Modern Cryptography for Absolute Beginner

Transcript

1. Jeffrey Cohen @jeffcohen [email protected] Modern Cryptography for the absolute beginner

2. None
3. None

4. Alan Turing

5. None

6. Secret Writing Substitution Transposition Steganography Cryptography Code Cipher From "The

   Code Book," by Simon Singh. Doubleday, 1999

7. Cryptography is not Security

8. Cryptography There are two primary use cases for digital cryptography:

   • Verification • Secrecy

9. There are two uses cases for verification: • Message tampering

   • Authorship Cryptography

10. How can we verify that a message was transmitted perfectly

    without any accidental changes? Use Case: Message Tampering

11. Use Case: Parity Bits

12. C A T Content: Use Case: Parity Bits

13. 01000011 01000001 01010100 Content: Use Case: Parity Bits

14. 01000011 01000001 01010100 Even Parity: Content: 11000011 01000001 11010100 Use

    Case: Parity Bits

15. 01000011 01000001 01010100 Odd Parity: Content: 01000011 11000001 01010100 Use

    Case: Parity Bits

16. Check Digits

17. 1. Sum the digits in the odd-numbered positions, then multiply

    by 3. 2. Add the digits in the even-numbered positions to the previous result. 3. Divide by 10, and keep the remainder. 4. If the remainder is not 0, 
 subtract the remainder from 10. Check Digits

18. Data Verification Checksum Digest Hash Fingerprint MD5 SHA-1 SHA-256 bcrypt

    These are all synonyms!

19. Use Case: Password Security Password: bcrypt hash: swordfish $20A6@3AC194F02... Reversing

    this process is impossible.

20. Symmetric Encryption

21. Hello Symmetric Encryption

22. Hello Ifmmp "Advance by 1" Symmetric Encryption

23. Hello Ifmmp "Advance by 1" Symmetric Encryption

24. Hello Ifmmp Fortunately, this is reversible Symmetric Encryption

25. Hello Ifmmp Fortunately, this is reversible DES
 AES-256 Blowfish Symmetric

    Encryption

26. Hello Ifmmp But how do we transmit the key? Symmetric

    Encryption

27. Symmetric Encryption

28. Each key transforms data. They are called a pair because

    they mathematically exactly reverse the effect of the other key. Public Key Cryptography

29. One key is arbitrarily selected to be the public key,

    and the other will be the private key. Public Key Cryptography

30. Hello ?????? Public Key Cryptography

31. Hello x9dak Public Key Public Key Cryptography

32. Public Key Hello x9dak Private Key Public Key Cryptography

33. Mr. A Mr. B Use Case: Secret Message

34. Mr. A wants to send a secret message to Mr.

    B. Mr. A Mr. B Mr. B, Meet me at noon for lunch. Your friend, Mr. A Use Case: Secret Message

35. Mr. A Mr. B STEP 1: Mr. A encrypts the

    message with Mr. B's public key. Li%8aja^@*9cmakA P91&*C9Naxw8723h Yolq&6209CKn02K Mr. B, Meet me at noon for lunch. Your friend, Mr. A Use Case: Secret Message

36. Mr. A Mr. B STEP 2: Mr. B decrypts the

    message with Mr. B's private key. Li%8aja^@*9cmakA P91&*C9Naxw8723h Yolq&6209CKn02K Mr. B, Meet me at noon for lunch. Your friend, Mr. A Mr. B, Meet me at noon for lunch. Your friend, Mr. A Use Case: Secret Message

37. A1. Mr. A calculates the content's digest. A2. Mr. A

    encrypts the digest with his
 private key. This is the "wax seal".
 B1. Mr. B decrypts the digest value using
 Mr. A's public key. B2. Mr. B independently calculates the
 digest of the received content. B3. Mr. B expects the digests to match! Use Case: Authenticity

38. ssh-keygen -t rsa -b 4096 Wait a Minute!

39. ssh-keygen -t rsa -b 4096 Wait a Minute!

40. ssh-keygen -t rsa -b 4096 This won't work! RSA can

    only encrypt messages shorter than the "key length". Wait a Minute!

41. Wait a Minute! In reality, we use both! We use

    asymmetric cryptography to securely transmit a random symmetric key.

42. What's Next? Now: PKCS Soon: Elliptic-curve PKCS Future: Quantum implications?

43. Modern Cryptography for the absolute beginner Jeffrey Cohen @jeffcohen [email protected]