Seminar Report INDEX

TITLE
SECRET KEY CRYPTOGRAPHY PUBLIC KEY CRYPTOGRAPHY DIGITAL SIGNATURES TRANSMITTING OVER AN INSECURE CHANNEL BOBS DILEMMA ALICES SIGNATURE REVISED SCHEME ANOTHER POSSIBLE PROBLEM SECURE PROTOCOLS SSL AND TLS ADVANTAGES OF SSL/TLS REFRENCES

Cryptography

PAGE NO.
2-3 4-6 7-10 11-12 13-14 15 16 17 18 19-21 22 23

SECRET KEY CRYPTOGRAPHY

8/18/2013 1

Seminar Report

Cryptography

Secret key cryptography uses a single key which both parties (usually named Alice and Bob) both must know. They must keep this key a secret (hence the name) from an eavesdropper (named Eve), otherwise Eve will be able to decrypt any messages encrypted using that key. Alice uses a secret key encryption scheme (or cryptographic algorithm) to transform a message into something resembling random noise. The scheme may be publicly known. The security of the system comes from the secret key that Alice uses. The transformation can only be undone by Bob and Alice herself, since only they know the secret key.

The Basic Principle: Encryption and Decryption using a secret key:

To secretly communicate with Bob, Alice encrypts her messages before sending them. There are many techniques (cryptographic algorithms) that she can use. All these algorithms have in common that they can transform a message using a key into something that resembles random noise. This is called encrypting the message. Only the persons who know the key can transform the random noise back into the original message, or in other words, decrypt the message. This means that those persons must keep this key a secret, hence the name secret key cryptography

How secret key cryptography works:

Secret key cryptography transforms (scrambles) a message into something resembling random noise. The precise transformation is determined by the key. Mathematically seen, a cryptographic algorithm is a function that maps a message onto a cipher text (an encrypted message). By using keys, it is possible to encrypt many different messages using one particular cryptographic algorithm in different ways. And keeping the key a secret is much easier than keeping a complete algorithm a secret. Some cryptographic algorithms operate on single characters of the message. These are called stream ciphers. Others operate on entire blocks, and therefore are called block ciphers. Stream ciphers are easier to implement in hardware than block ciphers, and they are also generally faster. Block ciphers tend to be harder to crack.

An example of a secret key cryptographic system:

A very simple technique to encrypt messages is to replace every letter of the message with one that is a certain number of positions further in the alphabet. The key then is the number of positions. For example, the message "This is an example" can be encrypted using the key "1 position" into the encrypted message "Uijt jt bo fybnqmf". Taking the letter that is 1 position previous in the alphabet results in the original message again.

8/18/2013

Seminar Report

Cryptography

This system is of course not very secure. There are only twenty-six possible keys. Eve can simply try out all the keys to see which one results in a readable message. Furthermore, it is a well-known fact that certain letters occur more often in messages than others. The letter "e" is the most frequently used letter in the English language, for example. Using this fact Eve can simply count which letter occurs the most often in the encrypted message and replace that one with the letter "e". She then knows how many positions she has to rotate to get from "e" to the encrypted version of "e" and thus she immediately knows the key.

PUBLIC KEY CRYPTOGRAPHY

8/18/2013 3

Seminar Report

Cryptography

In order to decrypt a message, Bob (the recipient) has to know the key. However, it may be difficult for Alice (the sender) to tell Bob what the key is. If they simply agree on a key by e-mail for example, Eve could be listening in on their e-mail conversation and thus also learn what the key is. Public key cryptography was invented to solve this problem.

The Basic Principle: Public keys and private keys:

When using public key cryptography, Alice and Bob both have their own key pairs. A key pair consists of a public key and a private key. If the public key is used to encrypt something, then it can be decrypted only using the private key. And similarly, if the private key is used to encrypt something, then it can be decrypted only using the public key. It is not possible to figure out what the private key is given only the public key, or vice versa. This makes it possible for Alice and Bob to simply send their public keys to one another, even if the channel they are using to do so is insecure. It is no problem that Eve now gets a copy of the public keys. If Alice wants to send a secret message to Bob, she encrypts the message using Bob's public key. Bob then takes his private key to decrypt the message. Since Eve does not have a copy of Bob's private key, she cannot decrypt the message. Of course this means that Bob has to carefully guard his private key. With public key cryptography it is thus possible for two people who have never met to securely exchange messages.

