This document provides an overview of cryptography fundamentals including:
- Symmetric and asymmetric cryptography principles like encryption with keys and digital signatures.
- The use of random numbers, prime numbers, and algorithms in cryptography.
- Basic security properties like authentication, privacy and integrity.
- Digital signatures, envelopes, and certificates that combine cryptographic methods for authentication and privacy.
- How cryptography standards and export controls balance security and policy concerns.
2. 2
The October Brown-bag Series
• Crypto 101: The Fundamentals of Cryptography
• Crypto 201: Advanced Cryptographic Concepts
• Crypto 301: The Public Key Infrastructure
• Crypto 401: VPN Protocols and SSL
3. 3
Overview
• Symmetric Cryptography
• Asymmetric Cryptography
• Random Numbers and Prime Numbers
• Basic Security Properties
• Digital signatures
• Digital envelopes
• Digital certificates
• Export Controls and Public Policy
6. 6
A Key
A Key is a number or value that makes each use of the
cryptographic algorithm “unique”
Cryptographic
algorithm
Data Result
Key
Another K
ey
Another Result
7. 7
Inner Operations of a Block Cipher
55
ff
A B C D
<<<<<<
<<< <<<
S[2i] S[2i+1]
A B C D
t u
9. 9
Definitions
• To encrypt something is to scramble the
information so that only the intended recipient can
recover the original information. Data recovery is
called decryption.
• Plaintext is the original form of a message as
opposed to the encrypted form.
• Ciphertext is the encrypted form of a message as
opposed to the original form.
10. 10
Symmetric Cryptography
• Symmetric Ciphers are based on logical XOR,
Rotation, and Substitution operations.
• Two flavors of ciphers:
– Block ciphers - these work on a “block” of
data objects, generally 64 to 128 bits, at a
time. Useful for bulk encryption.
– Stream ciphers - these work on small data
objects, generally 1 to 64 bits at a time.
Useful for byte streams.
11. 11
Symmetric Cryptography
• Advantages:
– Well known and used
– Generally, very fast
• Disadvantages:
– Initial secret key needs to exchanged via a
trusted channel.
– Key Management.
12. 12
Symmetric Cryptography
Key management: each node on the networkKey management: each node on the network
needs to store a key for every other node:needs to store a key for every other node:
# system keys = (p * (p-1))/2# system keys = (p * (p-1))/2
2parties,1key
3parties,3keys
4parties,6keys 5parties,10keys
13. 13
Asymmetric Cryptography
• Asymmetric algorithms are based on the idea of
key pairs, a public key and private key.
• The keys are mathematically related such that one
key performs an operation on data that only the
other key can undo.
15. 15
The Math
• Asymmetric Cryptography is based on complex
Math and Big Numbers.
• The RSA algorithm is the de facto standard for
public key cryptography and is based on Modular
Exponentiation
• The Diffie-Hellman algorithm is based on Discrete
Logarithms
16. 16
How RSA Works - Modular Exponentiation
• Given : n = pq, Choose e
• Encryption Formula
ci = mi
e
mod n
• Decryption Formula
mi = ci
d
mod n
public key : (n,e) Private key: (d)
17. 17
155 decimal digit prime number (512 bits)
1094173864157052742180970732204035761200373245
4492059909138421314763499842889347847179972578
9126733249762575289978183379707653724402714674
3531593354333897
=
(102639592829741105772054196573991675900716567
88038066803341933521790711307779)
X
(106603488380168454820927220360012878679207958
575989291522270608237193062808643)
Herman te Riele, CWI- Amsterdam
August, ‘99
18. 18
RSA in Summary
• If I know n = pq, I can generate prime values for p
and q, I can choose a convenient value for e, and
then d is easy to calculate - plug in the numbers.
• I throw p and q away and make n and e available to
the public.
• Finding d from n and e is a HARD problem - more
correctly computationally infeasible
• Attack the system by factoring n
19. 19
Sample keys
RSA public key:
modulus: ab 38 39 40 54 2c ac 9a c0 37 40 d0 49
04 ed 51 0e 95 72 02 51 c2 ad 9d a7 eb
ba 29 ae d4 49 79 53 fa df 01 6c bc 69
46 4c 83 1b d9 3b 59 42 04 99 0f 63 24
75 a0 be 6f 92 4d 9d a2 40 da f8 49
public exponent: 01 00 01
20. 20
Asymmetric Cryptography
• Advantages:
– Does not require a trusted channel
– Provides authentication of sender
– Variable key sizes
– Scales easily, easy key management
21. 21
Asymmetric Cryptography
• Disadvantages of asymmetric ciphers:
– Computationally intense therefore requires a bit
more processing power.
