Introduction to Encryption

Transcription

1 Computers and Society Introduction to Encryption Chris Brooks Department of Computer Science University of San Francisco Department of Computer Science University of San Francisco p.1/35

2 3-0: Terminology Code Replacement based on words or semantic structures Each word has a corresponding code word. Department of Computer Science University of San Francisco p.2/35

3 3-1: Terminology Code Replacement based on words or semantic structures Each word has a corresponding code word. Code has many other meanings we ll be interested in... Department of Computer Science University of San Francisco p.3/35

4 3-2: Terminology Code Replacement based on words or semantic structures Each word has a corresponding code word. Code has many other meanings we ll be interested in... Cipher Replacement based on symbols Each letter is mapped to another letter. Department of Computer Science University of San Francisco p.4/35

5 3-3: Terminology Cryptography The science of encrypting or hiding secrets Cryptanalysis The science of decrypting messages or breaking codes and ciphers Cryptology The combination of the two. Department of Computer Science University of San Francisco p.5/35

6 3-4: Applications Why might someone want to use encryption? Department of Computer Science University of San Francisco p.6/35

7 3-5: Applications Why might someone want to use encryption? Military uses Protect business secrets Protect financial information (credit card numbers, etc) Protect communication from unauthorized access Protecting stored data Department of Computer Science University of San Francisco p.7/35

8 3-6: Applications Why might someone want to use encryption? Authenticating payment or permission More flexible payment schemes (digital cash) Protecting intellectual property Espionage/sabotage Others? Department of Computer Science University of San Francisco p.8/35

9 3-7: More Terminology Plaintext - an unencrypted message Ciphertext - an encrypted message An encryption scheme will depend on being easy to generate ciphertext from plaintext, but hard to generate plaintext from ciphertext. Department of Computer Science University of San Francisco p.9/35

10 3-8: More Terminology Symmetric-key encryption Also called secret key encryption One key is used for both encryption and decryption Asymmetric key encryption Also called public key encryption Complementary keys are used to encrypt and decrypt Department of Computer Science University of San Francisco p.10/35

11 3-9: Three eras of cryptology Pre-WWII Cryptography as a craft Widely used, but not mathematically rigorous 1940s-1970 Secret key encryption introduced Mathematical techniques developed to characterize how secure a cipher was present Public key systems developed Department of Computer Science University of San Francisco p.11/35

12 3-10: Early cryptography Caesar cipher (shift cipher) Replace each letter with +3 mod 26 Attack at dawn becomes Dttdfn dw gdzq Two components: Algorithm: shift each letter by a fixed amount Key: The amount to shift each letter. Knowing the algorithm (but not the key) makes this cipher easy to crack. How many possible plaintexts does Dwwdfn dw gdzq have? Department of Computer Science University of San Francisco p.12/35

13 3-11: Weaknesses of the Caesar Cipher Word structure is preserved. An attacker could notice that dw is a two-letter word, so either d or w must be a vowel. Solution: Break message into equal-sized blocks. dww dfn dwg dzq Department of Computer Science University of San Francisco p.13/35

14 3-12: Weaknesses of the Caesar Cipher Letter frequency is a big clue e,t,a,o are the most common English letters. Using a single key preserves frequency. Solution: use multiple keys E.g. shift first char by 3, second by 5, third by 7. Attack at dawn becomes dva dhr dvk dbu Better, but there is still frequency information present. An attacker that knows the block size can determine which characters were encoded with each key. Department of Computer Science University of San Francisco p.14/35

15 3-13: Caesar cipher The Caesar cipher is still useful as a way to prevent people from unintentionally reading something. ROT-13 By taking action to decrypt, the user agrees that they want to view the content. Fundamental problem with Caesar cipher: message is longer than the key. Department of Computer Science University of San Francisco p.15/35

16 3-14: Vernam Cipher 1920 s: introduction of the one-time pad. Message represented as a bitstring Randomly generated key Same length as message XORed with message Theoretically unbreakable Attacker can do no better than guessing Ciphertext gives no information about plaintext. Department of Computer Science University of San Francisco p.16/35

17 3-15: Vernam Cipher Example: winning lottery number is (7 bits) Randomly generated key: XOR: No two bits are encoded with the same mapping An attacker has no frequency information to help guess the key. Problem: keys are very large. New key is needed for each message. How to distribute these keys? Shared source of randomness? Department of Computer Science University of San Francisco p.17/35

18 3-16: Symmetric Key Encryption Caesar cipher and the one-time pad are examples of symmetric key (secret key) encryption. Same key used to encrypt and decrypt. All users share key. Advantage: Very fast Disadvantage: How to securely distribute keys? Department of Computer Science University of San Francisco p.18/35

19 3-17: Enigma Enigma was developed in the 1920s by the German Navy Symmetric-key cipher Used internal rotors to choose key and encrypt Different permutations of the rotors produced different keys Manual indicated starting positions of plugboard and rotors To decode a message, one needed: An Enigma machine Knowledge of the starting position of the rotors and plugs. In other words, both the key and the algorithm should be secret. Department of Computer Science University of San Francisco p.19/35

