Introduction to Cryptography

shoulderslyricalΤεχνίτη Νοημοσύνη και Ρομποτική

21 Νοε 2013 (πριν από 3 χρόνια και 11 μήνες)

57 εμφανίσεις




Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
1

of
10

Introduction to Cryptography



SUMMARY:


All encryption systems rely on the notion of a key. A key is the basis for a
transformation, usually mathematical, of an ordinary message into a unreadable one. For
centuries, most encryption systems have relied on
what is called private
-
key encryption.
Only within the last 30 years has a challenge to private
-
key encryption

appeared public
-
key encryption.

Private
-
key encryption systems use a single key. This requires the sender and the receiver
to share the key. Bot
h must have the key; the sender encrypts the message by using the
key, and the receiver decrypts the message with the same key. Both must keep the key
private to keep their communication private.


If, you are new to the area of public key cryptography it
may answer some
of your questions
.

Please note that when you use MailSecure, this process all takes place automatically in a
few seconds.


There are two kinds of cryptosystems:
symmetric

and
asymmetric
. Symmetric
cryptosystems use the same key (the secre
t key) to encrypt and decrypt a message, and
asymmetric cryptosystems use one key (
the public key)

to encrypt a message and a
different key (the private key) to decrypt it. Asymmetric cryptosystems are also called
public key

cryptosystems.


The concept of

public
-
key cryptography was introduced in 1976 by Whitfield Diffie
and Martin Hellman.
[
www.x5.net/faqs/crypto].


Their revolutionary idea was to enable secure message exchange between sender and
receiver without ever having to meet in advance to agree on

a common secret key.


ENCRYPTION
-
DECRYPTION (DEFINITI
ONS):



Encryption is a
key
-
based
mathematical transformation that changes
plaintext
to
cipher text in such a way that the reverse operation
-

decryption
-

is very difficult
without possession of the
key



Decryption is the inverse transformation, and reverses the encryption (converts
cipher text back to plaintext)


• R
eversing the encryption requires you to have, or can guess, the decryption key


Typically the larger the key, the harder it is to gue
ss


USES OF PUBLIC KEY C
RYPTOGRAPHY:





Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
2

of
10

1

Pr楶慴 me獳慧敳⁷楴潵琠灲楯t⁳ cre琠步t⁥ch慮来


䑯Dumen琠楮瑥杲瑹


䅵瑨en瑩t慴ade獳慧e猠⡮潮
-
repud楡瑩潮)


Confidential data transfer (“bulk” encryption)


䅳獵red⁩ en瑩t礠慮d u獥r⁡ 瑨tn瑩t慴楯a⁷楴h潵琠
“passwords in the clear”



Digital Timestamp Service
-

issues timestamps which associate a date and time
with a digital document in a cryptographically strong manner.



1).
Private Messages

(“Many to One” private communication) :



Example:

Entity “A”
-

a researcher whose workstation is on an open, insecure, network
-

wishes to
communicate with assured privacy with entity “B”, a collaborator on the other side of the
country

B’s public key is available from a source that is “reliable”. E.g. an employer
’s
X.500/LDAP or Web server (commercial enterprise public keys are frequently published
in the business section of the Sunday New York Times)



A obtains B’s public key over the open network


A uses B’s public key to encrypt a message for B


2).
Document

Integrity

:



Is what B received exactly what A sent?


A generates a message / document


A generates a “message digest” (a small, fixed
-
length code (bit string) that is unique to
the original message
-

a “one
-
way hash” code).


A encrypts the message d
igest with A’s private key and includes the encrypted digest
with the plaintext message / document.


Anyone can read the original message (e.g., a deed, a computer security advisory
message, etc.)


B verifies the
integrity
of A’s message by generating th
e hash code for the received
message, decrypting the message digest with A’s public key and comparing the two.

(a match => received message is the same as the original)



Other types of document integrity :



A “document” can be any digital data (e.g. a digital image, digital video clip, digital
audio clip, etc.)


