10 – 12 APRIL 2005 Riyadh, Saudi Arabia10 – 12 APRIL 2005 Riyadh, Saudi Arabia

Encryption in Detail: The Inner WorkingsEncryption in Detail: The Inner Workings

Murat Lostar (murat@lostar NOSPAMcom)Information Security Consultant

Cryptography

The art of secret message writing.

Creating texts that can only be read by authorized individuals only.

Simple Cryptography

Plaintext

Key

Ciphertext

Caesar Cipher

ABCDEFGHIJKLMNOPQRSTUVWXYZ

NOPQRSTUVWXYZABCDEFGHIJKLM

THE GOTHS COMETH

rotate 13 positions

FUR TAFUE PAYRFU

Plaintext

Key

Ciphertext

13

ABCDEFGHIJKLMNOPQRSTUVWXYZBCDEFGHIJKLMNOPQRSTUVWXYZACDEFGHIJKLMNOPQRSTUVWXYZABDEFGHIJKLMNOPQRSTUVWXYZABCEFGHIJKLMNOPQRSTUVWXYZABCDFGHIJKLMNOPQRSTUVWXYZABCDEGHIJKLMNOPQRSTUVWXYZABCDEFHIJKLMNOPQRSTUVWXYZABCD...

Rotating Key Cipher

SOUND THE RETREAT

DEADFED

VSUPC XKG UEWWEX

plaintext

key

ciphertext

General Principles

Longer keys make better ciphers

Random keys make better ciphers

Good ciphers produce “random” ciphertext

Best keys are used once and thrown away

Symmetric (Private Key) Cryptography

Examples: AES, DES, RC5, IDEA, Skipjack

Advantages: fast, ciphertext secure

Disadvantages: must distribute key in advance, key must not be disclosed

DES: Data Encryption Standard

Widely published & used - federal standard

Complex series of bit substitutions, permutations and recombinations

Basic DES: 56-bit keys

Crackable in about a day using specialized hardware

Triple DES: effective 112-bit key

Stronger

AES (Rijndael)AES (Rijndael)

Standard replacement for DES for US government, and, probably for all of us as a result…

Winner of the AES (Advanced Encryption Standard) competition run by NIST (National Institute of Standards and Technology in US) in 1997-2000

Comes from Europe (Belgium) by Joan Daemen and Vincent Rijmen. “X-files” stories less likely (unlike DES).

Symmetric block-cipher (128, 192 or 256 bits) with variable keys (128, 192 or 256 bits, too)

Fast and a lot of good properties, such as good immunity from timing and power (electric) analysis

Construction deceptively similar to DES (XORs etc.) but really different

Asymmetric (Public Key) Cryptography

Examples: RSA, Diffie-Hellman, ElGamal Advantages: public key widely distributable, does

digital signatures Disadvantages: slow, key distribution

RSA

Algorithm patented by RSA Data Security

Uses special properties of modular arithmetic

C = Pe (mod n)

P = Cd (mod n)

e, d, and n all hundreds of digits long and derived from a pair of large prime numbers

Keys lengths from 512 to 4096 bits

Symmetric vs. Asymmetric EncryptionSymmetric vs. Asymmetric Encryption

Algorithm Type Description

Symmetric (DES, TripleDES, AES, IDEA, RC2…)

Uses one key to:Encrypt the data

Decrypt the data

Is fast and efficient

Requires secure transfer of key

Asymmetric (RSA, DH, DSA, ElGammal)

Uses two mathematically related keys:Public key to encrypt the data

Private key to decrypt the data

Is slower than symmetric encryption

Solves key distribution problem

Hybrid (RSA/AES etc.)Symmetric encryption of data

Asymmetric encryption of the symmetric key

Hybrid Encryption (Real World)Hybrid Encryption (Real World)

As above, repeated As above, repeated for other recipientsfor other recipientsor recovery agentsor recovery agents

DigitalDigitalEnvelopeEnvelope

Other recipient’s or Other recipient’s or agent’s agent’s publicpublic key key (in certificate)(in certificate)in recovery policyin recovery policy

Launch keyLaunch keyfor nuclearfor nuclear

missile missile ““RedHeat” RedHeat”

is...is...

Symmetric key Symmetric key encrypted asymmetrically encrypted asymmetrically

(e.g., RSA)(e.g., RSA)

Digital Digital EnvelopeEnvelope

User’sUser’spublicpublic key key(in certificate)(in certificate)

RNGRNG

Randomly-Randomly-Generated Generated symmetricsymmetric“session” key “session” key

SymmetricSymmetric encryption encryption(e.g. DES)(e.g. DES)

*#$fjda^j*#$fjda^ju539!3tu539!3t

t389E *&\@t389E *&\@5e%32\^kd5e%32\^kd

*#$fjda^j*#$fjda^ju539!3tu539!3t

t389E *&\@t389E *&\@5e%32\^kd5e%32\^kd

Launch keyLaunch keyfor nuclearfor nuclear

missile missile ““RedHeat” RedHeat”

is...is...

Launch keyLaunch keyfor nuclearfor nuclear

missile missile ““RedHeat” RedHeat”

is...is...

