Csce 727 cryptography
1 / 47

CSCE 727 Cryptography - PowerPoint PPT Presentation

  • Uploaded on

CSCE 727 Cryptography. Insecure communications. Confidential. Insecure channel. Sender. Recipient. Secure communications. confidential. Insecure channel. Sender. Recipient. Terminology. Plaintext , cleartext : an “unhidden” message Encryption : transform a message to hide its meaning

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' CSCE 727 Cryptography' - tam

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Csce 727 cryptography

CSCE 727Cryptography

Insecure communications
Insecure communications


Insecure channel



Secure communications


Insecure channel




  • Plaintext, cleartext: an “unhidden” message

  • Encryption: transform a message to hide its meaning

  • Ciphertext, cyphertext: an encrypted message

  • Cipher: cryptographic algorithm. Mathematical function used for encryption (encryption algorithm) and decryption (decryption algorithm).

  • Decryption: recovering plaintext from ciphertext

  • Cryptography: art and science of keeping messages secure

  • Cryptanalysis: art and science of breaking ciphertext

  • Cryptology: study of both cryptography and cryptanalysis

Cryptosystem requirements
Cryptosystem requirements

  • Enciphering and deciphering algorithms must be efficient for all keys

    • Coding and decoding at the time of transmission  may be bottleneck

  • System must be easy to use

    • Ease of finding key with an invertible transformation

  • Security should depend on the the secrecy of the keys not on the secrecy of the algorithms

    • Algorithms must be inherently strong, i.e., encryption cannot be broken by simply knowing the method of encryption

What makes a good cryptosystem?

  • A good cryptosystem is one whose security does not depend upon the secrecy of the algorithm. This is why cryptographers are so unhappy about NSA's refusal to release details of SkipJack (Clipper).

  • From Schneier:

    • “Good cryptographers rely on peer review to separate the good algorithms from the bad.''

Breakable v s practically breakable
Breakable v.s. Practically Breakable

  • Unconditionally secure: impossible to decrypt. No amount of ciphertext will enable a cryptanalyst to obtain the plaintext without restrictions on technology

  • Computationally secure: an algorithm that is not breakable in practice based on worst case scenario (based on the best known methods) and current technology

  • Breakable: all algorithms (except one-time pad) are theoretically breakable


Cryptanalyst’s goal:

  • Break message

  • Break key

  • Break algorithm

Security requirements
Security requirements

  • Computationally infeasible to systematically determine the deciphering transformation for a given cipher, even if the corresponding plaintext is known

    • Prevents decoding additional ciphertexts

  • Computationally infeasible to systematically determine plaintext for a given cipher

    • Prevents decoding the given ciphertext

Authenticity requirements
Authenticity requirements

  • Computationally infeasible to systematically determine enciphering transformation for a given cipher, even if the corresponding plaintext is known

    • Prevents creating false ciphertext

  • Computationally infeasible to find ciphertext such that it deciphers into a valid plaintext

    • Prevents cipher substitution

Taxonomy of Attacks

  • Ciphertext-only attack: attacker has ciphertext for messages encrypted with E.

  • Known plaintext attack: attacker additionally knows the plaintext of the messages.

  • Chosen plaintext attack: attacker can select the encrypted plaintext for at least some messages.

  • Chosen ciphertext attack: attacker can obtain decrypted (plaintext) versions of selected ciphertext.


  • Conventional (symmetric-key) cryptosystem

  • Public-key (asymmetric-key) cryptosystem

  • Quantum cryptosystem

  • Hash Functions

Conventional secret key cryptosystem
Conventional (Secret Key) Cryptosystem













Secure channel



Key source

Secret Key Cryptosystem Vulnerabilities (1)

Passive Attacker (Eavesdropper)

  • Obtain and/or guess key and cryptosystem use these to decrypt messages

  • Capture text in transit and try a ciphertext-only attack to obtain plaintext.

