logging in or signing up Class6 encryption Marigold Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 443 Category: Entertainment License: All Rights Reserved Like it (1) Dislike it (0) Added: January 03, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Access Control and Rights Management: Access Control and Rights Management Legal and Technical Issues: Legal and Technical Issues Legal: When is a resource available to digitize and make available. What requirements exist for controlling access. Technical: How do we control access to a resource that is stored online? Policies Encoding Distribution limitationsSlide3: Chart created by Lolly Gasaway. Updates at http://www.unc.edu/~unclng/public-d.htmWorks for hire: Works for hire Usual case -- works created by faculty are not the property of the university. Faculty surrender copyright to publishers of journals and books Some publishers allow faculty to retain copyright, giving the publisher specific limited rights to reproduce and distribute the work. Fair use: Fair use No clear, easy answers. Checksheet provided in the article is a good guide to the issues. Link to the checksheet: http://www.copyright.iupui.edu/checklist.htm Moral rights: Moral rights Fair to the creator Keep the identity of the creator of the work Do not cut the work Generally, be considerate of the person (or institution) that created the work.Getting Permission: Getting Permission With the best will in the world, getting the appropriate permissions is not always easy. Identify who holds the rights Get in touch with the rights holder Get a suitable agreement to cover the needs of your use. Useful links: http://www.loc.gov/copyright/ http://www.utsystem.edu/OGC/IntellectualProperty/PERMISSN.HTM Connections to various ways to discover and contact the rights holder of a work.Slide8: Source: NINCH Guide to Good Practice. Chapter 4: Rights Management Checking copyright statusSlide9: Source: NINCH Guide to Good Practice. Chapter 4: Rights Management Copyright: Lauryn G. Grant Considering people depicted in the workTechnical issues: Technical issues Link the resource to the copyright statements Maintain that link when the resource is copied or used Approaches: Steganography Encryption Digital Wrappers Digital WatermarksIssues in Encryption: Issues in Encryption General cases for protection of controlled content: Concern for passive listening, active interference. Listening: intruder gains information, may not be detected. Effects indirect. Active interference Intruder may prevent delivery of the message to the intended recipient. Intruder may substitute a fake message for the intended one Effects are direct and immediate Less likely in the case of digital library contentMessage interception: Message interception Original message Encoding Method Ciphertext Decoding Method Received message Eavesdropping Masquerading Intruder (Plain text) (Plain text) Types of Encryption Methods: Types of Encryption Methods Substitution Simple adjustment, Caesar’s cipher Each letter is replaced by one that is a fixed distance from it in the alphabet. A becomes D, B becomes E, etc. At the end, wrap around, so X becomes A, Y becomes B, Z becomes C. May have been confusing the fist time it was done, but it would not have taken long to figure it out. Simple substitution of other characters for letters -- numbers, dancing men, etc. More complex substitution. No pattern to the replacement scheme. See common cryptogram puzzles. These are usually made easier by showing the spaces between the words. (For very modern version, see http://www.cryptograms.org/) Dancing Men????: Dancing Men???? Arthur Conan Doyle: The Adventure of the Dancing Men. A Sherlock Holmes Adventure. Read the story online and see the images and analysis of the decoding at http://camdenhouse.ignisart.com/canon/danc.htm “Speaking roughly, T, A, O, I, N, S, H, R, D, and L are the numerical order in which letters occur; but T, A, O, and I are very nearly abreast of each other, and it would be an endless task to try each combination until a meaning was arrived at.”Types of encryption - 2: Types of encryption - 2 Hiding the text. The wax tablet example message written on the base of the tablet and wax put over top of it with another message on the wax Steganography: (ste-g&n-o´gr&-fē) (n.) The art and science of hiding information by embedding messages within other, seemingly harmless messages. Steganography works by replacing bits of useless or unused data in regular computer files (such as graphics, sound, text, HTML, or even floppy disks ) with bits of different, invisible information. This hidden information can be plain text, cipher text, or even images. Special software is needed for steganography, and there are freeware versions available at any good download site. Can be used to insert identification into a file to track its source. Definition from www.webopedia.comTypes of encryption - 3: Types of encryption - 3 Key-based shuffling Using a mnemonic to make the key easy to remember. A machine to do the shuffling A D B C D C B A What shuffling is used? How would “CAB” look?Monoalphabetic codes: Monoalphabetic codes Any kind of substitution in which just one letter (or other symbol) represents one letter from the original alphabet is called monoalphabetic encoding. Such codes are easy to break. That is what you do when you solve cryptograms. Frequency distribution of letters in normal text for a given language are well known. “The twelve most frequently-used letters in the English language are ETAOIN SHRDL, in that order.” -- http://www.cryptograms.org/ Letter distributions in English: Letter distributions in English SOURCE: Tannenbaum Computer Networks 1981 Prentice HallDisguising frequencies: Disguising frequencies First trick: use more than 26 symbols and use several different symbols to represent the same letter. The goal is to even out the distribution. Ex. Use the letters plus the digits. 