How Encryption Works
※ Download: Public key cryptography
However, there are design approaches that can reduce the practical chance of this occurring. Moreover, it is virtually impossible to deduce the private key if you know the public key.
Unlike symmetric key algorithms that rely on one key to both encrypt and decrypt, each key performs a unique function. In addition, some requests need to be approved by authorized administrators or managers before being services. We recommend doing this activity as a teacher demonstration in the interest of time.
public-key encryption - Example: When John wants to send a secure message to Jane, he uses Jane's public key to the message. Although frequency analysis can be a powerful and general technique against many ciphers, encryption has still often been effective in practice, as many a would-be cryptanalyst was unaware of the technique.
Overview This is a big multi-part lesson that introduces the concept of public key cryptography which is an answer to the crucial question: How can two people send encrypted messages back and forth over insecure channels the Internet without meeting ahead of time to agree on a secret key? All parts are building blocks that lead to deeper understanding of how it works. Purpose This is a fairly hefty lesson because the underlying ideas are subtly quite sophisticated. It's worth noting that much of the material here - all but the highest level takeaways - are beyond the scope of what's covered on the AP exam. Students need to know the basic public key encryption process, and what asymmetric encryption is. For programming they need to know how the modulo operation works. Our purpose here is to reveal some of the magic that happens every day on the Internet to enable secure transactions. To many the fact that encrypted messages can be sent between parties who have never met before is both taken for granted and opaque. Our belief is that understanding how it works with some depth - getting to experiment with the mathematical principles that make asymmetric keys possible, and the resulting encryption hard to crack - is deeply satisfying. The widget in the lesson mimics the RSA encryption algorithm with smaller numbers and slightly easier mathematics. Preparing for these activities the first time will take some time. Once you've been through it once, the activities actually go quicker than you might expect. Please make a copy of any documents you plan to share with students. It uses an asymmetric encryption scheme in which the encryption key is made public, but the decryption key is kept private. Getting Started 5 mins How do you get the encryption key? Goal: Realize the difficulty of the problem. No form of symmetric encryption will work. There is no way for parties to establish a shared key without agreeing ahead of time in a way that secures it from an observer. Hopefully some students will recall from the video in the last lesson the ideas of using different keys - one to encrypt data and one to decrypt it. Recall asymmetric keys were mentioned in the cryptography video. Today we're going to dig in a little bit deeper to how this idea of using different keys actually works. The ideas behind how it works are sophisticated, and so to get a deeper understanding we're going to do a series of short activities that stringing together several different ideas, bringing them all together in the end. Remind students - we're still a ways from the real thing but we're taking baby steps to string ideas together. We recommend doing this activity as a teacher demonstration in the interest of time. You can have students work through an activity guide that explains it as well. It will take more time. Materials: Cups and Beans - enough for a demonstration or for groups of 3, if running as student activity Display: You may want to display a picture of a jar full of candies to give a visual for the analogy you're about to explain. What took place of the public key? If, for example, you use 12 as a modulus then any result must be in the range 0-11 since those are the only possible remainders. Similarly, no matter how many hours you count off on a traditional analog clock, there is a limited number of hours 1-12 that the hour hand can be pointing to. Teacher Guide: Use the Here is a summary: Materials: two pictures of analog clocks - one with hour hand at 4:00 and another at 3:00. Display: picture of clock at 4:00. You can use this rather than pictures if you like. Step 3: The Mod Clock Widget and Multiplication + Modulo You cannot solve it like a typical equation in math class because there are many equations. Student do the activity: students should work with a partner to work through the problems on the activity guide. Circulate as students work. Make sure that they are trying out the problems given which ask them to try to guess numbers. They should also be using the Mod Clock to check their results. Group: Put students into groups of 2 to play just Alice and Bob initially. Summary: Use the teacher guide, but here is a summary for reference: The clock size limits the range of values - the secret numbers that Bob and Alice use are confined to the output range of the mod clock. For example: if the clock size is 13, then Bob can only send a secret number in the range 0-12. If the clock size is 253 then the secret values can be 0-252. Make sure to point out the similarities and differences between using this widget and cups and beans. Communicate by just speaking out loud. Exchange roles at least once. Verify that you can encrypt and decrypt messages. Display Eve's screen in the widget. See how long it takes and what makes it hard. As you play with the widget can you figure out why it works? Why can Alice decrypt the message but Eve can't? Try this out for a few rounds and see if you get a sense for why it works. Encourage students here to play with small values so the can get a sense of the relationships between the numbers. Discuss: Let's problem solve! The widget right now only lets you send one secret number at a time. Furthermore, it's kind of slow - it requires multiple trips over the internet to send one message. What's the fastest way you could use this tool or any public key encryption to send a secure text message? Give students a moment to discuss and brainstorm. In other words, only use the slower, multi-trip public