Upload File

fun with certificates part i - ias security · 5/13/2019  · fun with certificates part i rsa...

  • Home
  • Documents
  • Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think
40
Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Fun with Certificates part I a Deep Dive into Cryptography and RSA for all ages Brian Epstein (he/him/his) Institute for Advanced Study Computer Manager, Network and Security Information Security Officer [email protected] - @epepepep

Upload: others

Post on 25-Jun-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Fun with Certificates part Ia Deep Dive into Cryptography and RSA for all ages

Brian Epstein(he/him/his)

Institute for Advanced Study

Computer Manager, Network and Security

Information Security Officer

[email protected] - @epepepep

mailto:[email protected]
Page 2: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 2

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

The Institute for Advanced Study

Page 3: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 3

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Page 4: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 6

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Topics● Cryptography

● History and Concepts● Symmetric and Asymmetric (RSA/ECC)

● Certificates● Trust● Key Size (bit-length)

● Lab and Demonstrations

Page 5: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 7

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Cryptography

Goal: pass messages secretly between entities through an insecure medium

Page 6: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 8

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Page 7: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 9

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Symmetric Cryptography● Cereal box decoder ring/Cryptograms● Decode secret message (“zsad”).● Translate each letter with decoder ring● Secret message is (“easy”).● Reverse to encode.● Fast.

Page 8: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 10

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

tpuud JimmyJimmJimJiJttptputpuutpuud

Page 9: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 11

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Symmetric Box Demo

Page 10: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 12

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Symmetric Key Cryptography

n*(n-1)/2 = 6*(5-1)/2 = 30/2 = 15 unique keys

Page 11: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 13

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Page 12: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 14

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Page 13: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 15

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Page 14: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 16

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

One way function

X

Page 15: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 17

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Asymmetric Keys● Private key that you keep to yourself● Public key that you give to everyone

Page 16: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 18

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Asymmetric Box Demo

Page 17: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 19

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Math

Page 18: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 20

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

51

3 17

1 3 1 17

41

1 41

Prime Numbers

1 * 41 = 41

1 * 3 * 1 * 17 = 3 * 17 = 51

Page 19: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 21

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Exponents

27 = 2*2*2*2*2*2*2 = 128

2^7 = 128

Page 20: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 22

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Modulus

55 1282

11018

r 18 128 ÷ 55 = 2 r 18128 mod 55 = 18128 ≡ 18 (mod 55)

55 1282

11018

r 18

Page 21: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 23

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Modulus 5 r 05 25 25 0

5 r 15 26 25 1

5 r 25 27 25 2

5 r 35 28 25 3

5 r 45 29 25 4

6 r 05 30 30 0

6 r 15 31 30 1

mod 5

Page 22: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 24

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Page 23: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 25

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Modulus● Think of modulus like a circle● Examples

● clock - 59 minutes becomes 0 minutes : (mod 60)● date - 365th day of the year becomes the 1st : (mod

365)● numbers - ones column goes from 9 to 0 : (mod 10)● circular degrees - 359° goes to 0° : (mod 360)

Page 24: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 26

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

RSA Private Key Contents● Two large Prime Numbers (p and q)● Modulus (n = p*q)● Private exponent (d)

Page 25: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 27

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Private Exponent● Private exponent (d) must solve

(d*e) mod φ(n) = 1

Page 26: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

Fun with Certificates

Page 27: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

Fun with Certificates

Page 28: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

Fun with Certificates

Page 29: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

Fun with Certificates

Page 30: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

Fun with Certificates

Page 31: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 33

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

RSA Public Key Contents● Modulus (n)● Public exponent (e)

Page 32: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

Fun with Certificates

Page 33: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 35

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Public Exponent● Public exponent (e) must be relatively

prime to p-1 for all primes p which divide the modulus

Page 34: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 38

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Jimmy 1414 1314 13 1814 13 18 1814 13 18 18 36

One way function for RSA

Page 35: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 39

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

14 13 18 18 36

One way function for RSA

14 13 18 18 36

Page 36: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 40

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

14 13 18 18 36

One way function for RSA

14

13

18

18

36

Page 37: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 44

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

One way function for RSA

14

13

18

18

36

147 mod 55

137 mod 55

187 mod 55

187 mod 55

367 mod 55

= 105413504 mod 55= 9 = “g”

