Tanner Lovelace – Slide 1
Wdqqhu Oryhodfh
Wuldqjoh Olqxa Xvhuv Jurxs
11-Dsulo-2002
Tanner Lovelace – Slide 2
Tanner Lovelace
Triangle Linux Users Group
11-April-2002
• Cryptography
– The science of using mathematics to encrypt and decrypt data.
– A method of securely sending data over an insecure communications medium.
• Cryptanalysis
– The science of analyzing and breaking secure communications.
• Cryptology is the combination of the two.
Tanner Lovelace – Slide 3
There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files.
-Bruce Schneier, Applied Cryptography
Tanner Lovelace – Slide 4
• Privacy
– Keep communications secret
• Integrity
– Keep communications secure
• Authentication
– Know who you’re communicating with
• Nonrepudiation
– A sender shouldn’t be able to deny that they sent a message
Tanner Lovelace – Slide 5
• Two main types of cryptography
– Symmetric
» Same key encrypts/decrypts
» DES, AES, IDEA
– Asymmetric
» Different keys for encryption/decryption
» Also called public key cryptography
» RSA, Diffie-Hellman, ElGamal
Tanner Lovelace – Slide 6
• Which is better?
– 128 bit keys?
– 1024 bit keys?
• Answer: neither
– Symmetric encryption is much faster than asymmetric
– Asymmetric makes communicating with people you don’t know much easier
Tanner Lovelace – Slide 7
• Symmetric
Key
Key
Plaintext
Ciphertext
Encryption Decryption
Original
Plaintext
• Asymmetric
Encryption
Key
Plaintext
Encryption
Ciphertext
Decryption
Key
Decryption
Original
Plaintext
Tanner Lovelace – Slide 8
• Symmetric
– The only way to decrypt without the key is to try all possible combinations.
» With a 128 bit key, there are 2 128 possible combinations
» Comparison
» Our sun should go nova in approximately 2 30 years
» The universe is only 2 34 years old.
• Asymmetric
– You don’t, but smart people think it is.
Tanner Lovelace – Slide 9
• Asymmetric algorithms are built upon certain assumptions that have not been proved
– Factoring large numbers
– Computing discrete logrithms
• These are similar to the P vs. NP problem in classical computer science
– Which is why you hear the press talking about the possibility of codes being broken easily.
Tanner Lovelace – Slide 10
• Diffie-Hellman (key exchange)
– First public key algorithm published (1976)
» Whitfield Diffie and Martin Hellman
– Alice and Bob chose a large prime n and another number g .
– Alice chooses a random large integer a and sends Bob X = g a mod n .
– Bob chooses a random large integer b and sends
Alice Y = g b mod n .
– Alice computes k = Y a mod n .
– Bob computes k’ = X b mod n .
– k and k’ are equal ( g ab mod n ) and cannot be computed by someone watching the exchange!
Tanner Lovelace – Slide 11
• RSA (Rivest, Shamir, and Adleman) [1977]
– Choose two random large prime numbers p and q .
– Compute n = pq .
– Choose a number e such that e is between 1 and pq and e is relatively prime to ( p – 1)( q – 1).
– Compute d from e ( d = e -1 mod (( p -1)( q -1)))
» Multiplicative inverse
– To encrypt, calculate c = m e mod n .
– To decrypt, calculate m = c d mod n .
Tanner Lovelace – Slide 12
• Pretty Good Privacy
– Encryption program written by Phill Zimmerman in 1991.
– Zimmerman was later criminally charged with releasing it on the Internet. (Charges were eventually dropped.)
• OpenPGP
– A standard for encrypted/signed messages.
– RFC 2440, November 1998
• Gnu Privacy Guard
– An implementation of OpenPGP.
– Does not use patented algorithms.
Tanner Lovelace – Slide 13
• Encrypt / Decrypt
– Messages
– Files
• Digital Signatures
• Key management
– Create secret and public keys
– Manage a list of keys
– Certify keys
– Revoke or disable keys
Tanner Lovelace – Slide 14
• PGP uses multiple forms of encryption to encrypt different parts of a message
– Symmetric encryption fast
– Asymmetric encryption easy to distribute
• Message is encrypted with a symmetric algorithm
• Symmetric session key is encrypted with an asymmetric algorithm.
