Week 5: Cryptography

Introduction

Download this video clip.Video player: ou_futurelearn_cyber_security_vid_1016.mp4

Show transcript|Hide transcript

Transcript

CORY DOCTOROW

Early in the course we looked at the importance of ensuring your digital information is kept secret and not tampered with. We called these goals confidentiality and integrity. This week we'll focus on a key technique called cryptography, which is concerned with securing information so that it can be transmitted safely, even over unsecured networks. You'll be learning the basic terminology of cryptography and how it can be used to achieve different security goals, including securing your emails and protecting your digital life. By the end of the week you'll also be able to explain the use of cryptography in common applications, such as the world wide web.

End transcript

Download

 

Cory explains the focus for this week: cryptography.

Cryptography is a specialised area of mathematics concerned with protecting information so that it can be transmitted and received securely even when there is a risk that a hostile third party might intercept or modify the data. You will recognise it as it’s been mentioned before as a technique that can help with protecting information.

We are now going to look at this important aspect of cyber security in a little more detail.

1 The secret of keeping secrets

Figure 1

Show description|Hide description

This is a black-and-white photograph of a number of women in an office at machines.

Figure 1

There have been many applications of cryptography throughout history, ranging from simple ciphers used by Julius Caesar to send military orders to his generals, to the more sophisticated medieval ciphers that withstood most attacks until the late ninteenth century and the famous Enigma codes of the Second World War.

The development of computers in the twentieth century allowed for far more complex means of encryption. Computers could perform:

• the mathematical operations that underpin all cryptography
• much more complex mathematics than could be reasonably expected of a human
• much faster than a human
• on much more data than a human could handle.

Any data that could be represented in binary format, i.e. using 0s and 1s, can be encrypted by a computer. It is not an exaggeration to say that encryption makes much of the modern world possible. Some commonplace applications for cryptography include:

• secure banking and payments systems – cryptography ensures your money is safe when it is transferred between accounts, issued at ATMs or used to shop online
• protecting conversations made over mobile telephones
• safeguarding wireless networks that give access to the internet
• securing files on hard disks and memory sticks
• authenticating electronic documents
• electronic voting
• securing media files such as music or movies from piracy, where it is known as Digital Rights Management (DRM).

1.1 Plaintext and ciphertext

Figure 2

As in previous weeks, there is some terminology we need to introduce:

• plaintext – information that can be directly read by humans or a machine (this article is an example of plaintext). Plaintext is a historic term pre-dating computers, when encryption was only used for hardcopy text, nowadays it is associated with many formats including music, movies and computer programs
• ciphertext – the encrypted data
• a cipher – the mathematics (or algorithm) responsible for turning plaintext into ciphertext and reverting ciphertext to plaintext (you might also see the word ‘code’ used – there is a technical difference between the two but it need not concern us now)
• encryption – the process of converting plaintext to ciphertext (occasionally you may see it called ‘encipherment’)
• decryption – the process of reverting ciphertext to plaintext (occasionally ‘decipherment’).

1.2 Encryption keys

Figure 3

Show description|Hide description

This is an abstract image of different coloured numbers and patterns.

Figure 3

Keys are pieces of information that determine the output from an encryption (or decryption) process. A single cipher can produce an almost limitless number of different outputs with different key values, allowing secure communication even if the cipher itself is known to hostile third parties.

It might surprise you to know that almost all ciphers are published in the scientific press or in standards documents. Having them available for widespread scrutiny allows many people to check that they are secure and do not contain weaknesses which could be exploited to compromise the security of the data encrypted using that cipher.

A computer encryption key is nothing more than a string of bits where each bit can have a value of either 0 or 1. The number of possible values for a key is simply the total number of values that the key can have. So our one-bit long key can only have two possible values – 0 and 1. If we choose to have a two-bit key it could have one of four possible values – 00, 01, 10 and 11. In fact every time we increase the length of the key by one bit we double the number of possible keys – so a three-bit key has eight possible values – 000, 001, 010, 011, 100, 101, 110 and 111.

The total number of keys can be written in scientific form as 2^{key length}; so a key with a length of eight has 2⁸ – that is 256 – values.

