1 / 61

Chapter 2: Cryptography Technique

Chapter 2: Cryptography Technique. "You can have everything in life you want if you'll just help enough other people to get what they want!" -- Zig Ziglar Prepared by: SITI ZAINAH ADNAN If you do have any feedback or comment, please feel free to email me at sitizai@hotmail.com

svein
Download Presentation

Chapter 2: Cryptography Technique

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 2: Cryptography Technique "You can have everything in life you want if you'll just help enough other people to get what they want!" -- Zig Ziglar Prepared by: SITI ZAINAH ADNAN If you do have any feedback or comment, please feel free to email me at sitizai@hotmail.com Your cooperation is very much appreciated !

  2. Chapter 2: Cryptography Technique TOPICS • Introduction • Terminology & Basic Encryption Methods • Secret Code • Monoalphabetic Ciphers • Cryptanalysis of a Monoalphabetic Cipher • Polyalphabetic Substitution Cipher • Transpositions • Stream and Block Ciphers

  3. References • Book (available at the Informatics library) • CHAPTER 2, 3 and 4: Security In Computing, Charles P.Pfleeger, Prentice Hall International • Notes (available at IVC)

  4. Encryption • Transforms data so that it is unintelligible to the outside observer • To maintain secure data in an insecure environment

  5. encryption decryption plain text output plain text input Transmitted ciphertext Encryption

  6. Secret key shared by sender and recipient encryption decryption plain text output plain text input Transmitted ciphertext Encryption With One Key Symmetric encryption (Single-key encryption OR Private Key encryption)

  7. Encryption key Decryption key encryption decryption plain text output plain text input Transmitted ciphertext Encryption with Two Keys Asymmetric encryption (Two-key encryption OR Public-Key encryption)

  8. Terminology • Encryption • A process of encoding a message so that its meaning is not obvious. Also known as encode/encipher • Decryption • Is the reverse process of encryption.Also known as decode/decipher • Cryptosystem • A system for encryption and decryption. • Plaintext • The original form of a message.

  9. Terminology • Ciphertext • The encrypted form of an original message. • Secret Code • Use of simple secret code to represent the original message. • Example, apple means go ahead.

  10. Terminology • Cryptography • The science of using mathematics to encrypt and decrypt data • Enables user to store sensitive information or transmit it across insecure networks so that it cannot be read by anyone except the intended recipient • Cryptanalysis • The science of analyzing and breaking secure communication • Done by cryptanalyst (attackers) • Cryptology • The research into and study of encryption and decryption; include cryptography and cryptanalyst

  11. Terminology • Key • A value that is used together with the plaintext as input into encryption algorithms to produce ciphertext • Allows different encryption of a plaintext • Provide additional security • If the encryption algorithm is revealed, future message can still be kept secret because the interceptor will not know the key value • Basically really big numbers, measured in bits e.g. 1024 bit key

  12. X’ Cryptanalyst K’ X Y X Encryption Algorithms Decryption Algorithms Destination Message Source K Secure channel Key Source Cryptosystem model

  13. An opponent, observing Y but not having access to K or X, may attempt to recover X or K or both X and K - assume that opponent knows the encryption E and decryption D algorithms • To recover X and K, plaintext estimate X’ and estimate K’ are recovered

  14. Input are ; message X and the encryption key K, the encryption algorithm forms the chipertext as: Y + [Y1, Y2....Yn] OR Y= Ek (X) Y is produced by encryption algorithm E as a function of plaintext X, which determined by key K value • The intended receiver, in possession of the key, is able to invert the transformation: X = Dk (Y)

  15. Encryption algorithms • Two basic methods: • Substitution • Monoalphabetic ciphers • Polyalphabetic ciphers • Transposition (permutation)

  16. Monoalphabetic Ciphers • Each letter is translated or substituted by a fixed letter after it in the alphabet. • E.g. Caesar Cipher uses a shift 3. • The plaintext letter pi is encipher as ciphered letter ci by the rule. ci = E(pi) = pi + 3 • A translation chart of the Caesar cipher is as shown below. Plain text ABCD E FG H IJKLMNOPQRSTUVWXYZCipher text defg h ij k lmnopqrstuvwxyzabc E.g. Happy New Year would be kdssb qhz bhdu

  17. Monoalphabetic Cipher Cryptanalysis • Some letters are used more often than others. • Example of the clues: • The letter E, T and A occur more than J, Q and Z • The break between the two words, the SS can be translated to VV • Therefore cryptanalysis uses such occurrence patterns to decipher the cipher text easily • Count do help to narrow the possibilities • The frequent occurring letters in the ciphertext are likely to be among the more frequently occurring letters in English

