GZ der Informatik / Sicherheit

1

GZ der Informatik VIIIGZ der Informatik VIII Kryptografie, Digitale Signaturen, SETKryptografie, Digitale Signaturen, SET

Univ.-Ass. DI. Markus SeidlUniv.-Ass. DI. Markus Seidl

University of ViennaUniversity of Vienna

Markus.Seidl@univie.ac.atMarkus.Seidl@univie.ac.at

2S

iche

rhei

t

CryptographyCryptography

- to protect sensitive information- to protect sensitive information

- using a key- using a key

- two primary encryption methods- two primary encryption methods• Secret-key cryptographySecret-key cryptography• Public-key cryptographyPublic-key cryptography

- SET (Secure Electronic Transaction) uses both methods- SET (Secure Electronic Transaction) uses both methods

3S

iche

rhei

t

Secret-key cryptographySecret-key cryptography

- symmetric cryptography- symmetric cryptography

- same key to encrypt and decrypt the message- same key to encrypt and decrypt the message

- share a secret (key)- share a secret (key)

- e.g. DES (Data Encryption Standard)- e.g. DES (Data Encryption Standard)

4S

iche

rhei

t

Public-key cryptographyPublic-key cryptography

- asymmetric cryptography- asymmetric cryptography

- uses two keys: one to encrypt and one key to decrypt the message- uses two keys: one to encrypt and one key to decrypt the message

- keys are mathematically related- keys are mathematically related

- user has two keys: a public and a private key- user has two keys: a public and a private key

- public key is distributed, private key is not disclosed- public key is distributed, private key is not disclosed

- e.g. RSA (Rivest Shamir and Adleman)- e.g. RSA (Rivest Shamir and Adleman)

5S

iche

rhei

t

SET - EncryptionSET - Encryption

- confidentiality is ensured- confidentiality is ensured

- using a randomly generated symmetric encryption key- using a randomly generated symmetric encryption key

- key encrypted using the message recipient‘s public key- key encrypted using the message recipient‘s public key

- „digital envelope“ of the message ({M}- „digital envelope“ of the message ({M}SKSK {SK} {SK}PUBK_RECPUBK_REC))

- provide highest degree of protections (keys cannot be easily reproduced)- provide highest degree of protections (keys cannot be easily reproduced)• Programming methodsProgramming methods• Random number generation algorithmsRandom number generation algorithms

6S

iche

rhei

t

SET – Digital SignaturesSET – Digital Signatures

- ensure integrity and authentication - ensure integrity and authentication

- mathematical relationship between the public and private keys- mathematical relationship between the public and private keys

- message digests (160 bit)- message digests (160 bit)• value generated for a message (or document)value generated for a message (or document)• unique to that messageunique to that message• generated by passing a one-way cryptographic functiongenerated by passing a one-way cryptographic function

- digital signature (DS)- digital signature (DS)• (M, {MD(M)}(M, {MD(M)}PRIVK_SENDPRIVK_SEND))

• recipient verifies the message digestrecipient verifies the message digest• recipient can be sure that message really comes from the senderrecipient can be sure that message really comes from the sender

7S

iche

rhei

t

SET – Digital Signatures (2)SET – Digital Signatures (2)

- Example- Example• Alice computes MD of a message MAlice computes MD of a message M• encrypts it with her private keyencrypts it with her private key• send M + DS to Bobsend M + DS to Bob• Bob computes MDBob computes MD• decrypts DS with Alice‘s public keydecrypts DS with Alice‘s public key• if equal, message was signed with Alice‘s private key and message if equal, message was signed with Alice‘s private key and message

has not changed since it was signed.has not changed since it was signed.

- SET uses two asymmetric key pairs for each participant- SET uses two asymmetric key pairs for each participant• „„key exchange“ pair (for encryption and decryption)key exchange“ pair (for encryption and decryption)• „„signature“ pair (creation and verification of DS)signature“ pair (creation and verification of DS)

8S

iche

rhei

t

SET - CertificatesSET - Certificates

- authentication is further strengthended by the use of certificates- authentication is further strengthended by the use of certificates

- e.g. Bob wants to be sure that the public key belongs to Alice- e.g. Bob wants to be sure that the public key belongs to Alice

- Solution- Solution• receive public key over a secure channel directly from Alicereceive public key over a secure channel directly from Alice• use a trusted third party (Certificate Authority)use a trusted third party (Certificate Authority)

- CA (Certificate Authority)- CA (Certificate Authority)• Alice provides proof of her identityAlice provides proof of her identity• CA creates a message containing Alice‘s name and her public keyCA creates a message containing Alice‘s name and her public key• this message (certificate) is digitally signed by the CAthis message (certificate) is digitally signed by the CA

({A, PUBK_A}({A, PUBK_A}PRIVK_CAPRIVK_CA))

• public key of the CA should be known to as many people as possiblepublic key of the CA should be known to as many people as possible• SET participants have two key pairs, they also have two certificates SET participants have two key pairs, they also have two certificates • the certificates are created and signed at the same time by the CAthe certificates are created and signed at the same time by the CA

9S

iche

rhei

t

SET – Encryption summarySET – Encryption summary

1 0S

iche

rhei

t

SET – Dual SignatureSET – Dual Signature

- Dual signature- Dual signature- Bob sends Alice an offerBob sends Alice an offer- Bob sends the bank an authorization to transfer moneyBob sends the bank an authorization to transfer money

