Cryptography and Symmetric Keys in Digital Communication

Cryptography, a vital part of digital communication, involves safeguarding messages from adversaries like eavesdroppers and impostors. Initially reliant on symmetric keys for encryption and decryption, the need to securely share keys posed a challenge. Technologies like DES and AES have advanced cryptographic methods, replacing older techniques like Enigma Machines. Enhancing data security is crucial to prevent unauthorized access and manipulation of sensitive information.

• Cryptography
• Symmetric Keys
• Data Security
• Encryption
• Digital Communication

call_674 Follow

Uploaded on Oct 02, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Innovation and Cryptoventures Digital Signatures Campbell R. Harvey Duke University and NBER January 19, 2018

2. Definition Cryptography is the science of communication in the presence of an adversary. Part of the field of cryptology. Campbell R. Harvey 2018 2

3. Goals of Adversary Alice sends message to Bob Eve is the adversary Campbell R. Harvey 2018 3

4. Goals of Adversary Eve s goals could be: 1. Eavesdrop 2. Steal secret key so that all future messages can be intercepted 3. Change Alice s message to Bob 4. Masquerade as Alice in communicating to Bob Campbell R. Harvey 2018 4

5. Symmetric Keys Early algorithms were based on symmetric keys. This meant a common key encrypted and decrypted the message You needed to share the common key and this proved difficult Campbell R. Harvey 2018 5

6. Symmetric Keys Early methods relied on a shared key or code A message would be encrypted and sent but the receiver needed to decode with a key or a special machine Example: The Lektor in James Bond, From Russia with Love. Campbell R. Harvey 2018 6

7. Symmetric Keys However, you needed to securely share the key or decoder. Campbell R. Harvey 2018 7

8. Symmetric Keys However, you needed to securely share the key or decoder. The adversary Campbell R. Harvey 2018 8

9. Symmetric Keys Nazi Enigma Machine is an earlier version of the Lektor https://www.youtube.com/watch?v=G2_Q9FoD-oQ https://www.youtube.com/watch?v=V4V2bpZlqx8 Recommended videos! Campbell R. Harvey 2018 9

10. Secret Keys Symmetric key DES (Data Encryption Standard) was a popular symmetric key method, initially used in SET (first on-line credit card protocol) DES has been replaced by AES (Advanced Encryption Standard) Campbell R. Harvey 2018 10

11. Diffee-Hellman Key Exchange Breakthrough in 1976 with Diffie-Hellman-Merkle key exchange There is public information that everyone can see. Each person, say Alice and Bob, have secret information. The public and secret information is combined in a way to reveal a single secret key that only they know https://www.youtube.com/watch?v=YEBfamv-_do Campbell R. Harvey 2018 11

12. Diffee-Hellman Key Exchange Will use prime numbers and modulo arithmetic We already encountered one example of modular arithmetic in the SHA-256 which uses mod=232 or 4,294,967,296 https://www.youtube.com/watch?v=YEBfamv-_do Campbell R. Harvey 2018 12

13. Key Exchange Numerical example 5 mod 2 = 1 Divide 5 by 2 the maximum number of times (2) 2 is the modulus The remainder is 1 Remainders never larger than (mod-1) so for mod 12 (clock) you would never see remainders greater than 11. EXCEL function = mod(number, divisor) e.g., mod(329, 17) = 6 mod Campbell R. Harvey 2018 13

14. Key Exchange Alice and Bob decide on two public pieces for information A modulus (say 17) A generator (or the base for an exponent) (say 3) Alice has a private key (15) Bob has a private key (13) Is it possible for them to share a common secret that is unlikely to be intercepted? Campbell R. Harvey 2018 14 https://www.khanacademy.org/computing/computer-science/cryptography/modern-crypt/v/diffie-hellman-key-exchange-part-2

15. Key Exchange Alice: Calculates 315 mod 17 = 6 (i.e., =mod(3^(15), 17)) Alice send the message 6 to Bob Campbell R. Harvey 2018 15

16. Key Exchange Alice: Calculates 315 mod 17 = 6 (i.e., =mod(3^(15), 17)) Alice send the message 6 to Bob Eve intercepts the message! Campbell R. Harvey 2018 16

17. Key Exchange Bob: Calculates 313 mod 17 = 12 (i.e., =mod(3^(13), 17)) Bob send the message 12 to Alice Campbell R. Harvey 2018 17

18. Key Exchange Bob: Calculates 313 mod 17 = 12 (i.e., =mod(3^(13), 17)) Bob send the message 12 to Alice Eve intercepts the message! Now Eve has the 6 and the 12. Campbell R. Harvey 2018 18

19. Key Exchange Alice: Takes Bob s message of 12 and raises it to the power of her private key. Calculates 1215 mod 17 = 10 (i.e., =mod(12^(15), 17))* This is their common secret Campbell R. Harvey 2018 19 *EXCEL only does 15 digits so this will not work

