Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Alice & Bob: Public key cryptography 101 - Mail.ru techforum 2012

Joshua Thijssen
April 25, 2012
330

Alice & Bob: Public key cryptography 101 - Mail.ru techforum 2012

Joshua Thijssen

April 25, 2012
Tweet

Transcript

  1. Alice & Bob
    Mail.ru techforum - 24 april 2012
    Moskow - Russia
    Public key cryptography 101
    woensdag 25 april 12

    View full-size slide

  2. Joshua Thijssen / Netherlands
    Freelance consultant, developer and
    trainer @ NoxLogic / Techademy
    Development in PHP, Python, Perl,
    C, Java....
    Blog: http://adayinthelifeof.nl
    Email: [email protected]
    Twitter: @jaytaph
    2
    woensdag 25 april 12

    View full-size slide

  3. An introduction into public key cryptography
    3
    woensdag 25 april 12

    View full-size slide

  4. 4
    Without this there would be
    no internet as we know today
    (really)
    woensdag 25 april 12

    View full-size slide

  5. 5
    woensdag 25 april 12

    View full-size slide

  6. Meet Alice,
    5
    woensdag 25 april 12

    View full-size slide

  7. Meet Alice,
    and Bob.
    5
    Hi Bob!
    Hello Alice!
    woensdag 25 april 12

    View full-size slide

  8. “bad” encryption algorithms
    6
    http://www.flickr.com/photos/dpwk/1714014449/in/pool-1621478@N23/
    woensdag 25 april 12

    View full-size slide

  9. “algorithm”:
    A = 1, B = 2, C = 3, ...., Z = 26
    ‣ SUBSTITUTION SCHEME
    7
    woensdag 25 april 12

    View full-size slide

  10. ciphertext:
    19, 5, 3, 18, 5, 20
    “algorithm”:
    A = 1, B = 2, C = 3, ...., Z = 26
    ‣ SUBSTITUTION SCHEME
    7
    woensdag 25 april 12

    View full-size slide

  11. ciphertext:
    19, 5, 3, 18, 5, 20
    “algorithm”:
    A = 1, B = 2, C = 3, ...., Z = 26
    =
    S E C R E T
    ‣ SUBSTITUTION SCHEME
    7
    woensdag 25 april 12

    View full-size slide

  12. 8
    ‣ SUBSTITUTION SCHEME
    woensdag 25 april 12

    View full-size slide

  13. 8
    ciphertext:
    
    ‣ SUBSTITUTION SCHEME
    woensdag 25 april 12

    View full-size slide

  14. 8
    ciphertext:
    
    =
    W I N G D I N G S
    ‣ SUBSTITUTION SCHEME
    woensdag 25 april 12

    View full-size slide

  15. “algorithm”:
    c = m + k mod 26
    ‣ CAESARIAN CIPHER or CAESARIAN SHIFT
    9
    http://upload.wikimedia.org/wikipedia/commons/thumb/2/2b/Caesar3.svg
    woensdag 25 april 12

    View full-size slide

  16. “algorithm”:
    c = m + k mod 26
    ‣ CAESARIAN CIPHER or CAESARIAN SHIFT
    9
    Message: C O D E
    http://upload.wikimedia.org/wikipedia/commons/thumb/2/2b/Caesar3.svg
    woensdag 25 april 12

    View full-size slide

  17. “algorithm”:
    c = m + k mod 26
    ‣ CAESARIAN CIPHER or CAESARIAN SHIFT
    9
    Message: C O D E
    Ciphertext (key=1): D P E F
    http://upload.wikimedia.org/wikipedia/commons/thumb/2/2b/Caesar3.svg
    woensdag 25 april 12

    View full-size slide

  18. “algorithm”:
    c = m + k mod 26
    ‣ CAESARIAN CIPHER or CAESARIAN SHIFT
    9
    Message: C O D E
    Ciphertext (key=1): D P E F
    Ciphertext (key=2): E Q F G
    http://upload.wikimedia.org/wikipedia/commons/thumb/2/2b/Caesar3.svg
    woensdag 25 april 12

    View full-size slide

  19. “algorithm”:
    c = m + k mod 26
    ‣ CAESARIAN CIPHER or CAESARIAN SHIFT
    9
    Message: C O D E
    Ciphertext (key=1): D P E F
    Ciphertext (key=2): E Q F G
    Ciphertext (key=-1): B M C D
    http://upload.wikimedia.org/wikipedia/commons/thumb/2/2b/Caesar3.svg
    woensdag 25 april 12

