Outline. Digital signature. Symmetric-key Cryptography. Caesar cipher. Cryptography basics Digital signature

Transcription

1 Outline Digital signature Cryptography basics Digital signature Dr. László Daragó, Ph.D. Associate professor Cryptography Cryptography encryption decryption Symmetric-key Cryptography Encryption with a key Decryption with the same key Data encrypted and decrypted with same key knowledge on the encrypting key means knowledge about the decrypting key Alphabet Caesar cipher ABCDEFGHIJKLMNOPQRSTUVWXYZ Shifting with 3 positions: DEFGHIJKLMNOPQRSTUVWXYZABC, ABCDEFGHIJKLMNOPQRSTUVWXYZ DEFGHIJKLMNOPQRSTUVWXYZABC encrypted: QXUVH Word: nurse 1

2 Symmetric key Cryptography Remember: Enigma To kill the Queen you shall not having fear is good if you all agree I won't be against it. To kill the Queen you shall not, having fear, is good, if you all agree, I won't, be against it. Symmetric key Cryptography The message and the key must not be sent together (they may be captured). Courier carrier pigeon detach Symmetric-key Cryptography: Drawbacks How do the parties get the shared, secret key? How do we transmit this or establish it securely? Must have some secret or offline way of sending the secret. This is really hard to do in some situations You could read it to them over the phone, but someone could be tapping your phone in addition to your internet connection. How can we both get the shared secret? Symmetric key? Asymmetric key pair! Asymmetric or Public Key Cryptography Each user has a key-pair, consisting of a public and private key. Anything encrypted with one key may only be decrypted by the other. To make message readable only by B, encrypt message using B's public key Public key cryptography (asymmetric key cryptography) Encryption with public key Decryption with private key 2

3 Key pairs? Fermat s small theorem T N mod N = T Private key: e & N Public key: d & N Pierre de Fermat ( ) 1665) N e * d e=3, N=15 d=11, N= mod 15= mod 15=8 T e mod N = R R d mod N = T p=271 q= N= (= p*q) let m=(p-1)*(q-1), then exist e and d, where e*d=k*m+1, that is e*d mod N=1 Asymmetric Cryptography The complexity of the decryption is proportional to the length of the key in bits. To break up a 128 bits key, we need approximately ~ tries. If our computer has run 1 billion tries pro seconds, we need years. There are 2048 bit length keys also Where we are now We can send coded messages without having to establish any shared secret keys between us ahead of time. There s another exciting application of this technology from the fact that Public and Private keys can be used to decode one another (no matter which is used to encode in the first place). But why would someone code a message with their private key. Anyone in the world could use their public key to decode it Asymmetric key: trouble at application But there s a problem The Encoding/Decoding step for public/private key cryptography is really slow. For secret agents and governments and people who really care about the secrecy of their message, this isn t a big deal. But for a lot of people who d just like a digital signature, this slowness almost makes it not worthwhile to use the technology. A useful solution Digital signature Mixing symmetric and asymmetric key crypto technology. Encrypt with a symmetric key and encrypt the symmetric key itself with a public key. Send them all. Then decrypt the symmetric key with the private key and use symmetric decryption. 3