A verified time stamp can prove
when
a document was generated
-

“postmarks”
-

time
stamps that verify the

contents of a document at a given point in time
-

can be generated
by sending the message digest to a trusted third party who adds a guaranteed accurate
time stamp and digitally signs the combined document (digest plus time stamp) and
returns it.
Importan
t for patent notes, lab notebooks, etc.





Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
3

of
10

4).
Confidential Data

(“How to exchange lots of private data”) :



Public key encryption is relatively expensive, and is not suited to encrypting large
volumes of data


Single key encryption (e.g. DES) is suitable for “bulk” encryption


Example: transferring a confidential file.


Using symmetric / secret key cryptogr
aphy, a temporary (“session”) key is generated
and used to encrypt large datasets.


The session key can be encrypted with the public key of the intended recipient and sent,
in confidence, to the recipient.


The encrypted data can be transferred over an i
nsecure network.


The intended recipient decrypts the session key using his/her private key, and then uses
the session key to decrypt the data.


5).
User Authentication

(logging in remotely without passwords) :



If a remote system can obtain a public key for which it has some confidence as to the
“identity” of the “person” to whom that public key was issued ;.. then there are protocols
that allow the remote system to authenticate the user on his/her local system

and permit a
“login” (e.g. a telnet or X
-
window session from the local to the remote system) without
exchanging any passwords “in the clear” (and over an encrypted channel, if desired)


See, e.g., “SSH (Secure Shell) Remote Login Program”

(http://www.cs
.hut.fi/ssh)


“Identity”



Several of the uses of public key cryptography (e.g. user authentication) depend on
establishing the identify of the holder of a private key.


That is, how do you know that the holder of the private key (the person that encrypt
ed
the message that you have just received and were able to decrypt with the corresponding
public key)
is really the person that you think it is
?



all that public key cryptography “guarantees” is that public and private keys come in
uniquely associated pa
irs, not who holds the private key


In this theory, each person/company gets a pair of keys, one called the
public key
and the
other called the
private key.

Each person’s public key is published, which is published
under the users name in a
public director
y

accessible for everyone to read while the
private key is kept secret. The need for the sender and receiver to share secret information
is eliminated; all communications involve only public keys, and no private key is ever
transmitted or shared. No longer

is it necessary to trust some communications channel to
be secure against eavesdropping or betrayal. The only requirement is that public keys are
associated with their users in a trusted (authenticated) manner (for instance, in a trusted
directory). Anyon
e can send a confidential message by just using public information, but
the message can only be decrypted with a private key, which is in the sole possession of



Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
4

of
10

the intended recipient. Furthermore, public
-
key cryptography can be used not only for
privacy (
encryption
), but also for authentication (
digital signatures
).



ADVANTAGES OF PUBLIC
-
KEY CRYPTOGRAPHY

1.

Only the private key must be kept secret (authenticity of public keys must, however, be
guaranteed).

2.

The administration of keys on a network requires th
e presence of only a functionally
trusted TTP as opposed to an unconditionally trusted TTP. Depending on the mode of
usage, the TTP might only be required in an
offline

manner, as opposed to in real time.

3.

Depending on the mode of usage, a private key/publ
ic key pair may remain unchanged
for considerable periods of time, e.g., many sessions (even several years).

4.

Many public
-
key schemes yield relatively efficient digital signature mechanisms. The
key used to describe the public verification function is typi
cally much smaller than for the
symmetric
-
key counterpart.

5.

In a large network, the number of keys necessary may be considerably smaller than in the
symmetric
-
key scenario.

DISADVANTAGES OF PUB
LIC
-
KEY ENCRYPTION

1.

Throughput rates for the most popular publi
c
-
key encryption methods are several orders
of magnitude slower than the best
-
known symmetric
-
key schemes.

2.

Key sizes are typically much larger than those required for symmetric
-
key encryption,
and the size of public
-
key signatures is larger than that of t
ags providing data origin
authentication from symmetric
-
key techniques.

