Cryptography Basics Henry Wise Wood Math and Computer

  • Slides: 19
Download presentation
Cryptography Basics Henry Wise Wood Math and Computer Science Club December 12, 2011

Cryptography Basics Henry Wise Wood Math and Computer Science Club December 12, 2011

Why do I need Cryptography? Confidentiality Ensuring that only intended recipients can read a

Why do I need Cryptography? Confidentiality Ensuring that only intended recipients can read a message Authentication / Non-repudiation Proving one’s identity and preventing a sender from denying that he/she sent the message Integrity Verifying that a message has not been damaged in transmission

Hash functions A one-way function that takes an arbitrary amount of data and produces

Hash functions A one-way function that takes an arbitrary amount of data and produces a fixed-length output, called a hash/digest 0 to ∞ bytes of data A Cryptographic hash function 16 byte hash 16 -byte hash has 128 bits, so there are 2128 ≈ 3. 4 × 1038 possible hashes

Using a hash function Bob wants to send data to Suzy, and he wants

Using a hash function Bob wants to send data to Suzy, and he wants to make sure that she gets the correct data So, he first generates a hash of the data and Bob’s sends both the data and hash to Suzy music Upon receipt of the data, Suzy hashes the collection data and checks if the hash she generates Hash of data matches the hash Bob sends If it matches, the data is intact. Otherwise, Suzy knows that the data has been damaged in transit and must ask Bob to send it again

Summary: Why do I need a hash function? Confidentiality Ensuring that only intended recipients

Summary: Why do I need a hash function? Confidentiality Ensuring that only intended recipients can read a message Authentication / Non-repudiation Proving one’s identity and preventing a sender from denying that he/she sent the message Integrity Verifying that a message has not been damaged in transmission

Symmetric encryption The same secret key is used for both encryption and decryption Key

Symmetric encryption The same secret key is used for both encryption and decryption Key sized is fixed – common sizes are 16 bytes (128 bits) and 32 bytes (256 bits) Encryption Data + Secret key (16 bytes) Encryption function Encrypted data Decryption Encrypted data + Secret key (16 bytes) Decryption function Data

Symmetric encryption with passwords How do we convert a password into a fixed-length key?

Symmetric encryption with passwords How do we convert a password into a fixed-length key? PASSWORD Data + Cryptographic hash function Secret key (16 bytes) 16 byte hash (secret key) Encrypted data Slower hash functions are more secure because they make brute-force attacks hard The password is usually hashed multiple times to make it slower

Summary: Why do I need a symmetric encryption? Confidentiality Ensuring that only intended recipients

Summary: Why do I need a symmetric encryption? Confidentiality Ensuring that only intended recipients can read a message Authentication / Non-repudiation Proving one’s identity and preventing a sender from denying that he/she sent the message Integrity Verifying that a message has not been damaged in transmission

Postal problem Alice needs to send a secret message to Bob through the mail

Postal problem Alice needs to send a secret message to Bob through the mail Alice has never met Bob Alice has a lockable iron box Bob has a padlock and key The postal service will read her message unless it is locked inside the iron box How can Alice and Bob accomplish their goal?

Postal problem solution Bob sends Alice his lock but keeps the key Alice places

Postal problem solution Bob sends Alice his lock but keeps the key Alice places her message in the iron box and locks it with Bob’s lock Bob receives the box and unlocks it

Asymmetric encryption Different keys are used for encryption and decryption. The keys are mathematically

Asymmetric encryption Different keys are used for encryption and decryption. The keys are mathematically related, but it is unfeasible to derive one key from the other Common key sizes are 128 bytes (1024 bits), 256 bytes (2048 bits) and 512 bytes (4096 bits) Encryption Data + Encryption key (128 bytes) One-way Encrypted data Decryption Encrypted data + Decryption key (128 bytes) One-way Data The encryption key is like Bob’s padlock, and the decryption key is like Bob’s key Bob sends Alice his encryption key. Alice encrypts her message with it and sends it back to Bob decrypts the message with his decryption key.

