1 / 46

Information Security

Information Security. Methods and Practices in Classical and Quantum Regimes. Cryptography. What’s that mean? Kryptos : hidden, secret Gráphō : to write What does it do? Encryption: plaintext  ciphertext Decryption: ciphertext  plaintext Why would you want that? Confidentiality

arleen
Télécharger la présentation

Information Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security Methods and Practices in Classical and Quantum Regimes

  2. Cryptography • What’s that mean? • Kryptos: hidden, secret • Gráphō: to write • What does it do? • Encryption: plaintext  ciphertext • Decryption: ciphertext  plaintext • Why would you want that? • Confidentiality • Integrity, authentication, signing, interactive proofs, secure multi-party computation

  3. Cryptology, Cryptanalysis, Cryptolinguistics • Frequency analysis • Brute force • Differential • Integral • Impossible differential • Boomerang • Mod n • Related key • Slide • Timing • XSL • Linear • Multiple linear • Davies’ attack • Improved Davies’ attack

  4. Demands for resilient crypto • AugusteKerckhoff’s principle • Cipher practically indecipherable • Cipher and keys not required to be secret • Key communicable and retainable • Applicable to telegraphic communication • Portable and human effort efficient • Easy to use • Bruce Shneier • “Secrecy … is a prime cause of brittleness… Conversely, openness provides ductility.” • Eric Raymond • “Any security software design that doesn't assume the enemy possesses the source code is already untrustworthy; therefore, *never trust closed source.” • Shannon’s maxim • “The enemy knows the system.”

  5. Classical Regime Written language text

  6. Transposition • Exchange the position of two symbols in the text • Like an anagram • Scytale E.g. text  cipher Hello world!  eHll oowlr!d

  7. Substitution • Systematically exchange a symbol in the text with another symbol • Caesar cipher, EXCESS-3 E.g. text  cipher Aabcd  Ddefg

  8. Poly-Alphabetic Substitution • Repeated and dynamic substitution(s) • Wehrmacht Enigma • Series of rotors

  9. One Time Pad • Perfect secrecy • Coined by Shannon • H(M) = H(M|C) • Requirements • Perfect randomness • Secure key generation and exchange • Careful adherence to process

  10. Classical Regime Binary bit sequence

  11. Secret Key Crypto • Perfect secrecy • Coined by Shannon • H(M) = H(M|C) • Requirements • Perfect randomness • Secure key generation and exchange • Careful adherence to process

  12. Symmetric Key Crypto • The same (or similar) key • For both encryption and decryption • Data Encryption Standard • 56 bit key • Feistel network • Broken in 1999 in 22 hours 15 minutes by Deep Crack • Triple-DES • 56 bit keys (3 unique) • en-de-en-crypt • Advanced Encryption Standard (Rijndael) • 128-192-256 bit keys • Substitution permutation network

  13. Feistel Network • Expansion • Key mixing • Substitution • Permutation

  14. Substitution Permutation Network • Substitution • 1/n input change  1/2 output change • confusion • Permutation • mix up inputs • diffusion • Round keys

  15. Public Key Crypto • Asymmetric keys • public and private • No secret key • Multiple use • TLS, SSL, PGP, GPG, digital signatures

  16. RSA • Ron Rivest, Adi Shamir, Leonard Adleman; 1978 • Key generation • Pick two distinct, large prime numbers: p, q • Compute their product: n = pq • Compute its totient: phi = (p-1)(q-1) • Pick a public key exponent: 1 < e < phi, e and phi coprime • Compute private key exponent: de = 1 (mod phi) • Encryption • Forward padding • Cipher = text ^ e (mod n) • Exponentiation by squaring • Decryption • Text = cipher ^ d (mod n) • = text ^ de (mod n) = text ^ (1+k*phi) (mod n) = text (mod n) • Reverse padding

  17. Hybrid Crypto • Diffe-Hellman key exchange • Alice and Bob agree on a finite cyclic group G (Multiplicative group of integers mod p) • Period p, prime number • Base g, primitive root mod p • Alice picks a random natural number a and sends gamod p to Bob. • Bob picks a random natural number b and sends gbmod p to Alice. • Alice computes (gb mod p)a mod p • Bob computes (ga mod p)b mod p • Both know gab mod p = gba mod p

  18. Quantum Regime Breaking classical crypto

  19. Peter Shor’s Factorization Algorithm • Polynomial time in log N: O( (log N)3 ) • Polynomial gates in log N: O( (log N)2 ) • Complexity class Bounded-Error Quantum Polynomial (BQP) • Transform from to periodicity • Pick 1 < r < N: ar = 1 mod N • ar -1 = (ar/2 +1)(ar/2 -1) = 0 mod N • N = (ar/2 +1)(ar/2 -1) = pq • Quantum Fourier Transform • Map x-space to ω-space • Measure with 1/r2 probability

  20. Factor 15 • In 2001 IBM demonstrated Shor’s Algorithm and factored 15 into 3 and 5 • NMR implementation with 7 qubits • pentafluorobutadienylcyclopentadienyldicarbonyl-iron complex (C11H5F5O2Fe)

  21. DWave • Superconducting processors • Adiabatic quantum algorithms • Solving Quantum Unconstrained Binary Optimization problems (QUBO is in NP)

