www.novell.com the secrets of keeping secrets gary j porter senior network analyst mindworks, inc....
TRANSCRIPT
![Page 1: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/1.jpg)
www.novell.com
The Secrets of Keeping SecretsThe Secrets of Keeping Secrets
Gary J PorterSenior Network AnalystMindWorks, Inc. of [email protected]
![Page 2: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/2.jpg)
Crypto—ASCII style
• ASCII represents 27 bits (128) which can represent all of the English alphabet plus punctuation
A = 1000001 a = 1100001
• Because ASCII uses bits to represent letters,
it’s a kind of cypher
![Page 3: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/3.jpg)
Transposition Cipher
• One of the simplest transposition ciphers substitutes the first and second digits and the third and forth digits
• Megan ASCII— 1001101 1100101 1100111 1100001 1101110 Cypher— 0110101 0011101 0011111 0011001 0010110
• 5 ) 1 % “
![Page 4: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/4.jpg)
Key-Based Algorithm
The security of key-based algorithms is based on
the secrecy of the algorithm, the key(s), or both
![Page 5: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/5.jpg)
Private Key Cryptosystem(Symmetric)
Dear Cindy,
You are so
beautiful!
ANQR1DBw
4DokTETykx
LwQB/9JZe
7eCzXW
9iYVNOT
HWjioKOI
Dear Cindy,
You are so
beautiful!
ANQR1DBw
4DokTETykx
LwQB/9JZe
7eCzXW
9iYVNOT
HWjioKOI
Clear TextClear Text Clear TextClear TextCypher TextCypher Text Cypher TextCypher Text
Same Encryption KeySame Encryption Key
![Page 6: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/6.jpg)
Modified Substitution Cipher
• Message = COOL
• In ASCII
• Key = MEGAN
• Ciphertext
1000010100111110011111001100
01101010011101001111100110010010110
1110111101001010100001010101
Key longer than message is okayKey longer than message is okay
![Page 7: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/7.jpg)
Modified Substitution Cipher
• Can be broken with simple techniques• Not secure
SECURE
![Page 8: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/8.jpg)
Whitfield Diffie
• Interested (obsessed!) with the key distribution problem
• Imagined two strangers meeting on the net—wondered how they would send secret messages
![Page 9: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/9.jpg)
• Was reluctant to even talk to Diffie
• Eventually became Diffie’s crypto-partner
• Solved the key exchange problem
Martin Hellman
![Page 10: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/10.jpg)
Cryptography: Algorithms and Keys
• A method of encryption and decryption is called a cipher
• Generally there are two related functions Encryption Decryption
• All modern algorithms use a key to control encryption and decryption
• Encryption key may be different from decryption key
![Page 11: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/11.jpg)
From the Minds of Diffie/Hellman
• The postal problem...
Demonstration
![Page 12: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/12.jpg)
Postman
To: Wilt Diffie
Wow! I can see inside. I think I’ll
take a look!
Got here safely.
![Page 13: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/13.jpg)
Postman
I’ll lock it this time
![Page 14: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/14.jpg)
Postman
Hummm!
I can’t see either—I’ll lock it too!
![Page 15: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/15.jpg)
Postman
![Page 16: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/16.jpg)
Postman
![Page 17: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/17.jpg)
Postman
![Page 18: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/18.jpg)
Postman
![Page 19: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/19.jpg)
Postman
![Page 20: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/20.jpg)
• Alice’s key abcdefghijklmnopqrstuvwxyz EDIRCTOYNUWAPFLMBGJZHKQXVS
• Bob’s key Abcdefghijklmnopqrstuvwxyz ZNAMSREVILYUCKOGJTBWDXQHPF
• Message lost my hotel key• Encrypted with Alice’s key ALJZ PV YLZCA WCV• Encrypted with Bob’s key UOBW CP VOWSU YSP• Decrypted with Alice’s key HLDQ IM KLQJH VJM• Decrypted with Bob’s key VUMJ IC YUJLV XLC
Why the Postal Example Won’t Work
![Page 21: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/21.jpg)
One-Way Functions
• Diffie and Hellman were not interested in two-way functions, only solving the problem with one-way functions
• Because they could imagine the postal example, there MUST be a solution
![Page 22: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/22.jpg)
sender receiver
Bob Alice
![Page 23: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/23.jpg)
Enck
Types of Algorithms
Symmetric (Encryption)
M ciphertext ciphertext Mencryption decryption
Deck
kk
sender receiver
Bob Alice
![Page 24: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/24.jpg)
One-Way Function
Demonstration
![Page 25: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/25.jpg)
5 + 10 (mod 12) = 38 + 31 (mod 12) = 3
![Page 26: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/26.jpg)
Diffie/Hellman Key Exchange Technique
Demonstration
![Page 27: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/27.jpg)
2929292956565656
729 mod (98219) = 75149 756 mod (98219) = 67665
6766529 mod (98219)
40912
7514956 mod (98219)
40912
7N mod (98219)
75149
7N mod (98219)
67665
![Page 28: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/28.jpg)
A Mathematical Genius?!