3.

No public
-
key scheme has been proven to be secure (the same can be said for block
ciphers). The most effective public
-
key encryption schemes found to date have their
security based on

the presumed difficulty of a small set of number
-
theoretic problems.

DIGITAL SIGNATURES


Two additional components of information security are integrity and authenticity. How
can a recipient know that the message has not been tampered with or changed and

is
actually from the purported party? If we communicate electronically with those we do not
know, we must have a way to address these concerns. Digital signatures provide this.

A digital signature is a portion of a message encrypted with a user's private
key. Anyone
who knows this user's public key could now decrypt this digital signature and the
message it signs.

By doing so, the recipient would know that this message and its digital signature could
have come only from the owner of the private key corresp
onding to the public key used
to decrypt.

Only the corresponding private key could have originally encrypted the message. Digital
signatures not only ensure that the received message is exactly the one sent, but also
verify that the alleged sender actually

sent it. In a public key system, the private key is
never transferred or distributed. Consequently, the risk of an outsider obtaining this
critical item is very small.




Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
5

of
10

DIGITAL CERTIFICATES


However, we still need to know, without doubt, that the owner of

a public key is who he
claims to be. This involves the intervention of a disinterested, trusted third party that
binds a public key to an individual or entity that it has positively identified. This binding
mechanism is know as a digital certificate. A di
gital certificate can be considered
analogous to a passport.

Like a passport, a certificate serves as a credential; it contains information that establishes
an individual's identity, along with a unique identifying number. A digital certificate is an
elect
ronic credential that contains specific identification information
-
name, address, and
company
-
along with the individual's public key. With a passport, information is verified
and A Certificate Authority issues, verifies, and revokes certificates, just as a

government
issues, validates, and seizes passports. The Certificate Authority's digital signature attests
to the binding of the individual's identity and his public key. The CA, like any individual,
has a certificate containing its identifying information

and public key so that anyone who
needs to authenticate a CA signature can do so. To create a digital signature, a
cryptographic function takes digitized information and a CA's private key as inputs and
returns the signature as the unique output.

Finally,

if necessary, the digital signature can be authenticated with an inverse
cryptographic function that take the same digitized certificate information and the CA's
public key as inputs to generate a unique output called an authenticator. The CA can then
be

compared to the claimed signature.

In the near future, a hierarchy of Certificate Authorities will exist. Two parties with
certificates issued and signed by different Certificate Authorities will be able to mutually
authenticate each other by relying on t
he signature of a higher level of Certificate
Authority, such as the U.S. Postal Service.


CERTIFICATE ATTRIBUT
ES


Digital signatures, like handwritten signature, can be used as proof of agreement with or
ownership of the contents of a document. The identi
fying information in the certificate
can be trusted because the digital signature is cryptographically strong. The signature
contained in a digital certificate meets the following criteria (listed in Schneier's Applied
Cryptography, Wiley

& sons, 1994):

1)
. It must be non
-
forgeable. The signature proves that the signer deliberately signed the
document.

2).It must be authentic. The signature convinces the document's recipient that the signer
deliberately signed the document.

3). It must not be reusable. The

signature is part of the document, and an unscrupulous
person cannot move the signature to a different document.

4). It must make the signed document unalterable. In the case of digital signatures, after a
document is signed, it cannot be altered without
detection.

5). It cannot be repudiated. The signature and the document, although intangible, are
physical entities. The signer cannot claim later that he or she did not sign it.






Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
6

of
10

PUBLIC
-
KEY CIPHERS



Traditional
secret key

cryptography uses a single key sha
red by both sender and
receiver.