- Generating a dual signature- Generating a dual signature

( M1, MD(M2), {MD(M1)MD(M2)} ( M1, MD(M2), {MD(M1)MD(M2)} PRIVK PRIVK ))

- Example- Example- message from Alice to the bank with the MD of the offermessage from Alice to the bank with the MD of the offer- bank uses MD of Bobs´s authorisation and MD of the offer from Alicebank uses MD of Bobs´s authorisation and MD of the offer from Alice- bank checks authenticity of the offer against the dual signaturebank checks authenticity of the offer against the dual signature

- Use of dual signatures- Use of dual signatures- merchant sends authorization request to the acquirermerchant sends authorization request to the acquirer- includes payment instructions and MD of the order (by the cardholder)includes payment instructions and MD of the order (by the cardholder)- the acquirer check the dual signature (MD from the merchant, MD of the acquirer check the dual signature (MD from the merchant, MD of

the payment instructionsthe payment instructions

1 1S

iche

rhei

t

SET – Certificate IssuanceSET – Certificate Issuance

- Cardholder certificates- Cardholder certificates

- Merchant certificates- Merchant certificates

- Payment gateway certificates- Payment gateway certificates

- Acquirer certificates- Acquirer certificates

- Issuer certificates- Issuer certificates

1 2S

iche

rhei

t

SET – Hierarchy of trustSET – Hierarchy of trust

1 3S

iche

rhei

t

Zuverlässigkeit von digitalen SignaturenZuverlässigkeit von digitalen Signaturen

- Geheimhaltung des geheimen Schlüssel (Chipkarte)- Geheimhaltung des geheimen Schlüssel (Chipkarte)

- Länge des Schlüssels (Anzahl) - Länge des Schlüssels (Anzahl) • Angreifer probiert alle Schlüssel durchAngreifer probiert alle Schlüssel durch• Dauer der VerschlüsselungDauer der Verschlüsselung

- Verwendetes Kryptosystem- Verwendetes Kryptosystem

- Verwendete Komprimierungsfunktion- Verwendete Komprimierungsfunktion

- Authentizität des öffentlichen Schlüssels (Lösung -> Zertifikate)- Authentizität des öffentlichen Schlüssels (Lösung -> Zertifikate)

1 4S

iche

rhei

t

Unterschiede bei UnterschriftenUnterschiede bei Unterschriften

- Eigenhändige Unterschrift- Eigenhändige Unterschrift• kann "gefälscht" werdenkann "gefälscht" werden• Sicherheitsgrad fest vorgegebenSicherheitsgrad fest vorgegeben• nicht global einsetzbarnicht global einsetzbar

- Digitale Unterschrift- Digitale Unterschrift• kann "gestohlen" werden (privater Schlüssel, Chipkarte)kann "gestohlen" werden (privater Schlüssel, Chipkarte)• Sicherheitsgrad frei wählbar (Schlüssellänge)Sicherheitsgrad frei wählbar (Schlüssellänge)• global einsetzbar (binnen Sekunden im In- und Ausland verifizierbar) global einsetzbar (binnen Sekunden im In- und Ausland verifizierbar)

Voraussetzung: ZertifizierungshierarchieVoraussetzung: Zertifizierungshierarchie

1 5S

iche

rhei

t

Einsatzmöglichkeiten für digitale SignaturenEinsatzmöglichkeiten für digitale Signaturen

- Authentifikation- Authentifikation• zeigt die Autorenschaft anzeigt die Autorenschaft an• E-mail, Banktransaktionen, Schecks, Firmenrundschreiben, E-mail, Banktransaktionen, Schecks, Firmenrundschreiben,

Gesetzestexte, etc.)Gesetzestexte, etc.)

- Signierte Dokumente mit Semantik (Einverständnis mit dem Inhalt)- Signierte Dokumente mit Semantik (Einverständnis mit dem Inhalt)• Autorenschaft und Urheberrecht eines DokumentsAutorenschaft und Urheberrecht eines Dokuments• digital unterschriebene Softwarepaketedigital unterschriebene Softwarepakete

- Elektronisch abgeschlossene Verträge (rechtliche Grundlage!?)- Elektronisch abgeschlossene Verträge (rechtliche Grundlage!?)

- Elektronischer Handel (z.B. Einkaufen im Internet)- Elektronischer Handel (z.B. Einkaufen im Internet)

1 6S

iche

rhei

t

Notwendige RahmenbedingungenNotwendige Rahmenbedingungen

- Gesetzliche Voraussetzungen: Schaffung der gesetzl. Grundlage- Gesetzliche Voraussetzungen: Schaffung der gesetzl. Grundlage• für Einführung einer Zertifizierungshierarchiefür Einführung einer Zertifizierungshierarchie• für Rechtsverbindlichkeit von digit. Unterschriftenfür Rechtsverbindlichkeit von digit. Unterschriften• Anerkennung und Prüfung techn. Voraussetzung (Chipkarte etc.)Anerkennung und Prüfung techn. Voraussetzung (Chipkarte etc.)

- Technische Voraussetzungen (Schaffung von Standards)- Technische Voraussetzungen (Schaffung von Standards)• Schaffung von ZertifizierungsstellenSchaffung von Zertifizierungsstellen• Einrichten von ZeitstempeldienstenEinrichten von Zeitstempeldiensten• Verteilungsstellen für ZertifikateVerteilungsstellen für Zertifikate