– Need for Authentication of public keys
22. 22
Random Numbers
• Random values are used for keys in symmetric
crypto. If the key is 56 bits long, every possible
combination must be equally likely
• Random values are used as seeds to generate prime
numbers used in asymmetric crypto.
• Security protocols such as IPSec and SSL can use
random values for challenge - response
authentication
23. 23
Prime Numbers
• Used to generate keys in public key crypto
• Mathematically convenient - Fermat Primes
• Fun Fact - There are 10151
prime numbers less than
155 decimal digits. There are only 1077
atoms in the
universe. Bruce Schneier
Applied Cryptography
24. 24
Basic Security Properties
• Authentication - authenticates each of the
communicating parties.
• Privacy - data scrambling prevents reading by
unauthorized parties.
• Integrity - assures that the information was not
modified while in transit.
• Non-repudiation - disallows a party denying a
previous message or action.
25. 25
Digital Signatures
• RSA digital signatures
– RSA signatures use the RSA Public Key
algorithm and a Message Digest algorithm such
as MD5 or SHA-1.
– Based on the idea that only I can encrypt data
with my private key. If that data can be
decrypted with my public key, and there is
unique relationship between keys, then I must
have been the one who performed the original
encryption.
26. 26
Message Digests
• Arbitrary input length - fixed output
• One way function
• Irreversible
• Collision free
MD5MD5
MessageMessage DigestDigest
27. 27
Message Digests
1. Any length input gives the same length output
2. One way: Given a digest, it is impossible to
reconstruct the original message
3. It is computationally infeasible to produce a
message with a specific digest
4. It is computationally infeasible to produce two
messages with the same digest
28. 28
Digital Signatures
• An RSA signature is created as follows:
– Hash the data object to be signed.
– Encrypt the hash with your private key.
– Transmit both the data object and the encrypted
hash.
• The RSA signature is verified as follows:
– Hash the data object received.
– Decrypt the encrypted hash.
– Compare the computed hash with the decrypted
hash.
31. 31
Digital Signature Example
Alice wants to buy something from Bob online
The two negotiate, agree on a price of $1,000
Alice signs a “contract”
She sends the message,
“I agree to pay Bob 1,000 dollars.”
She signs that message
32. 32
Alice’s signature
Alice computes the digest of the message
MD5 Digest: cb d8 9e 2f 60 81 79 72
58 10 a2 34 cd df 2f 5e
and encrypts this data with her private key. She
sends the message to Bob
33. 33
Digital Signature Example
Here is what Bob receives :
1. The message: “I agree to pay Bob 1,000 dollars.”
2. The signature:
3a ce af e2 58 8c 25 94 80 2c de 7c 0f 15 3c 40
39 17 ce 32 02 82 31 4f 8e 8b c7 73 aa f9 88 d3
59 b9 69 1a 85 d0 8a b2 60 f5 fb 54 1e a4 93 b7
f5 1d 4b 13 eb 4d 31 98 04 c7 a9 0a 09 e3 42 c2
9f e0 de 89 8b e5 b9 2e fc cc 9c 6b 7e 9d ef fb
07 64 84 86 fa 17 b7 af f6 03 9f 02 46 fb 88 0f
34. 34
Digital Signature Example
3. Alice’s public key:
cc 76 65 2b 4b 5d 97 2b 25 c4 64 d2 3b 96 5f aa
52 ca 08 b1 01 22 39 f4 aa 3f 8d 51 8b f5 50 c5
6d c4 c6 84 c7 8f e4 ed 49 27 28 00 5a 7c 10 12
a0 72 ec d2 85 92 a6 b0 f5 20 44 5e 41 eb 48 84
a2 b8 01 d8 b5 79 e6 92 0f a7 d2 5c 0b 02 35 92
63 af 4d d4 be ec ec aa 9d d5 96 71 35 1b b5 9f
01 00 01
35. 35
Bob Tries to Commit Fraud
Bob claims Alice agreed to pay $1,000,000
Bob produces the message
“I agree to pay Bob 1,000,000 dollars.”
36. 36
Bob Tries to Commit Fraud
So we digest the message that Bob presents
MD5 Digest: 4d 17 ef 57 11 74 94 44
69 0e 60 dc 68 a4 49 77
We also use Alice’s public key to decrypt her
signature, we get
cb d8 9e 2f 60 81 79 72
58 10 a2 34 cd df 2f 5e
37. 37
Bob Tries to Commit Fraud
The digests do not match, so we can say Alice did
not sign that message.
