O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
I Workshop Interamericano de
Segurança de Software e Hardware
em Metrologia Legal
Antônio Lacerda
Researcher – Inmetro
Cry...
I Workshop Interamericano de
Segurança de Software e Hardware
em Metrologia Legal
Antônio Lacerda
Inmetro's Researcher
Cry...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Emitter Receiver
Communication
Channel
N...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
What is Cryptology?
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptology is the science whose goal is ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptology is a new old science!
Old bec...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptology is divided in two (or four) s...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptography aims to protect the communi...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Steganography aims to protect the existe...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptography: overt secret writing
Stega...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Steganography
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
What is steganography?
Part of Cryptolog...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Steganography
Steganography
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Steganography by kids:
Inglourious Basta...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Steganography by kids:
Inglourious Basta...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Ancient steganography:
- Tattooed messag...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Modern steganography:
- Invisible inks.
...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Modern steganography: Invisible ink
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptography
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
What is cryptography?
Part of cryptology...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Services provided by Cryptography:
- Con...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Attention
There isn't an algorithm that ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Attacks to communication
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Emitter Receiver
Communication
Channel
A...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Interception
The attacker has access to ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Modification
The attacker has access to ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Fabrication
The attacker yields a messag...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Interruption
The attacker interrupts the...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Integrity
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Modification
The attacker has access to ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
How to guarantee the integrity of a mess...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
In Portuguese:
Substantivo
1 - Prato fei...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
In Portuguese:
função de confusão (stran...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
It receives as input a sequence of bits,...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Nonsense!?
If the original data can not ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
MD5 (Message-Digest algorithm 5): Algori...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
MD5("Inmetro") = 01010011111010010000110...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Bits 001-032: 0101.0011.1110.1001.0000.1...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Confidentiality
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Interception
The attacker has access to ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Confidentiality was the first service pr...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Contrary to layman's perception, code an...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Confidentiality
by Code
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Replace each word or phrase in the origi...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Morse code
NATO phonetic code
Q code
Bar...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Famous example: Zimmermann Telegram
Arth...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Famous example: Zimmermann Telegram
The ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Famous example: Zimmermann Telegram
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
The Zimmermann telegram was decoded by f...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Confidentiality
by Cipher
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Imagine you have a message well represen...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Remember: Code is not flexible. If a cod...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cipher
Cipher
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Code
Code
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Decipher
Decipher
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Decode
Decode
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Actor Action Input
Emitter
cipher key
co...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Substitution Cipher
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Example
original: i n m e t r o
ciphered...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Example 1:
key: i n m e t r o i n m e t ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Vigenere Cipher (Substitution Cipher)
Fo...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Transposition Cipher
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
original:
we recovered the money, but we...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Substitution and Transposition
to reach
...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Diffusion and Confusion
Confusion
Formal...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptography – Conventional Model
emitte...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Conventional Model
The same key used to ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Conventional Model
Is another way of cry...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
“The Fools”
Ralph Mekle – Martin Hellman...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
“The Fools”
Whitfield Diffie – Martin He...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
The New Model
In 1976, Diffie and Hellma...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
The New Model
The article deals with thr...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
The New Model
They couldn't open the doo...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
The RSA arises!
Shamir – Rivest – Adleman
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Asymmetric Cryptography
Since the beginn...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Asymmetric Cryptography
Diffie and Hellm...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Computational Complexity
In computer sci...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Asymmetric Cryptography – Confidentialit...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Asymmetric Cryptography – Non-repudiatio...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Asymmetric Cryptography – Non-repudiatio...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Why the conventional model does not prov...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Why the conventional model does not prov...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Confidentiality X Authentication
Only wi...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
avoiding mistakes
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
first common mistake
1) Asymmetric crypt...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
second common mistake
2) Asymmetric cryp...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Digital Signature
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Digital Signature
Digital signature is t...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Asymmetric Cryptography – Non-repudiatio...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Digital Signature
signer
verifiercipher ...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptology at Inmetro
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Cryptology at Inmetro
Cryptology at Inme...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
The Two Biggest Problems
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Second Big Problem
Brazil is a huge coun...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Second Big Problem
Brazil is a huge coun...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
ACryptology at Inmetro
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
First Big Problem
Brazil has more than 2...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
First Big Problem
Brazil has more than 2...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Questions to answer
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Shall we build a peculiar PKI (Public Ke...
I Workshop Interamericano de
Segurança de Software e
Hardware em Metrologia Legal
Obrigado!
Próximos SlideShares
Carregando em…5
×
Próximos SlideShares
Cryptography.ppt
Avançar
Transfira para ler offline e ver em ecrã inteiro.