Combining public key and secret key cryptography:

A problem with public key cryptography is that it is very slow. Encrypting a message that is several megabytes long takes a very long time, much longer than when using secret key cryptography. For this reason few people use only public key cryptography. What Alice usually does is encrypt the message using a secret key encryption algorithm and a key she made up on the spot. She then encrypts this key (called the session key) using Bob's public key. Bob can then obtain the session key by decrypting it using his private key. And with the session key he can decrypt the message. This way a long message is encrypted very quickly and Alice can still send it to Bob without needing a secure way of agreeing on the key.

How public key cryptography works:

Public key cryptography systems are usually based on the assumption that a particular mathematical operation is easy to do, but difficult to undo unless you know some particular secret. This particular secret that serves as the private key. The two most famous public key cryptography systems are Diffie-Hellman and the RSA system, named

8/18/2013

Seminar Report

Cryptography

after its inventors Rivest, Shamir and Adleman. More recently public key cryptography based on so-called elliptic curves has gotten a lot of attention. Using public key cryptography it is possible to easily encrypt a message for multiple recipients. It is even possible to later authorize recipients to read the message. The message is simply encrypted with a session key. The session key is encrypted multiple times, once for every recipient using his public key. If later another recipient needs to be added, the session key is simply then also encrypted using his public key. Every recipient can now decrypt the session key independently from every other recipient.

ENCRYPTION PLAIN TEXT PUBLIC KEY CIPHER TEXT

REPRESENTATION OF BLOCK DIAGRAM DURING TRANSMISION

DECRYPTION CIPHER TEXT PLAIN TEXT

PRIVATE KEY

REPRESENTATION OF BLOCK DIAGRAM DURING RECEPTION

Applications of public key cryptography:

8/18/2013 5

Seminar Report
Secure Web communication

Cryptography

One important application of public key cryptography is encrypted communication with a Web server. This enables Alice to securely place an order and to transmit her credit card details. Alice's Web browser generates a random number which will be used to encrypt all communication with the server using secret key cryptography. The browser obtains a copy of the public key of the server and uses this public key to encrypt this random number (called the session key). The result is sent to the server. After that, browser and server can encrypt all information so that Eve cannot read it. Alternatively, it is the server that generates the session key. This requires that the browser sends its own public key to the server so that the session key can be transmitted securely. This makes it easier to upgrade the hardware or software that generates the session key. Secure content distribution Content such as music or video can be distributed in encrypted form. To be able to play it back, the recipient needs the decryption key. To avoid having to encrypt the entire movie or song again for every recipient, the content is encrypted with a session key. Every recipient receives the encrypted content together with the session key. The session key is of course encrypted using the recipient's public key. This way only a very small amount of data needs to be encrypted again for every recipient. It is even possible to distribute the encrypted content in advance. If the recipient wants to play back the content, he can at any time contact the distributor and obtain (purchase) a copy of the session key encrypted using his public key. This is sometimes called 'super distribution'

8/18/2013

Seminar Report
DIGITAL SIGNATURES

Cryptography

Public key cryptography is not only used to protect messages. An important application is the creation and checking of so-called digital signatures. Digital signatures are coupled to the electronic document to which they apply. This coupling is established using publickey cryptography and so-called cryptographic hash functions

The Basic Principle:

In public key cryptography, anything Alice encrypts with Bob's public key can be decrypted by Bob with the corresponding private key. Alice can also encrypt a message with her private key, which means that Bob can decrypt it with Alice's public key. Since the public key is, as the name suggests, publicly available, this is not very good idea if Alice wants to keep that message a secret. Eve can also simply obtain a copy of Alice's public key and thus also decrypt the message. But because Alice keeps her private key to herself, Bob knows that only Alice could have encrypted this message. Bob can now be sure that this message was written by Alice. A signature on a paper message serves as proof that this message was written by the person who signed it. Encrypting with a private key thus can be regarded as an equivalent to placing one's signature on the message. This is why this is called creating a digital signature for the message. If Alice wants to keep the message a secret that only Bob is allowed to learn, she of course then simply encrypts the digitally signed message with Bob's public key. Bob first decrypts the message with his own private key and then decrypts the result with Alice's public key. He now knows that no one else could have read the message (because it was encrypted using his public key) and that no one but Alice could have written this message (because it was encrypted using her private key).

