Introduction to cryptography
Download
1 / 31

Introduction to Cryptography - PowerPoint PPT Presentation


  • 171 Views
  • Uploaded on

Introduction to Cryptography. --- Foundations of information and network security --- Lecture 3. Outline. Why study cryptology ? Basic terms, notations and structure of cryptography Private & public key cryptography examples Modern secret key ciphers : usage and methodology

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Introduction to Cryptography' - tausiq


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Introduction to cryptography

Introduction to Cryptography

--- Foundations of information and network security ---

Lecture 3


Outline
Outline

  • Why study cryptology?

  • Basic terms, notations and structure of cryptography

  • Private & public key cryptography examples

  • Modern secret key ciphers : usage and methodology

  • Encryption and possible attacks

  • Secret key ciphers design

Information and Network Security


Why study cryptology 1
Why Study cryptology(1)

A

B

Intruder

Communications security

Information and Network Security


Why study cryptology 2
Why Study cryptology(2)

Customer

Merchant

TTP

Electronic Commerce Security

Information and Network Security


Why study cryptology 3
Why Study cryptology(3)

A

B

LEA

Law enforcement

Information and Network Security


The basic problem
The Basic Problem

  • We consider the confidentiality goal:

    • Alice and Bob are Friends

    • Marvin is a rival

    • Alice wants to send secret messages (M1,M2,…) to Bob over the Internet

    • Rival Marvin wants to read the messages (M1,M2,…) - Alice and Bob want to prevent this!

    • Assumption: The network is OPEN: Marvin is able to eavesdrop and read all data sent from Alice to Bob.

    • Consequence: Alice must not send messages (M1,M2,…) directly – they must be “scrambled” or encrypted using a ‘secret code’ unknown to Marvin but known to Bob.

Information and Network Security


Cryptography
Cryptography

plaintext (data file or messages)

encryption

ciphertext (stored or transmitted safely)

decryption

plaintext (original data or messages)

Information and Network Security


Private key cipher

Encryption

Decryption

Encrypted message

(ciphertext)

Encrypted message

(ciphertext)

E

Alice

D

Bob

key

Message

(cleartext, plaintext)

Message

(cleartext,plaintext)

Information and Network Security


Basic terms
Basic terms

  • Cryptology (to be very precise)

    • Cryptography --- code designing

    • Cryptanalysis --- code breaking

  • Cryptologist:

    • Cryptographer & cryptanalyst

  • Encryption/encipherment

    • Scrambling data into unintelligible to unauthorised parties

  • Decryption/decipherment

    • Un-scrambling

Information and Network Security


Types of ciphers
Types of ciphers

  • Private key cryptosystems/ciphers

    • The secret key is shared between two parties

  • Public key cryptosystems/ciphers

    • The secret key is not shared and two parties can still communicate using their public keys

Information and Network Security


Examples of messages
Examples of “Messages”

  • Types of secret “Messages” Alice might want to send Bob (in increasing length):

    • Decision (yes/no), eg. as answer to the question “Are we meeting tomorrow?”

    • Numerical Value, eg. as answer to the question “at what hour are we meeting?”

    • Document

    • Software,

    • Images etc.

Information and Network Security


Concepts
Concepts

  • A private key cipher is composed of two algorithms

    • encryption algorithm E

    • decryption algorithm D

  • The same key K is used for encryption & decryption

  • K has to be distributed beforehand

Information and Network Security


Notations
Notations

  • Encrypt a plaintext P using a key K & an encryption algorithm E C = E(K,P)

  • Decrypt a ciphertext C using the same key K and the matching decryption algorithm D P = D(K,C)

  • Note: P = D(K,C) = D(K, E(K,P))

Information and Network Security


The caesar cipher e g
The Caesar cipher (e.g)

  • The Caesar cipher is a substitution cipher, named after Julius Caesar.

  • Operation principle:each letter is translated into the letter a fixed number of positionsafter it in the alphabet table.

  • The fixed number of positions is a key both for encryption and decryption.

Information and Network Security


The caesar cipher cnt d
The Caesar cipher (cnt’d)

K=3

Outer: plaintext

Inner: ciphertext

Information and Network Security


An example
An example

  • For a key K=3,plaintext letter: ABCDEF...UVWXYZciphtertext letter: DEF...UVWXYZABC

  • HenceTREATY IMPOSSIBLEis translated intoWUHDWB LPSRVVLEOH

Information and Network Security


Breaking classic ciphers
Breaking classic ciphers

  • With the help of fast computers, 99.99% ciphers used before 1976 are breakable by using one of the 4 types of attacks (described later).

  • Modern cluster computers and future quantum computers can break several existing ciphers due to the power of such computers.

Information and Network Security


Breaking the caesar cipher
Breaking the Caesar cipher

  • By trial-and error

  • By using statistics on letters

    • frequency distributions of lettersletter percentA 7.49%B 1.29%C 3.54%D 3.62%E 14.00%..................................

Information and Network Security


Toy example of private key cryptography tpc

0

0

=

0

1

1

=

0

0

1

=

1

1

0

=

1

Toy example of private key cryptography (TPC)

  • Assume that a message is broken into 64-bit blocks and each 64-bit block of plaintext is encrypted separately:

  • Key space are combinations of numerical digits – max: 7 digits-

    • (eg: key = [1]; or key = [1,3], or key = [1,4,2]).

  • Assume that all 8 bits of a byte is used and key digits start from left to right.

  • Encryption: Each plaintext block is first shifted by the number of binary digits before the last non-zero digit of the key. It is then exclusive-ored with the key starting from the first byte of the block, repeatedly to the end of the block (the key moves a distance of its size from left to right of the plaintext block).