36 symbols Assign five symbols to the letter E, two to the letter I, three to the letter N, two each to R and S. More complex: More complex Vigenere’s table Arrange all the letters of the alphabet 26 times, in parallel columns, such that each column begins with a different letter, first A, then B, etc. Encode each letter by using a different column for each successive letter of the message. How to know which column to use? Use a keyword. Examples and breaking: http://www.trincoll.edu/depts/cpsc/cryptography/vigenere.htmlDecoding : Decoding The Vigenere cipher looks really hard, but is not secure. Since the keyword repeats, it is really just a bunch of monoalphabetic codes. If you can figure out the length of the keyword, you can do standard analysis. Making it harder - instead of a regular arrangement of the letter columns, scramble them in some arbitrary way. Makes decoding much more difficult, but also makes it difficult to have the arrangement known to the people who are supposed to be able to read the message.Enigma: Enigma Suppose we take a conversion for the first letter of the message and a different mapping for the next letter and a different mapping for the next letter … That is what we did with Vigenere Add additional encodings. Rotate from a fixed starting point through 26 positions of the first set of columns, then iterate a second set of columns. Now have 676 different mappings. To decode, must figure out the wiring inside each phase, and the order in which they are arranged in the machine.Enigma : Enigma German engineer, Artur Scherbius (1878-1929) invented a machine of this type around 1918 and bought the patent rights to one invented in Holland also. He added a reflecting cylinder, which allowed the same machine to encode and decode. He called the machine enigma, from the Greek for riddle. The enigma used by the Germans in WWII had three rotors, and later four.Enigma - 2: Enigma - 2Encryption/Decryption Keys: Encryption/Decryption Keys Problem is that you have to get the key to the receiver, secretly and accurately. If you can get the key there, why not use the same method to send the whole message? (Efficiency of scale) If the key is compromised without the communicators knowing it, the transmissions are open. Exact working of the enigma machine: http://www.codesandciphers.org.uk/enigma/rotorspec.htm How Polish mathematicians broke the enigma http://www.codesandciphers.org.uk/virtualbp/poles/poles.htmSummary of encryption goals: Summary of encryption goals High level of data protection Simple to understand Complex enough to deter intruders Protection based on the key, not the algorithm Economical to implement Adaptable for various applications Available at reasonable costData Encryption Standard: Data Encryption Standard Complex sequence of transformations hardware implementations speed performance modifications have made it very secure Known algorithm security based on difficulty in discovering the key http://www.itl.nist.gov/fipspubs/fip46-2.htmSlide28: The Data Encryption Standard Illustrated 64 bit blocks, 64 bit key Federal InformationProcessing Standards 46-2 http://www.itl.nist.gov/fipspubs/fip46-2.htmSlide29: INTERNET-LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD LOVELAND, COLORADO (June 18, 1997). Tens of thousands of computers, all across the U.S. and Canada, linked together via the Internet in an unprecedented cooperative supercomputing effort to decrypt a message encoded with the government-endorsed Data Encryption Standard (DES). Responding to a challenge, including a prize of $10,000, offered by RSA Data Security, Inc, the DESCHALL effort successfully decoded RSADSI's secret message. According to Rocke Verser, a contract programmer and consultant who developed the specialized software in his spare time, "Tens of thousands of computers worked cooperatively on the challenge in what is believed to be one of the largest supercomputing efforts ever undertaken outside of government." Using a technique called "brute-force", computers participating in the challenge simply began trying every possible decryption key. There are over 72 quadrillion keys (72,057,594,037,927,936). At the time the winning key was reported to RSADSI, the DESCHALL effort had searched almost 25% of the total. At its peak over the recent weekend, the DESCHALL effort was testing 7 billion keys per second. Public Key encryption: Public Key encryption Eliminates the need to deliver a key Two keys: one for encoding, one for decoding Known algorithm security based on security of the decoding key Essential element: knowing the