• In addition, the message is compressed beforehand, just to remove redundancy that could help cryptanalysis.
Tanner Lovelace – Slide 15
Tanner Lovelace – Slide 16
• To encrypt a file, you need to specify options
– Recepient (can be yourself)
– Binary or ascii mode
– Output filename
– Input filename
% gpg -r [UID]-a –o [outname] –e [file]
• Will also work with streams.
Tanner Lovelace – Slide 17
• Only need to specify the decrypt option
% gpg -d [file]
• Will prompt for pass phrase
Tanner Lovelace – Slide 18
• Integrity
– Message is hashed
– Hash is encrypted with private key
– Message can be hashed again to prove it hasn’t changed.
• Authentication
– Hash can be decrypted with a public key
– Proves that the private key was used to encrypt.
» But not necessarily that a particular person encrypted the message. What?!?
Tanner Lovelace – Slide 19
• Can be combined with encryption
• Can be integrated or detached
% gpg –a --sign[file]
% gpg –a --detach-sign[file]
• Detached signatures are useful for signing binary packages.
– Used with rpm (--addsign and –resign options)
Tanner Lovelace – Slide 20
• Session keys
– Created at use
– Only used once
– Need a very good source of randomness
• Asymmetric keys
– GPG allows you to create and manage
– Public portion of key can be published
Tanner Lovelace – Slide 21
• How do you know what keys to trust?
– You can only physically check a finite number of keys
• PGP allows you to sign someone elses key.
– Done when you have verified that a key is valid.
– Allows you to accept the validity of a key of someone you’ve never met.
» If Alice trusts Bob and Bob trusts Charles, then
Alice can also trust Charles.
Tanner Lovelace – Slide 22
Tanner Lovelace – Slide 23
% gpg --gen-key
• Generates a public/private key pair.
– Because of the RSA patent, it defaults to using DH/ElGamal (Discrete Logorithm
Problem)
– Choose a key length (use at least 1024 bits)
– User data (name, e-mail)
– Pass phrase
Tanner Lovelace – Slide 24
• Always generate a revocation certificate after creating a key!
– If you lose your pass phrase, will allow you to cancel your key.
% gpg --gen-revoke [UID]
• Need the pass phrase (to get to the secret key)
Tanner Lovelace – Slide 25
• List keys and signatures
% gpg --list-keys
% gpg --list-sigs
% gpg --fingerprint
• Import
% gpg --import [filename]
• Export
% gpg --export [UID]
• By default export is binary. Use “-a” to do asciiarmor.
Tanner Lovelace – Slide 26
• You could exchange keys by e-mail or web page, but there is a better way.
• PGP and GnuPG support a remote key server
• Send
% gpg --keyserver [ks] --send-key [UID]
• Receive
% gpg --keyserver [ks] --recv-key [UID]
• Default key server can be put in options file.
– If default server set, gpg will automatically look there for new keys.
Tanner Lovelace – Slide 27
• ONLY SIGN A KEY WHEN YOU ARE ABSOLUTELY
SURE IT IS AUTHENTIC!!!
• Use the edit key function
% gpg --edit-key [UID]
– Will bring up a command prompt
– Can sign, revoke, change trust, delete, etc…
>sign
• Make sure you send the newly signed key to a key server.
Tanner Lovelace – Slide 28
• GPG is a tool you can use to improve communication security.
– Don’t consider it an end result, but a link in a chain.
• It is integrated into a few packages, but the interface could be better
– Barrier to use
• Better when used all the time.
Tanner Lovelace – Slide 29
• Garfinkel, Simson, PGP, Pretty Good Privacy , 1995,
O’Reilly & Associates.
• Schneier, Bruce, Applied Cryptography , 1996, Wiley.
• Various crypto links
– http://www.x5.net/faqs/crypto/
– http://www.pgpi.org/doc/guide/6.5/en/intro/
– http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-1.html
– http://www.mcc.ac.uk/cos/security/PGP_why_and_how.html
– http://www.wired.com/wired/archive/people/whitfield_diffie/
– http://www.iae.nsk.su/pages/CRYPTO/rsafaq.html
– http://www.philzimmermann.com/
– http://www.openpgp.org/
– http://www.gnupg.org/
Tanner Lovelace – Slide 30