Csce 727 cryptography
This presentation is the property of its rightful owner.
Sponsored Links
1 / 47

CSCE 727 Cryptography PowerPoint PPT Presentation


  • 86 Views
  • Uploaded on
  • Presentation posted in: General

CSCE 727 Cryptography. Insecure communications. Confidential. Insecure channel. Sender. Recipient. Secure communications. confidential. Insecure channel. Sender. Recipient. Terminology. Plaintext , cleartext : an “unhidden” message Encryption : transform a message to hide its meaning

Download Presentation

CSCE 727 Cryptography

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Csce 727 cryptography

CSCE 727Cryptography


Insecure communications

Insecure communications

Confidential

Insecure channel

Sender

Recipient

www.applebuz.com


Csce 727 cryptography

Secure communications

confidential

Insecure channel

Sender

Recipient

www.applebuz.com


Csce 727 cryptography

Terminology

  • Plaintext, cleartext: an “unhidden” message

  • Encryption: transform a message to hide its meaning

  • Ciphertext, cyphertext: an encrypted message

  • Cipher: cryptographic algorithm. Mathematical function used for encryption (encryption algorithm) and decryption (decryption algorithm).

  • Decryption: recovering plaintext from ciphertext

  • Cryptography: art and science of keeping messages secure

  • Cryptanalysis: art and science of breaking ciphertext

  • Cryptology: study of both cryptography and cryptanalysis

www.applebuz.com


Cryptosystem requirements

Cryptosystem requirements

  • Enciphering and deciphering algorithms must be efficient for all keys

    • Coding and decoding at the time of transmission  may be bottleneck

  • System must be easy to use

    • Ease of finding key with an invertible transformation

  • Security should depend on the the secrecy of the keys not on the secrecy of the algorithms

    • Algorithms must be inherently strong, i.e., encryption cannot be broken by simply knowing the method of encryption

www.applebuz.com


Csce 727 cryptography

What makes a good cryptosystem?

  • A good cryptosystem is one whose security does not depend upon the secrecy of the algorithm. This is why cryptographers are so unhappy about NSA's refusal to release details of SkipJack (Clipper).

  • From Schneier:

    • “Good cryptographers rely on peer review to separate the good algorithms from the bad.''

www.applebuz.com


Breakable v s practically breakable

Breakable v.s. Practically Breakable

  • Unconditionally secure: impossible to decrypt. No amount of ciphertext will enable a cryptanalyst to obtain the plaintext without restrictions on technology

  • Computationally secure: an algorithm that is not breakable in practice based on worst case scenario (based on the best known methods) and current technology

  • Breakable: all algorithms (except one-time pad) are theoretically breakable

www.applebuz.com


Cryptanalysis

Cryptanalysis

Cryptanalyst’s goal:

  • Break message

  • Break key

  • Break algorithm

www.applebuz.com


Security requirements

Security requirements

  • Computationally infeasible to systematically determine the deciphering transformation for a given cipher, even if the corresponding plaintext is known

    • Prevents decoding additional ciphertexts

  • Computationally infeasible to systematically determine plaintext for a given cipher

    • Prevents decoding the given ciphertext

www.applebuz.com


Authenticity requirements

Authenticity requirements

  • Computationally infeasible to systematically determine enciphering transformation for a given cipher, even if the corresponding plaintext is known

    • Prevents creating false ciphertext

  • Computationally infeasible to find ciphertext such that it deciphers into a valid plaintext

    • Prevents cipher substitution

www.applebuz.com


Csce 727 cryptography

Taxonomy of Attacks

  • Ciphertext-only attack: attacker has ciphertext for messages encrypted with E.

  • Known plaintext attack: attacker additionally knows the plaintext of the messages.

  • Chosen plaintext attack: attacker can select the encrypted plaintext for at least some messages.

  • Chosen ciphertext attack: attacker can obtain decrypted (plaintext) versions of selected ciphertext.

www.applebuz.com


Cryptosystems

Cryptosystems

  • Conventional (symmetric-key) cryptosystem

  • Public-key (asymmetric-key) cryptosystem

  • Quantum cryptosystem

  • Hash Functions

www.applebuz.com


Conventional secret key cryptosystem

Conventional (Secret Key) Cryptosystem

Plaintext

M

Ciphertext

C

Plaintext

M

Encryption

Decryption

Sender

Recipient

K

K

Secure channel

C=E(K,M)

M=D(K,C)

Key source

www.applebuz.com


Csce 727 cryptography

Secret Key Cryptosystem Vulnerabilities (1)

Passive Attacker (Eavesdropper)

  • Obtain and/or guess key and cryptosystem use these to decrypt messages

  • Capture text in transit and try a ciphertext-only attack to obtain plaintext.

www.applebuz.com


Csce 727 cryptography

Secret Key Cryptosystem Vulnerabilities (2)

