Cryptography
sb230529
CH08.pptxChapter 8 Secret and Public Keys
Chapter 8 Overview
Managing and using secret keys
Wrapping techniques for secret keys
Detecting errors and protecting file integrity
Public-key cryptography and, briefly, quantum cryptography
Public-key techniques for signing data and wrapping keys
Public-key certificates
The Key Management Challenges
Instead of protecting a lot of secret data, we “only” need to protect (smaller) secret keys
Three challenges
Share keys with the right people
Choose keys an attacker can't guess
Handle keys so attackers can't intercept them or guess them
Cryptonet = set of people or devices that all share the same secret key – transitive trust
Rekeying – Changing “Old” Keys
The more data we encrypt, the more vulnerable our keys become to cryptanalysis
We rekey periodically to reduce the risk
Cryptoperiod = a key's “safe” lifetime
Typical recommendation: 2 years for a rarely used key
Change a heavily used key as often as is practical
A trade-off between performance and safety
How Do We Distribute a Key?
Person-to-person
Safe, but inefficient
Options
Exchange keys verbally if memorized
Exchange on paper
We must now protect the paper!
Exchange electronically – save this for later
How do we prevent sniffing or interception?
How do we prevent undesired copies?
Crypto Keys in Text Format
Practical for encrypting shared files
Practical to exchange verbally or on paper
Practical to memorize in some cases
How do we convert a text phrase into bits?
Digital encryption algorithms work on bits
Keys are bits
Passphrase as Key: Simple Case
Passphrase as Key: Better Case
Checklist for key handling
Use either passwords or passphrases
Allow really long passphrases
Use the entropy of the entire passphrase
Preserve entropy
Erase the passphrase ASAP after use
Let the user keep the passphrase available
Don't put passphrase on the hard drive unless it's encrypted
Suppress echo
Permit echo if chosen by the user
Use an internal key for only one file
Key Strength
Remember Chapter 6: A longer secret with a larger choice of characters = greater entropy
Greater entropy = larger search space
Larger search space = harder to attack
Memorization trade-offs
It's hard to remember unusual capitalizations, misspellings, or character substitutions
Mississippi, mIssiss1ppi, missIss1ppi, …
It may be easier to remember a longer phrase with conventional syntax
The Reused Key Stream Problem
Courtesy of Dr. Richard Smith
Xor Removes the Duplicate Keystream
Courtesy of Dr. Richard Smith
The Duplicate Keystream
Real-life examples
Soviet spies reused one-time pad keystreams after World War II, and the US cracked many of the messages (the Venona Project)
The PPTP encryption protocol reused a secret key, which yielded a duplicate keystream
How to fix it
Ensure that separate messages use separate keystreams = separate keys in stream ciphers
Using a Nonce
Key Wrapping: A Building Block
Key Splitting – Simplified Wrapping
Separation of Duty: A Principle
Dividing up a task so that it requires two or more people to do it
Reduces risks because a malicious worker will need the others to cooperate
Business example: Dual signature checks
One person writes the check and signs it, but a second person must approve it and sign
Military example: Launching nuclear missiles
Requires two separate individuals to verify the order and to cooperate in the launching
DVD Key Handling
Public-Key Cryptography
Techniques to share secret information without sharing a secret ahead of time
Classic techniques named for their inventors:
Diffie-Hellman (D-H)
Constructs a shared secret from information shared in public
Rivest-Shamir-Adleman (RSA)
Encrypt data readable only by the recipient
Verify that a particular sender encrypted (“signed”) a particular message
Public and Private Keys
Users don't need to share secret information, except temporarily.
Create a shared secret key, use it for one transaction, and then discard it
Reduces risk of cryptanalysis
Public/private key belongs to a single entity
Public keys can be shared with attackers
Private keys are kept secret by the owner
Solves many key distribution problems
Introduces problems of its own
Constructing a Key Pair
Diffie-Hellman Secret Sharing
Elliptic Curve Cryptography
Similar to Diffie-Hellman
Can calculate a shared secret
Uses elliptic curve computations:
(y2 = x2 + ax + b)(mod p)
Smaller key sizes for effective security
Elliptic curve key is 2–3x larger than a secret key yielding a comparable search space
Smaller keys = more efficient computation
Quantum Theory and Cryptography
Quantum key distribution
Applies Heisenberg's Uncertainty Principle to detect eavesdropping
Demonstrated using satellite communications
Quantum cryptanalysis
Schor's algorithm factors very large numbers
A large quantum computer could attack current public-key crypto techniques
Post-quantum crypto research seeks techniques to resist quantum computer-based attacks
RSA for Encryption
RSA In Practice
Uses a single, simple calculation on extremely large integers:
C = Mx mod N
N = extremely large number made of 2 primes
Public key e = a public value for exponent x
Private key d = a secret value for exponent x
M = data being encrypted or decrypted
C = result
If we encrypt with “e” we must decrypt with “d”
And vice versa
Key Wrapping with RSA
Attacking Public Key Crypto
Security relies on very large prime numbers
Efficient factoring = efficient attacks
Public keys must be much longer than secret keys to achieve similar security
Attacking RSA
Decrypt a small plaintext with cube root of 3
Small private keys are especially vulnerable
Timing of calculation indicates the key values
Chosen ciphertext: trick user into applying crypto
Data Integrity
Does encryption protect data from change?
Why or why not?
How do we detect malicious changes to data?
Detecting accidental changes
What did we see in Chapter 5?
Hash functions are similar to EDCs
Bit Flipping Attack on Ciphertext
Does this Protect the Data?
Birthday Attack on a Check Value
Alternative: Encrypting a Hash
Keyed Hash: More Efficient
Public Keys and Digital Signatures
Constructing an RSA Digital Signature
Verifying an RSA Digital Signature
The MITM or Bucket Brigade Attack
Public-Key Certificates
Interpreting Certificates
Certificates are often created in relationship to other certificates
A corporation issues certificates to admins
Admins issue certificates to end users
A hierarchical structure is most common
The “root” certificate is distributed widely
Other certificates are verified against it
“Web of trust” is an alternative based on personal trust in other certificate signers
Authenticating Software Updates
Assured Pipeline