But how long should a key be? How short is too short?

1.3 The key distribution problem

Download this video clip.Video player: ou_futurelearn_cyber_security_vid_1019.mp4

Show transcript|Hide transcript

Transcript

Alice and Bob want to form some kind of relationship. It might be business, it could even be romantic. But whatever else, it must be confidential. The third person in this relationship is Eve. And, as her name suggests, she's an eavesdropper who wants to know what's going on between Alice and Bob. To do that she has to intercept their information.

Alice and Bob might not even be aware that Eve exists, but she is a threat to their confidentiality. First of all, let's remind ourselves how messages are sent over the internet. So we have Alice's and Bob's computers here. Alice has created a document which she wants to send to Bob.

When you send a message across the internet, it may actually look like the message goes straight from one computer to the other. In reality, there's usually at least one more computer, such as a router or a file server in between. So now the message goes from Alice, to the computer in the middle, to Bob.

In fact, it can get even more complicated, and there may be a large number of different computers in between the two of them. Alice's message is routed from one computer to another until it reaches Bob.

We've drawn the computers in different colours because they don't belong to either Alice or Bob. They might belong to their internet service providers, their employers, or to a big telecom company. Some of the computers may be in a different country, where different laws apply. And some of them might not be trustworthy, which is where Eve comes in.

Here's the same network, except now Eve's going to join in. She will log on and then compromise one of the computers in the middle. One way she could do this is to use a packet sniffer, a piece of hardware or software that makes copies of any messages passing between Alice and Bob, and sends them to Eve. Alice and Bob won't even know these copies are being made, but Eve will have a full transcript of everything that's happening between the two of them.

Alice and Bob can protect themselves using encryption. The most obvious form of encryption is called symmetric encryption, which uses a single key to encrypt plaintext to ciphertext and decrypt ciphertext back into plaintext. Symmetric encryption has been around for thousands of years and is still important today in the form of technologies called DES, triple DES, and AES, which are widely used in financial transactions over the internet and within banks.

Let's go back to Alice and Bob. Aware that Eve wants to learn their secret, they choose to use symmetric encryption. The first thing for them to do is to generate a shared key and each to make their own copy. One way of doing this is to meet, discuss their secrets, and come up with a key. At the end of the meeting they'll each go away with their own copy of the key. Alice and Bob can now exchange secure messages, each using their own copies of the symmetric encryption key to encrypt and decrypt messages.

However, remember that Alice and Bob don't live locally. They have to travel a long distance, so meeting is not always possible. And it's entirely possible they're in a situation where it's dangerous to share a key.

An alternative is for Alice to generate a key and send it to Bob, perhaps through the post, perhaps over the internet. However, as we all know, things get lost in the post. And that could happen to our encryption key. Or perhaps Eve is waiting by Bob's post box and makes her own copy when it's delivered.

Alice might choose to generate the key herself, then give it to an armed guard, a bit like the way you might use a courier to send a valuable parcel from one part of the country to the other. Alice generates the key on her computer, hands it over to the armed guard, who then trundles across to Bob and hands the key over.

However, as you can imagine, armed guards are very expensive. Historically, the only people who could afford armed couriers to distribute encryption keys were governments and the very largest companies such as banks and international corporations. This meant that most people were completely unable to use cryptography.

Now you've seen some of the problems of symmetric cryptography, let's see how some of those problems apply to the internet.

Alice and Bob still want to share their secrets. Alice has generated a symmetric encryption key on her computer and needs to send it across the internet to Bob. There are a number of computers in between, one of which has been compromised by Eve. So when Alice sends the key across the network, it passes through the computer now belonging to Eve, who obtains a copy of the key, and so does Bob. Neither Alice or Bob know that the key has been copied. So they can carry on using it, thinking their messages are secure, but in reality Eve is reading each and every one of them.

This is called the key distribution problem. How do we keep keys in the hands of those who need them and not in the hands of criminals or those who would misuse them?

