cryptography: basics & applications · • if m is always much larger than y, h is a...
TRANSCRIPT
![Page 1: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/1.jpg)
Cryptography: Basics & Applications
2013 JMU Cyber Defense Boot Camp
![Page 2: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/2.jpg)
What is this unit about?
• Lecturing– “Boring” lecturing (practice in next session)
• A topic that has challenged the human kind for more than 2000 years– Dated beyond Julius Caesar (around 56 BC)
• Slides are available at https://users.cs.jmu.edu/tjadenbc/Bootcamp/3-crypto.pdf
2013 Summer Camp 2
![Page 3: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/3.jpg)
Organization
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 3
Focus on concepts;
Skip details
![Page 4: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/4.jpg)
Road Map
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 4
![Page 5: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/5.jpg)
Questions
• How do you protect (the confidentiality of) your Turbo Tax file on your computer?– Full name, SSN, DOB, home address
• How do you protect the financial information on your computer?– Bank accounts, retirement plan accounts, stock
investment accounts
2013 Summer Camp 5Encrypt them? What is encryption?
![Page 6: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/6.jpg)
What the heck is Cryptography?
• We have heard “encryption” more• Cryptography
– Kryptos: hidden– -graphy
• writing or representation in a (specified) manner or by a (specified) means or of a (specified) object
• Traditionally, cryptography = encryption
2013 Summer Camp 6
![Page 7: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/7.jpg)
Welcome to the Wonderful Land
• Q: How many cryptographers does it take to change a light bulb?
• A: XIGHCBS
2013 Summer Camp 7
![Page 8: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/8.jpg)
Road Map
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 8
![Page 9: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/9.jpg)
Road Map
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 9
![Page 10: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/10.jpg)
Warm-up Questions
• 23 = ?• 24 = ?• 23 < 10 < 24 ?
• ?• ?• ?
• ?• ?
2013 Summer Camp 10
![Page 11: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/11.jpg)
2013 Summer Camp 11
Back-of-Envelope Calculations• How many seconds are there in a day?
24 × 60 × 60 = 86,400 secondsIn 2x?≤ 217
How?
86400 = 2x
8 × 104 ≈ 2xlog (8 × 104) ≈ log (2 )log 8 +log (104) ≈3 +4 × log (10) ≈≈ 16.3
![Page 12: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/12.jpg)
2013 Summer Camp 12
Back-of-Envelope Calculations• How many seconds are there in a day?
24 × 60 × 60 = 86,400 secondsIn 2x?≤ 217
• How many seconds are there in a year?365 days × 86,400 = 31,536,000 ≤ 225
• How many seconds in 100 years?3,153,600,000 seconds = 3.1536 × 109
≈ 3.1536 × 230 ≤ 232
100 years ≈ 232 seconds
![Page 13: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/13.jpg)
2013 Summer Camp 13
Seconds in 2?
• 1 hour: 60 × 60 = 3600 seconds (≤ 212)• 1 day: 24 × 60 × 60 = 86,400 seconds (≤ 217)• 1 month: 30 days × 86,400 = 2592000 seconds
(< 222)• 1 year: 365 days × 86,400 = 31,536,000 (< 225)• 100 years: 3,153,600,000 seconds = 3.1536 ×
109 ≈ 3.1536 × 230 ≤ 232
![Page 14: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/14.jpg)
2013 Summer Camp 14
Back-of-Envelope Calculations
• How many “operations” can a computer do in one second?
![Page 15: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/15.jpg)
Intel CPU
• Intel CPU: 3.45GHz• 3.45×109Hz• Clock rate: 3.45×109 times per second• Assumption: 3.45×109 basic operations per second
3.45×109 < 232;
• So in 100 years, this CPU can exhaust = 264
basic operations
2013 Summer Camp 15
![Page 16: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/16.jpg)
Nov. 14, 2012
• Fastest computer:– http://www.top500.org/
• DOE/SC/Oak Ridge National Laboratory17590.0 TFlop/s (17.59 PFLOPS)
17.59 × 1015 ≈ 1016.24 ≈ 254 calculations per second• 100 years ≈ 232 seconds• 100 year’s calculations: 254 × 232 = 286
2013 Summer Camp 16
![Page 17: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/17.jpg)
What if 1000000 Such Supercomputers?
