Published on

1 Comment
  • its good...
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Encryption
  2. 2. The problem <ul><li>It is possible for an unauthorized agent to acquire transmissions </li></ul><ul><li>The extent of the danger varies: </li></ul><ul><ul><li>Listen only -- the intruder learns information that should not be available. Use is separate from the acquisition of the information </li></ul></ul><ul><ul><li>Active intrusion -- the intruder intercepts message transmission and substitutes a modified message, or redirects the original message. Effect is immediate. </li></ul></ul>
  3. 3. Message interception Original message Encoding Method Ciphertext Decoding Method Received message Eavesdropping Masquerading Intruder (Plain text) (Plain text)
  4. 4. Encryption/Decryption Keys <ul><li>Key-based encryption is an old idea </li></ul><ul><ul><li>Caesar’s code </li></ul></ul><ul><ul><ul><li>“ May have fooled the Gauls, but hasn’t fooled anyone since” </li></ul></ul></ul><ul><li>Problem is that you have to get the key to the receiver, secretly and accurately. </li></ul><ul><ul><ul><li>If you can get the key there, why not use the same method to send the whole message? (Efficiency of scale) </li></ul></ul></ul><ul><ul><ul><li>If the key is compromised without the communicators knowing it, the transmissions are open. </li></ul></ul></ul><ul><ul><ul><ul><li>WWII Enigma code </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>http://home.us.net/~encore/Enigma/enigma.html </li></ul></ul></ul></ul></ul>
  5. 5. Goals, requirements for an encryption method <ul><li>High level of data protection </li></ul><ul><li>Simple to understand </li></ul><ul><li>Complex enough to deter intruders </li></ul><ul><li>Protection based on the key, not the algorithm </li></ul><ul><li>Economical to implement </li></ul><ul><li>Adaptable for various applications </li></ul><ul><li>Available at reasonable cost </li></ul>
  6. 6. Data Encryption Standard <ul><li>Complex sequence of transformations </li></ul><ul><ul><li>hardware implementations speed performance </li></ul></ul><ul><ul><li>modifications have made it very secure </li></ul></ul><ul><li>Known algorithm </li></ul><ul><ul><li>security based on difficulty in discovering the key </li></ul></ul><ul><li>http://www.itl.nist.gov/fipspubs/fip46-2.htm </li></ul>
  7. 7. The Data Encryption Standard Illustrated 64 bit blocks, 64 bit key
  8. 8. INTERNET-LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD LOVELAND, COLORADO (June 18, 1997). Tens of thousands of computers, all across the U.S. and Canada, linked together via the Internet in an unprecedented cooperative supercomputing effort to decrypt a message encoded with the government-endorsed Data Encryption Standard (DES). Responding to a challenge, including a prize of $10,000, offered by RSA Data Security, Inc, the DESCHALL effort successfully decoded RSADSI's secret message. According to Rocke Verser, a contract programmer and consultant who developed the specialized software in his spare time, &quot;Tens of thousands of computers worked cooperatively on the challenge in what is believed to be one of the largest supercomputing efforts ever undertaken outside of government.&quot; Using a technique called &quot;brute-force&quot;, computers participating in the challenge simply began trying every possible decryption key. There are over 72 quadrillion keys (72,057,594,037,927,936). At the time the winning key was reported to RSADSI, the DESCHALL effort had searched almost 25% of the total. At its peak over the recent weekend, the DESCHALL effort was testing 7 billion keys per second.
  9. 9. Public Key encryption <ul><li>Eliminates the need to deliver a key </li></ul><ul><li>Two keys: one for encoding, one for decoding </li></ul><ul><li>Known algorithm </li></ul><ul><ul><li>security based on security of the decoding key </li></ul></ul><ul><li>Essential element: </li></ul><ul><ul><li>knowing the encoding key will not reveal the decoding key </li></ul></ul>
  10. 10. Effective Public Key Encryption <ul><li>Encoding method E and decoding method D are inverse functions on message M: </li></ul><ul><ul><li>D(E(M)) = M </li></ul></ul><ul><li>Computational cost of E, D reasonable </li></ul><ul><li>D cannot be determined from E, the algorithm, or any amount of plaintext attack with any computationally feasible technique </li></ul><ul><li>E cannot be broken without D (only D will accomplish the decoding) </li></ul><ul><li>Any method that meets these criteria is a valid Public Key Encryption technique </li></ul>
  11. 11. It all comes down to this: <ul><li>key used for decoding is dependent upon the key used for encoding, but the relationship cannot be determined in any feasible computation or observation of transmitted data </li></ul>
  12. 12. Rivest, Shamir, Adelman (RSA) <ul><li>Choose 2 large prime numbers, p and q, each more than 100 digits </li></ul><ul><li>Compute n=p*q and z=(p-1)*(q-1) </li></ul><ul><li>Choose d, relatively prime to z </li></ul><ul><li>Find e, such that e*d=1 mod (z) </li></ul><ul><ul><li>or e*d mod z = 1, if you prefer. </li></ul></ul><ul><li>This produces e and d, the two keys that define the E and D methods. </li></ul>