Until the early 1970s it was believed there was no solution to the key distribution problem, hence all those armed guards and couriers. The solution is called asymmetric encryption. Now there are two keys. The first key, called the public key, encrypts plaintext to ciphertext. The second key, known as the private key, decrypts ciphertext back to plaintext.

End transcript

Download

 

Traditionally, symmetric encryption suffered one enormous shortcoming – it was necessary for either the sender or the recipient to create a key and then send it to the other party. While the key was in transit, it could be stolen or copied by a third party who would then be able to decrypt any ciphertexts encrypted with that key.

Another problem is that a large number of key pairs are needed between communicating parties. This quickly becomes difficult to manage the more there are. This can be calculated as n(n-1)/2 where n is the number of communicating parties.

For example, if ten parties want to communicate with each other securely they would need 45 different key pairs: 10(10-1)/2 = 45. This would increase to 4,950 if there were 100 communicating parties!

This problem, called the key distribution problem, affected anyone wishing to use encryption until the 1970s when a method of distributing keys without actually sending the keys themselves was developed independently by GCHQ in the United Kingdom and Whitfield Diffie and Martin Hellman in the United States. The British discovery was kept secret for many years, so today the solution is known as the Diffie–Hellman key exchange method.

Symmetric encryption methods have the advantage that encryption and decryption is extremely fast, making them ideal for transmitting large amounts of secure data. In the video you saw how key distribution was achieved between two people, Alice and Bob.

1.4 Asymmetric or public key cryptography

Download this video clip.Video player: ou_futurelearn_cyber_security_vid_1020.mp4

Show transcript|Hide transcript

Transcript

Before we get into the details of how computers use asymmetric cryptography, it's worth spending some time on a small thought experiment.

Here's Alice, here's Bob. Alice has a valuable document. And Bob has gone to his local locksmith and ordered a very large number of identical padlocks, as well as a single key which can open any of those padlocks. If anyone asks Bob for a padlock, he'll send one of them through the post, but he will never give away his key.

Alice asks Bob for a padlock. When she receives it she places her valuable item into a box, closes it, then uses the padlock to lock the Box. At this point, the contents of the box are secure behind the padlock and Alice can't open the box, because she doesn't have a key. It's perfectly safe for Alice to send the box through the post because no one who gets a hold of it can open it unless they have a key. And the only key is in Bob's possession.

When both receives the box all he needs to do is use his key to open the lock, open the box, and there's the original document that Alice wanted to send him.

The boxes and padlock example should make asymmetric encryption easier to understand. The padlocks, which are given to anyone who wants one, represent the public key. The top secret key that can unlock the padlocks is the private key. We'll show the public key as a coloured key on a white background. The private key will be a white key on a coloured background. Two keys together are called a key pair, and these are normally held inside a computer on what's called a key chain.

Alice and Bob are now going to use asymmetric cryptography to exchange information. Each of them will independently generate a key pair. A public key, and a private key. The keys are generated using a whole combination of information, such as the user's name and their email address. But to ensure that they can't be created by someone else the program usually asks you to input random information, such as typing away on a keyboard, measuring the amount of traffic passing over a network, or waggling the mouse for a while.

Before they can actually use asymmetric cryptography, Alice and Bob must now exchange their public keys. Each of them sends a copy of their public key to the other. These are added to the key chains on their computers. Alice and Bob are now ready to go.

Alice creates the document she wants to send to Bob. She then, using her encryption program and a copy of Bob's public key, encrypts the document from plaintext into ciphertext. The only way it can be decrypted is using the private key held on Bob's computer. So Eve, or anyone else apart from Bob, can't get at this document no matter how hard they try, which means it's perfectly safe for Alice to send this document over the internet to Bob.

Obviously, the ciphertext needs to be turned back into plaintext. Bob also has a copy of the encryption software. So when he receives the ciphertext the program uses his private key to decrypt the document. Again, this takes a few seconds, but then he's got plaintext. Remember, he's the only person in the world with a copy of his private key, so he's the only one that can actually decrypt this document.

When Bob wants to send a message to Alice he uses his copy of her public key to encrypt the message. Alice uses her securely-stored private key to perform the decryption.

