Download presentation
Presentation is loading. Please wait.
Published byNicholas Thornton Modified over 9 years ago
1
Digital Signatures
2
Anononymity and the Internet
3
Potential For Mischief Microsoft You Hacker Controlled Website
4
Signature Signature - verifies identity What could go wrong?
5
Signature Bank Record of signatures
6
Physical Signature Sign a message by locking with a key you own
7
Physical Key Back Still need a trusted entity to manage keys
8
Asymmetric Cryptography Symmetric cryptography: Key for encoding same as key for decoding – Shift three letters Asymmetric cryptography: Key for encoding different than for decoding
9
Simple Example Encryption Key : – Multiply by 6, clock size 11 – Encode 5 = 5 * 6 clock 11 = 30 clock 11 = 8
10
Decoding If x * 6 clock 11 = y then y * 2 clock 11 = x
11
Decryption Key 2 is the decryption Key for encryption key 6 and clock size 11
12
Picking Keys Pick clock size C – Prime clock sizes work best Find x and y such that x * y clock C = 1
13
Public / Private One key is kept private Other key made public – Give to anyone who wants it
14
Private Key Any message encrypted with a private key MUST have been written by the person who signed it Anyone can decrypt the message – Encryption for authentication not secrecy
15
How Do We Know Public Key Is Good? Ravi You Hacker Controlled Website
16
Authenticating a Key Official key bank??
17
Can't Really Trust a Bank Key Bank You Hacker Controlled Website
18
Authenticating a Key Key bank "signs" people's public keys by encrypting them
19
Authenticating a Key Browsers come with public keys of known banks called Certification Authorities
20
2 Part Message Send two things: – Message encrypted with private key – Public key encrypted by trusted authority
21
Chain Of Trust Reality may involve chain of locks
22
Encrypting With Public Key Anyone can use public key to secretly send message to holder of private key Locked with Private Key Authentication Locked with Public Key Secrecy
23
Web Security HTTPS : Secure web connection – Browser asks server for public key – Browser picks shared secret, encrypts with public key, sends to server
24
RSA Multiplication keys too easy to break…
25
RSA Multiplication keys too easy to break… …use exponents RSA (Rivest, Shamir, Adelman) invented algorithm in 1977
26
RSA Math Private key : raise to x power, clock size C Public key : raise to y power, clock size C Message: 4 4 3 clock 22 = 64 clock 22 = 20 Encrypted: 20 20 7 clock 22 = 4
27
Picking Keys Start with two prime numbers p, q – multiply to make clock size Pick private key, calculate public key from private, p and q using multiplication trick
28
Picking Keys Start with two prime numbers p, q – multiply to make clock size Pick private key, calculate public key from private, p and q using multiplication trick If anyone figures out p and q they can figure out your private key
29
Factoring Factoring large numbers is hard – But we are getting faster
30
Factoring Factoring large numbers is hard – But we are getting faster Larger keys : 2048 bits (prime numbers with 100's of digits)
31
Factoring Factoring large numbers is hard – But we are getting faster Larger keys : 2048 bits (prime numbers with 100's of digits) May need to move to different kinds of math: http://arstechnica.com/security/2013/10/a- relatively-easy-to-understand-primer-on- elliptic-curve-cryptography/2/ http://arstechnica.com/security/2013/10/a- relatively-easy-to-understand-primer-on- elliptic-curve-cryptography/2/
32
Two messages: My public key: exponent 3, clock 34 encrypted ^ exponent mod clock = message Which 1 of these messages is NOT from me? – Three should check out, one should not Message 54158 Encrypted Version 1130122
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.