More Related Content
Similar to Online Shopping Encryption Guide
Similar to Online Shopping Encryption Guide (20)
Online Shopping Encryption Guide
- 2. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Overview of How Online Shopping Works
Where Does Your Credit Card Number Go?
Encryption
Definition
Example (Caesar Cipher)
Intro to Modular Arithmetic
Encryption in Computers Today
Public Key
RSA
Digital Signatures
Problems with Encryption
The Future
Quantum Computers
Outline
2
- 3. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Go to
Amazon.com
Add item to
your cart
Send your
credit card
to Amazon
Amazon
charges you
for purchase
Amazon
sends you
your item
Overview of How Online Shopping Works
3
- 4. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Go to
Amazon.com
Add item to
your cart
Send your
credit card
to Amazon
Amazon
charges you
for purchase
Amazon
sends you
your item
Overview of How Online Shopping Works
4
- 5. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Internet connections are not a straight shot from your laptop to the website
Information must jump from server to server on the internet
Some of these servers are privately owned and operated
What is stopping everyone who handles your data from stealing your credit card number?
Where Does Your Credit Card Number Go?
5
- 6. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Encryption is the translation of data into a secret code using a cipher.
Encryption Definition
6
- 7. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Encryption Example (Caesar Cipher)
7
Julius Caesar (100 BCE – 44 CE) famously used a “shift cipher” to communicate secret messages
with his generals. He wrote the messages, then transposed each letter three positions
backwards in the alphabet.
WEST MONROE
PARTNERS
TBPQ JLKOLB
MXOQKBOP
- 8. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Modular Arithmetic
8
Numbers are congruent modulo m if their difference (a – b) is divisible by
m. We can write this as
a ≡ b mod m or a = b + k*m
for some k. The goal is to find the congruent number smaller than m.
- 9. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
For an example, think of clocks:
Modular Arithmetic
9
Numbers are congruent modulo m if their difference (a – b) is divisible by
m. We can write this as
a ≡ b mod m or a = b + k*m
for some k. The goal is to find the congruent number smaller than m.
- 10. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
For an example, think of clocks:
Modular Arithmetic
10
Numbers are congruent modulo m if their difference (a – b) is divisible by
m. We can write this as
a ≡ b mod m or a = b + k*m
for some k. The goal is to find the congruent number smaller than m.
8:00 + 6:00 = 14:00
14:00 = 2:00 + 12:00
14:00 ≡ 2:00 mod 12:00
- 11. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
For an example, think of clocks:
Modular Arithmetic
11
Numbers are congruent modulo m if their difference (a – b) is divisible by
m. We can write this as
a ≡ b mod m or a = b + k*m
for some k. The goal is to find the congruent number smaller than m.
8:00 + 6:00 = 14:00
14:00 = 2:00 + 12:00
14:00 ≡ 2:00 mod 12:00
8 + 6 = 14
14 = 2 + 1*12
14 ≡ 2 mod 12
- 12. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Using mods sets limits
For clocks, you never write more than 12 hours
For words/messages, you never write more than the 26 letters
This lets encrypted messages be the same size as the original message
Modular Arithmetic, Why Do We Care?
12
- 13. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Messages are
composed of 1’s
and 0’s
1’s and 0’s are
then encrypted
(still in 1’s and 0’s)
Message is
decrypted by
receiver
How Computers Use Encryption
13
Computers send messages in binary
“binary” = 01100010 01101001 01101110 01100001 01110010 01111001
011001000110111
100100000011011
100110111101110
100001000000111
001001100101011
000010110010000
001001110010001
101111001000000
110110100101111
011101000010000
010010001111001
010110000101101
011001000110111
100100000011011
100110111101110
100001000000111
001001100101011
000010110010000
- 14. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
We can imagine long strings of binary as numbers
We can manipulate the numbers using math formulas (ciphers)
The encrypted numbers can be decrypted by the intended recipient
Numbers Simplification
14
235921528402397 512339522023178 235921528402397
Encryption
Cipher
Decryption
Cipher
- 15. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Each user has a public and private key pair
The public key is used for encryption
The private key is used for decryption
Each user keeps their private key private, and makes their public key public
Public Key Encryption
15
235921528402397 512339522023178 235921528402397
(Encryption)
Public Key Used
287367198201
(Decryption)
Private Key Used
832984805387
- 16. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
First, Amazon decides on the parameter N (parameters are also public)
Amazon uses N to generates public key e and private key d
You take your message m and compute your encrypted message c by
Encryption: c ≡ me mod N
You send Amazon your encrypted message c
Amazon uses its private key to reconstruct m by
Decryption: m ≡ cd mod N
This process works because the private key d is the inverse of the public key e
Math: m ≡ (me)d mod N
RSA Encryption
16
- 17. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Signatures are used to prove identity
Identity means you have the private key for an associated public key
For each user’s public and private key pair,
The private key is used for signing
The public key is used for authentication
Digital Signatures Using Public Key
17
235921528402397 432539121127771 235921528402397
(Signing)
Private Key Used
832984805387
(Authentication)
Public Key Used
287367198201
- 18. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Like encryption, Amazon decides on the parameter N and uses N to generates public key e
and private key d
Amazon takes the message to be signed m and computes the signature s by
Signing: s ≡ md mod N
Amazon sends m and s together
You then use Amazon’s public key to construct m’ by
Authentication: m’ ≡ se mod N
If m’ is congruent to m, then s must have been generated by Amazon’s private key
Math: m’ ≡ (md)e ≡ m mod N
Digital Signatures with RSA
18
- 19. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Public key encryption is based on assumption that underlying math is “hard”
Hard means it will take millions of years to break with the most sophisticated algorithms
RSA relies on the Discrete Log Problem
For large numbers g, h, p (upward of 100 digits), this is currently sufficiently hard
The ciphers in RSA (both the encryption and decryption) are considered one-way functions
Problems with Public Key Encryption
19
The Discrete Log Problem is to determine integer x given g, h, and p where
gx ≡ h mod p.
- 20. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
A quantum computer uses phenomena such as superposition and quantum entanglement
to perform calculations at incredible speeds
There exist quantum algorithms (Shor’s algorithm) can break the Discrete Log Problem
Quantum computers will be the end of public key encryption
Early versions are in (limited) operation right now!
Quantum Computers
20
- 21. © 2015 West Monroe Partners | Reproduction and distribution without
West Monroe Partners prior consent is prohibited.
Lattice cryptography is one promising alternative
Lattices use real numbers (not integers) and linear combinations with modular arithmetic
There do not (presently) exist quantum algorithms for solving lattice problems
Eventually, we must move away from using “one-way” functions for encryption
The coolest part: These discussions are happening RIGHT NOW!
The Future
21
Editor's Notes
- “Is it safe to send your credit card number across the internet?”
- Cipher is the type of transformation
- Explain the upper limit of 26 letters.
- WHY DO WE CARE
- WHY DO WE CARE
- WHY DO WE CARE
- WHY DO WE CARE
- Messages are the same size when the encryption process is applied
- These are 2 different ciphers
- Public key is available to everyone, like a universal ID
Flow is left to right
This uses AMAZON’S KEY PAIR
Remember, 2 different ciphers
- Published in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman
Generally 1-4k bit
2^1000 = 1.071509e+301
- Flow is left to right
This uses AMAZON’S KEY PAIR
- The DLP is the reverse of our cipher functions
There exists FAST algorithms for one-direction of the function
- Highlight how public key is available to everyone, like a universal ID