Active Attacker

  • Break communication channel (denial of service)

  • Obtain and/or guess key and cryptosystem and use these to send false messages

www.applebuz.com


Csce 727 cryptography

Inherent Weaknesses of Symmetric Cryptography

  • Key distribution must be done secretly (difficult when parties are geographically distant, or don't know each other)

  • Need a key for each pair of users

    • n users need n*(n-1)/2 keys

  • If the secret key (and cryptosystem) is compromised, the adversary will be able to decrypt all traffic and produce fake messages

www.applebuz.com


Classical encryption techniques

Classical Encryption Techniques

  • Steganography

  • Substitution

  • Permutation

  • Combinations and iterations of these

www.applebuz.com


Steganography

Steganography

  • Conceals the existence of secret message

  • Needs:

    • Carrier medium: text, picture, etc.

    • Encoding schema: defines how to insert message into the carrier medium

  • Not efficient – good for small messages only

www.applebuz.com


Steganography examples

Steganography Examples

Before computers:

  • Character markings: selected letters of printed or typewritten text are overwritten in pencil

  • Invisible ink: not visible until some chemical reactions take place

  • Pin punctures: tiny punctures on selected letters

    Computer aided:

  • Modification of digital carrier, e.g., digital image, sound, etc.

  • Supported by secret key

  • Digital watermarking

www.applebuz.com


Substitution techniques

Substitution Techniques

  • Simple substitution

  • Monoalphabetic cipher

  • Multiple letter encryption

  • Polyalphabetic cipher

www.applebuz.com


Simple substitution caesar cipher

Simple Substitution: Caesar Cipher

  • C=E(K,M), e.g., C=(M+n) mod 26

    plaintext: A B C D E …

    ciphertext: A B C D E F …

    e.g., M=CAB

    C =ECD

  • Advantages: simple to implement

  • Disadvantages: easy to break (25 possibilities for English alphabet)

www.applebuz.com


Monoalphabetic substitution

Monoalphabetic Substitution

  • Arbitrary substitution for each plaintext symbol, e.g.,

    C E, A C, B  D

  • M=CAB

  • C =ECD

  • Advantages: large key space 26!

  • Disadvantages: trivially broken for known plaintext attack

www.applebuz.com


Polyalphabetic substitution

Polyalphabetic Substitution

  • A set of related monoalphabetic substitution rules is used

  • A key determines which particular rule is chosen for a given transformation

  • Example: Vigenere cipher – based on 26 Caesar ciphers

  • Advantages: there are multiple ciphertext for a plaintext letter

  • Disadvantages: periodic nature of key makes it breakable with statistical cryptanalysis

www.applebuz.com


One time pad

One-Time Pad

  • Perfect Secrecy!

  • Large, non-repeating set of keys

  • Key is larger than the message

  • Advantages: immune to most attacks

  • Disadvantages:

    • Need total synchronization

    • Need very long, non-repeating key

    • Key cannot be reused

www.applebuz.com


Transposition

Transposition

  • Letters of the message are rearranged

  • Break patterns

    e.g., columnar transposition

    Plaintext: this is a test

    t h i s

    i s a ttiehssiatst!

    e s t !

  • Advantages: easy to implement

  • Disadvantages:

    • Easy to recognize – same letter frequency as the original plaintext

    • Trivially broken for known plaintext attack

    • Easily broken for cipher only attack

    • Multiple encipherment does not help

www.applebuz.com


Product ciphers

Product Ciphers

  • Substitution followed by permutation, followed by substitution, followed by permutation…

  • One encryption applied to the result of the other En(En-1(…(E1(M)))

  • Broken for

    • Chosen plaintext

www.applebuz.com


Data encryption standard

Data Encryption Standard

  • Mathematics to design strong product ciphers is classified

  • Breakable by exhaustive search for known plaintext, chosen plaintext and chosen ciphertext attacks

  • Security: computational complexity of computing the key under the above scenarios

www.applebuz.com


Csce 727 cryptography

Data Encryption Standard (DES)

  • DES is a product cipher

    • 56 bit key size

    • 64 bit block size for plaintext and cipher text

  • Developed by IBM and adopted by NIST with NSA approval

  • Encryption and decryption algorithms are public but the design principles are classified

www.applebuz.com


Advanced encryption standard aes

Advanced Encryption Standard (AES)

  • Adopted by NIST to replace DES

  • January 2, 1997: NIST announces the initiation of an effort to develop the AES (62 FR 93)

  • Based on Rijndael algorithm

www.applebuz.com


Rijndael algorithm

Rijndael Algorithm

  • Chosen for: security, performance, efficiency, ease of implementation, and flexibility

  • Block cipher (variable block and key length)

  • Federal Information Processing Standard (FIPS)

www.applebuz.com


Csce 727 cryptography

  • Rijndael

  • Symmetric, block cipher

  • Key size: 128, 192, or 256 bits

  • Block size: 128

    • Processed as 4 groups of 4 bytes (state)

