can mathematics secure electronic commerce ?
TRANSCRIPT
Can Mathematics Secure
Electronic Commerce ?
Dr Keith Martin
Information Security Group
Department of Mathematics
Royal Holloway
Activities at Royal Holloway
The Information Security Group at Royal Holloway:
• Part of the Mathematics Department
• One of the largest academic information security groups in the
world with 21 staff, 7 visiting professors, and 48 research
students
• Conducts research into areas such as design and analysis of
cryptographic protocols, smartcards, electronic commerce,
security management, integration of security into applications
• Maintains close links and performs contract research and
consulting for leading security companies and security users
The Information Security Group runs an MSc in Information
Security.
In 2005:
• 180 students on campus
• 100 e-learning students
Graduates from these MSc courses are gaining employment as
IT security professionals throughout the World in sectors such
as finance, telecommunications, computing, etc etc
So...
Can Mathematics
Secure Electronic Commerce?
Some questions
• What is electronic commerce anyway?
• What does secure mean?
• What’s mathematics got to do with it?
Agree or disagree ?
I have taken part in electronic commerce
Electronic commerce is �.
Buzz buzz buzz.. but what is it?
“ the exchange of information across electronic
networks, at any stage in the supply chain,
whether within an organisation, between
businesses, between businesses and consumers,
or between the public and private sectors,
whether paid or unpaid”
Department of Trade and Industry
Where’s it all coming from?
Mobile
TelecomsPSTN
Private
networks
Broadcast
INTERNET
Cable
?
Portable
computing Ambient
computing
Satellite
What’s the big deal ?
E-commerce
• destroys market entry barriers
– geographic, practice, scale
• improves efficiency
– reduces overheads and costs
• creates new markets
– travel, entertainment, supermarkets, financial services
• has dramatic growth potential
A Typical Graph
0
200
400
600
800
1000
1200
1400US $ Billions
1998 1999 2000 2001 2002 2003
Year
Business to Consumer Business to Business
Agree or disagree ?
It is safe to buy goods over the
Internet
A matter of trust
• Fraud - abuse or misuse of data
• Privacy - the mechanism by which users contain control
over their own data
• Content - access to material, intellectual property rights
• Liability - the legal framework
• Redress - resolution of disputes
Five issues that lead to lack of confidence in e-commerce:
Fraud
Is the seller authentic?
Will my payment be
safe?
Is the buyer genuine?
Will I get my money?
Privacy
Can I be protected from
spam?
Are my personal details
safe?
Can I use information
gathered for marketing
purposes?
Content
Can I control access
to illegal/immoral
material?
Will my intellectual
property rights be
infringed?
Liability
Can the contract I am
entering into be
enforced?
Can the contract I am
entering into be
enforced?
Redress
Is there a clear means of
resolving disputes about
e-commerce transactions?
Three key services
Authentication - to ensure that the originator or recipient
of material is the person they claim to be
Confidentiality - to ensure that data cannot be read by
anyone other than the intended recipients
Integrity - to ensure that data has not been accidentally
or deliberately corrupted
CryptographyCryptography is ….
“the art of secret writing”
“the miraculous cure that will solve all computer
security problems”
“the recognised means of providing integrity,
authentication and confidentiality services in an
electronic environment ”
“These days almost all cryptologists are also
theoretical mathematicians - they have to be”
Digital signaturesPu
blic Key Infrastructures
Message authentication codes
Hash functions
Block ciphe
rs
One-way functions
Zero-knowledge protocolsSecret sha
ring schem
es
Bit commitment
Stream ciphers
Confidentiality
Confidentiality
cryptogramc
EncipheringAlgorithm
DecipheringAlgorithm
Key k(E) Key k(D)
messagem
messagem
Interceptorc = f (m, k(E) ) m = g (c, k(D) )
Symmetric Cipher System
k(D) is the same as k(E)
Mortice Lock (if you can lock, then you can unlock)
The Caesar Cipher
ABCDEFGHIJKLM+OPQRSTUVWXYZABCDEFGHIJKLM+OPQRSTUVWXYZ
ABCDEFGHIJKLM+OPQRSTUVWXYZABCDEFGHIJKLM+OPQRSTUVWXYZ
sliding ruler
+OTE: There are 26 keys, i.e. 26 ‘settings’.
Codeword - HSPPW
HSPPW QBYYF ZKHHO
ITQQX RCZZG ALIIP
JURRY SDAAH BMJJQ
KVSSZ TEBBI CNKKR
LWTTA UFCCJ DOLLS
MXUUB VGDDK EPMMT
NYVVC WHEEL FQNNU
OZWWD XIFFM GROOV
PAXXE YJGGN
Agree or disagree ?
This number of keys is enough
1. 26 ?
2. 3 000 000 ?
3. 8 000 000 000 ?
4. 72 000 000 000 000 000 ?