We've seen how asymmetric encryption is used in everyday practice. Now let's look at why it's secure. Remember, asymmetric cryptography uses two different keys – one to encrypt, another to decrypt.

Bob will give his public key to anyone who asks for it, but he always keeps his private key safe and secure. Alice has encrypted a document using Bob's public key and sent it to him over the internet. However, it's been intercepted by Eve, who not only has a copy of the ciphertext, but also a copy of Bob's public key. If Eve tries to decrypt the document using Bob's public key, she's in for a nasty surprise. Eve loads the ciphertext into her encryption program and then uses her copy of the public key to try and decipher it. She ends up with rubbish.

Remember, the document was encrypted with Bob's public key. It can only be decrypted with Bob's private key. And that safe and secure on his computer. No matter how hard Eve tries, she cannot decrypt this document using the public key. She will either have to steal Bob's private key, which is hopefully very secure, or she'll have to use brute force, which could take billions of years to find the correct key. The document is very, very secure.

End transcript

Download

 

Asymmetric cryptography, better known as public key cryptography, side-steps the key distribution problem as each user creates their own keys:

• the private key which they keep safe and never distribute
• the public key which can be sent to anyone with whom they want exchange encrypted information.

Together the two keys are known as a key pair, which is what was used by Alice and Bob.

Unlike symmetric encryption, the two keys behave differently; the public key is the only key that can decrypt ciphertext encrypted using the corresponding private key and the private key is the only key capable of decrypting files encrypted with the corresponding public key. Crucially, the value of one key cannot easily be determined from the other, so even if the public key falls into hostile hands, the value of the private key cannot be determined.

Public keys can be distributed using email attachments or through public key chain servers which act as distributors for large numbers of public keys. The creator of a public key uploads their key to the key chain server and it is freely available to anyone who wants to use it.

Although the mathematics behind public key cryptography is incredibly complex, the process of using it is relatively simple. To send a message using public key cryptography is simple. The sender obtains a copy of the recipient’s public key, either by email or from a key chain server, and uses it to encrypt the message. The resulting ciphertext is then sent to the recipient who uses their corresponding private key to restore the original plaintext.

Public key cryptography is popular because there does not have to be any initial secure exchange of secret keys for an encrypted message to be sent (remember, users only ever exchange their public keys). However, it is generally far slower than symmetric encryption; and because of a quirk in the underlying mathematics, traditional public key cryptographic techniques require far longer keys to offer the same level of protection as symmetric encryption.

A newer type of public key cryptography, known as ‘elliptic curve cryptography’, can be just as secure as symmetric encryption using similar key lengths.

In the next section you’ll discover why these encryption methods aren’t used to keep the internet more secure.

1.5 Why isn’t the internet encrypted?

Figure 4

Show description|Hide description

This is a screenshot of a web browser - our attention is drawn to 'https' at the start of a web address.

Figure 4

Crucially, one part of everyday life that is not routinely protected by cryptography is the internet itself. The majority of emails and web pages are sent in plain view and can be intercepted and read by a malicious third party.

In theory, the whole of the internet could be protected using cryptography, but this is unlikely to happen because it takes a certain amount of computer power to encrypt and decrypt information so there would be significant costs if it were to be used throughout. Also there are a range of web applications, such as reading news sites or browsing online shops, that do not involve any sensitive information and therefore do not need to use encryption.

Applications running over the internet selectively use cryptography for key tasks (such as processing payments for online shopping) and users may choose to use cryptography for additional purposes (such as securing email).

The data sent by many websites you visit is encrypted in transit. This is sometimes shown by a padlock symbol in the address bar of the web browser. You’ll learn more about this later in the course.

Review the list of digital information and online services you compiled in Week 1 of the course. Based on the threats you associated with each item in your list, think about some examples of how you could use cryptography to improve your security.

2 Putting cryptography to use

Figure 5

Show description|Hide description

In the background is a large image of a human eye. Overlaying this is a set of number ones and zeroes.

Figure 5

So far this week you have studied the basic cryptographic techniques that can be used to protect the confidentiality and integrity of your information. Now let’s examine how these techniques can be used in practice.

