Your SlideShare is downloading.
×

- 1. Intro to Cryptography Galin Dinkov
- 2. Intro
- 3. Definition ● Cryptography - κρυπτό (kryptós) "hidden, secret" + γράφειν (graphein) "writing" ● Cryptology - κρυπτό (kryptós) "hidden, secret" + λογία (logia), "study" ● Study of techniques for secure communication in the presence of third parties called adversaries ● Main fields ○ Data confidentiality - restricted access over the information ○ Data integrity - assurance of the accuracy and consistency of the data ○ Authentication - confirming the validity of sorm form of identification ○ Non-repudiation - assurance of data origin and authorship
- 4. Terminology ● Plaintext - ordinary information, understandable by human ● Ciphertext - unintelligible text, encrypted text ● Encryption - encoding a message or information in such a way that only authorized parties can access it ● Decryption - restoring the original plaintext from the ciphertext ● Cipher - algorithm for encryption/decryption ● Key - a secret parameter used in the encryption/decryption process ● Cryptosystem - definitions, key-generation, enc/dec algorithms ● Symmetric/Asymmetric - single common key / different keys ● Cryptanalysis - acquiring information from encrypted messages without having the secret key
- 5. Common Actors ● Alice and Bob - fictional characters using a cryptosystem ● Eve (eavesdropper) - listening to a private conversation ● Mallory - an active attacker
- 6. History ● Classical cryptography - ancient, medieval ● WWI, WWII - Enigma … ● Modern - computers, public-key, hashing, quantum computing … ● Politics - NSA, NIST ...
- 7. Crypto How to...
- 8. How to Communicate With Secret Messages?
- 9. Classic Ciphers ● Transposition cipher - positions of the letters are shifted according to a regular system ● Substitution cipher - plaintext letters are altered according to some rules (key) ○ Simple - per letter ○ Mono/Poly-alphabetic - single, or multiple substitutions ○ Polygraphic - substitute groups of letters Route cipher Caesar cipher Vigenère cipher
- 10. Breaking Classic Ciphers ● Brute-force ● Frequency analysis ● Demo
- 11. Perfect Secrecy ● One-time pad - random key, long at least as the message ● Does not reveal any of the functions of the message, except its maximum length ● Security depends on the entropy of the key ● Difficult to use for long messages ● If reused it is vulnerable
- 12. Stream Cipher ● Generates one time pad using pseudo random number generator ● Then combines it with the message ● The pad is generated based on a key ● Security depends on the entropy of the key and the random function ● Example algorithms - RC4 and ChaCha20 ● Used in hardware because is fast
- 13. Block Cipher ● Divides the message into blocks and encrypt each block ● If the message length is not divisible by block size padding is applied ● Works in different modes: ECB, CBC, PCBC, CFB, OFB, CTR ... ● Examples: DES, 3DES, AES, Blowfish ...
- 14. How to Hide Message Existence?
- 15. Steganography Practice of concealing a file, message, image, or video within another file, message, image, or video. ● Physical - invisible ink, microdots, knits, … ● Digital - image, audio, video or other file, text in blogs or forums ● Linguistic - acrostic, misspellings, ... Tools
- 16. How to Ensure Data Integrity?
- 17. Hash Functions Function used to map data of arbitrary size to data of fixed size. ● Cryptographic hash functions - deterministic, one-Way, uniformly distributed, infeasible collisions, quick to compute ● MD 2/4/5/6 - Message-Digest Algorithm ● SHA 1/2/3 - Secure Hash Algorithms ● RIPEMD - RACE Integrity Primitives Evaluation Message Digest ● BLAKE 1/2
- 18. Hash Function Security ● Preimage resistance - hard to find message m from a given hash h = hash(m) ● Second preimage resistance - given a message m1 it should be difficult to find another different message m2 such as hash(m1) = hash(m2) ● Collision resistance - it should be difficult to find to messages m1 and m2 such as hash(m1) = hash(m2) ● Rainbow table - precomputed table for reversing cryptographic hash functions, usually for cracking password hashes ● Birthday attack
- 19. Message Authentication Code (MAC) Short piece of information used to authenticate a message, to confirm that the message came from the stated sender (its authenticity) and has not been changed. ● CBC-MAC ● HMAC ● … ● ● Length-extension attack
- 20. How to Securely Share Common Secret?
- 21. Public-Key Cryptography ● Digital signatures - content is digitally signed with an individual’s private key and is verified by the individual’s public key ● Encryption - content is encrypted using an individual’s public key and can only be decrypted with the individual’s private key ● Authentication – since the individual’s unique private key was used to apply the signature, recipients can be confident that the individual was the one to actually apply the signature ● Non-repudiation – since the individual is the only one with access to the private key used to apply the signature, he/she cannot later claim that it wasn’t him/her who applied the signature ● Integrity - when the signature is verified, it checks that the contents of the document or message match what was in there when the signature was applied. Even the slightest change to the original document would cause this check to fail.
- 22. Key Exchange Theory
- 23. Math ● One-way function - easy to compute on every input, but hard to invert ● Trapdoor function - easy to compute in one direction, yet difficult to compute in the opposite unless having a special information, called the "trapdoor" ○ Modular arithmetics ○ Discrete logarithm ○ Prime factorization
- 24. Diffie-Hellman Key Exchange Video
- 25. RSA - Rivest–Shamir–Adleman ● Invented in 1977 ● Used for digital signatures and securing sessions (SSL) Explanation
- 26. Elliptic curve cryptography (ECC) Explanation: https://youtu.be/dCvB-mhkT0w https://youtu.be/F3zzNa42-tQ ECC Domain Parameters: p - prime field (modulo) a,b - curve parameters G - generator point n - ord(G) (n x G = 0) h - cofactor of n Private Key (k) = Random Number < n - 1 Public Key (K) = k ∗ G K = 1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD * G K = (x, y) x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB
- 27. Breaking ● Find the private key from the public key ● Classic quantum computer ● Topological quantum computer
- 28. Zero knowledge proofs Method by which one party (the prover) can prove to another party (the verifier) that a given statement is true, without conveying any information apart from the fact that the statement is indeed true.
- 29. How to Send Secure Emails?
- 30. Email Encryption PGP: https://en.wikipedia.org/wiki/Pretty_ Good_Privacy S/MIME: https://en.wikipedia.org/wiki/S/MIME More...
- 31. How to Surf the Web Securely?
- 32. SSL/TLS
- 33. Public Key Infrastructure (PKI) ● Certificate Authorities (CA) - X.509 ● Web of Trust ● Blockchain PKI - Emercoin
- 34. How to Surf the Web Privately?
- 35. Tor
- 36. Final https://www.linkedin.com/in/galindinkov/ by Galin Dinkov