Cryptography: 500 BC to https

Transcript

1. Cryptography: 500 BC - https

2. Plugs

3. 2nd & 4th T uesdays: OWASP T ulsa at 36°N

4. May 20: 200ok.us @ T ulsa Library (code: “BSIDES”)

5. October 28: Thunderplains in OKC (code: “BSIDES”)

6. About me I’m not a crypto engineer I’m a web

   developer who got into Security Engineering I’ve always been scared and fascinated by crypto

7. About this talk 2700 years in 40 minutes Don’t take

   notes Slides are already up at: speakerdeck.com/groovecoder

8. The Code Book Simon Singh

9. Journey into Cryptography Khan Academy

10. Bulletproof TLS and PKI Ivan Ristić

11. Steganography Hiding messages

12. 499 BCE Histiaeus of Miletus shaves head of a slave

    to write to Aristagoras to revolt against Persians

13. 480 BCE Demaratus writes into wood covered with wax re:

    Xerxes’ pending attack

14. ??? Chinese writings on silk in balls of wax ingested

    by couriers

15. First “Invisible Ink”, 1st c. AD Pliny the Elder Milk

    of tithymalus plant Heat-activated

16. Scytale, ~700 BCE - 120 AD Cylinder with parchment wound

    around it Permutation cipher or Partial/Hidden writing

17. Cryptography Encrypting messages

18. T ranspositional Permutation Ciphers Anagrams: move letters around

19. Permutation Cipher For example, consider this short sentence 35 letters

    50,000,000,000,000,000,000,000,000,000,000 (50 trillion trillion) permutations

20. When we measure how “strong” an encryption system is, we

    measure it by its …

21. Time Complexity

22. Permutation Cipher EXPERIMENTATIONS FRESH CHORD LOSS 50,000,000,000,000,000,000,000,000,000,000 (50 trillion trillion)

    permutations 1 check/second = 1,500,000,000,000,000,000,000,000 years (1 trillion billion years)

23. Drawbacks of random permutation cipher Impossible for intended recipient too

    False positives: which anagram is right? Do Not Attack at Midnight Attack at Mind: do T onight

24. We need a deterministic way to encrypt & decrypt

25. Algorithms & Keys

26. “a cryptosystem should be secure, even if everything about the

    system, except the key, is public knowledge” –Kerchkoff’s Principle (19th century AD)

27. Scytale, ~700 BCE - 120 AD Algorithm Wrap message around

    a cylinder Key Diameter of cylinder

28. Rail fence cipher http://crypto.interactive-maths.com/rail-fence-cipher.html

29. Rail fence cipher key = 4 http://crypto.interactive-maths.com/rail-fence-cipher.html they are attacking

    from the north

30. Rail fence cipher; k=4 http://crypto.interactive-maths.com/rail-fence-cipher.html they are attacking from the

    north

31. Rail fence cipher; k=4 http://crypto.interactive-maths.com/rail-fence-cipher.html they are attacking from the

    north TEKOOHRACIRMNREATANFTETYTGHH

32. Rail fence cipher; k=4 http://crypto.interactive-maths.com/rail-fence-cipher.html they are attacking from the

    north TEKOOHRACIRMNREATANFTETYTGHH they are attacking from the north

33. Ancient Scytale ~700 BC

34. Cryptanalysis Breaking encrypted messages

35. Breaking rail fence cipher http://crypto.interactive-maths.com/rail-fence-cipher.html “Naive Brute Force” key search:

    T ry a bunch of numbers of rows by hand

36. Breaking rail fence cipher DELEHELFTAAEDSWNT 2 rows: daealeedhsewlnftt 3 rows:

    deslefwtlanaeetdh 4 rows: detwaheeanellfdts 5 rows: defend the east wall

37. So, the first cryptanalysis is simply “naive brute force” key

    searching

38. “Key space” How many possible keys are there?

39. Breaking a Scytale “Naive Brute Force” key search: T ry

    a bunch of cylinders

40. Ancient Scytale ~700 BC Brute Force Key Search

41. Substitutional Cipher Change letters into other letters

42. Caesar Cipher, 49 - 44 BC Algorithm Replace each letter

    with another letter Key K positions down the alphabet

43. Caesar (Shift) Cipher Plain alphabet: abcdefghijklmnopqrstuvwxyz Cipher alphabet: DEFGHIJKLMNOPQRSTUVWXZYABC

44. Ancient Steganography, Scytale ~700 BC Brute Force Key Search Caesar

    Cipher ~50 BC

45. Breaking a Caesar Cipher “Naive Brute Force” key search: 26

    possible shifts

46. Aside: simple can still be useful

47. Can we give ourselves a really large key space? So

    it would take an attacker a long time to search them all?

48. Non-shifted Random Substitution Algorithm Replace each letter with another letter

    Key Any Cipher Alphabet (An anagram of the alphabet! such meta!)

49. Non-shifted Substitutional Cipher 26 letters to re-arrange Key space: 403,291,461,000,000,000,000,000,000

    (403 trillion trillion or ~288) possible re-arrangements (English) 120,000,000,000,000,000,000 (120 billion billion) years at 1 check/s

50. Most crypto-systems don’t try to offer “perfect” encryption …

51. … most crypto systems try to force attackers into key

    searches that take too long to complete

52. Non-shifted Substitutional Cipher 26 letters to re-arrange Key space: 403,291,461,000,000,000,000,000,000

    (403 trillion trillion or ~288) possible re-arrangements (English) 120,000,000,000,000,000,000 (120 billion billion) years at 1 check/s

53. Key: XZAVOIDBYGERSPCFHJKLMNQTUW

54. Can we create a “pseudo-random” key that is easy to

    memorize?

