Class 4: Modern Cryptography Menu: - Some Loose Ends On WWII - Maurice Burnett - Modern Cryptography

Cryptography in World War II
Jefferson Institute for Lifelong Learning at UVa

Spring 2006 David Evans
Menu
Class 4: • Some loose ends on WWII
Modern • Maurice Burnett
Cryptography
• Modern Cryptography
– Modern symmetric ciphers
– Public-key cryptosystems
http://www.cs.virginia.edu/jillcrypto JILL WWII Crypto Spring 2006 - Class 4: Modern Cryptography 2
British Cipher Machine German Code-Breaking Efforts

• Design based on
commercial Enigma • About 6,000 people (compare to 12,000
working at Bletchley Park)
• 5 rotor wheels (instead
• Decentralized: each military branch had
of 3 in Enigma) their own, didn’t share what they learned
• Multiple rings per rotor • Effective against manual codes: broke
• Last 2 rotor wheels about 50% of manually coded messages
didn’t rotate • Didn’t attempt to break rotor-based
• British attempted to ciphers – so confident Enigma was
break it (without unbreakable, didn’t try to Typex and
success) similar machines
Typex Machine
JILL WWII Crypto Spring 2006 - Class 4: Modern Cryptography 3 JILL WWII Crypto Spring 2006 - Class 4: Modern Cryptography 4
Lorenz Cipher
From http://www.codesandciphers.org.uk/lorenz/fish.htm
1
Modern Symmetric Ciphers Modern Ciphers
A billion billion is a large number, but
it's not that large a number.
Whitfield Diffie • AES (Rijndael) successor to DES
selected 2001
• Same idea but: • 128-bit keys, encrypt 128-bit blocks
–Use digital logic instead of • Brute force attack (around 1030 times
mechanical rotors harder than Lorenz)
–Larger keys (random bits, not rotor – Try 1 Trillion keys per second
– Would take 10790283070806000000 years
alignments) to try all keys!
• Lorenz ≈ 512 < 109 – If that’s not enough, can use 256-bit key
• Modern ≥ 128 bits > 1037 • No known techniques that do better
–Encrypt blocks of letters at a time than brute force search
Login Process Sending Passwords

Terminal
Login: alyssa
Password: fido
login sends Trusted Subsystem Encrypt The Internet
<“alyssa”, “fido”>
Eve
User Server
The Internet
Ciphertext
Plaintext Encrypt Decrypt Plaintext Key Agreement Demo

K K
User C = EncryptK (P) Server (Animated version at

end of slides.)
P = DecryptK (C)
2
Asymmetric Cryptosystems One-Way Functions
• Easy to compute, hard to invert
• Need a hard problem (like symmetric
• Trap-door one way function:
cryptosystems)
– D (E (M)) = M
• With a trap door: if you know a
– E and D are easy to compute.
secret, the hard problem becomes
– Revealing E doesn’t reveal an easy way
easy to compute D.
– Hence, anyone who knows E can encrypt,
but only someone who knows D can
decrypt
RSA [Rivest, Shamir, Adelman 78] Security of RSA

One-way function:
multiplication is easy, factoring is hard • n is public, but not p and q where n =
Trap-door: number theory (Euler and Fermat) pq
• How much work is factoring n?
Number Field Sieve (fastest known factoring
algorithm) is:
O(e1.9223((ln (n))1/3 (ln (ln (n)))2/3)

n ~200 digits – would take quintillions of years
Asymmetric Cryptosystems Public-Key Applications:

Privacy
Alice Bob
• Encryption and Decryption are done
with different keys Ciphertext
Plaintext Encrypt Decrypt Plaintext
• Keep one of the keys secret, reveal
the other Bob’s Public Key Bob’s Private Key
• Alice encrypts message to Bob using

EKRA (EKUA (M)) = M Bob’s Public Key
Alice’s Public Key: KUA Only KRA can decrypt • Only Bob knows Bob’s Private Key ⇒
Alice’s Private Key: KRA
a message encrypted
using KUA.
only Bob can decrypt message
3
Signatures
Bob The Internet
Alice Signed
Message
Plaintext Encrypt Decrypt Plaintext Ciphertext
Alice’s Private Key Alice’s Public Key