    View full-size slide

  20. “algorithm”:
    c = m + k mod 26
    ‣ CAESARIAN CIPHER or CAESARIAN SHIFT
    9
    Message: C O D E
    Ciphertext (key=1): D P E F
    Ciphertext (key=2): E Q F G
    Ciphertext (key=-1): B M C D
    Ciphertext (key=0): C O D E
    http://upload.wikimedia.org/wikipedia/commons/thumb/2/2b/Caesar3.svg
    woensdag 25 april 12

    View full-size slide

  21. “algorithm”:
    c = m + k mod 26
    ‣ CAESARIAN CIPHER or CAESARIAN SHIFT
    9
    Message: C O D E
    Ciphertext (key=1): D P E F
    Ciphertext (key=2): E Q F G
    Ciphertext (key=-1): B M C D
    Ciphertext (key=0): C O D E
    Ciphertext (key=26): C O D E
    http://upload.wikimedia.org/wikipedia/commons/thumb/2/2b/Caesar3.svg
    woensdag 25 april 12

    View full-size slide

  22. “algorithm”:
    c = m + k mod 26
    ‣ CAESARIAN CIPHER or CAESARIAN SHIFT
    9
    Message: C O D E
    Ciphertext (key=1): D P E F
    Ciphertext (key=2): E Q F G
    Ciphertext (key=-1): B M C D
    Ciphertext (key=0): C O D E
    Ciphertext (key=26): C O D E
    Ciphertext (key=52): C O D E
    http://upload.wikimedia.org/wikipedia/commons/thumb/2/2b/Caesar3.svg
    woensdag 25 april 12

    View full-size slide

  23. ‣ FLAWS IN THESE CIPHERS
    10
    woensdag 25 april 12

    View full-size slide

  24. ➡ Key is too easy to guess.
    ‣ FLAWS IN THESE CIPHERS
    10
    woensdag 25 april 12

    View full-size slide

  25. ➡ Key is too easy to guess.
    ➡ Key has to be send to Bob.
    ‣ FLAWS IN THESE CIPHERS
    10
    woensdag 25 april 12

    View full-size slide

  26. ➡ Key is too easy to guess.
    ➡ Key has to be send to Bob.
    ➡ Deterministic.
    ‣ FLAWS IN THESE CIPHERS
    10
    woensdag 25 april 12

    View full-size slide

  27. ➡ Key is too easy to guess.
    ➡ Key has to be send to Bob.
    ➡ Deterministic.
    ➡ Prone to frequency analysis.
    ‣ FLAWS IN THESE CIPHERS
    10
    woensdag 25 april 12

    View full-size slide

  28. 11
    woensdag 25 april 12

    View full-size slide

  29. ➡ The usage of every letter in the English (or
    any other language) can be represented by
    a percentage.
    11
    woensdag 25 april 12

    View full-size slide

  30. ➡ The usage of every letter in the English (or
    any other language) can be represented by
    a percentage.
    ➡ ‘E’ is used 12.7% of the times in english
    texts, the ‘Z’ only 0.074%.
    11
    woensdag 25 april 12

    View full-size slide

  31. ➡ The usage of every letter in the English (or
    any other language) can be represented by
    a percentage.
    ➡ ‘E’ is used 12.7% of the times in english
    texts, the ‘Z’ only 0.074%.
    ➡ ‘O’ is used 11.07% of the times in russian
    texts, the ‘Ъ’ only 0.02%.
    11
    woensdag 25 april 12

    View full-size slide

  32. http://www.gutenberg.org/cache/epub/14082/pg14082.txt
    Once upon a midnight dreary, while I pondered, weak and weary,
    Over many a quaint and curious volume of forgotten lore—
    While I nodded, nearly napping, suddenly there came a tapping,
    As of some one gently rapping—rapping at my chamber door.
    "'Tis some visitor," I muttered, "tapping at my chamber door—
    Only this and nothing more."
    12
    woensdag 25 april 12

    View full-size slide

  33. A small bit of text can result in differences, but still there are
    some letters we can deduce..
    ‣ “THE RAVEN”, FIRST PARAGRAPH
    13
    woensdag 25 april 12

