Crypto Recap
Topics
- future topic: keyed message authentication code
News and Errata
- Quicktime 7.6 Update for both Mac and Windows, critical, 7 exploits patched
- illegal iWork ’09 with a trojan that will deeply infect your Mac with a bot net
- you have options for your windows automatic update, choose the one right for you, make sure you are patched
- Yubikey, limited size of password discussed last show, someone wrote in to say longer password is possible
- http://cryptolink.com trademark is in place now
- http://My.BarackObama.com forum, people were putting up trojans
Crypto Recap
3.5 year review of all the security pieces that have been talked about
threat model – what is it we can do? what are we trying to do?
for example, we assume the endpoints are secure while we try to secure the communication between the two endpoints – keystroke logger, for example, we can’t secure against – if someone gets physical access, we’re insecure
we assume non-infinite computational power because all of the crypto is subject to brute force attack, no matter how long the key is
“perfect” security? yes, one-time pad – still isn’t secure if someone has physical access
much crypto depends on this fact: it is very easy to multiply two big prime numbers together, not easy to factor the result into those two original primes
taking something to a power is easy, taking the log is hard – also a fundamental assumption of security at present
you want there not to be a single point of failure, even if single communications is cracked, all the rest of the communications should still be secure – a single shared key is a bad idea for this reason
assume endpoints secure, path inbetween (the internet) totally insecure
what do we mean by security? in this context where we’re protecting traffic between two endpoints, we want 3 things:
- confidentiality, interceptor in the middle cannot read the messages
- integrity of message, guard against message being modified
- authenticate the endpoints, are we really talking who we think we are?
encryption gives confidentiality, symmetric (same key at both ends used to encrypt and decrypt), asymmetric (two different keys used, one to encrypt a random symmetric key that’s used to encrypt the message, the other to decrypt that symmetric key), key agreement
message integrity, using hashes to create a signature (md5, sha1, etc), a hash is a digest of a much-larger communication, a fingerprint – any change to the original message will change that fingerprint – not computationally feasible to make a change to the original message and deliberately produce the same signature – md5 has been broken in this respect
- in a couple of weeks we’ll talk about keyed digest, giving an authenticated signature, which we don’t have now
endpoint authentication, certificates and chain of trust anchored to a root authority
get yours here.
iron wil