• One supercomputer: 17.59 × 1015 ≈ 1016.24
• 1000000 (106) such computers1022.64 calculations per second
≈ 275.22
• 100 years: 232 seconds• 100 years’ calculations = ?
275.22 × 232 ≤ 2108
2013 Summer Camp 17
![Page 18: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/18.jpg)
What if 1 billion Such Supercomputers?
• One supercomputer: 17.59 × 1015 ≈ 1016.24
≈ 254 calculations per second• 1000000000 (109 ≈ 229.9) such computers
254×229.9 ≈ 284 calculations per second• 100 years: 232 seconds• How many calculations in 100 years?
284×232 ≈ 2116
2013 Summer Camp 18
Lessons?
Computers have computing limits
![Page 19: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/19.jpg)
1 Numbers (Intel CPU)• # of seconds in a day?• # of seconds in a year?• # of seconds in 100 years?• Intel CPU (3.45GHz) in 100 years?• 1 million Intel CPU (3.45GHz) in 100 years:• 1 billion Intel CPU (3.45GHz) in 100 years:
2013 Summer Camp 19
217
225
232
286
294
264
![Page 20: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/20.jpg)
1 Numbers (The Fastest Computer)
• # of seconds in a day?• # of seconds in a year?• # of seconds in 100 years?• The fastest computer in 100 years?• 1 million fastest computers in 100 years:• 1 billion fastest computers in 100 years:
2013 Summer Camp 20
217
225
232
286
2108
2116
![Page 21: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/21.jpg)
So?
• A 128-bit string 0110101010101…– Randomly generated
• How many tries does it take to guess it correctly?– On average: 2127
• How long will it take for these tries?– One billion Intel CPU (3.45GHz)?– One billion fastest computers?
2013 Summer Camp 21
Alice
800 billion years
200 thousand years
![Page 22: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/22.jpg)
Space
• 1K bytes• 1M bytes• 1G bytes• 1Tera bytes (TB)• 1Peta bytes (PB)• 1 exabyte (EB)• 1 zettabyte (ZB)• 1 yottabyte (YB)
• 210
• 220
• 230
• 240
• 250
• 260
• 270
• 280
2013 Summer Camp 22
4 terabytes = 242
120 PB (memory) ≈ 257
NSA data center in Utah: 5 zettabytes (storage)
![Page 23: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/23.jpg)
2013 Summer Camp 23
Passwords vs. a Strong Key• Assume that password length = 8, how many
passwords can we have?– The possible alphanumeric set size is (26 + 26 + 10
= 62), thus the possible combination size is 628 = 218340105584896 (≈248)
– {`!@#$%^&*()~’;,./:”<>?|{}[]\} = 90, thus the total combinations are at most 1278
≈256
Roughly 4 seconds for the fastest computer
![Page 24: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/24.jpg)
Road Map
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 24
![Page 25: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/25.jpg)
2013 Summer Camp 25
Symmetric Key Encryption
is a A symmetric key is a long binary string:
01110101010…Alice Bob
Eve
![Page 26: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/26.jpg)
2013 Summer Camp 26
Symmetric Key Encryption
Dear Bob
Tell Albert to get out of there
$β♥♦♣ƒϒ%ΩΛ?}{|•℘®gt…x
Dear Bob
Tell Albert to get out of there
A symmetric key is a A symmetric key is a long binary string:
01110101010…Alice Bob
Eve
![Page 27: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/27.jpg)
2013 Summer Camp 27
After 2000 years, We Know How to Do this
Dear Bob
Tell Albert to get out of there
$β♥♦♣ƒϒ%ΩΛ?}{|•℘®gt…x
Dear Bob
Tell Albert to get out of there
A symmetric key is a A symmetric key is a long binary string:
01110101010…Alice Bob
Advanced Encryption Standard (AES);
RC4
Eve
Are we cool?
![Page 28: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/28.jpg)
2013 Summer Camp 28
Personal Meetings?
