Crypto
Páginas: 5 (1155 palabras)
Publicado: 9 de agosto de 2012
Online Cryptography Course
Dan Boneh
Introduction
Course Overview
Dan Boneh
Welcome
Course objectives:
• Learn how crypto primitives work
• Learn how to use them correctly and reason about security
My recommendations:
• Take notes
• Pause video frequently to think about the material
• Answer the in-video questions
Dan Boneh
Cryptography is everywhere
Securecommunication:
– web traffic: HTTPS
– wireless traffic: 802.11i WPA2 (and WEP), GSM, Bluetooth
Encrypting files on disk: EFS, TrueCrypt
Content protection (e.g. DVD, Blu-ray): CSS, AACS
User authentication
… and much much more
Dan Boneh
Secure communication
no eavesdropping
no tampering
Dan Boneh
Secure Sockets Layer / TLS
Two main parts
1. Handshake Protocol: Establish sharedsecret key
using public-key cryptography (2nd part of course)
2. Record Layer: Transmit data using shared secret key
Ensure confidentiality and integrity (1st part of course)
Dan Boneh
Protected files on disk
Disk
Alice
File 1
File 2
Alice
No eavesdropping
No tampering
Analogous to secure communication:
Alice today sends a message to Alice tomorrow
Dan Boneh
Buildingblock: sym. encryption
Alice
m
E
Bob
E(k,m)=c
k
c
D
D(k,c)=m
k
E, D: cipher
k: secret key (e.g. 128 bits)
m, c: plaintext, ciphertext
Encryption algorithm is publicly known
• Never use a proprietary cipher
Dan Boneh
Use Cases
Single use key: (one time key)
• Key is only used to encrypt one message
• encrypted email: new key generated for every email
Multi usekey: (many time key)
• Key used to encrypt multiple messages
• encrypted files: same key used to encrypt many files
• Need more machinery than for one-time key
Dan Boneh
Things to remember
Cryptography is:
– A tremendous tool
– The basis for many security mechanisms
Cryptography is not:
– The solution to all security problems
– Reliable unless implemented and used properly
–Something you should try to invent yourself
• many many examples of broken ad-hoc designs
Dan Boneh
End of Segment
Dan Boneh
Online Cryptography Course
Dan Boneh
Introduction
What is cryptography?
Dan Boneh
Crypto core
Secret key establishment:
Talking
to Alice
Talking
to Bob
Alice
Bob
attacker???
Secure communication:
k
m1
k
m2
confidentialityand integrity
Dan Boneh
But crypto can do much more
• Digital signatures
• Anonymous communication
Alice
signature
Who did I
just talk to?
Alice
Bob
Dan Boneh
But crypto can do much more
• Digital signatures
• Anonymous communication
• Anonymous digital cash
– Can I spend a “digital coin” without anyone knowing who I am?
– How to prevent double spending?
1$Alice
Internet
Who was
that?
(anon. comm.)
Dan Boneh
Protocols
• Elections
• Private auctions
Dan Boneh
Protocols
• Elections
• Private auctions
Goal: compute f(x1, x2, x3, x4)
trusted
authority
“ Thm:” anything the can done with trusted auth. can also
be done without
• Secure multi-party computation
Dan Boneh
Crypto magic
• Privately outsourcingcomputation
search
query
What did she
search for?
E[ query ]
Alice
E[ results ]
results
• Zero knowledge (proof of knowledge)
N=p∙q
Alice
???
I know the factors of N !!
proof π
Bob
N
Dan Boneh
A rigorous science
The three steps in cryptography:
• Precisely specify threat model
• Propose a construction
• Prove that breaking construction under
threat mode willsolve an underlying hard problem
Dan Boneh
End of Segment
Dan Boneh
Online Cryptography Course
Dan Boneh
Introduction
History
Dan Boneh
History
David Kahn, “The code breakers” (1996)
Dan Boneh
Symmetric Ciphers
Dan Boneh
Few Historic Examples
(all badly broken)
1. Substitution cipher
k :=
Dan Boneh
Caesar Cipher
(no key)
Dan Boneh...
