Recommended
Recommended
More Related Content
What's hot
What's hot (8)
Similar to Crypto101
Similar to Crypto101 (20)
Recently uploaded
Recently uploaded (20)
Crypto101
- 1. CRYPTO 101 SUBSPLASH TECH TALK 2017
- 2. 2 ATTACK AT DAWN ▸ How to hide a secret message? THE PROBLEM CRYPTO 101
- 3. 3 ATTACK AT DAWN DW DFN DW GDZQW CRYPTO 101
- 4. BITS & BYTES ▸ bits ▸ 0 ▸ 1 ▸ bytes ▸ 8 bits ▸ 0010 1111 ▸ 1100 0001 4CRYPTO 101
- 5. ▸ Binary to decimal ▸ 0010 1111 -> 47 ▸ 1100 0001 -> 193 ▸ 0000 0000 -> 0 ▸ 1111 1111 -> 255 ▸ Decimal to binary ▸ 65 -> 0100 0001 5CRYPTO 101
- 6. CRYPTO 101 ASCII ENCODING 6 ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~
- 7. CRYPTO 101 ATTACK AT DAWN 7 A 65 0100 0001 T 84 0101 0100 T 84 0101 0100 A 65 0100 0001 C 67 0100 0011 K 75 0100 1011 32 0010 0000 A 65 0100 0001 T 84 0101 0100 32 0010 0000 D 68 0100 0100 A 65 0100 0001 W 87 0101 0111 N 78 0100 1110
- 8. CRYPTO 101 A 65 0100 0001 ▸ Coin ▸ Head -> 0 ▸ Tail -> 1 ▸ 1 0 0 1 1 0 1 0 8
- 9. CRYPTO 101 9 “A” - 0100 0001 key - 1001 1010 ??? - 1101 1011
- 10. CRYPTO 101 EXCLUSIVE OR (XOR) 10 A B A⊕B 0 0 0 1 0 1 0 1 1 1 1 0
- 11. CRYPTO 101 11 A 0100 0001 1001 1010 1101 1011 T 0101 0100 0101 1100 0000 1000 T 0101 0100 0111 0111 0010 0011 A 0100 0001 1110 1110 1010 1111 C 0100 0011 0010 0101 0110 0110 K 0100 1011 0010 1011 0110 0000 0010 0000 1100 1111 1110 1111 A 0100 0001 0010 0101 0110 0100 T 0101 0100 0111 1110 0010 1010 0010 0000 1111 0001 1101 0001 D 0100 0100 1001 1001 1101 1101 A 0100 0001 1101 1010 1001 1011 W 0101 0111 1110 0001 1011 0110 N 0100 1110 0011 1100 0111 0010 db 08 23 af 66 60 ef 64 2a d1 dd 9b b6 72 9a 5c 77 ee 25 2b cf 25 7e f1 99 da e1 3c
- 12. CRYPTO 101 12 ATTACK AT DAWN 9a5c77ee252bcf257ef199dae13c db0823af6660ef642ad1dd9bb672 ⊕ || ??#?f`?d*????r
- 13. CRYPTO 101 ONE-TIME PAD ▸ Perfect secrecy 13 db0823af6660ef642ad1dd9bb672 1101 1011 0000 1000 0010 0011 1010 1111 0110 0110 0110 0000 1110 1111 0110 0100 0010 1010 1101 0001 1101 1101 1001 1011 1011 0110 0111 1100
- 14. CRYPTO 101 ONE-TIME PAD KEY ▸ As long as the plaintext 14 9a5c77ee252bcf257ef199dae13c 1001 1010 0101 1100 0111 0111 1110 1110 0010 0101 0010 1011 1100 1111 0010 0101 0111 1110 1111 0001 1001 1001 1101 1010 1110 0001 0011 1100
- 15. CRYPTO 101 IS ONE-TIME PAD GOOD ENOUGH? ▸ Not practical in real life ▸ “ATTACK AT DAWN” - 14 Bytes (B) ▸ A letter - 3 Kilo Bytes (KB) ▸ An audio - 4 Mega Bytes (MB) ▸ A video - 2 Giga Bytes (GB) ▸ Can we do better? 15
- 16. CRYPTO 101 BLOCK CIPHER 16 plaintext ↓ +--------------+ key -> | Block Cipher | +--------------+ ↓ ciphertext
- 17. CRYPTO 101 DATA ENCRYPTION STANDARD (DES) ▸ 1970s ▸ IBM ▸ Block size: 64 bits ▸ Key size: 56 bits ▸ password ▸ 3689207c138acf18 ▸ 9adf272b96969988 17
- 18. CRYPTO 101 TRIPLE DES (3DES) ▸ 1998 ▸ DES -> DES -> DES ▸ Key size: 56 * 3 = 168 bits ▸ Also 3 times slower than DES 18
