Upload
nigel-mosley
View
222
Download
3
Embed Size (px)
Citation preview
10 – 12 APRIL 2005 Riyadh, Saudi Arabia10 – 12 APRIL 2005 Riyadh, Saudi Arabia
Encryption in Detail: The Inner WorkingsEncryption in Detail: The Inner Workings
Murat Lostar (murat@lostar NOSPAMcom)Information Security Consultant
Cryptography
The art of secret message writing.
Creating texts that can only be read by authorized individuals only.
Simple Cryptography
Plaintext
Key
Ciphertext
Caesar Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZ
NOPQRSTUVWXYZABCDEFGHIJKLM
THE GOTHS COMETH
rotate 13 positions
FUR TAFUE PAYRFU
Plaintext
Key
Ciphertext
13
ABCDEFGHIJKLMNOPQRSTUVWXYZBCDEFGHIJKLMNOPQRSTUVWXYZACDEFGHIJKLMNOPQRSTUVWXYZABDEFGHIJKLMNOPQRSTUVWXYZABCEFGHIJKLMNOPQRSTUVWXYZABCDFGHIJKLMNOPQRSTUVWXYZABCDEGHIJKLMNOPQRSTUVWXYZABCDEFHIJKLMNOPQRSTUVWXYZABCD...
Rotating Key Cipher
SOUND THE RETREAT
DEADFED
VSUPC XKG UEWWEX
plaintext
key
ciphertext
General Principles
Longer keys make better ciphers
Random keys make better ciphers
Good ciphers produce “random” ciphertext
Best keys are used once and thrown away
Symmetric (Private Key) Cryptography
Examples: AES, DES, RC5, IDEA, Skipjack
Advantages: fast, ciphertext secure
Disadvantages: must distribute key in advance, key must not be disclosed
DES: Data Encryption Standard
Widely published & used - federal standard
Complex series of bit substitutions, permutations and recombinations
Basic DES: 56-bit keys
Crackable in about a day using specialized hardware
Triple DES: effective 112-bit key
Stronger
AES (Rijndael)AES (Rijndael)
Standard replacement for DES for US government, and, probably for all of us as a result…
Winner of the AES (Advanced Encryption Standard) competition run by NIST (National Institute of Standards and Technology in US) in 1997-2000
Comes from Europe (Belgium) by Joan Daemen and Vincent Rijmen. “X-files” stories less likely (unlike DES).
Symmetric block-cipher (128, 192 or 256 bits) with variable keys (128, 192 or 256 bits, too)
Fast and a lot of good properties, such as good immunity from timing and power (electric) analysis
Construction deceptively similar to DES (XORs etc.) but really different
Asymmetric (Public Key) Cryptography
Examples: RSA, Diffie-Hellman, ElGamal Advantages: public key widely distributable, does
digital signatures Disadvantages: slow, key distribution
RSA
Algorithm patented by RSA Data Security
Uses special properties of modular arithmetic
C = Pe (mod n)
P = Cd (mod n)
e, d, and n all hundreds of digits long and derived from a pair of large prime numbers
Keys lengths from 512 to 4096 bits
Symmetric vs. Asymmetric EncryptionSymmetric vs. Asymmetric Encryption
Algorithm Type Description
Symmetric (DES, TripleDES, AES, IDEA, RC2…)
Uses one key to:Encrypt the data
Decrypt the data
Is fast and efficient
Requires secure transfer of key
Asymmetric (RSA, DH, DSA, ElGammal)
Uses two mathematically related keys:Public key to encrypt the data
Private key to decrypt the data
Is slower than symmetric encryption
Solves key distribution problem
Hybrid (RSA/AES etc.)Symmetric encryption of data
Asymmetric encryption of the symmetric key
Hybrid Encryption (Real World)Hybrid Encryption (Real World)
As above, repeated As above, repeated for other recipientsfor other recipientsor recovery agentsor recovery agents
DigitalDigitalEnvelopeEnvelope
Other recipient’s or Other recipient’s or agent’s agent’s publicpublic key key (in certificate)(in certificate)in recovery policyin recovery policy
Launch keyLaunch keyfor nuclearfor nuclear
missile missile ““RedHeat” RedHeat”
is...is...
Symmetric key Symmetric key encrypted asymmetrically encrypted asymmetrically
(e.g., RSA)(e.g., RSA)
Digital Digital EnvelopeEnvelope
User’sUser’spublicpublic key key(in certificate)(in certificate)
RNGRNG
Randomly-Randomly-Generated Generated symmetricsymmetric“session” key “session” key
SymmetricSymmetric encryption encryption(e.g. DES)(e.g. DES)
*#$fjda^j*#$fjda^ju539!3tu539!3t
t389E *&\@t389E *&\@5e%32\^kd5e%32\^kd
*#$fjda^j*#$fjda^ju539!3tu539!3t
t389E *&\@t389E *&\@5e%32\^kd5e%32\^kd
Launch keyLaunch keyfor nuclearfor nuclear
missile missile ““RedHeat” RedHeat”
is...is...
Launch keyLaunch keyfor nuclearfor nuclear
missile missile ““RedHeat” RedHeat”
is...is...
