CS 5950/6030  Network
Download
1 / 34

CS 5950 - PowerPoint PPT Presentation


  • 92 Views
  • Uploaded on

CS 5950/6030 Network Security Class 6 (W, 9/ 14 /05). Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared by: Prof. Aaron Striegel, U. of Notre Dame Prof. Barbara Endicott-Popovsky , U. Washington, Prof. Deborah Frincke , U. Idaho

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CS 5950' - cybil


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Slide1 l.jpg

CS 5950/6030 Network SecurityClass 6 (W, 9/14/05)

Leszek Lilien

Department of Computer Science

Western Michigan University

[Using some slides prepared by:

Prof. Aaron Striegel, U. of Notre Dame

Prof. Barbara Endicott-Popovsky, U. Washington, Prof. Deborah Frincke, U. Idaho

and Prof. Jussipekka Leiwo, Vrije Universiteit, Amsterdam, The Netherlands]


Section 2 class 6 l.jpg
Section 2 – Class 6

Class 5: 2A.2-cont. - Basic Terminology and Notation

Cryptanalysis

Breakable Encryption

2A.4. Representing Characters

2B. Basic Types of Ciphers

2B.1. Substitution Ciphers

a. The Ceasar Cipher

b. Other Substitution Ciphers — PART 1

Class 6:

b. Other Substitution Ciphers — PART 2

c. One-Time Pads

2B.2. Transposition Ciphers

2B.3. Product Ciphers

2C. Making „Good” Ciphers

2C.1. Criteria for „Good” Ciphers


2a 2 cont basic terminology and notation 2a 2 addendum l.jpg
2A.2.-CONT- Basic Terminology and Notation (2A.2 addendum)

  • Cryptanalysis

  • Breakable Encryption


2a 4 representing characters l.jpg
2A.4. Representing Characters

  • Letters (uppercase only) represented by numbers 0-25 (modulo 26).

    A B C D ... X Y Z

    0 1 2 3 ... 23 24 25

  • Operations on letters:

    A + 2 = C

    X + 4 = B (circular!)

    ...


2b basic types of ciphers l.jpg
2B. Basic Types of Ciphers

  • Substitution ciphers—PART 1

  • Substitution ciphers—PART 2

  • Transposition (permutation) ciphers

  • Product ciphers


2b 1 substitution ciphers l.jpg
2B.1. Substitution Ciphers

  • Substitution ciphers:

    • Letters of P replacedwithother letters by E

  • Outline:

    a. The Caesar Cipher

    b. Other Substitution Ciphers — PART 1

    b. Other Substitution Ciphers — PART 2

    c. One-time Pads


Slide7 l.jpg

a. The Caesar Cipher (1)

  • ci=E(pi)=pi+3 mod 26(26 letters in the English alphabet)

    Change each letter to the third letter following it (circularly)

    A  D, B  E, ... X  A, Y  B, Z  C

  • Can represent as a permutation : (i) = i+3 mod 26

    (0)=3, (1)=4, ...,

    (23)=26 mod 26=0, (24)=1, (25)=2

  • Key = 3, or key = ‘D’ (bec. D represents 3)


Slide8 l.jpg

Attacking a Substitution Cipher

  • Exhaustive search

    • If the key space is small enough, try all possible keys until you find the right one

    • Cæsar cipher has 26 possible keys from A to Z OR: from 0 to 25

  • Statistical analysis (attack)

    • Compare to so called 1-gram (unigram) model of English

    • It shows frequency of (single) characters in English

[cf. Barbara Endicott-Popovsky, U. Washington]


Slide9 l.jpg

Cæsar’s Problem

  • Conclusion: Key is too short

    • 1-char key – monoalphabetic substitution

      • Can be found by exhaustive search

      • Statistical frequencies not concealed well by short key

        • They look too much like ‘regular’ English letters

  • Solution: Make the key longer

    • n-char key (n  2) – polyalphabetic substitution

      • Makes exhaustive search much more difficult

      • Statistical frequencies concealed much better

        • Makes cryptanalysis harder

[cf. Barbara Endicott-Popovsky, U. Washington]


B other substitution ciphers l.jpg
b. Other Substitution Ciphers

n-char key

  • Polyalphabetic substitution ciphers

  • Vigenère Tableaux cipher — PART 1

  • Vigenère Tableaux cipher — PART 2


Vigen re tableaux 1 l.jpg

Note: Row A – shift 0 (a->a)

Row B – shift 1 (a->b)

Row C – shift 2 (a->c)

...

Row Z – shift 25 (a->z)

Vigenère Tableaux (1)

  • P

[cf. J. Leiwo, VU, NL]



Vigen re tableaux 2 l.jpg
Vigenère Tableaux (2)

  • Example

    Key:

    EXODUS

    Plaintext P:

    YELLOW SUBMARINE FROM YELLOW RIVER

    Extended keyword (re-applied to mimic words in P):

    YELLOW SUBMARINE FROM YELLOW RIVER

    EXODUS EXODUSEXO DUSE XODUSE XODUS

    Ciphertext:

    cbxoio wlppujmks ilgq vsofhb owyyj

  • Question: How derived from the keyword and Vigenère tableaux?