Transport-level encryption encrypts the text of the message between your device and the server that receives the data. One of the most common is STARTTLS. However, your messages may not be encrypted while sitting on a mail server.

End-to-end encryption ensures that the message remains fully encrypted all the way from the sender to the recipient.

Many websites, such as those for internet banking and online shopping, routinely use encryption to ensure that the data sent to and from your computer is safe from eavesdroppers. However, configuring the same technologies to protect activities such as email communication can be quite difficult because the tools involved are complicated to install and configure.

Most end-to-end encryption tools depend on a collection of cryptographic techniques, commonly called ‘Pretty Good Privacy’, PGP for short. PGP includes algorithms for symmetric and asymmetric cryptography. In order to help software vendors develop systems that can easily exchange encrypted information, a standard called OpenPGP was developed and agreed on by the Internet Engineering Task Force (IETF).

Some examples of tools available for encrypting emails include:

• GPG4Win – provides a set of standalone tools that can be used to encrypt and digitally sign emails, documents and other files. It provides some plug-ins to integrate these features into standard email software, such as Microsoft Outlook and Mozilla Thunderbird.
• GPGMail – this tool is designed to integrate with the Mail software provided by Apple. It can be used to both encrypt and digitally sign your email. It is easier to configure and use than the Windows tools, but is only useful if you use a computer running OSX.
• Enigmail for Thunderbird – this is a plug-in for the Thunderbird email client software that works across all operating systems. However, it requires manual installation of the GNUPG software, an open source implementation of the OpenPGP standard.
• Mailvelope – this is a browser plug-in that uses an implementation of the OpenPGP standard. It works with a variety of browsers and web-based email systems, such as Gmail or Yahoo Mail. However, there is a security problem with such web-based email systems. Although you may have encrypted the message from end to end, the details of the email address it is sent to, as well as who it is from, and the time the message was sent can be logged, and this metadata may compromise your security and that of the recipient.

A secure email service like Proton Mail or Tutanota can hide the metadata that links the sender to the recipient of the message.

In its most secure usage pattern, a user logs in to Proton Mail and leaves an email message for another Proton Mail user to log in and collect. The metadata about the users is never revealed and the message is also securely encrypted from end to end.

When the Proton Mail user sends an email to an external email address the metadata of the sender remains secure. Proton Mail sends an invitation to the recipient to view the encrypted message on the server. The mail service of the recipient may record that a message was sent by the Proton Mail server. If the user of Proton Mail uses the free service to send encrypted email to an outside email address they will have to send a key to the encryption to the recipient by some other means for the recipient to log in, such as a text message or phone call. This may reveal a link between sender and recipient.

A paid for service with Proton Mail allows use of PGP, so that a message can be sent to an external address using the recipients public key. No link need be created between the sender and recipient. However, the subject line isn’t encrypted.

In the next few sections we will explore an alternative way of using cryptography to protect your email communications.

2.1 Setting up a PGP email client

Figure 6

Show description|Hide description

Zoomed in shot of a computer screen with what looks like encrypted text.

Figure 6

This section is optional. You’ll need to be able to install software on the computer you are using for this course to complete this. If you’re not able to do this then please still read through the steps so that you understand the process.

1. Select one of the PGP email clients described in the previous section and explore how to set it up and use it to send mail encrypted with PGP.

   For example if you already use Thunderbird for your email client you could investigate the use of Enigmail. If you use Outlook for your emails you could investigate using Gpg4win. If you use a browser based email you can install a plugin from https://www.mailvelope.com/ en/

   Follow the instructions on the Mailvelope website.

2. One of the best ways to test sending and receiving encrypted emails is to use two separate, free, web-based email accounts and open each one in a different browser. For example, use Firefox for one and Brave for the other. Install Mailvelope in both Firefox and Brave and set up one email account in Firefox and a different email account in Brave

3. Now follow the Mailvelope instructions to create and send an encrypted email from one of your accounts to the other.

Disclaimer: The Open University and partners associated with this course have found this software to be robust at the time of checking. However, installing software is done at your own risk and The Open University and their partners cannot be held responsible for any resulting damage to your computer.

