WTvMQ0WgywmeT2+ZdQTio1UvBtkLZTV5PBTWLnMXhSAL+JIY2D4xnP4

Coh+Mf2PuZ6c4IxpFVF/ywnekW2wX53qqWV0tjbTcbQ7lwkg276hQPUOfWU7UaZn

cyxFznRPc2OiO6SpzIpcVHY1nJ8uLOvhSTU67vTOonNri5zlR/ev91SPK1azTjtQ

W7jqb+v2z72Lxh/BgtDiFld8cXMmbHYdjZ9cPpW0JsKZ+tBwl2SsJXtopst4PYmw

2hoLYA0DS+Q0X8OIxROLxQXqinEaKhjP+s6XU+q9x85McR9mT8HaCdliE1W0yToL

2dLHnwEKBBDN5vLi8+SnHjTRNU/b7IkATAQYEQIADAUCO2wr9QUbDAAAAAAKCRDZ

CAKtQeO7luHBAJ45z2IW9D0g/2pZVSHFwzTsDOob3QCg+6rozdE+M57CTDNQE5Ay

uoxxTWE=

=DeGR

-----END PGP PUBLIC KEY BLOCK-----

Novell International Cryptographic Infrastructure (NICI)

- NICI is a layered, hierarchical infrastructure which divides cryptographic functionality among three distinct layers
- NICI is a modular architecture that allows new cryptographic algorithms to be added without bringing the server down
- NICI modules are cryptographically signed for protection and for module authentication
- When government regulations concerning the use and exportation of cryptography change, only NICI needs to change to support the new regulations
- NICI provides an API set that offers a consistent interface for application developers to use and deploy cryptography within their applications

NICI Architecture

CCS API

XSUP

XMGR

XLIB

XENG

XIM

XSUP – Cryptography Library

XENG – Cryptography Manager

XMGR – Cryptography Engine

XLIB - Cryptography Engine Support

XIM - Cryptography Interface Manager

NICI—Novell International Cryptographic Infrastructure

Download Presentation

Connecting to Server..