  18. 20 15 10 5 0 A C E G I K M O Q S U W Y SP Monoalphabetic Cipher Cryptanalysis

  19. Polyalphabetic Cipher • The weakness of monoalphabetic cipher is that their frequency distribution reflects the distribution of the underlaying alphabet. • A cipher that is more cryptographically secure would display flat distribution. • One way to flatten the distribution is to combine distribution that are high with that are low. • Uses multiple mappings between plaintext and ciphertext and it is not just a single mapping

  20. Polyalphabetic Cipher • Example of mapping: Odd position mapping • ABCDEFGHIJKLMNOPQR S T UVWXYZ….. • Adgjmpsvybehknqtwz c f ilorux Even position mapping • ABCDEFGHIJKLMN O PQR S TUVWXYZ….. • Nsxchmrwbglqva fkpu z ejotydi • Example of text: TREAT YIMPOSSIBL E  fumnf dyvtf czysh h

  21. Polyalphabetic Cipher • As compared with monoalphabetic cipher • E.g. encryption using Odd position mapping TREATY IMPOSSIBLE  fzmafu yktq cc ydhm

  22. Transposition • Rearrange the order of bits, characters or blocks of characters that are being encrypted or decrypted. • The original letters of the plaintext are preserved; only their positions change. • E.g. Columnar Transposition • The rearrangement of the characters of the plaintext into columns • The resulting ciphertext is formed by traversing the columns

  23. Columnar Transposition

  24. Columnar Transposition • The plaintext is : THIS IS A MESSAGE TO SHOW HOW A COLUMNAR TRANSPOSITION IS WORKING • The ciphertext is : TAGO CASIR HMEW ORPOK IETH LTONS SSOO URSS ISSW MAIW SAHA NNTO

  25. Key (optional) Stream Ciphers ISSOPMI wdhuw Plaintext cihertext Encryption • It converts one symbol of plaintext immediately into a symbol of ciphertext • The transformation depends only on the symbol, the key, and control information of the encipherment algorithm • E.g. substitution encryption

  26. Stream Ciphers - Advantages • Speed of transformation • Each symbol is encrypted without regard for any other plaintext symbols, each symbol can be encrypted as soon as it is read • Low error propagation • Each symbol is separately encoded, an error in the encryption process affects only that character

  27. Stream Ciphers - Disadvantages • Low diffusion • Each symbol is separately enciphered • Susceptible to malicious insertions and modifications • Since, each symbol is separately enciphered, an active interceptor who has broken the code can splice together pieces of previous messages and transmit a spurious message that may look authentic

  28. Key (optional) Block Ciphers OITPYR Encryptionba qc kd em • It encrypts a group of plaintext symbols as one block , e.g. 64 bits or more • It works on blocks of plaintext and produce blocks of ciphertext • E.g. transposition encryption

  29. Block Ciphers - Advantages • Diffusion • Information from plaintext is diffused into several ciphertext symbols • One ciphertext block may be depend on several plaintext letters • Immunity of insertions • Since blocks of symbols are enciphered, it is impossible to insert a single symbol into one block • The length of the block would then be incorrect, and decipherment would reveal the insertion

  30. Block Ciphers - Disadvantages • Slowness of encryption • Block ciphers must wait until an entire block of plaintext symbols has been received before sorting the encryption process • Error propagation • An error will affect the transformation of all other characters in the same block

  31. Key Management Protocols Attack to Remote communications: • When two remote systems transfer messages along communication medium, several potential attack scenarios arise. There are three main types of attacks: • Disclosure to an unauthorised listener. • Receipt of a message from a masquerading sender. • Corruption or blocking of sent messages.

  32. Key Management Protocols a. Disclosure to an unauthorised listener: • Involves a malicious entity or an intruder gaining access to the message by simply observing and interpreting the data travelling along the communication medium. b. Receipt of a message from a masquerading sender: • This attack involves an unauthorised masquerading entity claiming to be some authorised entity. • The result is that a bad message might be sent from an intruder.

  33. Key Management Protocols c. Corruption or blocking of sent messages: • Refers to messages sent by a sender being corrupted or blocked by an unauthorised intruder. • Intruders corrupt the “good message” and replace it with a “bad message”.