2.2 Sending signed and encrypted email

Below is an optional activity.

To find out more about Mailvelope’s features or get help with specific problems visit Mailvelope help.

In the last few sections you have explored what is involved in using cryptography to encrypt and sign email communications.

• What seemed to be the hardest parts of the process?
• What would you want to improve to make it easier?
• How does the use of Proton Mail or Tutonota compare with the use of Mailvelope or other secure email software?

You may find it useful to compare your experience with the instructions for one of the other tools mentioned in Section 2, Putting cryptography to use.

3 Comparing different cryptographic techniques

Figure 7

Show description|Hide description

This is an image of a fish.

Figure 7

The field of modern cryptography is steadily growing with its increased use in everyday life when surfing the internet, using your card in a cash machine etc.

There are hundreds of different cryptography schemes each with different applications, some of the most notable are described below.

3.1 Using cryptography to prove identity

Figure 8

Show description|Hide description

This is an image showing a a substantial number of numbers in rows, of different colours.

Figure 8

Cryptography isn’t just used to hide secrets, it can also be used to authenticate data sent on an insecure network – such as the internet. The process begins by checking that your copy of a piece of data is an exact match for the one you requested.

Figure 9

Show description|Hide description

This shows a number of letter and number combinations.

Figure 9

Each long line of numbers and letters on the left is a hash (in this case from a hashing program called SHA-1), the text on the right is the name of the file. If you download one of these programs, you can then run your own copy of SHA-1 on your download and obtain a hash – if your file exactly matches the original the two hashes will be identical.

A variation of a single bit of data between two otherwise identical files will result in vastly different hash values, so any edits to a file between two hashing operations will result in different hash values revealing that the data has been tampered with and should not be trusted.

A large number of hashing algorithms have been developed; the most widespread are algorithms called MD5, SHA-1 and SHA-2. Although MD5 and SHA-1 are in common use, both have been found to be flawed. Under certain circumstances ‘collisions’ can occur where two pieces of different data can generate the same hash value (albeit under specifically controlled conditions).

This weakness in the MD5 hashing algorithm has been used in malware targeting Microsoft Windows computers. Since neither algorithm can be guaranteed to generate unique hashes they can be considered ‘broken’ and should not be used. The United States government requires all hashes to be generated using the newer SHA-2 algorithm which has not shown any such weaknesses.

Next, you’ll find out how digital signatures and certificates use cryptography.

3.2 Digital signatures and certificates

Download this video clip.Video player: cyber_security_week5_video.mp4

Show transcript|Hide transcript

Transcript

NARRATOR:

We’ve already seen that exchanging encrypted documents using public key means that Alice and Bob each have to generate their own key pairs, comprised of a public key and a private key. Before they can exchange documents, they first need to send one another copies of their public keys. Then, Alice can send secrets to Bob by encrypting documents using Bob’s public key, and Bob can share secrets with Alice using her public key. But there’s more you can do with public key cryptography than just hiding secrets. It’s also possible to encrypt data using the private key, which might sound like a pointless thing to do.

After all, a file encrypted using Bob’s private key can be decrypted by anyone who has a copy of his public key. And Bob gives that away to anyone who asks, including evil Eve. So, if encrypting using the private key isn’t going to protect any secrets, what’s it for? Whilst the encrypted file can be decrypted by any copy of Bob’s public key, it can only have been encrypted by the corresponding private key. If Bob has obeyed the rules and not shared his private key, then the documents can only have come from Bob. Encrypting using the private key is therefore a way of authenticating data.

Now, anyone wanting data from Bob can download a copy of the encrypted document and a copy of his public key. They decrypt the file using the public key and can satisfy themselves the data is genuine. But it’s not quite as simple as that. Bob’s public key is only authenticated by his email address. If Eve can steal Bob’s email address, there is nothing to stop her generating new keys under Bob’s identity. Eve can now send false documents or malware in Bob’s name. Alice will open them, because she trusts Bob. Oh dear. Bob can prevent Eve impersonating him by certifying his public key.