    View full-size slide

  34. We can deduce almost all letters just without even CARING
    about the crypto algorithm used.
    ‣ “THE RAVEN”, ALL PARAGRAPHS
    14
    woensdag 25 april 12

    View full-size slide

  35. ‣ FLAWS IN THESE CIPHERS
    15
    woensdag 25 april 12

    View full-size slide

  36. ➡ Determinism and the ability to use
    frequency analysis are “bad things”
    ‣ FLAWS IN THESE CIPHERS
    15
    woensdag 25 april 12

    View full-size slide

  37. ‣ SYMMETRICAL ALGORITHMS
    16
    woensdag 25 april 12

    View full-size slide

  38. ➡ Previous examples were symmetrical encryptions.
    ‣ SYMMETRICAL ALGORITHMS
    16
    woensdag 25 april 12

    View full-size slide

  39. ➡ Previous examples were symmetrical encryptions.
    ➡ Same key is used for both encryption and decryption.
    ‣ SYMMETRICAL ALGORITHMS
    16
    woensdag 25 april 12

    View full-size slide

  40. ➡ Previous examples were symmetrical encryptions.
    ➡ Same key is used for both encryption and decryption.
    ➡ Good symmetrical encryptions: AES, Blowfish, (3)DES
    ‣ SYMMETRICAL ALGORITHMS
    16
    woensdag 25 april 12

    View full-size slide

  41. ‣ THE PROBLEM WITH SYMMETRICAL ALGORITHMS
    17
    woensdag 25 april 12

    View full-size slide

  42. How does Alice send over the key securely
    to Bob? Everybody’s listening!
    ‣ THE PROBLEM WITH SYMMETRICAL ALGORITHMS
    17
    woensdag 25 april 12

    View full-size slide

  43. Another encryption system:
    Asymmetrical encryption or public key encryption.
    18
    woensdag 25 april 12

    View full-size slide

  44. Two keys instead of one:
    public key - available for everybody.
    Can be published on your blog.
    private key - For your eyes only!
    19
    woensdag 25 april 12

    View full-size slide

  45. http://upload.wikimedia.org/wikipedia/commons/f/f9/Public_key_encryption.svg
    ‣ USES 2 KEYS INSTEAD OF ONE: A KEYPAIR
    20
    woensdag 25 april 12

    View full-size slide

  46. It is NOT possible to decrypt the message
    with same key that is used to encrypt.
    21
    woensdag 25 april 12

    View full-size slide

  47. Encrypt with public key:
    - only private key (thus Alice) can decrypt.
    - message is only for Alice = encryption
    22
    woensdag 25 april 12

    View full-size slide

  48. Encrypt with public key:
    - only private key (thus Alice) can decrypt.
    - message is only for Alice = encryption
    22
    Encrypt with private key:
    - only public key can decrypt.
    - message is guaranteed coming for Alice = signing
    woensdag 25 april 12

    View full-size slide

  49. Symmetrical
    ✓ quick.
    ✓ not resource intensive.
    ✓ useful for small and large
    messages.
    ✗ need to send over the key
    to the other side.
    Asymmetrical
    ✓ no need to send over the
    (whole) key.
    ✓ can be used for encryption
    and validation (signing).
    ✗ very resource intensive.
    ✗ only useful for small messages.
    23
    woensdag 25 april 12

    View full-size slide

  50. Use symmetrical encryption for the (large) message
    and encrypt the key used with an asymmetrical
    encryption method.
    24
    woensdag 25 april 12

    View full-size slide

  51. Hybrid
    ✓ quick
    ✓ not resource intensive
    ✓ useful for small and large messages
    ✓ safely exchange key data
    25
    woensdag 25 april 12

    View full-size slide

  52. +
    http://www.zastavki.com/pictures/1152x864/2008/Animals_Cats_Small_cat_005241_.jpg
    Hybrid
    ✓ quick
    ✓ not resource intensive
    ✓ useful for small and large messages
    ✓ safely exchange key data
    25
    woensdag 25 april 12

    View full-size slide

  53. But how does it work?
    26
    woensdag 25 april 12

    View full-size slide

  54. RSA
    27
    woensdag 25 april 12

    View full-size slide

  55. RSA
    Ron Rivest, Adi Shamir, Leonard Adleman
    27
    woensdag 25 april 12

    View full-size slide

  56. RSA
    Ron Rivest, Adi Shamir, Leonard Adleman
    27
    1978
    woensdag 25 april 12

    View full-size slide

  57. RSA
    Ron Rivest, Adi Shamir, Leonard Adleman
    27
    1978
    Pierre de Fermat, Leonard Euler
    17th - 18th century
    woensdag 25 april 12

