Post on 05-Dec-2014
description
transcript
hi y’all, i’m jesse
hi y’all, i’m jesse@jessepollak
co-founder at clef
cryptography
cRyPtOgRaPhY
cryptography
goals
goalsgive you a basic knowledge of what crypto is and how it works.
goalsgive you a basic knowledge of what crypto is and how it
use real, live examples you can understand
goalsgive you a basic knowledge of what crypto is and how it
use real, live examples you can understand
help you realize that crypto isn’t scary.
goalsgive you a basic knowledge of what crypto is and how it works.
use real, live examples you can understand
help you realize that crypto isn’t scary.
again, i’m jesse@jessepollak
co-founder at clef
crypto 101
cryptographythe art of writing or solving codes
cryptographythe art of writing or solving codes
the practice and study of techniques to communicate securely in the presence of third-parties.
cryptographythe art of writing or solving codes
the practice and study of techniques to communicate securely in the presence of third-parties.
how we communicate online without hackers stealing our secrets
core problem
how can two people communicate securely?
alicebob
two subproblems
“your message”
1
“fd64$%533#$$1”
“your message”
1
“your message”
“fd64$%533#$$1”
“your message”
1
encryption
1
alicebob
2
bob
2
“your message”
“fd64$%533#$$1”
“your message”
bob
2
alicebob
2
“your message”
bob alice
2
“your message”
“fd64$%533#$$1”
bob alice
2
“your message”
“fd64$%533#$$1”
bob
“fd64$%533#$$1”
alice
2
“your message”
“fd64$%533#$$1”
“your message”
bob
“fd64$%533#$$1”
?
alice
2
alicebob key exchange
encryption
I have a message that I want to keep secret
I have an encryption key that only I know
I have an encryption key that only I know
I have an encryption key that only I know
I have an encryption key that only I knowwhat is this thing?
I have an encryption key that only I knowwhat is this thing?
I have an encryption key that only I knowwhat is this thing?
“secret message”
“secret key”
“the message I want to keep secret”
“the message I want to keep secret”“my secret key”+
“the message I want to keep secret”“my secret key”+
“the message I want to keep secret”“my secret key”+
“dkjf8#654&(@)(5335jJkdfd8(%&jfdc”=
“the message I want to keep secret”“my secret key”+
“the message I want to keep secret”=
encrypted
“the message I want to keep secret”“my secret key”+
“dkjf8#654&(@)(5335jJkdfd8(%&jfdc”=
“dkjf8#654&(@)(5335jJkdfd8(%&jfdc”“my secret key”+
“dkjf8#654&(@)(5335jJkdfd8(%&jfdc”“my secret key”+
“dkjf8#654&(@)(5335jJkdfd8(%&jfdc”“my secret key”+
“the message I want to keep secret”=
“the message I want to keep secret”“my secret key”+
decrypted“the message I want to keep secret”=
“dkjf8#654&(@)(5335jJkdfd8(%&jfdc”“my secret key”+
“the message I want to keep secret”=
“the message I want to keep secret”“my secret key”+
“dkjf8#654&(@)(5335jJkdfd8(%&jfdc”“my secret key”+
“the message I want to keep secret”=
“the message I want to keep secret”“my secret key”+
encryption
decryption
encryption…?
decryption…?
how does encryption actually work?
how does encryption actually work?
how does data actually work?
how does encryption actually work?
“secret”
how does encryption actually work?
“secret”s e c r e t
how does encryption actually work?
“secret”s e c r e t
01110011 01100101 01100011 01110010 01100101 01110100
how does encryption actually work?
“secret”s e c r e t
01110011 01100101 01100011 01110010 01100101 01110100
bit
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
encryption
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
00000001 00000100 00001101 00010110 00001010 00011001
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
00000001 00000100 00001101 00010110 00001010 00011001
% ! ( 5 q 6
how does encryption actually work?
encryption means turning 1s and 0s into other 1s and 0s that are random
so, how does encryption actually work?
how does encryption actually work?
xor
how does encryption actually work?
xortwo bits in, one bit out
how does encryption actually work?
0 xor 1 = 1
0 xor 0 = 01 xor 1 = 0
1 xor 0 = 1
how does encryption actually work?
1 if two bits are different 0 if two bits are the same
so, how does encryption actually work?
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
r a n d o m
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
xor
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
0
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
000
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
0000
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
000000
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
0000000
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 00011001
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
% ! ( 5 q 600000001 00000100 00001101 00010110 00001010 00011001
how does encryption actually work?
encryption!
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 00011001
% ! ( 5 q 6
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
r a n d o m
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
xor
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
0
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
01
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
011
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
0111
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
01110
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
011100
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
0111001
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
01110011
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
01110011 01100101 01100011 01110010 01100101 01110100
how does encryption actually work?
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
01110010 01100001 01101110 01100100 01101111 01101101
00000001 00000100 00001101 00010110 00001010 0001100101110010 01100001 01101110 01100100 01101111 01101101
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
how does encryption actually work?
decryption!
how does encryption actually work?
why does this work?
how does encryption actually work?
0 xor
1
1
how does encryption actually work?
impossible to know whether 1 or 0 came from the key or the secret message
how does encryption actually work?
0 xor
1
1?
