Presentation is loading. Please wait.

Presentation is loading. Please wait.

David Evans CS200: Computer Science University of Virginia Computer Science Class 36: Public-Key Cryptography If you want.

Published byKevin Pope Modified over 8 years ago

Similar presentations

Presentation on theme: "David Evans CS200: Computer Science University of Virginia Computer Science Class 36: Public-Key Cryptography If you want."— Presentation transcript:

1 David Evans http://www.cs.virginia.edu/evans CS200: Computer Science University of Virginia Computer Science Class 36: Public-Key Cryptography If you want a guarantee, buy a toaster. Clint Eastwood (The Rookie, 1990)

2 16 April 2004CS 200 Spring 20042 Last Time How to store securely –Store the hash of the password One-way, collision resistant hashing function (e.g., md5) –Check the hash of the entered password matches the stored hash The password is transmitted over the Internet

3 16 April 2004CS 200 Spring 20043 Sending Passwords Encrypt User Server The Internet

4 16 April 2004CS 200 Spring 20044 Encrypt Decrypt Plaintext Ciphertext Plaintext User Server C = Encrypt K (P) P = Decrypt K (C) KK The Internet

5 16 April 2004CS 200 Spring 20045 From http://www.codesandciphers.org.uk/lorenz/fish.htm PS4: Lorenz Cipher

6 16 April 2004CS 200 Spring 20046 Modern Symmetric Ciphers A billion billion is a large number, but it's not that large a number.Whitfield Diffie Same idea but: –Use digital logic instead of mechanical rotors –Larger keys (random bits, not rotor alignments) PS4 = 5 3 ; Lorenz  5 12 < 10 9 Modern  128 bits > 10 37 –Encrypt blocks of letters at a time

7 16 April 2004CS 200 Spring 20047 Modern Ciphers AES (Rijndael) successor to DES selected 2001 128-bit keys, encrypt 128-bit blocks Brute force attack (around 10 30 times harder than Lorenz) –Try 1 Trillion keys per second –Would take 10790283070806000000 years to try all keys! –If that’s not enough, can use 256-bit key No known techniques that do better than brute force search

8 16 April 2004CS 200 Spring 20048 Encrypt Decrypt Plaintext Ciphertext Plaintext User Server KK The Internet How do User and Server agree on K (without sending it over the Internet)?

9 16 April 2004CS 200 Spring 20049 Key Agreement Demo (Animated version at end of slides.)

10 16 April 2004CS 200 Spring 200410 Asymmetric Cryptosystems Need a hard problem (like symmetric cryptosystems) With a trap door: if you know a secret, the hard problem becomes easy

11 16 April 2004CS 200 Spring 200411 One-Way Functions Easy to compute, hard to invert Trap-door one way function: –D (E (M)) = M –E and D are easy to compute. –Revealing E doesn’t reveal an easy way to compute D. –Hence, anyone who knows E can encrypt, but only someone who knows D can decrypt

12 16 April 2004CS 200 Spring 200412 RSA [Rivest, Shamir, Adelman 78] One-way function: multiplication is easy, factoring is hard Trap-door: number theory (Euler and Fermat)

13 16 April 2004CS 200 Spring 200413 Security of RSA n is public, but not p and q where n = pq How much work is factoring n ? n ~200 digits – would take quintillions of years Number Field Sieve (fastest known factoring algorithm) is: O(e 1.9223((ln (n)) 1/3 (ln (ln (n))) 2/3 ) The movie Sneakers is about what happens if someone discovers a O(n k ) factoring algorithm.

14 16 April 2004CS 200 Spring 200414 Asymmetric Cryptosystems Encryption and Decryption are done with different keys Keep one of the keys secret, reveal the other E KRA (E KUA (M)) = M Alice’s Public Key: KUA Alice’s Private Key: KRA Only KRA can decrypt a message encrypted using KUA.