How digital signatures work:

Digitally signing large messages takes a long time, just like encrypting large messages with someone's public key. Just like with public key encryption, placing digital signature therefore involves an extra step. First a summary of the message is computed, and then this summary is signed.

8/18/2013

Seminar Report

Cryptography

SIGNING PLAIN TEXT PRIVATE KEY SIGNED MESSAGE

BLOCK DIAGRAM DURING DIGITAL SIGNATURE TRANSMISION

VERIFICATION SIGNED MESSAGE PLAIN TEXT

PUBLIC KEY

BLOCK DIAGRAM DURING DIGITAL SIGNATURE RECEPTION

Applications of digital signatures:

Digital signatures offer many applications other than signing messages such as e-mail. A digital signature can be created for any kind of file. The digital signature then can be used as proof that the file was not modified after the digital signature was created. It can also be used to make the file unique, for example by appending a serial number to the file and signing the result.

8/18/2013

Seminar Report

Cryptography

Authenticating Web Servers Using public key cryptography a Web browser and server can communicate with each other securely. The browser can encrypt a session key using the public key of the server and send it to the server. In this application the Web browser typically obtains a copy of the public key of the server by requesting a certificate containing this public key from the server. This certificate has been signed by some trusted third party. The public key of this trusted third party has been programmed into the Web browser beforehand. Using this public key the browser can determine that the certificate is authentic. The browser then knows it has the right public key. Electronic Money (digital cash) Making files unique with digital signatures is the basis of digital cash (electronic money). Alice the banker creates electronic banknotes of various denominations and puts a unique number on every banknote. She signs the result. Bob the client now makes a withdrawal from his account with Alice and receives some of the signed banknotes. The banknotes can be anonymous or include Bob's name. Bob then goes to Charlie's electronic hardware store and purchases a digital camera using these banknotes as payment. Charlie verifies that the banknotes bear Alice's signature and so knows that they are not counterfeit. Bob could of course make as many copies of the signed banknotes as he wants, since the banknotes are in electronic form. Charlie therefore now has to go to Alice and report to her the unique number on the banknote he received. Alice will then record that number as "spent" and indicate to Charlie that the transaction is okay. If the number was already recorded as "spent", Alice will reject the transaction. If the transaction is okay, the amount indicated on the banknotes is credited to Charlie's account. This system has many advantages over traditional payment techniques. Alice can create banknotes of any denomination, including for example millicents (0.001 cents). This way for example an electronic archive could charge one millicent for every document Bob requests and Bob could pay that without having to take a subscription or make a deposit in advance. One disadvantage of this system is that it requires Charlie to immediately check with Alice whether the banknote he still valid. If Charlie waits even a few minutes, Bob can spend the banknote again at Dave's. Then either Charlie or Dave is not going to get his money. This principle is currently used for electronic coupons. As a coupon is less valuable than a banknote, the risk of double spending a coupon appears to be acceptable. Furthermore, coupons are usually only valid at one particular store.

8/18/2013

Seminar Report
Signed Computer Programs

Cryptography

Digital signatures can also be used to authenticate software applications. The manufacturer of a computer program can generate a digital signature for the executable. When a user downloads the program, he can verify that the digital signature is correct. He then knows that this program was really made by that particular manufacturer. If he trusts that manufacturer, he can safely install the application. The manufacturer of course promises that the application will not do anything malicious

8/18/2013

10

Seminar Report

Cryptography

TRANSMITTING OVER AN INSECURE CHANNEL

Suppose Alice wants to send Bob a private message, where Alice is a sender and Bob is a receiver. Let We have: A public is Alices public key. A private is Alices private key. B public is Bobs public key. B private is Bobs private key. ALICE SENDS A MESSAGE TO BOB: HELLO BOB, WANT TO ORGANISE A PARTY? THE TRANSMISSION SCHEME WOULD BE AS FOLLOW:

ALICE

BOB

ENCRYPT USING

DECRYPT USING

Bpublic

Bprivate

Suppose after getting the message from Alice ,Bob gives the back message to Alice as: OK ALICE, I GOT YPUR MESSAGE Then,

8/18/2013

11

Seminar Report
THE RECEPTION SCHEME WOULD BE AS FOLLOW:

Cryptography

ALICE

BOB

DECRYPT USING

ENCRYPT USING

Aprivate

Apublic

8/18/2013

12

Seminar Report
BOBS DILEMMA

Cryptography

Nobody can read the message from Alice, but anyone could produce it. Bob will be happy to know that only Alice can read his reply.

Hash Functions:
A cryptographic hash function can transform input of an arbitrary length to an output of a certain number of bits, typically 128 or 160 bits. The output is called the hash value. A very simple example of a hash function is to simply add up the position in the alphabet of all the characters in the message. For example, the message "ape" would give as output 22 (1 plus 16 plus 5). Since the hash value is usually shorter than the message itself, this makes it easier and faster to compare two messages or to find a particular message in a table. For example, it is common in database management systems to compute the hash value of all the names in a database with information on people. To determine whether a particular person occurs in the database, the hash value of his name is computed and compared against the hash values of all the names. This is much faster than comparing the name itself against all the names in the database, because the hash value is a number of a fixed length. Names can be many characters long and each character has many more possibilities than just 0-9.

Hash functions should have two properties:

Given a particular output, it should be difficult to find a message that has that particular output (for cryptographers this means the hash function is "one-way"). Given two messages, the chance that they have the same hash value should be small (cryptographers refer to this as "collision-free"). If a particular hash function has these properties, it is called a cryptographic hash function. It is now possible to use the hash value of a message instead of the message itself. The simple example given above does not have these properties. There are many messages that have the hash value 22. And furthermore, it is quite easy to find another message that also has this hash value

Cryptographic Hash Functions and Digital Signatures:

Hash functions can be used to determine whether a message has been modified. Alice computes the hash value of the message she wants to send to Bob and sends the hash value of the message together with the message to Bob. Bob computes the hash value of the message he receives, and compares it against the hash value he received from Alice. If these two hash values are the same, Bob knows that the message was not modified. 8/18/2013 13

Seminar Report

Cryptography

After all, the second property of the hash function says that the chance that the modified message has the same hash value as the original message is very small. Eve can now no longer just modify the message without Bob noticing this. However, Eve can modify the message and compute the hash value of the modified message. She can then replace the hash value that Alice sent with the hash value she computed. Bob will then think that the message was not modified, because the message he received has the same hash value as the one he got from Alice. But Bob has no way to know that he did not get that hash value from Alice. Of course this is where digital signatures come in. After computing the hash value of the message she wants to send, Alice digitally signs this hash value and sends the result (the digital signature of the message) to Bob. Bob then decrypts the digital signature using Alice's public key. He compares the result with the hash value he computed for the message he received and so determines whether the message was modified. If everything checks out, Bob knows that this message really came from Alice and it was not modified. Because Eve does not have Alice's private key, she is no longer able to replace the hash value that Alice signed with the hash value of the modified message. And it is next to impossible for Eve to modify the message in such a way that the hash value remains the same. Because of the first property of the hash function, it is difficult for Eve to find another message that has the same hash value. And even if she manages to find one, the chance that this other message is even remotely the same as the original message from Alice is extremely small. An important reason for using a cryptographic hash function is that the message remains in unencrypted form. Furthermore, the (digitally signed) hash value can now be transmitted and stored invisible to the user, for example as part of the headers of an email message or encapsulated using the well-known MIME standard. The digital signature can also be transmitted over an entirely separate channel. Alice could publish the digital signature of a message in a newspaper. This way, she could later prove that she had a copy of this message on the date of publication of this newspaper without having to reveal the message. This can be useful for example if Alice had to prove that she wrote a particular message and did not infringe on somebody else's copyright.

8/18/2013

14

Seminar Report
ALICES SIGNATURE

Cryptography

Alice feeds her original message through a hash function and encrypts the message digest with Aprivate. Bob can decrypt the message digest using Apublic. Bob can compute the message digest himself. If the 2 message digests are identical, Bob knows Alice sent the message.

