Lec1-Crypto Overview

7/30/2019 Lec1-Crypto Overview

1/28

1

1

Cryptography Overview

2

Outlines:-1. Basics of Cryptography

2.Attacking Cryptography3.How secure is secure?4.Properties of Encryption Algorithms5.Classification of Encryption

Algorithms

Part 1: Cryptography


2/282

3

Before we start, let us go back to the earlymethods of encryption or cipheringtechniques . They are based on substitution.

The Story

4

Notations and Basics of Cryptography


3/283

Examples of SubstitutionCiphering techniques

5

Caesar Cipher

Earliest known substitution cipherby Julius Caesar

First attested use in military affairs Replaces each letter by 3rd letter on Example:

MEET ME AFTER THE TOGA PARTYPHHW PH DIWHU WKH WRJD SDUWB


4/284

Caesar Cipher

Can define transformation as:a b c d e f g h i j k l m n o p q r s t u v w x y z

d e f g h i j k l m n o p q r s t u v w x y z a b c

Mathematically give each letter anumbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

Then have Caesar cipher as:c= E(p) = (p+ k) mod (26)

p= D(c) = (c k) mod (26)

Cryptanalysis of Caesar Cipher

Only have 26 possible ciphers

A is mapped to A,B,..,Z

Could simply try each in turn (a brute forcesearch)

Given ciphertext, just try all shifts of letters

Dont need to recognize once we get the plaintext

e.g., try to break ciphertext "GCUA VQDTGCM"


5/285

Monoalphabetic Cipher

rather than just shifting the alphabet could shuffle (jumble) the letters arbitrarily each plaintext letter maps to a different random

ciphertext letter hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz

Cipher: dkvqfibjwpescxhtmyauolrgzn

Plaintext: ifwewishtoreplacelettersCiphertext: wirfrwajuhyftsdvfsfuufya

Monoalphabetic Cipher Security

There is a total of 26! = 4 x 1026 keys

with so many keys, is it secure ? The answer is NO because of the

language characteristics


6/286

Language Redundancy and Cryptanalysis

Human languages are redundant

Letters are not equally commonly used

In english E is by far the most commonletter, followed by T,R,N,I,O,A,S

Other letters like Z,J,K,Q,X are fairly rare

Combinations of letters such th, gh, ph,ion,..Etc.

There are tables of single, double & tripleletter frequencies for various languages

English Letter FrequenciesSource: W. Stallings, Cryptography and Networking, 3rd ed. 2003


7/287

Use in Cryptanalysis

Key concept - monoalphabetic substitution ciphers donot change relative letter frequencies

Discovered by Arabian scientists Al kindi in 9thcentury

Calculate letter frequencies for ciphertext

Compare counts/plots against known values

If Caesar cipher look for common peaks/troughs

peaks at: A-E-I triple, NO pair, RST triple troughs at: JK, X-Z

For monoalphabetic; identify each letter

Tables of common double/triple letters may help

Example Cryptanalysis

given ciphertext:(Example from W.Stalling)UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ

UTQAOVUOHXMOEVGEOTEEVSGTHATOEFEEAXUDBMETAXAIZ

count relative letter frequencies (from text) guess P & Z are e and t guess ZW is th and hence ZWP is the

proceeding with trial and error finally get:it was disclosed yesterday that several informal butdirect contacts have been made with politicalrepresentatives of the Viet Cong in Moscow


8/288

Playfair Cipher

not even the large number of keys in amonoalphabetic cipher provides security

one approach to improving security was toencrypt multiple letters

the Playfair Cipher is an example

invented by Charles Wheatstone in 1854,but named after his friend Baron Playfair

PlayfairKey Matrix

a 5X5 matrix of letters based on a keyword

fill in letters of keyword (without duplicates)

fill rest of matrix with other letters eg. using the keyword MONARCHY

M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z


9/289

Encrypting and Decrypting

plaintext is encrypted two letters at a time1. if a pair is a repeated letter, insert filler like 'X.

