Excursus 01

Upload
francescopistolesi 
Category
Documents

view
29 
download
0
Embed Size (px)
description
Transcript of Excursus 01

The art of secret writing
A.A. 2010/2011 1
Cryptography Part I
Principles and Methods
michele elia
Politecnico di Torino

The art of secret writing
A.A. 2010/2011 2
Introduction
A complex telecommunications system connects any place, at any time, in any condition.
Tele or e are roots for so many activities that were unthinkable few years ago:
 Teleworking ework
 Teleteaching eteaching
elearning
 Teleeconomy ecommerce
In the lovely Global village of Marshall Mcluhan, the print revolution has been
surpassed and squeezed out by the erevolution.

The art of secret writing
A.A. 2010/2011 3
Two remarks
1) The expansion of telecommunication
systems has been accelerated and
dominated by the advent of the digital, and
the conversion to full digital is practically
complete.
An historical mark year will be 2012 when
analog TV will dismissed in EU.

The art of secret writing
Two remarks
2) Electric signals are ubiquitous in the world, they travel unprotected though
conveying vital information for
the army,
the trading,
the economy,
the social life (bureaucracy, health system)
the production systems.
A.A. 2010/2011 4

The art of secret writing
A.A. 2010/2011 5
In this digital world security is of fundamental importance dealing
with information, specifically for:
 Transmission of Information
 Transformation of Information
 Use of Information
in each case SECURITY is
UNAVOIDABLE.

The art of secret writing
A.A. 2010/2011 6
A list of applications includes:
Telephone: the oldest ecommunication system
(together with the telegraph) requires
confidentiality
email: the ecommunication counterpart of
the traditional paper mail requires
confidentiality and signature
Commerce online: a form of selling developed
with the Internet, needs
confidentiality, authentication and signature

The art of secret writing
A.A. 2010/2011 7
A list of applications (Continuation)
Teleworking: the new economy tends to move
the work instead of the workers, and needs
confidentiality and authentication
Access control: distributed access to data base
and computing resources need
confidentiality, authentication and signature
Ebooks and Elibraries, a today reality, need
confidentiality, authentication and signature
Medical records: patient status, medical data and
therapy information need
confidentiality and authentication

The art of secret writing
A.A. 2010/2011 8
A list of applications (Continuation)
Public and private data bases with peoples personal and biographical data, and other sensitive data, need
confidentiality
Wireless systems: cell phones, burglar alarms, car
locks need
authentication and/or confidentiality and signature
Teaching: use of Internet and its facilities is changing
the traditional teaching paradigm.
Eteaching and Elearning will be the usual way to
distribute knowledge, and may need
authentication and signature

The art of secret writing
A.A. 2010/2011 9
Information protection
What to protect: Existence of message
Content of message
Message
Why to protect: Confidentiality
Authenticity
Integrity  Availability
Tracking
How to protect: CRYPTOGRAPHY
STEGANOGRAPHY

The art of secret writing
A.A. 2010/2011 10
Information security is achieved through:
Principles: Objectives, Axioms
Methods: Algorithms, Mathematical tools
Means: Protocols, Technology

The art of secret writing
A.A. 2010/2011 11
The transformation principle typical of any enciphering
scheme was known to Julius Caesar 2000 years ago
The Caesar cipher consisted in
a shift of three positions so that
plaintext Awas encrypted as
ciphertext D

The art of secret writing
A.A. 2010/2011 12
The transformation principle typical of any enciphering
scheme was known to Julius Caesar 2000 years ago
Encryption is described in mathematical terms:
letters are encoded using numbers
A > 0 , B > 1 Z > 26shift is the secret KEY 3
encryption is the addition operation modulo 26
A > 0+3=3 > D

The art of secret writing
A.A. 2010/2011 13
In this method, using modern mathematical notations,
two fundamental operations are evident: encoding and transformations
Encoding: each letter is converted into a number of Z26,the set of remainders modulo 26
Transformation: the number 3, the secret key, is added
modulo 26 to change each code plain number into a cipher number
Inverse transformation: the number 3 is subtracted
modulo 26 to change each cipher number into a code
plain number
Decoding: each plain number is converted back a letter

