1 / 42
Download Presentation

Digital Signatures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Digital Signatures

  2. Anononymity and the Internet

  3. Potential For Mischief

  4. Potential For Mischief

  5. Dilemma • Need encryption for security • Encryption needs shared key

  6. Dilemma • Need encryption for security • Encryption needs shared key • Diffie Hellman produces shared key

  7. Dilemma • Need encryption for security • Encryption needs shared key • Diffie Hellman produces key • But with who???

  8. Symmetric Cryptography • Traditional cryptography • Same secret encrypts and decrypts:Shift by three lettersXOR with bits

  9. Asymmetric Cryptography • Symmetric cryptography:Key for encoding same as key for decoding • Shift three letters

  10. Asymmetric Cryptography • Asymmetric cryptography:Key for encoding different than for decoding

  11. Asymmetric Cryptography • Keys work in both directions

  12. Asymmetric Cryptography • You can't unlock with key used to lock

  13. Public/Private Keys • Make an A/B pair of asymmetric keys • Give one away : Public Key • Keep one secret : Private Key

  14. Private Key • Only owner can lock with private key • Anyone can unlock Message is "Signed"

  15. Public Key • Everyone can lock with public key • Only private key holder can unlock

  16. Key Distribution Problem • How do you get the right public key from Wells Fargo?

  17. Key Distribution Problem • How do you get the right public key from Wells Fargo? Sure, I'm Wells Fargo, here is my public key!!!

  18. Signature Bank • Record of signatures

  19. Authenticating a Key • Official key bank?? Wells Fargo

  20. Can't Trust Internet Bank • Same problem: Key Bank Sure, I'm the key bank, here is Wells Fargo's key!!!

  21. Authenticating a Key • Computers & Browsers come with public keys from Certification Authorities

  22. Authenticating a Key • Browsers come with public keys of known banks called Certification Authorities

  23. Authenticating a Key • Certification Authorities use private key to lock up public keys of other companies "Certificate"

  24. Authenticating a Key • If your computer can open box with Verisign public key you can trust what is inside "Certificate"

  25. Chain Of Trust • Reality may involve chain of locks

  26. Chain Of Trust • Reality may involve chain of locks

  27. Web Security • HTTPS : Secure web connection • Browser asks server for certificated public key • Browser picks shared secret • Encrypts with public key, sends to server

  28. Web Security • HTTPS : Secure web connection • Browser asks server for public key • Browser picks shared secret,encrypts with public key, sendsto server

  29. Asymmetric Math • Use same tricks as Diffie-Hellman: • Exponents • Mod

  30. Asymmetric Math • Possible to pick numbers A, B, C so that:

  31. Asymmetric Math • Example: A = 3, B = 7, C = 22 • Encrypt with A, decrypt with B

  32. Asymmetric Math • Example: A = 3, B = 7, C = 22 • OR encrypt with B, decrypt with A

  33. RSA • How do we pick A, B, C that work together??? • RSA algorithm invented in 1977(Rivest, Shamir, Adelman)

  34. Picking Keys • Start with two prime numbers p, q – multiply to make clock size (C)

  35. Picking Keys • Start with two prime numbers p, q – multiply to make clock size (C) • Pick (A) that will be part of your private key: {A, C}

  36. Picking Keys • Start with two prime numbers p, q – multiply to make clock size (C) • Pick (A) that will be part of your private key: {A, C} • Calculate (B) from p, q and (A). This makes your public key:{B, C}

  37. Picking Keys • Start with two prime numbers p, q – multiply to make clock size (C) • Pick (A) that will be part of your private key: {A, C} • Calculate (B) from p, q and (A). This makes your public key:{B, C} • If anyone figures out p and q they can use B to calculate A !!!

  38. Picking Keys • Start with two prime numbers p, q – multiply to make clock size (C) … • If anyone figures out p and q they can use B to calculate A !!! • To get p and qyou have to factor C

  39. Factoring • Factoring large numbers is hard • But we are getting faster

  40. Factoring • Factoring large numbers is hard • But we are getting faster • Larger keys : 2048 bits (prime numbers with 100's of digits)

  41. Signed Message • Messages can be anything • Data, Other keys • Any attempt to modify encrypted box will mess up the message

  42. Four messages: • I sent four messages "signed" with private key • My public key: exponent 3, clock 34 message = encrypted ^ exponent mod clock • One message was modified, which one is it? • Three should check out, one should not

More Related