Facilities for Secure Communication

1
Facilities for Secure Communication

2
The Internet is insecure

• The Internet is a shared collection of networks.
• Unfortunately, that makes it insecure
• An example
• Cable modems use TV wiring to deliver high-speed
  Internet services to customers
• Groups of customers share the same bandwidth
• ? anybody in the group can eavesdrop to any body
  elses communication

3
Issues in Internet Security

• Privacy messages should be read only by the
  sender and the intended destination
• Ex1. If you send your credit card number, you
  would like to know that only the receiver can
  read the message.
• Ex2. If you send digital merchandise, like an
  e-ticket, you would like that only the party that
  paid for it could use it.
• Authenticity be sure who the communicating
  party is
• Ex1. Who is the sender of an e-mail?
• Ex2. Is this web page really set up by Columbia?

4
Issues in Internet security (cont.)

• Data integrity a message should arrive at the
  destination exactly as it was sent
• Ex one can steal merchandise simply by changing
  the delivery address
• Solution encryption

5
Encryption methods

• Have a code for each symbol
• The communicating parties share the code
• Ex p stands for w, o for a, and t for r. What
  does pot stand for?
• Widely used starting with ancient Rome
• Problem easy to break if computers are used to
  break the code.

6
Secret key cryptography

• Secret key
• Based on the previous idea, but uses
  sophisticated mathematical procedures to encrypt
  and to decrypt
• If M is a message, and K is a secret key then
• Mdecrypt(K,encrypt(K,M))
• Advantage encrypt, decrypt are (relatively)
  efficient functions

7
Secret Key Cryptography (cont.)
Vacation is coming!!

Alice
_at_1!3
Bob
_at_1!3
Vacation is coming!!
8
Problems with secret keycryptography

• Deployment all communicating parties have to
  know the key.
• How can they take hold of it? Obviously, not by
  sending an message via the Internet.
• Large number of keys a dedicated key is needed
  for each set of communicating parties
• Cannot be used for signing
• when receiving an encrypted message one cannot be
  sure who is the sender---might be anybody who
  knows the secret key

9
A Breakthrough Public Key Cryptography

• Discovered in the 70s by Diffie and Hellman
• A person (principal) has two keys
• A private key, that he keeps secret
• A public key, that anybody may know
• Property a message encrypted with one of the
  keys can be decrypted with the other

10
Public Key Cryptography (cont.)

• Sending an authentic message. (Also called a
  signed message.)

Alice
_at_1!3
Vacation is coming !!
secret
public
Bob
Vacation is coming !!
_at_1!3
Alices public key
11
Public Key Cryptography (cont.)

• Sending a confidential message

Alice
Indeed!
1
secret
public
1
Indeed!
Alices public key
12
Encrypting with public/private keys

• To achieve privacy
• If A wants to send a message to B that only B can
  read, A encrypts the message with Bs public key
• A sends Mencrypt(pubB ,M)
• B decrypt(privB ,M)
• To prove authenticity (signing)
• If A wants to send to B a message and wants to
  prove that it is authentic
• A encrypts the message with its private key
• A sends Mencrypt(privA ,M)
• B decrypts the message with As public key
• B recovers Mdecrypt(pubA ,M)
• How about data integrity?

13
Public key cryptography

• Advantages
• Provide for privacy, authenticity and integrity
• May be used to distribute secret keys
• The price to pay
• Encryption and decryption takes considerably
  longer to perform than for secret key
  cryptography.

14
But

• No method (public or secret cryptography)
  guarantees absolute security
• If a third party uses enough computers, enough
  time it will be able to break the code
• However, the time required to break the code is
  (believed to be) sufficiently long as to make the
  network reasonably secure.