Asymmetric encryption: practical considerations Cipher Speed (on 1. 8 GHz Core 2 Duo) Time

Asymmetric encryption: practical considerations Cipher Speed (on 1. 8 GHz Core 2 Duo) Time to process 1 GB file Cipher name Number of operations to crack Symmetric encryption 100 MB/s 10 sec 128 -bit AES 2128 Symmetric decryption 100 MB/s 10 sec 128 -bit AES Asymmetric encryption 1 MB/s 16. 67 min 3072 -bit RSA Asymmetric decryption 0. 02 MB/s (20 KB/s) 13. 89 hrs 3072 -bit RSA 2128 It is unfeasible to encrypt large amounts of data with asymmetric encryption Usually, asymmetric encryption is only used to encrypt a key for symmetric encryption Hackers can exploit this to bring down websites Notice that key size does not indicate security level

Digital signatures A digital signature proves the authenticity of a message There are 2

Digital signatures A digital signature proves the authenticity of a message There are 2 keys in a digital signature scheme, a signing key and verification key Only the signing key can be used to sign messages, and only the verification key can be used to verify messages The signing key and verification key are mathematically related, but it is unfeasible to derive one from the other

Digital signatures Hash functions + asymmetric encryption = digital signature Signing 0 to ∞

Digital signatures Hash functions + asymmetric encryption = digital signature Signing 0 to ∞ bytes of data 16 byte hash Cryptographic hash function + Encryption key (signing key) Asymmetric encryption 16 byte hash Encrypted hash (digital signature) Only a person who has the correct encryption key will be able to produce the encrypted hash However anyone with the decryption key will be able to decrypt the encrypted hash By successfully decrypting the hash, this proves the identity of the signer

Digital signatures Signing 0 to ∞ bytes of data 16 byte hash Cryptographic hash

Digital signatures Signing 0 to ∞ bytes of data 16 byte hash Cryptographic hash function + Encryption key (signing key) 16 byte hash Asymmetric encryption Encrypted hash (digital signature) Verification 0 to ∞ bytes of data Encrypted hash (digital signature) Cryptographic hash function + Decryption key (verification key) 16 byte hash Asymmetric decryption 16 byte hash If the hashes match, verification is successful

Digital signatures FAQ Signing 0 to ∞ bytes of data 16 byte hash Cryptographic

Digital signatures FAQ Signing 0 to ∞ bytes of data 16 byte hash Cryptographic hash function + Encryption key (signing key) Asymmetric encryption 16 byte hash Encrypted hash (digital signature) Q. Why not just encrypt the whole data instead of the hash? A. 2 reasons: It is too slow for practical use (1 GB takes 16 hrs) Hashing ensures integrity while encryption alone does not

Summary: Why do I need a digital signature? Confidentiality Ensuring that only intended recipients

Summary: Why do I need a digital signature? Confidentiality Ensuring that only intended recipients can read a message Authentication / Non-repudiation Proving one’s identity and preventing a sender from denying that he/she sent the message Integrity Verifying that a message has not been damaged in transmission

Future of cryptography New CPUs, such as the Intel Core i 7, have hardware

Future of cryptography New CPUs, such as the Intel Core i 7, have hardware AES encryption/decryption, allowing speeds of over 1 GB/s A quantum computer, if one could ever be built, would permanently break most asymmetric encryption and digital signature algorithms