55. Easy to memorize key JULIUS CAESAR
 JULISCAER

56. Easy to memorize key Cipher alphabet: JULISCAERTVWXYZBDFGHKMNOPQ JULIUS CAESAR
 JULISCAER

57. Easy to memorize key Plain alphabet: abcdefghijklmnopqrstuvwxyz Cipher alphabet: JULISCAERTVWXYZBDFGHKMNOPQ

    JULIUS CAESAR
 JULISCAER Note: smaller key space

58. “key derivation function” Cipher alphabet: JULISCAERTVWXYZBDFGHKMNOPQ JULIUS CAESAR

59. Plain alphabet: abcdefghijklmnopqrstuvwxyz Cipher alphabet: JULISCAERTVWXYZBDFGHKMNOPQ Defend the East wall

    ISCSYI HES SJGH NJWW

60. Ancient Steganography, Scytale ~700 BC Brute Force Key Search Caesar

    Cipher ~50 BC Non-shifted Substitution Cipher

61. So, we’ve got a simple crypto- system that would take

    decades for hundreds of thousands of computers to break!

62. Non-shifted Substitution Cipher considered un-breakable for ~800 years, until …

63. ةامعملا بتكلا جارختسا يف ةلاسر (On Decrypting Encrypted Correspondence) يدنكلا

    حاّبصلا قاحسإ نب بوقعي فسوي وبأ (Abu Yūsuf Yaʻqūb ibn ʼIsḥāq aṣ-Ṣabbāḥ al-Kindī) Al-Kindi 801-873 AD

64. Frequency Analysis Attack

65. None

66. “PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD KBXBJYUXJ LBJOO

    KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL, QBOP KBO BXV OPVOV LBO LXRO CI SX’XJMI, KBO JCKO XPV EYKKOV LBO DJCMPV ZOICJO BYS, KXUYPD: “DJOXL EYPD, ICJ X LBCMKXPV XPV CPO PYDBLK Y BXNO ZOOP JOACMPLYPD LC UCM LBO IXZROK CI FXKL XDOK XPV LBO RODOPVK CI XPAYOPL EYPDK. SXU Y SXEO KC ZCRV XK LC AJXNO X IXNCMJ CI UCMJ SXGOKLU?” –OFYRCDMO, LXROK IJCS LBO LBCMKXPV XPV CPO PYDBLK

67. Plain alphabet: abcdefghijklmnopqrstuvwxyz Cipher alphabet: ??????????????????????????

68. Likeliest plaintext letters O = e X = t P

    = a

69. English frequency rules Vowels appear before and after most other

    letters Consonants avoid many letters E.g., ‘e’ appears before/after virtually every other letter; while ’t’ is rarely seen before or after ‘b’, ‘d’, ‘g’, ‘j’, ‘k’, ‘m’, ‘q’, ‘v’ “ee” occurs more than “oo” occurs more than other double-vowels “a” occurs on its own often - more than “I” on its own ‘h’ frequently goes before ‘e’ but rarely after ‘e’

70. Cipher O = e X = a Y = i

    B = h P = t ?

71. “PCQ VMJiPD LhiK LiSe KhahJaWaV haV ZCJPe EiPD KhahJiUaJ LhJee

    KCPK. CP Lhe LhCMKaPV aPV IiJKL PiDhL, QheP Khe haV ePVeV Lhe LaRe CI Sa’aJMI, Khe JCKe aPV EiKKeV Lhe DJCMPV ZeICJe hiS, KaUiPD: “DJeaL EiPD, ICJ a LhCMKaPV aPV CPe PiDhLK i haNe ZeeP JeACMPLiPD LC UCM Lhe IaZReK CI FaKL aDeK aPV Lhe ReDePVK CI aPAiePL EiPDK. SaU i SaEe KC ZCRV aK LC AJaNe a IaNCMJ CI UCMJ SaGeKLU?” –eFiRCDMe, LaReK IJCS Lhe LhCMKaPV aPV CPe PiDhLK

72. “PCQ VMJiPD LhiK LiSe KhahJaWaV haV ZCJPe EiPD KhahJiUaJ LhJee

    KCPK. CP Lhe LhCMKaPV aPV IiJKL PiDhL, QheP Khe haV ePVeV Lhe LaRe CI Sa’aJMI, Khe JCKe aPV EiKKeV Lhe DJCMPV ZeICJe hiS, KaUiPD: “DJeaL EiPD, ICJ a LhCMKaPV aPV CPe PiDhLK i haNe ZeeP JeACMPLiPD LC UCM Lhe IaZReK CI FaKL aDeK aPV Lhe ReDePVK CI aPAiePL EiPDK. SaU i SaEe KC ZCRV aK LC AJaNe a IaNCMJ CI UCMJ SaGeKLU?” –eFiRCDMe, LaReK IJCS Lhe LhCMKaPV aPV CPe PiDhLK “Lhe” 6 times