20. Key Exchange Bob: Takes Alice s message of 6 and raises it to the power of his private key. Calculates 613 mod 17 = 10 (i.e., =mod(6^(13), 17)) This is their common secret Campbell R. Harvey 2018 20

21. Key Exchange Eve She has intercepted their message. However, without the common secret key, there is little chance she can recover the shared secret. Campbell R. Harvey 2018 21

22. Key Exchange Common secret Alice can now encrypt a message with the common secret and Bob can decrypt it with the common secret. Notice this is a common secret. Next we will talk private/public keys. That is, both and Alice have separate public keys and separate private keys. Campbell R. Harvey 2018 22

23. Key Exchange (Optional slide) Why does this work They are solving the same problem. Alice sent Bob 315 mod 17 = 6. Bob raises the to power of 13. This is the same as 613 mod 17 = [315]^(13) mod 17 =10 Alice s original calculation Campbell R. Harvey 2018 23

24. Key Exchange (Optional slide) Why does this work They are solving the same problem. Bob sent Alice 313 mod 17 = 12. Alice raises the to power of 15. This is the same as 1215 mod 17 = [313]^(15) mod 17 =10 Bob s original calculation Campbell R. Harvey 2018 24

25. Key Exchange (Optional slide) Why does this work They are solving the same problem. The modular arithmetic is crucial. See! [313]^(15) = [315]^(13) Campbell R. Harvey 2018 25

26. Key Exchange RSA and ECC Now we will introduce key pairs. The basic idea of modular arithmetic provides the foundation for RSA private/public key cryptography. The prime numbers that are used are huge. Private keys are mathematically linked to public keys. Campbell R. Harvey 2018 26

27. RSA: High Level Overview See my Cryptography 101 deck for much more detail. Two prime numbers are chosen and they are secret (say 7 and 13, called p, q). Multiply them together. The product (N=91) is public but people don t know the prime numbers used to get it. A public key is chosen (say 5). Given the two prime numbers, 7 and 13, and the public key, we can derive the private key, which is 29. Campbell R. Harvey 2018 27

28. RSA Issues with RSA RSA relies on factoring N is public (our example was 91) If you can guess the factors, p, q, then you can discover the private key Campbell R. Harvey 2018 28

29. RSA Issues with RSA Factoring algorithms have become very efficient To make things worse, the algorithms become more efficient as the size of the N increases Hence, larger and larger numbers are needed for N This creates issues for mobile and low power devices that lack the computational power Campbell R. Harvey 2018 29 http://www.slate.com/articles/health_and_science/science/2016/01/the_world_s_largest_prime_number_has_22_338_618_digits_here_s_why_you_should.html

30. Elliptic Curve Cryptography Mathematics of elliptic curves Does not rely on factoring Curve takes the form of y2 = x3 + ax + b Note that diagram is continuous but we will be using discrete versions of this arithmetic Note: 4a3 + 27b2 0 Bitcoin uses a=0 and b=7 Campbell R. Harvey 2018 30

31. Elliptic Curve Cryptography Properties Symmetric in x-axis Any non-vertical line intersects in three points Algebraic representation Campbell R. Harvey 2018 31

32. Elliptic Curve Cryptography Properties: Addition Define a system of addition . To add P and Q pass a line through and intersect at third point R . Drop a vertical line down to symmetric part. This defines P+Q (usually denoted ? ?) R P Q P+Q Denote Elliptic Curve as E Campbell R. Harvey 2018 32

33. Elliptic Curve Cryptography Properties: Doubling Define a system of addition . To add P and P use a tangent line and intersect at third point. Drop a vertical line down to symmetric part. This definite 2P (usually denoted ? ?) P Denote Elliptic Curve as E 2P Campbell R. Harvey 2018 33

34. Elliptic Curve Cryptography (Optional slide) Properties: Other (a) P + O = O + P = P for all P E. (existence of identity) (b) P + ( P) = O for all P E. (existence of inverse) (c) P + (Q + R) = (P + Q) + R for all P, Q, R E. (associative) (d) P + Q = Q + P for all P, Q E (communativity) Denote Elliptic Curve as E Campbell R. Harvey 2018 34

35. Elliptic Curve Cryptography (Optional slide) Why use in cryptography? Suggested by Koblitz and Miller in 1985 Implemented in 2005 Key insight: Adding and doubling on the elliptic curve is easy but undoing the adding is very difficult Campbell R. Harvey 2018 35

36. Elliptic Curve Cryptography (Optional slide) Modulo arithmetic on EC Example of modulo 67 (means only points are between 0 and 66 Notice the symmetry Campbell R. Harvey 2018 36 http://www.coindesk.com/math-behind-bitcoin/#

