| Encryption encodes information to hide it from everyone else … maintaining your privacy |
| To keep information private it must be hidden from “prying” computers | |||
| As children, most of us used “secret” codes | |||
| Most often the code was a Caesar Cipher -- an alphabetic shift by a constant amount | |||
| Fixed substitutions don’t work, ‘cause letters have a known distribution | |||
| In a large text, count the frequency of each letter, match the results to distribution | |||
| The twelve most frequent letters account for 80% of English text | |||
| ETAOINSHRDLU | |||
| Traditionally, encryption technology has been “breakable” with effort | |||
| Breakable codes let law enforcement and governments watch criminals and spies | |||
| Codes are good enough for the honest | |||
| Traditionally, encryption technology has been “breakable” with effort | |||
| Breakable codes let law enforcement and governments watch criminals and spies | |||
| Codes are good enough for the honest | |||
| ŽNew computer encryption is unbreakableÜ | |||
| It’s called “strong encryption” … should it be legal to be able to keep secrets absolutely? | |||
| Encryption is most important for when sending information |
| To communicate securely, users must meet before sending/receiving |
| Public Key Encryption is based on publishing the key | |||
| Sender uses public key to encrypt | |||
| Using the public key, encrypt message | |||
| Divide T, the clear text bytes, into blocks | |||
| Treat each block as a number | |||
| Cube number (raise to 3 pwr), divide by key | |||
| Send the remainder for each block | |||
| Does PKC work? Can’t it be cracked? | |||
| Recall definition of divide: a=b×c + d | |||
| For example, 50/6 implies 50=6×8 + 2 | |||
| The encryption process is a division: | |||
| T3=Kr×c + d | |||
| so sending c&d determines clear text T | |||
| Rivest, Adelman and Shamir invented a PKC scheme called RSA | |||
| The secret is to pick the key, Kr, right | |||
| Pick two prime numbers -- numbers divisible only by themselves and 1 -- that are 2 greater than a multiple of 3 … weird! | |||
| Examples are 5, 11, 17, 23, 29, ... | |||
| Kr = p×q so that it is 129 digits | |||
| Compute s=1/3(2(p-1)(q-1)+1) then compute Cs = Kr×c + T | |||
| That is … | |||
| The remainders (C) raised to s power equal Kr times some (quotient) c no one cares about plus the original clear text number! | |||
| So, raise the remainders to s, divide by Kr and PRESTO! the new remainder is the answer | |||
| Though the numbers get huge, computer can handle them quickly | |||
| These codes are strong because breaking them needs s, which needs p, q, which means factoring Kr | |||
| Factoring is computationally tough -- best methods are only somewhat better than grammar school, “try all small primes” | |||
| Picking 129 digit key, means no computer can factor it … so the code is unbreakable | |||
| After inventing their scheme (1977), RSA challenged people to break it | |||
| Their first key was broken in 1994 using 1000 computers over 8 months | |||
| Their secret message: THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE | |||
| Doomed? No. There are many other 129 digit keys, or if people get nervous make 200 digit keys or more … breaking gets harder very fast; encrypt/decrypt doesn’t | |||
| Should we allow people to use strong encryption? Or should only breakable codes be legal? | |||
| It hampers law enforcement and security | |||
| Most criminals reveal plans in other ways | |||
| PKC exists and is known, so build in escape | |||
| -- Trap door | |||
| -- Key Escrow | |||
| But are these schemes really secure? | |||