Dan Boneh
Introduction
Course Overview
Dan Boneh
Welcome
Course objectives:
• Learn how crypto primitives work
• Learn how to use them correctly and reason about security
My recommendations:
• Take notes
• Pause video frequently to think about the material
• Answer the in-video questions
Dan Boneh
Cryptography is everywhere
Securecommunication:
– web traffic: HTTPS
– wireless traffic: 802.11i WPA2 (and WEP), GSM, Bluetooth
Encrypting files on disk: EFS, TrueCrypt
Content protection (e.g. DVD, Blu-ray): CSS, AACS
User authentication
… and much much more
Dan Boneh
Secure communication
no eavesdropping
no tampering
Dan Boneh
Secure Sockets Layer / TLS
Two main parts
1. Handshake Protocol: Establish sharedsecret key
using public-key cryptography (2nd part of course)
2. Record Layer: Transmit data using shared secret key
Ensure confidentiality and integrity (1st part of course)
Dan Boneh
Protected files on disk
Disk
Alice
File 1
File 2
Alice
No eavesdropping
No tampering
Analogous to secure communication:
Alice today sends a message to Alice tomorrow
Dan Boneh
Buildingblock: sym. encryption
Alice
m
E
Bob
E(k,m)=c
k
c
D
D(k,c)=m
k
E, D: cipher
k: secret key (e.g. 128 bits)
m, c: plaintext, ciphertext
Encryption algorithm is publicly known
• Never use a proprietary cipher
Dan Boneh
Use Cases
Single use key: (one time key)
• Key is only used to encrypt one message
• encrypted email: new key generated for every email
Multi usekey: (many time key)
• Key used to encrypt multiple messages
• encrypted files: same key used to encrypt many files
• Need more machinery than for one-time key
Dan Boneh
Things to remember
Cryptography is:
– A tremendous tool
– The basis for many security mechanisms
Cryptography is not:
– The solution to all security problems
– Reliable unless implemented and used properly
–Something you should try to invent yourself
• many many examples of broken ad-hoc designs
Dan Boneh
End of Segment
Dan Boneh
Online Cryptography Course
Dan Boneh
Introduction
What is cryptography?
Dan Boneh
Crypto core
Secret key establishment:
Talking
to Alice
Talking
to Bob
Alice
Bob
attacker???
Secure communication:
k
m1
k
m2
confidentialityand integrity
Dan Boneh
But crypto can do much more
• Digital signatures
• Anonymous communication
Alice
signature
Who did I
just talk to?
Alice
Bob
Dan Boneh
But crypto can do much more
• Digital signatures
• Anonymous communication
• Anonymous digital cash
– Can I spend a “digital coin” without anyone knowing who I am?
– How to prevent double spending?
1$Alice
Internet
Who was
that?
(anon. comm.)
Dan Boneh
Protocols
• Elections
• Private auctions
Dan Boneh
Protocols
• Elections
• Private auctions
Goal: compute f(x1, x2, x3, x4)
trusted
authority
“ Thm:” anything the can done with trusted auth. can also
be done without
• Secure multi-party computation
Dan Boneh
Crypto magic
• Privately outsourcingcomputation
search
query
What did she
search for?
E[ query ]
Alice
E[ results ]
results
• Zero knowledge (proof of knowledge)
N=p∙q
Alice
???
I know the factors of N !!
proof π
Bob
N
Dan Boneh
A rigorous science
The three steps in cryptography:
• Precisely specify threat model
• Propose a construction
• Prove that breaking construction under
threat mode willsolve an underlying hard problem
Dan Boneh
End of Segment
Dan Boneh
Online Cryptography Course
Dan Boneh
Introduction
History
Dan Boneh
History
David Kahn, “The code breakers” (1996)
Dan Boneh
Symmetric Ciphers
Dan Boneh
Few Historic Examples
(all badly broken)
1. Substitution cipher
k :=
Dan Boneh
Caesar Cipher
(no key)
Dan Boneh...
Leer documento completo
Regístrate para leer el documento completo.