Compartilhar

Cryptology - Antônio Lacerda

Baixar para ler offline

Palestra proferida por Antônio Lacerda no I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal

Audiolivros relacionados

Gratuito durante 30 dias do Scribd

Ver tudo
  • Seja a primeira pessoa a gostar disto

Cryptology - Antônio Lacerda

  1. 1. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Antônio Lacerda Researcher – Inmetro Cryptology
  2. 2. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Antônio Lacerda Inmetro's Researcher Cryptography used to be an obscure science, of little relevance to everyday life. Historically, it always had a special role in military and diplomatic communications. It's time for cryptography to step out of the shadows of spies and the military, and step into the sunshine and be embraced by the rest of us. (The Code Book, Simon Singh)
  3. 3. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Emitter Receiver Communication Channel Normal Flow of Communication
  4. 4. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal What is Cryptology?
  5. 5. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptology is the science whose goal is to protect communication against intentional and not allowed interferences. Cryptology is supported by several other areas: mathematics, computer science, physics, psychologhy, philolgy etc. Is Cryptology a branch of mathematics? I disagree!
  6. 6. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptology is a new old science! Old because it is a millennial science. In fact, “protection of sensitive information is a desire reaching back to the beginnings of human culture” (Otto Horak). New because the first time we saw an announced lecture series under the open title “Cryptology” took place in German in 1981. Before this, the few ones took place under the name “Special Problems of Information Theory”.
  7. 7. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptology is divided in two (or four) subareas: - Cryptography (and its counterparty: cryptanalysis) - Steganography (and its counterparty: steganalysis) From Greek: - kryptos = hidden - steganos = covered
  8. 8. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptography aims to protect the communication in a insecure channel. Emitter Receiver Insecure Communication Channel Cryptanalisys aims to break the cryptography.
  9. 9. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Steganography aims to protect the existence of the communication. Emitter Receiver Communication Channel Steganalisys aims to break the steganography and to discover the existence of the communication.
  10. 10. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptography: overt secret writing Steganography: covert secret writing
  11. 11. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Steganography
  12. 12. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal What is steganography? Part of Cryptology involving knowledge and techniques to hide or to camouflage a message inside another.
  13. 13. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Steganography Steganography
  14. 14. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Steganography by kids: Inglourious Bastards Notting Hill Mission: Impossible Edward Scissorhands True Lies Raiders of the Lost Ark October Sky
  15. 15. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Steganography by kids: Inglourious Bastards Notting Hill Mission: Impossible Edward Scissorhands True Lies Raiders of the Lost Ark October Sky
  16. 16. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Ancient steganography: - Tattooed messages on head of messengers. - Messages in stomach of hunted animals. - Messages on wood logs covered with wax.
  17. 17. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Modern steganography: - Invisible inks. - Microdots. - LSB (Least Significant Bit). - Covert channels.
  18. 18. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Modern steganography: Invisible ink
  19. 19. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptography
  20. 20. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal What is cryptography? Part of cryptology involving knowledge and techniques to transform information in its original form into an illegible form, so that only the emitter and receiver can access the original content by using a secret.
  21. 21. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Services provided by Cryptography: - Confidentiality: To allow access only to authorized people. - Integrity: To assure that the content of the message was not modified. - Authenticity: To assure that the emitter and receiver are who they claim they are. - Non-repudiation (non-retractability): The emitter cannot deny he is the message sender.
  22. 22. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Attention There isn't an algorithm that is capable to provide all cryptographic services. For each service, you will need one or more algorithms.
  23. 23. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Attacks to communication
  24. 24. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Emitter Receiver Communication Channel Again: Normal Flow of Communication Every modification in normal flow not allowed by emitter or receiver is an attack.
  25. 25. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Interception The attacker has access to the content of the message. Interception is an attack against confidentiality. Emitter Receiver Attacker
  26. 26. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Modification The attacker has access to the content of the message, furthermore he/she modify the content of the message. Modification is an attack against integrity. Emitter Receiver Attacker
  27. 27. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Fabrication The attacker yields a message and send it to the receiver, inserting counterfeit data. Fabrication is an attack against authenticity. Emitter Receiver Attacker