encoding key will not reveal the decoding keyEffective Public Key Encryption: Effective Public Key Encryption Encoding method E and decoding method D are inverse functions on message M: D(E(M)) = M Computational cost of E, D reasonable D cannot be determined from E, the algorithm, or any amount of plaintext attack with any computationally feasible technique E cannot be broken without D (only D will accomplish the decoding) Any method that meets these criteria is a valid Public Key Encryption technique It all comes down to this:: It all comes down to this: key used for decoding is dependent upon the key used for encoding, but the relationship cannot be determined in any feasible computation or observation of transmitted dataRivest, Shamir, Adelman (RSA) : Rivest, Shamir, Adelman (RSA) Choose 2 large prime numbers, p and q, each more than 100 digits Compute n=p*q and z=(p-1)*(q-1) Choose d, relatively prime to z Find e, such that e*d=1 mod (z) or e*d mod z = 1, if you prefer. This produces e and d, the two keys that define the E and D methods.Public Key encoding: Public Key encoding Convert M into a bit string Break the bit string into blocks, P, of size k k is the largest integer such that 2k<n P corresponds to a binary value: 0<P<n Encoding method E = Compute C=Pe(mod n) Decoding method D = Compute P=Cd(mod n) e and n are published (public key) d is closely guarded and never needs to be disclosed An example: : An example: P=7; q=11; n=77; z=60 d=13; e= 37; k=6 Test message = CAT Using A=1, etc and 5-bit representation: 00011 00001 10100 Since k=6, regroup the bits (arrange right to left so that any padding needed will put 0's on the left and not change the value): 000000 110000 110100 (three leading zeros added to fill the block) decimal equivalent: 0 48 52 Each of those raised to the power 37 (e) mod n: 0 27 24 Each of those values raised to the power 13 (d) mod n (convert back to the original): 0 48 52 On a practical note: PGP: On a practical note: PGP You can create your own real public and private keys using PGP (Pretty Good Privacy) See the following Web site for full information. (MIT site - obsolete) http://www.pgpi.org/products/pgp/versions/freeware/ http://www.freedownloadscenter.com/Utilities/Required_Files/PGP.htmlIssues: Issues Intruder vulnerability If an intruder intercepts a request from A for B’s public key, the intruder can masquerade as B and receive messages from B intended for A. The intruder can send those same or different messages to B, pretending to be A. Prevention requires authentication of the public key to be used. Computational expense One approach is to use Public Key Encryption to send the Key for use in DES, then use the faster DES to transmit messagesDigital Signatures: Digital Signatures Some messages do not need to be encrypted, but they do need to be authenticated: reliably associated with the real sender Protect an individual against unauthorized access to resources or misrepresentation of the individual’s intentions Protect the receiver against repudiation of a commitment by the originatorDigital Signature basic technique: Digital Signature basic technique Sender A Receiver B Intention to send E(Random Number) where E is A’s public key Message and D(E(Random Number))Public key encryption with implied signature: Public key encryption with implied signature Add the requirement that E(D(M)) = M Sender A has encoding key EA, decoding key DA Intended receiver has encoding (public) key EB. A produces EB(DA(M)) Receiver calculates EA(DB(EB(DA(M)))) Result is M, but also establishes that only A could have encoded MDigital Signature Standard (DSS): Digital Signature Standard (DSS) Verifies that the message came from the specified source and also that the message has not been modified More complexity than simple encoding of a random number, but less than encrypting the entire message Message is not encoded. An authentication code is appended to it.Digital Signature - SHA: Digital Signature - SHA FIPS Pub 186 - Digital Signature Standard http://www.itl.nist.gov/fipspubs/fip186.htmEncryption summary: Encryption summary Problems intruders can obtain sensitive information intruder can interfere with correct information exchange Solution disguise messages so an intruder will not be able to obtain the contents or replace legitimate messages with othersImportant methods: Important methods DES fast, reasonably good encryption key distribution problem Public Key Encryption more secure based on the difficulty of factoring very large numbers no key distribution problem computationally intenseDigital signatures: Digital signatures Authenticate messages so the sender cannot repudiate the message later Protect messages from changes during transmission or at the receiver’s site Useful when the contents do not need encryption, but the contents must be accurate and correctly associated with the senderLegal and ethical issues: Legal and ethical issues People who work in these fields face problems with allowable exports, and are not always allowed to talk about their work. Is it desirable to have government able to crack all codes? What is the tradeoff between privacy of law abiding citizens vs. the ability of terrorists and drug traffickers to communicate in