Security 3 - Encryption

Cryptography - History

Encryption deals with scrambling information so it is readable only by someone with the secret key
Plaintext -- the original bytes (text, image, ...)
Ciphertext -- the encrypted, unreadable form
Key -- the short secret needed to encrypt/decrypt (a password basically)
Aside: cryptography shows up throughout history, especially World War 2
Summer book recommendation: "The Code Book" by Simon Singh
Notably, the German Enigma machine was cracked by Polish and British cryptographers, probably shortening the war by a couple years and saving many millions of lives.
The Enigma effort sparked the beginning of Computer Science

Surprisingly, the best practice is:
-Use a scheme that is open and published (i.e. peer review)
-Only keep the key secret
World War 2 Enigma:
The German Enigma machine internal wiring was secret, but the Poles and British figured that out eventually (amazingly building workalike machines just from intercepting encrypted messages but never seeing a machine). The Enigma still had a key for each message which provided excellent, although ultimately breakable encryption.

Classical - encrypt and decrypt with a key which is kept secret
-aka "symmetric" encryption, since the key is used both for encryption and decryption
Current tech: the AES standard, mature, reliable, widely used
It is thought that no government has "broken" AES - it works
Two results one obvious, one subtle:
1. Provides: secrecy attacker intercepts the ciphertext, but cannot recover the plaintext from it
2. Provides: authenticity attacker cannot "spoof" data, sent to be decrypted. If the ciphertext decrypts cleanly, it must have come from a party with the secret key

classical secret key encrypt/decrypt

Encryption is reliable if the attacker must guess through all the keys
-aka "brute force" attack
Any encryption can be attacked brute force
If that's the best attack known, the encryption is good

Let's back-of-envelope do the math on key (password) length vs. brute force
-Increasing the set of chars used works similarly
Suppose attacker can guess 1 thousand keys per second
Say there's about 100,000 seconds per day
1,000 * 100,000 = 100e6 / day (100 million)
Suppose the key is 8 letters long, lowercase+uppercase
Math: how many keys are there
(26+26)^8 = 5e13 (aka 5 * 10^13)
5e13 / 100e6 = 500,000 days
But maybe the attacker can guess 1 million x faster
That's just half a day
So double key length from 8 to 16
52^16 = 2.8e27
Double key length squares the key space
Increases key space by factor of 10^14th
Guessing 1e6 faster is still far too slow
Conclusion: long enough key, guessing is infeasible
-key len increase leads to exponential increase in key space
This matches the observed with the US govt and AES
-Cases in court where they have the hard drive, but cannot search it for evidence
-Legal question for future lecture: can govt require the accused to provide password?

e.g. your browser visits https://www.schwab.com
Browser on one end, Schwab web server on the other
The two bring up an encrypted pipe for communication
-using a key known only to those 2
HTTPS web packets then go in the encrypted pipe
Details of how to do it are very complicated
Attacker cannot see or fake content in the pipe
Even if the attacker controls a router along the way
e.g. logging in to schwab from Starbucks is safe

One day, your laptop will be stolen
-Have good backups!
Suppose you have a spreadsheet on there with people's SSNs
Suppose your browser is already logged in to important sites
Most likely, the thief just wants to sell your laptop, but you're worried
Approach 1: Encrypt a sensitive file, deleting the original
Approach 2: set up whole-disk encryption on the laptop (or phone)
Whole-Disk encryption:
- a big random key is created automatically
- the whole file system is encrypted with it
- your typed password encrypts/decrypts that key temporarily
Machine wakes: your password unlocks the key to decrypt all the files
No password, no files!
The files in your home directory are all stored in encrypted form .. docs, browser prefs, everything
Good: thief gets your laptop but no files. They don't care, they just sell it on craigslist.
Problem: annoying to type in your password
Problem: if you forget the password, your data is truly inaccessible - AES is not broken!
Still, this is a pretty good solution (Stanford staff are supposed to enable disk-encryption)
Future lecture issue: e.g. San Bernardino terrorist phones were encrypted

Public-key cryptography ("asymmetric")
Significant jump up in capability from classical-symmetric crypto
Amazing technology, surprising that it is even possible
Key feature:
Instead of a single secret key, there are 2 keys:
-private key - kept secret (priv)
-public key - can be shared (pub)
The 2 keys are mathematically linked
Many applications, used all the time on the internet

Generate a pub/priv pair on a machine
Publish the pub key
Priv key never leaves the machine
Digital signature: use the priv key to "sign" a PDF, creating a signature
1. Anyone can use the pub key to verify that the signature is valid and corresponds to that pub
2. Only the holder of the priv key can make the signature