20 3-18: Enigma After the capture of a German U-boat, British scientists were able to crack the Enigma. Primary work done by Alan Turing British would intercept encoded messages and compare them to past messages to determine the starting configuration. 150,000,000,000,000 possible starting positions Cracking the Enigma codes was one of the key turning points in WWII. Department of Computer Science University of San Francisco p.20/35

21 3-19: Public Key Encryption More sophisticated secret-key techniques were developed throughout the 50s and 60s. Problem: How to securely distribute the keys? Symmetric key encryption works nicely for repeated communication. Difficult for one-shot communication, signatures. Department of Computer Science University of San Francisco p.21/35

22 3-20: Public Key Encryption Public key encryption is based on the idea that a user has two keys: A public key which is shared with everyone A private key that is kept secret A message that is encrypted with the public key can only be decrypted with the private key. A message that is encrypted with the private key can only be decrypted with the public key. Department of Computer Science University of San Francisco p.22/35

23 3-21: Encrypting and signing If Alice encrypts a message with Bob s public key, she can then send it to him securely. Only someone with Bob s private key can decrypt the message. This is sometimes called authentication If Alice encrypts a message with her private key and sends it to Bob, Bob can use Alice s public key to verify that it actually came from Alice. Only someone with Alice s private key could encrypt this message. This is called a digital signature Department of Computer Science University of San Francisco p.23/35

24 3-22: Public Key Encryption Public key encryption has the following advantages: Can be used for one-shot communication Can be used to digitally sign a message Disadvantage: More computationally expensive that secret key encryption. We ll dig into the algorithms more in future lectures Department of Computer Science University of San Francisco p.24/35

25 3-23: Legal Issues with Encryption Encryption and its use has been a controversial topic for many years. For many years (until late 90s), encryption algorithms were classified as munitions. This led to secure encryption algorithms being subject to export control. Companies had to develop two versions of their software, one for domestic use and one for export. You might have seen T-shirts saying This T-shirt is a munition print pack"c*",split/\d+/, echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*" )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLaˆ*lN%0]dsXx++lMlN/dsM0<J]dsJxp" Department of Computer Science University of San Francisco p.25/35

26 3-24: Legal Issues with Encryption An early case was the development of PGP in Free public key encryption system. Given away on the Internet. The US government felt that this was de facto export. Zimmermann argued that this was a free speech/privacy issue. Department of Computer Science University of San Francisco p.26/35

27 3-25: Legal Issues with Encryption US companies found it difficult to compete with foreign companies. Electronic commerce was developing - encryption essential. Less secure techniques had to be used. Multiple versions of a product developed. Most businesses just developed the weakest version of a product. 1995: Netscape s international encryption scheme (40 bit) broken. Department of Computer Science University of San Francisco p.27/35

28 3-26: Legal Issues with Encryption Controls weakened by late 90s. Combination of business pressure and legal challenges. Is encryption (or comuter code) a form of speech? Can academics write papers about research developments? 1996: Computer code ruled to be speech. 2000: US government drops most export restrictions. Department of Computer Science University of San Francisco p.28/35

29 3-27: Legal Issues with Encryption Why was US government so resistant? Strong crypto already available abroad. Extra work for NSA - more potential messages to be decoded. Prevent the adoption of standards Also eases NSA s job Export rules required companies to disclose techniques to NSA, making them easier to crack. Department of Computer Science University of San Francisco p.29/35

30 3-28: Clipper Chip 1993: US government announces development of Clipper Chip. Uses a system known as key escrow. A copy of your private keys are kept with a third party. These keys could be accessed with a court order. Intended government standard for computer and telephone communications. Department of Computer Science University of San Francisco p.30/35

31 3-29: Clipper Chip Actual algorithm kept secret. No one could use it without providing keys to escrow agents. Dropped due to technical flaws and political opposition. Replaced with key recovery schemes Also useful if keys are lost. Mostly voluntary. Department of Computer Science University of San Francisco p.31/35

32 Secrecy As a government tool Evaluating algorithms Public vetting has proved quite helpful at testing security schemes. Potential back doors Violation of constitutional rights. 3-30: Issues Department of Computer Science University of San Francisco p.32/35

33 3-31: Issues Policies for new technology Legal standards were in place for tapping phones and reading mail. Law enforcement can also get a list of phone numbers that are called. Is this the same as an header? Is the same as a phone conversation? Rapid change in technology changes what is considered secure Department of Computer Science University of San Francisco p.33/35

34 3-32: Trust in Government The essential tension is between providing government with the tools to protect us and keeping them from the tools to oppress us. One s view of government affects where you stand in this debate. Department of Computer Science University of San Francisco p.34/35

35 3-33: Examples PGP is used by white supremacists to coordinate illegal activity. Journalists documenting human-rights abuses use PGP to encrypt their stories. Drug dealers use PGP to encrypt details of payment transfer. Political activists use PGP to coordinate demonstrations Department of Computer Science University of San Francisco p.35/35