Wood Combustion Basics Topics Wood Composition Combustion ProcessWood Combustion Basics Topics Wood Composition Combustion Process
Cryptography www wiley comgogollmann Cryptography Cryptography is theCryptography www wiley comgogollmann Cryptography Cryptography is the
UNIT5 Cryptography 1 Principles Of Cryptography 2 CryptographyUNIT5 Cryptography 1 Principles Of Cryptography 2 Cryptography
Introduction to Cryptography 1 What is Cryptography CryptographyIntroduction to Cryptography 1 What is Cryptography Cryptography
Basic Cryptography 1 What is cryptography Cryptography isBasic Cryptography 1 What is cryptography Cryptography is
Introduction to Cryptography 1 Cryptography Cryptography Original meaningIntroduction to Cryptography 1 Cryptography Cryptography Original meaning
2 12 Cryptography Javascript Cryptography Backend Cryptography Frontend2 12 Cryptography Javascript Cryptography Backend Cryptography Frontend
BASIC CRYPTOGRAPHY Classical Cryptography Public Key Cryptography OVERVIEWBASIC CRYPTOGRAPHY Classical Cryptography Public Key Cryptography OVERVIEW
CRYPTOGRAPHY CRYPTOGRAPHY Krypts grphein secret writing CRYPTOGRAPHY KryptsCRYPTOGRAPHY CRYPTOGRAPHY Krypts grphein secret writing CRYPTOGRAPHY Krypts
CS 5323 Cryptography Basics and Symmetric Cryptography ProfCS 5323 Cryptography Basics and Symmetric Cryptography Prof
Cryptography Basics Outline n Classical Cryptography Caesar cipherCryptography Basics Outline n Classical Cryptography Caesar cipher
Cryptography Basics 1 Cryptography Basic terminologies Symmetric keyCryptography Basics 1 Cryptography Basic terminologies Symmetric key
Computer Programming Basics Computer Programming Basics Computer programsComputer Programming Basics Computer Programming Basics Computer programs
HEART WISE EXERCISE Heart Wise Exercise A modelHEART WISE EXERCISE Heart Wise Exercise A model
WISE 2016 WISE a global trust community whereWISE 2016 WISE a global trust community where
Wise Groundwater Use Participatory Groundwater Management 4 WiseWise Groundwater Use Participatory Groundwater Management 4 Wise
school Wise Programma wat is school Wise waaromschool Wise Programma wat is school Wise waarom
WELCOME Welsh Wise Quiz 2015 Cwis Welsh WiseWELCOME Welsh Wise Quiz 2015 Cwis Welsh Wise
WILD WISE SOOKE Wild Wise Sooke is aWILD WISE SOOKE Wild Wise Sooke is a
Wise County Public Schools Pathway Program Wise CountyWise County Public Schools Pathway Program Wise County
WISE Widefield Infrared Survey Explorer WISE will mapWISE Widefield Infrared Survey Explorer WISE will map
Making Wise Decisions Making Wise Decisions There isMaking Wise Decisions Making Wise Decisions There is
Inhoud Wat is mediatheek Wise Waarom mediatheek WiseInhoud Wat is mediatheek Wise Waarom mediatheek Wise
Peer Wise Student Instructions Peer Wise is aPeer Wise Student Instructions Peer Wise is a
WISE Workshop Policy Development Kit WISE Information SecurityWISE Workshop Policy Development Kit WISE Information Security
1 10 3 WISE MENS GIFTS THE WISE1 10 3 WISE MENS GIFTS THE WISE
Wise Virginia By Vanessa Collier Wise Virginia TheWise Virginia By Vanessa Collier Wise Virginia The
WISE 2017 Collaborating Communities WISE a global trustWISE 2017 Collaborating Communities WISE a global trust
CHEME 2105 WOOD AND WOOD PRODUCTS Laboratory exerciseCHEME 2105 WOOD AND WOOD PRODUCTS Laboratory exercise
WOOD 280 Wood Anatomy and Identification Dr SimonWOOD 280 Wood Anatomy and Identification Dr Simon
wood and wood products sirodgze 2010 CLASSIFICATION OFwood and wood products sirodgze 2010 CLASSIFICATION OF
Introduction to Wood Properties and Wood Products Puu28Introduction to Wood Properties and Wood Products Puu28
The World of Psychology Wood and Wood PhysiologicalThe World of Psychology Wood and Wood Physiological
Wood Dust and Asthma April 2010 Wood DustWood Dust and Asthma April 2010 Wood Dust
Chapter 8 Wood and Wood Products Objectives AfterChapter 8 Wood and Wood Products Objectives After
The World of Psychology Wood and Wood IntroductionThe World of Psychology Wood and Wood Introduction
Variation in sources of wood and wood deliveryVariation in sources of wood and wood delivery
MATH Math text books and math note booksMATH Math text books and math note books
Cubist wood relief sculpturePicasso Sprawling painted wood sculptureCubist wood relief sculpturePicasso Sprawling painted wood sculpture
WOOD 280 Macroscopic wood anatomy features Figure GrainWOOD 280 Macroscopic wood anatomy features Figure Grain