Cryptographic teaching toolsCryptographic teaching tools

Presented by: Suan Khai Chong

Supervisor: Assoc. Prof. Graham Farr

Second Reader: Dianne Hagan

BackgroundBackground

Need to securely transmit information between two or more parties.

Methods have been devised to meet this need.

Cryptography is the study of these methods.

CryptographyCryptography

Plain text Original Plain text

Cipher textCipher text

Cryptography (cont…)Cryptography (cont…)

A very long history…

Recent emergence of public key cryptography spurred interest in it.

Public-key cryptographyPublic-key cryptography

Alice Bob

message

public keyprivate key

Public key cryptography (cont…)Public key cryptography (cont…)

Cryptosystems which involve use of public and private keys for encryption and decryption.

Some types of public-key cryptosystems: RSA, Diffie Hellman and Shamir.

Learning & Teaching CryptographyLearning & Teaching Cryptography

Success of public-key cryptosystems

Growing popularity of cryptography

leads toleads to

Interest in learning cryptography

promotespromotes

Effective ways of teaching cryptography

creates need forcreates need for

General AimGeneral Aim

Automated Cryptographic Teaching Tools

• As an aid to teaching and learning several public key cryptosystems

NOT writing secure implementations of cryptosystems.

Correct RSA calculationCorrect RSA calculation

N=77, e=7, p=11, q=7, c=5(Encrypted msg)Decryption

Extended Euclidean algorithm

d=e^(-1) mod ((p-1)(q-1))

Msg, m=c^d mod N*RSA: a public-key cryptosystem

Fast modular exponentiation

Error paths in RSA exerciseError paths in RSA exercise

*RSA is a type of public-key cryptosystem

11 10 17 43 7 2

Decryption key dDecryption key d

N=77, e=7, p=11, q=7, c=5(Encrypted msg)

55 232333 99 3131 5555 333131232375756767

correct pathwrong path

Doing exercises by handDoing exercises by hand

An important part of learning cryptography is doing exercises by hand. However…

It is difficult to construct exercises by hand with the following properties:

a. Sound examplesb. Diagnostic examples

SoundSound/Diagnostic examples/Diagnostic examples

Sound example: Wrong path leads to wrong answer. Student must do the correct calculation to

arrive at the right answer.

Diagnostic example: All paths give different answers. Student’s answer indicates the type of

mistake made.

Existing workExisting work

Example generators Example generators have been have been built by Laura Frost built by Laura Frost and Simon Hawley (2002-3) for the following and Simon Hawley (2002-3) for the following cryptosystems:cryptosystems:

RSA Diffie-Hellman Shamir ElGamal Chaum’s e-cash

RSA example generatorRSA example generator

random keys

All paths

Diagnostic?

correct path

Project JustificationProject Justification

A fair question to ask would be:How useful are these example generators?

Useful for the person constructing examples. Provides guidance to person doing examples. Statistics are helpful for researching in the properties of

examples.

Answer:

Useful!!!

DeliverablesDeliverables

1. Refining of existing programs to enhance structure and usability.

2. Support for additional cryptosystems.

3. Experimentation with data sets to study sound/diagnostic examples.

4. Construction of web interfaces.

Results OverviewResults Overview

1. System Functionalities.

2. Additional example generators.

3. Web-based interface.

4. Example probabilities table.

5. Evaluation of table results.

1. System Functionalities1. System Functionalities

Three main modes of operation:Random modeInteractive modeCalculate mode

Main modes: RandomMain modes: Random

Generates example without tweaking parameters.

How this works? Select parameters to be small enough for pen and

paper. Parameters must have suitable mathematical

characteristics. ( e.g. not self-inverses in RSA) Extra options: displaying working or path tree.

Main modes: InteractiveMain modes: Interactive

Requires information from user for individual keys.

How this works? Show user appropriate inputs i.e. small with

suitable properties. Let user select from inputs. Generate example with those inputs Display output depending on extra options.

Main modes: CalculateMain modes: Calculate

Functionality

Loops over existing examples to calculate probabilities

Determines percentage of sound/diagnostic examples.

How it works ? User specifies parameters to be fixed or looped. Several examples are generated and compared. Program outputs example types, probabilities.

Display: Path SelectionDisplay: Path Selection

Selection of paths that users want considered.

Rationale: Some error paths are more probable than

others. Students become expert with parts of

cryptosystems over time.

Path Select InterfacePath Select Interface

Display: Path Tree DisplayDisplay: Path Tree Display

A visual representation of path table.

2. Additional example generators2. Additional example generators

The additional generators are:

Knapsack RSA signature scheme

Design considerationsDesign considerations

How is an example generator built?

1. Work out possible paths by pen and paper.

2. Determine characteristics unique to cryptosystem.

3. Implement with some code reuse.

3. Web interface3. Web interface

Consistent input layout for all cryptosystems

Input Interface: Key Input DialogInput Interface: Key Input Dialog

Figure: RSA Calc. Mode Input dialog

Generated OutputGenerated Output

Web output scrollpane

4. Probabilities table4. Probabilities table

0

0.2

0.4

0.6

0.8

1

1.2

Modulus n

Pro

bab

iliti

es

Unsound

Sound

Diagnostic

N.B. Probabilities table similar for other cryptosystems

Evaluation of probabilitiesEvaluation of probabilities

It is hard to generate examples that are diagnostic.

Probabilities of sound/diagnostic examples increase as input size increases.

DemonstrationDemonstration

Looking at everything we have talked about…

Main website:http://www.csse.monash.edu.au/~skcho5/

Discussion of resultsDiscussion of results

In short, this project contributes significantly in the following ways:

Web interface lets users interact with the tool easily.

It is easy to generate examples with suitable properties.

Students can learn by example (steps through en/decryption).

Future WorkFuture Work

Project provides a basis for further work:

A generic path tree representation. Better visualization of output. Allowing output of encryption to be given

to decryption. A progress indicator. Support for additional generators.

Q & AQ & A

Any Questions?