Welcome to Introduction to Applied Cryptography. Cryptography is an essential component of cybersecurity. The need to protect sensitive information and ensure the integrity of industrial control processes has placed a premium on cybersecurity skills in today’s information technology market. Demand for cybersecurity jobs is expected to rise 6 million globally by 2019, with a projected shortfall of 1.5 million, according to Symantec, the world’s largest security software vendor. According to Forbes, the cybersecurity market is expected to grow from $75 billion in 2015 to $170 billion by 2020. In this specialization, you will learn basic security issues in computer communications, classical cryptographic algorithms, symmetric-key cryptography, public-key cryptography, authentication, and digital signatures. These topics should prove especially useful to you if you are new to cybersecurity Course 1, Classical Cryptosystems, introduces you to basic concepts and terminology related to cryptography and cryptanalysis. It is recommended that you have a basic knowledge of computer science and basic math skills such as algebra and probability.
Modern Guiding Principles in Cryptography
Loading...
Do curso por University of Colorado System
Classical Cryptosystems and Core Concepts
57 classificações
University of Colorado System
57 classificações
Curso 1 de 4 em Specialization Introduction to Applied Cryptography
Na lição
Cryptographic Tidbits
In this module we present an introduction to cryptography, differentiate between codes and ciphers, describe cryptanalysis, and identify the guiding principles of modern cryptography. After completing this course you will be able to read material related to cryptographic systems, understanding the basic terminology and concepts. You will also have an appreciation for the historical framework of modern cryptography and the difficulty of achieving its aims.
Conheça os instrutores
William BahnLecturer
Computer Science
Richard WhiteAssistant Research Professor
Computer Science
Sang-Yoon ChangAssistant Professor
Computer Science
Now that we have an historical context for cryptography and cryptanalysis, and
have been exposed to many of the terms and concepts involved, we turn our
attention to summarizing some of the key lessons that history has taught us and
laying out the foundation for modern cryptographic systems.
Perhaps the core principle adhered to by modern cryptography is captured by
Kerckhoffs' Principle, which essentially states that a cryptosystem should remain
secure, even if the adversary knows every detail of the system, except the key.
This underscores the need to safeguard the security of the key,
which opens its own Pandora's box of complications.
Included in this is the key distribution problem, the resulting desirability of
public key cryptosystems and the need and role for trusted third parties.
One thing that is frequently overlooked, often with disastrous consequences,
are how human factors impact the practical security of a cryptosystem.
Each of these topics will be covered in greater depth as needed in later modules
and other courses.
The goal here is to establish a general framework encompassing all of them for
future work to build upon.
We saw that throughout the vast majority of history,
the security of cryptosystems relied on the entire system remaining secret from
the enemy, a practice now known as security through obscurity.
Once the workings of the algorithm became known, the residual security provided by
whatever key remained, was minimal and easily defeated.
As a result, the entire cryptosystem had to be discarded, and a new one deviced.
In examining the history of cryptographic failures, the Dutch cryptographer,
Auguste Kerckhoffs, laid out a set of design principles in 1883 that should
guide the design of cyphersystems.
One of these principles was that the system should be easy to use,
and not require the user to know or comply with long lists of rules.
Consider how violating this principle with regards to the Enigma machine
changed the course of World War II more than half a century later.
Another of Kerckhoffs' design principles is so
critically important that it, by itself, is now known as Kerckhoffs' Principle.
This principle merely states that the design of the cryptosystem should
not require secrecy and
that the system should remain secure even if its design falls into enemy hands.
This is often expressed by saying that you should be able to turn over
all of your design documents to your enemy and
pay them to build your cipher machines for you.
A major advantage of complying with this principle is that instead of relying on
the expertise of a small handful of people to test the security of a cryptosystem,
which is done by trying to find clever ways to break it,
the design can be made public.
And now millions of highly skilled people can try to find weaknesses and
publish those results.
At first glance, this might seem the very essence of insanity,
as it would appear that you're making your enemy's job that much easier.
The thing to remember is that you should assume that your enemy is willing to put
many times the resources available to you at work to break your system.
And that they have access to people at least as talented as any of yours.
Hence, if there are weaknesses that your small team of experts missed,
your enemy is probably going to find them.
But if the entire world is looking at your design,
then it becomes highly unlikely that any significant weaknesses discovered by your
enemy isn't also going to be discovered by several other people and made public,
thus giving you the opportunity to revise your design and remove that weakness.
This is why it's become quite common for the designers of cryptographic algorithms
to issue public challenges, sometimes with prizes worth millions of dollars,
to the first person that can break the system,
and some of these prizes have been successfully claimed.
Kerckhoffs also recognized that a direct consequence of this principle is that
the security of the system must therefore rest in the security of a key, and
that this key should be as simple and small as possible.
It should be easily communicated, and
the parties should be able to change it as needed.
One thing that Kerckhoffs didn't directly address,
most likely because in his time cyphers were used on very small scales compared
to what became commonplace in the 20th century with the advent
of industrial scale cryptography, is know as the key distribution problem.
This problem reflects the difficulty of generating sufficient key material,
securely distributing it to the parties that need it, and
being able to detect when and if there's been a compromise.
We've previously considered the inability of the Soviet Union to
keep pace with its need for one time pads in World War II, and how this resulted in
significant breaks into their top secret traffic via project Venona.
Let's consider how the number of keys needed grows as the scope
of a cryptosystem grows.
If you have end users,
then the greatest security is achieved if each pair of users has a unique key.
A strong advantage of using such pairwise keys is that if a key is compromised,
it only endangers the traffic between that pair of individuals,.although
this could be parlayed into additional key breaches.
Because the benefit to the enemy of compromising one key is minimal,
the resources that they're likely to put into the effort is likewise probably going
to be limited.
