can mathematics secure electronic commerce ?

Can Mathematics Secure

Electronic Commerce ?

Dr Keith Martin

Information Security Group

Department of Mathematics

Royal Holloway

keith.martin@rhul.ac.uk

Activities at Royal Holloway

The Information Security Group at Royal Holloway:

• Part of the Mathematics Department

• One of the largest academic information security groups in the

world with 21 staff, 7 visiting professors, and 48 research

students

• Conducts research into areas such as design and analysis of

cryptographic protocols, smartcards, electronic commerce,

security management, integration of security into applications

• Maintains close links and performs contract research and

consulting for leading security companies and security users

The Information Security Group runs an MSc in Information

Security.

In 2005:

• 180 students on campus

• 100 e-learning students

Graduates from these MSc courses are gaining employment as

IT security professionals throughout the World in sectors such

as finance, telecommunications, computing, etc etc

So...

Can Mathematics

Secure Electronic Commerce?

Some questions

• What is electronic commerce anyway?

• What does secure mean?

• What’s mathematics got to do with it?

Agree or disagree ?

I have taken part in electronic commerce

Electronic commerce is �.

Buzz buzz buzz.. but what is it?

“ the exchange of information across electronic

networks, at any stage in the supply chain,

whether within an organisation, between

businesses, between businesses and consumers,

or between the public and private sectors,

whether paid or unpaid”

Department of Trade and Industry

Where’s it all coming from?

Mobile

TelecomsPSTN

Private

networks

Broadcast

INTERNET

Cable

?

Portable

computing Ambient

computing

Satellite

What’s the big deal ?

E-commerce

• destroys market entry barriers

– geographic, practice, scale

• improves efficiency

– reduces overheads and costs

• creates new markets

– travel, entertainment, supermarkets, financial services

• has dramatic growth potential

A Typical Graph

0

200

400

600

800

1000

1200

1400US $ Billions

1998 1999 2000 2001 2002 2003

Year

Business to Consumer Business to Business

Agree or disagree ?

It is safe to buy goods over the

Internet

A matter of trust

• Fraud - abuse or misuse of data

• Privacy - the mechanism by which users contain control

over their own data

• Content - access to material, intellectual property rights

• Liability - the legal framework

• Redress - resolution of disputes

Five issues that lead to lack of confidence in e-commerce:

Fraud

Is the seller authentic?

Will my payment be

safe?

Is the buyer genuine?

Will I get my money?

Privacy

Can I be protected from

spam?

Are my personal details

safe?

Can I use information

gathered for marketing

purposes?

Content

Can I control access

to illegal/immoral

material?

Will my intellectual

property rights be

infringed?

Liability

Can the contract I am

entering into be

enforced?

Can the contract I am

entering into be

enforced?

Redress

Is there a clear means of

resolving disputes about

e-commerce transactions?

Three key services

Authentication - to ensure that the originator or recipient

of material is the person they claim to be

Confidentiality - to ensure that data cannot be read by

anyone other than the intended recipients

Integrity - to ensure that data has not been accidentally

or deliberately corrupted

CryptographyCryptography is ….

“the art of secret writing”

“the miraculous cure that will solve all computer

security problems”

“the recognised means of providing integrity,

authentication and confidentiality services in an

electronic environment ”

“These days almost all cryptologists are also

theoretical mathematicians - they have to be”

Digital signaturesPu

blic Key Infrastructures

Message authentication codes

Hash functions

Block ciphe

rs

One-way functions

Zero-knowledge protocolsSecret sha

ring schem

es

Bit commitment

Stream ciphers

Confidentiality

Confidentiality

cryptogramc

EncipheringAlgorithm

DecipheringAlgorithm

Key k(E) Key k(D)

messagem

messagem

Interceptorc = f (m, k(E) ) m = g (c, k(D) )

Symmetric Cipher System

k(D) is the same as k(E)

Mortice Lock (if you can lock, then you can unlock)

The Caesar Cipher

ABCDEFGHIJKLM+OPQRSTUVWXYZABCDEFGHIJKLM+OPQRSTUVWXYZ

ABCDEFGHIJKLM+OPQRSTUVWXYZABCDEFGHIJKLM+OPQRSTUVWXYZ

sliding ruler

+OTE: There are 26 keys, i.e. 26 ‘settings’.

Codeword - HSPPW

HSPPW QBYYF ZKHHO

ITQQX RCZZG ALIIP

JURRY SDAAH BMJJQ

KVSSZ TEBBI CNKKR

LWTTA UFCCJ DOLLS

MXUUB VGDDK EPMMT

NYVVC WHEEL FQNNU

OZWWD XIFFM GROOV

PAXXE YJGGN

Agree or disagree ?

This number of keys is enough

1. 26 ?

2. 3 000 000 ?

3. 8 000 000 000 ?

4. 72 000 000 000 000 000 ?