Here, a so-called trusted third party, which can be another individual, a government, or a private company, will confirm that Bob’s key is genuine. To do this, Bob must prove his identity to them using personal information that isn’t readily available to Eve, such as his passport, business registration, or birth certificate. The certification body can either certify the public key itself or provide Bob with a digital certificate containing his public key.

As well as the holder’s public key, a certificate contains a unique serial number, the name of the certificate’s owner, the name of the agency that issued the certificate, the agency’s digital signature, proving it is authentic, the issue date of the certificate and the date it will expire, after which it can no longer be considered valid, and a hash value used to check that the certificate has not been altered since it was issued. As well as individual use, certificates are used to authenticate software downloads, such as those from app stores. Certificates are also used by websites who presents copies of their certificates to web browsers. The browser checks that the certificate is authentic, proving that the site is genuine.

If the certificate is invalid, the browser will warn the user they may be navigating to a page that has been hijacked, and it will offer them an opportunity to stop. Certificate holders have to be careful to renew their certificates before they expire. Otherwise, they might find users avoiding their websites or that their software downloads are not valid. This happened to Apple in November 2015, when millions of users could not update apps on their Macs. Fortunately, a new certificate was quickly issued, and everything worked again.

End transcript

Download

 

Hashing can show that data has not changed in transmission, but on its own cannot demonstrate that the data originated with its supposed author. To do that, a digital signature should be used.

Digital signatures use the sender’s private key to encrypt the hash. Previously, you learned how documents can be encrypted with a public key which can be used by anyone, but can only be decrypted using the corresponding private key known only to the owner.

Encrypting data using the private key isn’t suitable for securing secrets (as anyone with access to the public key could decrypt it). However, it is perfectly possible to encrypt a hash using the private key so that the hash can be decrypted and compared by anyone possessing the matching public key. This can be used to provide authenticity since the encrypted hash must have been produced by the holder of the private key – hence the name digital signature.

Case study 1: Alice and Bob

Imagine that Alice wants to send the company’s quarterly profit statement to Bob, who works in the financial markets, for public announcement. Both Alice and Bob want confidence that the quarterly profit statement has not been intercepted by Eve en route and altered.

Figure 10

Show description|Hide description

This is an illustration of how Alice would send her quarterly profit statement to Bob. It shows the different stages it would go through.

Figure 10

Alice will therefore produce a hash of the quarterly profit statement and then encrypt this with her private key to produce a digital signature. Alice will then include the digital signature with the quarterly profit statement and send this to Bob. Alice may also encrypt the quarterly profit statement and the encrypted hash with Bob’s public key so that all details of the message remain secret.

Upon receipt Bob will, if Alice sent the message encrypted with his public key, decrypt the message using his own private key. This will then reveal the encrypted digital signature. He will decrypt the digital signature using Alice’s corresponding public key to reveal the hash. Bob will then calculate a hash of the quarterly profit statement and then compare this with the encrypted hash that he received from Alice. If the hashes are the same then both Bob and Alice can be confident that the quarterly profit statement was not altered en route by Eve.

Digital signatures do not provide us with complete confidence of the author or originator. Just because a digitally signed document claims to come from a person or a company it doesn’t mean that it actually did, a malicious individual could masquerade as the sender by producing their own public/private key pair and using these to produce digital signatures.

Digital certificates help us overcome this problem. A digital certificate is a means of binding public keys to their owner. These are issued by Certificate Authorities (CAs) who validate the owners of public keys. The CA does this by validating (through various processes), the identity of the owner of the public key. Once it has done this it will bind the public key to a digital certificate and sign it using its private key to attest authenticity. The CA’s public key is available to all parties who need to validate the CA’s assertion of public key ownership.

However, digital certificates still require a chain of trust to confirm that the certificate belongs to the person or organisation that you think it does and have not been compromised. Criminals have been known to obtain certificates that were then used to sign software that included malware. Stolen certificates have also been used to sign malware. For example, the Stuxnet code was signed with certificates that belonged to Realtek Semiconductor and JMicron Technology Corp.

