Part 3: Cryptography

1
Part 3 Cryptography

• Large Numbers
• Random Numbers
• Cryptographic Hashes
• Symmetric Encryption
• Asymmetric Encryption (public keys)
• Digital Signatures
• Digital Certificates
• Protocols

2
Why Cryptography?

• Authenticate humans and devices
• Communication is private
• Data storage can be made private
• Certificates make no use of shared secrets
• All the technologies are open, trusted, well
  known and proven
• Software can be attested
• All known network attacks do not work against
  cryptographically secure communications
• Except Denial of Service

3
Cryptography?

• Cryptography provides strong techniques for
• Privacy
• Authentication
• Non-repudiation
• Un-forge-ability
• Most cryptography schemes are based on
• Cryptographic Hashes
• Symmetric encryption
• Public Key Encryption
• Digital Signatures
• Public Key Encryption is the solution to the
  problem of shared secrets
• And much more

4
Large Numbers
Time to crack a key, if 1 trillion keys can be
tested in 1 sec
Total Number of Atoms on Earth 2160
5
Random Numbers

• Cryptographically Secure Random Numbers (CSR)
• Can be generated by pseudo-random-number-generator
  s (CSRPRNG)
• Two 128 bit random numbers cannot be the same
• Will happen once in 1015 million years (!)
• Birthday Paradox may happen as soon as 107 years
• Used to generate keys, identifications
• Cannot guess random numbers
• Ok, maybe 1 in 1015 million years
• One in every few thousand numbers are prime

6
Cryptographic Hashes

• A hash of a document is a fixed sized number
  (also called message digest) produced by some
  hashing algorithm (MD5, SHA-1)
• No two documents can have the same hash
• Surprising, but with high level of confidence
• Slight changes in a document causes large changes
  in the hash
• A hash of any data can be used as a fingerprint
  of that data

Document
H
hash
7
Hash collisions

• Thought to be impossible
• Only one known so far for a good algorithm
• MD5 hash collision

8
Symmetric Encryption

• Same key for encryption and decryption, Ek(Ek(m))
  m
• Used for privacy
• Many unbreakable schemes exist
• Open algorithms are the best
• DES, 3DES, IDEA, AES
• Key exchange a major problem (shared secret)

Key k
Plaintext m
E
Ciphertext Ek(m)
m
E
k
9
Asymmetric Encryption

• Also known as Public Key Encryption
• Different keys for encryption and decryption,
  Ek2(Ek1(m)) m
• Very varied applications
• Key exchange is trivial

Note k1 and k2 are unrelated, yet
related Cannot find k2 if k1 is given But there
is only one k2, given a k1
Public key k1
m
E
Ek1(m)
m
E
Private key k2
My convention K1A Alices Public Key, K2A
Alices Private Key
10
Cryptanalysis

• Breaking encryption using many different
  techniques, rather than Brute Force
• Known Ciphertext Attack
• Known Plaintext Attack
• Chosen Plain text attack
• Adaptive chosen plaintext attack
• Differential Cryptanalysis
• Linear Cryptanalysis

11
Steganography

• Hiding data in data, in some obscure way
• LSB of pictures
• First letter of each paragraph
• Security via obscurity
• Has some important advantages, specially when
  steganography is combined with cryptography

By removing all but the last 2 bite of each color
component, an almost completely black image
results. Making the resulting image 85 times
brighter results in the second image
12
Kerkhoffs Principle

• Paraphrased, the set of six rules imply
• The security of a cryptosystem must depend on
  the key and not the encryption algorithm. The
  algorithms must be widely known.
• Almost all known situations where the algorithm
  was kept secret, have been broken
• Enigma
• DVD encryption
• GSM encryption
• RFID encryption
• (net secret, but deployed quickly) WiFi
  encryption (WEP)

13
Pitfalls of Proprietary Algorithms

• Proprietary algorithms violate Kerkhoffs
  principle, even if the designers did not want to
  violate the principle
• Designers of cryptosystems fail to see its flaws
• Even without knowing the cipher, the ciphers are
  broken
• Open standards are very important in
  cryptography, they algorithms must be scrutinized
  heavily

14
Substitution Ciphers

• Substitute a letter with another letter
• Caesar Cipher
• Mono alphabetic
• Very easy to break
• Vigenere Cipher
• Poly alphabetic
• Took 300 years to break
• Kasiski Attack
• Now we know it is easily breakable

