Upload
job-porter
View
215
Download
3
Embed Size (px)
Citation preview
Feb 12, 2002 Mårten Trolin 1
Applied Cryptography
• Main goal– Give some practical experience on cryptographic technics used
today.
– Show how to use existing cryptographic software.
• Examination: Practical assignments and written exam• Homepage containg latest course information:
http://www.nada.kth.se/~marten/AppliedCryptography
• Check course program (from homepage) for detailed information
• First time course is given – feedback welcome!
Feb 12, 2002 Mårten Trolin 2
Requirements
• Attend lectures (if you want to)
• Solve the three assigments to get bonus points. (Not required, but highly recommended.)– Each assignment replaces a problem at the exam
– By solving the assignments you don’t have to solve the problem at the exam
– The assignments will be programming tasks to be solved in a language of your choice
• Pass the written exam!
Feb 12, 2002 Mårten Trolin 3
Outline of course program
• N.B. Course program is subject to change. Check the home page for the latest information
• Lectures 1-4: Basic cryptographic functions
• Lectures 5-8: SSL and PGP
• Lectures 9-10: Key management
• Lectures 11-12: Smartcards in financial transactions
• Lectures 13-14: To be decided. Possible areas: Hardware solutions, e-commerce, firewalls and intrusion detection. Input welcome!
Feb 12, 2002 Mårten Trolin 4
Why cryptography
• Reason for using cryptography– Protect from eaves-dropping (confidentiality)
– Ensure data is not modified (integrity)
– Certify identity of sender (authenticity)
• Requirements (application dependent)– Simple key management
– Low hardware requirements (smart card applications, mobile phones)
– Cost of bandwidth
Feb 12, 2002 Mårten Trolin 5
Simple example – substitution cipher
• The key is a permutation of the letters of the alphabet, i.e. a bijection
• Encryption is performed by substituting each letter for its corresponding letter
• Decryption is the same as encryption with the difference that the inverse is used
:E
1E
Feb 12, 2002 Mårten Trolin 6
Substitution cipher – example
• Example: Encrypt MY DOG ATE YOUR CAT using the key
ABCDEFGHIJKLMNOPQRSTUVWXYZ
UWGRPNQSBJXMECAIZOYTDFHKLV
Feb 12, 2002 Mårten Trolin 7
Breaking the substitution cipher
• Substitution ciphers are easily broken using frequency analysis
• We use the fact that different letters (or combination of letters) occur with different probability
• Example – break TK IL KQ JKT TK IL TBST CR TBL OULRTCKJ
• Frequency of letters in English: ETAOINSHRDLU
• Most common two letter words: OF TO IN IS IT BE BY HE AS ON AT OR AN SO IF NO
Feb 12, 2002 Mårten Trolin 8
Symmetric vs. asymmetric cryptography
• Symmetric ciphers – sender and recipient use the same key– Dkey(Ekey(m)) = m
• Substitution cipher is an example of a symmetric cipher
• Impractical for big systems – number of keys is quadratic in the number of users
• The solution – asymmtric algorithms. Think of a locked mailbox! Different keys for encryption and decryption– Dprivate key(Epublic key(m)) = m
Feb 12, 2002 Mårten Trolin 9
Asymmetric cryptography
• Each user has a public and a private key– The public key is published in a “phone book”
– The private key is kept secret
– Messages encrypted with the public key can be decrypted with the private key
• To send a message to Mårten, look up Mårten’s public key in the “phone book”.
• Mårten can then decrypt the message with his private key
• Number of keys is linear in the number of users
Feb 12, 2002 Mårten Trolin 10
RSA
• Asymmetric cryptographic algorithm published in 1978
• The most popular asymmetric algorithm used today
• Now free to use – patent expired in 2000
• Relies on the hardness of factoring a number consisting of two primes
Feb 12, 2002 Mårten Trolin 11
The RSA algorithm – key generation
• Generate two primes p, q and set n = pq
• Choose e such that gcd(e, (p – 1)(q – 1)) = 1
• Compute d such that ed = 1 mod ((p – 1)(q – 1))
• The public key is the pair (e, n)
• The private key is the pair (d, n)
Feb 12, 2002 Mårten Trolin 12
RSA – encryption and decryption
• Message m – number 0 < m < n
• Encryption E(m) = me mod n
• Decryption D(m) = md mod n
• Number theoretical exercise – check that D(E(m)) = m.
Feb 12, 2002 Mårten Trolin 13
Breaking RSA
• If we can factor n we can break RSA– Suppose we know p, q such that pq = n
– We can compute (p – 1)(q – 1)
– It is now trivial to compute d = e-1 mod ((p – 1)(q – 1))
• The largest number that is (publicly) known to have been factored today is 512 bits
• Other attacks exist for certain uses of RSA