Digital Media

Moshell -Spring 99

Lecture 22: Cryptography

This is the first of two lectures concerning computer security. It is largely based on information that can be accessed through the Web. This lecture concerns basic principles, and Lecture 23 will concern Internet security issues.

Basic Principles of Cryptography

can be read about at  a site provided by the Webopedia, a nifty online encyclopedia about computer technology.

Query 22.1: Define each of these terms in your own words (note that this does NOT mean copying the tutorials' words! It means restating the idea in sentences you compose, while not looking at the original. The intermediate process is called thinking.)

Plaintext
Cyphertext
Cypher
Encryption
Cryptography
Decryption
Cryptanalysis
Encryption Key
    Symmetric-Key Encryption
        DES - Data Encryption Standard, US Govt, 56 bit keys
    Assymetric - Public Key Encryption and Whitfield Diffie
        RSA Encryption, The Crypto Cyberpunk Hackers, any key size you want
Authentication

Basic Principle #1: You may never assume that the method you are using is secret. Your security must rest on the quality of secrecy of the key values used in the process, and on the validity of the algorithms.

A trival cypher uses a key which is added to the message, e. g. in 8 bit chunks, modulo 2**8. This substitution cypher would do nothing to disguise the statistical properties of the underlying messages, and so a simple frequency analysis would reveal what code symbol stands for the letter 'e', for instance.

We can see from this example that cyphers must make segments of the cyphertext depend on larger chunks of the plaintext.

Now for some Details

An excellent tutorial, upon which the lecture is based, is provided by SSH Ltd. in Finland. At some times of day it can be a bit slow to download things from Finland, but it's worth the wait. Since it's copyrighted, I haven't reproduced the site.

Another tutorial which describes the same information in different words, was written by Robin Whittle.

Let's discuss some of these ideas a bit.
 

The Web of Trust

Let's say I run a business consulting service, and I want to provide a secure channel for members of the public to send me a message. So I post my public key (call it Key1) on a web page at moshell.com, and request that you use PGP to encrypt a message and then mail it to mike@moshell.com. You're surfing along the web one day looking for a consultant, and your search engine brings you to a page named mikemoshell.com. It advertises a public key (call it Key2) and suggests that you use Key2 to send mail to me@mikemoshell.com.

Now you do so, and Sneakowitz,  the person who put up that site (and who provided Key2) of course has the matching Key2' because he made the key-pair himself. He reads your private message to me, then uses my posted Key1 to re-encrypt it and forward it to me (using some fairly easy internet trickery to disguise the source of the e-mailing.) I think I'm receiving a valid message from you, and we proceed to do business. But the man in the middle attack has succeeded, because Sneakowitz knows what you said to me.

How can I prevent this danger? I have to constantly use search engines to see if anyone is advertising my services in a way that someone would find the spoof-site instead of my site. But this is a pretty weak approach, and I may well miss somebody or somesite.

How can YOU prevent this danger? Well, you have to somehow establish a web of trust to verify that you are actually working with my correct address and my own actual encryption key. That is, ultimately you have to go to a site which you know absolutely is the real thing; like perhaps www.netscape.com, or some site whose URL and master public key was transmitted to you in person by a person  you trust (not by e-mail!). Such root locations are called certification authorities if they are public organizations. If you have your own private hierarchy then it called a "web of trust".

At this site, you can download a packet of information about me, and decrypt it with the master key. In that packet is my real e-mail address and my public key.

Digital Signatures

Query 22.2: Recount the story of how the police department verifies its identity when notifying people of an emergency.

I want to send a document to you, and make sure that nobody has changed a word of it. This is just like the problem of sending anything through a network; it just needs a checksum. But how can you make sure that some unscrupulous person didn't change the message AND the checksum? Well, I could encrypt the checksum using public key encryption, using my secret key. You can decrypt it with my public key (if you got it from a trusted source!) and then apply the checksum process to the message. If the two agree, you got the real thing.

These checksums are called message digests.  They are constructed by using cryptographic hash functions.

Query 22.3: Tell a digital version of the police department story. You get e-mail from an alleged police department. How do you check them out?

Controversies about Encryption

are discussed in an article in Wired Magazine by Steven Levy.

Query 22.4: Who is Phil Zimmerman and what is PGP?

Query 22.5: What is a key escrow?

Key Issue: Governments don't WANT the public to have access to strong encryption, because they fear terrorists and criminals will use it. Freedom advocates say that governments' ability to read our mail is more dangerous than terrorists ever will be.

How, technically, could the government prevent it? By (for instance) forcing ISPs to run sniffers that test messages for crackability, and not transmit any suspicious ones. By (uselessly) forbidding the export of technology (e. g. special purpose VLSI chip sets) that make fast encryption feasible. However, it's a bit late to forbid the dissemination of the techniques. See Principle #1 above.
 

Back to the course index
Back to the course syllabus
Back to the previous lecture
Onward to the next lecture