key cryptography for the purpose of establishing a secret key to use in some other encryption method. Once established it uses a much faster encryption method for sending everything else. Optional Discussion: According to the widget look at what Eve has to compute to crack Alice's private key. This reveals how Alice's public key was computed based on her choice of clock size and private key. It was computed to make the math in the end work out. That's all they need to know. Prime factorization is much harder computational problem to solve than our little multiplication+mod problems here. It means any person can send any other person a secret message transmitting information over insecure channels! A lot of the activities, analogies and tools were in service of getting to some deep ideas about encryption and how it works. Ultimately, exposure to those deep ideas is helpful, but the actual facts that students need to know about Public Key Encryption are few. Prompt: We just spent a lot of time learning about Public Key Cryptography through a bunch of different analogies, tools and activities. And what you've been exposed to mimics the real thing pretty closely. But what are the essential elements? Let's do a brain dump! List out what you think are the most important or crucial elements of Public Key Cryptography that you've learned. Give students a few minutes to jot down their lists. Then share to the whole group. Many valid points and ideas may emerge. There are some more detailed ideas about Public Key Cryptography that are interesting but not crucial for the AP Exam. In asymmetric encryption different keys are used to encrypt and decrypt. Give at least one reason more are welcome why asymmetric encryption is useful. What is the private key? What is the unencrypted and encrypted message? Can you think of a one-way function in real life? You may use the analogy of a clock in your answer if you like. But all parts are necessary building blocks that lead to an answer to the crucial question: How can two people send encrypted messages back and forth over insecure channels the internet without meeting ahead of time to agree on a secret key? The answer explains what Public Key Cryptography is and how it works. In a nutshell, there are two main principles you need to understand, that we try to lead students through in this lesson: Principle How we cover it in the lesson 1. Unit 4: Lesson 07 - Public Key Cryptography Background Public Key Cryptography allows two people who have never met, and who haven't agreed on a shared key, to send encrypt messages that only they can read, using only insecure channels. Arithmetic can be used to encrypt a message which only an intended recipient can decrypt and read. Using a public key and private key, messages can be encrypted and transmitted securely even if the message itself and the method used to encrypt it are both public. Modulo gives the remainder from dividing two numbers. For example: 17 MOD 13 is 4. However, only when combined with a mathematically-related private key, can the message be decrypted. Modulo The mathematical operation modulo is the remainder after dividing two whole numbers. We can visualize this idea as trying to count up to some number using a clock and seeing where the hand ends up. Then how much do I need to add to 36 to make it 43? Answer: 7 - that's the remainder. Using the Modulo Clock You get to set two values - a number and the clock size. Public Key Crypto Widget Instructions You may want to put these student instructions up on the screen at the front of the room. You may also want to demonstrate with 3 students how it works to show that it is similar to the Cups and Beans activity. The widget is NOT networked in any way - the widget does not actually send messages to your partners. It is a standalone app that guides you through public key encryption process based on the character you chose. Where are these numbers coming from? There is no way to figure it out besides trial and error. It might take a little while to convince yourself this is true. Background On the next page is the public key crypto widget. This widget will use numbers and math to do public key encryption, but it's important to understand that the mechanics of what you're doing are basically the same as the cups and beans activity The Goal just as before, is for Bob to send Alice a secret number. But for that to happen Alice actually has to act first to create a public key for Bob to use. Both are publicly known. L3A:9 - Explain the principles of security by examining encryption, cryptography, and authentication techniques. L3B:5 - Deploy principles of security by implementing encryption and authentication strategies. L3B:2 - Explain the value of heuristic algorithms to approximate solutions for intractable problems. L3B:3 - Critically examine classical algorithms and implement an original algorithm. L3B:4 - Evaluate algorithms by their efficiency, correctness, and clarity. L3B:5 - Use data analysis to enhance understanding of complex natural and human systems. Computer Science Principles 4. In these cases, heuristic approaches may be helpful to find solutions in reasonable time.
The general idea of provable security is to give arguments about the computational difficulty needed to compromise some security aspect of the cryptosystem i. The following facts and statistics capture the changing landscape of cloud computing and how service providers and customers are keeping up with. Keys are important both formally and in actual practice, as ciphers without variable keys can be trivially broken with only the knowledge of the cipher used and are therefore useless or even counter-productive for most purposes. Modulo gives the remainder from dividing two numbers. The critical advantage in an asymmetric key system is that Bob and Alice never need to send a copy of their keys to each other. Now, every time you push code to GitHub, it signs the request with your private key, which GitHub authenticates by using your public key. The rules governing the construction of DNs can be quite complex and are beyond the scope of this document. public key cryptography Hence, it is necessary to represent the plaintext as a series of numbers less than n. public key cryptography In 1977, a generalization of Cocks' scheme was independently invented byandall then at.