  28. 28. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Interruption The attacker interrupts the communication. Interruption is an attack against availability. Cryptology is useless in this case! Emitter Receiver Attacker
  29. 29. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Integrity
  30. 30. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Modification The attacker has access to the content of the message, furthermore he/she modify the content of the message. Modification is an attack against integrity. Emitter Receiver Attacker
  31. 31. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal How to guarantee the integrity of a message against intentional modification? Answer: Hash Function. Integrity
  32. 32. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal In Portuguese: Substantivo 1 - Prato feito de carne moída misturada com batata assada ou frita. 2 - Bagunça, confusão. Verbo 1 - Cortar em pequenos pedaços. 2 - Misturar, confundir. What does “hash” means? In English: Noun 1 - A dish of chopped meat, potatoes, and sometimes vegetables, usually browned. 2 - Mess, confusion. Verb 1 - To chop into pieces. 2 - To mix or mess up
  33. 33. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal In Portuguese: função de confusão (strange!) função de dispersão (it sounds better!) função hash (it's more common.) So what does “hash function” means?
  34. 34. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal It receives as input a sequence of bits, of any size (can be a character, a string, or even a file) and generates another sequence of bits of fixed length, called hash or digest. The digest works as a security seal, because a simple change in one of the input bits completely changes the original digest. A hash function is a one-way function. That is, it's not possible to recover the original message from the digest. Hash Function
  35. 35. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Nonsense!? If the original data can not be recovered from the digest, then why use hash functions? Although it seems contradictory, it's exactly because this feature that hash functions are so useful. Hash Function
  36. 36. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal MD5 (Message-Digest algorithm 5): Algorithm of 128 bits developd in 1991 by Ron Rivest. SHA (Secure Hash Algorithm): A family of algorithms developed by NIST and NSA. Whirlpool: Algorithm developed by Paulo Barreto (USP) and Vincent Rijmen (co-author of AES). Some very known Hash Functions
  37. 37. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal MD5("Inmetro") = 0101001111101001000011010111000 101011110001000000101100110100010111100101111100 0010101110010100111000111010110011001001001010100 MD5("inmetro") = 0101101100110000101010010001100 110110111001001111101000011110000100110100000011 1100110101000000001100100101111011111100000010110 An example with MD5
  38. 38. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Bits 001-032: 0101.0011.1110.1001.0000.1101.0111.0001 Bits 001-032: 0101.1011.0011.0000.1010.1001.0001.1001 Bits 033-064: 0101.1110.0010.0000.0101.1001.1010.0010 Bits 033-064: 1011.0111.0010.0111.1101.0000.1111.0000 Bits 065-096: 1111.0010.1111.1000.0101.0111.0010.1001 Bits 065-096: 1001.1010.0000.0111.1001.1010.1000.0000 Bits 097-128: 1100.0111.0101.1001.1001.0010.0101.0100 Bits 097-128: 0110.0100.1011.1101.1111.1000.0001.0110 Result: 59 bits changed. 46% of bits affected. (Avalanche Effect) An example with MD5
  39. 39. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Confidentiality
  40. 40. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Interception The attacker has access to the content of the message. Interception is an attack against confidentiality. Emitter Receiver Attacker
  41. 41. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Confidentiality was the first service provided by Cryptology. It can be reached by ciphers and codes. Confidentiality
  42. 42. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Contrary to layman's perception, code and cipher are not synonymous. Cipher is a manipulation in the representation of the message. Code is a manipulation in the meaning of the message. Cipher X Code
  43. 43. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Confidentiality by Code
  44. 44. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Replace each word or phrase in the original message with another character or symbol (or a set of them). The list of replacements is contained in a codebook. Code is not flexible. If a codebook is leaked, then the emitter and receiver must re-writing the entire codebook. Code
  45. 45. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Morse code NATO phonetic code Q code Bar code QR code Examples of Public Codes
  46. 46. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Famous example: Zimmermann Telegram Arthur Zimmermann, State Secretary for Foreign Affairs of the German Empire, sent a telegram to the German ambassador in Mexico, asking him to propose an alliance to Mexico's president to attack the USA. The aim was to force the USA to the World War I.
  47. 47. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Famous example: Zimmermann Telegram The telegram is not ciphered; it is coded.
  48. 48. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Famous example: Zimmermann Telegram
  49. 49. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal The Zimmermann telegram was decoded by famous “Room 40”. Room 40 ↓ Government Code and Cypher School (GC&CS) ↓ Government Communications Headquarters (GCHQ)
  50. 50. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal
  51. 51. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Confidentiality by Cipher
  52. 52. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Imagine you have a message well represented. Then you “mess” this representation in a pre-defined mean that permit you recover the message in its original representation. The pre-defined mean is called algorithm. Another input to this algorithm is the key. The key is the flexible part of a cipher. Cipher
