Post on 31-Dec-2015
description
transcript
Cryptography and the Web
Lincoln Stein
Whitehead Institute/MIT Center for Genome Research
Cryptography
The art of secret message writing. Creating texts that can only be read by
authorized individuals only.
Simple Cryptography
Plaintext
Key
Ciphertext
Caesar Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZ
NOPQRSTUVWXYZABCDEFGHIJKLM
THE GOTHS COMETH
rotate 13 positions
FUR TAFUE PAYRFU
Plaintext
Key
Ciphertext
13
ABCDEFGHIJKLMNOPQRSTUVWXYZBCDEFGHIJKLMNOPQRSTUVWXYZACDEFGHIJKLMNOPQRSTUVWXYZABDEFGHIJKLMNOPQRSTUVWXYZABCEFGHIJKLMNOPQRSTUVWXYZABCDFGHIJKLMNOPQRSTUVWXYZABCDEGHIJKLMNOPQRSTUVWXYZABCDEFHIJKLMNOPQRSTUVWXYZABCD...
Rotating Key Cipher
SOUND THE RETREAT
DEADFED
VSUPC XKG UEWWEX
plaintext
key
ciphertext
General Principles
Longer keys make better ciphers Random keys make better ciphers Good ciphers produce “random” ciphertext Best keys are used once and thrown away
Symmetric (Private Key) Cryptography
Examples: DES, RC4, RC5, IDEA, Skipjack Advantages: fast, ciphertext secure Disadvantages: must distribute key in
advance, key must not be divulged
DES: Data Encryption Standard
Widely published & used - federal standard Complex series of bit substitutions,
permutations and recombinations Basic DES: 56-bit keys
– Crackable in about a day using specialized hardware
Triple DES: effective 112-bit key– Uncrackable by known techniques
Asymmetric (Public Key) Cryptography
Examples: RSA, Diffie-Hellman, ElGamal Advantages: public key widely
distributable, does digital signatures Disadvantages: slow, key distribution
RSA
Algorithm patented by RSA Data Security Uses special properties of modular
arithmetic– C = Pe (mod n)– P = Cd (mod n)– e, d, and n all hundreds of digits long and
derived from a pair of large prime numbers Keys lengths from 512 to 1024 bits
Public Key Encryption: The Frills
Frill Technique
Fast encryption/decryption Digital envelopesAuthentication of sender Digital signatureVerification of message integrity Message digestsSafe distribution of public keys Certifying authorities
Digital Envelopes
Digital Signatures
Message Digests
Certifying Authorities
Hierarchy of Trust
Secure, Verifiable Transmission
Public Key Cryptography on the Web
Secure Socket Layer (SSL)– Netscape Communications Corporation
Secure HTTP (SHTTP)– Commerce Net
SSL and SHTTP, similarities
RSA public key cryptography MD5 message digests Variety of private key systems
– Strong cryptography for use in U.S.– Weakened cryptography for export.
SSL and SHTTP, differences
Physical Layer
Network interface
Internet
Transport
Application
SSL
HTTP
TELNET NNTP
FTP
SHTTP
Using SSL
Signed Certificate
Applying for a Server Certificate
Filling out Certificate Request
URLs
SSL Protocol– http://home.netscape.com/newsref/std/SSL.html
SHTTP Protocol– http://www.eit.com/projects/s-http/
Verisign– http://www.verisign.com/
RSA Data Security– http://www.rsa.com/