Secret Key Cryptosystem Vulnerabilities (2)

Active Attacker

  • Break communication channel (denial of service)

  • Obtain and/or guess key and cryptosystem and use these to send false messages

Inherent Weaknesses of Symmetric Cryptography

  • Key distribution must be done secretly (difficult when parties are geographically distant, or don't know each other)

  • Need a key for each pair of users

    • n users need n*(n-1)/2 keys

  • If the secret key (and cryptosystem) is compromised, the adversary will be able to decrypt all traffic and produce fake messages

Classical encryption techniques
Classical Encryption Techniques

  • Steganography

  • Substitution

  • Permutation

  • Combinations and iterations of these


  • Conceals the existence of secret message

  • Needs:

    • Carrier medium: text, picture, etc.

    • Encoding schema: defines how to insert message into the carrier medium

  • Not efficient – good for small messages only

Steganography examples
Steganography Examples

Before computers:

  • Character markings: selected letters of printed or typewritten text are overwritten in pencil

  • Invisible ink: not visible until some chemical reactions take place

  • Pin punctures: tiny punctures on selected letters

    Computer aided:

  • Modification of digital carrier, e.g., digital image, sound, etc.

  • Supported by secret key

  • Digital watermarking

Substitution techniques
Substitution Techniques

  • Simple substitution

  • Monoalphabetic cipher

  • Multiple letter encryption

  • Polyalphabetic cipher

Simple substitution caesar cipher
Simple Substitution: Caesar Cipher

  • C=E(K,M), e.g., C=(M+n) mod 26

    plaintext: A B C D E …

    ciphertext: A B C D E F …

    e.g., M=CAB

    C =ECD

  • Advantages: simple to implement

  • Disadvantages: easy to break (25 possibilities for English alphabet)

Monoalphabetic substitution
Monoalphabetic Substitution

  • Arbitrary substitution for each plaintext symbol, e.g.,

    C E, A C, B  D

  • M=CAB

  • C =ECD

  • Advantages: large key space 26!

  • Disadvantages: trivially broken for known plaintext attack

Polyalphabetic substitution
Polyalphabetic Substitution

  • A set of related monoalphabetic substitution rules is used

  • A key determines which particular rule is chosen for a given transformation

  • Example: Vigenere cipher – based on 26 Caesar ciphers

  • Advantages: there are multiple ciphertext for a plaintext letter

  • Disadvantages: periodic nature of key makes it breakable with statistical cryptanalysis

One time pad
One-Time Pad

  • Perfect Secrecy!

  • Large, non-repeating set of keys

  • Key is larger than the message

  • Advantages: immune to most attacks

  • Disadvantages:

    • Need total synchronization

    • Need very long, non-repeating key

    • Key cannot be reused


  • Letters of the message are rearranged

  • Break patterns

    e.g., columnar transposition

    Plaintext: this is a test

    t h i s

    i s a t tiehssiatst!

    e s t !

  • Advantages: easy to implement

  • Disadvantages:

    • Easy to recognize – same letter frequency as the original plaintext

    • Trivially broken for known plaintext attack

    • Easily broken for cipher only attack

    • Multiple encipherment does not help

Product ciphers
Product Ciphers

  • Substitution followed by permutation, followed by substitution, followed by permutation…

  • One encryption applied to the result of the other En(En-1(…(E1(M)))

  • Broken for

    • Chosen plaintext

Data encryption standard
Data Encryption Standard

  • Mathematics to design strong product ciphers is classified

  • Breakable by exhaustive search for known plaintext, chosen plaintext and chosen ciphertext attacks

  • Security: computational complexity of computing the key under the above scenarios

Data Encryption Standard (DES)

  • DES is a product cipher

    • 56 bit key size

    • 64 bit block size for plaintext and cipher text

  • Developed by IBM and adopted by NIST with NSA approval

  • Encryption and decryption algorithms are public but the design principles are classified

Advanced encryption standard aes
Advanced Encryption Standard (AES)

  • Adopted by NIST to replace DES

  • January 2, 1997: NIST announces the initiation of an effort to develop the AES (62 FR 93)

  • Based on Rijndael algorithm

Rijndael algorithm
Rijndael Algorithm

  • Chosen for: security, performance, efficiency, ease of implementation, and flexibility