73. “Lhe” Plain alphabet: abcdefghijklmnopqrstuvwxyz Cipher alphabet: X???O??BY??????????L?????? “the”

74. “PCQ VMJiPD thiK tiSe KhahJaWaV haV ZCJPe EiPD KhahJiUaJ thJee

    KCPK. CP the thCMKaPV aPV IiJKt PiDht, QheP Khe haV ePVeV the taRe CI Sa’aJMI, Khe JCKe aPV EiKKeV the DJCMPV ZeICJe hiS, KaUiPD: “DJeat EiPD, ICJ a thCMKaPV aPV CPe PiDhtK i haNe ZeeP JeACMPtiPD tC UCM the IaZReK CI FaKt aDeK aPV the ReDePVK CI aPAiePt EiPDK. SaU i SaEe KC ZCRV aK tC AJaNe a IaNCMJ CI UCMJ SaGeKtU?” –eFiRCDMe, taReK IJCS the thCMKaPV aPV CPe PiDhtK “aPV” 5 times

75. “aPV” Plain alphabet: abcdefghijklmnopqrstuvwxyz Cipher alphabet: X??VO??BY????P?????L?????? “and”

76. None

77. “now during this time shahra[qxzj]ad had borne king shahriyar three

    sons. on the thousand and first night, when she had ended the tale of ma’aruf, she rose and kissed the ground before him, saying: “great king, for a thousand and one nights i have been recounting to you the fables of past ages and the legends of ancient kings. may i make so bold as to crave a favour of your ma[qxzj]esty?” –epilogue, tales from the thousand and one nights Plain alphabet: abcdefghijklmnopqrstuvwxyz Cipher alphabet: XZAVOIDBY?ERSPCF?JKLMNQ?U?

78. Frequency Analysis: An analytical attack faster than naive brute force

    key search

79. Ancient Steganography, Scytale ~700 BC Brute Force Key Search Caesar

    Cipher ~50 BC Non-shifted Substitution Cipher Frequency Analysis ~800 AD

80. Frequency Analysis considered indefensible for ~800 years

81. Code-makers needed a crypto-system that wasn’t vulnerable to Frequency Analysis

82. Leon Battista Alberti 1404-1472 “poly-alphabetic” cipher

83. D M B X K I V A S Z

    N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E a b c d e f g h i j k l m n o p q r s t u v w x y z Poly-alphabetic Substitution Cipher

84. D M B X K I V A S Z

    N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E a b c d e f g h i j k l m n o p q r s t u v w x y z “secret” “R?????” Poly-alphabetic Substitution Cipher

85. D M B X K I V A S Z

    N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E a b c d e f g h i j k l m n o p q r s t u v w x y z “secret” “RA????” Poly-alphabetic Substitution Cipher

86. D M B X K I V A S Z

    N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E a b c d e f g h i j k l m n o p q r s t u v w x y z “secret” “RAB???” Poly-alphabetic Substitution Cipher

87. D M B X K I V A S Z

    N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E “RABH??” a b c d e f g h i j k l m n o p q r s t u v w x y z “secret” Poly-alphabetic Substitution Cipher

88. D M B X K I V A S Z

    N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E “RABHK?” a b c d e f g h i j k l m n o p q r s t u v w x y z “secret” Poly-alphabetic Substitution Cipher

89. D M B X K I V A S Z

    N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E a b c d e f g h i j k l m n o p q r s t u v w x y z “secret” “RABHKK” Poly-alphabetic Substitution Cipher

90. False frequencies ‘e’ is enciphered as both ‘A’ and ‘K’

    ‘K’ is deciphered as both ‘e’ and ‘t’ “secret” “RABHKK”

91. Ancient Steganography, Scytale Brute Force Key Search Caesar Shift Non-shifted

    Substitution Frequency Analysis ~800 AD Homophonic Substitution Renaissance Poly-alphabetic Substitution ~1450 AD

92. Poly-alphabetic beats frequency analysis, but …

93. Poly-alphabetic ciphers are complex D M B X K I

    V A S Z N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E a b c d e f g h i j k l m n o p q r s t u v w x y z D M B X K I V A S Z N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E D M B X K I V A S Z N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E

94. Keyword SECRET D M B X K I V A

    S Z N P L Y F C J O R T E Q H WG U Z J D P A I Q H T WL F B G O X N H U K R C Y V S E a b c d e f g h i j k l m n o p q r s t u v w x y z

95. Le Chiffre Indéchiffrable created by Blaise de Vigenère 1523 -

    1596 Created new poly-alphabetic cipher

96. Vigenère Square

97. a b c d e f g h i j

    k l m n o p q r s t u v w x y z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z A B C D E F G H I J K L M N O P Q R S T U V W X Y A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

98. Repeat keyword for all of text Plaintext: AttackFromTheSouthAtDawn Ciphertext: ????????????????????????

    Keyword: SECRETSECRETSECRETSECRET

99. a b c d e f g h i j

    k l m n o p q r s t u v w x y z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z A B C D E F G H I J K L M N O P Q R S T U V W X Y A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphertext: S??????????????????????? Plaintext: AttackFromTheSouthAtDawn S Keyword: SECRETSECRETSECRETSECRET

