Encryption

innocentsickAI and Robotics

Nov 21, 2013 (3 years and 11 months ago)

56 views

Cryptography


Secret
-
Key and Public
-
Key Cryptography


Cryptographic Primitives


Common Public
-
Key Cryptosystems


Comparison of Security Levels of PKCS


Emerging Trends


IEEE P1363

Private
-
Key Cryptography

Secret Message

Private Key

Private Key

Secret Message

Data Encryption

Sender

Receiver

Public
-
Key Cryptography

Secret Message

Recipient’s
Public Key

Secret Message

Recipient’s
Private Key

Interloper’s
Private Key

Cannot decrypt, because
message opens only with
the recipient’s Private key

Data Encryption

Public
-
Key Cryptography

Random Message

Private Key

Garbled Message

Public Key

Signature Verified
Yes / No

Digital Signature

Authentication

B

Party B

Party A

Party A

Party B

Random Message

{random message} B’s Private Key

Random Message

,Yeah! This is B!

{
Random Message

, Yeah! This is B! } B’s Private Key

Random Message

Cryptographic Systems


Integer Factorization Systems


p * q = n


Discrete Logarithm Systems


y = g
x

( mod p )


Elliptic Curve Cryptosystems


Y

2

= x

3

+ ax + b (mod p)


Comparison of Security Levels


Current acceptable
security level is
10
12

MIPS

Comparison of security levels ECC and RSA & DSA
0
1000
2000
3000
4000
5000
6000
10000
1000000000
1E+12
1E+20
1E+36
Time to break key (MIPS years)
Key size (bits)
ECC
RSA & DSA
Emerging Trends


Secure Channels
-

Secure Socket Layer
(SSL), Private Communications
Technology (PCT)


Server Gated Cryptography (SGC)


Authenticode


CryptoAPI

Secure Socket Layer


Client









Server


Hello

C










Hello

S









Certificate

S

(Client verifies Certificate

S
)

(Client extracts P

S

from Certificate

S
)

(Client selects algorithm A)

(Client generates session key K)


{K} P

S

SpecifyAlgorithm (A)

{Finished

C
} K









SpecifyAlgorithm (A)









{Finished

S
} K











{DATA

C
} K






{DATA

S
} K


CryptoAPI Model

Application

Certificate
Functions

Simplified
Crypto Functions

Base Cryptographic Functions

Microsoft
Base Provider

Smart Card

Cryptographic Service Providers

Crypto API Interface

IEEE P1363


Comprehensive
coverage of the
primitive and schemes
of the three families of
PKCS


Goal is to provide
guidance but leave
flexibility


No key lengths


Discusses Key
Agreement, Digital
Signatures and
Encoding Schemes


A forum for
discussion