2.
Internet and computer communications
technologies are inherently insecure
Without security, anyone with access to the
communications infrastructure can READ AND
MODIFY the messages your computer sends
out
3.
Security techniques make use of a process
called encryption
◦ “en” means to make
◦ “crypt” means secret or hidden
Cryptography – use of secret writing (use of
encryption)
◦ “graphy” means writing or some form or
representation
Cryptology – study of secret writing
Cryptanalysis – “breaking” secret writing aka
uncovering the secret
4. Encryption is the process of taking a “cleartext” message and making it
uncomprehensible
Example:
Transforming the clear-text message such as
“Hello World” into some cipher-text such as
“n3$1#ved9”
5.
Secure Sockets Layer (SSL)
Transport Layer Security (TLS)
Internet Protocol Security (IPsec)
◦ Used by Virtual Private Networks (VPNs)
Wired Equivalent Privacy (WEP)
WiFi Protected Access (WPA)
6.
An encryption algorithm is like a treasure
chest
Put your secret in a chest and lock it with a
key
Whoever has the right key can reveal the
secret
Revealing the secret (opening the chest) with
a key is called decryption
7.
Modern encryption (and decryption) algorithms
are based on mathematical operations
◦ Messages and keys are converted to numbers
◦ Remember computers operate on binary!
Let:
◦ E -> encryption algorithm, D -> decryption algorithm
◦ M -> clear-text message, C -> cipher-text
◦ K -> key
E(M, K) = C
D(C, K) = M
8.
The math is extremely complex
If a hacker obtained C, but did not have K,
the hacker “should” not be able to use D to
produce M in a reasonable amount of time
with a reasonably powerful computer
Reasonably powerful computer?
◦ Think the most powerful supercomputer times 2
Reasonable amount of time?
◦ Think thousands of years!
9.
Cryptography is only good until someone figures
out how to take C and D and produce M without
knowing K in a short amount of time
At that point, it’s time for a new algorithm!
◦ Think about how WEP was found to be insecure and led
to the development of WPA
◦ DES was found to be insecure and led to the
development of Triple-DES and AES
Really, really, really smart people (good-natured
and bad) called cryptographers work tirelessly
trying to break cryptographic algorithms
10.
Symmetric Cryptography
◦ The key that is used for encryption is also used for
decryption
Asymmetric Cryptography
◦ One key is used for encryption and a different key
is used for decryption
11.
If Leia wants to send a secret message “death
star location” to Luke…
They first need to have a copy of the same
key – called a secret key
◦ Remember they must keep the key secret!
Secret Key 1
12.
Then Leia must find a chest made to use the
key
◦ I.e., Leia must find a suitable symmetric encryption
algorithm
13.
Then Leia can put the message into the chest,
lock it, and have it sent to Luke
I.e., Leia can encrypt the message and send it
across the insecure Internet to Luke (via Email, WWW, etc)
14.
Luke has the secret key, so he can retrieve
the message and do his job
I.e., Luke uses the secret key to decrypt the
message
15.
Since only Luke and Leia have the secret key,
only they can open the chest
If the message gets intercepted in transit
(which happens on the Internet), the message
remains uncomprehensible
If the message gets destroyed in transit, Leia
can just try again
16.
Luke and Leia must agree on a key to use
before they can communicate secretly
This is not always feasible
Asymmetric Cryptography addresses this
problem
Symmetric Cryptography is nevertheless still
important for computer security
17.
Leia and Luke, separately, create two keys, called
a key-pair
◦ Leia has her pair, and Luke has his own, different pair
One of Leia’s keys is called her private key and
the other is called her public key
Let Kpre denote Leia’s private key
◦ Kpbe deontes Leia’s public key
E(M1, Kpre) = C’
◦ D(C’, Kpbe) = M1
E(M1, Kpbe) = C”
◦ D(C”, Kpre) = M1
18.
Did you catch that? Go back and double
check.
If a message is encrypted (with an asymmetric
algorithm) with a private key, then the
resulting cipher text can be decrypted only
with the corresponding public key
If a message is encrypted with a public key,
then the cipher text can be decrypted only
with the corresponding private key
There’s complex math to make this work
19.
RSA is a set of asymmetric algorithms created by
Ron Rivest, Adi Shamir, and Leonard Adleman
They figured out how to make the math work in
1977
◦ Following research done by Whitfield Diffie, Martin
Hellman, and Ralph Merkle
No one has been able to break it yet
Web (SSL, TLS), and e-mail encryption is based
on RSA
Translation: pretty much your entire digital life is
protected by RSA
◦ Online banking, E-commerce
◦ Online access to school, health, personal records, etc
20.
Why the names “private” and “public” keys?
You keep your private key private
◦ Only you should have access to your private key!
Anyone can know your public key and the
cryptography still works just fine
◦ It’s okay even for bad guys to know your public key
21.
Leia has her key-pair, and Luke has his own
public
Kpbe
Kpbu
private
Kpre
Kpru
Assume there are magical treasure chests that
work with key-pairs
◦
Complex math can often seem like magic
22.
Leia wants to send the message “death star
location” to Luke in a way that only Luke can
read the message
Leia has a magic asymmetric chest (aka
asymmetric algorithm)
Which key should Leia use to encrypt the
message?
The answer is on next slide
23.
Luke’s public key!
◦ Remember it’s okay for everyone to have your
public key, even the bad guys
◦ Here, we’re assuming that Leia can reliably access
Luke’s public key
Why Luke’s public key?
◦ Only Luke’s private key can be used to decrypt the
message
And only Luke should have Luke’s private key
24.
Leia puts the message in a chest, locks it with
Luke’s public key, and has it sent to Luke
No one, besides Luke, can open the chest
◦ Not Vader, not even Leia
Kpbu
25.
Luke uses his private key that he keeps
private to open the chest, see the message,
and can do his job
I.e., Luke decrypts the message with his
private key
Kpru
26.
What if Vader alters Leia’s chest (alters the cipher
text)?
What if Vader replaces Leia’s chest with his own
chest with a fake message that he locks with
Luke’s public key?
How does Leia get Luke’s public key?
What happens if Luke looses his private key?
What happens if Luke’s private key gets stolen?
Why is symmetric cryptography still used?
How do Leia and Luke agree on a symmetric key
if they’re not together?
27.
After the 1st death star is destroyed, the Empire
builds another one at another location. With
symmetric cryptography, what if Vader captures
Leia’s new chest for the 2nd death star but
replaces it with a copy of Leia’s original chest
with the old location?
What if a chest (or encryption algorithm) is
defective?
This information is just the basics
Wikipedia is an excellent source of more
information