100. a b c d e f g h i j

     k l m n o p q r s t u v w x y z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z A B C D E F G H I J K L M N O P Q R S T U V W X Y A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphertext: SX?????????????????????? Plaintext: AttackFromTheSouthAtDawn Keyword: SECRETSECRETSECRETSECRET X

101. a b c d e f g h i j

     k l m n o p q r s t u v w x y z B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z A B C D E F G H I J K L M N O P Q R S T U V W X Y A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphertext: SXV????????????????????? Plaintext: AttackFromTheSouthAtDawn Keyword: SECRETSECRETSECRETSECRET V

102. Plaintext: AttackFromTheSouthAtDawn Ciphertext: SXVRGDXVQDXAWWQLXASXFRAG Keyword: SECRETSECRETSECRETSECRET

103. Ancient Steganography, Scytale Brute Force Key Search Caesar Shift Non-shifted

     Substitution Frequency Analysis ~800 AD Homophonic Substitution Renaissance Poly-alphabetic Substitution Le Chiffre Indéchiffrable ~1550 AD

104. Industrial Revolution ~1760 - 1840

105. “Black Chambers” • 1700s • “Assembly-line” Cryptanalysis • Each European

     power had one • Breaking all mono-alphabetic ciphers • Encouraged adoption of Vigenère Square for poly-alphabetic ciphers

106. Ancient Steganography, Scytale Brute Force Key Search Caesar Shift Non-shifted

     Substitution Frequency Analysis Homophonic Substitution Renaissance Poly-alphabetic Substitution Le Chiffre Indéchiffrable ~1550 AD Assembly-line Frequency Analysis ~1700’s Industrial

107. Charles Babbage • 1791 - 1871 • 1854: Broke Vigenère

     Cipher • Without machinery

108. REPEATING KEYWORD Plaintext: AttackFromTheSouthAtDawn Ciphertext: SXVRGDXVQDXAWWQLXASXFRAG Keyword: SECRETSECRETSECRETSECRET

109. False SYMBOL frequencies • ‘e’ is enciphered as both ‘A’

     and ‘K’ • ‘K’ is deciphered as both ‘e’ and ‘t’ “secret” “RABHKK”

110. Word frequencies

111. Plaintext: thesunandthemaninthemoon Ciphertext: DPRYEVNTNBUKWIAOXBUKWWBT Keyword: KINGKINGKINGKINGKINGKING

112. Plaintext: thesunandthemaninthemoon Ciphertext: DPRYEVNTNBUKWIAOXBUKWWBT Keyword: KINGKINGKINGKINGKINGKING

113. Breaking Vigenère • Look for repeated sequences of letters •

     Measure spacing between repetitions • Identify most likely length of key: L

114. Cipher text WUBEFIQLZURMVOFEHMYMWTIXCQTMPIFKRZUPMVOIRQMM WOZMPULMBNYVQQQMVMVJLEYMHFEFNZPSDLPPSDLPEVQM WCXYMDAVQEEFIQCAYTQOWCXYMWMSEMEFCFWYEYQETRLI QYCGMTWCWFBSMYFPLRXTQYEEXMRULUKSGWFPTLRQAERL UVPMVYQYCXTWFQLMTELSFJPQEHMOZCIWCIWFPZSLMAEZ IQVLQMZVPPXAWCSMZMORVGVVQSZETRLQZPBJAZVQIYXE WWOICCGDWHQMMVOWSGNTJPFPPAYBIYBJUTWRLQKLLLMD PYVACDCFQNZPIFPPKSDVPTIDGXMQQVEBMQALKEZMGCVK

     UZKIZBZLIUAMMVZ

115. REPETITIONS EFIQ, PSDLP, WCXYM, ETRL WUBEFIQLZURMVOFEHMYMWTIXCQTMPIFKRZUPMVOIRQMM WOZMPULMBNYVQQQMVMVJLEYMHFEFNZPSDLPPSDLPEVQM WCXYMDAVQEEFIQCAYTQOWCXYMWMSEMEFCFWYEYQETRLI QYCGMTWCWFBSMYFPLRXTQYEEXMRULUKSGWFPTLRQAERL UVPMVYQYCXTWFQLMTELSFJPQEHMOZCIWCIWFPZSLMAEZ

     IQVLQMZVPPXAWCSMZMORVGVVQSZETRLQZPBJAZVQIYXE WWOICCGDWHQMMVOWSGNTJPFPPAYBIYBJUTWRLQKLLLMD PYVACDCFQNZPIFPPKSDVPTIDGXMQQVEBMQALKEZMGCVK UZKIZBZLIUAMMVZ

116. spacing between repetitions Repetition Spacing Possible Length of Key 2

     3 4 5 6 7 8 9 10 11121314 15 1617181920 EFIQ 95 ✓ ✓ PSDLP 5 ✓ WCXYM 20 ✓ ✓ ✓ ✓ ✓ ETRL 120 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓

117. 5 separate cipher texts WIREWQFPROLVVEESSV XVITXSCYLGWYXELWRL VXLSECWLQPSRQRBQCH OTPYWLCNPVGVAMZUZ WIREWQFPROLVVEESSV XVITXSCYLGWYXELWRL

