S.R. Blackburn Royal Holloway Cryptographypersonal.rhul.ac.uk/uhah/058/talks/cafesci.pdf · S.R....
Transcript of S.R. Blackburn Royal Holloway Cryptographypersonal.rhul.ac.uk/uhah/058/talks/cafesci.pdf · S.R....
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Photo: V. Lee
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Cryptography
Simon R. Blackburn
Royal Holloway, University of London
26th January 2009
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
This talk
I Pre-1976 cryptography
I The revolution of 1976
I Modern cryptography
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Secrecy and scrambling
Cryptography used to be all about secrecy and was mainly used bygovernments.
I Secrecy: Shaving the head of a slave. (Histiaeus andAristagoras of Miletus, approx 500BC)
I Scrambling: The Caesar Cipher (approx 50BC) KHOOR!
I Keys: Leon Battista Alberti; the Argenti family (approx 1460- 1590)
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Secrecy and scrambling
Cryptography used to be all about secrecy and was mainly used bygovernments.
I Secrecy: Shaving the head of a slave. (Histiaeus andAristagoras of Miletus, approx 500BC)
I Scrambling: The Caesar Cipher (approx 50BC) KHOOR!
I Keys: Leon Battista Alberti; the Argenti family (approx 1460- 1590)
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Secrecy and scrambling
Cryptography used to be all about secrecy and was mainly used bygovernments.
I Secrecy: Shaving the head of a slave. (Histiaeus andAristagoras of Miletus, approx 500BC)
I Scrambling: The Caesar Cipher (approx 50BC) KHOOR!
I Keys: Leon Battista Alberti; the Argenti family (approx 1460- 1590)
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Secrecy and scrambling
Cryptography used to be all about secrecy and was mainly used bygovernments.
I Secrecy: Shaving the head of a slave. (Histiaeus andAristagoras of Miletus, approx 500BC)
I Scrambling: The Caesar Cipher (approx 50BC) KHOOR!
I Keys: Leon Battista Alberti; the Argenti family (approx 1460- 1590)
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
The science of cryptography
Auguste Kerckhoffs La Cryptographie Militaire, 1883.
Before Kerckoffs: security through obscurity
Kerckoffs’ Law: ‘Compromise of the system should notinconvenience the correspondents’ or:
Secrecy resides entirely in the key
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
The science of cryptography
Auguste Kerckhoffs La Cryptographie Militaire, 1883.
Before Kerckoffs: security through obscurity
Kerckoffs’ Law: ‘Compromise of the system should notinconvenience the correspondents’ or:
Secrecy resides entirely in the key
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
The science of cryptography
Auguste Kerckhoffs La Cryptographie Militaire, 1883.
Before Kerckoffs: security through obscurity
Kerckoffs’ Law: ‘Compromise of the system should notinconvenience the correspondents’ or:
Secrecy resides entirely in the key
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Perfect secrecy
Gilbert S. Vernam (1917): the one-time pad.
Claude E. Shannon (1948/49): The one time pad is perfectlysecure!
Problem: How do both sender and recipient know the key?
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Perfect secrecy
Gilbert S. Vernam (1917): the one-time pad.
Claude E. Shannon (1948/49): The one time pad is perfectlysecure!
Problem: How do both sender and recipient know the key?
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Perfect secrecy
Gilbert S. Vernam (1917): the one-time pad.
Claude E. Shannon (1948/49): The one time pad is perfectlysecure!
Problem: How do both sender and recipient know the key?
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Whit Diffie and Martin Hellman
Diffie and Hellman (1976) solved this problem!
I Two parties: Alice and Bob
I All communications monitored by Eve.
I Alice and Bob come to know the same key; Eve doesn’t knowthe key
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Whit Diffie and Martin Hellman
Diffie and Hellman (1976) solved this problem!
I Two parties: Alice and Bob
I All communications monitored by Eve.
I Alice and Bob come to know the same key; Eve doesn’t knowthe key
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Whit Diffie and Martin Hellman
Diffie and Hellman (1976) solved this problem!
I Two parties: Alice and Bob
I All communications monitored by Eve.