  53. 53. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Remember: Code is not flexible. If a codebook is leaked, then the emitter and receiver must re-writing the entire codebook. If a cipher key is leaked, then emitter and receiver must choose another key without changing the algorithm. Cipher X Code
  54. 54. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cipher Cipher
  55. 55. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Code Code
  56. 56. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Decipher Decipher
  57. 57. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Decode Decode
  58. 58. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Actor Action Input Emitter cipher key code codebook Receiver decipher key decode codebook Attacker cryptanalyze (or break) - - - Encrypt = cipher or code. Decrypt = decipher or decode.
  59. 59. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Substitution Cipher
  60. 60. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Example original: i n m e t r o ciphered: L Q P H W U R Caesar Cipher (Substitution Cipher)
  61. 61. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Example 1: key: i n m e t r o i n m e t r o i n original: w e w e r e d i s c o v e r e d ciphered: E R I I K V R Q F O S O V F M Q Example 2: key: d i m e l d i m e l d i m e l d original: w e w e r e d i s c o v e r e d ciphered: Z M I I C H L U W N R D Q V P G Vigenere Cipher (Substitution Cipher)
  62. 62. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal
  63. 63. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Vigenere Cipher (Substitution Cipher) For a layman, the Vigenere cipher seems unbreakable. In fact, an article in Scientific American, in 1917, considered the Vigenere cipher impossible to be broken. Now, less than a century later, Vigenere cipher is completely breakable.
  64. 64. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Transposition Cipher
  65. 65. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal original: we recovered the money, but we lost two men. key: i n m e t r o columns: w e r e c o v e r e d t h e m o n e y b u t w e l o s t t w o m e n z ciphered: edelm wemtt reneo eroww veutz ohbsn ctyoe Transposition Cipher
  66. 66. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Substitution and Transposition to reach Diffusion and Confusion Apply many rounds of substitution and transposition to reach diffusion and confusion. Diffusion and confusion: two concepts introduced by Claude Shannon.
  67. 67. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Diffusion and Confusion Confusion Formal: It refers to making the relationship between the ciphered message and the symmetric key as complex and involved as possible. Informal: It obscures the relationship between the original message and ciphered message. Diffusion Formal: It refers to dissipating the statistical structure of original message over bulk of ciphered message. Informal: Each change in the original message or key affects many parts of the ciphered message. (Avalanche Effect)
  68. 68. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptography – Conventional Model emitter receivercipher decipher key source secure channel attacker M MC C K K
  69. 69. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Conventional Model The same key used to cipher the message must be used to decipher. Because of this, the conventional model was called symmetric cryptography. Then we have the first problem, the emitter and the receiver must agree which key will be used. If there is the possibility of personal and physical meeting, sharing the key can be safely performed. But the secure channel always was the weakest part. Is another way of cryptography possible?
  70. 70. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Conventional Model Is another way of cryptography possible? Is there an asymmetric cryptography? The response to this question became the Holy Grail of Cryptology. The scientific community had given up looking for this response, classifying the problem as unsolvable. Only fools would insist on such nonsense.
  71. 71. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal “The Fools” Ralph Mekle – Martin Hellman – Whitfield Diffie
  72. 72. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal “The Fools” Whitfield Diffie – Martin Hellman
  73. 73. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal The New Model In 1976, Diffie and Hellman published their famous article “New Directions in Cryptography”. The article begins with “We stand today on the brink of a revolution in cryptography”.
  74. 74. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal The New Model The article deals with three problems: - key exchange - asymmetric cryptography - digital signature But the article presents solution only for the key exchange problem. Diffie and Hellman couldn't solve the other two problems. But it doesn't matter! They broke the paradigm!
  75. 75. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal The New Model They couldn't open the door, but they pointed the right door. In fact, the two problems were resolved one year later, in 1977.
  76. 76. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal The RSA arises! Shamir – Rivest – Adleman
  77. 77. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Asymmetric Cryptography Since the beginning of Cryptology to modern times, almost all cryptographic systems had been based on elementary tools of substitution and permutation. Asymmetric cryptography has changed this paradigm, because it's based on mathematical functions.
