Post on 03-Jan-2016
Cryptography
Lynn Ackler
Southern Oregon University
Information Assurance
Keep information in a known and trusted state that can be used appropriately.
NSA Information Security Model
Confidentiality
Integrity
Availability
Transm
ission
Storage
Processin
g
Tec
hnol
ogy
Pol
icie
s
Tra
inin
g
Information States
Cri
tica
l Inf
orm
atio
n C
hara
cter
isti
cs
Sec
urit
y M
easu
res
Cryptography – Introduction Chapter 1
Cryptography - Services– Confidentiality– Authentication– Integrity– Nonrepudiation
Encryption/Decryption
Render text unreadable– Plaintext – message to be scrambled– Encryption – scrambling the message– Ciphertext – scrambled message– Decryption – unscrambling the ciphertext
Cryptography
Cryptography• Art and science of encryption techniques• Cryptographers
Cryptanalysis• Art and science of braking encryption• Cryptanalysts
Cryptology• Branch of mathematics studing both
cryptography and cryptanalysis
Encryption/Decryption
Encryption Decryption
Plaintext CiphertextOriginalPlaintext
M
E(M) = C D(C) = M
C M
D(E(M)) = M
Keys(Magic decoder rings)
Secrecy by obscurity• Secret algorithm
Secrecy via a secret• Keys, usually a number kept secret• Algorithm is public and studied
Keyspace• Set of all possible keys• Should be big
Symmetric Key Cryptography
Key to encrypt is the same as to decrypt• Usually very fast• Problem is to distribute the key
Block ciphers/algorithms
Stream ciphers/algorithms
Encryption/Decryption
Encryption Decryption
Plaintext Ciphertext OriginalPlaintext
M
EK(M) = C D
K(C) = M
C M
DK(E
K(M)) = M
Key Key
Asymmetric Key Cryptography
Key to encrypt is different from the key to decrypt
• Usually very slow• Distribution is not a problem
Block algorithm only
Encryption/Decryption
Encryption Decryption
Plaintext Ciphertext OriginalPlaintext
M
EK1
(M) = C DK2
(C) = M
C M
DK2
(EK1
(M)) = M
EncryptionKey
DecryptionKey
Public - Key Cryptography
Two keys: – Public key– Private key
If one is used to encrypt the other must be used to decrypt.
Cryptanalysis
Break the encryption• Attack: a cryptanalysis attempt • Compromise: loss of a key
Standard Attacks
Cryptanalytic attacks• Ciphertext–only attack• Known–plaintext attack• Chosen–plaintetxt attack• Adaptive–chosen–plaintext attack• Chosen–ciphertext attacks• Rubber–hose attack
Ciphertext-only Attack
Ciphertext of several messages• Same key, hopefully• Same algorithm
Goals• Recover plaintext and/or key/keys
Example:• Encrypted hard drive
Known-plaintext Attack
Plaintext and Ciphertext of several messages are known
• Same key, hopefully• Same algorithm
Goals• Recover key/keys• At least recover the next messasge
Example• A collection of e-mails
Chosen-plaintext Attack
Plaintext and Ciphertext of several messages are known
Can have ciphertext for any chosen plaintext• Same key and algorithm
Goals• Recover the key• At least recover the next message
Example• Encrypted bank deposits to your account
Chosen-ciphertext Attack
Any Ciphertext can be decrypted • Same key and algorithm
Goals• Recover the key
Example• Breaking a tamper proof crypto box
Rubber Hose Attack
Uncooperative person
Goals• Recover the key• Recover password
Example• Any one with a secret
Technique• Sex, Money and Pain
Security of Algorithms
If the cost to break is greater than the value of the data, you are probably safe.
Not always though.
Seti at home
Categories of Breaks
Total breakAlgorithm and key is deduced
Global deductionAn alternative algorithm is found
Local deductionThe plaintext is found for a single intercepted
ciphertext
Information deductionFormat of plaintext, a few bits of the key, etc.
Security Levels
Unconditionally secure• One time pad
Conditionally secure• Brute force attack• Computationally secure
Steganography
Data hiding in plain sight.
Often is not invariant under data compression.
Substitution Ciphers
Alphabet substitution• Monoalphabetic – letter for letter• Homophonic – one or more for a letter• Polygram – block for block• Polyalphabetic – multiple simple substitutions
Substitution algorithms• Caeser Cipher – rotate n mod 26• Modulo arithmetic• Lookup tables
Transposition Cipher
Plaintext in rows
Ciphertext from the columns
t h e q u i c k b r o w n
f o x j u m e d o v e r
t h e l a z y d o g
Ciphertext: t hfteoh xeq ujliuacmz key d b d rooovgwe nr
Simple XOR
XOR: '^' in C, in mathematics 0 0 = 0
0 1 = 1
1 0 = 1
1 1 = 0
Note:a 0 = a
a a = 0
(a b) b = a
Simple XOR Encryption
Key: K
Messag: M
Ciphertext: C = M K
Message: M = C K = (M K) K
= M (K K) = M
One-Time Pads
The one time pad is a substitution cipher with a very very long random substitution key.
Statistically it is perfectly secure.
One-Time PadsProblems
The key must be a random sequence of characters.
The pad can be used only once.
Both parties must have the exact same pad.
If one character is dropped everything afterward is lost.
One-Time PadsUses
Low bandwidth communication.
Ultra secure communication.
Forever secure.