Encryption encodes information to hide it from everyone else … maintaining your privacy |
To keep information private it must be hidden from “prying” computers | |||
As children, most of us used “secret” codes | |||
Most often the code was a Caesar Cipher -- an alphabetic shift by a constant amount |
Fixed substitutions don’t work, ‘cause letters have a known distribution | |||
In a large text, count the frequency of each letter, match the results to distribution | |||
The twelve most frequent letters account for 80% of English text | |||
ETAOINSHRDLU |
Traditionally, encryption technology has been “breakable” with effort | |||
Breakable codes let law enforcement and governments watch criminals and spies | |||
Codes are good enough for the honest | |||
Traditionally, encryption technology has been “breakable” with effort | |||
Breakable codes let law enforcement and governments watch criminals and spies | |||
Codes are good enough for the honest | |||
ŽNew computer encryption is unbreakableÜ | |||
It’s called “strong encryption” … should it be legal to be able to keep secrets absolutely? |
Encryption is most important for when sending information |
To communicate securely, users must meet before sending/receiving |
Public Key Encryption is based on publishing the key | |||
Sender uses public key to encrypt |
Using the public key, encrypt message | |||
Divide T, the clear text bytes, into blocks | |||
Treat each block as a number | |||
Cube number (raise to 3 pwr), divide by key | |||
Send the remainder for each block |
Does PKC work? Can’t it be cracked? | |||
Recall definition of divide: a=b×c + d | |||
For example, 50/6 implies 50=6×8 + 2 | |||
The encryption process is a division: | |||
T3=Kr×c + d | |||
so sending c&d determines clear text T | |||
Rivest, Adelman and Shamir invented a PKC scheme called RSA | |||
The secret is to pick the key, Kr, right | |||
Pick two prime numbers -- numbers divisible only by themselves and 1 -- that are 2 greater than a multiple of 3 … weird! | |||
Examples are 5, 11, 17, 23, 29, ... | |||
Kr = p×q so that it is 129 digits | |||
Compute s=1/3(2(p-1)(q-1)+1) then compute Cs = Kr×c + T | |||
That is … | |||
The remainders (C) raised to s power equal Kr times some (quotient) c no one cares about plus the original clear text number! | |||
So, raise the remainders to s, divide by Kr and PRESTO! the new remainder is the answer |
Though the numbers get huge, computer can handle them quickly | |||
These codes are strong because breaking them needs s, which needs p, q, which means factoring Kr | |||
Factoring is computationally tough -- best methods are only somewhat better than grammar school, “try all small primes” | |||
Picking 129 digit key, means no computer can factor it … so the code is unbreakable |
After inventing their scheme (1977), RSA challenged people to break it | |||
Their first key was broken in 1994 using 1000 computers over 8 months | |||
Their secret message: THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE | |||
Doomed? No. There are many other 129 digit keys, or if people get nervous make 200 digit keys or more … breaking gets harder very fast; encrypt/decrypt doesn’t |
Should we allow people to use strong encryption? Or should only breakable codes be legal? | |||
It hampers law enforcement and security | |||
Most criminals reveal plans in other ways | |||
PKC exists and is known, so build in escape | |||
-- Trap door | |||
-- Key Escrow | |||
But are these schemes really secure? |