    • Operates on the entire block in every round

  • Number of rounds depending on key size:

    • Key=128  9 rounds

    • Key=192  11 rounds

    • Key=256  13 rounds

www.applebuz.com


International data encryption algorithm idea

International Data Encryption Algorithm (IDEA)

  • Designed by X. Lai and J. Massey Swiss Federal Institute of Technology, 1990

  • 64 bit block cipher

  • Key size: 128 bits

  • Used by Pretty Good Privacy (PGP) to encrypt electronic mail

www.applebuz.com


Other secret key algorithms

Other Secret Key Algorithms

  • DESX: modification of DES

  • Blowfish: fast, compact and simple block cipher. Variable key length up to 448 bits

  • RC2: block cipher. Variable key length up to 2048 bits

  • RC4: stream cipher. Variable key length up to 448 bits

  • RC5: block cipher. Allows user defined key length, data block size, and number of encryption rounds.

www.applebuz.com


Public key encryption

Public-Key Encryption

  • Two keys – one is private one is public

  • Solves the key distribution problem (but need reliable channel)

  • Provides electronic signatures

  • Slower than secret-key encryption

www.applebuz.com


Csce 727 cryptography

Public-Key Encryption

  • Needed for security:

    • One of the keys must be kept secret

    • Impossible (at least impractical) to decipher message if no other information is available

    • Knowledge of algorithm, one of the keys, and samples of ciphertext must be insufficient to determine the other key

www.applebuz.com


Public key cryptosystem

Public Key Cryptosystem

Insecure channel

Ciphertext

Plaintext

Plaintext

Encryption

Alg.

Decryption

Alg.

B

Recipient

A

Sender

B’s private key

B’s public key

(need reliable channel)

www.applebuz.com


Csce 727 cryptography

RSA

  • Public key:(n,e)

  • Secret key:(n,d)

  • n is a 200 digit number

  • C = Me mod n

  • M = Cd mod n

www.applebuz.com


Rsa versus des

RSA versus DES

Key size:

  • RSA: selected by user

    (usually n is 154 digit (512 bits) so key is 1024 bits)

  • DES: 64 bits (56 effective)

www.applebuz.com


Digital signatures in rsa

Digital Signatures in RSA

  • RSA Property: encryption and decryption are commutative

    • Encryption followed by decryption yields the original message

      (Me mod n)d mod n = M

    • Decryption followed by encryption yields the original message

      (Md mod n)e mod n = M

  • Cryptosystems that preserve message length have this property

www.applebuz.com


Csce 727 cryptography

Digital Signatures in RSA

Insecure channel

Sign

Verify

Plaintext

Signed

plaintext

Plaintext

Decryption

Alg.

Encryption

Alg.

B

A

A’s private key

A’s public key

(need reliable channel)

www.applebuz.com


Signature and encryption

Signature and Encryption

B

Encrypted

Signed

Plaintext

A

Signed

Plaintext

Signed

Plaintext

Plaintext

Plaintext

D

E

D

E

B’s public key

A’s public key

B’s private key

A’s private key

www.applebuz.com


Hash functions

Hash Functions

  • Hash function h maps an input x of arbitrary length to a fixed length output h(x) (compression)

  • Given h and x, h(x) is easy to compute (ease of computation)

www.applebuz.com


Hash functions1

Hash functions

  • Preimage resistant (one-way): if for all specified outputs, it is computationally infeasible to find any input that hashes to that output

  • Second-preimage resistent (weak collision resistant): if it is computationally infeasible to find any second input which has the same output as any specified input

  • Collision resistant (strong collision resistant): if it is computationally infeasible to find any distinct inputs that has the same output

www.applebuz.com


Hash functions2

Hash Functions

  • Message digest

  • Used for authenticity and integrity purposes

  • Algorithms:

    • SHA-1MD2,MD4,

    • MD5

www.applebuz.com


Md5 message digest algorithm

MD5 Message Digest Algorithm

  • Input of arbitrary length

  • Output: 128 bits

  • Block size: 512 bits

www.applebuz.com


Secure hash algorithm

Secure Hash Algorithm

  • SHA was developed by National Institute of Standards and Technology

  • 1993: Published as Federal Information Processing Standard (FIPS PUB 180)

  • Input: maximum length 264 bits

  • Output: 160-bit digest

  • Block size: 512-bit

www.applebuz.com


Md5 v s sha

MD5 v.s. SHA

  • Very similar

  • Security: SHA’s digest is 32 bits longer  without algorithm flows SHA is more secure

  • Speed:SHA has more steps and produces 160-bit buffer  SHA slower

  • Simplicity and compactness: MD5 has more internal steps with varying buffer modification  SHA is simpler

www.applebuz.com


  • Login