Post on 21-Jan-2016
transcript
1
Hello World and Welcome to The simple crypt
Key=23
_r{{x7@xe{s7vys7@r{txzr7cx7Cr7d�~zg{r7tengc
Private-key Cryptography
2
ALICE BOB
Eve
3
ALICEBOB
Eve
Bob’s Public Key
Bob’s Private Key
Alice’s Public Key
Alice’s Public Key
Bob’s Public Key
Bob’s Public Key
Alice’s Public Key
Alice’s Private Key
4
Bob’s Public Key
Locked for Bob
Encryption
5
Locked for Bob
Decryption
Bob’s Private Key
6Bob’s Public Key
Signed by Alice &Locked for Bob
Encryption
Singed by Alice
Signing
Alice’s Private Key
Singed by Alice
Alice’s Private Key
7
Signed by Alice&Locked for Bob
Decryption
Bob’s Private Key
Singed by Alice
Alice’s Public Key
Verification
Singed by Alice
Yes/No!
8
MessageThis is a big secret
MessageI?~jhYUWEKUia
The Internet
MessageThis is a big secret
MessageI?~jhYUWEKUia
Recipient’s private key
Recipient’s PUBLIC key
9PGP,Version 6.5.1 Manual, NetworkAssociates, 1999.
10
PGP,Version 6.5.1 Manual, NetworkAssociates, 1999.
11
Certificate Authorities
• The Certificate Authority (CA) is a trusted third party
• Provides the necessary authentication and security infrastructure
• The CA creates and issues certificates
12
PGP,Version 6.5.1 Manual, NetworkAssociates, 1999.
13Sondra Schneider, IFsec, June 11, 1999.
14
Using the CA to Establish Trust
Customer Merchant
The CA1- Establisha Certificate
2- send signed requestand certificate
3- CheckSignature
4-Merchant can trust customerand may continue with trade
15Sondra Schneider, IFsec, June 11, 1999.
16
Sondra Schneider, IFsec, June 11, 1999.
17
Authentication Protocols
• General-purpose secure messaging protocols include:– SSL– S/MIME
• Secure protocols for electronic commerce include:– EDI/MIME. – SET
18
SET
Byte, June 1997
19
June 1997
20
June 1997
21
The Use of Smartcards
Byte, June 1997
22Minimal Key Lengths for Symmetric Ciphers, Matt Blaze and others, 1996.
23
Avoiding bogus encryption products, Matt Curtin, 1998.
24
RSAfrom the RSA FAQ
• RSA is a public-key cryptosystem– take two large primes, p and q,– find their product n = pq; (n is called the
modulus)– Choose, e, less than n and relatively prime to (p-
1)(q-1), and find its inverse, d, mod (p-1)(q-1), which means that:
ed = 1 mod (p-1)(q-1);– e and d are called the public and private
exponents, respectively.– The public key is the pair (n,e);– the private key is d.– The factors p and q must be kept secret, or
destroyed.
25
Two numbers are relatively prime when they share no factors in common other than 1. In other words, if the greatest common divisor of a and n is equal to 1. This is written:
gcd(a,n) = 1
26
• It is difficult (presumably) to obtain the private key d from the public key (n,e).
• If one could factor n into p and q, however, then one could obtain the private key d.
• Thus the entire security of RSA is predicated on the assumption that factoring is difficult.
27
RSA encryption:• suppose Alice wants to send a private
message, m, to Bob.• Alice creates the ciphertext
c = m^e mod n,• e and n are Bob's public key.• To decrypt, Bob computes:
m = c^d mod n, • and recovers the original message m; the
relationship between e and d ensures that Bob correctly recovers m. Since only Bob knows d, only Bob can decrypt.
28
• public-key operations take O(k^2) steps,
• private key operations take O(k^3) steps,
• key generation takes O(k^4) steps
• where k is the number of bits in the modulus