    View full-size slide

  58. Public key encryption works on the premise that it
    is practically impossible to refactor a large number
    back into 2 separate prime numbers
    28
    woensdag 25 april 12

    View full-size slide

  59. Public key encryption works on the premise that it
    is practically impossible to refactor a large number
    back into 2 separate prime numbers
    Prime number is only divisible by 1 and
    itself: 2, 3, 5, 7, 11, 13, 17, 19 etc...
    28
    woensdag 25 april 12

    View full-size slide

  60. 29
    woensdag 25 april 12

    View full-size slide

  61. “large” number: 221
    29
    woensdag 25 april 12

    View full-size slide

  62. “large” number: 221
    but we cannot calculate its
    prime factors without brute force.
    There is no “formula” (like e=mc2)
    29
    woensdag 25 april 12

    View full-size slide

  63. “large” number: 221
    but we cannot calculate its
    prime factors without brute force.
    There is no “formula” (like e=mc2)
    (13 and 17)
    29
    woensdag 25 april 12

    View full-size slide

  64. 30
    woensdag 25 april 12

    View full-size slide

  65. ➡ There is no proof that it’s impossible to refactor
    quickly (all tough it doesn’t look plausible)
    30
    woensdag 25 april 12

    View full-size slide

  66. ➡ There is no proof that it’s impossible to refactor
    quickly (all tough it doesn’t look plausible)
    ➡ Brute-force decrypting is always lurking around
    (quicker machines, better algorithms).
    30
    woensdag 25 april 12

    View full-size slide

  67. 31
    The math
    behind the curtain
    woensdag 25 april 12

    View full-size slide

  68. 32
    woensdag 25 april 12

    View full-size slide

  69. 32
    ➡ p = (large) prime number
    woensdag 25 april 12

    View full-size slide

  70. 32
    ➡ p = (large) prime number
    ➡ q = (large) prime number (but not too close to p)
    woensdag 25 april 12

    View full-size slide

  71. 32
    ➡ p = (large) prime number
    ➡ q = (large) prime number (but not too close to p)
    ➡ n = p . q (bit length of the RSA key)
    woensdag 25 april 12

    View full-size slide

  72. 32
    ➡ p = (large) prime number
    ➡ q = (large) prime number (but not too close to p)
    ➡ n = p . q (bit length of the RSA key)
    ➡ φ = (p-1) . (q-1) (the φ thingie is called phi)
    woensdag 25 april 12

    View full-size slide

  73. 32
    ➡ p = (large) prime number
    ➡ q = (large) prime number (but not too close to p)
    ➡ n = p . q (bit length of the RSA key)
    ➡ φ = (p-1) . (q-1) (the φ thingie is called phi)
    ➡ e = gcd(e, φ) = 1
    woensdag 25 april 12

    View full-size slide

  74. 32
    ➡ p = (large) prime number
    ➡ q = (large) prime number (but not too close to p)
    ➡ n = p . q (bit length of the RSA key)
    ➡ φ = (p-1) . (q-1) (the φ thingie is called phi)
    ➡ e = gcd(e, φ) = 1
    ➡ d = (d . e) mod φ = 1
    woensdag 25 april 12

    View full-size slide

  75. Step 1: select primes P and Q
    ‣ P = ? | Q = ? | N = ? | Phi = ? | e = ? | d = ? 33
    woensdag 25 april 12

    View full-size slide

  76. Step 1: select primes P and Q
    ‣ P = 11
    ‣ P = ? | Q = ? | N = ? | Phi = ? | e = ? | d = ? 33
    woensdag 25 april 12

    View full-size slide

  77. Step 1: select primes P and Q
    ‣ P = 11
    ‣ Q = 3
    ‣ P = ? | Q = ? | N = ? | Phi = ? | e = ? | d = ? 33
    woensdag 25 april 12

    View full-size slide

  78. Step 2: calculate N and Phi
    ‣ P = 11 | Q = 3 | N = ? | Phi = ? | e = ? | d = ? 34
    woensdag 25 april 12

    View full-size slide

  79. ➡ N = P . Q = 11 . 3 = 33
    Step 2: calculate N and Phi
    ‣ P = 11 | Q = 3 | N = ? | Phi = ? | e = ? | d = ? 34
    woensdag 25 april 12

