The Role of Cryptography in Cyberscurity. International Colloquium on ICT 19 November 2014, Brussels

Transcription

1 The Role of Cryptography in Cyberscurity International Colloquium on ICT 19 November 2014, Brussels

2 Cybersecurity

3 Cyberspace

4 Cyberspace is becoming the real space

5 Hackers of the 1980 s, 1990 s

6 Advanced Persistent Threats of 2010 s

7 Communications security Basic Internet protocols do not have adequate security o TCP/IP o DNS Reluctance to modify successful protocols In theory, however, these problems can be solved

8 Computer security Data at rest o Database security o OS security Secure execution o basic PC components do not have adequate security o Sandboxing o Correctness of execution Difficult problems, even in theory

9 Data confidentiality Eve Alice Bob

10 Entity authentication Hello, I am Alice Eve Bob

11 Data authentication

12 Nonrepudiation (origin) Alice

13 Nonrepudiation (receipt)

14 Denial of service

15 Cryptography: the setup E #!C& #!C& D

16 Kerckhoffs principle A cryptosystem should be secure, even if everything about the system, except the key, is public knowledge

17 Perfect secrecy: One Time Pad Red telephones Fresh random symbol added to each data symbol Problems: Production of random symbols Transport

18 Non-perfect security Short key Expansion Random-like sequence (to replace true randomness)

19 Conventional cryptography Partners share a short secret key Public algorithms provide confidentiality, authentication Military and government applications Communication points are known and fixed What if this is not the case? o E.g. commercial environments

20 Limitation of symmetric cryptology Reduce security of information to security of keys But: how to establish these secret keys? o cumbersome and expensive o or risky: all keys in 1 place Do we really need to establish secret keys?

21 Shamir s 3-pass protocol

22 Asymmetric cryptography

23 Asymmetric mathematics Easy problem : find integer numbers x, k satisfying = x + k Difficult problem : find integer numbers y, l satisfying 17 y = 811+ l Discrete logarithm problem o Computationally infeasible when prime number >

24 Diffie-Hellman key agreement protocol Alice and Bob agree on large prime number and on base z Alice generates a, Bob generates b, computes A = z a A computes B = z b Alice computes K a = B a B Bob computes K b = A b K a = B a = z ba = z ab = A b = K b Alice and Bob compute the same key! Eve sees only A, B

25 Asymmetric encryption: the principle Store A, B, in a public database When sending message to user: 1. Generate random x 2. Obtain U from public database and compute K u = U x 3. Encrypt message with symmetric cryptography using K u 4. Transmit encrypted message and X = z x User computes X u = K u and decrypts message

26 Asymmetric encryption: the application Everyone can encrypt messages Only one person can decrypt o Using the private key We don t need to transmit or share secret keys We only need to share public keys Public-key cryptography

27 Asymmetric encryption: caveat How can we be sure that A is indeed the public key of Alice? How can we be sure that any digital document is not forged or modified? o Data authentication

28 Data authentication Can t attach a scan of hand-written signature Electronic signature should be different for every new document o Only way to avoid cut-and-paste Desired properties?: o Only one person can create signature o Everyone can verify the signature Sounds familiarly asymmetric?

29 Digital signature Asymmetric encryption backwards In order to sign message m: o Use private key to decrypt message m o Output = signature s In order to verify signature s on message m o Use public key to encrypt s and check if m reappears (Details may vary)

30 Electronic signatures The law distinguishes: 1. Electronic signatures o Basically, anything that is electronic 2. Advanced electronic signatures o Should use asymmetric cryptography 3. Qualified electronic signatures o Should use asymmetric cryptography o Hardware must guarantee that private key remains private

31 Guarantee correctness of signature

32 Guarantee correctness of public key Put the public key in a file, together with information allowing to uniquely identify the owner Mr. Jan Peeters of Peeters Book shop Has public key 12A5678. Signed, Yvo Bros Some official Place an electronic signature on the file

33 Certificate chain Now we only need to guarantee the correctness of the key that was used to sign the certificate ;-) Home office Clark at the city hall Peeters Book Shop

34 Public Key Infrastructure (PKI)

35 Root key Endpoint of the chain must be authenticated by different means Easy in closed environments o Root key is initialized during set-up Difficult in open environments o No clear hierarchy o Root keys trusted by the browser, the OS,

36 Applications of cryptography Authenticity of software updates, of web sites (https), DNSsec, IPsec, o Digital signatures Strengthening of password-based mechanisms o Diffie-Hellman techniques Trusted computing & Remote attestation o Digital signatures with extra properties

37 Cryptography complicates Packet-filter firewalls o Because the packets are encrypted Recovery of data when people leave the organization or forget their password Law-enforcement access Tuning

38 Most common cryptography problem Cryptography decreases processing speed o Often not in a significant way! Changing standard cryptographic mechanisms in order to improve performance is usually a BAD IDEA o WEP (IEEE ) o Debian (Linux) key generator o

39 Cryptographic protection works only if Software vendor, website owner, update timely their cryptographic algorithms o Some industry code is not upgradable People don t install software without valid electronic signature o Cf. phishing s No false root keys have been installed

40 Conclusion Communication security in closed environment Open environment Computer security Fool-proof