[cf. J. Leiwo, VU, NL]


Vigen re tableaux 3 l.jpg
Vigenère Tableaux (3)

  • Example

    ...

    Extended keyword (re-applied to mimic words in P):

    YELLOW SUBMARINE FROM YELLOW RIVER

    EXODUS EXODUSEXO DUSE XODUSE XODUS

    Ciphertext:

    cbzoio wlppujmks ilgq vsofhb owyyj

  • Answer:

    c from P indexes row

    c from extended key indexes column

    e.g.: row Y and column e  ‘c’

    row E and column x  ‘b’

    row L and column o  ‘z’

    ...

[cf. J. Leiwo, VU, NL]


C one time pads 1 l.jpg
c. One-Time Pads (1)

  • OPT - variant of using Vigenère Tableaux

    • Fixes problem with VT: key used might be too short

      • Above: ‘EXODUS’ – 6 chars

    • Sometimes considered a perfect cipher

      • Used extensively during Cold War

  • One-Time Pad:

    • Large, nonrepeating set of long keys on pad sheets/pages

    • Sender and receiver have identical pads

  • Example:

    • 300-char msg to send, 20-char key per sheet

      => use & tear off 300/20 = 15 pages from the pad


One time pads 2 l.jpg
One-Time Pads (2)

  • Example – cont.:

    • Encryption:

      • Sender writes letters of consecutive 20-char keys above the letters of P (from the pad 15 pages)

      • Sender encipher P using Vigenère Tableaux (or other prearranged chart)

      • Sender destroys used keys/sheets

    • Decryption:

      • Receiver uses Vigenère Tableaux

      • Receiver uses the same set of consecutive 20-char keys from the same 15 consecutive pages of the pad

      • Receiver destroys used keys/sheets


One time pads 3 l.jpg
One-Time Pads (3)

  • Note:

    • Effect: a key as long as the message

      • If only key length ≤ the number of chars in the pad

    • The key is always changing (and destroyed after use)

  • Weaknesses

    • Perfect synchronization required between S and R

      • Intercepted or dropped messages can destroy synchro

    • Need lots of keys

    • Needs to distribute pads securely

      • No problem to generate keys

        • Problem: printing, distribution, storing, accounting

    • Frequency distribution not flat enough

      • Non-flat distribution facilitates breaking


Types of one time pads l.jpg
Types of One-Time Pads

  • Vernam Cipher

    • = (lttr + random nr) mod 26 (p.48)

    • Need (pseudo) random nr generator

    • E.g., V = 21; (V +76) mod 26 = 97 mod 26 = 19; 19 = t

  • Book Ciphers(p.49)

    • Book used as a pad

      • need not destroy – just don’t reuse keys

    • Use common Vigenère Tableaux

    • Details: textbook

      • Incl. example of breaking a book cipher

        • Bec. distribution not flat


Slide19 l.jpg

  • Question:

    Does anybody know other ciphers using books?

    Or invent your own cipher using books?


Slide20 l.jpg

Page 52 from a book:

ever, making predictions in ten letter

seven of those secret positi

gorithm

52

  • Question:

    ...other ciphers using books?

  • My examples:

    • Use any agreed upon book

    • P: SECRET

  • Example 1:

    Use:

    (page_nr, line_nr, letter_in_line)

    C: 52 2 1 52 1 1 52 1 16 ...

    Better: use different pages for each char in P

  • Example 2:

    Use:

    (page_nr, line_nr, word_nr)

    C: 52 2 4

  • Computer can help find words in a big electronic book quickly!


  • Slide21 l.jpg

    2B.2. Transposition Ciphers (1)

    • Rearrange letters in plaintext to produce ciphertext

    • Example 1a and 1b: Columnar transposition

      • Plaintext: HELLO WORLD

      • Transposition onto: (a) 3 columns:

        HEL

        LOW

        ORL

        DXX XX - padding

      • Ciphertext (read column-by column):

        (a) hlodeorxlwlx

        (b) hloolelwrd

      • What is the key?

        • Number of columns: (a) key = 3 and (b) key = 2

    • (b) onto 2 columns:

      • HE

      • LL

      • OW

      • OR

      • LD


    Slide22 l.jpg

    Transposition Ciphers (2)

    • Example 2: Rail-Fence Cipher

      • Plaintext: HELLO WORLD

      • Transposition into 2 rows (rails) column-by-column:

        HLOOL

        ELWRD

      • Ciphertext:hloolelwrd(Does it look familiar?)

      • What is the key?

