Transcript Cryptography Overview PPT - University of Hertfordshire

Joseph Spring
University of Hertfordshire
British Council India Tour January 2017 – Pune and Chennai
Cyber Security
Cyber security
“the protection of information systems from theft or damage to the
hardware, the software, and to the information on them, as well as
from disruption or misdirection of the services they provide”
M. Gasser, 1988, Building a secure computer system, van Nostrand Reinhold.
Information security – “the practice of preventing unauthorized
access, use, disclosure, disruption, modification, inspection,
recording or destruction of information”
Cyber security
Following the statements above we note the following concepts:
• Authentication
• Establishing for example that I am who I say that I am and that I am entitled to gain access to
some entity such as my computer
• Confidentiality
• Any data sent between two parties is not seen by unauthorised observers
• Integrity
• Establishing that the message sent is the same as the message received
• Non repudiation
• Ensuring that the sender of some information cannot deny that they sent the information
• Accessibility
• If I am entitled for example to use a service then I want to be able to do so
• Anonymity
• In for example voting schemes where one might also like confidentiality
A long standing tool in maintaining a degree of control and defence of
information systems is cryptography
Threat Models
Standard Threat Model
Encrypt
Decrypt
Ciphertext
Plaintext
Plaintext
Ciphertext
Bob
Alice
K1
Eve
Trusted Key Source
K2
Classical Cipher Schemes
Classical Cryptography
Symmetric Systems
• K1 = K2
• Vernam (One Time Pad), Data Encryption Standard, Blowfish, Twofish, Serpent …
• Rijndael, Advanced Encryption Standard
Asymmetric Systems
• K2 = (K1)-1
• Based on what are perceived to be hard problems
• Integer Factorisation Problem (IFP) and the Discrete Logarithm Problem (DLP, ECDLP)
• RSA for the IFP
• Diffie – Hellman (DLP based Key Agreement Protocol)
• El Gamal (Number Fields, Algebraic Number Fields, Points on an Elliptic Curve)
Quantum cryptography
Cryptography
• Quantum Information Theory
• Postulates 1
• cbits - binary bits 0 or 1
• Qubits - vectors in a 2 dimensional vector space, a Hilbert Space
• Postulate 2
• Analogues of processing information using classical AND, OR, NAND, NOR logic gates
• Not all reversible
• Operators/Gates: Hadamard, Pauli Operators, CNOT, swap, phase gate, ….
• Unitary operators, all are reversible
• Postulate 3
• After processing information in a quantum setting we measure using Hermitian
operators which give us real/classical values
• Postulate 4
• Using tensor products to represent multiple qubits similar to how we use bytes to
represent bits
Resources
Key Quantum Resources include
• Entanglement
• 4 Bell entangled states
• Generated by two qubits, a Hadamard and a CNOT gate
• Teleportation
• Involves an unknown state that we wish to send (Teleport) to a particular receiver
• CNOT, Hadamard, measurement and being able to communicate classically with a
receiver
• Both concepts have been experimentally verified
• Both concepts are being used in the construction of quantum networks
• Entanglement, Entanglement swapping and Teleportation
Quantum Cryptography
Key Agreement Protocols
• The Diffie Hellman Key Agreement Protocol is a classical based protocol
• Uses a multiplicative cyclic group, a primitive and the DLP to agree a symmetric
key, the same key for sender and receiver
• BB84, B92 and E91 are quantum based key agreement protocols
• They employ:
•
•
•
•
No cloning Theorem (Quantum Property)
Information gain implies disturbance (Quantum Property)
Information Reconciliation (Classical Technique)
Privacy amplification (Classical Technique)
Shors Algorithm
In the mid 1990’s Peter Shor published a paper in which he established that given a
quantum computer of sufficient processing power his algorithm would break any
scheme based on either the IFP or the DLP
It broke the following algorithms in a very efficient manner
• Diffie Hellman
• RSA
• El Gamal – all three forms
And led to the problem of what to replace these algorithms with. These were/are
very efficient in comparison to current alternatives.
Post Quantum Cryptography
The PQC cryptographers and designers have been looking at
• Hash Based Cryptography
• Code Based Cryptography
• Lattice Based Cryptography
• Multivariate Quadratic Equation Based Cryptography
• Symmetric Key Based Cryptography
Cyber Related Issues
Cyber Related Issues
We are now in an age in which:
• Quantum information
• Quantum technology
are going to increasingly pervade our everyday experience
Likewise:
• Cybersecurity, cyberwarfare and cybercrime
• Pervasive computing,
• Distributed systems
• The cloud
• Internet of things
Thank You