Plaintext Encrypt Decrypt Plaintext
• Bob knows it was from Alice, since only
Alice knows Alice’s Private Key
• Non-repudiation: Alice can’t deny signing KUS KRS
message (except by claiming her key was
stolen!) User Public Key Private Key Server
• Integrity: Bob can’t change message
(doesn’t know Alice’s Private Key) How does User know the public key to use?
Approach 1: Meet Secretly

• User and Server Operator meet
secretly and swap public keys
Key Management – If you can do that, might as well agree
on a secret (symmetric key) instead
– Doesn’t work for Internet transactions
Approach 2:
Public Announcement Approach 3: Public Directory
• Trusted authority maintains directory
• Publish public keys in a public mapping names to public keys
forum • Entities register public keys with
– Append to email messages authority in some secure way
– Post on web site • Authority publishes directory
– New York Time classifieds – Print using watermarked paper, special
• Easy for rogue to pretend to be fonts, etc.
someone else – Allow secure electronic access
• Depends on secure distribution of directory’s
– Forge email, alter web site, lie to New key
York Times
4
Approach 4: Certificates SSL (Secure Sockets
Layer)
Browser Server
VeriSign Hello
KUS $$$$ KRCA[Server Identity, KUS]
CS = EKRVeriSign[“Server”, KUS] Check Certificate

using KUCA
Request Pick random K
KUS[K]
Find K
using
CS Note: This is slightly
simplified from the actual KRS
User Server SSL protocol. This version
is vulnerable to a person-in-
EKUVeriSign (CS) = [“Server”, KUS] Knows KRS

the-middle attack!
Secure channel using K
Data encrypted using secret key

exchanged using some public key
associated with some certificate.
5
SSL Recap
Browser Server
Hello
KRCA[Server Identity, KUS]

Check Certificate Questions?
using KUCA
Pick random K
KUS[K]
Find K
using
Note: This is slightly
simplified from the actual KRS
SSL protocol. This version
is vulnerable to a person-in-
the-middle attack! Secure channel using K
Padlocked Boxes
Animated version of
Asymmetric Cryptography Hi!
Demo
Alice
Padlocked Boxes Padlocked Boxes
Alice’s Padlock Shady

Sammy’s
Slimy
Shipping
Hi!
Alice Alice Service
Alice’s Padlock Key Alice’s Padlock Key
6
Bob’s Padlock
Hi!
Alice Alice
Hi!
Alice’s Padlock Key Bob Alice’s Padlock Key Bob
Bob’s Padlock Key Bob’s Padlock Key

Hi!
Alice Alice
Hi!
Alice’s Padlock Key Bob Bob
Bob’s Padlock Key Bob’s Padlock Key
Padlocked Boxes
Hi!
Alice
Hi!
Bob
Bob’s Padlock Key
JILL WWII Crypto Spring 2006 - Class 4: Modern Cryptography 41

Class 4: Modern Cryptography Menu: - Some Loose Ends On WWII - Maurice Burnett - Modern Cryptography

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Class 4: Modern Cryptography Menu: - Some Loose Ends On WWII - Maurice Burnett - Modern Cryptography

Încărcat de

Drepturi de autor:

Formate disponibile

Cryptography in World War II

Jefferson Institute for Lifelong Learning at UVa

http://www.cs.virginia.edu/jillcrypto JILL WWII Crypto Spring 2006 - Class 4: Modern Cryptography 2

British Cipher Machine German Code-Breaking Efforts

Login Process Sending Passwords

Plaintext Encrypt Decrypt Plaintext Key Agreement Demo

User C = EncryptK (P) Server (Animated version at

RSA [Rivest, Shamir, Adelman 78] Security of RSA

O(e1.9223((ln (n))1/3 (ln (ln (n)))2/3)

Asymmetric Cryptosystems Public-Key Applications:

• Alice encrypts message to Bob using

Alice’s Private Key Alice’s Public Key

Approach 1: Meet Secretly

CS = EKRVeriSign[“Server”, KUS] Check Certificate

EKUVeriSign (CS) = [“Server”, KUS] Knows KRS

Data encrypted using secret key

KRCA[Server Identity, KUS]

Padlocked Boxes Padlocked Boxes

Alice’s Padlock Shady

Alice Alice Service

Alice’s Padlock Key Alice’s Padlock Key

Padlocked Boxes Padlocked Boxes

JILL WWII Crypto Spring 2006 - Class 4: Modern Cryptography 41

S-ar putea să vă placă și