A symmetric key is a A symmetric key is a long binary string:
01110101010…Alice Bob
Eve
![Page 29: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/29.jpg)
2013 Summer Camp 29
Too Many Meetings!
Alice
Bob Charlie
Dave
Eve
Frank
The n-thperson
The Internet( 1)Total: keys
2n n− ×
(n–1) keys
![Page 30: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/30.jpg)
2013 Summer Camp 30
Public Key Encryption (after 1970s)
Eve
Bob’spublic key
Bob’sprivate key
Alice
Bob
![Page 31: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/31.jpg)
2013 Summer Camp 31
Public Key Encryption
Eve
Bob’spublic key Bob’s
public key
Bob’sprivate key
Alice
BobDave
Telephone directory
![Page 32: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/32.jpg)
2013 Summer Camp 32
Decrypt
Dear Bob
Tell Albertto get out ofthere
Public Key Encryption
EncryptDear Bob
Tell Albertto get out ofthere
$β♥♦♣ƒϒ%ΩΛ?}{|•℘®gt…x
Eve
Bob’spublic key Bob’s
public key
Bob’sprivate key
Alice
BobDave
![Page 33: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/33.jpg)
2013 Summer Camp 33
It is Simpler
Alice
Bob Charlie
Dave
Eve
Frank
The n-thperson
The Internet nTotal : public/private
key pairs
Just 1 private key
Bob’spublic key
Bob’spublic key
![Page 34: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/34.jpg)
Algorithm Buzzwords
• Symmetric key encryption algorithms– Advanced Encryption
Standard (AES)– RC4 (Ron’s Cipher 4)
• Public-key encryption algorithms– RSA: Rivest-Shamir-
Adleman– Elliptic-curve encryption
CONF-I 34
![Page 35: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/35.jpg)
Road Map
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 35
![Page 36: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/36.jpg)
Signatures?
• Eat in a restaurant?– Sign your credit card payment
• Rent a house?– Sign the contract
• Get a car loan?– Sign the contract
2013 Summer Camp 36
Can we implement the concept of signature in the digital world?
Handwritten signatures can be copied: does not work well in the digital world
![Page 37: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/37.jpg)
2013 Summer Camp 37
Public Key Digital Signature
Eve
Alice’s public key
Alice’s private key
Alice
Bob
![Page 38: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/38.jpg)
2013 Summer Camp 38
Public Key Digital Signature
Eve
Alice’s public key
Alice’s public key
Alice’s private key
Alice
Bob
Dave
Telephone directory
![Page 39: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/39.jpg)
2013 Summer Camp 39
Public Key Digital Signature
VerifyY/N?
Sign
Dear BobSell 20 shares of my IBM stock
Dear Bob
Sell 20 shares of myIBM stock
010101010…(DIGITAL SIGNATURE)
Eve
Alice’s public key
Alice’s public key
Alice’s private key
Alice
Bob
Dave
![Page 40: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/40.jpg)
2013 Summer Camp 40
Public Key Digital Signature
VerifyY/N?
Sign
Dear BobSell 20 shares of my IBM stock
Dear Bob
Sell 20 shares of myIBM stock
010101010…(DIGITAL SIGNATURE)
Eve
Alice’s public key
Alice’s public key
Alice’s private key
Alice
Bob
Dave
![Page 41: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/41.jpg)
2013 Summer Camp 41
Decrypt
Dear Bob
Tell Albertto get out ofthere
Public Key Encryption
EncryptDear Bob
Tell Albertto get out ofthere
$β♥♦♣ƒϒ%ΩΛ?}{|•℘®gt…x
Eve
Bob’spublic key Bob’s
public key
Bob’sprivate key
Alice
BobDave
![Page 42: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/42.jpg)
2013 Summer Camp 42
We Know How to Implement Digital Signature
VerifyY/N?
Sign
Dear BobSell 20 shares of my IBM stock
Dear Bob
Sell 20 shares of myIBM stock
DIGITAL SIGNATURE
Eve
Alice’s public key
Alice’s public key
Alice’s private key
Alice
Bob
Dave
RSA digital signature; DSA, ECDSA
![Page 43: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/43.jpg)
Road Map
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 43
![Page 44: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/44.jpg)
One-way?