    View full-size slide

  80. ➡ N = P . Q = 11 . 3 = 33
    ➡ φ = (11-1) . (3-1) = 10 . 2 = 20
    Step 2: calculate N and Phi
    ‣ P = 11 | Q = 3 | N = ? | Phi = ? | e = ? | d = ? 34
    woensdag 25 april 12

    View full-size slide

  81. ➡ N = P . Q = 11 . 3 = 33
    ➡ φ = (11-1) . (3-1) = 10 . 2 = 20
    Step 2: calculate N and Phi
    ‣ P = 11 | Q = 3 | N = ? | Phi = ? | e = ? | d = ? 34
    33 decimal is 100001 in binary == 6 bit key
    woensdag 25 april 12

    View full-size slide

  82. ➡ N = P . Q = 11 . 3 = 33
    ➡ φ = (11-1) . (3-1) = 10 . 2 = 20
    Step 2: calculate N and Phi
    ‣ P = 11 | Q = 3 | N = ? | Phi = ? | e = ? | d = ? 34
    There are 20 co primes for 33 : φ(33) = 20
    33 decimal is 100001 in binary == 6 bit key
    woensdag 25 april 12

    View full-size slide

  83. Step 3: find e
    ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = ? | d = ? 35
    woensdag 25 april 12

    View full-size slide

  84. Step 3: find e
    ‣ e = 3
    ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = ? | d = ? 35
    woensdag 25 april 12

    View full-size slide

  85. Step 3: find e
    ‣ e = 3
    ‣ gcd(e, φ) = 1 ==> gcd(3, 20) = 1
    ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = ? | d = ? 35
    woensdag 25 april 12

    View full-size slide

  86. Step 3: find e
    ‣ e = 3
    ‣ gcd(e, φ) = 1 ==> gcd(3, 20) = 1
    ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = ? | d = ? 35
    Fermat number: 2 + 1
    2
    n
    woensdag 25 april 12

    View full-size slide

  87. Step 3: find e
    ‣ e = 3
    ‣ gcd(e, φ) = 1 ==> gcd(3, 20) = 1
    ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = ? | d = ? 35
    Fermat number: 2 + 1
    2
    n
    Fermat prime: Fermat that is prime: 3, 5, 17, 257, 65537
    Study shows that 98.5% of the time 65537 is used
    woensdag 25 april 12

    View full-size slide

  88. ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = 3 | d = ?
    Step 4: find d
    36
    woensdag 25 april 12

    View full-size slide

  89. ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = 3 | d = ?
    Step 4: find d
    ‣ Extended Euclidean Algorithm gives 7
    36
    woensdag 25 april 12

    View full-size slide

  90. ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = 3 | d = ?
    Step 4: find d
    ‣ Extended Euclidean Algorithm gives 7
    ‣ brute force: (e.d mod φ = 1)
    36
    woensdag 25 april 12

    View full-size slide

  91. ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = 3 | d = ?
    Step 4: find d
    ‣ Extended Euclidean Algorithm gives 7
    ‣ brute force: (e.d mod φ = 1)
    3 . 1 = 3 mod 20 = 3
    3 . 2 = 6 mod 20 = 6
    3 . 3 = 9 mod 20 = 9
    3 . 4 = 12 mod 20 = 12
    3 . 5 = 15 mod 20 = 15
    3 . 6 = 18 mod 20 = 18
    3 . 7 = 21 mod 20 = 1
    3 . 8 = 24 mod 20 = 4
    3 . 9 = 27 mod 20 = 7
    3.10 = 30 mod 20 = 10
    36
    woensdag 25 april 12

    View full-size slide

  92. ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = 3 | d = 7 37
    woensdag 25 april 12

    View full-size slide

  93. That’s it:
    ➡ public key = (n, e) = (33, 3)
    ➡ private key = (n, d) = (33, 7)
    ‣ P = 11 | Q = 3 | N = 33 | Phi = 20 | e = 3 | d = 7 37
    woensdag 25 april 12

    View full-size slide

  94. The actual math is much more complex since
    we use very large numbers, but it all comes
    down to these (relatively simple) calculations..
    38
    woensdag 25 april 12

    View full-size slide

  95. 39
    jthijssen@debian-jth:~$ openssl rsa -text -noout -in server.key
    woensdag 25 april 12