37. Elliptic Curve Cryptography (Optional slide) Modulo arithmetic on EC Notice the symmetry (reflection in the red line) Campbell R. Harvey 2018 37 http://www.coindesk.com/math-behind-bitcoin/#

38. Elliptic Curve Cryptography (Optional slide) Modulo arithmetic on EC Example of modulo 67 Addition of (2,22) and (6,25) Note (2,22) called the base point The dashed blue line wraps around and intersects at (47,39) and the reflection is (47,28) Campbell R. Harvey 2018 38 http://www.coindesk.com/math-behind-bitcoin/#

39. Elliptic Curve Cryptography (Optional slide) Modulo arithmetic on EC Example of modulo 67 Addition of (2,22) and (6,25) Note (2,22) called the base point The dashed blue line wraps around and intersects at (47,39) and the reflection is (47,28) Campbell R. Harvey 2018 39 http://www.coindesk.com/math-behind-bitcoin/#

40. Elliptic Curve Cryptography (Optional slide) Four choices: Form of elliptic curve Prime modulo Base point Order Campbell R. Harvey 2018 40 http://www.coindesk.com/math-behind-bitcoin/#

41. Elliptic Curve Cryptography (Optional slide) Four choices: Form of elliptic curve: y2= x3+ 7 Prime modulo: 2256 232 29 28 27 26 24- 1 = FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F Base point: 04 79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798 483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8 Order: FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141 Campbell R. Harvey 2018 41 http://www.coindesk.com/math-behind-bitcoin/#

42. Elliptic Curve Cryptography (Optional slide) How it works: Private key is a random number chosen between 1 and the order Public key = private key*base point Maximum number of private keys (and bitcoin addresses) is equal to the order. It is straightforward to go from private key to a public key but brutally difficult to go from public key to private key. Campbell R. Harvey 2018 42 http://www.coindesk.com/math-behind-bitcoin/#

43. Elliptic Curve Cryptography (Optional slide) How it works: 1. Choose private key and derive public key Let prime modulus = m Let base point (x,y) = G Let order = n Let private key = d (which is just a number) Public key Q(x,y) = d*G [operations on the elliptic curve with prime modulus m] Campbell R. Harvey 2018 43 http://www.coindesk.com/math-behind-bitcoin/#

44. Elliptic Curve Cryptography (Optional slide) How it works: 2. Sign Let data = z (which could be a SHA-256 of the data you are signing) Generate a random number k Calculate k*G which leads to particular coordinates (x,y)* Calculate r = x mod n [Note n=order] Calculate s = (z + r*d)/k mod n Private key Digital Signature (DS) = (r, s) is just a set of coordinates Campbell R. Harvey 2018 44 *I am not sure what modulus is used for this EC operation. http://www.coindesk.com/math-behind-bitcoin/#

45. Elliptic Curve Cryptography (Optional slide) How it works: 3. Verify Calculate w = s-1 mod n Calculate u = z*w mod n Calculate v = r*w mod n Calculate the point (x , y ) = uG + vQ Verify that r = x mod n If yes, verified. Base point Public key Remember DS = (r, s) Campbell R. Harvey 2018 45 http://www.coindesk.com/math-behind-bitcoin/#

46. Elliptic Curve Cryptography (Optional slide) How it works: 4. Intuition Anyone can encrypt something with a public key The digital signature algorithm uses the data, a random number, and both the private and public keys Verification shows that only the owner of both the private and public key could have signed. Verification is a yes or a no . Campbell R. Harvey 2018 46 http://www.coindesk.com/math-behind-bitcoin/#

47. ECDSA Private key is a number called signing key (SK). It is secret. Public key is the verification key and is mathematically linked to the private key VK EC SK Elliptic curve operations: Need base point, modulus, order Public key: coordinate (x, y) Private key: (number) Note: Easy to generate a public key with a private key. Not easy to go the other way. Campbell R. Harvey 2018 47

48. ECDSA Digital signature Nonce: (random number) Nonce EC DS Message SK Digital signature: coordinate (r, s) Elliptic curve operations: Need base point, modulus, order (n) Private key: (number) Campbell R. Harvey 2018 48

49. ECDSA Verification DS coordinates Yes r (verified) s EC (x , y ) r = x mod n ? Message No (rejected) VK Elliptic curve operations: Need base point, order (n) Derive new point on elliptic curve Check x coordinate of new point and DS Public key: (x, y) Campbell R. Harvey 2018 49

50. How DSAs Work Notice Proves that the person with the private key (that generated the public key) signed the message. Interestingly, digital signature is different from a usual signature in that it depends on the message, i.e., the signature is different for each different message. In practice, we do not sign the message, we sign a cryptographic hash of the message. This means that the size of the input is the same no matter how long the message is. Campbell R. Harvey 2018 50

Load More ...