• One-way roads– You are not supposed to go
the other way– But you can (break the law)
2013 Summer Camp 44
![Page 45: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/45.jpg)
One-way Cryptographic Function?• A big file: 4G bytes, called m• For any function h, • IF for some special function h, given any value y,
it is hard (for you/anybody) to find such that
– h is called one-way function– You can try, but you won’t be able to computationally
(unlike one-way roads)• Most functions are not one-way• One-way functions are useful for information
security
2013 Summer Camp 45
![Page 46: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/46.jpg)
Example
• SHA512 is a cryptographic hash function
2013 Summer Camp 46
2013 JMU Cyber
Defense Boot Camp
3369b5a01d76e4ad39b3cbee58da04d3a3820a8565874166c130d7291d3516df188425302ba3f59f39f2cc136baa53f43a5d948fb7b8ca66e0bd17ee
483b897d
2013 JMU Cyber
Defense Boot Camp
![Page 47: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/47.jpg)
Cryptographic Hash Function
• For function h, • If m is always much larger than y, h is a
compression function• Form some special compression function h, it
is hard to find any pair (x, y), x ≠ y, such that h(x) = h(y), h is called collision resistant– Not collision proof
• If h is both one-way and collision resistant, h is called a cryptography hash function
2013 Summer Camp 47
![Page 48: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/48.jpg)
Example
• SHA512 is a cryptographic hash function
2013 Summer Camp 48
2013 JMU Cyber
Defense Boot Camp
3369b5a01d76e4ad39b3cbee58da04d3a3820a8565874166c130d7291d3516df188425302ba3f59f39f2cc136baa53f43a5d948fb7b8ca66e0bd17ee
483b897d
2013 JMU Cyber
Defense Boot camp
11c7535b9cd2c39f6ed14f0f2900e3bd612e6eff60e2449d06b690104eada4b0f711fd476a7d4ce3b6ffadf2fdc0968671f9dd70e8b20a6a25debd76
4188e47f
![Page 49: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/49.jpg)
Road Map
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 49
![Page 50: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/50.jpg)
2013 Summer Camp 50
Public Key Encryption
Encrypt Decrypt
Dear Bob
Tell Albertto get out ofthere
Dear Bob
Tell Albertto get out ofthere
$β♥♦♣ƒϒ%ΩΛ?}{|•℘®gt…x
Eve
Bob’spublic key Bob’s
public key
Bob’sprivate key
Read-only paper telephone directory does not work well
in the digital world!
Alice
Dave Bob
![Page 51: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/51.jpg)
2013 Summer Camp 51
Public Key Signature
Sign VerifyY/N?Dear Bob
Sell 20 shares of my IBM stock
Dear Bob
Sell 20 shares of myIBM stock
DIGITAL SIGNATURE
Eve
Alice’s public key
Alice’s public key
Alice’s private key
Alice Dave
Bob
Read-only paper telephone directory does not work well
in the digital world!
![Page 52: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/52.jpg)
2013 Summer Camp 52
Digital Certificate (1/6)
Alice
1 “Here is mypublic key”
Certification Authority (CA)
Cindy Notary public
![Page 53: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/53.jpg)
2013 Summer Camp 53
Digital Certificate (2/6)
Alice
1 “Here is mypublic key”
2 “Here is yourdigital certificate”
PublicDirectory
What is inside?
Certification Authority (CA)
Cindy3
![Page 54: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/54.jpg)
2013 Summer Camp 54
Digital Certificate (3/6)
• Questions: – How to verify the authenticity of the signed
message?– What do you need to verify?
Dear BobSell 20 shares of My IBM stock
Sign
Dear Bob
Sell 20 shares of myIBM stock
DIGITAL SIGNATURE
Cindy’s private key
![Page 55: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/55.jpg)
2013 Summer Camp 55
Digital Certificate (4/6)
Sign
Dear BobSell 20 shares of My IBM stock
Dear Bob
Sell 20 shares of myIBM stock
DIGITAL SIGNATURE
Cindy’s private key
• You need the signer’s public key!• What if you mistook a bad guy’s public
key as the signer’s public key?
