Public Key Cryptography: Something I Did Not Do This Summer by Cara Monical
Click here to load reader
-
Upload
brown-fellows-program -
Category
Documents
-
view
1.348 -
download
1
Transcript of Public Key Cryptography: Something I Did Not Do This Summer by Cara Monical
Cara Monical, Centre College ‘13Something I Did Not Do This Summer
An Introduction to Public Key Cryptography:
What I Actually Did This Summer
Participated in the Director’s Summer Program at the National Security Agency, May 21 – August 10
Held Top Secret // Special Intelligence clearance with full-scope polygraph
Researched building, searching, and maintaining a large-scale graph based on multiple metrics
Collaborated with a team of 3 NSA problem supporters and 3 summer interns
Briefed the Director of NSA/CSS about significant performance increases in image retrieval using graph analytics
Due to the sensitive nature of my research, I am unable to present it here. Instead, I provide an introduction to public key cryptography and its importance to society.
What is Public Key Cryptography?
Some Background
Diffie-Hellman Key Exchange
RSA
A Math-Free Illustration of Two Types of Public Key Cryptography
Importance of Public Key Cryptography
Blaze and Lizzie decide to use public key cryptography
Lizzie takes her lock off and reads the message
Blaze (left) wants to send a secret message to Lizzie
(right) but is being watched by Arthur (cat)
Either way, the dogs best the cat and
celebrate
Plaintext: Information you want to keep secretCiphertext
:Information “in code” that cannot be read without knowledge of the key
Encryption:
Conversion of plaintext into ciphertext
Decryption:
Conversion of ciphertext into plaintext
Key: Information used in encryption and decryption that keeps plaintext safe
Traditionally, encryption is discussed between Alice (A) and Bob (B) with Eve (the eavesdropper) trying to steal the message. I will follow this convention.
Modular Arithmetic:Think “clock arithmetic”, numbers “wrap around”
after they reach a certain value, the modulusis the remainder when is divided by , ex. , means , so is a multiple of , ex.
Finite Cyclic Groups:A group is a set of elements under an operation
that satisfy the following properties:Let be a group under , and then for every
Closure: Associativit
y:
Identity: Invertibilit
y:
( means “in”, means “there exists”)Finite groups have a set number of elements, ,
and if , Cyclic groups have a generator, , such that if for
some integer
Blaze and Lizzie decide to encrypt message but Arthur can steal the key when they
try to share itOption 1: Shared-Key (like Diffie-
Hellman)
Option 2: Asymmetric-Key (like RSA)
Lizzie sends her lock, opened, to Blaze
Blaze puts lock on message, sends it back
to Lizzie
Lizzie takes her lock off and reads the message
Blaze takes his lock off, sends the message to
Lizzie (with her lock still on it)
Lizzie puts her lock on message, sends to Blaze
Blaze puts his lock on the message, sends it to
Lizzie
Shared-key cryptography that relies on discrete logarithm problem (DLP)
DLP: Solve for given in Alice wants to send Bob a message (public
values in blue, private values in green):1. Alice and Bob choose and publish a finite
cyclic group and generator 2. Alice randomly chooses and sends to Bob
Bob randomly chooses and sends to Alice3. Alice calculates
Bob calculates 4. Alice sends to Bob5. Bob decrypts:
Typically Diffie-Hellman Key Exchanges use a
multiplicative group of integers modulo (integers, where is prime, under multiplication mod ), though elliptic curves are also used
This prime is chosen to be ~2048 bits, so Advantages:Solving the DLP is very challengingShared key is never transmitted in any wayDisadvantages:Exponential operations are expensiveNo authentication scheme
Cryptographic systems that use two mathematically-linked keys: a public key for encryption and a private key for decryptionSecurity is based on mathematical algorithms that have no efficient solution, typically either integer factorization or finding
discrete logarithmsIn a shared-key system, each user contributes half of the encryption key, and a combined key is used to encrypt; neither user
learns the other half of the key, but both can decryptIn an asymmetric-key system, each user has their own public and private keys; if you want to talk to Alice, you encrypt using
Alice’s public key (which only she can decrypt)
Public key cryptography underlies our secure connections on the Internet: any time you go to a https website, you use public key cryptography
Without public key cryptography, we would be unable to shop, bank, or do business on the Internet without everyone seeing everything
Both Diffie-Hellman and RSA are widely used on the Internet and elsewhereWhen correctly implemented, both schemes are believed to not be breakable with computational limitations (it is possible to
break them by trying all private key values but not likely given the large number of possible private keys)Because public key methods are less efficient than traditional, symmetric methods, many applications use public key
cryptography to pass the key that needs to be shared for symmetric algorithms
Advantages: No key exchange that can be intercepted, which is a problem for traditional, symmetrical systems
Disadvantages:
Inefficient- requires much larger keys and more computational complexity for the same level of security as traditional systemsAuthentication problems- Eve can put out a public key claiming to be Alice
Asymmetric-key cryptography that relies on integer factorization
Integer factorization: Decompose a large integer into its prime divisors
Alice wants to send Bob a message (public values in blue, private values in green):
1. Bob chooses primes and , then:– and is published– and is private
2. Bob chooses such that and and is published– and is private
3. Alice encrypts and sends to Bob4. Bob decrypts 5. Along with , Alice can transmit where is
her private key, is her public modulus, and is a hash of – Bob computes where is Alice’s public
key. If matches the hash of the message he received, it came from someone who knew Alice’s private key (probably Alice)
The primes, and , are chosen so is about 2048 bits, N
Advantages:Each user has their own key that is never
transmittedSigning provides some authenticationDisadvantages:Long keys required
Who Am II am a senior at Centre College with a passion for discrete mathematics and theoretical computer science and a desire to reach my full potential and help those around me reach theirs. The past three years have afforded me much clarity in what I want for my future. My summer in Spain (2010) showed me my love for my country, while my summer at an REU (2011) opened the doors to research. This summer at the NSA (2012) has given me vision as I pursue a Ph.D. in Algorithms, Combinatorics, and Optimization. Afterwards, I aspire to a career as a leader in the Intelligence Community.