•Whitfield Diffie is best known for his 1975 discovery of the concept of Public Key Cryptography
![Page 29: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/29.jpg)
Rivest Shamir Adleman
![Page 30: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/30.jpg)
Types of AlgorithmsPublic Key (Asymmetric Encryption)
encryption decryption
M ciphertext ciphertext MEncpubkey Decprivkey
sender receiverprivkeyprivkeypubkeypubkey
![Page 31: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/31.jpg)
encryption decryption
M ciphertext ciphertextEncpubkey Dec
privkeyprivkey
pubkey
pubkeypubkey
Types of AlgorithmsPublic Key (Asymmetric Encryption)
sender receiverpubkeypubkey
![Page 32: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/32.jpg)
encryption
decryptionM ciphertext
ciphertext TRASH!TRASH!
Encpubkey
Dec
pubkeypubkey
pubkey
Types of AlgorithmsPublic Key (Asymmetric Encryption)
sender receiverpubkeypubkey privkeyprivkey
pubkeypubkey
![Page 33: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/33.jpg)
Encryption and Decryption
The following identity must hold true
D(C) = M, where C = E(M)
M is the message, E is encryption, C is Ciphertext, D is decryption
Jna fq Jna fq
h5tunh5tun
b89d`b89d`
58jdf[58jdf[
835gj835gj
EE DDM
CCM
![Page 34: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/34.jpg)
Secret Key Cryptography
K is the secret key shared by both the
sender (S) and receiver (R)
S R
Jna fq Jna fq
h5tunh5tun
b89d`b89d`
58jdf[58jdf[
835gj835gj
EE DDM
CCM
K K
Symmetric EncryptionSymmetric EncryptionSymmetric EncryptionSymmetric Encryption
![Page 35: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/35.jpg)
Public Key Cryptography
KR(pub) is Receiver’s public key and KR(pri)
is Receiver’s private key
S R
Jna fq Jna fq
h5tunh5tun
b89d`b89d`
58jdf[58jdf[
835gj835gj
EE DDM
CCM
KR(pub) KR(pri)
Asymmetric EncryptionAsymmetric EncryptionAsymmetric EncryptionAsymmetric Encryption
![Page 36: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/36.jpg)
![Page 37: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/37.jpg)
• RSA works by using a mathematical function
that is (comparatively) easy to compute while encrypting, but very difficult to reverse without knowing the private key
• RSA works by selecting two large prime numbers
![Page 38: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/38.jpg)
RSA Key Generation
• Pick large random primes p,q
• Let p*q = n and =(p-1)(q-1)
• Choose a random number e such that: 1<e< and gcd(e, )=1 (relative primes)
• Calculate the unique number d such that 1<d< and d*e 1 (mod ) (d is inverse of e)
• The public key is {e,n} and the private key is {d,n}
• The factors p and q may be kept private or destroyed
![Page 39: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/39.jpg)
Pierre de Fermat
• Discovered that—if you use a prime number for the modulus, then raising a number to the power (prime-1) is always 1 m(p-1) mod p = 1 According to Fermat, this works with any prime
number p and any positive m that’s less than p, therefore 1 < m < p
• What is 710 mod 11
![Page 40: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/40.jpg)
Leonhard Euler (pronounced “Oiler”)
• Discovered Fermat’s relationship held true when using the product of two primes as the modulus n = pq m(p-1)(q-1) mod n = 1 Works so long as p and q are relative prime to
one another
• If p = 11 and q=5, what is [m(p-1)(q-1) mod 55] ?
![Page 41: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/41.jpg)
So...
Fermat: mFermat: m((pp-1)-1) mod mod pp = 1= 1
mm((pp-1)(-1)(qq-1)-1) mod mod nn = 1 = 1Euler:Euler:
![Page 42: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/42.jpg)
So...