8/18/2013

15

Seminar Report
REVISED SCHEME

Cryptography

ALICE

BOB

Sign with Aprivate

check signature using Apublic

encrypt using Bpublic

decrypt using Bprivate

8/18/2013

16

Seminar Report

Cryptography

ANOTHER POSSIBLE PROBLEM

Suppose Bill receives a message from Alice including a digital signature. meet me at the library tonight Bill sends the same message to Joe so that it looks like the message came from Alice. Bill includes the digital signature from the message Alice sent to him. Joe is convinced Alice sent the message!

8/18/2013

17

Seminar Report

Cryptography

SECURE PROTOCOLS
There are a growing number of applications for secure protocols

Email:
It can take days to send a letter across the country and weeks to go around the world. To save time and money, more and more people are relying on electronic mail. It's fast, easy and much cheaper than the using the post office. What is e-mail? In its simplest form, e-mail is an electronic message sent from one device to another. While most messages go from computer to computer, e-mail can also be sent and received by mobile phones, PDAs and other devices. With e-mail, you can send or receive personal and business-related messages with attachments, such as photos or formatted documents. You can also send music, video clips and software programs. Let's say you have a small business with sales reps working around the country. How do you communicate without running up a huge phone bill? Or what about keeping in touch with far-flung family members? E-mail is the way to go. It's no wonder e-mail has become the most popular service on the Internet. Just as a letter makes stops at different postal stations along the way to its final destination, e-mail passes from one computer, known as a mail server, to another as it travels over the Internet. Once it arrives at the destination mail server, it's stored in an electronic mailbox until the recipient retrieves it. This whole process can take seconds, allowing you to quickly communicate with people around the world at any time of the day or night

Sending and Receiving Messages:

To receive e-mail, you need an account on a mail server. This is similar to having a street address where you receive letters. One advantage over regular mail is that you can retrieve your e-mail from any location on earth, provide that you have Internet access. Once you connect to your mail server, you just download your messages to your computer or wireless device.

Electronic Commerce:
E-Commerce, or electronic commerce, is defined as the conduct of business and financial transactions by electronic means. It is the use of Internet technologies to bring together customers, business, partners, suppliers and employees. This category focuses on the many aspects of conducting business using the Internet and the World Wide Web: Marketing, Strategy, Training, Research, Practice, and Services, among other topics that are related to Electronic Commerce.

8/18/2013

18

Seminar Report

Cryptography

SECURE SOCKETS LAYER (SSL)

Security of data in transit over the Internet becomes increasingly necessary because of steadily growing data volume and importance. Nowadays, every user of a public network sends various types of data, from email to credit card details daily, and he would therefore like them to be protected when in transit over a public network. To this end, a practical SSL protocol has been adopted for protection of data in transit that encompasses all network services that use TCP/IP to support typical application tasks of communication between servers and clients. The SSL protocol was originally developed by Netscape, to ensure security of data transported and routed through HTTP, LDAP or POP3 application layers. SSL is designed to make use of TCP as a communication layer to provide a reliable end-to-end secure and authenticated connection between two points over a network (for example between the service client and the server). Notwithstanding this SSL can be used for protection of data in transit in situations related to any network service, it is used mostly in HTTP server and client applications. Today, almost each available HTTP server can support an SSL session, whilst IE or Netscape Navigator browsers are provided with SSL-enabled client software.

SSL objectives and architecture:

Which problems does SSL target? The main objectives for SSL are:

Authenticating the client and server to each other: the SSL protocol supports the use of standard key cryptographic techniques (public key encryption) to authenticate the communicating parties to each other. Though the most frequent application consists in authenticating the service client on the basis of a certificate, SSL may also use the same methods to authenticate the client. Ensuring data integrity: during a session, data cannot be either intentionally or unintentionally tampered with. Securing data privacy: data in transport between the client and the server must be protected from interception and be readable only by the intended recipient. This prerequisite is necessary for both the data associated with the protocol itself (securing traffic during negotiations) and the application data that is sent during the session itself. SSL is in fact not a single protocol but rather a set of protocols that can additionally be further divided in two layers:

1. the protocol to ensure data security and integrity: this layer is composed of the SSL Record Protocol, 2. the protocols that are designed to establish an SSL connection: three protocols are used in this layer: the SSL Handshake Protocol, the SSL ChangeCipher SpecPprotocol and the SSL Alert Protocol. 8/18/2013 19

Seminar Report
The SSL protocol stack is illustrated in Figure 2.

