Embed Size (px)
Citation preview
Presentation Goals• Provide a high level overview of cryptography
• Clarify the objectives of cryptography
• Define the terminology
• Explain the basic concepts to build an understanding of how digital security systems, like Bitcoin, are built
Branches• Cryptography
• Symmetric Algorithms
• Asymmetric (Public Key) Algorithms
• Cryptography Protocols
• Cryptanalysis
Cryptography Objectives
There are four things we are trying to achieve with cryptography.
ConfidentialityInformation is kept secret from all but the authorised
parties.
Message Authentication
The sender of a message is authentic.
Message IntegrityThe message has not been tampered with during
transmission.
Non RepudiationThe sender of a message cannot deny that they created
or sent the message.
TerminologyThere are around 21 terms you have to know.
CryptographyThe science of secret writing with the goal of hiding the
meaning of a message.
CryptanalysisThe science and art of breaking crypto systems.
Cipher/CypherAn algorithm for performing encryption and decryption.
EncryptionThe process of hiding the meaning of a message so only
authorised parties can read it.
DecryptionThe process of restoring a cipher text to the original
message.
ChannelA communication medium, for example, the internet,
mobile/wireless networks, radio waves, etc.
Secure ChannelA secure communication medium which can be trusted, used to exchange
secret key information, for example, face to face communication.
Insecure ChannelAn insecure channel is an untrusted communication
medium, for example, the internet.
MessageThe plaintext (readable) message you would like to keep
secret.
Cipher TextThe encrypted message.
Symmetric AlgorithmsWhen encryption and decryption is performed using the
same secret key.
Secret KeyThe data used to encrypt and decrypt in a symmetric algorithm. For example, a password.
This must be communicated over a secure channel and kept secret.
Asymmetric/Public Key Algorithms
When encryption and decryption is performed using different keys.
Private KeyThe key used to decrypt a cipher text in a public key
algorithm. This must be kept secret.
Public KeyThe key used to encrypt a message in a public key
algorithm. This can be made public.
Key PairThe related public and private keys.
Key SpaceThe set of all possible keys.
Key Size/LengthThe size measured in bits of the key, this determines the
key space required to brute force attack the key.
RNGRandom number generator.
PRNGPseudo Random Number Generator is a RNG that is not truly random, used when security is not a concern, for example with video games.
CSPRNGA cryptographically secure pseudo-random number generator. Used for cryptography applications, for example generating a bitcoin private key.
THE END.Of the terminology.
Real World Crypto Systems
Kerckhoffs’ PrincipleA crypto system should be secure even if the attacker knows all
the details about the system, with the exception of the secret key.
Symmetric Crypto Systems
Uses one secret key for encryption and decryption
AnalogyA safe with one lock where each person with access has
a copy of the same key
DES• Data Encryption Standard
• The most popular and best studied block cipher of the last 30 years
• Proposed in 1974 in response to a NIST (National Institute of Standards and Technology) request for a standardised cipher to secure government and national security communications
• Proposed by IBM cryptographers, with input from the NSA with no public discourse
• Insecure due to small key space
3DES• Triple DES
• Performs DES encryption 3 times, which yields a more secure cipher
• Still widely used primarily due to legacy implementations and hardware
• Software implementations are not very efficient
AES• Advanced Encryption Standard
• The most widely used symmetric cipher today
• In 1997, an open worldwide competition was held where cryptography algorithms were submitted and reviewed by the international scientific community
• In 2001, the Rinjdael cipher, created by two young Belgian cryptographers was selected for AES over submissions from IBM, RSA, and several famous cryptographers
• In 2003, the NSA announced it will allow AES encryption to be used for classified top secret documents
• Used in Blockchain.info wallets, Mac FileVault, Skype, WIFI encryption, IPSec, TLS, SSH, etc.
• No known attacks have been found
Symmetric Pitfalls• Key Distribution Problem
• A copy of the key must be exchanged over a secure channel, problematic to do over the internet!
• The number of keys required can get very large
• Non repudiation is not possible because several people may use the same key
Asymmetric/Public Key Crypto Systems
Uses a public key for encryption and a private key for decryption.
AnalogyA mailbox on the street, everyone can put a letter in (encrypt), but only a person with a private (secret) key can retrieve the letters (decrypt).
Background
• Symmetric cryptography has been around for as long as written language, public key cryptography is very new
• Public key cryptography was publicly introduced in 1976 by Whitfield Diffie, Martin Hellman, and Ralph Merkle
Overview• Solves the key exchange problem because the encryption key
can be public (hence the name, public key)
• Can be used to prove the authenticity and integrity of a message using digital signatures, and a digital signature algorithm (non repudiation)
• Can be used to identify entities using challenge and response protocols together with digital signatures, for example, electronic car keys, passports, or bank cards
• Relies on one way functions, which is easy to compute in one direction, but the inverse computation is computationally infeasible
RSA• Published in 1977 by Ron Rivest, Adi Shamir and
Leonard Adleman
• Security is provided by the integer factorisation problem
• Given two large primes, it is easy to compute the product, but difficult to factor the resulting product
• Requires large key sizes to be secure with modern day computers, which is problematic for smaller devices like mobile phones, smart cards, etc.
Elliptic Curve Cryptography• Introduced in 1985 by Neal Koblitz and Victor S. Miller,
algorithms entered wide use in 2004, and 2005
• Uses elliptic curve over finite field mathematics to generate public and private keys
• Security is provided by the elliptic curve discrete logarithm problem
• Provides roughly the same security of RSA with large key sizes, with much smaller key sizes, which is leading to adoption in mobile phones, and smart cards
• Bitcoin uses private and public key pairs based on ECC
Asymmetric Pitfalls
• Encryption is significantly more computationally expensive than symmetric algorithms
In realityA hybrid approach is used by using a public key algorithm (which is slower) to encrypt and exchange a symmetric key (which is small), a symmetric algorithm
(which is fast) can then be used to encrypt the message (which is big).
The EndOf part 1
What’s Next?
• Digital Signatures and Hash Functions
• Elliptic Curve Cryptography
• Bitcoin Cryptography
Further Reading• Understanding Cryptography by Christof Paar and
Jan Pelzl (http://www.crypto-textbook.com/)
• Cryptography Lectures
• https://www.youtube.com/playlist?list=PLoJC20gNfC2gAB-eg7oaUTheB_JgQY4-q
• Public Key Cryptography: Diffie-Hellman Key Exchange
• https://www.youtube.com/watch?v=3QnD2c4Xovk
