Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital Signatures. Anononymity and the Internet.

Similar presentations


Presentation on theme: "Digital Signatures. Anononymity and the Internet."— Presentation transcript:

1 Digital Signatures

2 Anononymity and the Internet

3 Potential For Mischief Microsoft You Hacker Controlled Website

4 Signature Signature - verifies identity What could go wrong?

5 Signature Bank Record of signatures

6 Physical Signature Sign a message by locking with a key you own

7 Physical Key Back Still need a trusted entity to manage keys

8 Asymmetric Cryptography Symmetric cryptography: Key for encoding same as key for decoding – Shift three letters Asymmetric cryptography: Key for encoding different than for decoding

9 Simple Example Encryption Key : – Multiply by 6, clock size 11 – Encode 5 = 5 * 6 clock 11 = 30 clock 11 = 8

10 Decoding If x * 6 clock 11 = y then y * 2 clock 11 = x

11 Decryption Key 2 is the decryption Key for encryption key 6 and clock size 11

12 Picking Keys Pick clock size C – Prime clock sizes work best Find x and y such that x * y clock C = 1

13 Public / Private One key is kept private Other key made public – Give to anyone who wants it

14 Private Key Any message encrypted with a private key MUST have been written by the person who signed it Anyone can decrypt the message – Encryption for authentication not secrecy

15 How Do We Know Public Key Is Good? Ravi You Hacker Controlled Website

16 Authenticating a Key Official key bank??

17 Can't Really Trust a Bank Key Bank You Hacker Controlled Website

18 Authenticating a Key Key bank "signs" people's public keys by encrypting them

19 Authenticating a Key Browsers come with public keys of known banks called Certification Authorities

20 2 Part Message Send two things: – Message encrypted with private key – Public key encrypted by trusted authority

21 Chain Of Trust Reality may involve chain of locks

22 Encrypting With Public Key Anyone can use public key to secretly send message to holder of private key Locked with Private Key Authentication Locked with Public Key Secrecy

23 Web Security HTTPS : Secure web connection – Browser asks server for public key – Browser picks shared secret, encrypts with public key, sends to server

24 RSA Multiplication keys too easy to break…

25 RSA Multiplication keys too easy to break… …use exponents RSA (Rivest, Shamir, Adelman) invented algorithm in 1977

26 RSA Math Private key : raise to x power, clock size C Public key : raise to y power, clock size C Message: 4 4 3 clock 22 = 64 clock 22 = 20 Encrypted: 20 20 7 clock 22 = 4

27 Picking Keys Start with two prime numbers p, q – multiply to make clock size Pick private key, calculate public key from private, p and q using multiplication trick

28 Picking Keys Start with two prime numbers p, q – multiply to make clock size Pick private key, calculate public key from private, p and q using multiplication trick If anyone figures out p and q they can figure out your private key

29 Factoring Factoring large numbers is hard – But we are getting faster

30 Factoring Factoring large numbers is hard – But we are getting faster Larger keys : 2048 bits (prime numbers with 100's of digits)

31 Factoring Factoring large numbers is hard – But we are getting faster Larger keys : 2048 bits (prime numbers with 100's of digits) May need to move to different kinds of math: http://arstechnica.com/security/2013/10/a- relatively-easy-to-understand-primer-on- elliptic-curve-cryptography/2/ http://arstechnica.com/security/2013/10/a- relatively-easy-to-understand-primer-on- elliptic-curve-cryptography/2/

32 Two messages: My public key: exponent 3, clock 34 encrypted ^ exponent mod clock = message Which 1 of these messages is NOT from me? – Three should check out, one should not Message 54158 Encrypted Version 1130122


Download ppt "Digital Signatures. Anononymity and the Internet."

Similar presentations


Ads by Google