slides13 - Outline CPSC/PMAT 418 Introduction to...

Info icon This preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CPSC/PMAT 418 Introduction to Cryptography Two Real-Life Applications, Elliptic Curve Crypto, Current and Future Trends Renate Scheidler Department of Mathematics & Statistics Department of Computer Science University of Calgary Based on slides by Michael John Jacobson Jr. Week 13 Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 13 1 / 43 Outline 1 Two real-life applications Secure e-mail via PGP Access control via SSH 2 Elliptic curve cryptography 3 Future directions in crytography Quantum cryptography Quantum computing Post-quantum cryptography Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 13 2 / 43 Two real-life applications Two Real Life Examples We will now see two applications that put much of what we’ve learned together: PGP P retty G ood P rivacy” — a secure e-mail system developed by Phil Zimmerman ( ) SSH S ecure Sh ell – a PKC based access control system for remote login and file transfer Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 13 3 / 43 Two real-life applications Secure e-mail via PGP Features of PGP Originally available for free world-wide, since 2010 owned and sold by Symantec ( ) Available for free as OpenPGP (IETF RFC 4880), used for example in Enigmail and GPG (GNU Privacy Guard) — see our “references” course page) Runs on most platforms Uses best available cryptographic primitives Not developed by government nor standards organization Compatible with most e-mail programs Automatically segments large messages (to accommodate message size limitations) Users may have multiple public keys, each identified by its 64 low order bits ( key ID , denoted ID K ) Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 13 4 / 43
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Two real-life applications Secure e-mail via PGP PGP Cryptographic Services and Algorithms Cryptographic services provided by PGP: Confidentiality Data integrity and authentication Key management Non-repudiation Algorithms used: Symmetric key: AES (128, 192, 256 bit keys), 3DES and others using a variant of CFB mode Public-Key: RSA, El Gamal, DSA, Diffie-Hellman (ANSI X9.42), elliptic curve DH and DSA used for key transport via hybrid encryption and digital signatures Hash: SHA-1, MD5, RIPE-MD, SHA-2 family Compression: ZIP and others Allows private and experimental algorithms as well Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 13 5 / 43 Two real-life applications Secure e-mail via PGP Sending Secure E-Mail Using PGP A sends an authenticated, encrypted message M to B as follows: 1 Computes the signature S = D A ( H ( M )) on the hash of M 2 Compresses ( S , M ) 3 Generates a random one time key K OT to be used to encrypt only this message M 4 Uses K OT to encrypt a time stamp TS , the key ID ID K ( E A ) of her public key, the signature S , and the message M : C = E K OT ( TS , ID K ( E A ) , S , M ) 5 Encrypts K OT using B’s public key and sends the corresponding key ID ID K ( E B ), encryption of K OT and C to B: ( ID K ( E B ) , E B ( K OT ) , C ) Renate Scheidler (University of Calgary) CPSC/PMAT 418 Week 13 6 / 43 Two real-life applications Secure e-mail via PGP
Image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern