1.
English for Comp. Science IIntroduction to CryptographyAmir Neziri & Jurlind Budurushi2/3/2011
2.
Introduction Let’s make the introduction...2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 2
3.
Introduction2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 3
4.
Content History of Cryptography Goals of Cryptography Symmetric Cryptography Message Authentication Codes2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 4
5.
Content Asymmetric Cryptography Public Key Encryption Digital Signatures Digital Certificates Demo(CrypTool)2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 5
6.
History of Cryptography Substitution ciphers: a->Z, b->T, c->E,… Encryption determined by Permutation of alphabet Special case of Caesar Cipher: a->D, b->E, c->F,… Example: amir -> DPMLU2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 6
7.
Goals of Cryptography Confidentially Encryption Integrity MAC / Digital Signatures Authenticity MAC / Digital Signatures Non-Repudiation Digital Signatures Others...2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 7
8.
Symmetric Cryptography The key for encryption and decryption is the same Key exchange problem!!!2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 8
9.
Symmetric Algorithms Stream ciphers Block ciphers Data Encryption Standard (DES) Advanced Encryption Standard (AES) Triple DES (3DES) Blowfish2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 9
10.
Message Authentication Codes (MAC) Allow to test the integrity of a document 3 algorithms: key generation, tagging, verification Verification is usually done by re-computing the MAC2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 10
11.
Asymmetric Cryptography The key for encryption and decryption are different Key exchange problem solved2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 11
12.
Asymmetric Algorithms Rivest, Shamir and Adleman (RSA) Elgamal Chor-Rivest Rabin2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 12
13.
RSA Frist practical asymmetric encryption algorithm proposed by Rivest, Shamir and Adleman Security is based on the intractability of factoring large numbers Slower than symmetric algorithms2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 13
14.
RSA Key generation: Public key: (n, e), Private key: d Encryption: c = Enc(m, e) = m^e mod n, where m is a message Decryption m = Dec(m, d) = c^d mod n2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 14
15.
Public key encryption2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 15
16.
Digital Signatures Allow to test authenticity and integrity of documents Non-repudiation: a third party can be convinced of authenticity2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 16
17.
RSA signatures: “signing by decryption” RSA has a commutative encryption/decryption operations: Enc(Dec(m)) = Dec(Enc(m)) = m, where m := Message Key generation Similar to RSA, public key: (n, e), private key: d Uses a collision-resistant hash function H Signing s = [H(m)]^d mod n, where s := Signature Verification Test if, H(m) ≡ s^e mod n2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 17
18.
Digital Certificates How can I be sure that a public key really belongs to the right person? Solution: Digital Certificates A digital certificate is a message signed by a trusted party that contains the identity of a person and a public key Contents of a digital certificate: name of issuer, date, expiration date, public key, name of a person, ...2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 18
19.
X.509 Digital Certificates Centralized architecture Hierarchical system Each department has its own certificatioin authority (CA) The public key of this CA is signed by a “higher” CA “Root certificates”2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 19
20.
Demo (CrypTool) Symmetric Algorithms XOR Triple DES(ECB) …. Asymmetric Algorithms RSA …. Others…2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 20
21.
Questions???2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 21
22.
Discussion(1) Q: Give some other Goals of Cryptography. A: Availability, Anonymity, Untraceability, Unlinkability, Being dated…2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 22
23.
Discussion(2) Q: Can you give an example as a solution to the key exchange problem for the symmetric cryptography?2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 23
24.
Discussion(3) Q: Why do we use a collision-resistant hash function H by signing? A: We sign the hash value of a message, because it is faster than signing the whole message and even more secure.2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 24
25.
2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 25
26.
References Trusted System lecture (WS10/11) http://www.seceng.informatik.tu-darmstadt.de/ts10/ C. Eckert. IT-Sicherheit: Konzepte - Verfahren – Protokolle. Oldenbourg, 2009. J. Buchmann. Einführung in die Kryptographie. Springer, 2010 Public Key Infrastructures lecture (SS10) http://www.cdc.informatik.tu-darmstadt.de/lehre/SS10/vorlesung/PKI/P2/3/2011 | Department 20 | B.IT Nieh | Introduction to Cryptography | A. Neziri & J. Budurushi 26