Bob does not get $1,000,000.
But he does get 5-7 in San Quentin for attempted
fraud, because Alice was well connected in the
governor's office.
38. 38
Alice Tries to Commit Fraud
Alice claims she never agreed to pay Bob $1,000
Bob produces the message
“I agree to pay Bob 1,000 dollars.”
and its associated digest
MD5 Digest: cb d8 9e 2f 60 81 79 72
58 10 a2 34 cd df 2f 5e
39. 39
Alice Tries to Commit Fraud
Bob produces a chunk of data he claims
is Alice’s signature
3a ce af e2 58 8c 25 94 80 2c de 7c 0f 15 3c 40
39 17 ce 32 02 82 31 4f 8e 8b c7 73 aa f9 88 d3
59 b9 69 1a 85 d0 8a b2 60 f5 fb 54 1e a4 93 b7
f5 1d 4b 13 eb 4d 31 98 04 c7 a9 0a 09 e3 42 c2
9f e0 de 89 8b e5 b9 2e fc cc 9c 6b 7e 9d ef fb
07 64 84 86 fa 17 b7 af f6 03 9f 02 46 fb 88 0f
40. 40
Alice Tries to Commit Fraud
We use Alice’s public key to decrypt that
chunk of data Bob claims is Alice’s signature, we get
cb d8 9e 2f 60 81 79 72
58 10 a2 34 cd df 2f 5e
We see it matches the digest of Bob’s message
There is only one way Bob could have gotten that
chunk of data that produced the digest of the message:
Alice signed that message
41. 41
Alice Tries to Commit Fraud
Is it possible Bob generated that chunk of data? Is it
possible Bob was able to find the right value without
knowing Alice’s private key?
No one has been able to do it so far
So Alice must have signed, she has to pay
42. 42
Digital Envelopes
• Digital envelopes are a privacy mechanism for
combining the strengths of both cryptographic
methods.
– A digital envelope is created as follows:a.
• Generate a random symmetric or session
key.
• Encrypt the data object with the session key.
• Encrypt the session key with the public key
of the recipient.
• Transmit both the encrypted data object
along with the encrypted session key.
43. 43
Digital Envelopes
• To “open” a digital envelope, perform the
following:
– Decrypt the session key with your private key.
– Decrypt the data object with the session key.
• Note: a digital envelope does not implicitly
increase the security of the encrypted data object.
The data object is still only encrypted with the
symmetric / session key. Digital envelopes do
solve the key distribution problem.
46. 46
The situation:
1. Anyone can generate their own public/private key pairs
2. Anyone can attach any name to a public key
3. Anyone can post a public key in the public directory
The dilemma:
How do I know for sure that the name on a given public key
really represents the person I want to communicate with?
The Dilemma
47. 47
Solution
A Digital Certificate authenticates
the binding between a public key
and an individual much like a
company ID badge binds your name
to your picture.
Digital Certificate
48. 48
Name, Organization, Address
Owner’s Public Key
Certificate Validity Dates
Serial Number
Certifying Authority’s
Digital Signature
Document
Digital Signature
Digital Certificate
Digital Certificates
49. 49
Digital Certificates
• In using certificates, a trusted third party is
needed. The function of this third party is to sign
public keys, hence the digital certificate.
• A digital certificate is a digital document that
contains a public key signed by the trusted third
party.
• The trusted third party is known as a Certificate
Authority or CA.
50. 50
Digital Certificates
• The most common type of certificate is referred to
as X.509.
– This is an international standard for the format
and information contained in a certificate. Trust
is hierarchical.
52. 52
Export Controls and Public Policy
• Hopefully, a historical footnote ...
• Governments are concerned with the misuse of
encryption:
– Espionage
– Criminal activity
• There is a requisite balance between the
government concerns and the use of cryptography
for commercial purposes.
53. 53
References
• The following are books on cryptography:
– Frequently Asked Questions About Today’s
Cryptography, Version 4.0., RSA
Laboratories
– Handbook of Applied Cryptography,
Menezes, van Oorschot, and Vanstone,
CRC Press, 1997
– Applied Cryptography, Protocols,
Algorithms, and Source Code in C, 2nd
Edition, Schneier, John Wiley & Sons, Inc.
1996
54. 54
References
• The following are URLs containing information on
cryptography:
– http://www.rsa.com
– http://jya.com/crypto.htm
– http://www.w3.org/security
– http://www.counterpane.com/hotlist.htm