?
how does encryption actually work?
to encrypt a message, we xor it with a secret key
caveat
how does encryption actually work?
this is very simplified
encryption
1
alicebob
2
alicebob key exchange
key exchange
alicebob how we get the same encryption key
alicebob how we get the same encryption key
without me finding out
alicebob how we get the same encryption key
without me finding out
or me
alicebob how we get the same encryption key
without me finding out
or meor me
alicebob how we get the same encryption key
without me finding out
or meor me
alicebob how we get the same encryption key
without me finding out
or meor me
all communication is public
problemhow do two people share an encryption key when they can’t communicate privately.
solutiondiffie-hellman!
solutiondiffie-hellman…?
solutionmath!
solutionmath…?
solutioncolors
solutioncolors!
diffie-hellman key exchange
diffie-hellman key exchangewith no math and lots of colors!
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
imagine that we have an infinite number of colors
some rules
some ruleseasy to mix two colors to get a third
some rules
+easy to mix two colors to get a third
some rules
+easy to mix two colors to get a third
=
some rules
+easy to mix two colors to get a third
=impossible to figure out mixed colors
some rules
+easy to mix two colors to get a third
=impossible to figure out mixed colors
=
some rules
+easy to mix two colors to get a third
=impossible to figure out mixed colors
= +
some rules
+easy to mix two colors to get a third
=impossible to figure out mixed colors
= + ?
some rules
+easy to mix two colors to get a third
=impossible to figure out mixed colors
= + ?
bob
hi
alicebob
hi hey
alicebob
alicebob
alicebob
alicebob
alicebob
alicebob
alicebob
alicebob
alicebob
“I NEED TO TELL YOU A SECRET!”
alicebob
“I NEED TO TELL YOU A SECRET!” “LET’S DO A KEY EXCHANGE!”
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
bob and alice agree on a random color publicly
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
bob chooses a color and tells no one
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
alice chooses a color and tells no one
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
bob mixes his secret color with the public color and send the combination to alice
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
alice mixes her secret color with the public color and send the combination to bob
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
bob and alice mix their secret colors with their partner’s blend to get a new secret color
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
secret message
everyone else
secret
+ =
secret
everyone else
wrong
+ =
secret
wrong
+ = wrong
everyone else
+ =
secret
wrong
+ = wrong
+ = wrong
everyone else
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
secret message
2
alicebob key exchange
combination
2
alicebob key exchange
diffie-hellman key exchangewith no math and lots of colors!
diffie-hellman key exchangewith a little math and no colors
some rules
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
bob and alice agree on a random number
5
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
5
5 5
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
5
5 5
bob chooses a prime number and tells no one
7
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
5
5 5
alice chooses a prime number and tells no one
7 3
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
5
5 5
7 3
bob “mixes” his secret number with the public number and shares the result with alice
57
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
55 5
7 3
bob “mixes” his secret number with the public number and shares the result with alice
57
7
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
55 5
7 3
alice “mixes” her secret number with the public number and shares the result with bob
57
7
53
alicebob
bob’s knowledge alice’s knowledge
everyone’s knowledge
55
7 3
57
753
53
bob’s knowledge alice’s knowledge
everyone’s knowledge
5 57
(5 )3
53
bob and alice mix their secret numbers with their partner’s mix to get a new secret number
7 (5 )7 3
bob’s knowledge alice’s knowledge
everyone’s knowledge
5 57
5 (3 * 7)
53
5 (3 * 7)
bob’s knowledge alice’s knowledge
everyone’s knowledge
5 57
5 21
53
5 21
everyone else
secret5
21
55
7
53
everyone else
secret5
21
55
7
53
• 5 = 25
everyone else
secret5
21
55
7
53
• 5 = 25• 5 = 5
8
everyone else
secret5
21
55
7
53
• 5 = 25• 5 = 5
8
• = 557 10
everyone else
secret5
21
55
7
53
• 5 = 25• 5 = 5
8
• = 557 10
bob’s knowledge alice’s knowledge
everyone’s knowledge
5 57
5 21
53
5 21
encryption
1
alicebob
“secret”
“secret”s e c r e t
“secret”s e c r e t
01110011 01100101 01100011 01110010 01100101 01110100
521
521
476837158203125
521
476837158203125
11011000 11010111 00100110 10110111 00010111 01111010 1
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
11011000 11010111 00100110 10110111 00010111 01111010 1
5
bob
21
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
11011000 11010111 00100110 10110111 00010111 01111010 1
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
11011000 11010111 00100110 10110111 00010111 01111010
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
xor11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
1
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
10
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
101
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
1010
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
10101
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
101010
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
1010101
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
10101011
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
10101011
11011000 11010111 00100110 10110111 00010111 01111010
bob
01110011 01100101 01100011 01110010 01100101 01110100
s e c r e t
10101011 10110010 01000101 11000101 01110010 00001010
11011000 11010111 00100110 10110111 00010111 01111010
bob
encryption!
alicebob 10101011 10110010 01000101 11000101 01110010 00001010
10101011 10110010 01000101 11000101 01110010 00001010
alice
10101011 10110010 01000101 11000101 01110010 00001010
alice
11011000 11010111 00100110 10110111 00010111 01111010
521
10101011 10110010 01000101 11000101 01110010 00001010
alice
11011000 11010111 00100110 10110111 00010111 01111010
xor
10101011 10110010 01000101 11000101 01110010 00001010
alice
11011000 11010111 00100110 10110111 00010111 01111010
01110011 01100101 01100011 01110010 01100101 01110100s e c r e t
decryption!
alicebob
alicebob
we did it!