![Page 56: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/56.jpg)
2013 Summer Camp 56
Digital Certificate (5/6)
Sign
Alice’s public key CA’s
private key
• Why not digitally sign a public keybefore it is distributed?
• How to verify the authenticity of the digitally signed public key?
DIGITAL SIGNATURE
Alice
![Page 57: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/57.jpg)
2013 Summer Camp 57
Digital Certificate (6/6)
Sign
Dear BobSell 20 shares of my IBM stock
Dear Bob
Sell 20 shares of myIBM stock
DIGITAL SIGNATURE
Cindy’s private key
Sign
CA’s private key
Alice’s public key
DIGITAL SIGNATURE
Alice
![Page 58: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/58.jpg)
2013 Summer Camp 58
Inside a Digital Certificate
0110010… (DIGITAL SIGNATURE)
Alice
Expiration date
![Page 59: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/59.jpg)
2013 Summer Camp 59
Public Key Encryption
Decrypt
Dear Bob
Tell Albertto get out ofthere
EncryptDear Bob
Tell Albertto get out ofthere
$β♥♦♣ƒϒ%ΩΛ?}{|•℘®gt…x
Eve
Bob’spublic key
1 Bob’sdigital certificate
Bob’sprivate key
Verify
DIGITAL SIGNATURE
DIGITAL SIGNATURE
Alice
Dave Bob
![Page 60: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/60.jpg)
2013 Summer Camp 60
Public Key Signature
VerifyY/N?
Sign
Dear BobSell 20 shares of my IBM stock
Dear Bob
Sell 20 Shares of myIBM stock
DIGITAL SIGNATURE
Eve
1 Alice’s digital certificate
Alice’s private key
DIGITAL SIGNATURE
Alice’s public key
Verify
DIGITAL SIGNATURE
Alice
Bob
Dave
![Page 61: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/61.jpg)
Quotes from Don Davis
• Q: How is a key-pair like a hand grenade? • A: You get two parts, there's no aiming, & it's
hard to use safely
• Q: How are they different? • A: With a grenade, you throw the dangerous
part away …
2013 Summer Camp 61
![Page 62: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/62.jpg)
Road Map
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 62
![Page 63: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/63.jpg)
What is This?
2013 Summer Camp 63
![Page 64: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/64.jpg)
2013 Summer Camp 64
VeriSign is CA
BOA is Alice
![Page 65: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/65.jpg)
2013 Summer Camp 65
![Page 66: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/66.jpg)
2013 Summer Camp 66
![Page 67: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/67.jpg)
2013 Summer Camp 67
![Page 68: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/68.jpg)
2013 Summer Camp 68
![Page 69: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/69.jpg)
2013 Summer Camp 69
![Page 70: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/70.jpg)
2013 Summer Camp 70
![Page 71: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/71.jpg)
2013 Summer Camp 71
![Page 72: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/72.jpg)
2013 Summer Camp 72
![Page 73: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/73.jpg)
2013 Summer Camp 73
![Page 74: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/74.jpg)
2013 Summer Camp 74
![Page 75: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/75.jpg)
2013 Summer Camp 75
![Page 76: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/76.jpg)
2013 Summer Camp 76
![Page 77: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/77.jpg)
2013 Summer Camp 77
![Page 78: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/78.jpg)
2013 Summer Camp 78
![Page 79: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/79.jpg)
2013 Summer Camp 79
![Page 80: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/80.jpg)
2013 Summer Camp 80
![Page 81: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/81.jpg)
2013 Summer Camp 81
But the certificate is for infosec.cisat.jmu.edu
You typed in www.infosec.jmu.edu
![Page 82: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/82.jpg)
2013 Summer Camp 82
![Page 83: Cryptography: Basics & Applications · • If m is always much larger than y, h is a compression function • Form some special compression function h, it is hard to find any pair](https://reader030.vdocuments.net/reader030/viewer/2022040617/5f201edbf3c9c76d2f4cf348/html5/thumbnails/83.jpg)
Summary
• The data confidentiality problem• Theory
– Numbers– Encryption– Digital signature– Cryptographic hashing– Digital certificates and PKI
• Tie everything together: HTTPS
2013 Summer Camp 83