    View full-size slide

  96. 39
    jthijssen@debian-jth:~$ openssl rsa -text -noout -in server.key
    Private-Key: (256 bit)
    modulus:
    00:c2:d0:c4:1f:6f:78:16:82:d1:0c:dd:5a:af:de:f2:ff:31:c6:
    9b:3b:9f:e8:24:2a:5c:06:56:ea:d7:7c:c6:19
    publicExponent: 65537 (0x10001)
    privateExponent:
    22:8f:fd:2b:82:90:30:96:36:d6:6c:73:09:5e:a9:87:73:6e:
    2d:d4:d5:78:fc:3b:20:ea:0d:02:e5:2b:cb:3d
    prime1:
    00:f0:49:fd:91:18:01:53:92:8f:87:d7:2b:c8:19:7d:17
    prime2:
    00:cf:8d:a1:3b:93:af:61:77:8f:c9:8f:1d:aa:8d:b4:4f
    exponent1:
    00:e1:d8:c9:89:bc:84:52:a6:a8:5d:47:32:91:6a:d3:95
    exponent2:
    5a:88:b1:fa:d5:d9:db:8f:16:a6:5a:0a:1b:ba:42:1b
    coefficient:
    00:99:fa:de:80:d4:ee:f3:69:59:e5:8a:72:ad:e5:30:3d
    woensdag 25 april 12

    View full-size slide

  97. 39
    jthijssen@debian-jth:~$ openssl rsa -text -noout -in server.key
    n
    e
    d
    p
    q
    d mod (p-1)
    e mod (q-1)
    (inverse q) mod p
    Private-Key: (256 bit)
    modulus:
    00:c2:d0:c4:1f:6f:78:16:82:d1:0c:dd:5a:af:de:f2:ff:31:c6:
    9b:3b:9f:e8:24:2a:5c:06:56:ea:d7:7c:c6:19
    publicExponent: 65537 (0x10001)
    privateExponent:
    22:8f:fd:2b:82:90:30:96:36:d6:6c:73:09:5e:a9:87:73:6e:
    2d:d4:d5:78:fc:3b:20:ea:0d:02:e5:2b:cb:3d
    prime1:
    00:f0:49:fd:91:18:01:53:92:8f:87:d7:2b:c8:19:7d:17
    prime2:
    00:cf:8d:a1:3b:93:af:61:77:8f:c9:8f:1d:aa:8d:b4:4f
    exponent1:
    00:e1:d8:c9:89:bc:84:52:a6:a8:5d:47:32:91:6a:d3:95
    exponent2:
    5a:88:b1:fa:d5:d9:db:8f:16:a6:5a:0a:1b:ba:42:1b
    coefficient:
    00:99:fa:de:80:d4:ee:f3:69:59:e5:8a:72:ad:e5:30:3d
    woensdag 25 april 12

    View full-size slide

  98. Encrypting a message:
    c = me mod n
    Decrypting a message:
    m = cd mod n
    40
    woensdag 25 april 12

    View full-size slide

  99. Encrypting a message: private key = (n,d) = (33, 7):
    Decrypting a message: public key = (n,e) = (33, 3):
    m = 13, 20, 15, 5
    13^7 mod 33 = 7
    20^7 mod 33 = 26
    15^7 mod 33 = 27
    5^7 mod 33 = 14
    c = 7, 26, 27,14
    41
    woensdag 25 april 12

    View full-size slide

  100. Encrypting a message: private key = (n,d) = (33, 7):
    Decrypting a message: public key = (n,e) = (33, 3):
    m = 13, 20, 15, 5
    13^7 mod 33 = 7
    20^7 mod 33 = 26
    15^7 mod 33 = 27
    5^7 mod 33 = 14
    c = 7, 26, 27,14
    41
    c = 7, 26, 27,14
    7^3 mod 33 = 13
    26^3 mod 33 = 20
    27^3 mod 33 = 15
    14^3 mod 33 =5
    m = 13, 20, 15, 5
    woensdag 25 april 12

    View full-size slide

  101. 42
    woensdag 25 april 12

    View full-size slide

  102. ➡ A message is an “integer”
    42
    woensdag 25 april 12

    View full-size slide

  103. ➡ A message is an “integer”
    ➡ A message must be between 2 and n-1.
    42
    woensdag 25 april 12