  • Decryption: do the reverse of encryption: the cipher-text is exclusive-ored and then shifted.

: exclusive or

Information and Network Security


Using tpc
Using TPC

  • Use TPC to encrypt the plaintext “12345”, key = [1,4,2]

  • Use TPC to encrypt the plaintext “TREATY IMPOSSIBLE”; key = [4];

  • Use TPC to encrypt the plaintext “100 dollars”, key = [2,4];

Information and Network Security


Principles of private key encryption
Principles of Private Key Encryption

  • Devise cryptographic algorithms:

    • a set of fast functions (E1, E2, E3, ..En) that when in turn applied to an input (initial or intermediate input) will produce a more potentially scrambled output.

    • and a set of functions (D1,D2,D3, .. Dn) that when in turn applied to the cipher text (final or intermediate) will produce the original input text.

  • Devise algorithms, tests and proofs to validate your cryptographic algorithms

    • Analysing algorithms.

    • Tests with powerful computers such as specialised, parallel, cluster, or quantum computers.

    • Mathematical proofs.

Information and Network Security


Toy example of public key cryptography
Toy example of public key cryptography

  • Definition: The multiplicative inverse of x with modulo n is y such that (x*y) mod n = 1

    E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1

  • The above multiplicative inverse can be used to create a simple public key cipher: either x or y can be thought of as a secret key and the other is the public key. Let x = 3, y = 7, n = 10, and M be the message:

    • M = 4 ;

      • 3*4 mod 10 = 2; (ciphertext) - encrypting

      • 2*7 mod 10 = 4 = M ; (message) - decrypting

    • M =6 ;

      • 3*6 mod 10 = 8;

      • 8*7 mod 10 = 6 = M (message)

Information and Network Security


What is pke used for
What is PKE used for?

Private Key Encryption (PKE) can be used:

  • Transmitting data over an insecure channel

  • Secure stored data (encrypt & store)

  • Provide integrity check:

    • (Key + Mes.) -> MAC (message authentication code)

Information and Network Security


Morden cryptography applications
Morden Cryptography applications

  • Not just about confidentiality!

  • Integrity

    • Digital signatures

    • Hash functions

  • Fair exchange

    • Contract signing

  • Anonymity

    • Electronic cash

    • Electronic voting

  • Etc.

Information and Network Security


Modern private key ciphers
Modern private key ciphers

  • DES (US, 1977) (3DES)

    • key -- 56 bits, plaintext/ciphertext -- 64 bits

  • LOKI (ADFA, Australia, 1989)

    • key, plaintext/ciphertext -- 64 bits

  • FEAL (NTT, Japan, 1990)

    • key -- 128 bits, plaintext/ciphertext -- 64 bits

  • IDEA (Lai & Massey, Swiss, 1991)

    • key -- 128 bits, plaintext/ciphertext -- 64 bits

  • SPEED (Y Zheng in 1996)

    • Key/(plaintext/ciphertext) -- 48,64,80,…,256 bits

  • AES (Joan Daemen & Vincent Rijmen 2000)

    • Key/(plaintext/ciphertext) -- 128, 192 and 256 bits

Information and Network Security


General approaches to cryptography
General approaches to Cryptography

  • There are two general encryption methods: Block ciphers & Stream ciphers

  • Block ciphers

    • Slice message M into (fixed size blocks) m1, …, mn

      • Add padding to last block

    • Use Ek to produce (ciphertext blocks) x1, …, xn

    • Use Dk to recover M from m1, …, mn

    • E.g: DES, etc.

  • Stream ciphers

    • Generate a long random string (or pseudo random)

      called one-time pad.

    • Message one-time pad (exclusive or)

      • E.g: EC4

Information and Network Security


Design of private key ciphers 1
Design of Private Key Ciphers(1)

  • A Cryptographic algorithm should be efficient for good use

    • It should be fast and key length should be of the right length – e.g.; not too short

  • Cryptographic algorithms are not impossible to break without a key

    • If we try all the combinations, we can get the original message

  • The security of a cryptographic algorithm depends on how much work it takes for someone to break it

    • E.g If it takes 10 mil. years to break a cryptographic algorithm X using all the computers of a state, X can be thought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crack many current cryptographic algorithms.

Information and Network Security


Design of private key ciphers 2
Design of Private Key Ciphers(2)

  • Encryption Algorithm Design

    • Should the strength of the algorithm be included in the implementation of the algorithm? Should we hide the algorithm?

    • Should the block size be small or large?

    • Should the keyspace be large?

    • Should we consider other search rather than brute-force search?

    • Should we consider the hardware technology?

Information and Network Security


4 types of cryptanalysis
4 types of cryptanalysis

  • Depending on what a cryptanalyst has to work with, attacks can be classified into

    • ciphertext only attack

    • known plaintext attack

    • chosen plaintext attack

    • chosen ciphertext attack (most severe)

Information and Network Security


4 types of attacks
4 types of attacks

  • Ciphertext only attack

    • the only data available is a target ciphertext

  • Known plaintext attack

    • a target ciphertext

    • pairs of other ciphertext and plaintext (say, previously broken or guessing)

Information and Network Security


4 types of attacks1
4 types of attacks

  • Chosen plaintext attacks

    • a target ciphertext

    • can feed encryption algorithm with plaintexts and obtain the matching ciphertexts

  • Chosen ciphertext attack

    • a target ciphertext

    • can feed decryption algorithm with ciphertexts and obtain the matching plaintexts

Information and Network Security


ad