The document provides a comprehensive overview of the history and principles of cryptography, detailing various ciphers like the Caesar, Vigenère, and RSA, along with the differences between symmetric and public key cryptography. It also discusses the political implications of cryptography, particularly in the context of U.S. export laws and the ensuing 'crypto wars'. Additionally, the document addresses security challenges, the necessity for good cryptographic practices, and highlights the ongoing threats to privacy and security in the digital age.

1. Cryptography A Brief History Prasenjeet Dutta Cybernet Software Systems Inc. [email_address]

2. Presented at SRM College Chennai 2002

3. In Today’s Session Part I The Ciphers Part II The Politics Part III Security and Privacy Part IV Questions

4. Basic Definitions Cryptography : The Science of creating coded messages Cryptanalysis : The Art of breaking coded messages Cleartext : the original message Ciphertext : the encoded message Key : Input to the cryptographic algorithm Passphrase : User input from which the key is usually derived

5. Part I The Ciphers ◄ contents

6. Early History: Caesar Cipher Classically attributed to Julius Caesar Simple “Shift By Three to the Right” Rule “ATTACK” would become “DWWDFN” Easily Breakable if you knew the Rule Today, easily breakable otherwise as well Demo

7. Transposition Ciphers Message Written in a Rectangular Block Letters transposed in Pre-arranged order ATTACK CORSICA AT DAWN becomes A T T A C AKID TCCA TOAW ARAN CSTX K C O R S I C A A T D A W N X Demo

8. Vigenère Cipher Attributed to French mathematician Blaise de Vigenère, 1585 Generalization of the Caesar Cipher Bidirectional n-Shift cipher Considered secure until 1863 The Kasiski/Kerchoff method of Frequency Analysis and the “Index of Coincidence” Demo

9. One Time Pad (“Vernam Ciphers”) Special Case of the Vigenère Cipher Plaintext length == Key length Key is assumed to be random Proven to be mathematically secure against all attacks Randomness not easy to generate Non-randomness of key makes algorithm breakable Has been used for ultra-sensitive telephonic hotlines

10. WWII: The Enigma Mechanical Device: Gears/Plugs Essentially a complex polyalphabetic cipher Key Transport major issue GCHQ cracked it Turning point in the war Demo

11. A Taxonomy of Ciphers Substitution Ciphers : The Ciphertext is formed by mathematically transforming the Plaintext Most commonly Used Transposition Ciphers : The Ciphertext is formed by re-arranging the Plaintext Considered Primitive Concealment Ciphers : The Plaintext is “hidden” away from ordinary view

12. Substitution Ciphers Monoalphabetic : only one sort of substitution is used, e.g. Caesar Polyalphabetic : more than one substitution, e.g. Vigenère, Enigma Block Cipher : Operates on discrete blocks of plaintext, outputs discrete blocks of ciphertext, e.g. DES, Blowfish, Rijndael Ideal for offline encryption of large blocks of data at a time

13. Substitution Ciphers, contd. Stream Cipher : generates a keystream and combines with plaintext to form ciphertext, e.g. RSA’s RC4 Suitable for online encryption of smaller chunks of data, e.g. Encrypting Voice Comms Approximates a One Time Pad when used this way Much faster than block ciphers for online work Block ciphers can also emulate stream ciphers, though slowly

14. Symmetric Ciphers Used for most heavy-duty encryption today DES, Blowfish, Twofish, Rijndael… One Common Key for Encryption and Decryption Decryption is the mathematical inverse of encryption, i.e.: F (plaintext, key) = ciphertext F (ciphertext, key) = plaintext

15. The Key Distribution Problem Throughout history, ciphers were symmetric Symmetric Ciphers share encryption and decryption keys Key Dist presents practical problems Prone to Man-in-the-middle attacks This situation lasted until 1976

16. Enter Public Key Cryptography Known to British and American Intelligence since the 1960s as “non-secret encryption” Non-classified invention would take 15 more years Practical only with large scale computer resources Concept and Key-Exchange technique proposed by Diffie/Hellman, 1976 No Cryptosystem implementation

17. R, S and A First Practical of a Diffie/Hellman Cryptosystem Rivest, Shamir, Adelman 1978 System allowed Encryption/Decryption, Key Exchange and Message Signing Other PK algorithms today: Diffie/Hellman, ElGamal, DSA Even today, RSA probably most versatile

18. The RSA Algorithm Choose two primes p and q. Compute n = pq and s = (p-1)(q-1). Choose e such that e is relatively prime to s and e < s. Find d such that de = 1 mod s and d < s. The private key KR = {d, n}. The public key KU = {e, n}. Encryption is: C = m e (mod n). Decryption is: M = C d (mod n).