E.g., Balloon,...> ba lx lo on2. if both letters fall in the same row, replace each

with letter to right (wrapping back to startfrom end). E.g., ar..> RM

3. if both letters fall in the same column, replaceeach with the letter below it (again wrapping to top

from bottom), e.g. mu ..> CM4. otherwise each letter is replaced by the letter inthe same row and in the column of the other letterof the pair (hs to BP and ea to IM or JM)

Security of Playfair Cipher

security much improved over monoalphabetic since we have 26 x 26 = 676 diagrams

would need a 676 entry frequency table to analyse(verses 26 for a monoalphabetic) and correspondingly more ciphertext was widely used for many years

by US & British military in WW1 and WW2 it can be broken, given a few hundred letterssince still has much of original language or plaintextstructure


10/2810

Polyalphabetic Ciphers

improve security using multiple cipher alphabets

make cryptanalysis harder with more alphabets toguess and flatter frequency distribution

use a key to select which alphabet is used for eachletter of the message

use each alphabet in turn

repeat from start after end of key is reached

Vigenre Cipher

simplest polyalphabetic substitution cipher

effectively multiple Caesar ciphers

key is multiple letters long K = k1 k2 ... kd

ith letter specifies ith alphabet to use

use each alphabet in turn

repeat from start after d, length of keyletters in message

decryption simply works in reverse


11/2811

Example of Vigenre Cipher

write the plaintext out

write the keyword repeated above it

use each key letter as a Caesar cipher key

encrypt the corresponding plaintext letter

e.g. using keyword deceptive

Key : deceptivedeceptivedeceptive (det. Row)plaintext: wearediscoveredsaveyourself (det. Col)

ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

One-Time Pad

if a truly random key as long as the messageis used, the cipher will be secure ,

called a One-Time pad, is unbreakable since ciphertext bears no

statistical relationship to the plaintext,

since for any plaintext & any ciphertextthere exists a key mapping one to other,

can only use the key once though, and

problems in generation & safe distributionof key


12/2812

Types of CryptographicAlogrithms

23

24

The two main applications of cryptographic algorithmsof principal interest are:

Data Encryption : transforms plaintext data intociphertext in order to conceal its meaning

Data Signature: computes a check value or digitalsignatureto a given plain- or ciphertext, that can beverified by some or all entities being able to access thesigned data. Some cryptographic algorithms can beused for both purposes, some are only secure and / orefficient for one of them.

Cryptographic Algorithms


13/2813

25

Principal categories of cryptographicalgorithms:

Symmetric cryptography

Asymmetric cryptography

Cryptographic hash functions

26

Symmetric cryptography

Encryption and decryption keys are known to bothcommunicating parties.

They are usually related and it is easy to derivethe decryption key once one knows the encryptionkey.

In most cases, they are identical. All of the classical (pre-1970) cryptosystems are

symmetric.

Examples : DES and AES (Rijndael)

A Secret should be shared (or agreed) between the

communicating parties.


14/2814

27

Asymmetric cryptography

Each user has a pair of keys which are generated togetherunder a scheme:

Private Key - known only to the owner

Public Key - known to anyone in the systems with assurance

Why public key cryptography ?

Key Distribution and Management is difficult inSymmetric Cryptoystems (DES, 3DES, IDEA, AES(Rijndael)over large networks.No Electronic Signature with symmetric ciphers

28

Examples of Public Key Cryptosystems are:

RSA Discrete Logarithm based cryptosystems.(El-Gamal) Elliptic Curve Cryptosystems


15/2815

29

Cryptographic hash functions

using 0 keys (the key is not a separateinput but appended to or mixed withthe data).

30

Cryptanalysisis the process of attempting to

discover the plaintext and / or the key.

2- Attacking CryptographyCryptanalysis


16/2816

31

Types of cryptanalytic attacks:

Ciphertext-Only Attack

ciphertext onlyOnly you know the algorithm and ciphertext.Statistical can identify plaintext

32

Known-Plaintext Attack

known plaintextYou only Know a copy of ciphertext and the

corresponding plaintext. Try to deduce the key.


17/28


18/2818

35

chosen textselect either plaintext or ciphertext toen/decrypt to attack cipher

Important directions in cryptanalysis:

-Computation of discrete logarithms-Factorization of large integers

36


19/2819

37

Attacks on protocols

Known-key attack: obtain some previouskeys and use the information to get the newones

Replay: the adversary records acommunication session and replays the

entire session or portions of it at a latertime

38

Impersonation: adversary assume theidentity of a legitimate user

Dictionary: the attacker has a list ofprobable passwords, hashes them andcompares with the entries in the list of trueencrypted passwords hoping to get a match


20/2820

39

3- How secure is secure?

In general, evaluating thesecurity of a system is a crucialand most difficult task.