  22. Quantum Regime Future proof cryptography

  23. Quantum Key Distribution • Quantum communication channel • Single photon, entangled photon pair • Preparation • Alice prepares a state, sends to Bob, measures • Entanglement • Alice and Bob each receive half the pair, measure

  24. Non-Orthogonal Bases • Complementary bases • Basis A: { |0>, |1> } • Basis B: { |+>, |-> } • Indistinguishable transmission states • |+> = 0.5 |0> + 0.5 |1> • |-> = 0.5 |0> - 0.5 |1> • Random choice of en-de-coding bases • Succeeds ~ p = 0.5

  25. True Random Number Generation • Quantum mechanics at < atomic scale • Shot noise • Nuclear decay • Optics • Thermal noise • Resistor heat • Avalanche/Zener diode breakdown noise • Atmospheric noise

  26. EPR • Einstein, Podolsky, Rosen (1935) • Entangled qubits • Violation of Bell Inequality

  27. BB84 • Charles A Bennett, Gilles Brassard (1984) • Single photon source, polarization • One way, Alice prepares sends to Bob • Psi encoded as random bits a, random bases b • Bob measures • Decoded in random bases b’ • 50% successfully measured bits a’ = a • Measurement bases are shared publicly • Throw away a, a’ for b != b’

  28. E91 • Artur Ekert (1991) • Entangled photon source • Perfect correlation, 100% a = a’ if b = b’ • Non-locality, > 50% a <--> a’ • Eve measurement reduces correlation

  29. B92 • Charles A. Bennett (1992) • Dim signal pulse, bright reference pulse • Maintains phase with a single qubit transmitted • Bases: rectilinear, circular • P0 = 1 - |u1><u1| • P0 |u0> = 1 ; p= 1 - |< u0 | u1 >|2 > 0 • P0 |u1> = 0 • P1 = 1 - |u0><u0| • P1 |u0> = 0 • P1 |u1> = 1 ; p= 1 - |< u0 | u1 >|2 > 0 • Throw away measurements != 1

  30. SARG04 • Scarani et. al. (2004) • Attenuated laser pulses

  31. Information Reconciliation • 1992 Bennett, Bessette, Brassard, Salvail, Smolin • Cascade protocol, repititious • Compare block parity bits • Odd 1 count: parity = 1; even 1 count transmitted • Even 1 count: parity = 0; even 1 count transmitted • Two-out-of-five code • Every transmission has two 1s and three 0s • Hamming codes • Additional bits used to identify and correct errors

  32. Privacy Amplification • Shortened key length • Universal hash function • Range r • Collision probability p < 1/r

  33. Quantum Regime Attacks

  34. Intercept and Resend • Eve measures the qubit in basis b’’ • 50% probability of correct measurement • Eve sends to a’’ Bob • 25% probability of correct measurement • Probability of detection • P = 1 – (0.75)n • 99% in n = 16 bits

  35. Security Proofs • BB84 is proven unconditionally secure against unlimited resources, provided that: • Eve cannot access Alice and Bob's encoding and decoding devices • The random number generators used by Alice and Bob must be trusted and truly random • The classical communication channel must be authenticated using an unconditionally secure authentication scheme

  36. Man in the Middle • Senders and recipients are indistinguishable on public channels • Eve could pose as Bob • Receiving some large portion of messages • Responding promptly, at least before Bob • Wegman-Carter authentication • Alice and Bob share a secret key

  37. Photon Number Splitting • No true single photon sources • Attenuated laser pulses • Some small number of photons per pulse, i.e. 0.1 • If > 1 photon are present, splitting can occur without detection during reconciliation • A secure key is still possible, but requires additional privacy amplification

  38. Hacking • Gain access to security equipment • Foil random number generation • Plant Trojan horse • Faked state attack • Eve - actively quenched detector module • Phase remapping attack • Move from { |0>, |1>, |+>, |-> } to { |0>, |δ/2>, |δ>, |3δ/2> } • Time-shift attack • Demonstrated to have ~ 4% mutual information gathered from the idQuantique ID-500 QKD

  39. Denial of Service • Stop Alice and Bob from communicating • Via Classical channel(s) • Via Quantum channel(s) • Physically block transmissions • Introduce large volume of errors

  40. Quantum Regime Commercially available devices

  41. MagiQ – QPN 8505 • “Any sufficiently advanced technology is indistinguishable from magic.” –Arthur C Clarke • Transmits qubit polarization over optical fiber • 256 bit AES; 1,000 keys per second • 140 km range, more with repeaters

  42. idQuantique – Cerberis, Centauris • Transmits qubit phase over optical fiber • High speed layer 2 encryption • 256 bit AES; 12 key-devices per minute, 100 km range

  43. SmartQuantum – KeyGen, Defender • Generate and distribute secret keys over quantum channel • Use classical encryption and communication

  44. Quintessence Labs • G2 QKD • Continuous variable brightness laser beams • Cheaper than SPS • Dense wavelength division multiplexing • Erbium doped fiber amplifiers ~ 1550 nm

  45. BBN Technologies • DARPA QNet • Fully operational October 23, 2003 • Harvard University • Boston University • BBN Technologies • QKD • Weak coherence • 5 MHz pulse rate • 0.1 mean photons/pulse

  46. John Krah University of Washington Physics Department

More Related