Security Systems for Digital Data

Security Systems for Digital DataSecurity Systems for Digital DataBig Brother is watching YOUBig Brother is watching YOU

Bernhard Hofer 03/10/2008CIST 3100 - Organizations, Applications & Technology

Page 2

Table of contentsTable of contents

1. History and Terminology

2. Cryptography nowadays and

Encrypting Digital Data

3. Big Brother www

4. The Future (quantum cryptography)

5. Question time

Page 3

Beginning of cryptographyBeginning of cryptography

• Egypt‘s Old Kingdom (4500+ years ago)

non-standard hieroglyphs

• The Greeks of Classical times

The SCYTALE, used by Spartan military

enlarge image

Page 4Page 4

H E

L

P

M

E I

A

M

… wood cylinder

strip of paper

Page 5

Terminology (I)Terminology (I)

c r y p t o g r a p h ykryptós, „hidden“ graphéin, „to write“

„secret writing“

Page 6

Terminology (II)Terminology (II)

Hello, this is my first english pres at UNO

… plaintext (ordinary information)

encryption (converting plaintext)

decryption (reverse process)

H?$% /&!!““= )(/&%ded die=?30((&% ?$$?)

… ciphertext (unreadable plaintext)

cip

her

key +

Page 7

Table of contentsTable of contents

1. History and Terminology

2. Cryptography nowadays and

Encrypting Digital Data

3. Big Brother www

4. The Future (quantum cryptography)

5. Question time

Page 8

Cryptography nowadays (I)Cryptography nowadays (I)

“Cryptography is about communication in the presence of adversaries.”

Ronald Rivest, "Cryptography" From the Handbook of Theoretical Computer Science, edited by J. van Leeuwen, Elsevier Science Publishers B.V., 1990

Page 9

Symmetric key system (private key)

… sender and receiver share the same key (for encryption and decryption)

… like the wind (very fast)

… 2 different kinds (block and stream ciphers)

… Examples: D(A)ES, RC4, MD5, hash

Cryptography nowadays (II)Cryptography nowadays (II)

Page 10

Asymmetric key system (public key)

… founded 1976 by Diffie and Hellman

… 2 keys (same lenght): 1 public and 1 private

… both are different but related

… slower than symmetric key methods

Cryptography nowadays (III)Cryptography nowadays (III)

Page 11

Key Serverin a so called Trust Center

Player 1 Player 2

… wants to deliver a SECURE message

public key

encrypting …

private key

… delivering message

decrypting …

!! Authentication Problem !!

Player 2 doesn‘t know,who sent the message!?!

Everybody knows the public key from Player 2!

Cryptography nowadays (IV)Cryptography nowadays (IV)

Page 12

Key Serverin a so called Trust Center

Player 1 Player 2

… wants to deliver a SECURE message

public key

encrypting …

private key

… delivering message

decrypting …

!! Confidentiality Problem !!

Player 2 knows,who sent the message!

But: Everybody could decrypt the message from Player 1!

continue pres.

Cryptography nowadays (VI)Cryptography nowadays (VI)

Page 13

Asymmetric key system (public key)

… full security, if process repeated twice

… operational area: Combination of the symmetric and asymmectric

… Examples: RSA, DSA, SSL, SSL2, …

Cryptography nowadays (VIII)Cryptography nowadays (VIII)

Page 14

Table of contentsTable of contents

1. History and Terminology

2. Cryptography nowadays and

Encrypting Digital Data

3. Big Brother www

4. The Future (quantum cryptography)

5. Question time

Page 15

The internet

… local structure

… none secure, open information system

… private, public and economic player

… cryptography is the only way for privacy protection over the world wide web!

Big Brother www (I)Big Brother www (I)

Page 16

Requirements for secure interaction

… availability

… authentification

… confidentiality

… integrity

… commitment

Big Brother www (II)Big Brother www (II)

Page 17

Useful applications

… PGP (Pretty Good Privacy)RSA, IDEA founded 1991 by Phil Zimmermann

… confidential certificates digital signature for online banking

… SSL (Secure Socket Layer … https://) founded by Netscape, cryptography for web pages

Big Brother www (III)Big Brother www (III)

Page 18

The one and only security hole is

Nothing and/ore nobody could save you against Brute Force Attacks ;-)

!! YOUR PASSWORD !!

Big Brother www (IV)Big Brother www (IV)

Page 19

cost increases per power(10.000 $, 100.000 $, 1.000.000 $, …)

Key length in Bit

Codebreaking timetableCodebreaking timetable

Page 20

Table of contentsTable of contents

1. History and Terminology

2. Cryptography nowadays and

Encrypting Digital Data

3. Big Brother www

4. The Future (quantum cryptography)

5. Question time

Page 21

In princible …

… it is a old school symmetric encryption

… nothing else as a key distributer

… it isn‘t based on mathematical

… but on the physics of information

Quantum cryptography (I)Quantum cryptography (I)

Page 22

In action …

… first implemented between the BA CA and the Vienna City-Hall over a 1.500m FDDA (fibre optics) cabel in April 2004

by Anton Zeilinger …

Quantum cryptography (II)Quantum cryptography (II)

Page 23

Table of contentsTable of contents

1. History and Terminology

2. Cryptography nowadays and

Encrypting Digital Data

3. Big Brother www

4. The Future (quantum cryptography)

5. Question time

Page 24

… for your attention!!

Bernhard Hofer

CIST 3100 - Organizations, Applications & Technology

Thank you...Thank you...