- 19. CRYPTO 101 ADVANCED ENCRYPTION STANDARD (AES) ▸ 1997-2000 ▸ NIST ▸ Finalists ▸ Rijndael/Serpent/Twofish/RC6/MARS ▸ Rijndael is the winner 19
- 20. CRYPTO 101 AES (RIJNDAEL) ▸ 2001 ▸ Block size: 128 bits ▸ Key size: 128/192/256 bits ▸ e9e9fb64e075818aacb6d86c502d8b63 ▸ 5ba36e701dd67693b4ada36cdc5b7a89624e94e0583 df09c ▸ cd8394660e5e4003d634cedbaa19b04d2ebaa8568ee 55197222f56ce1886ae17 20
- 21. CRYPTO 101 21 plaintext ↓ +--------------+ key -> | Block Cipher | (DES/3DES/AES) +--------------+ ↓ ciphertext
- 22. CRYPTO 101 22 ATTACK A T DAWN -------- ------ 64 bits 48 bits ATTACK A ↓ +----------------+ password -> | DES Encryption | +----------------+ ↓ 1a2dd25ec47c36fd T DAWN00 -------- 48+16 bits T DAWN00 ↓ +----------------+ password -> | DES Encryption | +----------------+ ↓ 03fbff11a9a8e0f0 1a2dd25ec47c36fd03fbff11a9a8e0f0
- 23. CRYPTO 101 23 ATTACK A ↓ +----------------+ password -> | DES Encryption | +----------------+ ↓ 1a2dd25ec47c36fd T DAWN00 ↓ +----------------+ password -> | DES Encryption | +----------------+ ↓ 03fbff11a9a8e0f0 ↓ +----------------+ password -> | DES Decryption | +----------------+ ↓ ATTACK A ↓ +----------------+ password -> | DES Decryption | +----------------+ ↓ T DAWN00 ATTACK AT DAWN00 ATTACK AT DAWN
- 24. CRYPTO 101 BLOCK CIPHER MODE ▸ ECB ▸ CBC ▸ CFB/OFB ▸ CTR 24
- 25. CRYPTO 101 ECB (ELECTRONIC CODEBOOK) 25 plaintext ↓ +-----------------+ key -> | Block Cipher Enc| +-----------------+ ↓ ciphertext plaintext ↓ +-----------------+ key -> | Block Cipher Enc| +-----------------+ ↓ ciphertext ↓ +-----------------+ key -> | Block Cipher Dec| +-----------------+ ↓ plaintext ↓ +-----------------+ key -> | Block Cipher Dec| +-----------------+ ↓ plaintext
- 27. CRYPTO 101 CBC (CIPHER BLOCK CHAINING) 27 plaintext | IV ----------> ⊕ ↓ +-----------------+ key -> | Block Cipher Enc| +-----------------+ ↓ ciphertext plaintext | +--------------> ⊕ | ↓ | +-----------------+ | key -> | Block Cipher Enc| | +-----------------+ -----------+ ↓ ciphertext ↓ +-----------------+ key -> | Block Cipher Dec| +-----------------+ | IV ----------> ⊕ ↓ plaintext -----------+ ↓ | +-----------------+ | key -> | Block Cipher Dec| | +-----------------+ | | +--------------> ⊕ ↓ plaintext
- 28. CRYPTO 101 WHICH ONE TO USE? ▸ ECB ▸ CBC ▸ CFB/OFB ▸ CTR 28
- 29. CRYPTO 101 STREAM CIPHER ▸ RC4 ▸ Salsa20/ChaCha20 29
- 30. CRYPTO 101 THE PROBLEM ▸ How to hide a secret message? ▸ How to securely send my secret message to others? 30
- 31. CRYPTO 101 ALICE, BOB & EVE 31 secret Alice -------------------------------------------> Bob key key secret secret' Alice ------------------ Eve --------------------> Bob key key
- 32. CRYPTO 101 CRYPTOGRAPHIC HASH FUNCTIONS ▸ Data integrity 32 secret Alice -------------------------------------------> Bob key key secret digest Alice -------------------------------------------> Bob key key