40

Unconditionally secure systemIf the ciphertext does not contain enough

information to determine uniquely thecorresponding plaintext.Consequently, the attacker cannot find theplaintext regardless of how much time andcomputational power he has because theinformation is not there!

Bad news: only one known system has thisproperty: one-time pad


21/2821

41

How secure is secure? Contd.

Complexity-theoretic security

Consider a model of computation (e.g., Turingmachine) and adversaries modeled as havingpolynomial computational power

Consider the weakest possible assumptionsand the strongest possible attacker and doworst-case or at least average-case analysis

42

Provable securityProve that breaking the system is equivalent with

solving a supposedlydifficult (math) problem (e.g.,from Number Theory)

Computationally secureThe (perceived) cost of breaking the systemexceeds the value of the encrypted information.The (perceived) time required to break the systemexceeds the useful lifetime of the information


22/2822

43

The brute forceattacktries every possiblekey until it finds an intelligible plaintext: Every cryptographic algorithm can intheory be attacked by brute force On average, half of all possible keys willhave to be tried

Source: W. Stallings

Brute Force Attack

44


23/2823

45

How large are these numbers?

Source : Menezes et al.

46

Consider, a sender is encrypting plaintextmessages P1, P2,.. to ciphertext messagesC1, C2, ... Then the following properties ofthe encryption algorithm are of specialinterest:

Error Propagation, andSynchronization.

4- Properties of Encryption Algorithms


24/2824

47

Properties of Encryption AlgorithmsCtd.

Error propagationcharacterizes the effects of bit-errorsduring transmission of ciphertext toreconstructed plaintext P1, P2, ...

Depending on the encryption algorithm

there may be one or more erroneous bits inthe reconstructed plaintext per erroneousciphertext bit.

.

48

Synchronizationcharacterizes the effects of lost ciphertext

data units to the reconstructed plaintext.Some encryption algorithms can not recoverfrom lost ciphertext and need thereforeexplicit re-synchronization in case of lostmessages.Other algorithms do automatically re-synchronize after 0 to n (n depending on thealgorithm) ciphertext bits


25/2825

49

Encryption Algorithms can be classified according to:1- The type of operations used for transformingplaintext to ciphertext:Substitution, which maps each element in the plaintext(bit, letter, group of bits or letters) into anotherelementTransposition,which re-arranges elements in theplaintext

2- The number of keys used:Symmetric ciphers, which use the same key for en- /decryption.Asymmetric ciphers, which use different keys for en- /decryption.

.

5- Classification of Encryption Algorithms

50

Classification of Encryption Algorithms ctd.

3- The way in which the plaintext is processed:

Block ciphersIt work on blocks of width b, where bdepends on the used calgorithm

Stream ciphersItwork on bit streams and encrypt one bit after another:Many stream ciphers are based on the idea of linear feedbackshift registers, and there have been detected vulnerabilitiesof a lot of algorithms of this class, as there exists a profoundmathematical theory on this subject.


26/2826

51

6- Steganography

An alternative to encryption that :

It hides existence of message using only a subsetof letters/words in a longer message markedin some way such as:

using invisible ink

hiding in LSB in graphic image or sound file

Its basic drawbacks high overhead to hiderelatively few info bits.

52

Cryptographic Algorithms Examples


27/2827

53

7- Fundamental Cryptographic Applications

Confidentiality

Authentication

Integrity

Non-repudiation

Hiding the contents of the messages exchanged in a transaction

Ensuring that the origin of a message is correctly identified

Ensuring that only authorized parties are able to modifycomputer system assets and transmitted information

Requires that neither of the authorized parties deny theaspects of a valid transaction

54

Other Cryptographic Applications

Digital Signatures: allows electronically sign (personalize)the electronic documents, messages and transactionsIdentification: is capable of replacing password-basedidentification methods with more powerful (secure) techniques.Key Establishment: To communicate a key to yourcorrespondent (or perhaps actually mutually generate it withhim) whom you have never physically met before.Secret Sharing: Distribute the parts of a secret to a groupof people who can never exploit it individually.E-commerce: carry out the secure transaction over an insecurechannel like Internet. E-cash Games


28/28

55

Almost all of the practical cryptosystemsare theoretically breakable given the timeand computational resources However, there is one system which is eventheoreticallyunbreakable: One-time-pad.

A final Word

Lec1-Crypto Overview

Documents

Transcript of Lec1-Crypto Overview