secret? You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Class6 encryption Marigold Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 443 Category: Entertainment License: All Rights Reserved Like it (1) Dislike it (0) Added: January 03, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Access Control and Rights Management: Access Control and Rights Management Legal and Technical Issues: Legal and Technical Issues Legal: When is a resource available to digitize and make available. What requirements exist for controlling access. Technical: How do we control access to a resource that is stored online? Policies Encoding Distribution limitationsSlide3: Chart created by Lolly Gasaway. Updates at http://www.unc.edu/~unclng/public-d.htmWorks for hire: Works for hire Usual case -- works created by faculty are not the property of the university. Faculty surrender copyright to publishers of journals and books Some publishers allow faculty to retain copyright, giving the publisher specific limited rights to reproduce and distribute the work. Fair use: Fair use No clear, easy answers. Checksheet provided in the article is a good guide to the issues. Link to the checksheet: http://www.copyright.iupui.edu/checklist.htm Moral rights: Moral rights Fair to the creator Keep the identity of the creator of the work Do not cut the work Generally, be considerate of the person (or institution) that created the work.Getting Permission: Getting Permission With the best will in the world, getting the appropriate permissions is not always easy. Identify who holds the rights Get in touch with the rights holder Get a suitable agreement to cover the needs of your use. Useful links: http://www.loc.gov/copyright/ http://www.utsystem.edu/OGC/IntellectualProperty/PERMISSN.HTM Connections to various ways to discover and contact the rights holder of a work.Slide8: Source: NINCH Guide to Good Practice. Chapter 4: Rights Management Checking copyright statusSlide9: Source: NINCH Guide to Good Practice. Chapter 4: Rights Management Copyright: Lauryn G. Grant Considering people depicted in the workTechnical issues: Technical issues Link the resource to the copyright statements Maintain that link when the resource is copied or used Approaches: Steganography Encryption Digital Wrappers Digital WatermarksIssues in Encryption: Issues in Encryption General cases for protection of controlled content: Concern for passive listening, active interference. Listening: intruder gains information, may not be detected. Effects indirect. Active interference Intruder may prevent delivery of the message to the intended recipient. Intruder may substitute a fake message for the intended one Effects are direct and immediate Less likely in the case of digital library contentMessage interception: Message interception Original message Encoding Method Ciphertext Decoding Method Received message Eavesdropping Masquerading Intruder (Plain text) (Plain text) Types of Encryption Methods: Types of Encryption Methods Substitution Simple adjustment, Caesar’s cipher Each letter is replaced by one that is a fixed distance from it in the alphabet. A becomes D, B becomes E, etc. At the end, wrap around, so X becomes A, Y becomes B, Z becomes C. May have been confusing the fist time it was done, but it would not have taken long to figure it out. Simple substitution of other characters for letters -- numbers, dancing men, etc. More complex substitution. No pattern to the replacement scheme. See common cryptogram puzzles. These are usually made easier by showing the spaces between the words. (For very modern version, see http://www.cryptograms.org/) Dancing Men????: Dancing Men???? Arthur Conan Doyle: The Adventure of the Dancing Men. A Sherlock Holmes Adventure. Read the story online and see the images and analysis of the decoding at http://camdenhouse.ignisart.com/canon/danc.htm “Speaking roughly, T, A, O, I, N, S, H, R, D, and L are the numerical order in which letters occur; but T, A, O, and I are very nearly abreast of each other, and it would be an endless task to try each combination until a meaning was arrived at.”Types of encryption - 2: Types of encryption - 2 Hiding the text. The wax tablet example message written on the base of the tablet and wax put over top of it with another message on the wax Steganography: (ste-g&n-o´gr&-fē) (n.) The art and science of hiding information by embedding messages within other, seemingly harmless messages. Steganography works by replacing bits of useless or unused data in regular computer files (such as graphics, sound, text, HTML, or even floppy disks ) with bits of different, invisible information. This hidden information can be plain text, cipher text, or even images. Special software is needed for steganography, and there are freeware versions available at any good download site. Can be used to insert identification into a file to track its source. Definition from www.webopedia.comTypes of encryption - 3: Types of encryption - 3 Key-based shuffling Using a mnemonic to make the key easy to remember. A machine to do the shuffling A D B C D C B A What shuffling is used? How would “CAB” look?Monoalphabetic codes: Monoalphabetic codes Any kind of substitution in which just one letter (or other symbol) represents one letter from the original alphabet is called monoalphabetic encoding. Such codes are easy to break. That is what you do when you solve cryptograms. Frequency distribution of letters in normal text for a given language are well known. “The twelve most frequently-used letters in the English language are ETAOIN SHRDL, in that order.” -- http://www.cryptograms.org/ Letter distributions in English: Letter distributions in English SOURCE: Tannenbaum Computer Networks 1981 Prentice HallDisguising frequencies: Disguising frequencies First trick: use more than 26 symbols and use several different symbols to represent the same letter. The goal is to even out the distribution. Ex. Use the letters plus the digits. 