    View full-size slide

  104. ➡ A message is an “integer”
    ➡ A message must be between 2 and n-1.
    ➡ Deterministic, so we must use a padding
    scheme to make it non-deterministic.
    42
    woensdag 25 april 12

    View full-size slide

  105. 43
    woensdag 25 april 12

    View full-size slide

  106. ➡ Public Key Cryptography Standard #1
    43
    woensdag 25 april 12

    View full-size slide

  107. ➡ Public Key Cryptography Standard #1
    ➡ Pads data with (random) bytes up to n bits
    in length (v1.5 or OAEP/v2.x).
    43
    woensdag 25 april 12

    View full-size slide

  108. ➡ Public Key Cryptography Standard #1
    ➡ Pads data with (random) bytes up to n bits
    in length (v1.5 or OAEP/v2.x).
    ➡ Got it flaws and weaknesses too. Always
    use the latest available version (v2.1)
    43
    woensdag 25 april 12

    View full-size slide

  109. Data = 4E636AF98E40F3ADCFCCB698F4E80B9F
    The encoded message block, EMB, after encoding but before encryption, with random
    padding bytes shown in green:
    0002257F48FD1F1793B7E5E02306F2D3228F5C95ADF5F31566729F132AA12009
    E3FC9B2B475CD6944EF191E3F59545E671E474B555799FE3756099F044964038
    B16B2148E9A2F9C6F44BB5C52E3C6C8061CF694145FAFDB24402AD1819EACEDF
    4A36C6E4D2CD8FC1D62E5A1268F496004E636AF98E40F3ADCFCCB698F4E80B9F
    After RSA encryption, the output is:
    3D2AB25B1EB667A40F504CC4D778EC399A899C8790EDECEF062CD739492C9CE5
    8B92B9ECF32AF4AAC7A61EAEC346449891F49A722378E008EFF0B0A8DBC6E621
    EDC90CEC64CF34C640F5B36C48EE9322808AF8F4A0212B28715C76F3CB99AC7E
    609787ADCE055839829E0142C44B676D218111FFE69F9D41424E177CBA3A435B
    http://www.di-mgt.com.au/rsa_alg.html#pkcs1schemes 44
    woensdag 25 april 12

    View full-size slide

  110. 45
    Some words of wisdom:
    (free of charge)
    woensdag 25 april 12

    View full-size slide

  111. 46
    woensdag 25 april 12

    View full-size slide

  112. ➡ Don’t “invent” your own encryption. It will
    NOT be secure, and it WILL fail.
    46
    woensdag 25 april 12

    View full-size slide

  113. ➡ Don’t “invent” your own encryption. It will
    NOT be secure, and it WILL fail.
    ➡ Encryption is as strong as the weakest link,
    which 9 out of 10 times will be you.
    46
    woensdag 25 april 12

    View full-size slide

  114. ➡ Don’t “invent” your own encryption. It will
    NOT be secure, and it WILL fail.
    ➡ Encryption is as strong as the weakest link,
    which 9 out of 10 times will be you.
    ➡ Encryptions evolve. Do not use today what
    you used 10 years ago.
    46
    woensdag 25 april 12

    View full-size slide

  115. ➡ Don’t “invent” your own encryption. It will
    NOT be secure, and it WILL fail.
    ➡ Encryption is as strong as the weakest link,
    which 9 out of 10 times will be you.
    ➡ Encryptions evolve. Do not use today what
    you used 10 years ago.
    ➡ Every encryption will become obsolete!
    46
    woensdag 25 april 12

    View full-size slide

  116. ➡ Don’t “invent” your own encryption. It will
    NOT be secure, and it WILL fail.
    ➡ Encryption is as strong as the weakest link,
    which 9 out of 10 times will be you.
    ➡ Encryptions evolve. Do not use today what
    you used 10 years ago.
    ➡ Every encryption will become obsolete!
    ➡ Always follow the best practices.
    46
    woensdag 25 april 12

    View full-size slide

  117. http://farm1.static.flickr.com/73/163450213_18478d3aa6_d.jpg
    Questions?
    47
    woensdag 25 april 12

    View full-size slide

  118. Thank you
    48
    Find me on twitter: @jaytaph
    Find me for development and training: www.noxlogic.nl
    Find me on email: [email protected]
    Find me for blogs: www.adayinthelifeof.nl
    http://xkcd.com/153/
    woensdag 25 april 12

    View full-size slide