\def\lximg{/usr/share/lx/icons/fueller.png} \newcommand{\superscript}[1]{\ensuremath{^{\textrm{#1}}}} \newcommand{\subscript}[1]{\ensuremath{_{\textrm{#1}}}} \input{configpres} \subsection{Cryptography} \title{Cryptography} \maketitle \def\lximg{none} % ---------------------------- \subsubsection{Fundamentals} \begin{frame}[fragile] \frametitle{Cryptography: Historical} \begin{itemize} \item First mention: 300 BC in ancient Egypt \item Mechanical Systems \item Character Exchange Tables and Codebooks \item Problem: Crypto Analysis, Transmission \end{itemize} \end{frame} % ---------------------------- \begin{frame} \frametitle{Cryptography: Modern} \begin{itemize} \item Revolution starts in 1970 \item Cryptography for non-military purpose \item Data Encryption Standard (DES: 1976) \item Secret Key Exchange (Diffie, Hellmann: 1976) \item Private/Public Key: RSA Algorithm (Rivest, Shamir, Adleman: 1977) \end{itemize} \end{frame} % ---------------------------- \begin{frame} \frametitle{Kerckhoffs's principle} Auguste Kerckhoff (1983) on \emph{La Cryptographie Militaire} \begin{itemize} \item \dots \item It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience \item \dots \end{itemize} Conclusion: \begin{itemize} \item No \emph{Security by Obscurity} \item The strength of the system must depend on the secret of the key, not on the secret of the algorithm \item published and standardized method/algorithm \\ (eliminate failures in theory) \item open implementation \\ (eliminate failures in implementation) \end{itemize} \end{frame} % ---------------------------- \begin{frame} \frametitle{Cryptographic Methods} \begin{itemize} \item Asymmetric methods \begin{itemize} \item expensive and slow \item Public and Private Key \item Key Exchange \end{itemize} \item Symmetric methods \begin{itemize} \item efficient and fast \item single Key \item Bulk Data Encryption/Hashes \end{itemize} \item non-linear behavior \item resistant against \begin{itemize} \item statistical analysis \item differential cryptanalysis \end{itemize} \end{itemize} \end{frame} % ---------------------------- \subsubsection{Symmetric Methods} \begin{frame} \frametitle{Data Encryption Standard (DES)} \begin{itemize} \item S-Box based, \\ 56 bit key size, \\ 64 bit cipher block size \item developed by IBM and NSA \item 1975: First publication \item 1976: accepted as standard \item 1977: published as FIPS PUB 46 \item TDES is recommended as replacement since 1999 \end{itemize} \end{frame} % ---------------------------- \begin{frame} \frametitle{Advanced Encryption Standard (AES)} \begin{itemize} \item S-Box based, \\ 128, 192, 256 bit key size, \\ 128 bit cipher block size \item 1997: public selection process started by NIST \item 1999: end of 1st round: 15 algorithms \item 2000: end of 2nd round: 6 algorithms \item 2000: Rijndael published as AES in October \end{itemize} \end{frame} % ---------------------------- \subsubsection{Asymmetric Methods} \begin{frame} \frametitle{Asymmetric Methods} \begin{itemize} \item based on one-way methods \item encryption with public information \item decryption only with private information \item RSA \begin{itemize} \item 512 to 4096 bit key size \item min. 2048 bit recommended \end{itemize} \item Elliptic Curve Cryptography (ECC) \begin{itemize} \item 160 to 512 bit key size \item equivalent security with shorter key size \item RSA/DH 2048 equivalent to ECDH 224 \end{itemize} \end{itemize} \end{frame} % ---------------------------- \subsubsection{Applications} \begin{frame} \frametitle{Modes of Operation} \begin{itemize} \item turn Block Cipher into a Stream Cipher \item disarrange repeating patterns \end{itemize} \begin{figure}[h] \centering \includegraphics[scale=0.3]{images/crypto_3tux.png} \end{figure} \end{frame} % ---------------------------- \begin{frame} \frametitle{Cipher Block Chaining (CBC)} \begin{itemize} \item Decryption parallelizable \item damaged IV affects first plaintext block \item one-bit flip in ciphertext affects whole plaintext block and the corresponding bit in the following plaintext block \item Multiple Cipherblock Size only, padding required (e.g. with CBC-CS) \end{itemize} \begin{figure}[h] \centering \includegraphics[scale=0.3]{images/crypto-cbc.png} \end{figure} \end{frame} % ---------------------------- \begin{frame} \frametitle{Cipher Feedback (CFB)} \begin{itemize} \item Required only Block Encryption \item Decryption parallelizable \item No padding required \end{itemize} \begin{figure}[h] \centering \includegraphics[scale=0.3]{images/crypto-cfb.png} \end{figure} \end{frame} % ---------------------------- \begin{frame} \frametitle{Counter (CTR)} \begin{itemize} \item Required only Block Encryption \item Encryption and Decryption parallelizable \item En-/decryption can be prepared in advance \item No padding required \end{itemize} \begin{figure}[h] \centering \includegraphics[scale=0.3]{images/crypto-ctr.png} \end{figure} \end{frame} % ---------------------------- \begin{frame} \frametitle{SSL/TLS Handshake (1)} Secure Key Exchange \begin{itemize} \item Phase 1 \begin{itemize} \item Client / Server exchange Random Numbers (RN\subscript{c} and RN\subscript {s}) \item Negotiate Session Parameter (encryption method, compression) \end{itemize} \item Phase 2 \begin{itemize} \item Server Certificate (incl. PubK\subscript{s}), checked by Client \item opt: Client verify Server Certificate Signature \item opt: Server request signed Client Certificate \end{itemize} \end{itemize} \end{frame} % ---------------------------- \begin{frame} \frametitle{SSL/TLS Handshake (2)} \begin{itemize} \item Phase 3: \begin{itemize} \item Client Certificate (incl. PubK\subscript{c}), checked by Server \item Hash over all previous messages, signed with PrivK\subscript{c}, checked by Server \item Client calculate Pre-Master-Secret (PMS) \item Encrypted PMS (with PubK\subscript{s}) to Server \item Both sides calculate Master-Secret with RN\subscript{c}, RN\subscript{s} and PMS \end{itemize} \item Phase 4: \begin{itemize} \item Both sides switch to encrypted communication with MS \end{itemize} \end{itemize} \end{frame} % ---------------------------- \begin{frame} \frametitle{Open Crypto Libraries} \begin{itemize} \item OpenSSL: libcrypto and libssl \\ Implementations and Hardware support for most common algorithms \item LibreSSL \\ fork of openSSL \item mbedTLS \\ implementation for embedded systems \\ new name for PolarSSL \item GnuTLS: GNU SSL/TLS implementation \\ Focus on TLS handshaking and protocol implementation \item PKCS\#11 (API for Smartcard Slots and Tokens) \\ OpenSC Project \\ opencryptoki \end{itemize} \end{frame} % ---------------------------- \subsubsection{Related Links} \begin{frame} Starting point on Wikipedia \begin{itemize} \item \url{http://en.wikipedia.org/wiki/Cryptography} \end{itemize} National Institute of Standards and Technology \begin{itemize} \item \url{http://www.nist.gov} \end{itemize} RSA Labratories \begin{itemize} \item \url{http://www.rsa.com} \end{itemize} \end{frame} \subsection{} \input{tailpres}