15 16 April 2004CS 200 Spring 200415 Public-Key Applications: Privacy Alice encrypts message to Bob using Bob’s Private Key Only Bob knows Bob’s Private Key  only Bob can decrypt message Encrypt Decrypt Plaintext Ciphertext Plaintext Alice Bob Bob’s Public Key Bob’s Private Key

16 16 April 2004CS 200 Spring 200416 Signatures Bob knows it was from Alice, since only Alice knows Alice’s Private Key Non-repudiation: Alice can’t deny signing message (except by claiming her key was stolen!) Integrity: Bob can’t change message (doesn’t know Alice’s Private Key) Encrypt Decrypt Plaintext Signed Message Plaintext Alice Bob Alice’s Private Key Alice’s Public Key

17 16 April 2004CS 200 Spring 200417 Encrypt Decrypt Plaintext Ciphertext Plaintext User Server KU S KR S The Internet Public Key Private Key How does User know the public key to use?

18 16 April 2004CS 200 Spring 200418 Key Management

19 16 April 2004CS 200 Spring 200419 Approach 1: Meet Secretly User and Server Operator meet secretly and swap public keys –If you can do that, might as well agree on a secret (symmetric key) instead –Doesn’t work for Internet transactions

20 16 April 2004CS 200 Spring 200420 Approach 2: Public Announcement Publish public keys in a public forum –Append to email messages –Post on web site –New York Time classifieds Easy for rogue to pretend to be someone else –Forge email, alter web site, lie to New York Times

21 16 April 2004CS 200 Spring 200421 Approach 3: Public Directory Trusted authority maintains directory mapping names to public keys Entities register public keys with authority in some secure way Authority publishes directory –Print using watermarked paper, special fonts, etc. –Allow secure electronic access Depends on secure distribution of directory’s key

22 16 April 2004CS 200 Spring 200422 Approach 4: Certificates VeriSign UserServer KU S C S = E KR VeriSign [“Server”, KU S ] CSCS Request $$$$ E KUVeriSign (C S ) = [“Server”, KU S ] Knows KR S

23 16 April 2004CS 200 Spring 200423 SSL (Secure Sockets Layer) Browser Server Hello KR CA [Server Identity, KU S ] Check Certificate using KU CA Pick random K KU S [K] Find K using KR S Secure channel using K Note: This is slightly simplified from the actual SSL protocol. This version is vulnerable to a person-in- the-middle attack!

24 16 April 2004CS 200 Spring 200424 Data encrypted using secret key exchanged using some public key associated with some certificate.

25 16 April 2004CS 200 Spring 200425

26 16 April 2004CS 200 Spring 200426

27 16 April 2004CS 200 Spring 200427

28 16 April 2004CS 200 Spring 200428 How do you make your web site password form encrypt its input? http:// https://

29 16 April 2004CS 200 Spring 200429 Charge Exam 2 due Monday Next week: –Why Sneakers is also about solving the Cracker Barrel puzzle in O(n k ) –(Not necessary to see Sneakers for next week’s classes)

30 16 April 2004CS 200 Spring 200430 Animated version of Asymmetric Cryptography Demo

31 16 April 2004CS 200 Spring 200431 Padlocked Boxes Alice Hi!

32 16 April 2004CS 200 Spring 200432 Padlocked Boxes Alice Hi! Alice’s Padlock Alice’s Padlock Key

33 16 April 2004CS 200 Spring 200433 Padlocked Boxes Alice Alice’s Padlock Key Shady Sammy’s Slimy Shipping Service

34 16 April 2004CS 200 Spring 200434 Padlocked Boxes Alice Hi! Bob Bob’s Padlock Bob’s Padlock Key Alice’s Padlock Key

35 16 April 2004CS 200 Spring 200435 Padlocked Boxes Alice Hi! Bob Bob’s Padlock Key Alice’s Padlock Key

36 16 April 2004CS 200 Spring 200436 Padlocked Boxes Alice Hi! Bob Bob’s Padlock Key Alice’s Padlock Key

37 16 April 2004CS 200 Spring 200437 Padlocked Boxes Alice Hi! Bob Bob’s Padlock Key

38 16 April 2004CS 200 Spring 200438 Padlocked Boxes Alice Hi! Bob Bob’s Padlock Key Hi!

Download ppt "David Evans CS200: Computer Science University of Virginia Computer Science Class 36: Public-Key Cryptography If you want."

Similar presentations

IS 302: Information Security and Trust Week 4: Asymmetric Encryption

IS 302: Information Security and Trust Week 4: Asymmetric Encryption
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures. Anononymity and the Internet.

Digital Signatures. Anononymity and the Internet.
Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies

Cryptographic Technologies
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.

1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Similar presentations

Ads by Google