- 33. CRYPTO 101 IDEAL HASH FUNCTIONS ▸ digest = hash_function(input) ▸ Deterministic, same input always results in same digest ▸ Quick to compute for any input ▸ One-way function ▸ Avalanche effect, small change in input cause huge change in digest ▸ Collision resistance, infeasible to find two different inputs with same digest 33
- 34. CRYPTO 101 COMMON HASH FUNCTIONS ▸ MD5 (1992) ▸ SHA family ▸ SHA-1 (1995) ▸ SHA-2 (2001) ▸ SHA-224/SHA-256/SHA-384/SHA-512 ▸ SHA-512/224, SHA512/256 ▸ SHA-3 (2015) 34
- 35. CRYPTO 101 EXAMPLES ▸ hash(“ATTACK AT DAWN”) 35 MD5 042049321f10319f00d45dcc615f6bc1 SHA-1 19447f653ac5522b662bae641646bcce5102ade8 SHA-224 3db2c67781691fa0b7f82247fd8c7f5aa5977dc673d8c0979189919e SHA-256 11e35eb1a2d18f4e2bfc43a1483c6b2b0f3ba4d6eb8b937278d3c9ab6897f4b8 SHA-384 51769418bf68409b6c41a4db245c7ff9d1e631f56c76661b1b84205d0419a179 6dd1ae3d474e204cd6c7ccf12907d46b SHA-512 1df976845cfb9b2eddf77828c96e77a84ca17f864ab0513f70e8e50433f235be 9137ac500b6b181eb26d6db300304ba4a13b2c756c09cb073fb3926ea000a535
- 36. CRYPTO 101 IS DATA INTEGRITY ENOUGH? 36 secret digest Alice -------------------------------------------> Bob key key secret secret’ digest digest’ Alice ------------------ Eve --------------------> Bob key key
- 37. CRYPTO 101 MAC (MESSAGE AUTHENTICATION CODE) ▸ Data integrity & authentication ▸ tag = mac_function(key, input) ▸ CMAC/CBC-MAC/VMAC/UMAC ▸ HMAC ▸ tag = hmac(hash_function, key, input) ▸ Poly1305 37
- 38. CRYPTO 101 HMAC ▸ hmac(hash, “mysecretkey”, “ATTACK AT DAWN”) 38 MD5 e9252bb2b93a94ac54af3fe1c6944e63 SHA-1 b22bf4d6ba5ca72a437def56f273025bc9480fa1 SHA-256 5a4590b9b30a2dc5899b0043ec407c561efd36eaa73abb3735752aa52f0c8c65 SHA-512 ad490070b7c792e4057d49d1b05d3515517505f9bb38413baab44326d0639f28 5791994496eeca1508471c8a97feb791dba129b4e3561cb1df73b4095d5d87d9
- 39. CRYPTO 101 39 secret tag Alice -------------------------------------------> Bob (key, key2) (key, key2) secret digest Alice -------------------------------------------> Bob key key secret secret’ tag ?????? Alice ------------------ Eve --------------------> Bob (key, key2) (key, key2)
- 40. CRYPTO 101 SO FAR… ▸ Encryption ▸ DES/3DES/AES ▸ RC4/Chacha20 ▸ Authentication ▸ HMAC/Poly1305 40
- 41. CRYPTO 101 HOW TO USE THEM? ▸ Encrypt then MAC ▸ IPsec ▸ MAC then Encrypt ▸ SSL/TLS ▸ Encrypt and MAC ▸ SSH 41
- 42. CRYPTO 101 AUTHENTICATED ENCRYPTION (AE) ▸ CCM/CWC/OCB ▸ GCM 42
- 43. CRYPTO 101 THE PROBLEM ▸ How to hide a secret message? ▸ How to securely send my secret message to others? 43
- 44. CRYPTO 101 44 secret secret’ tag ?????? Alice ------------------ Eve --------------------> Bob (key, key2) (key, key2) secret tag Alice -------------------------------------------> Bob (key, key2) (key, key2) (key, key2) Alice ------------------ Eve --------------------> Bob ?????
- 45. CRYPTO 101 RESOURCES ▸ Cryptography I - Dan Boneh, Professor, Stanford U ▸ https://www.coursera.org/learn/crypto ▸ Enroll starts Aug 07, 2017 45