4 Evidence A signature authenticates a writing by identifying the signer with the signed document. When the signer makes a mark in a distinctive manner, the writing becomes attributable to the signer Ceremony The act of signing a document calls to the signer's attention the legal significance of the signer's act, and thereby helps prevent inconsiderate engagements Signing writings Approval In certain contexts defined by law or custom, a signature expresses the signer's approval or authorisation of the writing, or the signer's intention that it have legal effect Efficiency and logistics A signature on a written document often imparts a sense of clarity and finality to the transaction and may lessen the subsequent need to inquire beyond the face of a document A signature must have the following attributes Signer authentication A signature should indicate who signed a document, message or record and should be difficult for another person to produce without authorisation. Document authentication A signature should identify what is signed, making it impracticable to falsify or alter either the signed matter or the signature without detection. Affirmative act The affixing of the signature should be an affirmative act which serves the ceremonial and approval functions of a signature and establishes the sense of having legally consummated a transaction. Efficiency Optimally, a signature and its creation and verification processes should provide the greatest possible assurance of both signer authenticity and document authenticity, with the least possible expenditure of resources. Handwritten vs. Digital signature Handwritten vs. Digital signature Easily falsifiable with some practice. Shameless person can forswear. It attached to the signed document physically, not logically. It authenticates the paper, not the content of the text. It can be falsified only in the possession of the private key. A successfully decrypted digital signature cannot be forsworn. The signature is part of the document. It authenticates the content, not the carrier material. The document can be modified after signing, supposing, that the signer does not get a copy after the modification. Only paper based document can be signed. Every copy has to be authenticated on official way. The checking procedure signal detects the after-sign modifications. Any digital file can be sign by digital signature ( , picture, sound, multimedia). Any copy of a digitally signed document equals to the original. The meaning of DS. Using Public-Key Crypto for Strong Authentication Switch the roles of the keys Encrypt with Private key ("signing") Decrypt with Public key ("verifying" ) Anyone (B) can read the message, But only A could have generated it Digital Signature: realising Encryption with the private key Transfer together attach #4] & #4] detach Same algorithm #4] Decryption with the public key 4

5 Cryptography & digital signature Encryption with the public key Encryption with the private key Decryption with the private key attach #4] & #4] Decryption with the public key Transfer together detach #4] Digital signatures are created and verified by cryptography as "public key cryptography," which employs an algorithm using two different but mathematically related "keys;" one for creating a digital signature or transforming data into a seemingly unintelligible form, another key for verifying a digital signature or returning the message to its original form. computer equipment and software utilising two such keys are often collectively termed an "asymmetric cryptosystem." A Digitally Signed Message (PGP) -----BEGIN PGP SIGNED MESSAGE----- Dear Alice: I'm getting very tired of cryptographers talking about us behind our back. Why can't they keep their noses in their own affairs?! Really, it's enough to make me paranoid. Sincerely, Bob -----BEGIN PGP SIGNATURE----- Version: iqb1awubl4xfs2f2hfbsu7rpaqeqsqmavo3meturtunlblzcj9/ U8oOQg/T7iQcJvzMedbCfdR6ah8sErMV+3VRid64o2h2XwlKAWpf VcC+2v5pba+BPvd86KIP1xRFIe3ipmDnMaYP+iVbxxBPVELundZ Zw7IRE=Xvrc -----END PGP SIGNATURE----- Hash function is used in both creating and verifying a digital signature is an algorithm which creates a digital representation or "fingerprint" in the form of a "hash value" or "hash result" of a standard length which is usually much smaller than the message but nevertheless substantially unique to it. Any change to the message invariably produces a different hash result when the same hash function is used What can be hash / digest An essence of the signed object, it can be Text (abcdef > residuum of sum of the ASCII codes divided by 255) Image (multiplication of every 100th pixel) Sound (sum of every 1000th bit of a digital sound) Multimedia (sum of every 1 million bits) Two substantial processes Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key. 5

6 Private key known only to the signer used to create the digital signature Public key more widely known and is used by a relying party to verify the digital signature the public key must be available or distributed to all of partners, perhaps by publication in an on-line repository or directory where it is easily accessible Verify a Public Key How can we know that the public key we look up for someone really is the correct public key for that person. (And not just some key put up by an imposter who s pretending to be Bob Smith.) Well, there s companies that make a big business out of this. They keep secure registries of listings of actual people and corporations and store a copy of their official public key. You can go to this trusted company and know you re getting the right public key for Bob Smith. Prescription Closing report etc. Although the keys of the pair are mathematically related, if the asymmetric cryptosystem has been designed and implemented securely it is "computationally infeasible to derive the private key from knowledge of the public key. Thus, although many people may know the public key of a given signer and use it to verify that signer's signatures, they cannot discover that signer's private key and use it to forge digital signatures. This is sometimes referred to as the principle of "irreversibility." That s All Folks! 6