The art of secret writing
A.A. 2010/2011 14
the Caesar cipher
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
A B C D E F G H I J K L M N O P Q R S T U V X Y W Z
D E F G H I J K L M N O P Q R S T U V X Y W Z A B C
A SHIFT of t positions of a letter is equivalent to the operation
of summing t modulo 26 to the letter code number

The art of secret writing
A.A. 2010/2011 15
Example
text B R I X E N
1 17 8 23 4 13
encryption +
key 3 3 3 3 3 3
=
4 20 11 0 7 16
cipher E U L A H Q

The art of secret writing
A.A. 2010/2011 16
The example shows a technique known as a simple substitution cipher,
although the mathematical description contains all the ingredients for
perfect enciphering as defined by Shannon
m1 m2 m3 m4 mi
e = m + k mod N
m = e  k mod N
+
km e

The art of secret writing
A.A. 2010/2011 17
The theoretical paradigm was provided by Claude Elwood Shannon in
his paper
Communication Theory and Secrecy Systems,
BSTJ, vol. 28, 1949, p.656715,
where enciphering is viewed as a noisy transmission process
Mutual information is used to define perfect encryption
S
Textchannel U
Cipher
Noise
KEY

The art of secret writing
A.A. 2010/2011 18
S: source alphabet U: cipher alphabet K: key alphabet
Joint probability distribution: KkUuSskusp ,,},,{
}{}{
},{ln},,{),(
,, kupksp
kuspkuspKUSI
KkSsUu
}{
1ln},{)(
, kspkspKUH
KkSs

The art of secret writing
A.A. 2010/2011 19
Mutual Information Properties
I(S,UK) = H(SK)H(SU,K) = I(U,SK)
I(U,SK) = H(UK)H(US,K)
I(S,UK) = H(SK)+H(UK)  H(SUK)

The art of secret writing
A.A. 2010/2011 20
Encryption and Mutual Information
Encryption transformation
u=s+k=f(s,k)
I(S,U) = H(U)  H(US) = H(U)H(K)
I(S,UK) = H(UK)  H(US,K) = H(UK)
Since u=f(s,k) implies
H(US) = H(K)
H(US,K) = 0

The art of secret writing
A.A. 2010/2011 21
Shannons Conditions for Perfect Encryption:
I(S,U) = 0
I(S,UK) = H(S)
I(S,U) = H(U)H(K) > H(U) = H(K)
I(S,UK) = H(UK) > H(UK) = H(S)
H(K) = H(U) and H(UK) = H(S)

The art of secret writing
A.A. 2010/2011 22
H(K) = H(U)
The key length must be equal to message length
 This condition is satisfied by the Caesar cipher
if message length is one symbol.
 Looking at the whole transmission balance,
perfect encryption is achieved only with
net transmission rate equal to .
 Practical limits impose a short key length.
Shannon perfect encryption is impossible
in real life.

The art of secret writing
A.A. 2010/2011 23
H(K) = H(U)
The key used to encrypt is the same used to
decrypt. This paradigm is usually called
Symmetric cryptographic scheme
(Symmetric cryptography)
The same name denotes the practical schemes
based on mechanisms that generate
long keys from short keys
that is, mechanisms that generate streams
of the same length of the message.

The art of secret writing
A.A. 2010/2011 24
Shannon Communication Channel with private key
Perfect Secrecy: Net transmission rate 1/2
U
cipher Public channelU
cipher
Secret channel
S
text
K
key
K
key
R
text

The art of secret writing
A.A. 2010/2011 25
Binary alphabets
If entropy is measured in bits and binary symbols are
equally probable, then entropy is numerically the length
of a binary string
Key length Lk is of finite size
Message length LM increases with time.
The difference
D=H(U)H(K)=LMLkgrows unbounded as LM increases.

The art of secret writing
A.A. 2010/2011 26
Confidentiality achieved with secret keys enciphering
guarantees message authenticity
In summary, symmetric cryptographic schemes achieve
a) confidentiality: the content of a
message is disclosed only to the
intended recipient
b) authenticity: the message has been
originated only by the intended sender

The art of secret writing
A.A. 2010/2011 27
The first modern book on cryptography was a Manuale published in 1378
by Gabriele de Lavinde da Parma working for the antipope Clement VII.
In 1466, Leon Battista Alberti published
De Componendis Cyfris, in which he
described the first cipher disk and
conceived the notion of polyalphabeticity.

