7. Communiquer sur Internet Utiliser et analyser les données & l'information

Cryptographie: Sécuriser Internet

Durée estimée: 45 minutes

Introduction

This lesson focuses on the modern cryptographic systems that are used to secure the Internet. For all of the ciphers discussed in the lesson on Cryptography Basics, the same key was used both for encrypting and decrypting messages. Systems that use the same key for both encryption and decryption are called symmetric ciphers.

Symmetric ciphers have a serious flaw, known as the key exchange problem: How can Alice and Bob securely exchange the shared key needed to encrypt and decrypt their messages. Hopefully, you can see that sending the shared key across the Internet in an email message would not be a very secure system -- Eve could easily intercept the key, without Alice and Bob knowing, and would then be able to read all their messages.

What's needed in order for cryptography to work on the Internet is an asymmetric system, in which the key can be broken into parts so that one key can be used for encrypting and another for decrypting without ever having to share a key. Such systems are examples of public key cryptography and we will look at two important algorithms, the Diffie-Hellman key exchange algorithm and the Rivest-Shamir-Adelman (RSA) public key cryptography algorithm.

The discovery of a solution to the key exchange problem was one of the biggest breakthroughs in modern cryptography -- and without this discovery it would simply be impossible to have an Internet today that we could use for banking, buying goods on Amazon, and so on.

Public key cryptography is a very technical topic, the mathematical details of which go beyond the scope of this course. However, it's important that you understand the basic ideas around how it works and are able to see that current cryptographic systems can be trusted to secure our private transactions on the Internet.

Doubly Locked Box Analogy

This video shows one helpful model for public key encryption, a doubly-locked box, in which Alice and Bob each have their own keys, both of which are used to securely transmit information.

Part 1: Diffie-Hellman Key Exchange Algorithm

This video (slides here) includes video clips from Brit Cruise's great explanation of the Diffie-Hellman key exchange algorithm. After watching the video, try using the widget below to play with the color-mixing analogy.

Activity: Diffie-Hellman Exchange Secret Color Demo

This Web app provides an implementation of the color-mixing analogy presented in the Brit Cruise video. You can select a shared public color and then your own private (secret) color. When you click "Show Shared Secret!" the app will display the secret color that it shares with you.

Give it a try. Colors are represented by hexadecimal numbers as explained in the sidebar.

In the RGB system colors are represented by 6-digit hexadecimal numbers, where the first two digits represent the amount of red, the next two represent amount of green, and the last two represent amount blue. Pure red is FF0000, where FF is the maximum amount of red (equal to 255 in decimal). Pure green would be 00FF00. If you mix lots of blue and green, 00FFFF, you should get aqua. If you mix lots of red with some green, FF8500, you should get orange.

Part 2: RSA Public Key Encryption

The Rivest-Shamir-Adleman (RSA) algorithm is the most widely used public key encryption algorithm for securing the Internet. Like Diffie-Hellman, it is an asymmetric cipher, in which the key is broken into two related parts using mathematical techniques. And also, like Diffie-Hellman, it depends on the use of a one-way function -- i.e., a mathematical function that is easy to compute in one direction, but intractable to compute in the other.

The following video (slides here) provides a high-level description of RSA without out going too deeply into the mathematical details.

Part 3: Securing the Internet

Now that we have some understanding of the algorithms used to encrypt data, we can take a look at how these algorithms work together in the system that secures the Internet. The following video (slides here) describes the type of communication that takes place behind the scenes when the browser on your phone or tablet or laptop computer makes a secure connection to Amazon or Google or some other Internet service.

Self-Check

Here is a table of some of the technical terms discussed in this lesson. Hover over the terms to review the definitions.

symmetric cipher
asymmetric cipher
key exchange problem
public key cryptography diffie-hellman
rsa
HTTPS
SSL certificate authority
digital certificate
trust model
intractable

1 point

An asymmetric cipher________________

is exemplified by RSA and Diffie-Hellman.

was first discovered by Euclid 5 B.C.

Uses different keys for encryption and decryption.

Can be used to solve the key exchange problem.

1 point

One one-way function ________________

is a mapping from a integers to alphabetic characters.

is a mathematical function that converts characters into numbers.

is a mathematical function that is easy to compute one time only.

is a function that is easy to compute in one direction but hard to compute in the other.

1 point

The HTTPs protocol _______________.

is an example of an open standard.

uses public key encryption to exchange a symmetric key between a user's browser and a server.

uses a symmetric cipher to encrypt data between a user's browser and a server.

uses a Certificate Authority to authenticate the identity of the server during the transaction.

Sample AP CSP Exam Question

1 point

Which of the following are true statements about digital certificates in Web browsers?

I. Digital certificates are used to verify the ownership of encrypted keys used in secured communication.

II. Digital certificates are used to verify that the connection to a Web site is fault tolerant.

(A) I

(B) II

(D) Neither I nor II

Still Curious?

Brit Cruise has made an entire series of videos explaining encryption. If you're curious about some of the mathematics involved, see his full videos on Diffie-Hellman and RSA.
The Khan Academy has incorporated the Cruise videos into an excellent interactive course on Cryptography, from the Caesar cipher to public key encryption.
The history of cryptography is very interesting story of the battle between cryptographers, those who create ciphers, and cryptanalysts, those who try to break ciphers. Until the 1990s cryptographic algorithms were the considered armaments by the U.S. government and it was widely believed that the National Security Agency (NSA) could break all existing ciphers. That's no longer believed to be true. Today, strong cryptography is available to us on our smart phones. But we still see the battle playing out between the government and private individuals and corporations over whether the government should have access to the keys that protect the data on our phones. If you're curious about this, see this article on the dispute between Apple and the FBI.

Reflection: For Your Portfolio

Create a new page named Cryptography: Securing the Internet under the Reflections category of your portfolio and write brief answers to the following questions.

Explain in your own words how public key encryption is not symmetric.
Cryptography relies on open standards - protocols or standards that are publicly available. Diffie-Hellman and RSA are all open cryptographic standards. Why is it necessary to use open standards in cryptography? (Hint: consider the need for public keys)

Page précédente

Page suivante