Post on 11-Jul-2020
transcript
Learning Practical Cryptography
Cryptosmith Video Series #1
Rick Smith December, 2016
Fiction, not Fact.Reality was worse
“Get Smart”© NBC Television
Genuine 1960s phone security,
not including the radio,or the power.
Installed in trucks, ships.
The cell phone: asmall, practical
device
Modern Mobile Crypto Apps✤ Strong crypto, easy to install✤ But do they really protect your data?
??
??
???
?? ?
A crypto failure on the web.But what does it mean?
Do we need to fix it?
from “IOS Security” April 2016© Apple, Inc.
Learn the words and conceptsand it makes sense
From the Cryptography 1 course offered on Courseraby Dan Boneh, Stanford University
Makekey pair
b4cd11bcf084c19d112879d0
Shared Secret
b4cd11bcf084c19d112879d0
Shared Secret
From Authentication © 2002. Used by permission
Video = automated diagrams
Start/Stop the Video
} Like, Save, Sharing, etc.
Full Screen 1080p
Controls
} Notes on how to watch this video
} Link to the next video, or to
related videos
Video Notes: a link to additional notes about
the video’s contents
Grade School Crypto
Ciphers hide the
meaning of text
Zfmebop efab qeb jbxkfkd lc
qbuq
encryption, decryption, ciphers, keys, algorithms, code cracking, cryptanalysis, letter frequency analysis
Eavesdropping on a Mobile Purchase
Cryptosmith Video Series #2
Rick Smith, December, 2016
Buying a Coffee Pot
Buying a Coffee Pot
DANGERZONE
Safe Zone
Safe Zone
Protecting Private Data:Encrypt itKeep it in a safe zone
AES
b4cd11bcf084c19d112879d0
The Key
b4cd11bcf084c19d112879d0
The Key
The datato encrypt
AES
The decrypted
data
Encrypt
Decrypt
b4cd11bcf084c19d112879d0
The Key
b4cd11bcf084c19d112879d0
The Key
Secret Sharing with Public Key Crypto
Cryptosmith Video Series #3
Rick Smith, April, 2017
b4cd11bcf084c19d112879d0
Secret Key
The datato encrypt
The decrypted
dataCipher
b4cd11bcf084c19d112879d0
Secret Key
To protect our sensitive data…
… we must protect the secret key
Cipher
Encrypt
Decrypt
How do we share the secret key?
The key is easy to intercept
b4cd11bcf084c19d112879d0
Secret Key
b4cd11bcf084c19d112879d0
Secret Key
b4cd11bcf084c19d112879d0
Secret Key
The Phone’s Special InfoThe Server’s Special Info
Share a Secret Keywithout earlier preparations
b4cd11bcf084c19d112879d0
Secret Key
b4cd11bcf084c19d112879d0
Secret Key
Eavesdropping does not leak the shared secret
?
Special Info = Public Key
✤ A public key hides a private key inside
Generatea public-private
key pairRandom input
Public Key
Private Key
Special Info = Public Key
✤ A public key hides a private key inside✤ We can share the public key in public✤ A public key hides a private key inside
Public Key
✤ A public key hides a private key inside✤ We can share the public key in public✤ The private key must remain secret
Special Info = Public Key
✤ A public key hides a private key inside✤ We can share the public key in public
Public Key
Private Key
The Phone’s Special InfoThe Server’s Special Info
The Server’s Public Key
The Phone’s Public Key
b4cd11bcf084c19d112879d0
Secret Key
Use the phone’s private keyand the server’s public keyto create their shared secret key
For the Phone:
Building the Shared Secret
Building the Shared Secret
The Server’s Public Key
The Phone’s Public Key
Use the server’s private keyand the phone’s public keyto create their shared secret key
b4cd11bcf084c19d112879d0
Secret Key
For the Server:
b4cd11bcf084c19d112879d0
Secret Key
Private Key Private Key
Building the Shared SecretChoose a library function:✤ Elliptic Curve ✤ Diffie-Hellman
Secret Sharing
b4cd11bcf084c19d112879d0
Shared Secret
Private Key
Public Key
b4cd11bcf084c19d112879d0
Secret Key
b4cd11bcf084c19d112879d0
Secret Key
A reliable, secure data link requires
✤ Public key exchange toconstruct a shared secret
✤ A strong cipher whose keysare known to both devices
Encrypt
Decrypt
Transport LayerSecurity (TLS - SSL)
Transport Layer Security (TLS - SSL)
Cryptosmith Video Series #4
Rick Smith, March, 2017
What’s in a name?
TLSTransport Layer Security
SSLSecure Sockets Layer
TLSTransport Layer Security
SSLSecure Sockets Layer
protocol:
got it!
1. set of rules that explain correct conduct and proceduresfor 2 or more parties
2. set of rules for handling andformatting computer data
TLS evolved from the SSL Protocol✤ Introduced in 1994✤ https://
The TLS Protocolfor safe communication between 2 devices
1. Create a secret-sharing public key pair
2. Use public-key crypto to establish a shared secret
3. Use the shared secret to establisha secure link using a secret-key cipher.
4. Use the secure link to exchange encrypted messages.
4 Steps
b4cd11bcf084c19d112879d0
Shared Secret
b4cd11bcf084c19d112879d0
Shared Secret
Step 1: Create a key pair
Makekey pair Phone creates a new pair when
it opens a new connection
Step 2: Establish a shared secret
Makekey pair
1. Phone sends public key and asks for a TLS connection
2. Server creates a key pair3. Server sends its public key4. Devices compute the shared secret
b4cd11bcf084c19d112879d0
Shared Secret
b4cd11bcf084c19d112879d0
Shared Secret
Step 3: Establish encrypted link
Hash
b4cd11bcf084c19d112879d0
Shared Secret
b4cd11bcf084c19d112879d0
Shared Secret
Hash
812d0b4ccd1f019d4c181b79
Phone Key
812d0b4ccd1f019d4c181b79
Phone Key
12d0bf4c5c1b819d61c4c179
Server Key
12d0bf4c5c1b819d61c4c179
Server Key
1. Devices create crypto keysusing a “hash” function
✤ Separate keys for separate roles
Step 3: Establish encrypted link
Encrypt
Decrypt
hello?hello?