Note that scams are increasingly being reported where fake invoices are being sent to businesses, or a senior manager is being impersonated to persuade people in the business to make payments to the scammer’s account.

All businesses should ensure that all managers, directors etc. have private and public encryption keys, and that their public keys are stored and displayed locally to be used by everyone in the business.They must use their keys in order to sign and validate all non routine instructions for making payments. This is about the only way to avoid the scam reported by the BBC:

For the rest of the report see: https://www.bbc.co.uk/ news/ technology-49857948

3.3 Encrypted network connections

Figure 11

Show description|Hide description

This shows two people shaking hands (it shows their hands and part of their forearms only). There are symbols around them, for instance @, an envelope, a speech bubble and a padlock.

Figure 11

As you learned earlier, web traffic is not encrypted by default. Web pages pass as plaintext across the internet and are vulnerable to interception.

Obviously, this was a problem when companies first began to consider online shopping. At first companies had to ask customers to browse online and then make a telephone call so the company could accept credit card information.

The solution came in 1995 when the web browser pioneer Netscape announced the Secure Socket Layer (SSL) protocol, which has now been replaced by Transport Layer Security (TLS)), which allows web browsers to exchange secure data. It is supported by all modern browsers and allows confidential information to be exchanged over an insecure link.

3.4 How secure is your browsing?

Figure 12

Show description|Hide description

This shows a padlock with a combination lock, attached to a chain.

Figure 12

Web browsers have made it easy to determine if a website is using TLS/SSL by:

• Making all secure addresses begin ‘https://’ (rather than ‘http://’) with the s standing for ‘secure’. Examples include Gmail, at https://mail.google.com/; Google defaults to Google Safe Search at https://www.google.com/, which means that your search requests and results cannot be seen by others.
• Showing a closed padlock symbol in or near the top of your browser window.

4 Week 5 quiz

This quiz allows you to test and apply your knowledge of the material in Week 5.

5 Summary of Week 5

Figure 13

Show description|Hide description

This shows a number of coloured blocks, numbered either 0 or 1, on top of each other. This collection of blocks hovers over a laptop.

Figure 13

This week has focused on cryptography – a key security technique that allows you to ensure confidentiality and integrity of your data.

You have learned how to use cryptography tools to secure your email and can explain the use of cryptography in common applications, such as the world wide web. As a result, you should now be able to identify where you could use cryptography to improve the protection of your digital life. One example of this, the use of cryptography to protect computer networks, is the topic for the next week of the course.

You can now go to Week 6: Network security.

Acknowledgements

This course was written by Arosha K. Bandara.

Except for third party materials and otherwise stated in the acknowledgements section, this content is made available under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 Licence.

The material acknowledged below is Proprietary and used under licence (not subject to Creative Commons Licence). Grateful acknowledgement is made to the following sources for permission to reproduce material in this course:

Images

Figure 1 © Bletchley Park Trust (via Getty Images)

Figure 2 © Bob Lord - Licensed under Creative Commons Attribution-Share Alike 3.0 via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:Enigma-plugboard.tif#mediaviewer/File:Enigma-plugboard.tif

Figure 3 © agsandrew (via Shutterstock Photos)

Figure 5 © peterhowell (via iStock Photo)

Figure 6 © GlobalP (via iStock Photo)

Figure 7 © blackie (via iStock Photo)

Figure 10 © Wavebreak (via iStock Photo)

Figure 11 © choicegraphx (via iStock Photo)

Figure 12 © Vertigo3d (via iStock Photo)

Audio visual

2.1 and 2.2 © The Open University

Every effort has been made to contact copyright owners. If any have been inadvertently overlooked, the publishers will be pleased to make the necessary arrangements at the first opportunity.

Don't miss out:

1. Join over 200,000 students, currently studying with The Open University – http://www.open.ac.uk/ choose/ ou/ open-content

2. Enjoyed this? Find out more about this topic or browse all our free course materials on OpenLearn – http://www.open.edu/ openlearn/

3. Outside the UK? We have students in over a hundred countries studying online qualifications – http://www.openuniversity.edu/ – including an MBA at our triple accredited Business School.