  34. Key Management Protocols • Encryption systems provide an important tool in computer security, it gives a user the ability to transmit information in a concealed form. • It is very useful to transmit documents and data over a channel that may be intercepted. • Protocol is established to orderly sequence the steps of the encryption by two or more parties in their communication • Three type of encryption protocols: • Private key protocol • Public key protocol • Arbitrated protocol

  35. Private Key Protocol • A protocol that may be used between communicating entities to authenticate systems and hide messages. • Assumed that communicating entities have access to encryption routines M that encrypts and decrypts using some key K. • Both sender and receiver knows K. Sender Receiver message [M]k [[M]k]kmessage encrypt decrypt

  36. Encryption With Private Key

  37. Private Key Protocol - Advantages • Fast • Useful for encrypting data for a short distance

  38. Private Key Protocol - Disadvantages • If the key is revealed (stolen etc.), the interceptors can decrypt all the information in both direction. • Distribution of keys becomes a problem, as keys must be transmitted with utmost security. • The number of keys increases with the square of the number of users exchanging secret information.

  39. Public Key Protocol • Deviced by Whitfield Diffie and Martin Hellman in 1996. • This scheme overcomes the exchange of private key problem. • Makes use of two encryption keys, public key and private key. • Allows remote entities to advertise part of the encryption key, that is public key. • Requires both public key and private key to encrypt and decrypt a message. • Addresses several problems of key distribution and key loss issues.

  40. Encryption with Public Keys

  41. Public Key Protocol • Based on mathematical functions rather than on substitution and permutation • Asymmetric involving the use of two separate keys, in contrast to symmetric conventional encryption, which uses only one key • Has profound consequences in the area of confidentiality, key distribution, and authentication

  42. Public Key Cryptosystem • Each end system in a network generates a pair of keys to be used for encryption and decryption of messages that it will receive • Each system publishes it’s encryption key by placing it in a public register or file. This is the public key. The companion key is kept private (eg. Verisign provide security service for international e-commerce, DigiCert mainly for local e-commerce) • If A wishes to send a message to B, it encrypts the message using B’s public key • When B receives the message, B decrypts it using B’s private key. No other recipient can decrypt the message because only B knows B’s private key.

  43. Public Key - Advantages • All participants have access to public keys and private keys are generated locally by each participant and therefore need never be distributed • As long as system controls it’s private key, its incoming communication is secure • At any time,a system can change its private key and publish the companion public key to replace its old public key • It is computationally infeasible to deduce the private key from the public key • Anyone who has a public key can encrypt information but cannot decrypt it • Only the person who has the corresponding private key can decrypt the information

  44. Public Key – Examples • Elgamal (named for its investor, Taher Elgamal) • RSA (named for its investors; Ron Rivest, Adi Shamir and Leonard Adleman) • Diffie-Hellman (named for its investors) • DSA – Digital Signature Algorithm (invented by David Kravitz)

  45. Alice’s public key ring: Joy, Mike, Bob etc Bob’s private key Bob’s public key Plaintext output Plaintext input Decryption Algorithm Encryption Algorithm Transmitted chipertext Decryption algorithm (reverse of encryption algorithm Encryption algorithm eg. RSA Public Key Cryptosystem : Encryption

  46. Bob’s public key ring: Joy, Mike, Alice etc Alice’s public key Alice’s private key Plaintext output Plaintext input Decryption Algorithm Encryption Algorithm Transmitted chipertext Decryption algorithm (reverse of encryption algorithm Encryption algorithm eg. RSA Public Key Cryptosystem : Authentication

  47. Source A Source B X Y Z Y X Message source Encryption Algorithm Encryption Algorithm Decryption Algorithm Decryption Algorithm Message dest. Public Key A Key pair source Public Key B Private Key A Key pair source Private Key B Public Key Cryptosystem Applications

  48. Public Key Protocol Sender (B) Receiver (A) Message [[M]SB]PA[[[[M]SB]PA]SA]PBMessage Encrypt Decrypt Legend: SB:Secret key of B PB:Public key of B SA:Secret key of A PA:Public key of A

  49. Arbitration Protocols with Third Party • An alternative to the point key management protocols between senders and receivers. • Protocol that uses third party to ensure authentication between communicating entities. • Two types of arbitrated key management protocols might be envisioned.

  50. A sends message to C B routes message to C from A C receives message from A Arbitration Protocols with Third Party 1) All data communication is performed through a third party, so that A might communicate with C through arbiter B. This requires that A and B agree on some key management protocol and that B and C agree on a protocol as well. A B C Arbitrator

More Related