812d0b4ccd1f019d4c181b79
Phone Key
1. Devices create crypto keysusing a “hash” function
✤ Separate keys for separate roles2. Phone sends message to test
the encrypted link
812d0b4ccd1f019d4c181b79
Phone Key
1. Devices create crypto keysusing a “hash” function
✤ Separate keys for separate roles
Step 3: Establish encrypted link
okay!
1. Devices create crypto keysusing a “hash” function
✤ Separate keys for separate roles2. Phone sends message to test
the encrypted link3. Server sends reply to confirm
the test message arrived
12d0bf4c5c1b819d61c4c179
Server Key
12d0bf4c5c1b819d61c4c179
Server Key
1. Devices create crypto keysusing a “hash” function
✤ Separate keys for separate roles2. Phone sends message to test
the encrypted link
okay!
Cipher
Cipher
Decrypt
Encrypt
Step 4: Exchange messages safely
Cipher
Cipher
b4cd11bcf084c19d112879d0
The Key
Decrypt
PAY $2K TO BOB
Encrypt
b4cd11bcf084c19d112879d0
The Key
PAY $6K TO ROB
NFF %8C UIF BSL
NFF %7G UIF CSL
Message IntegrityThe text must not be altered
How do we detect an altered message?
Hash functions!
Protecting Message Integrity
Cryptosmith Video Series #5
Rick Smith, January, 2017
b4cd11bcf084c19d112879d0
The Key
Decrypt
PAY $2K TO BOB
Encrypt
b4cd11bcf084c19d112879d0
The Key
PAY $6K TO ROB
NFF %8G UIF BSL
NFF %7G UIF CSL
Message IntegrityHow do we detect altered text?
We add extra data to detect changes.
NFF %8G UIF BSL K(check value)
Use the numeric values of the data in the message to calculate a check value.
Sending: N+F+F+%+8+G+U+I+F+B+S+L = K
Received: N+F+F+%+7+G+U+I+F+C+S+L = W
NFF %8G UIF BSL K(check value)
NFF %7G UIF CSL K(check value)
Recalculate the check value for the received message.Damage yields a different check value.
One Way Hash functions
✤ More than a simple check digit calculation✤ Input: 1 or more bytes, and can take a huge input✤ Output: a fixed size (example: 128 bits for “SHA 128”)
A GOOD GLASS IN THE BISHOP'S HOSTEL IN THE … … FROM THE TREE THROUGH THE SHOT FIFTY FEET OUT
43 84 9f 75 61 4a 49 8b 00 d5 28 a4 59 fc 9d de
Hash
One Way Hash functions
✤ Not encryption: no procedure to simply invert it✤ Hashing a second time mixes the data even more
A GOOD GLASS IN THE BISHOP'S HOSTEL IN THE … … FROM THE TREE THROUGH THE SHOT FIFTY FEET OUT
43 84 9f 75 61 4a 49 8b 00 d5 28 a4 59 fc 9d de
UnHashHash
b5 3c e2 fa 7c 4f a7 c8 8e 33 b4 2e 57 da 13 30
Hash
PAY $2K TO BOB
Hash
PAY $2K TO BOB
UK
Message IntegrityInclude the message hash (“UK”)
Check thehash values
Hash
PAY $2K TO BOB
Hash
PAY $2K TO BOB
UK
Message IntegrityAny change causes a mismatch
PAY $6K TO ROB
UK
Check thehash values
Hash
PAY $2K TO BOB
Hash
PAY $2K TO BOB
UK
Message IntegrityWhat about intentional changes?
PAY $6K TO ROB
GV
Check thehash values
The hash calculation shouldinclude secret information
Keyed Hashing✤ Include secret information - a key - to prevent
attackers from making undetected changes
A GOOD GLASS IN THE BISHOP'S … THROUGH THE SHOT FIFTY FEET OUT
43 84 9f 75 61 4a 49 8b
Hash
b4cd11bc f084c19d 112879d0
The KeyThe Message
Keyed Hashing✤ Recipient uses the shared secret key to check for
alterations in the message
A GOOD GLASS IN THE BISHOP'S … THROUGH THE SHOT FIFTY FEET OUT 43 84 9f 75 61 4a 49 8b
b4cd11bc f084c19d 112879d0
The KeyThe Message
The Wrapped Message The transmitted hash
Keyed Hashing✤ Recipient uses the shared secret key to check for
alterations in the message
A GOOD GLASS IN THE BISHOP'S … THROUGH THE SHOT FIFTY FEET OUT
43 84 9f 75 61 4a 49 8b
b4cd11bc f084c19d 112879d0
The KeyThe Message
The transmitted hash
43 84 9f 75 61 4a 49 8b
Hash
=
Crypto mechanisms can fail
WEPWhat makes crypto weak