can’t talk about the NSA
until you understand what they broke!
Alice, Bob, and Eve
Eve Maler/Rich Salz, “Eve [Maler] eavesdropping on Alice and Bob [DuCharme]’s
conversation.” http://www.ﬂickr.com/photos/xmlgrrl/966601078/ CC-BY-NC-SA
Cryptography: why, what?
•Guard against threats to communication:
•“I didn’t say that!” or “That isn’t what I said!”
•“Cryptographic algorithm” or “cipher”
•Way to turn plaintext (or other content) into “ciphertext” that is unreadable
without special knowledge (i.e. a key)
•“Encrypt” = code the message. “Decrypt” = decode.
•This is all math! Remember that a message is 1’s and 0’s, a big number.
•“In the clear” “cleartext” “plaintext” = not
•If you hear “passwords stored in the clear,” RUN AWAY.
The easy but wrong way
•Alice and Bob want to say something secret.
•Assume that Eve can watch everything they say to each other.
•Alice sends Bob a special key she will use to
lock her messages. Bob sends Alice another
special key that he will use for his.
•They “encrypt” (lock) subsequent messages
with those keys and send them.
•They have each other’s keys, so they can unlock the messages on arrival.
•Where’s the problem here? What can Eve
do to eavesdrop further?
Problem: key exchange in
•Physical analogy: Alice putting her housekey
in the mail to Bob, and vice versa.
•Eve can easily steal the mail, go to a locksmith, and copy the keys! So Alice and
Bob’s homes are not safe from Eve.
•Ugh. But what if a house worked like a bank
•TWO keys, one at the bank, one with Alice (and a copy with Bob). BOTH keys
needed to open the box!
•The bank is told only to use its key if Alice or Bob is present (with a valid ID).
•Even if Eve copies Alice’s key, or Bob’s, the bank won’t let her in!
•Aha. So we need to split the key, and keep
half of it safe and secret! (It can’t travel.)
Solution: public-key cryptography
•Paired keys: “public” and “private”
•A message ENCRYPTED (locked) with one of these keys must be DECRYPTED
(unlocked) with the OTHER KEY!
•Anybody can have your public key. ONLY YOU have your private key, and you
never, ever send it anywhere!
•Alice and Bob
•Each has the other person’s public key. So does Eve. Because it’s public!
•Alice sends Bob a message encrypted with Bob’s public key.
•Only Bob’s private key can decrypt it! The same works in reverse.
•There is no opportunity for Eve to grab a private key in transit. She’ll have to
hack Alice’s or Bob’s machine to get their private keys!
•Not totally foolproof: if somebody gets
your private key, you’re toast.
•Or if someone can crack the encryption algorithm. Algorithms evolve over
time, as computing power grows.
Used on websites and for
email connections too
•SSL: Secure Socket Layer
•TLS: Transport Layer Security
•newer and better than SSL
•This is what causes the little lock in your
browser for https:// sites!
•Weak link: “certiﬁcate authorities.”
•Long and complicated story, but short version: these are how a lot of
attacks on encryption happen.
•If you hear about “certiﬁcate spooﬁng”... yeah.
•Uses public-private key pairs to prove
that a message comes from you.
•Encrypt the message with your PRIVATE key.
•Send out the encrypted message.
•It can only be decrypted with your PUBLIC key. So if they can ﬁgure out
how to read it, you must have sent it!
•In actual fact, this is cumbersome, with
larger messages especially.
•So usually a message is “hashed” (put through a computer program) and
the result (“hash”) is encrypted and sent along with the message. The
recipient rehashes the message, decrypts the sent hash, and compares; if
they’re not the same, there’s a problem.
•But it’s basically the same idea.
•Alice and Bob have two-key systems on
their house’s front door.
•What about the back door? If it isn’t
protected the same way...
•So a “backdoor” is a secret vulnerability
in a security system or encryption
algorithm that allows those in the know
to bypass the usual security.
•“Pretty Good Privacy” (PGP) is the best
thing out there.
•Should integrate with most email services.
•Unless you are using encryption, email
should NEVER EVER be considered
secure communication. NOT EVER.
•(And maybe not even if you are. May be stored in the clear, even if it
traveled encrypted! And is the other person using encryption too?)
•HIPAA, FERPA, etc. NO. NOT EVER.
•Yes, your boss CAN and WILL read your email. Do not do personal
business from a work email account. EVER.