CS 150 – Computing: From Ada
to the Web
Cryptography
Protecting Information
• Frame message
– Indicates what the message is
• Outer message
– Tells how to interpret the message
• Inner message
– The content of the message
• How do we protect the message from
eavesdropping?
At War
• The earliest need for encryption came from
war.
• Sending orders by carrier that could be
captured was dangerous at best.
• Need to protect the message!
• (Another early use: the Kama Sutra describes
it as a way to have an affair without
“inconvenient discovery.”)
The Caesar Cipher
• The network: The Roman roads
• The message: Orders to Roman troops
• Also known as a Rotation Cipher, you simply
replace a letter with another letter that is a
certain number of letters away.
• Technically, a Caesar Cipher is a Rotation
Cipher where n = 3.
• Popularly, you can find this cipher today as a
simple “decoder ring.”
Rotation Cipher
encrypt
decrypt
ABCDEFGHIJKLMNOPQRSTUVWXYZ
JIDKQACRSHLGWNFEXUZVTPMYOB
CS  DZ
Worked okay for 44BC, but…
• Language is not random!
• Random strings: the probability of two letters
in the two messages matching is 1/26
(number of letters in alphabet)
• Same-encrypted strings: the output letters will
match when the input letters match
– This happens much more frequently because
some letters (e.g., “e” is ~13% of all letters) are
more common
Vigenere Cipher
• Blaise de Vigenère in the 19th century
• Used during the Confederacy during the Civil
War
• Keyword rotational cipher
• Plaintext: ATTACKATDAWN
• Key: LEMONLEMONLE
• Ciphertext: LXFOPVEFRNHR
Enigma
Enigma machine at
Bletchley Park
• Invented commercially, 1923
• German Navy, Army, Air Force
• About 50,000 in use (many were
captured by Allies)
• Modified throughout WWII, Germans
believed perfectly secure
• Kahn’s Codebreakers (1967) didn’t
know it was broken
• Turing’s 1940 Treatise on Enigma
declassified in 1996
Rotor Wheels
Simple
substitution
Latch turns
next rotor
once per
rotation
Image from
http://en.wikipedia.org/wiki/Image:Enigma-action.png
Wheel 3:
Rotate one
position when
wheel 2 cycles
Wheel 2:
Rotate one
position every
26 letters
Wheel 1:
Rotate one
position every
letter
Enigma’s Rotating Substitutions
ABCDEFGHIJKLMNOPQRSTUVWXYZ
JIDKQACRSHLGWNFEXUZVTPMYOB
ABCDEFGHIJKLMNOPQRSTUVWXYZ
SQHLZNYKXUWVJRDFBETIMOGACP
ABCDEFGHIJKLMNOPQRSTUVWXYZ
UAVGRDCBESYHLZOQKXTIMNJWFP
Enigma’s Problems
• Each day, a new set of initial settings were used…
– …and these were stored in a book that was stolen.
• Each network had a different setup for the
machine…
– …which was also stolen.
• For each message, a random set of three
characters would be used to decipher the text…
– …but people were lazy and used the same letters and
also repeated them at the beginning of the message
The best thing about bad encryption?
• We won WWII.
• D-Day would not have happened without the
cracking of the Enigma.
Modern Ciphers
• RSA – popular public key cryptographic
algorithm
• Found in common products
• Not “perfect,” but “good enough” if the key is
long enough
• Each entity needs a public and private key
RSA Key Generation
• Choose two distinct large random prime numbers p and q
• Compute n = pq
– n is used as the modulus for both the public and private keys
• Compute the totient: φ(n) = (p − 1)(q − 1).
• Choose an integer e such that 1 < e < φ(n), and e and φ(n)
share no factors other than 1 (i.e. e and φ(n) are coprime)
– e is released as the public key exponent – 2^16 + 1 = 65537 is a
popular choice
• Compute d such that d*e = 1 + kφ(n) for some integer k.
– d is kept as the private key exponent
• Public key = (n, e)
Encrypting and Decrypting
• Encrypt: c = m^e mod n
• Decrypt: m = c^d mod n
Example
•
Choose two prime numbers
– p = 61 and q = 53
•
Compute n = p q
– n = 61 * 53 = 3233
•
Compute φ (n) = (p-1)(q-1)
– φ(n) = (61 - 1)(53 - 1) = 3120
•
Choose e > 1 coprime to 3120
– e = 17
•
Compute d, such that d*e = 1 + kφ(n)
– d = 2753
– 17 * 2753 = 46801 = 1 + 15 * 3120.
Example
• The public key is (n = 3233, e = 17). For a message m, the
encryption function is:
– c = m^e mod n= m^{17} mod {3233}.
• The private key is (n = 3233, d = 2753). The decryption function is:
– m = c^d mod n = c^{2753} mod {3233}.
• For example, to encrypt m = 123, we calculate
– c = 123^{17} mod {3233} = 855.
• To decrypt c = 855, we calculate
– m = 855^{2753} mod {3233} = 123.
Key Exchange
• Alice comes up with a key
– She puts the key in a box and locks it with her padlock
• Alice sends the box to Bob
– Bob can’t get in the box, but he adds his padlock to
the box
• Bob sends the box back to Alice
– Alice removes her padlock
• Alice sends the box one more time to Bob
– Bob removes his padlock and gets the key
Key Exchange
• PGP
– Pretty Good Privacy
– Usually used for email
– Uses RSA (sometimes)
• X.509
– Server certificate keys
– Can generate your own, or get one from a
certificate authority
Point-to-point security
• Using this type of exchange provides point-topoint security for traffic
• But what if the other end doesn’t support any
encryption?
• http://gmail.com vs https://gmail.com
• Both are valid – one is encrypted!
Tunneling
• If you don’t trust the network you’re on (such
as open wireless or hotspot) tunneling might
be a good option.
• Create a secure connection through which all
traffic passes through.
• SSH and VPN use this concept.
• You connect to a computer and network you
do trust and then release your traffic.
SSH and VPN
• SSH is a secure shell connection that can
tunnel other traffic.
• VPN stands for Virtual Private Network
• Hotspotvpn is a good option
• Back to my Mac is another