The art of secret writing
A.A. 2010/2011 28
Message
If a number a divides the difference
of the numbers b and c,b and c
are said to be congruent relative to a
Encrypted Message
F3BISADTLGP3PGTGAOVQ
ZZZAGAE4I3CRBIOCGOR1
DOZBVIXZBADCNEVBQIXC
LOPM3ZAGX3LIBE4L1LS4
G
Leon Battista Alberti formula (encrypting machine)A.D. 1466

The art of secret writing
A.A. 2010/2011 29
Polyalphabetic ciphers, better known as Vigener ciphers, were described in
Trait des Chiffres (1586) by Blaise de Vigener.
In 1863, the cryptanalysis of Vigener ciphers
appeared in
Die Geheimschriffen und die Dechiffris kunst
by Friedrich W. Kasiski.
In 1930
Manuale di Crittografia
was published by General Luigi Sacco

The art of secret writing
A.A. 2010/2011 30
Vigener TABLE
ABCDEFGHIJKLMNOPQRSTUVXYWZ
LMNOPQRSTUVXYWZABCDEFGHIJK
IJKLMNOPQRSTUVXYWZABCDEFGH
DEFGHIJKLMNOPQRSTUVXYWZABC
IJKLMNOPQRSTUVXYWZABCDEFGH
ABCDEFGHIJKLMNOPQRSTUVXYWZ
Secret key: LIDIA = 11 8 3 8 0

The art of secret writing
A.A. 2010/2011 31
Leon Battista Alberti with his cipher disk conceived the idea of an
encrypting machine whose modern electrical prototypes appeared in
1891 Etienne Bazeries: adopted by the French army
1917 Gilbert Vernan: first binary encrypting machine realizing perfect enciphering
1918 Arthur Scherbius: ENIGMA adopted by the German army (in 1926)
1920 Boris Hagelin: CryptoHagelin adopted by the US army

The art of secret writing
A.A. 2010/2011 32
Arthur Scherbius ENIGMA  1918

The art of secret writing
A.A. 2010/2011 33
To provide mechanisms (stream ciphers) that produce
enciphering sequences
k(1), k(2), , k(n) ...
starting from a short sequence K0 called the secret key.
Typical enciphering rule, referred to as Caesar enciphering,
is simple
e(n) = m(n) + k(n)
Symbols are taken from a finite domain where a binary composition rule + is defined.
The design target of encrypting machines is

The art of secret writing
A.A. 2010/2011 34
The mathematics behind these systems includes modular
arithmetic (ring), finite fields, and groups.
Stream generators are described using
the notion of
FINITE STATE MACHINE

The art of secret writing
A.A. 2010/2011 35
Finite State Machine
A Finite state machine is a mathematical object
described by a 6tuple { S, I O, f, g, s0} where
S is finite set of states, possibly represented
by binary vectors (0,1,0, 0 0)
I is a finite input alphabet, possibly binary
O is an output alphabet, possibly binary
f is a mapping from S I into S
g is a mapping from S I into O
s0 the initial state is an element of S

The art of secret writing
A.A. 2010/2011 36
Given an input sequence
I(1), I(2), I(n)
Machine evolution is a sequence of states
s(1), s(2), s(n) with s(1) = s0, and
s(n+1) = f(s(n), I(n) )
The generated stream is a sequence
k(1), k(2), , k(n), where
k(n) = f(s(n), I(n) )
The machine evolution is said to be autonomous
if the input sequence is missing.