  13. 13. Public Key encoding <ul><li>Convert M into a bit string </li></ul><ul><li>Break the bit string into blocks, P, of size k </li></ul><ul><ul><li>k is the largest integer such that 2 k <n </li></ul></ul><ul><ul><li>P corresponds to a binary value: 0<P<n </li></ul></ul><ul><li>Encoding method </li></ul><ul><ul><li>E = Compute C=P e (mod n) </li></ul></ul><ul><li>Decoding method </li></ul><ul><ul><li>D = Compute P=C d (mod n) </li></ul></ul><ul><li>e and n are published (public key) </li></ul><ul><li>d is closely guarded and never needs to be disclosed </li></ul>
  14. 14. In class exercise <ul><li>Create your own public and private keys </li></ul><ul><ul><li>(keep the numbers very small to make it reasonable for you to do the computation) </li></ul></ul><ul><li>Give someone else a paper with your values for n and e (Put your name on it) </li></ul><ul><li>Write a short message and encode it using the n,e values given to you. </li></ul><ul><ul><li>Keep it simple. Use all capital letters. Code A=1, B=2, etc. </li></ul></ul><ul><li>Return it to the person whose key you have. </li></ul><ul><li>Decode the message sent to you. </li></ul>
  15. 15. An example: <ul><li>P=7; q=11; n=77; z=60 </li></ul><ul><li>d=13; e= 37; k=6 </li></ul><ul><li>Test message = CAT </li></ul><ul><li>Using A=1, etc and 5-bit representation : </li></ul><ul><ul><li>00011 00001 10100 </li></ul></ul><ul><li>Since k=6, regroup the bits (arrange right to left so that any padding needed will put 0's on the left and not change the value): </li></ul><ul><ul><li>000000 110000 110100 </li></ul></ul><ul><ul><li>(three leading zeros added to fill the block) </li></ul></ul><ul><li>decimal equivalent: 0 48 52 </li></ul><ul><li>Each of those raised to the power 37 (e) mod n: 0 27 24 </li></ul><ul><li>Each of those values raised to the power 13 (d) mod n (convert back to the original): 0 48 52 </li></ul>
  16. 16. On a practical note: PGP <ul><li>You can create your own real public and private keys using PGP (Pretty Good Privacy) </li></ul><ul><li>See the following Web site for full information. </li></ul><ul><li>http://web. mit .edu/network/ pgp .html </li></ul>
  17. 17. Issues <ul><li>Intruder vulnerability </li></ul><ul><ul><li>If an intruder intercepts a request from A for B’s public key, the intruder can masquerade as B and receive messages from B intended for A. The intruder can send those same or different messages to B, pretending to be A. </li></ul></ul><ul><ul><li>Prevention requires authentication of the public key to be used. </li></ul></ul><ul><li>Computational expense </li></ul><ul><ul><li>One approach is to use Public Key Encryption to send the Key for use in DES, then use the faster DES to transmit messages </li></ul></ul>
  18. 18. Digital Signatures <ul><li>Some messages do not need to be encrypted, but they do need to be authenticated: reliably associated with the real sender </li></ul><ul><ul><li>Protect an individual against unauthorized access to resources or misrepresentation of the individual’s intentions </li></ul></ul><ul><ul><li>Protect the receiver against repudiation of a commitment by the originator </li></ul></ul>
  19. 19. Digital Signature basic technique Sender A Receiver B Intention to send E(Random Number) where E is A’s public key Message and D(E(Random Number))
  20. 20. Public key encryption with implied signature <ul><li>Add the requirement that E(D(M)) = M </li></ul><ul><li>Sender A has encoding key E A , decoding key D A </li></ul><ul><li>Intended receiver has encoding (public) key E B . </li></ul><ul><li>A produces E B (D A (M)) </li></ul><ul><li>Receiver calculates E A (D B (E B (D A (M)))) </li></ul><ul><ul><li>Result is M, but also establishes that only A could have encoded M </li></ul></ul>
  21. 21. Digital Signature Standard (DSS) <ul><li>Verifies that the message came from the specified source and also that the message has not been modified </li></ul><ul><li>More complexity than simple encoding of a random number, but less than encrypting the entire message </li></ul><ul><li>Message is not encoded. An authentication code is appended to it. </li></ul>
  22. 22. Encryption summary <ul><li>Problems </li></ul><ul><ul><li>intruders can obtain sensitive information </li></ul></ul><ul><ul><li>intruder can interfere with correct information exchange </li></ul></ul><ul><li>Solution </li></ul><ul><ul><li>disguise messages so an intruder will not be able to obtain the contents or replace legitimate messages with others </li></ul></ul>
  23. 23. Important methods <ul><li>DES </li></ul><ul><ul><li>fast, reasonably good encryption </li></ul></ul><ul><ul><li>key distribution problem </li></ul></ul><ul><li>Public Key Encryption </li></ul><ul><ul><li>more secure </li></ul></ul><ul><ul><ul><li>based on the difficulty of factoring very large numbers </li></ul></ul></ul><ul><ul><li>no key distribution problem </li></ul></ul><ul><ul><li>computationally intense </li></ul></ul>
  24. 24. Digital signatures <ul><li>Authenticate messages so the sender cannot repudiate the message later </li></ul><ul><li>Protect messages from changes during transmission or at the receiver’s site </li></ul><ul><li>Useful when the contents do not need encryption, but the contents must be accurate and correctly associated with the sender </li></ul>