     VXLSECWLQPSRQRBQCH OTPYWLCNPVGVAMZUZ WIREWQFPROLVVEESSV XVITXSCYLGWYXELWRL VXLSECWLQPSRQRBQCH OTPYWLCNPVGVAMZUZ WIREWQFPROLVVEESSV XVITXSCYLGWYXELWRL VXLSECWLQPSRQRBQCH OTPYWLCNPVGVAMZUZ WIREWQFPROLVVEESSV XVITXSCYLGWYXELWRL VXLSECWLQPSRQRBQCH OTPYWLCNPVGVAMZUZ Break each with frequency analysis

118. Plaintext: AttackFromTheSouthAtDawn Ciphertext: SXVRGDXVQDXAWWQLXASXFRAG Keyword: SECRETSECRETSECRETSECRET

119. Plaintext: AttackFromTheSouthAtDawn Ciphertext: SXVRGDXVQDXAWWQLXASXFRAG Keyword: SECRETSECRETSECRETSECRET Keyword Length: 5 Keyword

     Letters: RS???

120. Ancient Steganography, Scytale Brute Force Key Search Caesar Shift Non-shifted

     Substitution Frequency Analysis ~800 AD Homophonic Substitution Renaissance Poly-alphabetic Substitution Le Chiffre Indéchiffrable ~1550 AD Assembly-line Frequency Analysis ~1700’s Industrial Babbage Frequency Analysis ~1800’s

121. Electric Telegraphs • Buried underground or suspended overhead • 1844

     60km wire between Baltimore & Washington DC

122. How can you represent letters and words as electrical signals?

123. Morse Code: “Encoding” not “Encryption”

124. I.e., this is still “plaintext”

125. Radio, 1899-1901 • 3,000 km from Cornwall to to Newfoundland

     • Transatlantic communication • Instant military commands • All messages reach enemy too • Increases need for encryption

126. Enigma: Electrical Encryption • Arthur Scherbius, 1918 • Mass Production

     in 1925 CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=497329

127. Input Keyboard Rotors Output Lampboard

128. By User:RadioFan, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=30719651

129. By MesserWoland - Own work based on Image:Enigma-action.pnj by Jeanot;

     original diagram by Matt Crypto, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=1794494

130. 3 rotors of 26 wirings 26 x 26 x 26

     = 17,576 Cipher Alphabets

131. 17,576 orientations x 6 arrangements = 105,456 Cipher Alphabets

132. 105,456 possible keys • A new key was used every

     day • Assume 1 orientation check per minute • (Just type ciphertext and look at plaintext) • 96 enigma machines = .75 days to crack

133. Plugboard By Bob Lord - German Enigma Machine, uploaded in

     english wikipedia on 16. Feb. 2005 by en:User:Matt Crypto, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=258976 Swap up to 6 of 26 letters

134. 100,391,791,500 Plugboard Settings

135. 10,586,916,711,696 (10 trillion) Total Possible Keys

136. 10,586,916,711,696 possible keys • At 1 check per minute: •

     38,291,799 enigma machines = 1 day to crack

137. Message Keys • Using day key, send a message rotor

     orientation first. E.g., A, S, D • Send it at the beginning, twice for integrity. E.g., ‘asdasd’ = QWERTY • Receiver types QWERTY, sees ‘asdasd’ • Re-orients their rotors to A, S, D for the rest of the message • Minimizes amount of ciphertext created by day key

138. Note • Remember this concept of “message keys” … we’ll

     see it again when we get to “session keys” in HTTPS

139. Is cracking Enigma possible? • At 1 check per minute:

     • 38,291,799 enigma machines = 1 day to crack A SINGLE MESSAGE!

140. Ancient Steganography, Scytale Brute Force Key Search Caesar Shift Non-shifted

     Substitution Frequency Analysis ~800 AD Homophonic Substitution Renaissance Poly-alphabetic Substitution Le Chiffre Indéchiffrable Assembly-line Frequency Analysis Industrial Babbage Frequency Analysis One-Time Pad Enigma ~1925

141. Cracking Enigma

142. Polish Biuro Szyfrów • Established after WWI to protect Poland

     from Russian & Germany • Received photographs of Enigma instruction manual from French espionage • Deduced rotor wirings • Usage of codebook A. Jankowski "Warszawa" Publisher:Wydawnictwo Polskie, Poznań, Public Domain, https://commons.wikimedia.org/w/index.php?curid=1514113

143. Marian Rejewski By Unknown - Rejewski's daughter's private archive, CC

     BY-SA 2.5, https://commons.wikimedia.org/w/index.php?curid=216461

144. Found “chain” cycles in the first 6 letters 4th Letter:

     FQHPLWOGBMVRXUYCZITNJEASDK 1st Letter: ABCDEFGHIJKLMNOPQRSTUVWXYZ 3 links: A-F-W-A

145. Found “chain” loops in the first 6 letters 4th Letter:

     FQHPLWOGBMVRXUYCZITNJEASDK 1st Letter: ABCDEFGHIJKLMNOPQRSTUVWXYZ 7 links: C-H-G-O-Y-D-P-C

146. Marian Rejewski • Realized the # links in the chain

     were only caused by the rotors • Could try to break the 105,456 possible rotor settings, not all 10,000,000,000,000,000 possible day keys • 100,000,000,000 times easier By Unknown - Rejewski's daughter's private archive, CC BY-SA 2.5, https://commons.wikimedia.org/w/index.php?curid=216461

