Some Cryptic Ramblings

Notes

We have seen RSA
- A public key/private key encryption method
- A block encryption method
- So it is good for small block messages
- Less good for large stream messages.
For general encryption AES or a similar system is used
- This has a shared key: ie you can encrypt and decode with the same key
- It is still a block cipher.
- But uses up to a 256 bit key
- We will not look into AES further right now.
The problem with a shared key system is the key exchange.
So we use a system like RSA or the Diffie Hellman exchange.
- Published in 1976
- Select two (large) numbers p and g
  - p is prime and g has a special relation to p. (g is a primitive root modulo p)
  - Person one selects an integer a, and A = g^a % p
  - Person two selects an integer b, and B = g^b % p
  - The two exchange A and B,
  - Each computes s = B^{a^{% p = A^b % p}}
  - s is a shared secret key
Ok why do we care?
Network connection
I want to connect from a client to a server
- By default all network communications are in plain text.
  - Ie in a login connection, the commands the user typed were just sent across the network
  - And the results of the command were sent as well.
- This is bad because with telnet (an old protocol)
  - The first thing exchanged was the username
  - The next thing exchanged was a password, in plain text.
  - Anyone listening to the wire, which was possible, could intercept this exchange
  - And know the uername and password for the user.
An ssh session
- SSH (the secure shell) is the replacement for telnet.
- It uses something like Diffie-Hellman or RSA to establish a shared key
- This value is used for identification verification in future connections.
- It stores the results of this key exchange in .ssh/known_hosts
- It uses something like AES to encrypt the session
- Then all commands from the client encrypted
  - encrypted with the session key
  - Sent to the server
  - Decoded
- And the opposite happens with messages from the server
A few things you will note
- The saved signature is to prevent someone from replacing the server/client with a machine with the same name/ip in the future
  - It warns you of this the keys change.
  - This will happen, for example, when the OS is upgraded.
- SSH uses a trust-on-first-use mechanism for establishing the initial connection
  - But it does warn you.