I Alice and Bob come to know the same key; Eve doesn’t knowthe key
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Whit Diffie and Martin Hellman
Diffie and Hellman (1976) solved this problem!
I Two parties: Alice and Bob
I All communications monitored by Eve.
I Alice and Bob come to know the same key; Eve doesn’t knowthe key
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Modular arithmetic
Suppose we only know about the numbers 0, 1, 2, 3, . . . , 10, 11, 12.
I 22 = 4
I 23 = 4× 2 = 8
I 24 = 8× 2 = 16 = 3 (subtract 13)
I Using 28 = 9, we calculate 29 = 9× 2 = 18 = 5.
i 1 2 3 4 5 6 7 8 9 10 11 12 13 14
2i 2 4 8 3 6 12 11 9 5 10 7 1 2 4
If we are just given 2i , it is difficult to find i .If we are just given i , it is easy to find 2i .
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Modular arithmetic
Suppose we only know about the numbers 0, 1, 2, 3, . . . , 10, 11, 12.
I 22 = 4
I 23 = 4× 2 = 8
I 24 = 8× 2 = 16 = 3 (subtract 13)
I Using 28 = 9, we calculate 29 = 9× 2 = 18 = 5.
i 1 2 3 4 5 6 7 8 9 10 11 12 13 14
2i 2 4 8 3 6 12 11 9 5 10 7 1 2 4
If we are just given 2i , it is difficult to find i .If we are just given i , it is easy to find 2i .
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Modular arithmetic
Suppose we only know about the numbers 0, 1, 2, 3, . . . , 10, 11, 12.
I 22 = 4
I 23 = 4× 2 = 8
I 24 = 8× 2 = 16 = 3 (subtract 13)
I Using 28 = 9, we calculate 29 = 9× 2 = 18 = 5.
i 1 2 3 4 5 6 7 8 9 10 11 12 13 14
2i 2 4 8 3 6 12 11 9 5 10 7 1 2 4
If we are just given 2i , it is difficult to find i .If we are just given i , it is easy to find 2i .
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
How to exchange keys
Alice Eve Bob
Pick i andcalculate 2i −→ 2i
Pick j and2j ←− calculate 2j
Calculate (2j)i Calculate (2i )j
The common key: the secret number 2ij
Eve only knows 2i and 2j . How can she calculate 2ij from this?
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
How to exchange keys
Alice Eve Bob
Pick i andcalculate 2i −→ 2i
Pick j and2j ←− calculate 2j
Calculate (2j)i Calculate (2i )j
The common key: the secret number 2ij
Eve only knows 2i and 2j . How can she calculate 2ij from this?
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Photo: D. Spisak
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
What else can you do?
Modern cryptography is about authenticity as well as secrecy, andis now used by business as much as government.
I Public key cryptography: RSA (1977) ElGamal (1984)
I Digital signatures: RSA (1977)
I Zero knowledge: Goldwasser, Micali, Rackoff (1985)
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
What else can you do?
Modern cryptography is about authenticity as well as secrecy, andis now used by business as much as government.
I Public key cryptography: RSA (1977) ElGamal (1984)
I Digital signatures: RSA (1977)
I Zero knowledge: Goldwasser, Micali, Rackoff (1985)
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
What else can you do?
Modern cryptography is about authenticity as well as secrecy, andis now used by business as much as government.
I Public key cryptography: RSA (1977) ElGamal (1984)
I Digital signatures: RSA (1977)
I Zero knowledge: Goldwasser, Micali, Rackoff (1985)
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
What else can you do?
Modern cryptography is about authenticity as well as secrecy, andis now used by business as much as government.
I Public key cryptography: RSA (1977) ElGamal (1984)
I Digital signatures: RSA (1977)
I Zero knowledge: Goldwasser, Micali, Rackoff (1985)
S.R. Blackburn Royal Holloway
Cryptography
Pre-1976 cryptography The revolution of 1976 Modern cryptography
Many thanks
The slides of this talk will be available on my home page:
http://www.ma.rhul.ac.uk/sblackburn
S.R. Blackburn Royal Holloway
Cryptography