147. Cyclometer • Team checked each of 105,456 possible settings on

     replica Enigma machines and recorded which chains were generated by each rotor setting • Took 1 year to complete • Could look up rotor settings by chains found in first 6 letters of ciphertext http://www.cryptomuseum.com/crypto/cyclometer/index.htm

148. Cyclometer created the first “Rainbow Table” for looking up cryptographic

     keys

149. How to find the plugboard settings out of 100,391,791,500? •

     Plugboard: Un-plug all • Rotor Arrangement: III, I, II • Initial Rotor Orientations: Q, C, W • Type in ciphertext, see: • “rettew” • Swap R/W = Wetter (weather)

150. Polish Cryptographic Bombs • 6 machines for the 6 possible

     rotor arrangements • Each with 6 full Enigma rotor sets at top for the 6 characters of the repeated message key • Given a number of “females” to find, Bomba could recover settings in less than 2 hours

151. British Bombes • 36 rotors arrange in 3 banks of

     12 • 210 bombes by the end of the war • Operated by 2,000 members of Women’s Royal Navy Service

152. Alan Turing • Enigma operators were supposed to use separate

     message keys • Many were lazy, and the same operator used the same message key every time • Re-using keys created more cipher text with the same key • Messages like the daily weather report always had the same plain text letters in the same positions

153. Colossus • Inspired by Turings ideas and his bombe •

     1,500 electronic valves - faster than electromechanical relay switches • Programmable - first computers?

154. Ancient Steganography, Scytale Brute Force Key Search Caesar Shift Non-shifted

     Substitution Frequency Analysis ~800 AD Homophonic Substitution Renaissance Poly-alphabetic Substitution Le Chiffre Indéchiffrable Assembly-line Frequency Analysis Industrial Babbage Frequency Analysis Enigma ~1925 Colossus Mark 1 1943 Computer

155. Computer Cryptography

156. In the early days of computing, electrical signals were much

     harder to measure and control precisely It made more sense to only distinguish between an “on” state and an “off” state

157. SOS

158. SOS 83 79 83

159. 83 79 83 1010011 1001111 1010011 1 1 1 1

     1 1 1 1 1 64 + 16 + 2 + 1 = 83 1 1 1 1 64 + 16 + 2 + 1 = 83 64 + 8 + 4 + 2 + 1 = 79

160. SOS 83 79 83 1010011 1001111 1010011

161. In Binary, we encrypt at the level of 1’s and

     0’s

162. Bitwise anagram For example, consider this short sentence. 01000110011011110111001000100000011001010111100001100001011011010111000001101100011001010010110000100000011000110 11011110110111001110011011010010110010001100101011100100010000001110100011010000110100101110011001000000111001101

     101000011011110111001001110100001000000111001101100101011011100111010001100101011011100110001101100101 “Bitwise” rail fence cipher with 2 rails 00010111010101000100011001000110010001100100011001000101011101110101011001000100010101000100011001100101010001010 11001110101010001000101010001110100010001110101010010101011110000001011110010011011110010101011001000001001101110 101101100110101011110000001110100010011101000011011000101111001110000011011011101011101011101010011011

163. Bitwise substitution: XOR The XOR operator outputs a 1 whenever

     the inputs do not match, which occurs when one of the two inputs is exclusively true 0 XOR 0 = 0 0 XOR 1 = 1 1 XOR 0 = 1 1 XOR 1 = 0

164. Bitwise substitution: XOR For example, consider this short sentence. 01000110011011110111001000100000011001010111100001100001011011010111000001101100011001010010110000100000011000110

     11011110110111001110011011010010110010001100101011100100010000001110100011010000110100101110011001000000111001101 101000011011110111001001110100001000000111001101100101011011100111010001100101011011100110001101100101 Key: “Julius Caesar” 01001010011101010110110001101001011101010111001100100000010000110110000101100101011100110110000101110010 Output 10001100110111101110010001000000110010101111000011000010110110101110000011011000110010100101100001000000110001101 10111101101110011100110110100101100100011001010111001000100000011101000110100001101001011100110010000001110011001 00010000110100001111000011101010101010000000001000101001011010001010100000000000111010000001000010111

165. Bitwise substitution: XOR For example, consider this short sentence. 010001100110111101110010001000000110010101111000011000010110110101110000011011000110010100101100001000000110001101

     101111011011100111001101101001011001000110010101110010001000000111010001101000011010010111001100100000011100110110 1000011011110111001001110100001000000111001101100101011011100111010001100101011011100110001101100101 Key: “random” 1|0’s length of plaintext 000000111010001101000011010010111001100100000011100110110100001101111011100100111010000100000011100110110010101101 110011101000110010101101110011000110110010101000110011011110111001000100000011001010111100001100001011011010111000 0011011000110010100101100001000000110001101101111011011100111001101101001011001000110010101110010001 Output 100011001101111011100100010000001100101011110000110000101101101011100000110110001100101001011000010000001100011011 011110110111001110011011010010110010001100101011100100010000001110100011010000110100101110011001000000111001100100 010000110100001111000011101010101010000000001000101001011010001010100000000000111010000001000010111
166. None
167. None

168. Bitwise substitution: XOR For example, consider this short sentence. 010001100110111101110010001000000110010101111000011000010110110101110000011011000110010100101100001000000110001101