Vigenere Cipher Table A B C D E F G H I J K L
M N O P A A B C D E F G H I J K L M N O P B
B C D E F G H I J K L M N O P Q C C D E F G H I
J K L M N O P Q R D D E F G H I J K L M N O P
Q R S E E F G H I J K L M N O P Q R S T F
F G H I J K L M N O P Q R S T U G G H I J K L
M N O P Q R S T U V H H I J K L M N O P Q R S
T U V W I I J K L M N O P Q R S T U V W X J
J K L M N O P Q R S T U V W X Y K K L M N O
P Q R S T U V W X Y Z
15
Unbreakable Cipher

• Unconditionally secure
• Cannot be broken with brute force
• ONE TIME PAD
• Not practically usable either

16
Block and Stream Ciphers
Plaintext

• Block CipherN bit block of data is encrypted
  with N bits of key to produce N bits of output
• DES, AES, IDEA
• Most of the current ciphers
• Stream Cipher
• Works one bit at a time of plaintext
• Good for hardware implementations
• RC4, SEAL

Encrypter
Key
Ciphertext
Key
State Machine
Plaintext
Ciphertext
17
DES

• Data Encryption Standard (DES) was created in
  after a NIST issued RFP in 1973, which culminated
  in the winner Lucifer. Lucifer was modified by
  NSA to yield DES
• Plaintext -gt Initial Permutation -gt 16 rounds
  -gt final permutation -gtCiphertext
• S-BOX Confusion
• P-BOX Permutation

18
DES Round
PBOX0 16 1 72 203 21 4 29 5 12 6
28 7 17 8 1 9 15 10 23 11 26 12 5
13 18 14 31
SBOX0 14 1 42 133 1 4 2 5 15 6 11 7
8 8 3 9 10 10 6 11 12 12 5 13 9 14
0
L
R
Key
52
32
32
shift
shift
Expansion
Compression
48
48
S-Box
32
P-Box
Key
L
R
19
Crypto Protocols

• Cryptographic Protocols are self enforcing
  protocols
• As opposed to arbitrated or adjudicated protocols
• They are used for
• Privacy,
• Integrity,
• Authentication,
• Non-repudiation,
• Access Control,
• Anonymity
• Time stamping
• Voting
• Cash
• and much more

20
Coin Tossing

• Alice and Bob wants to toss a coin, on the
  telephone
• Alice chooses a random number R
• Alice sends to Bob an N bit cryptographic hash(R)
• Bob guesses even or odd
• Alice send Bob R
• How does that work?
• It does, and there are many more coin toss
  protocols

21
Communication

• Symmetric Key Communication
• Alice and Bob agrees on a key K
• Alice sends Bob a message M encrypted in K using
  algorithm E
• A -gt B Ek(M) Bob decrypts message
  Dk(Ek(M)) M
• B-gtA Ek(M) Alice decrypts message Dk(Ek(M))
  M
• How does Alice and Bob exchange K?
• key exchange

22
Key Exchange

• Diffie Helman Key Exchange
• Public Key based Key exchange
• Bob sends the communication key S (session key)
  to Alice, encrypted in Alices public key
• No one other than Alice can find the session key
• Can be done over insecure networks
• Vulnerability Man in the middle attacks
• Solution Use digital certificates

K1A
Alice
Bob
EK1A(S)
Bob
Alice
K1A Alices Public Key, K2A Alices Private
Key
23
Authentication

• Bob sends a challenge to Alice
• Challenge random number
• Alice responds with the number, encrypted in
  Alices private key
• Bob knows Alices public key, hence decrypts the
  response and finds its the same as the random
  number she sent
• No one other than Alice can do this
• Alice never exposes the private key
• Public Key User ID
• Private Key Password
• NO LEAKAGE POSSIBLE!

R
Alice
Bob
EK2A(R)
Bob
Alice
24
RSA

• Rivest Shamir Adelman
• Patented in 1983, expired in 2000
• Based on difficulty of factorization
• Choose two large random prime numbers p and q,
• Compute n pq
• Compute f(n) (p-1)(q-1)
• Choose an integer e, such that e, is coprime to
  f(n)
• -- e, n are released as the public key
• Compute d, to satisfy (de) mod f(n) 1
• -- d, is kept as the private key