= 7

= 17

= 17

= 31

= “e”

= “l”

= “l”

= “v”

E(Jimmy) = gellv

Page 38: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 45

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

One way function for RSA

9

7

17

17

31

923 mod 55

723 mod 55

1723 mod 55

1723 mod 55

3123 mod 55

= 14 = “J”

= 13

= 18

= 18

= 36

= “i”

= “m”

= “m”

= “y”

D(gellv) = Jimmy

Page 39: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 46

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Asymmetric Key Demo

Modulo Calculatorhttps://tinyurl.com/rsacalc

Page 40: Fun with Certificates part I - IAS Security · 5/13/2019  · Fun with Certificates part I RSA Cryptography May 13, 2019 Network Security Institute for Advanced Study Modulus Think

https://security.ias.edu 47

Fun with Certificates part IRSA Cryptography

May 13, 2019

Network SecurityInstitute for Advanced Study

Asymmetric Key Cryptography

2*n = 2 * 6 = 12 unique keys


Security Now! #567ана070516 Hacking Certificates

E-mail Security PGP, S/MIME Certificates and PKI

Cracking Security Certificates

Certificates and network security

Gicev - FLUOR - Safety-Security Certificates

Security Certificates for the SRC Software - juniper.net · Title: Security Certificates for the SRC Software Author: Juniper Networks Created Date: 20141210135653Z

Tutorial 3: Globus Security - csperkins.org · Tutorial 3: Globus Security. Main Points Certificates and Proxies (Authentication) X509 Certificates Certificate Authorities Access

Presentation Two: Grid Security Part Two: Grid Security A: Grid Security Infrastructure (GSI) B: PKI and X.509 certificates C: Proxy certificates D:

Certificates and network security - Aalto · Certificates and network security. Outline X.509 certificates Network security basics Secure socket layer (More in the course T-110.5240

Making Information Security Fun

Qualified Digital Signature Certificate Policy · digital certificates, namely qualified digital certificates (digital certificates with the highest degree of security provided by

Install Client Security Certificates - USEmbassy.gov · 2017-08-14 · 2 Install Client Security Certificates. Property of Pearson VUE 4. If you are installing the certificate on

THE BIGGEST ADVANCE IN SECURITY SINCE CERTIFICATES

Covert Intelligence: Researching People. Dead or alive? Social Security Death Index Death certificates Obituaries Birth certificates

Cracking Security CertificatesCracking Security Certificates Description: Steve and Leo delve into the detailed inner workings of security certificates upon which the Internet depends

Security Certificates User Guide - Experian Certificates User... · Experian Security Certificates Guide v1.0 Page 3 of 12 Introduction Experian uses security certificates to prevent

SecureEmail - Enterprise Security Software, Digital Certificates

Procedure of Installation of Security CertificateS(2qg5wrr0wx3rm5m31t0gtnvy))/certificates/Security... · Dicrectorate of Registration and Stamp Revenue Abregistration.gov In' Toa's

Security and Certificates - Cisco

Certificates, Keys, Web Browsers, and Security - Sumanth Gelle

Updatingserver)certificates to#improve#end user%security ...€¦ · Updating server certificates to improve end-user security and client user experience 4 How!to!simplify!your!network!

Wireless (Security) Self-Test for fun

Security Training Certificates 2 of 2

Fun With Spring Security

2019 CLOUD SECURITY PREDICTIONS · Certificate Management • AWS Certificate Manager • Azure Key Vault – Certificates Security Operations • AWS Security Hub • Azure Security

Five9 Technical Requirements - gallery.azure.com · Digital Certificates ... Five9 Java-Based Application ... Environment and Security Technical Requirements Digital Certificates

Enhance OpenSSH for fun and security

Certificates and network security Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014

Security and Investigations Certificates

Etiquette, security & fun with social media

Give the Gift of FUN!...Give the Gift of FUN! Park District gift certificates make the perfect gift for everyone on your list. Available in any denomination, gift certificates may

Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study

Flame virus spread through rogue Microsoft security certificates

In-Security for fun and pr0fit!

Security, Certificates, and System Manager - 808