     101111011011100111001101101001011001000110010101110010001000000111010001101000011010010111001100100000011100110110 1000011011110111001001110100001000000111001101100101011011100111010001100101011011100110001101100101 Key: “random” 1|0’s length of plaintext 000000111010001101000011010010111001100100000011100110110100001101111011100100111010000100000011100110110010101101 110011101000110010101101110011000110110010101000110011011110111001000100000011001010111100001100001011011010111000 0011011000110010100101100001000000110001101101111011011100111001101101001011001000110010101110010001 Output 100011001101111011100100010000001100101011110000110000101101101011100000110110001100101001011000010000001100011011 011110110111001110011011010010110010001100101011100100010000001110100011010000110100101110011001000000111001100100 010000110100001111000011101010101010000000001000101001011010001010100000000000111010000001000010111

169. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation

170. Attribution, https://commons.wikimedia.org/w/index.php?curid=828161

171. Horst Feistel 1971: Published “Lucifer” cipher for computer encryption First(?)

     Block Cipher
172. None

173. XOR S-box Permutation

174. SP Network

175. Lucifer Cipher: “block” cipher Break message into 128-bit blocks 128-bit

     key 16 rounds: Break block in half the f-function is calculated using that round's subkey and the left half of the block. The result is then XORed to the right half of the block, which is the only part of the block altered for that round. After every round except the last one, the right and left halves of the block are swapped.

176. 256 bit message (in ASCII) 01010100011010000110010100100000010101010101001101000001001000000100111001010011 01000001001000000111001101110100011011110111001001100101011100110010000001111001 01101111011101010111001000100000011101000111011101100101011001010111010001110011 0010000100100001

177. Break into 128-bit blocks 01010100011010000110010100100000010101010101001101000001001000000100111001010011010000010010000001110011011101000110111101110010 01100101011100110010000001111001011011110111010101110010001000000111010001110111011001010110010101110100011100110010000100100001 The USA NSA stor

     es your tweets!!

178. Generate 128-bit key awesomepassword! 01100001011101110110010101110011011011110110110101100101011100000110000101110011011100110111011101101111011100100110010000100001

179. Break block in half 01010100011010000110010100100000010101010101001101000001 The USA NSA stor 0100111001010011010000010010000001110011011101000110111101110010

180. Generate 72-bit sub-key awesomepassword! 01100001011101110110010101110011011011110110110101100101011100000110000101110011011100110111011101101111011100100110010000100001 a a 01100001 01100001 wesomep

     01110111011001010111001101101111011011010110010101110000

181. Rotate key left 7 bytes password!awesome 01110000011000010111001101110011011101110110111101110010011001000010000101100001011101110110010101110011011011110110110101100101 7 bytes

182. …

183. None
184. None

185. youtube.com/user/Computerphile

186. Data Encryption Standard (DES) 1977 Lucifer with 56-bit keys So

     the NSA could brute force keys if they “needed” to

187. Ancient Steganography, Scytale Brute Force Key Search Caesar Shift Non-shifted

     Substitution Frequency Analysis Homophonic Substitution Renaissance Poly-alphabetic Substitution Le Chiffre Indéchiffrable Assembly-line Frequency Analysis Industrial Babbage Frequency Analysis One-Time Pad Enigma Cryptanalytic “Bombs”: Polish, British, US Lucifer, DES 1971-1977 Computer

188. How hard is it to find a binary 56-bit key?

189. 1001101010011010100110101001 1010100110101001101010011010 Unique Possible Permutations 256 72,057,594,037,927,936 72 quadrillion (million

     billion) In 1976, estimated to cost $20M to build a computer to crack such a key Affordable to the NSA

190. DES 1971-1977 Computer- powered Brute Force Key Search

191. By Max Roser - https://ourworldindata.org/uploads/2019/05/Transistor-Count-over-time-to-2018.png, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=79751151

192. 1100110101001101010011010100 1101010011010100110101001101 0 Unique Possible Permutations 256 72,057,594,037,927,936 72 quadrillion

     (million billion) 257 144,115,188,075,855,870 144 quadrillion (million billion)

193. DES 1971-1977 Computer-powered Brute Force Key Search Moore’s Law

194. 3DES EDE: DES: Encrypt, Decrypt, Encrypt https://www.researchgate.net/figure/Flowchart-of-3DES-encryption-and-decryption-algorithm-40_fig4_322277374

195. TLS Cipher Suites in Windows 11 https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-11

196. 3DES EDE: DES: Encrypt, Decrypt, Encrypt https://www.researchgate.net/figure/Flowchart-of-3DES-encryption-and-decryption-algorithm-40_fig4_322277374

197. What about messages that are longer than the key?

198. Block cipher mode of operation

199. Electronic Codebook (ECB) https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation

200. Cipher Block Chaining (CBC) https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation

201. Attribution, https://commons.wikimedia.org/w/index.php?curid=828161

202. DES Computer-powered Brute Force Key Search Moore’s Law 3DES +

     CBC

203. The forever problem of cryptography: Key distribution

204. Banks literally flew people around with code-books of keys

205. We need a way to communicate secret keys over non-secret

     channels.

206. Whitfield Diffie Stanford AI Lab 1974

207. Martin Hellman IBM Watson Research Center 1968-1969

208. New Directions in Cryptography Published 1976

209. Alice, Bob, and Eve Alice and Bob need to communicate

     securely They need to share a secret They only have public channels between them “Eve is always eavesdropping” How can they share a secret without sharing it with Eve?

