Basic Cryptography Overview

Instructor: Mr. E. Anwar Reddick

Internet and computer communications technologies are inherently insecure

Without security, anyone with access to the communications infrastructure can READ AND MODIFY the messages your computer sends out

Security techniques make use of a process called encryption ◦ “en” means to make ◦ “crypt” means secret or hidden

Cryptography – use of secret writing (use of encryption) ◦ “graphy” means writing or some form or

representation

Cryptology – study of secret writing Cryptanalysis – “breaking” secret writing aka

uncovering the secret

Encryption is the process of taking a “clear-text” message and making it uncomprehensible

Example:

Transforming the clear-text message such as “Hello World” into some cipher-text such as “n3$1#ved9”

Secure Sockets Layer (SSL)

Transport Layer Security (TLS)

Internet Protocol Security (IPsec) ◦ Used by Virtual Private Networks (VPNs)

Wired Equivalent Privacy (WEP)

WiFi Protected Access (WPA)

An encryption algorithm is like a treasure chest

Put your secret in a chest and lock it with a key

Whoever has the right key can reveal the secret

Revealing the secret (opening the chest) with a key is called decryption

Modern encryption (and decryption) algorithms are based on mathematical operations ◦ Messages and keys are converted to numbers

◦ Remember computers operate on binary!

Let: ◦ E -> encryption algorithm, D -> decryption algorithm

◦ M -> clear-text message, C -> cipher-text

◦ K -> key

E(M, K) = C

D(C, K) = M

The math is extremely complex

If a hacker obtained C, but did not have K, the hacker “should” not be able to use D to produce M in a reasonable amount of time with a reasonably powerful computer

Reasonably powerful computer? ◦ Think the most powerful supercomputer times 2

Reasonable amount of time? ◦ Think thousands of years!

Cryptography is only good until someone figures out how to take C and D and produce M without knowing K in a short amount of time

At that point, it’s time for a new algorithm! ◦ Think about how WEP was found to be insecure and led

to the development of WPA

◦ DES was found to be insecure and led to the development of Triple-DES and AES

Really, really, really smart people (good-natured and bad) called cryptographers work tirelessly trying to break cryptographic algorithms

Symmetric Cryptography ◦ The key that is used for encryption is also used for

decryption

Asymmetric Cryptography ◦ One key is used for encryption and a different key

is used for decryption

If Leia wants to send a secret message “death star location” to Luke…

They first need to have a copy of the same key – called a secret key ◦ Remember they must keep the key secret!

Secret Key 1

Then Leia must find a chest made to use the key ◦ I.e., Leia must find a suitable symmetric encryption

algorithm

Then Leia can put the message into the chest, lock it, and have it sent to Luke

I.e., Leia can encrypt the message and send it across the insecure Internet to Luke (via E-mail, WWW, etc)

Luke has the secret key, so he can retrieve the message and do his job

I.e., Luke uses the secret key to decrypt the message

Since only Luke and Leia have the secret key, only they can open the chest

If the message gets intercepted in transit (which happens on the Internet), the message remains uncomprehensible

If the message gets destroyed in transit, Leia can just try again

Luke and Leia must agree on a key to use before they can communicate secretly

This is not always feasible

Asymmetric Cryptography addresses this problem

Symmetric Cryptography is nevertheless still important for computer security

Leia and Luke, separately, create two keys, called a key-pair ◦ Leia has her pair, and Luke has his own, different pair

One of Leia’s keys is called her private key and the other is called her public key

Let Kpre denote Leia’s private key ◦ Kpbe deontes Leia’s public key

E(M1, Kpre) = C’ ◦ D(C’, Kpbe) = M1

E(M1, Kpbe) = C” ◦ D(C”, Kpre) = M1

Did you catch that? Go back and double check.

If a message is encrypted (with an asymmetric algorithm) with a private key, then the resulting cipher text can be decrypted only with the corresponding public key

If a message is encrypted with a public key, then the cipher text can be decrypted only with the corresponding private key

There’s complex math to make this work

RSA is a set of asymmetric algorithms created by Ron Rivest, Adi Shamir, and Leonard Adleman

They figured out how to make the math work in 1977 ◦ Following research done by Whitfield Diffie, Martin

Hellman, and Ralph Merkle

No one has been able to break it yet Web (SSL, TLS), and e-mail encryption is based

on RSA Translation: pretty much your entire digital life is

protected by RSA ◦ Online banking, E-commerce ◦ Online access to school, health, personal records, etc

Why the names “private” and “public” keys?

You keep your private key private ◦ Only you should have access to your private key!

Anyone can know your public key and the cryptography still works just fine ◦ It’s okay even for bad guys to know your public key

Leia has her key-pair, and Luke has his own

Assume there are magical treasure chests that work with key-pairs ◦ Complex math can often seem like magic

public

private

Kpbe

Kpre

Kpbu

Kpru

Leia wants to send the message “death star location” to Luke in a way that only Luke can read the message

Leia has a magic asymmetric chest (aka asymmetric algorithm)

Which key should Leia use to encrypt the message?

The answer is on next slide

Luke’s public key! ◦ Remember it’s okay for everyone to have your

public key, even the bad guys

◦ Here, we’re assuming that Leia can reliably access Luke’s public key

Why Luke’s public key? ◦ Only Luke’s private key can be used to decrypt the

message

And only Luke should have Luke’s private key

Leia puts the message in a chest, locks it with Luke’s public key, and has it sent to Luke

No one, besides Luke, can open the chest ◦ Not Vader, not even Leia

Kpbu

Luke uses his private key that he keeps private to open the chest, see the message, and can do his job

I.e., Luke decrypts the message with his private key

Kpru

What if Vader alters Leia’s chest (alters the cipher text)?

What if Vader replaces Leia’s chest with his own chest with a fake message that he locks with Luke’s public key?

How does Leia get Luke’s public key?

What happens if Luke looses his private key?

What happens if Luke’s private key gets stolen?

Why is symmetric cryptography still used?

How do Leia and Luke agree on a symmetric key if they’re not together?

After the 1st death star is destroyed, the Empire builds another one at another location. With symmetric cryptography, what if Vader captures Leia’s new chest for the 2nd death star but replaces it with a copy of Leia’s original chest with the old location?

What if a chest (or encryption algorithm) is defective?

This information is just the basics

Wikipedia is an excellent source of more information