Why Cryptography

  • Uploaded by: chand123123
  • 0
  • 0
  • July 2020
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View Why Cryptography as PDF for free.

More details

  • Words: 667
  • Pages: 21
Why Cryptography ❚ Because it is Private ❚ It’s not anyone else’s business ❚ You must protect yourself Quadralay Cryptography Archive

Internet Privacy Coalition

Crypto-Log

Paradigm Shift ❚ Telephone network ❙ Owned by few ❙ Effectively managed

❚ Traditional LAN ❙ Owned by an organization ❙ Centrally managed

❚ The Internet ❙ No one owns it ❙ Management anarchy

Therefore, cryptograph y is important!!

Internet Reality ❚ ❚ ❚ ❚ ❚

Anyone can be intercepting your data Ethernets are easy to “spy” on Most of today’s attacks are kids Professionals are coming Many internet links travel on microwaves

Americans for Computer Privacy

Cryptography ❚ Art of enciphering information to render it meaningless to all but a few ❙ It is still an “art”

❚ Third oldest profession ❙ After tattoo artistry The Center for Democracy and Technology

Secret Key Cryptosystems “Conventional” ciphers use the same key for encryption and decryption

Secret Key Cryptosystems (Real Audio)

Public Key Cryptosystems “Public key” ciphers use a pair of keys (one public, one private)

Public Key Cryptosystems (Real Audio)

Problems of Cryptography ❚ ❚ ❚ ❚

Develop cryptographic algorithm Generate “strong” keys Distribute keys securely Develop protocol for interaction Security Pitfalls in Cryptography

Develop Algorithms ❚ Easiest step: ❙ Don’t do it!

❚ If you must… ❙ Spend 10 years breaking other people’s algorithms ❙ Get other people to attack your design

❚ Plenty of good algorithms exist ❙ People are busy attacking them

ALGORITHMS ❚ DES ❙ IBM/NSA - 56bit keys (dented, but not broken)

❚ IDEA ❙ 128 bit keys; not feasibly broken by brute force

❚ RC-5 ❙ Can be licensed from RSA data security ❙ Used by many commercial products

Problems of Cryptography ❚ ❚ ❚ ❚

Develop cryptographic algorithm Generate “strong” keys Distribute keys securely Develop protocol for interaction Security Pitfalls in Cryptography

Generate Strong Keys ❚ Very hard, many systems attacked this way ❙ Netscape (10/95) ❙ Kerberos (2/96)

❚ Cryptographic “random” numbers have to be unpredictable ❚ Tighter requirements than for statistical uses ❚ Computers are VERY VERY NON-random devices

Problems of Cryptography ❚ ❚ ❚ ❚

Develop cryptographic algorithm Generate “strong” keys Distribute keys securely Develop protocol for interaction Security Pitfalls in Cryptography

Distribute Keys ❚ Another way to crack systems ❚ Interception of keys in transit, or storage

Problems of Cryptography ❚ ❚ ❚ ❚

Develop cryptographic algorithm Generate “strong” keys Distribute keys securely Develop protocol for interaction Security Pitfalls in Cryptography

Develop Protocol Careful not to negotiate insecurity Example: Cannot ask untrusted endpoint for name of authentication domain • Until you have a secure association, you can’t negotiate security

Internet Security Principles ❚ Protect yourself ❚ Help others ❚ Remember which of these is first!! Competing Internet Privacy Initiatives (Real Audio)

DES

Data Encryption Standard

❚ Developed by IBM, refined by NSA ❚ 56 bit keys, 64 bit blocks ❙ OK for 1977, but a little short today

❚ “Dented” but not broken ❚ Key length too short for much longevity ❙ Brute force can be used successfully

❚ Fast in hardware, slow in software

IDEA

International Data Encryption Algorithm

❚ Developed by Xuejia Lai and James L. Massey of ETH Zurich ❚ Published in 1990, 128 bit keys ❚ Fast in software ❚ 128 bit keys can not feasibly be broken by brute force ❙ Would require all the energy output of the earth for 500-600 years

❚ Patented, but licensing not difficult

3DES

Triple DES

❚ Three passes of DES ❙ Encrypt with key 1 ❙ Decrypt with key 2 ❙ Encrypt with key 3

❚ ❚ ❚ ❚

Has 112 bits of strength Slow (3 times DES) Freely available (no patent issues) Very strong ❙ Could follow with IDEA encryption

RC5 ❚ Ron Cipher #5 ❚ Trade secret ❙ Publicly released ❙ Reverse engineering partially successful

❚ Very fast stream cipher ❚ Variable key length ❚ Believed to be “good” but only recently studied ❚ Can be licensed from RSA data security ❚ Used by many commercial products

Related Documents

Why Cryptography
July 2020 3
Cryptography
November 2019 40
Cryptography
May 2020 19
Cryptography
May 2020 12
Cryptography
October 2019 30
Cryptography
June 2020 22

More Documents from ""

Overview Of E-mail
July 2020 2
Why Cryptography
July 2020 3
Symmetric Encryption
July 2020 5