1 / 32

An Introduction to Cryptography for Homeland Security

An Introduction to Cryptography for Homeland Security. Jay Ligatti University of South Florida. Outline. Communication problems Cryptographic solutions Cryptography and homeland security Limitations of cryptography Research challenges. A Common Scenario.

paul2
Télécharger la présentation

An Introduction to Cryptography for Homeland Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Introduction to Cryptography for Homeland Security Jay Ligatti University of South Florida

  2. Outline • Communication problems • Cryptographic solutions • Cryptography and homeland security • Limitations of cryptography • Research challenges

  3. A Common Scenario • Members of a team need to communicate Hello Bob

  4. A Common Scenario • Messages need to be secure Hello Bob Hello Alice, operation X begins in 36 hours

  5. A Common Scenario • However, communication needs to go through a medium accessible by an adversary (a non-privileged entity) • Easy to think of transmission medium as the Internet, but could be, e.g., • copper phone lines • radio waves • courier on the ground Hello Bob Hello Alice, operation X begins in 36 hours

  6. Problems • Adversary may discover secrets by passivelymonitoring the communication • E.g., operation X begins in 36 hours • E.g., Alice and Bob are communicating, so some operation is likely to begin soon (this is called traffic analysis) • Adversary may prevent communication by destroyinginformation en route • E.g., convince Internet routers not to forward packets • E.g., destroy courier on the ground • Adversary may disrupt knowledge by activelytampering with or forging information en route • E.g., overwrite 36 with 72 to desynchronize Alice from Bob • E.g., send a message to Alice impersonating Bob: “Hello again Alice, cancel operation X”

  7. Problems • These are difficult problems! • We don’t have perfect solutions to any of them! • We do have some very convincing solutions, especially for: • Preventing passive discovery of secrets • E.g., operation X begins in 36 hours • Detecting active tampering with/forging information • E.g., overwrite 36 with 72 to desynchronize Alice from Bob • E.g., send a message to Alice impersonating Bob: “Hello again Alice, cancel operation X”

  8. Outline • Communication problems • Cryptographic solutions • Cryptography and homeland security • Limitations of cryptography • Research challenges

  9. Cryptography • Cryptography is used to prevent passive discovery of, and to detect active tampering with, information en route • Definition: Cryptography is the study of hiding information • Cryptanalysis is the study of finding hidden information • Cryptology = cryptography + cryptanalysis • Basic cryptographic tool is a cipher • Cipher is an algorithm (think recipe) for hiding information in a new message M and retrieving hidden information from M • Here’s how it works...

  10. key vD)w’45#... Ciphering Step 1: Key Establishment • Communicating parties need to share a secret key(think of it as a password with about 40 keyboard characters) • How do Alice and Bob obtain a shared, secret key? • No completely satisfactory answer! • Alice (or Bob) could create the key and then travel (or send a trusted courier) to Bob (or Alice) to share the key • More practically, but generally less securely, Alice and Bob could use a special key-exchange protocol (see Wikipedia entry on Diffie-Hellman) key vD)w’45#...

  11. ciphertext >W<$%YoPjS s-5eoy5... Ciphering Step 2: Encryption • Cipher begins with plaintext (original message) and the key • Cipher shuffles around the encodings of the plaintext and key in very complicated ways to produce a ciphertext (message with hidden information) • This is called encrypting the plaintext plaintext Operation X begins in 36 hours cipher key vD)w’45#...

  12. Ciphering Step 2: Encryption here is no “magic” in the encryption procedure • T • Mostly, complicated repetitions of substituting some characters for other characters in the plaintext and then rearranging (permuting) the characters • Both the substitutions and the rearrangements are guided by the secret key • For low-level details of one cipher, Google “DES” Fixed sequence of steps, precisely defined

  13. ciphertext >W<$%YoPjS s-5eoy5... key key vD)w’45#... vD)w’45#... Ciphering Step 3: Message Transmission • One party sends ciphertext to another • Even if ciphertext is intercepted, it would take adversary a very long time to figure out the plaintext (as far as we know) • Best publicly known techniques for modern ciphers require trying every possible key until one “unlocks” the ciphertext • Typically, there are about as many possible keys as there are elementary particles in the observable universe... >W<$%YoPjS s-5eoy5... ?????

  14. ciphertext >W<$%YoPjS s-5eoy5... plaintext Operation X begins in 36 hours Ciphering Step 4: Decryption • The key-holding receiver can re-shuffle around the encodings of the ciphertext and key to obtain the original plaintext • This is called decrypting the ciphertext • Low-level details very similar to encryption (substitutions and rearrangements of characters) • Efficient decryption because key is known cipher key vD)w’45#...

  15. ciphertext Hello again Alice, cancel operation X plaintext {P#I% TO\s-... key vD)w’45#... Tampering/Forgery Detection • If adversary without the shared key attempts to tamper with or forge a ciphertext, she’ll almost certainly send a ciphertext that decrypts to nonsense cipher ????? This must not be from Bob!

  16. Key Properties of Ciphers • Inverse relation between encryption and decryption D(E(p,k),k) = p • Confusion • Relationship between key and ciphertext should be very complex • Makes it difficult to obtain key from ciphertext • Diffusion • Even the most minor changes to the plaintext should cause changes throughout the entire ciphertext • Makes it difficult to infer any part of plaintext from ciphertext alone(even if adversary already knows how other plaintexts get encrypted) • For example...

