1 / 73

Dr. Igor Santos

Dr. Igor Santos. Security of Information Systems Cryptology. Contents. Historical Evolution Definitions Classic cipher Symmetric cryptography Asymmetric cryptography Cryptanalysis Steganography. Perspectiva histórica. Historical Evolution. Historical Evolution.

marge
Download Presentation

Dr. Igor Santos

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dr. Igor Santos • Security of InformationSystemsCryptology

  2. Contents • Historical Evolution • Definitions • Classic cipher • Symmetric cryptography • Asymmetric cryptography • Cryptanalysis • Steganography

  3. Perspectiva histórica HistoricalEvolution

  4. HistoricalEvolution «When Julius Caesar sent messages to his generals, he didn't trust his messengers. So he replaced every A in his messages with a D, every B with an E, and so on through the alphabet. Only someone who knew the "shift by 3" rule could decipher his messages.» And so we begin. Phill Zimmerman, "An Introduction to Cryptography"

  5. HistoricalEvolution • Cryptology has always had a great interest in military and political • Egyptian and Babylonian hieroglyphs • Escítala of Sparta • Julius Caesar, Charlemagne, Philip II, Napoleon • San Bernardino already used usaba homophonic substitution • WW1: ADFGVX Code. Jefferson Cylinder • WW2: Enigma machines, Lorenz SZ-40/42: Bombe, Colossus • WW2: PURPLE Machine: Magic • Machines SIGABA and Typex ; Navajo Code

  6. HistoricalEvolution • Key of sector such as: • Banking • ATMs, wire transfers, electronic banking, … • Communication Networks • VPNs, secure email, … • E-Commerce • Mobile Phones • Pay TV and satellite TV • Digital Rights Management (DRM)…

  7. PORTADA DEFINICIONES ¿WhatisCryptology?

  8. Definitions • Cryptology • From Greek krypto, "hidden" and logos, "word" • Science of secure communications (usually secret)

  9. Definitions • Secure Communication, 4 requirements • Confidentiality • The message can not be accessed or disclosed to individuals, entities or processes unauthorized • Authentication • Ensures the identities of the participants in a communication

  10. Definitions • Integrity • Ensures that the message has not been altered or destroyed in an unauthorized manner • Non-Repudiation • Allows to test the involvement of the parties to a communication, not being able to deny having sent or received a message

  11. Definitions • Cryptography • From Greek krypto, "hidden", and graphein "write“ • Literally meaning "hidden writing“ • Concepts • Text "clear" text that you want to hide • Text "encrypted" or "cipher" unreadable gibberish • Encryption Algorithm: converts text "clear" in "encrypted" and viceversa • Key: secret that enables the encryption algorithm to convert

  12. Definitions • Goal • Maintain the privacy of the communication between two entities altering the original message so that it is incomprehensible to anyone other than the addressee

  13. Definitions • Encryption y De-cryption

  14. Definitions • Cryptanalysis • From Greek Kryptos, "hidden" and analýein, "loose“ • It is the study of methods for obtaining the meaning of encrypted information, without access to the secret information required • Cryptology = Cryptography + Cryptanalysis

  15. Definitions • Criptosistema • {M, C, K, E, D} set, where: • M represents the set of all messages unencrypted or clear • Crepresents the set of all possible encrypted messages, or cryptograms • Krepresents the set of keys that can be used in the cryptosystem

  16. Definitions • E is the set of cryptographic transformations applied to each elem. M to become elem. of C • There is a transformation Ek for each key K • D is the set of decryption transformations analogous to E • Necessary condition for every cryptosystem • Dk( Ek (m) ) = m (reversibility)

  17. Definitions • Basictypesofcryptosystems • Symmetric or private key cryptosystems • They use the same key k to encrypt and decrypt • Asymmetric or public key cryptosystems • They use a key pair { kpub, kpr}, so that one is used to encrypt and one to decrypt • Hybridcryptosystems • They combine the two previous cryptosystems