210. Diffie-Hellman Key Establishment

211. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-1

212. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-1

213. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-1

214. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-1 + ____ ____ +

215. The key can be anything that can encode to 1’s

     and 0’s So, anything … like a number.

216. Diffie-Hellman Algorithms Modular arithmetic Elliptic Curves Supersingular Isogeny (Quantum-resistant)

217. Public Key Cryptography!

218. Diffie-Hellman Key Establishment 3DES +

219. None

220. DES Computer-powered Brute Force Key Search Moore’s Law 1970+ 3DES

     + CBC DH + 3DES + CBC 1976
221. None
222. None

223. Use Diffie-Hellman Exchange to make a key … … for

     Triple-DES … … with Cipher Block Chaining mode. … Encrypt-Decrypt-Encrypt …

224. What’s RSA?

225. Diffie-Hellman makes a new key between every 2 people! https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/intro-to-rsa-encryption

226. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/intro-to-rsa-encryption

227. Clifford Cox 1971 Trap Door One-way Function By Royal Society

     uploader - Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=43268163

228. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/intro-to-rsa-encryption

229. The “e” means encrypt! “d” is for decrypt! https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/intro-to-rsa-encryption

230. Ron Rivest, Adi Shamir, Leonard Adelman

231. RSA signature

232. DES Computer-powered Brute Force Key Search Moore’s Law 1970+ 3DES

     + CBC DH/RSA + 3DES + CBC 1976-1981

233. Public Key Certificates https://www.youtube.com/watch?v=704dudhA7UI Alice's Alice's Alice's

234. DES Computer-powered Brute Force Key Search Moore’s Law 1970-Present 3DES

     + CBC DH/RSA 3DES CBC Certificate Authorities 1995-Present
235. None

236. Look! The public exponent and modulus!

237. Another RSA public exponent and modulus

238. None
239. None

240. DES Computer-powered Brute Force Key Search Moore’s Law 3DES +

     CBC DH/RSA + 3DES + CBC Code-breaking: PKI, implementation, protocol attacks 1995 - Present Code-making: PKI (Certificate Authorities), AES, Elliptic Curves 1995-Present

241. Don’t invent your own crypto: use mature and popular libraries

242. Mind your keys

243. None
244. None

245. Questions? Scytale Caesar Cipher Unshifted cipher Frequency Analysis Poly-alphabetic cipher

     Vigenere Square Enigma Lucifer/DES Modes of Encryption Diffie-Hellman (Math?) RSA (Math?) Quantum speakerdeck.com/groovecoder
246. None
247. None
248. None
249. None
250. None
251. None

252. DES Computer-powered Brute Force Key Search Moore’s Law 1970-Present 3DES

     + CBC DH/RSA 3DES CBC Certificate Authorities 1995-Present
253. None
254. None

255. 255

256. None
257. None
258. None
259. None
260. None
261. None
262. None
263. None

264. And in MATH! , we have some 1-way functions!

265. Modular Arithmetic aka “Clock” arithmetic https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/discrete-logarithm-problem

266. To find 46 mod 12 … https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/discrete-logarithm-problem

267. Wrap a cord 46 “hours” long around a 12-hour clock

     … … and it ends on 10

268. Easy to perform … 46 mod 12 is “congruent” to

     10 generator Modulus

269. ? mod 12 ≡ 10 … hard to reverse

270. ? mod 12 ≡ 10 22 mod 12 ≡ 10

     34 mod 12 ≡ 10 46 mod 12 ≡ 10 58 mod 12 ≡ 10 70 mod 12 ≡ 10 .. mod 12 ≡ 10 … impossible to reverse!

271. … impossible for recipient too!

272. Alice picks an exponent https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2 Prime Modulus “n” generator “g”

273. Alice keeps her exponent secret https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2 Prime Modulus “n” generator

     “g”

274. “Discrete Logarithm” problem https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2

275. “Discrete Logarithm” problem Have to resort to “brute force” guessing

     the exponent

276. For small numbers, it’s easy, but not for a large

     prime modulus. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2

277. How can we turn that single exponent secret into 2

     secrets?

278. “Commutative” Arithmetic: Order of operands doesn’t matter 3 + 5

     5 + 3 = = 8 3 * 5 = = 15 5 * 3

279. “Commutative” Arithmetic: Order of operands doesn’t matter 323 332 =

     = 729 3 + 5 5 + 3 = = 8 3 * 5 = = 15 5 * 3

280. Alice and Bob publicly agree on a generator and prime

     modulus https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2

281. Alice picks a private number, and sends the result to

     Bob https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2

282. Bob picks a private number, and sends the result to

     Alice https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2

283. Now the cool part … https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2

284. Alice raises Bob’s result to her private exponent and gets

     10

285. Bob raises Alice’s mixture to his private exponent and also

     gets 10!

286. Because their results were calculated from the shared public generator

     and prime modulus

287. So, they did the same calculation with exponents in different

     order, which doesn’t affect the result
288. None
289. None
290. None

291. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/intro-to-rsa-encryption

292. https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/intro-to-rsa-encryption

293. None
294. None
295. None
296. None
297. None
298. None

299. Bob's number

300. None
301. None