GenCyber Camp Crypto #4 Encryption and Network Protocols The story of Alice and Bob part 2 (computer networks) What is a network? A bunch of connected components

Components are called nodes node node What is a network?

A bunch of connected components Components are called nodes Connections are called links

node node What is a network? A bunch of connected components

Components are called nodes Connections are called links An example network How is a message sent from 1 to 4?

Many paths Availability! Sending a message

How is a message sent from 1 to 5? Routing and addresses

Nodes route messages to other nodes using a routing table Nodes are identified by an IP address IP addresses are made up of four sets of numbers that range from 0 to 255 (e.g., 138.47.33.202) How many unique IP addresses are there? 4,294,967,296 = 256 x 256 x 256 x 256 = 2564

Is this enough? How many people are in the world? How many devices does each person have? Computer Laptop Cell phone Wii, PlayStation, Xbox

Amazon Echo, Google Home Car Thermostat Surveillance video camera Increasing address availability

IPv6 > IPv4 by increasing the address space 8 sets of hexadecimal numbers that range from 0 to 65,535 04a4:3bb6:f612:8c88:d399:560e:7ae1:e11e How many unique IP addresses are there now? 65,5368 = 3.4103 8 (3.4 undecillion!) Messages

Messages are often too large to send in one shot We split the message up into chunks called packets Messages Packets

Sequence # Source IP Target IP Part of the message Packets 1 138.47.102.20 138.47.55.55

Meet Packets 1 2 138.47.102.20 138.47.55.55 Meet _me_

Reliability Messages are sent according to a strict set of rules, called a protocol The rules ensure that if a packet is corrupted or lost, then it is resent. http:// and https:// ftp:// Are all different protocols

and Here are Bob and Alice again... Alice, the mayor, creates a private and public key Private key Public key

Alices Public Key Why just numbers? Message: Hello There Encoded in ASCII or Unicode or

EBCDIC Decimal (base 10): (ASCII) 72 101 108 108 111 32 84 104 101 114 101 How do we send more numbers?

Use more graphs One per number Hello There requires 11 graphs This is certainly not practical Can make the numbers bigger Prime factors

21 = ? Prime factors 21 = 3* 7

589= ? Prime factors 21 = 3* 7 589= 31 * 19 8633 = ?

Prime factors 21 = 3* 7 589= 31 * 19

8633 = 97 * 89 Is it easy? RSA-100 What about: 152260502792253336053561837 813263742971806811496138068

865790849458012296325895289 7654000350692006139 RSA-100 379752279369436739228088727 55445627854565536638199 * 400946909509208810306837352 92761468389214899724061

RSA-1024 309 digits! 13506641086599522334960321627880596 99388814756056670275244851438515265 10604859533833940287150571909441798 20728216447155137368041970396419174 30464965892742562393410208643832021

10372958725762358509643110564073501 50818751067659462920556368552947521 35008528794163773285339061097505443 34999811150056977236890927563 How RSA works...basically

A large number, N, is the public key A prime factor of N, F, is the private key It works because N is huge, and factoring N into a product of two primes is HARD So it's hard to find (or guess) the private key

How sending a message works logically Suppose there are two primes Say 23 and 47, Lets call 47 the private key Public key = 23 * 47 = 1081 Alice gets Bobs Public key, 1081, encodes her message with it. Physically we scramble the bits of the message with the bits of the public key Logically (in this lecture) we place the message in an

envelope and write the public key on the envelope. We send the envelope to Bob, every one can see the public key on the envelope, but they cant decipher the message How receiving a message works logically When the message is received it can be decoded Physically, the message is unscrambled using the two factors of the public key. Unscrambling and scrambling are designed to make this easy if you know the

factors. Logically in todays lecture, Bob will demonstrate that he knows the key, by dividing the public key by one of the factors. If there is no remainder, he has demonstrated that he has factored the public key, and he is allowed to open the envelope. Lets play a game Lets pretend were the internet Messages are passed from one node (Person) to another node (Person) via a router (me)

Nobody is allowed to speak unless specifically asked, but they can communicate by sending messages. Messages are note cards that are labelled with the recipient and handed from router to router until reaching the recipient. Everyone can see these messages unencrypted. Encrypted Messages Message can also be placed inside an envelope

(encrypted) with a number N (public key) written on it. Write a message on card, place it in envelope and write the public key and the recipient on the Envelope. The envelope cannot be opened or read unless a factor F (private key), for N is known. These messages are considered encrypted. Exploits As the game demonstrates, even with perfect

encryption secrets can be come known. Here we exploit the nature of the internet, rather than the encryption mechanism. The attacker is thinking outside the box. A mechanism is only as strong as its weakest link. Security principles How does this example involve violations of Confidentiality Integrity

Availability