SymmetricSymmetricdecryption decryption (e.g. DES)(e.g. DES)

Digital Digital EnvelopeEnvelope

Asymmetric Asymmetric decryption of decryption of

“session” key (e.g. RSA)“session” key (e.g. RSA)

Symmetric Symmetric “session” key“session” key

Session key must be Session key must be decrypted using the decrypted using the recipient’s recipient’s private private keykey

Digital envelope Digital envelope contains “session” contains “session” key encrypted key encrypted using recipient’s using recipient’s public keypublic key

Recipient’s Recipient’s privateprivate key key

Hybrid DecryptionHybrid Decryption

Public Key Encryption: The Frills

Frill (add-on) Technique

Fast encryption/decryption Digital envelopesAuthentication of sender Digital signatureVerification of message integrity Message digestsSafe distribution of public keys Certifying authorities

Digital Envelopes

session keysession key

public key private key

Digital Signatures

public keyprivate key

Message Digests

sender’s public key

sender’s private key

hash

Verifying Simple Data Integrity with Hashes (Message Digests)Verifying Simple Data Integrity with Hashes (Message Digests)

User A User B

Data

Data

Hash Value

Hash Algorithm

Data

Hash Value

Hash Value

Hash AlgorithmIf hash values

match, data is valid

User A sends data and hash value to User B

Creating a Digital SignatureCreating a Digital Signature

Hash Hash Function Function

(SHA, MD5)(SHA, MD5)

Jrf843kjfgf*Jrf843kjfgf*££$&Hdif*7oU$&Hdif*7oUsd*&@:<CHsd*&@:<CHDFHSD(**DFHSD(**

Py75c%bn&*)9|Py75c%bn&*)9|fDe^bDFaq#xzjFr@gfDe^bDFaq#xzjFr@g5=&nmdFg$5knvMd’r5=&nmdFg$5knvMd’rkvegMs”kvegMs”

This is a This is a really long really long message message about about Bill’s…Bill’s…

AsymmetricAsymmetricEncryptionEncryption

Message or FileMessage or File Digital SignatureDigital Signature128 bits 128 bits Message DigestMessage Digest

Calculate a short Calculate a short message digest from message digest from even a long input even a long input using a one-way using a one-way message digest message digest function (hash)function (hash)

Signatory’s Signatory’s privateprivate key key

privatprivatee

Verifying a Digital SignatureVerifying a Digital Signature

Jrf843kjfJrf843kjfgf*£$&Hdgf*£$&Hdif*7oUsdif*7oUsd

*&@:<CHD*&@:<CHDFHSD(**FHSD(**

Py75c%bn&*)Py75c%bn&*)9|fDe^bDFaq9|fDe^bDFaq#xzjFr@g5=#xzjFr@g5=

&nmdFg$5kn&nmdFg$5knvMd’rkvegMs”vMd’rkvegMs”

Py75c%bn&*)Py75c%bn&*)9|fDe^bDFaq9|fDe^bDFaq#xzjFr@g5=#xzjFr@g5=

&nmdFg$5kn&nmdFg$5knvMd’rkvegMs”vMd’rkvegMs”

AsymmetricAsymmetricdecryption decryption (e.g. RSA)(e.g. RSA)

Everyone has Everyone has access to trusted access to trusted public key of the public key of the signatorysignatory

Signatory’s Signatory’s publicpublic key key

Digital SignatureDigital Signature

This is a This is a really long really long message message

about Bill’s…about Bill’s…

Same hash functionSame hash function(e.g. MD5, SHA…)(e.g. MD5, SHA…)

Original MessageOriginal Message

Py75c%bn&*)Py75c%bn&*)9|fDe^bDFaq9|fDe^bDFaq#xzjFr@g5=#xzjFr@g5=

&nmdFg$5kn&nmdFg$5knvMd’rkvegMs”vMd’rkvegMs”

Py75c%bn&*)Py75c%bn&*)9|fDe^bDFaq9|fDe^bDFaq#xzjFr@g5=#xzjFr@g5=

&nmdFg$5kn&nmdFg$5knvMd’rkvegMs”vMd’rkvegMs”

? == ?? == ?Are They Same?Are They Same?

Certifying Authorities

X.509 CertificateX.509 Certificate

Certificate Authority Digital Signature Certificate Authority Digital Signature of All Components Together:of All Components Together:

Serial NumberSerial Number

Issuer X.500 Issuer X.500 Distinguished NameDistinguished Name

Validity PeriodValidity Period

Subject X.500Subject X.500Distinguished NameDistinguished Name

Subject Public KeySubject Public KeyInformationInformation

Key/Certificate UsageKey/Certificate Usage

ExtensionsExtensions

OU=Project OU=Project Botticelli…Botticelli…

The Key or Info About ItThe Key or Info About It

Hierarchy of Trust

Transmitting Public Keys

Future is Here:Quantum CryptographyFuture is Here:Quantum Cryptography

Method for generating and passing a secret key or a random stream

Not for passing the actual data, but that’s irrelevant

Polarisation of light (photons) can be detected only in a way that destroys the “direction” (basis)

So if someone other than you observes it, you receive nothing useful and you know you were bugged

Perfectly doable up to 120km long fibre-optic link

Commercial applications available as of Nov 2003 (BB84)

Don’t confuse it with quantum computing, which won’t be with us for at least another 50 years or so, or maybe longer…

For more informationFor more information

The Code Book (Simon Singh) ISBN: 0385495323

RSA (www.rsa.com)

Applied Cryptography, B. Schneier, John Wiley & Sons, ISBN 0-471-11709-9

Foundations of Cryptography, O. Goldereich, www.eccc.uni-trier.de/eccc-local/ECCC-Books/oded_book_readme.html

© 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only.MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.