36 symbols Assign five symbols to the letter E, two to the letter I, three to the letter N, two each to R and S. More complex: More complex Vigenere’s table Arrange all the letters of the alphabet 26 times, in parallel columns, such that each column begins with a different letter, first A, then B, etc. Encode each letter by using a different column for each successive letter of the message. How to know which column to use? Use a keyword. Examples and breaking: http://www.trincoll.edu/depts/cpsc/cryptography/vigenere.htmlDecoding : Decoding The Vigenere cipher looks really hard, but is not secure. Since the keyword repeats, it is really just a bunch of monoalphabetic codes. If you can figure out the length of the keyword, you can do standard analysis. Making it harder - instead of a regular arrangement of the letter columns, scramble them in some arbitrary way. Makes decoding much more difficult, but also makes it difficult to have the arrangement known to the people who are supposed to be able to read the message.Enigma: Enigma Suppose we take a conversion for the first letter of the message and a different mapping for the next letter and a different mapping for the next letter … That is what we did with Vigenere Add additional encodings. Rotate from a fixed starting point through 26 positions of the first set of columns, then iterate a second set of columns. Now have 676 different mappings. To decode, must figure out the wiring inside each phase, and the order in which they are arranged in the machine.Enigma : Enigma German engineer, Artur Scherbius (1878-1929) invented a machine of this type around 1918 and bought the patent rights to one invented in Holland also. He added a reflecting cylinder, which allowed the same machine to encode and decode. He called the machine enigma, from the Greek for riddle. The enigma used by the Germans in WWII had three rotors, and later four.Enigma - 2: Enigma - 2Encryption/Decryption Keys: Encryption/Decryption Keys Problem is that you have to get the key to the receiver, secretly and accurately. If you can get the key there, why not use the same method to send the whole message? (Efficiency of scale) If the key is compromised without the communicators knowing it, the transmissions are open. Exact working of the enigma machine: http://www.codesandciphers.org.uk/enigma/rotorspec.htm How Polish mathematicians broke the enigma http://www.codesandciphers.org.uk/virtualbp/poles/poles.htmSummary of encryption goals: Summary of encryption goals High level of data protection Simple to understand Complex enough to deter intruders Protection based on the key, not the algorithm Economical to implement Adaptable for various applications Available at reasonable costData Encryption Standard: Data Encryption Standard Complex sequence of transformations hardware implementations speed performance modifications have made it very secure Known algorithm security based on difficulty in discovering the key http://www.itl.nist.gov/fipspubs/fip46-2.htmSlide28: The Data Encryption Standard Illustrated 64 bit blocks, 64 bit key Federal InformationProcessing Standards 46-2 http://www.itl.nist.gov/fipspubs/fip46-2.htmSlide29: INTERNET-LINKED COMPUTERS CHALLENGE DATA ENCRYPTION STANDARD LOVELAND, COLORADO (June 18, 1997). Tens of thousands of computers, all across the U.S. and Canada, linked together via the Internet in an unprecedented cooperative supercomputing effort to decrypt a message encoded with the government-endorsed Data Encryption Standard (DES). Responding to a challenge, including a prize of $10,000, offered by RSA Data Security, Inc, the DESCHALL effort successfully decoded RSADSI's secret message. According to Rocke Verser, a contract programmer and consultant who developed the specialized software in his spare time, "Tens of thousands of computers worked cooperatively on the challenge in what is believed to be one of the largest supercomputing efforts ever undertaken outside of government." Using a technique called "brute-force", computers participating in the challenge simply began trying every possible decryption key. There are over 72 quadrillion keys (72,057,594,037,927,936). At the time the winning key was reported to RSADSI, the DESCHALL effort had searched almost 25% of the total. At its peak over the recent weekend, the DESCHALL effort was testing 7 billion keys per second. Public Key encryption: Public Key encryption Eliminates the need to deliver a key Two keys: one for encoding, one for decoding Known algorithm security based on security of the decoding key Essential element: knowing the encoding key will not reveal the decoding keyEffective Public Key Encryption: Effective Public Key Encryption Encoding method E and decoding method D are inverse functions on message M: D(E(M)) = M Computational cost of E, D reasonable D cannot be determined from E, the algorithm, or any amount of plaintext attack with any computationally feasible technique E cannot be broken without D (only D will accomplish the decoding) Any method that meets these criteria is a valid Public Key Encryption technique It all comes down to this:: It all comes down to this: key used for decoding is dependent upon the key used for encoding, but the relationship cannot be determined in any feasible computation or observation of transmitted dataRivest, Shamir, Adelman (RSA) : Rivest, Shamir, Adelman (RSA) Choose 2 large prime numbers, p and q, each more than 100 digits Compute n=p*q and z=(p-1)*(q-1) Choose d, relatively prime to z Find e, such that e*d=1 mod (z) or e*d mod z = 1, if you prefer. This produces e and d, the two keys that define the E and D methods.Public Key encoding: Public Key encoding Convert M into a bit string Break the bit string into blocks, P, of size k k is the largest integer such that 2k<n P corresponds to a binary value: 0<P<n Encoding method E = Compute C=Pe(mod n) Decoding method D = Compute P=Cd(mod n) e and n are published (public key) d is closely guarded and never needs to be disclosed An example: : An example: P=7; q=11; n=77; z=60 d=13; e= 37; k=6 Test message = CAT Using A=1, etc and 5-bit representation: 00011 00001 10100 Since k=6, regroup the bits (arrange right to left so that any padding needed will put 0's on the left and not change the value): 000000 110000 110100 (three leading zeros added to fill the block) decimal equivalent: 0 48 52 Each of those raised to the power 37 (e) mod n: 0 27 24 Each of those values raised to the power 13 (d) mod n (convert back to the original): 0 48 52 On a practical note: PGP: On a practical note: PGP You can create your own real public and private keys using PGP (Pretty Good Privacy) See the following Web site for full information. (MIT site - obsolete) http://www.pgpi.org/products/pgp/versions/freeware/ http://www.freedownloadscenter.com/Utilities/Required_Files/PGP.htmlIssues: Issues Intruder vulnerability If an intruder intercepts a request from A for B’s public key, the intruder can masquerade as B and receive messages from B intended for A. The intruder can send those same or different messages to B, pretending to be A. Prevention requires authentication of the public key to be used. Computational expense One approach is to use Public Key Encryption to send the Key for use in DES, then use the faster DES to transmit messagesDigital Signatures: Digital Signatures Some messages do not need to be encrypted, but they do need to be authenticated: reliably associated with the real sender Protect an individual against unauthorized access to resources or misrepresentation of the individual’s intentions Protect the receiver against repudiation of a commitment by the originatorDigital Signature basic technique: Digital Signature basic technique Sender A Receiver B Intention to send E(Random Number) where E is A’s public key Message and D(E(Random Number))Public key encryption with implied signature: Public key encryption with implied signature Add the requirement that E(D(M)) = M Sender A has encoding key EA, decoding key DA Intended receiver has encoding (public) key EB. A produces EB(DA(M)) Receiver calculates EA(DB(EB(DA(M)))) Result is M, but also establishes that only A could have encoded MDigital Signature Standard (DSS): Digital Signature Standard (DSS) Verifies that the message came from the specified source and also that the message has not been modified More complexity than simple encoding of a random number, but less than encrypting the entire message Message is not encoded. An authentication code is appended to it.Digital Signature - SHA: Digital Signature - SHA FIPS Pub 186 - Digital Signature Standard http://www.itl.nist.gov/fipspubs/fip186.htmEncryption summary: Encryption summary Problems intruders can obtain sensitive information intruder can interfere with correct information exchange Solution disguise messages so an intruder will not be able to obtain the contents or replace legitimate messages with othersImportant methods: Important methods DES fast, reasonably good encryption key distribution problem Public Key Encryption more secure based on the difficulty of factoring very large numbers no key distribution problem computationally intenseDigital signatures: Digital signatures Authenticate messages so the sender cannot repudiate the message later Protect messages from changes during transmission or at the receiver’s site Useful when the contents do not need encryption, but the contents must be accurate and correctly associated with the senderLegal and ethical issues: Legal and ethical issues People who work in these fields face problems with allowable exports, and are not always allowed to talk about their work. Is it desirable to have government able to crack all codes? What is the tradeoff between privacy of law abiding citizens vs. the ability of terrorists and drug traffickers to communicate in secret?