Public Key Encryption

#### Introduction

If you are at all interested in security, you must read _The Code Book_ by Simon Singh.  One of the finest books I've ever read.  I will paraphrase his thoughts on public key encryption here.

_code_: "Jupiter" implies "Attack at dawn" (Use Noel Becar's father example)

_cypher_: replaces letters not words.  "xyz" computed/encrypted from "cat" via simple substitution cypher c->x, a->y, t->z.

DES: Data Encryption Standard (1976).  Converts plain text into cyphertext using a key.  Bigger the key, harder it is to crack.  56bit DES.

#### Key distribution problem

The problem is how do you get the key to someone so they can decrypt the message you are sending.  In the old days, they used codebooks that would specify the key rotation for which day etc...  The problem is that those can be captured as in WWII submarine we nabbed.

With computers: You can't call on the phone to tell someone the code, but it's better than emailing it in the clear.  In person is best, but can still be overheard.  Banks used to send couriers around with the keys in a locked briefcase!

The development in the 1970's of a key distribution mechanism is a triumph!

### Key exchange

The new strategy:

  "Alice wants to send an intensely personal message to Bob.  Again, she puts her secret message in an iron box, padlocks it and sends it to Bob.  when the box arrives, Bob adds his own padlock and sends the box back to Alice.  When Alice receives the box, it is now secured by two padlocks.  She removes her own padlock, leaving just Bob's padlock to secure the box.  Finally she sends the box back to Bob.  And here is the crucial difference: Bob can now open the box because it is secured only with his own padlock, to which he alone has the key."

The problem is in the order of encryption operations for a computer.  You must encrypt/decrypt by "last on, first off."  This order problem breaks.  Alice encrypts then Bob encrypts, but Alice cannot undo his encryption so she can decrypt hers.  Even though this doesn't work for computers, it inspired Diffie and Hellman!

They started looking at trap-door math (non-two-way functions like on then off of a lightbulb).  One-way: mixing blue and yellow paint to get green cannot be undone by "unmixing".  Given {3^x = 1} in modular arithmetic 7, what is {x}?  Only way is to try all combinations of x looking for a solution.  If you make 3 bigger, you really have lots to try out. That is why bigger "keys" are stronger.

Bob and Alice agree to use {y^x} mod p and choose say {7^x mode 11}.  Initially Alice and Bob agree on values for y and p.  Almost any values are cool, but y<p.  Not secret.  Alice chooses a number, A=3, and so does Bob, B=6 keeping them secret (private key).  Alice puts A into one-way and gets say 2, Bob gets say 4.  They exchange these values publicly.  Alice takes Bob's result 4 and works out {4^3} mod 11 = 9 and Bob does {2^6} mod 11 = 9.  Same number!  That's the key to use.  They could now use this as a key for DES encryption.

Analogy: imagine using color as key.

  "First, let us assume that everybody, ... has a three-liter pot containing one liter of yellow paint.  If Alice and Bob want to agree on a secret key, each of them adds one liter of their own secret color to their own pot.  Alice might add a peculiar shade of purple, while Bob might add crimson.  Each sends their own mixed pot to the other.  Finally, Alice takes Bob's mixture and adds one liter of her own secret color, and Bob takes Alice's mixture and adds one liter of his own secret color.  Both pots should now be the same color, because they both one liter of yellow, one liter of purple and one liter of crimson.  It is the exact color of the doubly contaminated pots that is used as the key.  Alice has no idea what color was added by Bob, and Bob has no idea what color was added by Alice, but they have both achieved the same end."

Eve (intercepting intermediate pot of 2 colors) cannot unmix the pots to discover the secret color added.  yellow+purple -> Bob and yellow+crimson->Alice.

This is the Diffie-Hellman-Merkle key exchange scheme.  Great, but for email say, you both have to be at the compute to exchange the keys before you can send an encrypted email.

### RSA and public key encryption

(Rivest, Shamir, Adleman)

Must have a public key.  Chooses two prime numbers p and q.  Multiplying gives big number, which is the public key.  To encrypt to Alice, get her public key and puts into general form of one-way function (also public).  Bob now has a function tailored to Alice's key; just apply to Bob's text and send to Alice.  Nobody can decypher it as it's encrpyted.  How can Alice decrypt?  Alice must be able to undo the one-way function.  Rivest designed a one-way function so that it is reversible to someone who knows the values of p and q.  Knowing p*q gives no clue to p and q w/o lots of work.  p and q are the private key.

Note that Bob himself cannot decrypt message he sends to Alice.  Also, you don't have to both be online to exchange keys.

You use DES on your drive to encrypt the private keys which are big primes.  DES can encrypt with a passphrase you can remember.  If you forget your passphrase, your done!