  78. 78. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Asymmetric Cryptography Diffie and Hellman algorithm has its strength based on the difficulty to solve the discrete logarithm problem (DLP). Whilst RSA algorithm has its strength based on the difficulty to factorize big numbers. Wait a moment! Why are those problems so difficult?
  79. 79. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Computational Complexity In computer science we use techniques to predict how much time a problem will take. These main terms are used to express time growth: Logarithmic growth Linear growth Polynomial growth Exponencial growth So the DLP and factorization of big numbers are examples of exponential growth.
  80. 80. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Asymmetric Cryptography – Confidentiality emitter receivercipher decipher key source attacker M C MC Kpub Kpri
  81. 81. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Asymmetric Cryptography – Non-repudiation emitter receivercipher decipher key source attacker M C MC Kpri Kpub M
  82. 82. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Asymmetric Cryptography – Non-repudiation emitter receivercipher decipher key source attacker M C MC Kpri Kpub M This is the basis for Digital Signature.
  83. 83. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Why the conventional model does not provide non-repudiation? emitter receivercipher decipher key source secure channel attacker M MC C K K
  84. 84. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Why the conventional model does not provide non-repudiation? emitter receivercipher decipher key source secure channel attacker M MC C K K It provides protection against third party forgeries, but do not protect against contests between transmitter and receiver.
  85. 85. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Confidentiality X Authentication Only with private/public key schemes is possible to solve the problem of dispute between transmitter and receiver. In fact, without asymmetric cryptography the electronic commerce would not exist. “The problem of authentication is perhaps an even more serious barrier to the universal adoption of telecomrnunications for business transactions than the problem of key distribution. Authentication is at the heart of any system involving contracts and billing. Without it, business cannot function.” (DH, New Directions in Cryptography)
  86. 86. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal avoiding mistakes
  87. 87. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal first common mistake 1) Asymmetric cryptography is safer than symmetric cryptography. The security of any cryptographic scheme depends on the size of the key and the computational work involved to break the cipher.
  88. 88. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal second common mistake 2) Asymmetric cryptography made symmetric cryptography obsolete. Due to the computational overhead of asymmetric cryptography, symmetric cryptography is still far from becoming obsolete.
  89. 89. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Digital Signature
  90. 90. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Digital Signature Digital signature is the apex of asymmetric cryptography. It is the most refined service provided by modern cryptology.
  91. 91. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Asymmetric Cryptography – Non-repudiation emitter receivercipher decipher key source attacker M C MC Kpri Kpub M This is the basis for Digital Signature.
  92. 92. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Digital Signature signer verifiercipher decipher key source attackerM C HC Kpri Kpub Hash H Hash H' M M'
  93. 93. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptology at Inmetro
  94. 94. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Cryptology at Inmetro Cryptology at Inmetro is in its beginning. The group for security of software and hardware in measuring instruments is new. We foresee to use cryptology in many applications.
  95. 95. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal The Two Biggest Problems
  96. 96. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Second Big Problem Brazil is a huge country! More than 70 million electric energy measuring instruments in the field. How to control the software version in this kind of instrument in the field?
  97. 97. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Second Big Problem Brazil is a huge country! More than 70 million electric energy measuring instruments in the field. How to control the software version in this kind of instrument in the field? Solution devised by Inmetro: Digital Signature of the binary file corresponding to the approved software version.
  98. 98. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal ACryptology at Inmetro
  99. 99. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal First Big Problem Brazil has more than 200.000 fuel dispensers. A lot of frauds. How to protect fuel dispensers against frauds?
  100. 100. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal First Big Problem Brazil has more than 200.000 of fuel dispensers. A lot of frauds. How to protect fuel dispensers against frauds? Solution devised by Inmetro: Digital Signature of measuring data for each output.
  101. 101. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Questions to answer
  102. 102. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Shall we build a peculiar PKI (Public Key Infrastructure): a metrological PKI? If so, then must Inmetro be the TTD (Trusted Third Party)? Can we associate cryptographic levels to risk levels? Can we simplify the process of Digital Signature?
  103. 103. I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal Obrigado!

Palestra proferida por Antônio Lacerda no I Workshop Interamericano de Segurança de Software e Hardware em Metrologia Legal

Vistos

Vistos totais

1.202

No Slideshare

0

De incorporações

0

Número de incorporações

3

Ações

Baixados

40

Compartilhados

0

Comentários

0

Curtir

0

×