from classical to modern - central european university · code book codes replace a speci c piece...
TRANSCRIPT
Cryptography for dummies 1 / 14
Cryptography for DummiesFrom Classical to Modern
Laszlo Csirmaz
Central European University
March 26–30, 2012
Cryptography for dummies 2 / 14
Classic Definition of Cryptography
Cryptography, or the art of “hidden writing,” comes from Greekhiding the contents or existence of messages from and adversary
Encryption makes a message unintelligible to anyone notpossessing some secret information
Decryption undoes the scrambling
Steganography, or “covered writing,” is concerned with hidingthe existence of a message – often in plain sight.
Cryptography for dummies 5 / 14
Caesar Substitution Cipher
E T T U B R U T E
↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓H W W X E U X W H
Cryptography for dummies 6 / 14
Vigenere Polyalphabetic Substitution
A B C D E F G H I J K L MN O P Q R S T U VWX Y Z
A A B C D E F G H I J K L MN O P Q R S T U VWX Y ZB B C D E F G H I J K L MN O P Q R S T U VWX Y Z AC C D E F G H I J K L MN O P Q R S T U VWX Y Z A BD D E F G H I J K L MN O P Q R S T U VWX Y Z A B CE E F G H I J K L MN O P Q R S T U VWX Y Z A B C DF F G H I J K L MN O P Q R S T U VWX Y Z A B C D EG G H I J K L MN O P Q R S T U VWX Y Z A B C D E FH H I J K L MN O P Q R S T U VWX Y Z A B C D E F GI I J K L MN O P Q R S T U VWX Y Z A B C D E F G HJ J K L MN O P Q R S T U VWX Y Z A B C D E F G H IK K L MN O P Q R S T U VWX Y Z A B C D E F G H I JL L MN O P Q R S T U VWX Y Z A B C D E F G H I J kM MN O P Q R S T U VWX Y Z A B C D E F G H I J K LN N O P Q R S T U VWX Y Z A B C D E F G H I J K L MO O P Q R S T U VWX Y Z A B C D E F G H I J K L MNP P Q R S T U VWX Y Z A B C D E F G H I J K L MN OQ Q R S T U VWX Y Z A B C D E F G H I J K L MN O PR R S T U VWX Y Z A B C D E F G H I J K L MN O P QS S T U VWX Y Z A B C D E F G H I J K L MN O P Q RT T U VWX Y Z A B C D E F G H I J K L MN O P Q R SU U VWX Y Z A B C D E F G H I J K L MN O P Q R S TV VWX Y Z A B C D E F G H I J K L MN O P Q R S R UW WX Y Z A B C D E F G H I J K L MN O P Q R S T U VX X Y Z A B C D E F G H I J K L MN O P Q R S T U VWY Y Z A B C D E F G H I J K L MN O P Q R S T U VWXZ Z A B C D E F G H I J K L MN O P Q R S T U VWX Y
Key:SECRET
Plaintext:PARTY TODAY
Ciphertext:HETKC MGHAP
Cryptography for dummies 8 / 14
Steganography
Herodotus tattoo and wax tablets
invisible ink
microdots
“The Finger”
Low order bits
Cryptography for dummies 9 / 14
Code book
Codes replace a specific piece of plaintext with a certain codeword. They can also replace several letters at once.
“Yes” if by land, “no” if by sea
Beale code
number stations
electronic code book (ECB) mode
Cryptography for dummies 10 / 14
Kerckhoff’s Principle
A cryptosystem should be secure even if everything aboutit is public knowledge except the secret key.
It contrasts to “security through obscurity.”
KeeLoq R© used by: Chrysler, Daewoo, Fiat, GM, Honda, Jaguar,Toyota, Volvo, WVAttack: Listen in a parking lot for about 60 minutes, then useyour computer for two days. Scary, isn’t is?
Cryptography for dummies 11 / 14
One-time pads
Invented several times before and afterthe II Word War
used even through the cold war
one time means one time
needs separate keys for each message,and for each recipient
keys are as big as messages (disposablekeypads)
Cryptography for dummies 12 / 14
Problems with Classical Crypto
weak: pen-and-paper, and mechanical systems became weakin face of modern computers.
informal: construction was ad hoc. They were not publiclyavailable, there were no “proof” for fit, no definition for whatthey were good.
closed: knowledge and technology available to military andintelligence agencies.
key distribution: the number of keys grow enormously withthe number of participants.
Cryptography for dummies 12 / 14
Problems with Classical Crypto
weak: pen-and-paper, and mechanical systems became weakin face of modern computers.
informal: construction was ad hoc. They were not publiclyavailable, there were no “proof” for fit, no definition for whatthey were good.
closed: knowledge and technology available to military andintelligence agencies.
key distribution: the number of keys grow enormously withthe number of participants.
Cryptography for dummies 12 / 14
Problems with Classical Crypto
weak: pen-and-paper, and mechanical systems became weakin face of modern computers.
informal: construction was ad hoc. They were not publiclyavailable, there were no “proof” for fit, no definition for whatthey were good.
closed: knowledge and technology available to military andintelligence agencies.
key distribution: the number of keys grow enormously withthe number of participants.
Cryptography for dummies 12 / 14
Problems with Classical Crypto
weak: pen-and-paper, and mechanical systems became weakin face of modern computers.
informal: construction was ad hoc. They were not publiclyavailable, there were no “proof” for fit, no definition for whatthey were good.
closed: knowledge and technology available to military andintelligence agencies.
key distribution: the number of keys grow enormously withthe number of participants.
Cryptography for dummies 13 / 14
Modern Cryptographic Era
cryptography now is an everyday commodity
new cryptographic primitives
asymmetric and public cryptosystem
standardization, formalization
internet and wireless communication
liberalization of cryptographic restrictions
Cryptography for dummies 14 / 14
Cryptography Topics
Key Distribution ProblemHow Alice and Bob first agree on a shared key?
MIM attack (man in the middle)
Public Key EncryptionDiffie–Hellman, RSAHow do you get the public keys?Why should you trust the encrypted message?How will you know that is was not modified?
AuthenticationHow do you know that a message was sent by your bank?How do you know that it has not been altered?
Cryptography for dummies 14 / 14
Cryptography Topics
Key Distribution ProblemHow Alice and Bob first agree on a shared key?
MIM attack (man in the middle)
Public Key EncryptionDiffie–Hellman, RSAHow do you get the public keys?Why should you trust the encrypted message?How will you know that is was not modified?
AuthenticationHow do you know that a message was sent by your bank?How do you know that it has not been altered?
Cryptography for dummies 14 / 14
Cryptography Topics
Key Distribution ProblemHow Alice and Bob first agree on a shared key?
MIM attack (man in the middle)
Public Key EncryptionDiffie–Hellman, RSAHow do you get the public keys?Why should you trust the encrypted message?How will you know that is was not modified?
AuthenticationHow do you know that a message was sent by your bank?How do you know that it has not been altered?
Cryptography for dummies 14 / 14
Cryptography Topics
Key Distribution ProblemHow Alice and Bob first agree on a shared key?
MIM attack (man in the middle)
Public Key EncryptionDiffie–Hellman, RSAHow do you get the public keys?Why should you trust the encrypted message?How will you know that is was not modified?
AuthenticationHow do you know that a message was sent by your bank?How do you know that it has not been altered?