HIMA 4160Fall 2009

Privacy, Confidentiality and Security Cryptography Public Key Infrastructure PKI application

vs

Authentication

Authorization

Access Control

Audit

Authentication

Authorization Audit Access

Control

Authentication

Authorization Audit Access

Control

Privacy Rules◦ Rules for protecting patients privacy

Security Rules◦ Measures for enforce security of patients

information◦ Only for electronic health information

Source: HIPAA Academy

Cryptology: the science concerned with data communication and storage in secure and usually secret form. It encompasses both cryptography and cryptanalysis

Cryptography: the science of transforming information into a form that is impossible or infeasible le to duplicate or undo without knowledge of a secret key

Cryptanalysis: the science (and art) of recovering or forging cryptographically secured information without knowledge of the key.

Encryption

Decryption

Cryptography

Algorithm using

keysPlain Text Ciphertext

IBM 1 HAL

Algorithm using keys

Plain Text Ciphertext

IBM 1 HAL

Keys are just mathematically large number

Symmetric -- use the same key for both encryption and decryption

Transposition

Algorithm – computing methods to combine keys and plain text to make it indecipherable

for people without the key

Substitution

Encryption

Decryption

Pla

inte

xt

Cip

hert

ext

Keyand encryption algorithm

The adventure of the dancing men http://www.citsoft.com/holmes/return/dancing.men.txt

Example using the Data Encryption Standard (DES)

On a computer…

$> des -e “Mary had a little lamb” output.desEnter key: oucskeyEnter key again: oucskey$>

The result:$> cat output.des!¢ðuýåćßÞf 謶׀ עжТφẸỆ≈∞▪ري$>

Example using the Data Encryption Standard (DES) continued…

$> des -d output.des text.desEnter key: oucskeyEnter key again: oucskey$>cat text.desMary had a little lamb$>

To decrypt:

Example using the Data Encryption Standard (DES) continued…

$> des -d output.des text.desEnter key: oucsquayEnter key again: oucsquay

Corrupted file or wrong key$>cat text.desuýåćß#¬`謶׀ φẸỆעжТ עжТ$>

Trying to decrypt with the wrong key:

How safe are encryption algorithms anyway?

Example using (DES) continued…

Attacking a cipher

What about a ‘brute force’ attack?i.e. ‘guessing’ at the key “oucskey”DES algorithm has a 56-bit key. Therefore, there are 256 = 72,057,594,037,900,000 different keys834 days at a billion keys per secondBut for a typed key, effectively 83 days

How safe are encryption algorithms anyway?◦Established algorithms should remain

sound

◦Safety is dependent on key length, the longer, the safer

Attacking a cipher

So you have to have the same key as your correspondent – is that a problem?

◦How do you send the key safely?

◦Do I try to exchange keys before I communicate?

How many keys will I need to communicate with everyone?

◦You need a key for everyone!

Some issues

Whitfield Diffie and Martin Hellman (1975)

Ellis and Cox (1973) A key pair is constructed using some

complicated maths (the keys are not the same)

Each party has two keys (public and private)

Anything encrypted with key1 can only be decrypted with key2

Decryption

Pla

inte

xt

Cip

hert

ext

Encryption

Key 1 andencryption algorithm

Pla

inte

xt

Cip

hert

ext

Encryption

Key 1 andencryption algorithm

If Key 1 = private, Key2 must be corresponding publicIf Key 1 = public, Key2 must be corresponding private

Key 2 andencryption algorithm

Decryption

Keys exist in pairs◦Keep one private (very secret) and 'publish'

one

◦Public keys can exist on certificates

Encryption can be done by either key◦If it is your key pair, you can use the private

key

◦Anyone else can use the public key to encrypt something

Demonstration

Public key

Private key

22

Complexmaths!

Extremely secret! If you send something encrypted by a

private key, it can be read by everyone, but they know it came from you.◦Authentication

Not at all secret!◦Widely available, but must be trusted

◦May be supplied as part of a certificate If you send something using a public

key, it can only be read by the entity to which it is addressed.◦Secure communications

e.g. SSL

Someone can use a public key to prove their identity to me◦but only if I trust that public key

So if someone I trusted endorsed (signed) that public key◦hold that thought for a moment - we’ll come

back to this...

Asymmetric keys can be used to sign things◦encrypt a bit of text with your private key

(can be attached 'securely' to the 'document')

◦people can de-crypt it with the public key and know that it was signed by you

What?…

You need to know something about hashes…

Message digests or one way hash functions distil the information contained in a file (very small or very large) into a single large number (usually between 128 and 256 bits in length)

So, you can actually add the hash value to the file somehow and then sign (or encrypt) that hash value with your private key.

HASH

Append

=

Put that public key on a certificate

Get someone you trust to sign the certificate◦If the certificate is tampered with, the

signature is broken

Organizations who sign public keys/certificates are called Certification Authorities (CA)

You create a key pair Put one key of the pair on a certificate

(which one?) Send the certificate (request) to the CA Present yourself or identify yourself to

the Registration Authority (RA) The RA tells the CA that you are OK The CA sends you the signed certificate

Now you have a signed certificate, people and services can trust that you are who you say you are

Present your certificate to a service

Tell them something encrypted by your private key

They like your certificate and know it is you

You keep your private key very secret◦Obey the rules for this!

Your public key is on the certificate

Services must trust the CA

Your certificate will have an expiry date◦after which you may have to re-visit the RA

Your certificate can be revoked at any time

Asymmetric encryption = public/private keys

Symmetric encryption is faster◦but how do you deliver the keys

Asymmetric encryption is used widely in internet communications◦Secure Sockets Layer, very common

Also used in client authentication(less common, at the moment)

Use PGP to Send Encrypted File