1

Hello World and Welcome to The simple crypt

Key=23

_r{{x7@xe{s7vys7@r{txzr7cx7Cr7d�~zg{r7tengc

Private-key Cryptography

2

ALICE BOB

Eve

3

ALICEBOB

Eve

Bob’s Public Key

Bob’s Private Key

Alice’s Public Key

Alice’s Public Key

Bob’s Public Key

Bob’s Public Key

Alice’s Public Key

Alice’s Private Key

4

Bob’s Public Key

Locked for Bob

Encryption

5

Locked for Bob

Decryption

Bob’s Private Key

6Bob’s Public Key

Signed by Alice &Locked for Bob

Encryption

Singed by Alice

Signing

Alice’s Private Key

Singed by Alice

Alice’s Private Key

7

Signed by Alice&Locked for Bob

Decryption

Bob’s Private Key

Singed by Alice

Alice’s Public Key

Verification

Singed by Alice

Yes/No!

8

MessageThis is a big secret

MessageI?~jhYUWEKUia

The Internet

MessageThis is a big secret

MessageI?~jhYUWEKUia

Recipient’s private key

Recipient’s PUBLIC key

9PGP,Version 6.5.1 Manual, NetworkAssociates, 1999.

10

PGP,Version 6.5.1 Manual, NetworkAssociates, 1999.

11

Certificate Authorities

• The Certificate Authority (CA) is a trusted third party

• Provides the necessary authentication and security infrastructure

• The CA creates and issues certificates

12

PGP,Version 6.5.1 Manual, NetworkAssociates, 1999.

13Sondra Schneider, IFsec, June 11, 1999.

14

Using the CA to Establish Trust

Customer Merchant

The CA1- Establisha Certificate

2- send signed requestand certificate

3- CheckSignature

4-Merchant can trust customerand may continue with trade

15Sondra Schneider, IFsec, June 11, 1999.

16

Sondra Schneider, IFsec, June 11, 1999.

17

Authentication Protocols

• General-purpose secure messaging protocols include:– SSL– S/MIME

• Secure protocols for electronic commerce include:– EDI/MIME. – SET

18

SET

Byte, June 1997

19

June 1997

20

June 1997

21

The Use of Smartcards

Byte, June 1997

22Minimal Key Lengths for Symmetric Ciphers, Matt Blaze and others, 1996.

23

Avoiding bogus encryption products, Matt Curtin, 1998.

24

RSAfrom the RSA FAQ

• RSA is a public-key cryptosystem– take two large primes, p and q,– find their product n = pq; (n is called the

modulus)– Choose, e, less than n and relatively prime to (p-

1)(q-1), and find its inverse, d, mod (p-1)(q-1), which means that:

ed = 1 mod (p-1)(q-1);– e and d are called the public and private

exponents, respectively.– The public key is the pair (n,e);– the private key is d.– The factors p and q must be kept secret, or

destroyed.

25

Two numbers are relatively prime when they share no factors in common other than 1. In other words, if the greatest common divisor of a and n is equal to 1. This is written:

gcd(a,n) = 1

26

• It is difficult (presumably) to obtain the private key d from the public key (n,e).

• If one could factor n into p and q, however, then one could obtain the private key d.

• Thus the entire security of RSA is predicated on the assumption that factoring is difficult.

27

RSA encryption:• suppose Alice wants to send a private

message, m, to Bob.• Alice creates the ciphertext

c = m^e mod n,• e and n are Bob's public key.• To decrypt, Bob computes:

m = c^d mod n, • and recovers the original message m; the

relationship between e and d ensures that Bob correctly recovers m. Since only Bob knows d, only Bob can decrypt.

28

• public-key operations take O(k^2) steps,

• private key operations take O(k^3) steps,

• key generation takes O(k^4) steps

• where k is the number of bits in the modulus