  18. Definitions • Kerckhoffs’ principle (1883) • “The security of a cryptosystem must not depend on keeping secret the crypto algorithm. Safety depends only on keeping secret the key.” • True security is: • Public availability of cryptographic algorithms • To demonstrate theoretical and practical resistance • The opposite to “Security through obscurity” • ¿Windows is secure? • DVD protection • GSM algorithm • Wide range of potential keys

  19. Classiccipher

  20. Classiccipher • Substitution cipher • Aims to introduce confusion into the cryptosystem • Simple substitution • Polyalphabeticsubstitution • Homophonic substitution • E.g.: Caesar chiper • Transposition cipher • Aims to introduce diffusion in the cryptosystem • E.g.: Escítala • Combination • E.g.: ADFGVX

  21. Cifrado por sustitución simple • Sustitución simple(Ej: CifradoCésar) • Claro: GALLIA EST OMNIS DIVISA... • Clave • ABCDEFGHIJKLMNOPQRSTUVWXYZ • DEFGHIJKLMNOPQRSTUVWXYZABC • Cifrado: JDOOLD HVW RPQLV GLYLVD... • ¿Qué clave está usando? • ¿Cuántas claves posibles hay?

  22. Simple substitutioncipher • Caesarcipherattack • Frequencyanalysis • Charactertypicaldistribution • Bruteforce • Only25 possiblekeys

  23. Simple substitutioncipher • Simplesubstitution (E.g.: Kamasutra) • Clear • ENCONTREMONOS A MEDIANOCHE • Key • A D H I K M O R S U W Y Z • V X B G J C Q L N E F P T • Encrypted • USMQSZLUCQSQN V CUXGVSQMBU

  24. Polyalphabeticsubstitutioncipher • Polyalphabeticsubstitution • Set of simple monoalphabetic ciphers • E.g.: Alberti • Use two or more cipher alphabets, switching between them during encoding • clear: aquello • encrypted: FENFPAD Plainalphabet Encryptedalphabet 1 Encryptedalphabet 2

  25. Polyalphabeticsubstitutioncipher Key character • E.g.: Vigènere • clear: VIGENERE • key: CHIFFRE • encrypted: XPOJSVVG Plaincharacter Encryptedcharacter

  26. Polyalphabeticsubstitutioncipher • AttacktoVigènere • Kasiski test • Search words repeated in the ciphertext • Determine key length • Frequency Analysis • Problem: longer key than the ciphertext

  27. Homophonicsubstitutioncipher • Homophonicsubstitution • Using different symbols depending on the frequency of occurrence of letters in a language • Example • A (50%) → 1, 2, 3, 4 • B (12.5%) → 5 • C (12.5%) → 6 • D (25%) → 7, 8 • When you encrypt an A, you choose 1, 2, 3 or 4 depending on the criteria to be (random, sequential, etc.)

  28. Homophonicsubstitutioncipher • E.g., HomophonicsubstitutioncipherforEnglish

  29. Transpositioncipher • Clutter the "clear“ text • Outline • Split the“clear”text in blocks of N characters • Example, N=6: • “clear” text: WE WILL ATTACK AT DAWN • Bloques: WEWILL ATTACK ATDAWN • Choose a permutation of N elements • {1, 2, 3, 4, 5, 6} → {4, 3, 5, 1, 2, 6} • Shuffleeach block accordingtothepermutation: • IWLWEL ATCATK WAWATDN

  30. Transpositioncipher • E.g.: Escítala • Clear: ASI CIFRABAN CON LA ESCITALA • Encrypted: AAC SNI ICT COA INL FLA RA AE BS

  31. Combinationcipher • Substitution + trasposition(E.g.: ADFGVX) • Monoalphabeticsubstituation • 6x6 table • Random disposition of the 26 characters and the 10 digits • Message: Come at 10 pm

  32. Combinationcipher • Transpositionphase • Key word (rows) • Transpositition byalphabeticorder • Cypheredtext (bycolumns) • DDAD GXDA GVXX GDVG FXDG