  17. Example of Diffusion in the Popular AES (Advanced Encryption Standard) Cipher • Every ciphertext character depends on every plaintext character • Diffusion prevents adversary from easily inferring parts of the plaintext from the ciphertext(because every plaintext change may alter the entire ciphertext) Key 0000000000000000000000000000000000000000000000000000000000000000 Plaintext 1 Ciphertext 1 00000000000000000000000000000000 dc95c078a2408989ad48a21492842087 AES cipher Plaintext 2 Ciphertext 2 00000000000000000000000000000001 530f8afbc74536b9a963b4f1c4cb738b

  18. Outline • Communication problems • Cryptographic solutions • Cryptography and homeland security • Limitations of cryptography • Research challenges

  19. The Dual Role of Defense • Members of defense and response teams may need to communicate securely in the presence of adversaries • E.g., groups may want to discuss targets of investigations without adversaries learning of (and tipping off) those targets • E.g., rescue teams controlling remote robots may not want adversaries tampering with the human-robot communications

  20. The Dual Role of Defense • To monitor threats, defense teams will also generally want to take on adversarial roles in suspicious, potentially encrypted communications • Hot topic of debate: When, and to what extent, should this occur? • Cryptography can both help and hinder homeland security • Another big debate: Is cryptography a net benefit or net hindrance for homeland security (now and in the future)?

  21. Outline • Communication problems • Cryptographic solutions • Cryptography and homeland security • Limitations of cryptography • Research challenges

  22. Limitation 1 • Adversaries can circumvent cryptography by monitoring plaintext inputs and outputs of communication channels Intercept Alice’s and/or Bob’s plaintext plaintext plaintext decrypt encrypt ciphertext ciphertext

  23. Limitation 1 • Example: Adversary installs a keystroke logger (keylogger) on Alice/Bob’s computer • Keyloggers capture and transmit all keyboard activity before what’s being typed gets encrypted • Adversary can install a keylogging program on Alice/Bob’s machine by: • CD/disk/download (with direct access to target machine) • Remotely connecting to and exploiting a flaw on target machine (to install keylogger without Alice/Bob’s knowledge) • Packaging keylogger program as something benign and convincing target to execute it • E.g., send keylogger as email attachment and entice target to open it

  24. Limitation 1 • Alternatively, adversary can quietly install keylogging hardware on Alice/Bob’s machine • E.g., small device inserted between a computer’s keyboard port and the keyboard cable [photo source: www.alibaba.com]

  25. Limitation 1 • Alternatively, adversary can acoustically record Alice/Bob’s typing! • Each keyboard key has slightly different acoustic signature • Adversary records typing and analyzes recording • Or adversary can videotape Alice/Bob’s screen ! • Or adversary can videotape and analyze the reflections of the screen images on Alice/Bob’s face! • Or adversary can analyze the radiation emanating from Alice/Bob’s monitor to determine what it is showing! • ... • Point: A powerful adversary has many avenues for monitoring communications of specific targets, even in the presence of strong cryptography

  26. Limitation 2 • Installing and using cryptography software takes some effort and knowledge • Easier not to worry about it • Sensitive unencrypted data does get stolen • In May 2006, the Department of Veterans Affairs lost a laptop containing plaintext personal data on more than 26 million U.S. military members • Led to a major overhaul in VA security procedures, including encrypting data on laptops[http://www.usa.gov/veteransinfo.shtml]

  27. Limitation 3 • Cryptography is a communications technology, with applications in computer security • Cryptography does not “solve” computer security • Most computer-security problems arise from unrelated issues • Programs are shipped with insecure default settings • Programs contain errors that attackers can exploit • Users execute malicious software because it seems benign

  28. Outline • Communication problems • Cryptographic solutions • Cryptography and homeland security • Limitations of cryptography • Research challenges

  29. Challenge 1 • Cryptography is a large research field • Just to mention a few topics of interest... • Formal analysis of cryptographic protocols • Adversaries can sometimes gain a surprising amount of information by monitoring and disrupting communications • Can we formally prove that an entire communication session will be secure? • Application: Voting protocols • Team members may vote on best of several alternatives • How to design system to guarantee accurate vote counting with privacy?

  30. Challenges 2-4 • Tractability of cryptanalysis • Can we prove the difficulty of obtaining keys from ciphertexts? • What is the simplest cipher that makes cryptanalysis impractical? • Key exchange • Is there a secure way to exchange secret keys in the presence of powerful adversaries? What’s the best we can do? • Multiparty communications • In what ways do standard (two-party) cryptographic solutions apply to communications between more than two parties?

  31. Summary • Cryptography’s goal: make it very difficult for adversaries to access and modify information en route • Exactly how difficult is an open question • In any case, powerful adversaries can sometimes use sophisticated surveillance and computer-attack techniques to circumvent cryptography

  32. End Thanks / Questions? Acknowledgment: This educational work was supported by NSF CAREER award CNS-0742736. Any opinions expressed are those of the author and do not necessarily reflect the views of the NSF.

More Related