  • Block cipher (variable block and key length)

  • Federal Information Processing Standard (FIPS)

  • Rijndael

  • Symmetric, block cipher

  • Key size: 128, 192, or 256 bits

  • Block size: 128

    • Processed as 4 groups of 4 bytes (state)

    • Operates on the entire block in every round

  • Number of rounds depending on key size:

    • Key=128  9 rounds

    • Key=192  11 rounds

    • Key=256  13 rounds

International data encryption algorithm idea
International Data Encryption Algorithm (IDEA)

  • Designed by X. Lai and J. Massey Swiss Federal Institute of Technology, 1990

  • 64 bit block cipher

  • Key size: 128 bits

  • Used by Pretty Good Privacy (PGP) to encrypt electronic mail

Other secret key algorithms
Other Secret Key Algorithms

  • DESX: modification of DES

  • Blowfish: fast, compact and simple block cipher. Variable key length up to 448 bits

  • RC2: block cipher. Variable key length up to 2048 bits

  • RC4: stream cipher. Variable key length up to 448 bits

  • RC5: block cipher. Allows user defined key length, data block size, and number of encryption rounds.

Public key encryption
Public-Key Encryption

  • Two keys – one is private one is public

  • Solves the key distribution problem (but need reliable channel)

  • Provides electronic signatures

  • Slower than secret-key encryption

Public-Key Encryption

  • Needed for security:

    • One of the keys must be kept secret

    • Impossible (at least impractical) to decipher message if no other information is available

    • Knowledge of algorithm, one of the keys, and samples of ciphertext must be insufficient to determine the other key

Public key cryptosystem
Public Key Cryptosystem

Insecure channel












B’s private key

B’s public key

(need reliable channel)


  • Public key: (n,e)

  • Secret key: (n,d)

  • n is a 200 digit number

  • C = Me mod n

  • M = Cd mod n

Rsa versus des
RSA versus DES

Key size:

  • RSA: selected by user

    (usually n is 154 digit (512 bits) so key is 1024 bits)

  • DES: 64 bits (56 effective)

Digital signatures in rsa
Digital Signatures in RSA

  • RSA Property: encryption and decryption are commutative

    • Encryption followed by decryption yields the original message

      (Me mod n)d mod n = M

    • Decryption followed by encryption yields the original message

      (Md mod n)e mod n = M

  • Cryptosystems that preserve message length have this property

Digital Signatures in RSA

Insecure channel













A’s private key

A’s public key

(need reliable channel)

Signature and encryption
Signature and Encryption
















B’s public key

A’s public key

B’s private key

A’s private key

Hash functions
Hash Functions

  • Hash function h maps an input x of arbitrary length to a fixed length output h(x) (compression)

  • Given h and x, h(x) is easy to compute (ease of computation)

Hash functions1
Hash functions

  • Preimage resistant (one-way): if for all specified outputs, it is computationally infeasible to find any input that hashes to that output

  • Second-preimage resistent (weak collision resistant): if it is computationally infeasible to find any second input which has the same output as any specified input

  • Collision resistant (strong collision resistant): if it is computationally infeasible to find any distinct inputs that has the same output

Hash functions2
Hash Functions

  • Message digest

  • Used for authenticity and integrity purposes

  • Algorithms:

    • SHA-1MD2,MD4,

    • MD5

Md5 message digest algorithm
MD5 Message Digest Algorithm

  • Input of arbitrary length

  • Output: 128 bits

  • Block size: 512 bits

Secure hash algorithm
Secure Hash Algorithm

  • SHA was developed by National Institute of Standards and Technology

  • 1993: Published as Federal Information Processing Standard (FIPS PUB 180)

  • Input: maximum length 264 bits

  • Output: 160-bit digest

  • Block size: 512-bit

Md5 v s sha
MD5 v.s. SHA

  • Very similar

  • Security: SHA’s digest is 32 bits longer  without algorithm flows SHA is more secure

  • Speed:SHA has more steps and produces 160-bit buffer  SHA slower

  • Simplicity and compactness: MD5 has more internal steps with varying buffer modification  SHA is simpler