  33. Combinationcipher • E.g.: Enigma (electromechanicdevice) • http://enigmaco.de/enigma/enigma.swf

  34. Combinationcipher • Rotors / modifiers (26 possible positions) • 3 rotors -> 26 x 26 x 26 = 17576 • Disposition of the rotors / modifiers • 3! = 6 • Pegbox • 6 cables, exchange 6 pairs of letters between 26 • Total multiple of keys = 3> 10,000,000,000,000,000

  35. Symmetriccryptography

  36. Symmetriccryptography • Mainfeature característica • Keyencrypt = keydecrypt • Transmitter and receiver must hide a “shared secret” • Many drawbacks • Key Distribution • Keeping the key secret • Advantage • The process of encryption / decryption is very fast

  37. Symmetriccryptography • Security depends on: • Keeping the key secret • How good the algorithm is • You do not need to keep it secret • It is assumed that it is virtually impossible to decrypt a message by just knowing the algorithm

  38. Symmetriccryptography

  39. Symmetriccryptography- DES • DES (Data Encryption Standard) • Adopted as the standard for secure communications in the U.S. in 1976 • Designed by IBM in collaboration with the NSA • Backdoor?? • Unsafe • Key Size 56 bits • Possibility to break it in 24 hours by brute force

  40. Symmetriccryptography- DES • Based on a mathematical mechanism known as "The Feistel Network" • Block ciphering • Basic operations transformed by N-bit plain text into N-bits ciphered text • Block = 64 bits • 64-bit key, but 8 bits are used for parity, so that the algorithm uses 56 bits

  41. Symmetriccryptography- DES • Basic structure DES • Entrance • Plaintext (64bits) • Key (56 bits) • Initial Permutation (IP) • 16 rounds (Feistel function) • Final Permutation (PF)

  42. Symmetriccryptography- DES • Feistel function • Expansion • Shuffle • Substitution • Permutation Semiblock (32 bits) Subkey (48 bits)

  43. Symmetriccryptography– Triple DES • Triple DES • Algorithm that performs triple DES encryption • Powered by IBM in 1998 • Standard on credit cards and other forms of electronic payment • Variants • 2 keys -> resulting key 112 bits (56 x 2) • 3 keys -> resulting key 168 bits (56 x 3)

  44. Symmetriccryptography - AES • AES (Advanced Encryption Standard) • Also known as Rijndael • New U.S. encryption standard in 2002 • Due to the replacement of the standard DES, the U.S. Institute of Standards (NIST) organized in 1996 the AES contest • Requirements of the new algorithm • Public • Symmetric block cipher algorithm • Variable key length (which can grow) • Easily implementable in hardware and software

  45. Symmetriccryptography - AES • Criteria • Strength against cryptanalysis • Computational efficiency (time) • Efficiency of implementation (memory) • Software and hardware adaptation • Simplicity of design • Flexibility • public License • Supporting 128-bit block and key sizes of 128, 192 and 256 bits

  46. Symmetriccryptography - AES • Variable block and key length • 128, 192, and 256 • During the encryption process, it maintains an internal status array • Based on round schemas • 9 rounds for block for 128-bit key • 11 rounds for blockfor 192bits key • 13 rounds for block for 256-bit key

  47. Symmetriccryptography - AES • In each round, four transformations are applied to the matrix of state • Nonlinear byte substitution, independent for each byte of the status matrix • Transposing the state rows cyclically with different offsets • Shuffling the columns based on polynomial operations • Adding the subkey of the round (of course, key expansion) using XOR

  48. Symmetriccryptography • FromDEStoAES: • “A Stick Figure Guide to the Advanced Encryption Standard (AES)”, byJeffMoser

  49. Asymmetriccryptography

  50. Asymmetriccryptography • In 1976, Diffie and Hellman developed a secure way to transfer a key • Two different but complementary keys • What key A encrypts, is only decrypted by key B • What key B encrypts, is only decrypted by key A • A key will be secret, and must be kept safely • The other will be public, and it should be shared for communication

More Related