5. 400 000 000 000 000 000 000 000 000 ?

6. 340 000 000 000 000 000 000 000 000 000 000

000 000 ?

The Simple Substitution Cipher

a b c d e f g h i j k l m

D I Q M T B Z S Y K V O F

n o p q r s t u v w x y z

E R J A U W P X H L C N G

There are about 4 x 1026 keys

Examples:

1. B TO T OTA

2. XAV

3. VBDDQD

4. VBDDQD (given that the plaintext is the

name of a country)

5. ABXAZ OOAZT CYETE FCEOE UCZXT

The Simple Substitution Cipher

Letter Frequencies in English

E

A T

O

H I + R S

D L

C F G M U W

B P Y

K V

J Q X Z

The simple substitution cipher has approximately

400 000 000 000 000 000 000 000 000

keys. Clearly having a lot of keys is not enough to make a

cipher system difficult to break !

A strong cipher must certainly not encrypt the same

message letter with the same ciphertext letter every time.

31

Feistel Cipher

+

INPUT

L0 R0

f

L1=R0 R1 =L0+f(R0,k)

f

L2=R1

Key k

Key k

Etc�

+

R2 =L1+f(R1,k)

Integrity

One-way functions

A one-way function f(x) is a function for which:

• Given x, computing f(x) is easy

• Given f(x), determining x is hard

A (collision-free) one-way hash function h(x) is a one-way

function for which:

• values x of arbitrary length map to values h(x) of fixed length

• it is hard to find pairs x, y such that h(x)=h(y)

Iterative Hash Function

Arbitrary length input

Iterated

compression

functionFixed length

output

Optional output

transformation

Output

Agree or disagree ?

This protects against accidental modification

message, h(message)

This protects against deliberate modification

Authentication

Message authentication codes

A message authentication code (MAC) is a family of

functions {hk : k ∈ K} such that

• given x and k, computing hk(x) is easy

• values x of arbitrary length map to values hk(x) of fixed length

• given x, it is hard to compute hk(x) without knowledge of k

Integrity with authentication

message, hk(message)

Key k Key k

Confidentiality

with integrity

and authentication

Enck (message), hk(message)

Key k Key k

So…

What’s the problem

with Symmetric

Cipher Systems ?

Public Key Cipher System

Bevelled Sprung Lock (anyone can lock, only keyholder can unlock)

Impossible to determine k(D) from k(E)

Public Key System

• It must not be possible to deduce the message from a

knowledge of the cryptogram and the enciphering key.

• A directory of all receivers plus their enciphering keys is

published.

• The only person to know any given receiver’s deciphering

key is the receiver themselves.

• An enciphering algorithm is agreed.

• Each would-be receiver publishes the key which anyone

may use to send a message to the receiver.

Trapdoor one-way functions

A trapdoor one-way function f(x) is a one-way function

for which:

• given f(x) and some extra information it becomes easy to

determine x

For a public key system, the encipherment function f must

be a trapdoor one-way function, where the trapdoor is

knowledge of the deciphering key k(D)

RSA System

• Publish integers n and e where n = pq (p and q large primes)

and e is chosen so that gcd{e,(p-1)(q-1)} = 1.

• If message is an integer m then the cryptogram c = me (mod n).

• The primes p and q are ‘secret’ (i.e. known only to the receiver)

and the system’s security depends on the fact that knowledge of n

will not enable the interceptor to work out p and q.

RSA System

• Since gcd{e,(p-1)(q-1)} = 1 there is an integer d such that

ed = 1 (mod(p-1)(q-1)).

(without knowing p and q it is ‘impossible’ to determine d)

• To decipher raise c to the power d. Then m = cd ( = med ).

• System works because if n = pq,

a k(p-1)(q-1) + 1 = a (mod n) for all a, k.

RSA Summary and Example

n = p.q 2773 = 47.59

e.d = 1 (mod(p-1) (q-1)) 17.157 = 1 (mod 2668)

Public key is (e, n) (17, 2773)

Secret key is d 157

NB : Knowledge of p and q is required to compute d.

Encryption using Public Key :

c = m e (mod n) 587 = 31 17 (mod 2773)

Decryption using Secret Key :

m = c d (mod n) 31 = 587 157 (mod 2773)

So…

What’s the problem

with Public Key

Cipher Systems ?

So...

Can mathematics

secure electronic commerce?

And more importantly...

Does

anyone have

any easier questions?

References

• Fred Piper and Sean Murphy: Cryptography – A very short

introduction, Oxford University Press (2002)

• Simon Singh, The Code Book, Fourth Estate (2000)

• Simon Singh, The Code Book for Young People: How to Make it,

Break it, Hack it, Crack it, Delacorte Press (2002)

• http://www.isg.rhul.ac.uk/msc/teaching/ic2/ic2resources.shtml

• http://www.simonsingh.net/Crypto_Corner.html