Basic Cryptography Overview


Published on

Basic Cryptography Overview for my CSCI 1100 - Intro to Computing class

Published in: Technology, Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Basic Cryptography Overview

  1. 1. Instructor: Mr. E. Anwar Reddick
  2. 2.   Internet and computer communications technologies are inherently insecure Without security, anyone with access to the communications infrastructure can READ AND MODIFY the messages your computer sends out
  3. 3.  Security techniques make use of a process called encryption ◦ “en” means to make ◦ “crypt” means secret or hidden  Cryptography – use of secret writing (use of encryption) ◦ “graphy” means writing or some form or representation   Cryptology – study of secret writing Cryptanalysis – “breaking” secret writing aka uncovering the secret
  4. 4. Encryption is the process of taking a “cleartext” message and making it uncomprehensible  Example: Transforming the clear-text message such as “Hello World” into some cipher-text such as “n3$1#ved9” 
  5. 5.    Secure Sockets Layer (SSL) Transport Layer Security (TLS) Internet Protocol Security (IPsec) ◦ Used by Virtual Private Networks (VPNs)   Wired Equivalent Privacy (WEP) WiFi Protected Access (WPA)
  6. 6.     An encryption algorithm is like a treasure chest Put your secret in a chest and lock it with a key Whoever has the right key can reveal the secret Revealing the secret (opening the chest) with a key is called decryption
  7. 7.  Modern encryption (and decryption) algorithms are based on mathematical operations ◦ Messages and keys are converted to numbers ◦ Remember computers operate on binary!  Let: ◦ E -> encryption algorithm, D -> decryption algorithm ◦ M -> clear-text message, C -> cipher-text ◦ K -> key   E(M, K) = C D(C, K) = M
  8. 8.    The math is extremely complex If a hacker obtained C, but did not have K, the hacker “should” not be able to use D to produce M in a reasonable amount of time with a reasonably powerful computer Reasonably powerful computer? ◦ Think the most powerful supercomputer times 2  Reasonable amount of time? ◦ Think thousands of years!
  9. 9.   Cryptography is only good until someone figures out how to take C and D and produce M without knowing K in a short amount of time At that point, it’s time for a new algorithm! ◦ Think about how WEP was found to be insecure and led to the development of WPA ◦ DES was found to be insecure and led to the development of Triple-DES and AES  Really, really, really smart people (good-natured and bad) called cryptographers work tirelessly trying to break cryptographic algorithms
  10. 10.  Symmetric Cryptography ◦ The key that is used for encryption is also used for decryption  Asymmetric Cryptography ◦ One key is used for encryption and a different key is used for decryption
  11. 11.   If Leia wants to send a secret message “death star location” to Luke… They first need to have a copy of the same key – called a secret key ◦ Remember they must keep the key secret! Secret Key 1
  12. 12.  Then Leia must find a chest made to use the key ◦ I.e., Leia must find a suitable symmetric encryption algorithm
  13. 13.   Then Leia can put the message into the chest, lock it, and have it sent to Luke I.e., Leia can encrypt the message and send it across the insecure Internet to Luke (via Email, WWW, etc)
  14. 14.   Luke has the secret key, so he can retrieve the message and do his job I.e., Luke uses the secret key to decrypt the message
  15. 15.    Since only Luke and Leia have the secret key, only they can open the chest If the message gets intercepted in transit (which happens on the Internet), the message remains uncomprehensible If the message gets destroyed in transit, Leia can just try again
  16. 16.     Luke and Leia must agree on a key to use before they can communicate secretly This is not always feasible Asymmetric Cryptography addresses this problem Symmetric Cryptography is nevertheless still important for computer security
  17. 17.  Leia and Luke, separately, create two keys, called a key-pair ◦ Leia has her pair, and Luke has his own, different pair   One of Leia’s keys is called her private key and the other is called her public key Let Kpre denote Leia’s private key ◦ Kpbe deontes Leia’s public key  E(M1, Kpre) = C’ ◦ D(C’, Kpbe) = M1  E(M1, Kpbe) = C” ◦ D(C”, Kpre) = M1
  18. 18.     Did you catch that? Go back and double check. If a message is encrypted (with an asymmetric algorithm) with a private key, then the resulting cipher text can be decrypted only with the corresponding public key If a message is encrypted with a public key, then the cipher text can be decrypted only with the corresponding private key There’s complex math to make this work
  19. 19.   RSA is a set of asymmetric algorithms created by Ron Rivest, Adi Shamir, and Leonard Adleman They figured out how to make the math work in 1977 ◦ Following research done by Whitfield Diffie, Martin Hellman, and Ralph Merkle    No one has been able to break it yet  Web (SSL, TLS), and e-mail encryption is based on RSA Translation: pretty much your entire digital life is protected by RSA ◦ Online banking, E-commerce ◦ Online access to school, health, personal records, etc
  20. 20.   Why the names “private” and “public” keys? You keep your private key private ◦ Only you should have access to your private key!  Anyone can know your public key and the cryptography still works just fine ◦ It’s okay even for bad guys to know your public key
  21. 21.  Leia has her key-pair, and Luke has his own public Kpbe Kpbu private Kpre  Kpru Assume there are magical treasure chests that work with key-pairs ◦ Complex math can often seem like magic
  22. 22.     Leia wants to send the message “death star location” to Luke in a way that only Luke can read the message Leia has a magic asymmetric chest (aka asymmetric algorithm) Which key should Leia use to encrypt the message? The answer is on next slide
  23. 23.  Luke’s public key! ◦ Remember it’s okay for everyone to have your public key, even the bad guys ◦ Here, we’re assuming that Leia can reliably access Luke’s public key  Why Luke’s public key? ◦ Only Luke’s private key can be used to decrypt the message  And only Luke should have Luke’s private key
  24. 24.   Leia puts the message in a chest, locks it with Luke’s public key, and has it sent to Luke No one, besides Luke, can open the chest ◦ Not Vader, not even Leia Kpbu
  25. 25.   Luke uses his private key that he keeps private to open the chest, see the message, and can do his job I.e., Luke decrypts the message with his private key Kpru
  26. 26.        What if Vader alters Leia’s chest (alters the cipher text)? What if Vader replaces Leia’s chest with his own chest with a fake message that he locks with Luke’s public key? How does Leia get Luke’s public key? What happens if Luke looses his private key? What happens if Luke’s private key gets stolen? Why is symmetric cryptography still used? How do Leia and Luke agree on a symmetric key if they’re not together?
  27. 27.     After the 1st death star is destroyed, the Empire builds another one at another location. With symmetric cryptography, what if Vader captures Leia’s new chest for the 2nd death star but replaces it with a copy of Leia’s original chest with the old location? What if a chest (or encryption algorithm) is defective? This information is just the basics Wikipedia is an excellent source of more information