The art of secret writing
A.A. 2010/2011 37
Stream Ciphers are Finite State Machines
Properties of generated streams for Caesarlike enciphering
Avoid store and replay attack
Avoid error propagation
Hard to cryptanalyze
Good mask properties

The art of secret writing
A.A. 2010/2011 38
Cryptographic properties of a stream cipher
Period of generated sequence:
should be long and computable to avoid store
and replay attack
Entropy of generated sequence:
should be maximum, it must appear a truly
random sequence (fair coin tossing sequence)
Cryptanalysis:
a plain text attack should be hard, that is the
initial state s0 must be difficult to compute
knowing any piece of generated sequence

The art of secret writing
A.A. 2010/2011 39
Stream ciphers
Periodic generators:
a classic solution consists of Linear Feedback
Shift Registers and their nonlinear variants
Outputs function:
is a nonlinear logic functions
Encryption:
commonly is a sum of bits (the logical XOR
operation)

The art of secret writing
A.A. 2010/2011 40
LFSR
A LFSR is characterized by a generator
polynomial g(x) which defines the positions
of the feedback taps
The degree of g(x) is the LFSR length
The state is the content of the register

The art of secret writing
A.A. 2010/2011 41
Irreducible polynomials are factors of
where the smallest m is a divisor of
Primitive polynomials have
n1n
1n
2
21 xxgxgxg1g(x)
12 nm
1mx12 n
Generator polynomials of degree n

The art of secret writing
A.A. 2010/2011 42
LFSR: Linear feedback shift register
Fibonacci
Galois
...
...+ + ++X0 X1 X2 Xn1
..
+
X1X0 X2 Xn1

The art of secret writing
A.A. 2010/2011 43
LFSR: Linear feedback shift register
Tridiagonal
X1 X2 X4+ X0X0 X3+ + ++
LSFR of length 5.
01000
11100
01110
00111
00011
Transition matrix:

The art of secret writing
A.A. 2010/2011 44
Properties of
the set C of primitive LFSR sequences
C is a group of order
C is the dual code of a Hamming
code
Every sequence has the same number of 1s
Cyclic autocorrelation function () of every
sequence is a twovalue function, that is
and () = 1 for every 0.
Runs of 0s and 1s are given in the following Table
n2
)3,12,12( nnn )2,,12( nn n
12 n
12)0( n

The art of secret writing
A.A. 2010/2011 45
2mj2 runs of length j of either 1s or
0s, for 0 < j < m1
1 run of length m of 1s
0 runs of length m1 of 1s
1 run of length m1 of 0s
0 runs of length m of 0s
Properties of
a primitive LFSR sequence

The art of secret writing
A.A. 2010/2011 46
Computational complexity
The aim of computational complexity is to
give a measure of the difficulty of solving
a problem.
An axiomatic theory yielding a measure of
complexity comparable to the measure of
information, unfortunately, is still missing.
In cryptography, practical measures of
complexity have been developed and are
used in place of theoretical definitions.

The art of secret writing
A.A. 2010/2011 47
Computational complexity
Practical measures of complexity:
 Number of binary operations of algebraic
nature (Es. product of two numbers)
 Number of comparisons in searching an
object among a set of objects (Es. searching
a name in a directory)
 Size of a memory for storing data (Es.
number of bytes required to store the personal
data in the registry of a town)

The art of secret writing
A.A. 2010/2011 48
Computational complexity
Let X and Y be two finite sets.
Let f be a mapping from X into Y.
Let x and y be two variables taking their
values in X and Y, respectively
Definition.
A size of a variable z, taking its values in a
set Z, is the minimum number of bits
necessary to represent any value in Z.

The art of secret writing
A.A. 2010/2011 49
Computational complexity
The size of every x in X is n=log2( X )
n is the number of bits necessary to represent
the value of any element in X.
The complexity cx(f ) of a function f is
expressed in terms of n.
If cx(f ) is exactly computable, then it is written
as a function g(n) of n.
If only the order of magnitude of cx(f ) can be computed, then it is written as O(g(n)).

The art of secret writing
A.A. 2010/2011 50
Oneway functions
Definition
An invertible mapping f from a finite set X into a
finite set Y is said to be oneway if
i) the value y=f(x) is easy to compute
for every x in X
ii) the inverse value x=f 1(y) is difficult to compute for almost every y in Y

The art of secret writing
A.A. 2010/2011 51
Oneway functions  complexity
Many oneway functions are realized as
homomorphisms between groups.
If f is an homomorphism between
a group X and
the additive group of remainders modulo M,
the complexity of f , in general, is upper
bounded by O(X 1/2)which is known as Shanks bound