If this key is disclosed communications are compromised



Also does not protect sender from receiver forging a message & claiming is sent
by sender, parties are equal



public
-
key

(or
two
-
key
)
cryptography

involves the use of

two keys:

o

a
public
-
key
, which may be known by anybody, and can be used to
encrypt messages
, and
verify signatures


o

a
private
-
key
, known only to the recipient, used to
decrypt messages
,
and
sign

(create)

signatures







The public
-
key is easily computed from the private key and other information
about the cipher (a polynomial time (P
-
time) problem)



However, knowing the public
-
key and publ
ic description of the cipher, it is still
computationally infeasible to compute the private key (an NP
-
time problem).



Thus, the public
-
key may be distributed to anyone wishing to communicate
securely with its owner (although secure distribution of the pub
lic
-
key is a non
-
trivial problem
-

the
key distribution

problem)



Have three important classes of public
-
key algorithms:

o

Public
-
Key Distribution Schemes

(PKDS)
-

where the scheme is used to
securely exchange a single piece of information (whose value depe
nds on
the two parties, but cannot be set).

o

This value is normally used as a session key for a private
-
key scheme

o

Signature Schemes

-

used to create a digital signature only, where the
private
-
key signs (create) signatures, and the public
-
key verifies
si
gnatures.

o

Public Key Schemes (PKS)

-

used for encryption, where the public
-
key
encrypts messages, and the private
-
key decrypts messages.

o

Any public
-
key scheme can be used as a PKDS, just by selecting a
message which is the required session key.




Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
7

of
10

o

Many publ
ic
-
key schemes are also signature schemes (provided
encryption & decryption can be done in either order) .



DIFFIE
-
HELLMAN PUBLIC
-
KEY DISTRIBUTION SCH
EME



First public
-
key type scheme proposed was a PKDS by Diffie & Hellman in 1976:

W Diffie, M E Hellman,

"New directions in Cryptography", IEEE Trans.
Information Theory, IT
-
22, pp644
-
654, Nov 1976 .



An excellent overview of cryptography at this time is:

W Diffie, M E Hellman, "Privacy and Authentication: An Introduction to
Cryptography", Proc. of the IEEE,

Vol 67 No 3, pp 397
-
427, Mar 1979



It is a public
-
key distribution scheme

o

it cannot be used to exchange an arbitrary message

o

only a key, whose value depends on the participants (and their private and
public key information)



Is based on exponentiation i
n a finite (Galois) field, either over integers modulo a
prime, or a polynomial field

o

nb exponentiation takes O((log n)
3
) operations



Its security relies on the difficulty of computing logarithms in these fields

o

nb discrete logarithms takes O(e

log n log

log n
) operations ..





Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
8

of
10

CONCLUSION

With private
-
key encryption, you have to be careful of stolen or intercepted keys. In
public
-
key encryption, where anyone can create a key pair and publish the public key, the
challenge is in verifying that the owner of
the public key really is the person you think it
is. There is nothing to stop a user from creating a key pair and publishing the public key
under a false name. The person listed as the owner of the public key will not be able to
read messages encrypted wit
h that key because he or she will not have the private key. If
the creator of the false public key can intercept these messages, that person can decrypt
and read messages intended for someone else. To counteract the potential for forged
keys, public
-
key sy
stems provide mechanisms for validating public keys (and other
information) with digital signatures and digital certificates



[Source:http:// www.unicom.com/
pw/pubnetinfosec/ crypto
-
pubkey.gif ]






Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
9

of
10




[http://www.home7.inet.tele.dk/ hunter/basics.html]




Some sample symmetric ciphers
:

o

Export
-
grade RC4 (40 bits)

o

DES (5
6 bits)

o

Domestic
-
grade RC4 (128 bits)

o

IDEA (128 bits)




Author : Deepank Gupta


Topic :Introduction to Cryptography





Page
10

of
10

Practice:

Alice and Bob want to communicate in secret, while Eve wants to eavesdrop. Alice
and Bob could be military jets, on
-
line businesses or just friends trying to have a
private conversation. T
hey can't stop Eve listening to their radio signals (or tapping
their phone line, or whatever), so what can they do to keep their communication
secret