Fermat: Fermat: mm((pp-1)-1) mod mod pp = = 11
Euler: Euler: mm((pp-1)(-1)(qq-1)-1) mod mod nn = 1 = 1 mm((pp-1)-1) mod mod ppmm((pp-1)(-1)(qq-1)-1) mod mod nn
==
![Page 43: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/43.jpg)
RSA Key Generation
• Pick large random primes p,q p = 5, q = 11
• Let p*q = n and =(p-1)(q-1) The encrypting modulus n = pq = 55
= (p-1)(q-1) = (4)(10) = 40
+ 1 = e * d (we’re looking for both e and d)
41 = e * d (but no two number multiplied together equal 41)
41 is prime but, using modular math — 41 becomes 1 mod 40
e * d = 1 mod 40
![Page 44: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/44.jpg)
RSA Key Generation
• We’ll use 3 for e
• 3 * d = 1 mod 40 Using Extended Euclidian algorithm, d = 27
![Page 45: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/45.jpg)
Encrypting Using RSA (Review)
• Step 1: generate two prime numbers, p and q
• Step 2: Combine the primes n=pq • Step 3: Combine the primes another way,
=(p-1)(q-1)• Step 4: Using , generate a key pair, e and d• Step 5: Using e, d, and n, encrypt and
decrypt
![Page 46: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/46.jpg)
RSA Mechanical Overview
• Basically Alice: me mod n → c Bob: cd mod n → m
![Page 47: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/47.jpg)
• Lets encrypt the letter “G” (for Gary) For simplicity sake, we’ll represent “g” as 7, the
7th letter of the alphabet
• So, 7public key * encrypting modulus 73 * mod 55 = 13
• To decrypt, 13private key * encrypting modulus 1327 * mod 55 = 7
Encrypting/Decrypting, Step—by—Step
![Page 48: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/48.jpg)
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Personal Security 7.0.3
mQGiBDtsK/URBAD+OujjPRvMu22fq9T78fRA2ijOzzKH9HeXHZ81x8C3D/wJF7ea
1ToD42sk6kV6+fcI2JGV4YrApXkzu7TfmU8T5eUxPsk4YY7q4ZP7JCmTVwPWeROJ
ZH6QHjyBQUm792trCFbmuOl+t5PjY8TZwBBo4Hrm/kvgex+OfqzZEi4hlwCg/2YV
HCcvjAKa/tfDgaq9ei9NZW8D/0WiVnOqZUSqlBfG69oi0PGWtRXiJqIKsZj6Ljtw
qtxk3W5G+BqWOcI+Az3m2pGoaXzlz7z9n1iDx0ZufNzLu38/wh9FZe86817V9Y8X
jvSTf0UY/T7+BbMNF1OquUz9BaSis+a6tvsoF1Ya/657IkLhCO4CEHOc+eggFtkV
r+0eBACfHMZ4x5dxj+YtOV5eN5gxQcyjAB2NFBj+GFnBV2wezX3D6TaHpx3VwEZh
AHDeSLySoRs6bmhmd16mVdsgE/u5Em49Sc1Y59WzJGwfKAis6hHhDt4Htyhum281
impMbkEZAxIgbQplWoUivxk8LwuLjMfrfdq0+WWeLF4fJUGWBLQkR2FyeSBKIFBv
cnRlciA8cG9ydGVyQGRpZ2l0YWxtZS5jb20+iQBYBBARAgAYBQI7bCv1CAsDCQgH
AgEKAhkBBRsDAAAAAAoJENkIAq1B47uW7F8AoNfRgtp+9IYs/gpcLxT8XVlul54f
AKDH6bA2D4CR2l1sxW71RFIWEMX+CrkCDQQ7bCv1EAgA9kJXtwh/CBdyorrWqULz
Bej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHT
UPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq
01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O
9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcK
ctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TIL
OwACAggA7WTvMQ0WgywmeT2+ZdQTio1UvBtkLZTV5PBTWLnMXhSAL+JIY2D4xnP4
Coh+Mf2PuZ6c4IxpFVF/ywnekW2wX53qqWV0tjbTcbQ7lwkg276hQPUOfWU7UaZn
cyxFznRPc2OiO6SpzIpcVHY1nJ8uLOvhSTU67vTOonNri5zlR/ev91SPK1azTjtQ
W7jqb+v2z72Lxh/BgtDiFld8cXMmbHYdjZ9cPpW0JsKZ+tBwl2SsJXtopst4PYmw
2hoLYA0DS+Q0X8OIxROLxQXqinEaKhjP+s6XU+q9x85McR9mT8HaCdliE1W0yToL
2dLHnwEKBBDN5vLi8+SnHjTRNU/b7IkATAQYEQIADAUCO2wr9QUbDAAAAAAKCRDZ
CAKtQeO7luHBAJ45z2IW9D0g/2pZVSHFwzTsDOob3QCg+6rozdE+M57CTDNQE5Ay
uoxxTWE=
=DeGR
-----END PGP PUBLIC KEY BLOCK-----
Gary J Porter’s PGP Public Key
![Page 49: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/49.jpg)
An eDirectory Public Key
![Page 50: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/50.jpg)
An eDirectory Private Key
![Page 51: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/51.jpg)
Novell International Cryptographic Infrastructure (NICI)
• NICI is a layered, hierarchical infrastructure which divides cryptographic functionality among three distinct layers
• NICI is a modular architecture that allows new cryptographic algorithms to be added without bringing the server down
• NICI modules are cryptographically signed for protection and for module authentication
• When government regulations concerning the use and exportation of cryptography change, only NICI needs to change to support the new regulations
• NICI provides an API set that offers a consistent interface for application developers to use and deploy cryptography within their applications
![Page 52: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/52.jpg)
NICI Architecture
XIMXIM
XENGXENG
NICI—Novell International Cryptographic Infrastructure
XSUP – Cryptography Library XENG – Cryptography Manager XMGR – Cryptography Engine XLIB - Cryptography Engine Support
XIM - Cryptography Interface Manager
XSUPXSUPXMGRXMGR XLIBXLIB
CCS APICCS API
![Page 53: Www.novell.com The Secrets of Keeping Secrets Gary J Porter Senior Network Analyst MindWorks, Inc. of Kentucky porter@digitalme.com](https://reader036.vdocuments.net/reader036/viewer/2022081512/56649e9e5503460f94b9f811/html5/thumbnails/53.jpg)