But this only true if it is feasible to properly manage all of the keys.
With N participants each needing N- 1 keys to communicate with the other people,
the total number of keys that you need is on the order of N squared.
If you have a small team of operatives, say 10, then you only need about 50 keys,
and this is not too unreasonable.
But today we need to secure communication networks that have literally millions of
users, some human and some not, such as communication relays and
in-place sensor networks.
For the best security, you would want every pair of users to have their own key,
but 1 million users would require 1 trillion keys.
And then somehow you would need to distribute 1 million of these keys
to each of 1 million users.
This is completely unmanageable, and 1 million nodes is small compared to
something the scope of the global information grid.
An alternative is to have large groups of users share a common key,
to reduce the total number of keys to a manageable level.
The problem here is that the the larger the group,
the more valuable a key compromise becomes to your adversary, and
hence the greater the resources they may commit to the effort.
This is an addition to the fact that just having the key known to a larger group of
people, increases the likelihood that someone is going to get careless and
exposed the key.
Furthermore, it becomes increasing likely that any bridge that does happen, will not
be detected by the other users, who will continue using the compromised key.
About the only thing worse than your key becoming known to your enemy is for
you not to know that it has.
No one has yet devised a truly practical and
scalable solution to the key distribution problem.
But in the mid 1970s, a revolutionary alternative was developed independently
by both classified and unclassified researchers.
The basic idea stems from asking whether it was possible to
use secrets that didn't have to be shared.
Something that had previously not even been considered,
since its absurdity would have seemed obvious.
It was taken as a given that secret communications relied on shared secrets,
now known as symmetric keys.
But let's rephrase the question slightly as two separate questions.
First, is it possible to use two different but related keys, such
that two people can communicate securely as long as each one has one of the keys.
This is what is known as asymmetric cryptography.
Second, if this is possible, we then ask, is it possible to make one
of the keys public knowledge without compromising the other key?
If this has a solution, then Alice can generate both keys,
keep one all to herself and
publish the other for Bob to look up, as can even Mallory and everyone else.
As the saying goes, if you want to keep something a secret, never tell anyone.
If two people know a secret, then it's no longer a secret.
This is known as public key cryptography, and it's become perhaps the most single
critical component in today's vibrant online economy.
On one level this would seem to trivially solve the key distribution problem.
Alice can publish her public key in as many ways that she wants, and
Bob only needs to be able to find one of them.
But there's a really big catch,
how does Bob know that the key he finds is really Alice's public key?
Perhaps Mallory made up a pair of keys and published one of those in Alice's name.
Bob has to be able to trust that the key he looks up
really is the one published by Alice.
Whether we are talking about symmetric or
asymmetric cryptography, nearly any practical cryptosystem that operates
on any meaningful scale currently uses some form of trusted third party.
The role of the trusted third party, usually named Trent
in our cast of characters, varies depending on the system.
Consider the case in which Alice and Bob, who don't know each other and
are thousands of miles apart, need to communicate securely.
If they want to use a symmetric cryptosystem,
then they need some way of getting identical copies of a key.
If Alice creates the key, then she needs Trent to deliver the key to Bob.
Alice must trust that Trent will actually deliver the right key to Bob,
will not give the key to anyone else, and
probably that Trent will not retain a copy of the key.
Bob, on the other hand,
must trust that the key that Trent gives him really is the key that Alice provided,
and the Trent didn't give it to anyone else or keep a copy.
If Alice and Bob choose to use an asymmetric cryptosystem,
then they generally rely on Trent to publish the public keys.
So they must trust that Trent will faithfully publish the public key
associated with a given user and trust that Trent has adequately
vetted the identity of the person that provided him with the key,
requesting that he do so.
In addition, if Alice sends Bob her public key directly,
he must assume that it might actually have come from Mallory.
So he contacts Trent and
trusts in him to verify that Alice really is the owner of that key.
Don't worry if you're only getting a general sense for
all of this, that's all that's hoped for
at this point, we've got an entire course devoted to asymmetric cryptography.
The last thing that we want to touch on briefly are what are generally referred
to as human factors.
No system is fool proof, the universe is always producing better fools.
But the security of any system ultimately relies on the users following the rules.
Recall how several breaks in the systems like Enigma stemmed primarily from
human users not following the proper protocols when using the machine.
And these were quite highly skilled and trained operators.
Imagine what would have happened if the system had been widely used by
large numbers of minimally trained users.
Now consider how much of our modern interactions rely on common
everyday people, sometimes even young children, not doing things such as
using their birthday as the password, or not writing down their PIN numbers on
the back of their debit cards, or not clicking on the link in the email with
the urgent message about needing to update their operating system immediately.
We've reached a point in which the computational security of modern
cryptosystems is sufficiently strong, that breaches in security are caused by flaws
in the implementation, sloppy practices on the part of users, or
successfully tricking a user into revealing compromising information.
To recap what we've just learned, modern cryptography relies on some bedrock
principles that have been hard won over the millennia.
The most important is that a cryptosystem isn't secure if its details must hide in
the shadows.
The only thing that should have to remain secret are the particular keys being used,
but managing keys properly is a difficult task that doesn't scale well.
So when possible, we want to use public key systems that eliminate
much of the need to securely distribute keys.
But in any event, for the foreseeable future we
will be relying on trusted third parties for critical aspects of our operations.
But how do such parties establish and maintain that trust,
given that they are as exposed to the same human fact weaknesses as the rest of us.
Explore nosso catálogo
Registre-se gratuitamente e obtenha recomendações, atualizações e ofertas personalizadas.
O Coursera proporciona acesso universal à melhor educação do mundo fazendo parcerias com as melhores universidades e organizações para oferecer cursos on-line.
© 2018 Coursera Inc. Todos os direitos reservados.