5. 400 000 000 000 000 000 000 000 000 ?
6. 340 000 000 000 000 000 000 000 000 000 000
000 000 ?
The Simple Substitution Cipher
a b c d e f g h i j k l m
D I Q M T B Z S Y K V O F
n o p q r s t u v w x y z
E R J A U W P X H L C N G
There are about 4 x 1026 keys
Examples:
1. B TO T OTA
2. XAV
3. VBDDQD
4. VBDDQD (given that the plaintext is the
name of a country)
5. ABXAZ OOAZT CYETE FCEOE UCZXT
The Simple Substitution Cipher
Letter Frequencies in English
E
A T
O
H I + R S
D L
C F G M U W
B P Y
K V
J Q X Z
The simple substitution cipher has approximately
400 000 000 000 000 000 000 000 000
keys. Clearly having a lot of keys is not enough to make a
cipher system difficult to break !
A strong cipher must certainly not encrypt the same
message letter with the same ciphertext letter every time.
31
Feistel Cipher
+
INPUT
L0 R0
f
L1=R0 R1 =L0+f(R0,k)
f
L2=R1
Key k
Key k
Etc�
+
R2 =L1+f(R1,k)
Integrity
One-way functions
A one-way function f(x) is a function for which:
• Given x, computing f(x) is easy
• Given f(x), determining x is hard
A (collision-free) one-way hash function h(x) is a one-way
function for which:
• values x of arbitrary length map to values h(x) of fixed length
• it is hard to find pairs x, y such that h(x)=h(y)
Iterative Hash Function
Arbitrary length input
Iterated
compression
functionFixed length
output
Optional output
transformation
Output
Agree or disagree ?
This protects against accidental modification
message, h(message)
This protects against deliberate modification
Authentication
Message authentication codes
A message authentication code (MAC) is a family of
functions {hk : k ∈ K} such that
• given x and k, computing hk(x) is easy
• values x of arbitrary length map to values hk(x) of fixed length
• given x, it is hard to compute hk(x) without knowledge of k
Integrity with authentication
message, hk(message)
Key k Key k
Confidentiality
with integrity
and authentication
Enck (message), hk(message)
Key k Key k
So…
What’s the problem
with Symmetric
Cipher Systems ?
Public Key Cipher System
Bevelled Sprung Lock (anyone can lock, only keyholder can unlock)
Impossible to determine k(D) from k(E)
Public Key System
• It must not be possible to deduce the message from a
knowledge of the cryptogram and the enciphering key.
• A directory of all receivers plus their enciphering keys is
published.
• The only person to know any given receiver’s deciphering
key is the receiver themselves.
• An enciphering algorithm is agreed.
• Each would-be receiver publishes the key which anyone
may use to send a message to the receiver.
Trapdoor one-way functions
A trapdoor one-way function f(x) is a one-way function
for which:
• given f(x) and some extra information it becomes easy to
determine x
For a public key system, the encipherment function f must
be a trapdoor one-way function, where the trapdoor is
knowledge of the deciphering key k(D)
RSA System
• Publish integers n and e where n = pq (p and q large primes)
and e is chosen so that gcd{e,(p-1)(q-1)} = 1.
• If message is an integer m then the cryptogram c = me (mod n).
• The primes p and q are ‘secret’ (i.e. known only to the receiver)
and the system’s security depends on the fact that knowledge of n
will not enable the interceptor to work out p and q.
RSA System
• Since gcd{e,(p-1)(q-1)} = 1 there is an integer d such that
ed = 1 (mod(p-1)(q-1)).
(without knowing p and q it is ‘impossible’ to determine d)
• To decipher raise c to the power d. Then m = cd ( = med ).
• System works because if n = pq,
a k(p-1)(q-1) + 1 = a (mod n) for all a, k.
RSA Summary and Example
n = p.q 2773 = 47.59
e.d = 1 (mod(p-1) (q-1)) 17.157 = 1 (mod 2668)
Public key is (e, n) (17, 2773)
Secret key is d 157
NB : Knowledge of p and q is required to compute d.
Encryption using Public Key :
c = m e (mod n) 587 = 31 17 (mod 2773)
Decryption using Secret Key :
m = c d (mod n) 31 = 587 157 (mod 2773)
So…
What’s the problem
with Public Key
Cipher Systems ?
So...
Can mathematics
secure electronic commerce?
And more importantly...
Does
anyone have
any easier questions?
References
• Fred Piper and Sean Murphy: Cryptography – A very short
introduction, Oxford University Press (2002)
• Simon Singh, The Code Book, Fourth Estate (2000)
• Simon Singh, The Code Book for Young People: How to Make it,
Break it, Hack it, Crack it, Delacorte Press (2002)
• http://www.isg.rhul.ac.uk/msc/teaching/ic2/ic2resources.shtml
• http://www.simonsingh.net/Crypto_Corner.html