SymmetricSymmetricdecryption decryption (e.g. DES)(e.g. DES)
Digital Digital EnvelopeEnvelope
Asymmetric Asymmetric decryption of decryption of
“session” key (e.g. RSA)“session” key (e.g. RSA)
Symmetric Symmetric “session” key“session” key
Session key must be Session key must be decrypted using the decrypted using the recipient’s recipient’s private private keykey
Digital envelope Digital envelope contains “session” contains “session” key encrypted key encrypted using recipient’s using recipient’s public keypublic key
Recipient’s Recipient’s privateprivate key key
Hybrid DecryptionHybrid Decryption
Public Key Encryption: The Frills
Frill (add-on) Technique
Fast encryption/decryption Digital envelopesAuthentication of sender Digital signatureVerification of message integrity Message digestsSafe distribution of public keys Certifying authorities
Digital Envelopes
session keysession key
public key private key
Digital Signatures
public keyprivate key
Message Digests
sender’s public key
sender’s private key
hash
Verifying Simple Data Integrity with Hashes (Message Digests)Verifying Simple Data Integrity with Hashes (Message Digests)
User A User B
Data
Data
Hash Value
Hash Algorithm
Data
Hash Value
Hash Value
Hash AlgorithmIf hash values
match, data is valid
User A sends data and hash value to User B
Creating a Digital SignatureCreating a Digital Signature
Hash Hash Function Function
(SHA, MD5)(SHA, MD5)
Jrf843kjfgf*Jrf843kjfgf*££$&Hdif*7oU$&Hdif*7oUsd*&@:<CHsd*&@:<CHDFHSD(**DFHSD(**
Py75c%bn&*)9|Py75c%bn&*)9|fDe^bDFaq#xzjFr@gfDe^bDFaq#xzjFr@g5=&nmdFg$5knvMd’r5=&nmdFg$5knvMd’rkvegMs”kvegMs”
This is a This is a really long really long message message about about Bill’s…Bill’s…
AsymmetricAsymmetricEncryptionEncryption
Message or FileMessage or File Digital SignatureDigital Signature128 bits 128 bits Message DigestMessage Digest
Calculate a short Calculate a short message digest from message digest from even a long input even a long input using a one-way using a one-way message digest message digest function (hash)function (hash)
Signatory’s Signatory’s privateprivate key key
privatprivatee
Verifying a Digital SignatureVerifying a Digital Signature
Jrf843kjfJrf843kjfgf*£$&Hdgf*£$&Hdif*7oUsdif*7oUsd
*&@:<CHD*&@:<CHDFHSD(**FHSD(**
Py75c%bn&*)Py75c%bn&*)9|fDe^bDFaq9|fDe^bDFaq#xzjFr@g5=#xzjFr@g5=
&nmdFg$5kn&nmdFg$5knvMd’rkvegMs”vMd’rkvegMs”
Py75c%bn&*)Py75c%bn&*)9|fDe^bDFaq9|fDe^bDFaq#xzjFr@g5=#xzjFr@g5=
&nmdFg$5kn&nmdFg$5knvMd’rkvegMs”vMd’rkvegMs”
AsymmetricAsymmetricdecryption decryption (e.g. RSA)(e.g. RSA)
Everyone has Everyone has access to trusted access to trusted public key of the public key of the signatorysignatory
Signatory’s Signatory’s publicpublic key key
Digital SignatureDigital Signature
This is a This is a really long really long message message
about Bill’s…about Bill’s…
Same hash functionSame hash function(e.g. MD5, SHA…)(e.g. MD5, SHA…)
Original MessageOriginal Message
Py75c%bn&*)Py75c%bn&*)9|fDe^bDFaq9|fDe^bDFaq#xzjFr@g5=#xzjFr@g5=
&nmdFg$5kn&nmdFg$5knvMd’rkvegMs”vMd’rkvegMs”
Py75c%bn&*)Py75c%bn&*)9|fDe^bDFaq9|fDe^bDFaq#xzjFr@g5=#xzjFr@g5=
&nmdFg$5kn&nmdFg$5knvMd’rkvegMs”vMd’rkvegMs”
? == ?? == ?Are They Same?Are They Same?
Certifying Authorities
X.509 CertificateX.509 Certificate
Certificate Authority Digital Signature Certificate Authority Digital Signature of All Components Together:of All Components Together:
Serial NumberSerial Number
Issuer X.500 Issuer X.500 Distinguished NameDistinguished Name
Validity PeriodValidity Period
Subject X.500Subject X.500Distinguished NameDistinguished Name
Subject Public KeySubject Public KeyInformationInformation
Key/Certificate UsageKey/Certificate Usage
ExtensionsExtensions
OU=Project OU=Project Botticelli…Botticelli…
The Key or Info About ItThe Key or Info About It
Hierarchy of Trust
Transmitting Public Keys
Future is Here:Quantum CryptographyFuture is Here:Quantum Cryptography
Method for generating and passing a secret key or a random stream
Not for passing the actual data, but that’s irrelevant
Polarisation of light (photons) can be detected only in a way that destroys the “direction” (basis)
So if someone other than you observes it, you receive nothing useful and you know you were bugged
Perfectly doable up to 120km long fibre-optic link
Commercial applications available as of Nov 2003 (BB84)
Don’t confuse it with quantum computing, which won’t be with us for at least another 50 years or so, or maybe longer…
For more informationFor more information
The Code Book (Simon Singh) ISBN: 0385495323
RSA (www.rsa.com)
Applied Cryptography, B. Schneier, John Wiley & Sons, ISBN 0-471-11709-9
Foundations of Cryptography, O. Goldereich, www.eccc.uni-trier.de/eccc-local/ECCC-Books/oded_book_readme.html
© 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only.MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.