25
Secure Hybrid Communication
K1A Alices Public Key, K2A Alices Private
Key

• Protocol 1
• Alice -gt Bob Hello Alice
• Bob -gt Alice AliceBob, EK2B(hash(Alice
  Bob))
• Protocol 2
• Alice -gt Bob Hello Alice
• Bob -gt Alice Bob, K1B
• Alice -gt Bob Prove it
• Bob -gt Alice AliceBob, EK2B(hash(Alice
  Bob))

26
Secure Hybrid Communication

• Protocol 3
• Alice -gt Bob Hello Alice
• Bob -gt Alice Bob, Bobs Certificate
• Alice -gt Bob Prove it
• Bob -gt Alice AliceBob, EK2B(hash(Alice
  Bob))
• Protocol 4
• Alice -gt Bob Hello Alice
• Bob -gt Alice Bob, Bobs Certificate
• Alice -gt Bob Prove it
• Bob -gt Alice AliceBob, EK2B(hash(Alice
  Bob))
• Alice -gt Bob EK1B(KEY)
• all communications EKEY (message)

Discussed later
27
Man in the Middle

• Without certificates MITM attacks possible on
  public key protocols
• Certificate issuance, verification and
  Certificate Authority public Key distribution
  forms the underlying infrastructure of PKI
• PKI Public Key Infrastructure
• Web of Trust can also be used
• Certificates are covered after Digital
  Signatures

28
Digital Signatures

• Digital Signatures are like real paper
  signatures, but much better
• Properties include
• Verifiably Authentic (with high degree of
  confidence)
• Unforgeable Another person cannot sign
• Not reusable Cannot lift signature from one
  document to another
• Unalterable The signed document cannot be
  altered
• Non repudiable The person signing cannot claim
  she did not sign it
• Simple Signature Scheme
• Alice signs a document EK2A(DOCUMENT)

K1A Alices Public Key, K2A Alices Private
Key
29
Digital Signatures
Signature of H EK2A(H)
D
H
S
D Document
Cryptographic Hash of D

• An electronic document can be signed
• E.g. a check via Email!
• The document cannot be altered, forged,
  repudiated
• Very powerful technique, much better than paper
  signatures

30
Digital Certificates

• Digital signatures and public key authentication
  assumes you know a persons public key
• How do you know for sure?
• A digital certificate is a ID-Card, with a
  persons identity and public key and a
  certificate authoritys (CA) signature
• Can be verified
• Provides safe authentication
• Safe from most attacks, cannot be forged, cannot
  be misused

Name and Information for Alice
Alices Public Key
Signature of Certificate Authority
Digital certificate
31
Communication with Certificates

• Certificates can be used to determine identity
  without any attack possibilities
• As long as the certificate authority is trusted
• Since certificates are PKI based, key exchange is
  simple
• Protocol 4 (from earlier) is used

32
Message Authentication Codes

• To preserve message integrity
• Makes sure no one tampers, or replaces and sender
  is authenticated on every message
• EKEY(message, EKEY( h (message)))

Added number of bits is small
33
Hierarchical Certificates
rCA
CA1
Pub Key
rCA Sig
CA3
CA2
CA1
Alice
CA1
Pub Key
rCA Sig
Alice
Pub Key
CA1 Sig
34
Attacks on Public Keys

• Alice meets Bob and knows his public key
• Alice send a random number to Bob for challenge
  response and Bob encrypts the number using
  private key and returns
• Alice can fool Bob into decrypting documents,
  signing documents
• Alice sends Bob a good document
• Bob signs and returns
• Alice can fool Bob into signing a bad document
• Birthday Attack

35
Birthday Paradox
There are N people in a room. What is the
probability that two people have the same
birthday?
36
Match Probabilities

• Choose a number (0..9)
• Now pick a number at random, what is the
  probability of getting the chosen number?

Pick numbers at random (0..9) What is the
probability that you get two numbers with same
value?
37
How to do a Birthday Attack

• Create a Good Document
• Create a Bad Documents
• Perturb or change the documents a million
  times
• Hash them and see if there is a match between a
  good document and bad document
• With 80 bit hashes, chances are quite high
• Moral Use 160bit hashes

38
The final PKI lesson

• Never encrypt something that was given to you
  with private key and let others know the result.
  Change it first.
• Never sign something that was given to you.
  Change it first.

39
Other Protocols

• Cryptographic Protocols exist for
• Timestamping
• Group communication
• Group signatures
• Secret sharing, secret splitting
• Secure multiparty computations
• Blinding and cut and choose
• Coin tossing, card dealing
• Secure electronic elections
• Digital cash and micropayments
• Many more