19. RSA for Encryption Let p=7 and q=17. Thus n = pq = 119. Thus s = (p-1)(q-1) = 96. We choose e = 5. We determine ‘d’ to be 77, since 77x5 = 385 = 4x96 + 1, that is, de=1 mod s and d < s Encryption (for a plaintext M = 19). (19^5) % 119 = 66 Decryption (for a ciphertext M = 19). (66^77) % 119 = 19

20. RSA For Signing Using the same parameters as before, we will encrypt our plaintext (19) using our private key . This is equivalent to “signing” Signing (for a plaintext M = 19) (19^77) % 119 = 66. The corresponding decryption using our public key is called “verification.” Decryption (for a signed text S = 66) (66^5) % 119 = 19.

21. PK vs. Symmetric Ciphers Symmetric Algorithms not obsolete PK Ciphers far too slow PK ciphers better suited to transporting symmetrical keys or message digests than general purpose encryption. PK Ciphers require very large keys to attain decent security a 128 bit RSA key is very weak compared to a 128 bit Blowfish key. PK Algorithms tend to be simple mathematically, depending on the NP-hardness of their algorithms for security Symmetric algorithms tend to be convoluted because of multiple steps, many of them non-linear.

22. Hashes and Steganography Hashes Verify Message Integrity Creates a fixed size output from variable-length input using a one-way series of transforms MD5 and SHA-1 are the most used algorithms Steganography attempts to hide “real” messages within a larger, “innocent” message Often used to disguise the fact that any message is being transmitted at all Demo

23. Part II The Politics ◄ contents

24. The Politics of Crypto Cryptography doesn’t occur in a vacuum Crypto exists because bad guys exist Crypto products are munitions according to the US BXA Illegal Export is a federal felony After 9/11, can be a terrorist-abetment offence If you work on crypto, know your laws!

25. Indian Law Import not restricted License may be required The IT Act 1999 requires mandatory key surrender if required for national security

26. US Cryptographic Law US prohibits export of certain “grades” of cryptographic products Though they are very easily downloadable over the Net Most cryptographic functions in US software used to be crippled badly before export MSIE 4, 5 with “56 bit” security Lotus Notes with “64-24 bit” security Today, general export (except to the Terrorist “T-7” nations) is permitted

27. US Laws, contd. Allowed (2002 Rules): Nearly all Symmetric Algorithms Lengths above 64 bits require mandatory notification PK Ciphers up to 512 bits Elliptic Curve Ciphers up to 112 bits Why is US Law so Important? Largest exporter of Software Most European Countries have a problem with this Germany currently funding GPG

28. Part III Security and Privacy ◄ contents

29. The Crypto Wars Daniel Bernstein waged a legal battle to declare the US Crypto Export Regulations illegal Philip Zimmerman wrote PGP to take crypto to the masses The hope was that good, ubiquitous crypto would make computing secure for everyone Eventually, the Crypto Regulations crumbled Is secure computing there yet?

30. The Bigger Picture Cryptography is one step towards achieving a secure system, or our privacy By itself, it guarantees nothing Security is a Process No silver bullets Not even cryptography All crypto is breakable, given enough time and computer resources

31. The Black Hats Strike Back BonziBuddy, Kazaa and Nimda Threats for a new generation Crypto too hard to use for common users Despite S/MIME, secure email has not taken off Palladium (MS) and TCPA (Intel) now aim to take crypto into hardware But not all the security infrastructure in the world will help protect non-security-minded users

32. Pretty Bad Privacy “In God we trust. All others we monitor.” Tongue-in-cheek NSA motto 28 dishes 100k simultaneous calls 2 million messages/hr 17.5 billion messages/yr And that’s just one station: Menwith Hill, UK Plus satellite interceptors, undersea taps, etc

33. And it gets worse With strong crypto proliferating, NSA stated policy is to now go “beyond crypto” Keystroke Logging to capture keystrokes Van Eck Phreaking to read characters from Electromagnetic Radiation from monitors Spy Satellites can now spot 10cm 2 objects from orbit Mandated ISP taps (Carnivore) Social Engineering 9/11 has added urgency Intelligence agencies must combine/pool databases The goal is “Total Information Awareness”

34. That Said… …crypto is not totally useless Good crypto is good enough to stop industrial espionage, network snoopers and casual crackers/script kiddies Crypto-enabled protocols are much more secure than vanilla FTP, Telnet or HTTP

35. Improving Computer Security Become Security Aware Security is a Process No Magic Bullets Windows, Linux, Trusted Solaris: all need work Encrypt Network Traffic: SSH, HTTPS, SFTP Use IPSec and DNSSec if you can Avoid Single Points of Failure Audit !

36. Thanks for Listening! Questions? ◄ contents

37. Further Exploration Light Reading The Code Book , Simon Singh Introduction Cryptography and Network Security , William Stallings Graduate Level Handbook of Applied Cryptography http://www.cacr.math.uwaterloo.ca/hac/

38. On the Internet sci.crypt FAQ http://www.faqs.org/faqs/by-newsgroup/sci/sci.crypt.html Crypto Link Farm http://www.cs.auckland.ac.nz/~pgut001/links.html Crypto-Gram http://www.counterpane.com/crypto-gram.html

39. The End