Cryptography

The SSL protocol stack SSL uses these protocols to address the tasks as described above. The SSL record protocol is responsible for data encryption and integrity. As can be seen in Figure, it is also used to encapsulate data sent by other SSL protocols, and therefore, it is also involved in the tasks associated with the SSL check data. The other three protocols cover the areas of session management, cryptographic parameter management and transfer of SSL messages between the client and the server. Prior to going into a more detailed discussion of the role of individual protocols and their functions let us describe two fundamental concepts related to the use of SSL.

SSL session and connection:

The concepts as mentioned above are fundamental for a connection between the client and the server, and they also encompass a series of attributes. Lets try to give some more details:

connection: this is a logical client/server link, associated with the provision of a suitable type of service. In SSL terms, it must be a peer-to-peer connection with two network nodes.

session: this is an association between a client and a server that defines a set of parameters such as algorithms used, session number etc. An SSL session is created by the Handshake Protocol that allows parameters to be shared among the connections made between the server and the client, and sessions are used to avoid negotiation of new parameters for each connection. This means that a single session is shared among multiple SSL connections between the client and the server. In theory, it may also be possible that multiple sessions are shared by a single connection, but this feature is not used in practice. The concepts of a SSL session and connection involve several parameters that are used for SSL-enabled communication between the client and the server. During the negotiations of the handshake protocol, the encryption methods are established and a series of parameters of the Session State are subsequently used within the session.

8/18/2013

20

Seminar Report

Cryptography

TRANSPORT LAYER SECURITY (TLS)

Transport Layer Security (TLS) is a cryptographic protocols which provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, instant messaging and other data transfers. The TLS protocol/s allow applications to communicate across a network in a way designed to prevent eavesdropping, tampering, and message forgery. TLS provides endpoint authentication and communications privacy over the Internet using cryptography. Typically, only the server is authenticated ( i.e., its identity is ensured) while the client remains unauthenticated; this means that the end user (be that a person, or an application such as a web browser), can be sure of whom they are "talking" to. The next level of security - both ends of the "conversation" being sure of who they are "talking" to - is known as mutual authentication. Mutual authentication requires public key infrastructure (PKI) deployment to clients.

TLS involves three basic phases:

1. Peer negotiation for algorithm support 2. Public key encryption -based key exchange and certificate-based authentication 3. Symmetric cipher-based traffic encryption

8/18/2013

21

Seminar Report
ADVANTAGES OF SSL/TLS

Cryptography

Independent of application layer Includes support for negotiated encryption techniques. easy to add new techniques. Possible to switch encryption algorithms in the middle of a session.

8/18/2013

22

Seminar Report
REFERENCES

Cryptography

[1] Y. B. Lin and I. Chlamtac, Mobile and Wireless Network Architectures, Wiley, 2001. [2] ETSI/TC. Technical Realization of the Short Message Service Point-to-Point ,v. 4.6.0. Tech. rep., Rec. GSM 03.40, 1993. [3] ETSI/TC, Use of Data Terminal Equipment-Data Circuit Terminating; Equipment(DTEDCE) Interface for Short Message Service (SMS) and Cell Broadcast Service (CBS), v. 5.3.0, Tech. rep., Rec. GSM 07.05, 1997. [4] Nokia, Smart Messaging Specification, v. 1.0.0.Tech. rep., Nokia, 1997. [5] EIA/TIA, 800 MHz TDMA Cellular Radio Interface Mobile Station Base Station Compatibility Digital Control Channel, Tech. rep. IS-136,1994. [6] EIA/TIA, Mobile Station-Base Station Compatibility Standard for Dual-mode Wideband Spread Spectrum Cellular System, Tech. Rep. IS-95, 1993.

8/18/2013

23