CNT4403 Applied Cryptography

Key Distribution

This is the process of assigning and transferring keys to a participant.

Key Agreement

This is a process where two or more parties negotiate a key.

Diffie-Hellman Key Agreement

A protocol that started the modern age of cryptography, a method for two parties with no shared secret to create a shared encryption key over an insecure public channel. Both sides agree on two public values: a Prime number (p) and a Generator (g). Both parties pick their Private Secrets, Alice picks private secret (a) and Bob picks private secret (b). Both sides publicly exchange their secrets (a and b), Alice computes 𝐴 = 𝑔^𝑎 mod p, while Bob computes 𝐵 = g^b mod p. Both sides perform a shared secret calculation, Alice computes K = B^a mod p = g^ab mod p, while Bob computes K = A^b mod p = g^ab mod p. Therefore, both sides now share the same secret key: K = g^ab mod p. Even though it provides key agreement it does not provide authentication. It is susceptible to Man-in-the-Middle (MITM) attacks because the participants cannot verify who they are exchanging keys with; an attacker could perform two separate exchanges with the victims.

Certificate Authorities (CAs)

A trusted organization that issues digital certificates containing: Your public key, Your identity (name, domain, etc.), and A CA’s digital signature proving it checked you out. Browsers trust a list of root CAs, so if the CA signs your certificate, your key becomes trusted by association.

RSA (Rivest, Shamir, Adelman)

A dominant public key algorithm that is conceptually simple but secured by deep number theory, specifically the properties of exponentiation modulo a product of large primes. While RSA is very popular, it does have some downsides: it can be slow compared to systems that use shared passwords, and hackers have found ways to attack RSA, for example, if the numbers used for the keys are too small, the system can be broken.

Key Generation

You pick two large prime numbers (called p and q) and multiply them together to get a number called n (n=p×q).

Encryption

To send a secret message, the sender uses your public key and some math involving exponents (powers) and division remainders to scramble the message.

Decryption

You use your private key to do the math in reverse and read the original message.

Digital Signatures

A method that models physical signatures in the digital world to assert that a document is authentic. It is created by encrypting the hash of a document with a private key.

Timing Attacks

Attacks that use the timing behavior of a system (e.g., how long it takes to perform private key operations) to extract a secret key.

Simple Power Analysis Attack

A type of attack where hackers can sometimes figure out the secret key just by measuring how much time or electricity a computer uses to process a message.

Asymmetric (public) key systems

Cryptographic systems where each key pair consists of a public component (k+) and a private component (k-). They are characterized as having slow algorithms but easier key management.

Symmetric (shared) key systems

Cryptographic systems that are efficient (high throughput) but have difficult key management challenges.