Cryptography

Lynn Ackler

Southern Oregon University

Information Assurance

Keep information in a known and trusted state that can be used appropriately.

NSA Information Security Model

Confidentiality

Integrity

Availability

Transm

ission

Storage

Processin

g

Tec

hnol

ogy

Pol

icie

s

Tra

inin

g

Information States

Cri

tica

l Inf

orm

atio

n C

hara

cter

isti

cs

Sec

urit

y M

easu

res

Cryptography – Introduction Chapter 1

Cryptography - Services– Confidentiality– Authentication– Integrity– Nonrepudiation

Encryption/Decryption

Render text unreadable– Plaintext – message to be scrambled– Encryption – scrambling the message– Ciphertext – scrambled message– Decryption – unscrambling the ciphertext

Cryptography

Cryptography• Art and science of encryption techniques• Cryptographers

Cryptanalysis• Art and science of braking encryption• Cryptanalysts

Cryptology• Branch of mathematics studing both

cryptography and cryptanalysis

Encryption/Decryption

Encryption Decryption

Plaintext CiphertextOriginalPlaintext

M

E(M) = C D(C) = M

C M

D(E(M)) = M

Keys(Magic decoder rings)

Secrecy by obscurity• Secret algorithm

Secrecy via a secret• Keys, usually a number kept secret• Algorithm is public and studied

Keyspace• Set of all possible keys• Should be big

Symmetric Key Cryptography

Key to encrypt is the same as to decrypt• Usually very fast• Problem is to distribute the key

Block ciphers/algorithms

Stream ciphers/algorithms

Encryption/Decryption

Encryption Decryption

Plaintext Ciphertext OriginalPlaintext

M

EK(M) = C D

K(C) = M

C M

DK(E

K(M)) = M

Key Key

Asymmetric Key Cryptography

Key to encrypt is different from the key to decrypt

• Usually very slow• Distribution is not a problem

Block algorithm only

Encryption/Decryption

Encryption Decryption

Plaintext Ciphertext OriginalPlaintext

M

EK1

(M) = C DK2

(C) = M

C M

DK2

(EK1

(M)) = M

EncryptionKey

DecryptionKey

Public - Key Cryptography

Two keys: – Public key– Private key

If one is used to encrypt the other must be used to decrypt.

Cryptanalysis

Break the encryption• Attack: a cryptanalysis attempt • Compromise: loss of a key

Standard Attacks

Cryptanalytic attacks• Ciphertext–only attack• Known–plaintext attack• Chosen–plaintetxt attack• Adaptive–chosen–plaintext attack• Chosen–ciphertext attacks• Rubber–hose attack

Ciphertext-only Attack

Ciphertext of several messages• Same key, hopefully• Same algorithm

Goals• Recover plaintext and/or key/keys

Example:• Encrypted hard drive

Known-plaintext Attack

Plaintext and Ciphertext of several messages are known

• Same key, hopefully• Same algorithm

Goals• Recover key/keys• At least recover the next messasge

Example• A collection of e-mails

Chosen-plaintext Attack

Plaintext and Ciphertext of several messages are known

Can have ciphertext for any chosen plaintext• Same key and algorithm

Goals• Recover the key• At least recover the next message

Example• Encrypted bank deposits to your account

Chosen-ciphertext Attack

Any Ciphertext can be decrypted • Same key and algorithm

Goals• Recover the key

Example• Breaking a tamper proof crypto box

Rubber Hose Attack

Uncooperative person

Goals• Recover the key• Recover password

Example• Any one with a secret

Technique• Sex, Money and Pain

Security of Algorithms

If the cost to break is greater than the value of the data, you are probably safe.

Not always though.

Seti at home

Categories of Breaks

Total breakAlgorithm and key is deduced

Global deductionAn alternative algorithm is found

Local deductionThe plaintext is found for a single intercepted

ciphertext

Information deductionFormat of plaintext, a few bits of the key, etc.

Security Levels

Unconditionally secure• One time pad

Conditionally secure• Brute force attack• Computationally secure

Steganography

Data hiding in plain sight.

Often is not invariant under data compression.

Substitution Ciphers

Alphabet substitution• Monoalphabetic – letter for letter• Homophonic – one or more for a letter• Polygram – block for block• Polyalphabetic – multiple simple substitutions

Substitution algorithms• Caeser Cipher – rotate n mod 26• Modulo arithmetic• Lookup tables

Transposition Cipher

Plaintext in rows

Ciphertext from the columns

t h e q u i c k b r o w n

f o x j u m e d o v e r

t h e l a z y d o g

Ciphertext: t hfteoh xeq ujliuacmz key d b d rooovgwe nr

Simple XOR

XOR: '^' in C, in mathematics 0 0 = 0

0 1 = 1

1 0 = 1

1 1 = 0

Note:a 0 = a

a a = 0

(a b) b = a

Simple XOR Encryption

Key: K

Messag: M

Ciphertext: C = M K

Message: M = C K = (M K) K

= M (K K) = M

One-Time Pads

The one time pad is a substitution cipher with a very very long random substitution key.

Statistically it is perfectly secure.

One-Time PadsProblems

The key must be a random sequence of characters.

The pad can be used only once.

Both parties must have the exact same pad.

If one character is dropped everything afterward is lost.

One-Time PadsUses

Low bandwidth communication.

Ultra secure communication.

Forever secure.