Crypto

Bro Rigby

History

http://en.wikipedia.org/wiki/Cryptography#History_of_cryptography_and_cryptanalysis

Terms

• Plaintext• Encryption• Cipher• Cipher text• Cryptography• Cryptographers

Terms

• Cryptanalysis• Cryptanalysts• Cryptology• Keys • Keyspace• Hashing

Symmetric Encryption(Single Key)

How big are keys?

• 128? Has 2128 possible values– The total lifetime of the universe is about 261

seconds.– Number of atoms in the earth 2170

– Number of atoms in the sun 2190

– Number of atoms in the universe 2265

Algorithms'

• Stream Ciphers (1 bit at a time)• Block Ciphers (Chunks at a time, AES uses 128

bit blocks)• Examples– DES, 3DES (No Longer Used)– Twofish, Serpent, AES, Blowfish, CAST5, RC4,

TDES, IDEA

Symmetric Encryption

• DES (Data Encryption Standard)– 56 Bit– Federal Information Processing Standard (FIPS 46) in 1976– 1997: RSA contest won by distributed crack (10,000 clients)– 1998: EFF built a $250K machine to crack DES in 2 days

• 2002 AES (May 26th, 2002)– 5 Finalists (Mars,RC6,Rijndael,Serpent,Twofish)– 128, 192, 256 bit keys.– The largest successful publicly-known brute force

attack has been against a 64-bit RC5 key by distributed.net (http://en.wikipedia.org/wiki/Advanced_Encryption_Standard)

Symmetric Encryption• 128-bit encryption

– 3 x 1038

– 1 modern computer needs 1024 years to crack 128-bit– 1 billion modern computers need 1015 years to crack– 1 billion modern computers need 1053 years to crack 256-bit– Some other cracking method required

• Other avenues are far easier:– Spyware/Rootkits– Social Engineering– Phishing– Password cracking

• Reference (The Struggle Between Unbreakable Encryption and Stupid Passwords By Brian Basgen bbasgen@pima.edu)

Asymmetric Encryption2-key

Asymmetric Algorithms’

• Diffie-Hellman• DSS• ElGamal – Based off of Diffie-Hellman• RSA• Cramer-Shoup

XOR

• Secret Splitting• Secret Sharing

Hashing

• Digital Fingerprint– MD5– SHA-1

Algorithm Output size (bits)

Internal state size (bits)

Block size (bits)

Max message size (bits)

Word size (bits) Rounds Operations Collision

SHA-0 160 160 512 264 − 1 32 80 +,and,or,xor,rotfl Yes

SHA-1 160 160 512 264 − 1 32 80 +,and,or,xor,rotfl 263 attack

SHA-256/224 256/224 256 512 264 − 1 32 64 +,and,or,xor,

shr,rotfr None yet

SHA-512/384 512/384 512 1024 2128 − 1 64 80 +,and,or,xor,

shr,rotfr None yet

http://en.wikipedia.org/wiki/Sha1

Digital Signatures

• Signing uses Private Key• Verifying uses Public Key• “Authentication” of message.• Hash Message. Sign Hash. Send message with

Encrypted Hash.• Receiver decrypts hash with public key and

then matches hash sent with hash of message.

PKI

Digital Certificates

• Binds a name to a public key.• X.509 Standard• Registration with CA – Software, hardware, procedures, policies, people– RA Responsible for verification– Class 1 – Email– Class 2 – Software signing– Class 3 – Be own CA

Digital Certificates

• Key Pair Generation• Cert creation• Cert distribution• Key backup and recovery