        • Number of rails key = 2

    [cf. Barbara Endicott-Popovsky, U. Washington]


    Slide23 l.jpg

    Attacking Transposition Ciphers

    • Anagramming

      • n-gram – n-char strings in English

        • Digrams (2-grams) for English alphabet are are: aa, ab, ac, ...az, ba, bb, bc, ..., zz(262 rows in digram table)

        • Trigrams are: aaa, aab, ...(263 rows)

        • 4-grams(quadgrams?) are: aaaa, aaab, ...(264 rows)

    • Attack procedure:

      • If 1-gram frequencies in C match their freq’s in Englishbut other n-gram freq’s in C do not match their freq’s in English, then it is probablya transposition encryption

      • Find n-grams with the highest frequencies in C

        • Start with n=2

      • Rearrange substringsin C to form n-grams with highest freq’s

    [cf. Barbara Endicott-Popovsky, U. Washington]


    Slide24 l.jpg

    Example: Step 1

    Ciphertext C: hloolelwrd(from Rail-Fence cipher)

    • N-gram frequency check

      • 1-gram frequencies in Cdomatch their frequencies in English

      • 2-gram(hl, lo, oo, ...) frequenciesin C do notmatchtheir frequencies in English

        • Question: How frequency of „hl” in C is calculated?

      • 3-gram (hlo, loo, ool, ...)frequenciesin C do notmatch their frequencies in English

      • ...

        =>it is probablya transposition

    • Frequencies in Englishfor all2-grams from C starting with h

      • he 0.0305

      • ho 0.0043

      • hl, hw, hr, hd < 0.0010

    • Implies that in hloolelwrdefollows h

    as table of freq’s of English digrams shows

    [cf. Barbara Endicott-Popovsky, U. Washington]


    Slide25 l.jpg

    Example: Step 2

    • Arrange so the h and e are adjacent

      Since 2-gram suggests a solution, cut C into 2 substrings – the 2nd substring starting with e:

      hloolelwrd

      Put them in 2columns:

      he

      ll

      ow

      or

      ld

    • Read row by row, to get original P: HELLO WORLD

    [cf. Barbara Endicott-Popovsky, U. Washington]


    2b 3 product ciphers l.jpg
    2B.3. Product Ciphers

    • A.k.a. combination ciphers

    • Built of multiple blocks, each is:

      • Substitution

        or:

      • Transposition

    • Example: two-block product cipher

      • E2(E1(P, KE1), KE2)

    • Product cipher might not be stronger than its individual components used separately!

      • Might not be even as strong as individual components


    Slide27 l.jpg

    Survey of Students’Backgroundand Experience (1)

    Background Survey

    CS 5950/6030 Network Security - Fall 2005

    Please print all your answers.

    First name: __________________________ Last name: _____________________________

    Email _____________________________________________________________________

    Undergrad./Year________OR:Grad./Year or Status (e.g., Ph.D. student) ________________

    Major _____________________________________________________________________

    PART 1. Background and Experience

    1-1) Please rate your knowledge in the following areas (0 = None, 5 = Excellent).

    UNIX/Linux/Solaris/etc. Experience (use, administration, etc.)

    0 1 2 34 5

    Network Protocols (TCP, UDP, IP, etc.)

    0 1 2 34 5

    Cryptography (basic ciphers, DES, RSA, PGP, etc.)

    0 1 2 34 5

    Computer Security (access control, security fundamentals, etc.)

    0 1 2 34 5

    Any new students

    who did not fill out the survey?


    2c making good ciphers l.jpg
    2C. Making „Good” Ciphers

    Cipher = encryption algorithm

    • Outline

      2C.1. Criteria for „Good” Ciphers

      2C.2. Stream and Block Ciphers

      2C.3. Cryptanalysis

      2C.4. Symmetric and Asymmetric Cryptosystems


    2c 1 criteria for good ciphers 1 l.jpg
    2C.1. Criteria for „Good” Ciphers (1)

    • „Good” depends on intended application

      • Substitution

        • C hides chars of P

        • If > 1 key, C dissipates high frequency chars

      • Transposition

        • C scrambles text => hides n-grams for n > 1

      • Product ciphers

        • Can do all of the above

      • What is more important for your app?

        What facilities available to sender/receiver?

        • E.g., no supercomputer support on the battlefield


    Criteria for good ciphers 2 l.jpg
    Criteria for „Good” Ciphers (2)

    • Claude Shannon’s criteria (1949):

      1. Needed degree of secrecy should determine amount of labor

      • How long does the data need to stay secret?

        (cf. Principle of Adequate Protection)

        2. Set of keys and enciphering algorithm should be free from complexity

      • Can choose any keys or any plaintext for given E

      • E not too complex (cf. Principle of Effectiveness)

        3. Implementation should be as simple as possible

      • Complexity => errors(cf. Principle of Effectiveness)

    [cf. A. Striegel]


    Criteria for good ciphers 3 l.jpg
    Criteria for „Good” Ciphers (3)

    • Shannon’s criteria (1949) – cont.

      4. Propagation of errors should be limited

      • Errors happen => their effects should be limited

        • One error should not invlidate the whole C

          (None of the 4 Principles — Missing? — Invent a new Principle?)

          5. Size / storage of C should be restricted

      • Size (C) should not be > size (P)

      • More text is more data for cryptanalysts to work with

      • Need more space for storage, more time to send

        (cf. Principle of Effectiveness)

  • Proposed at the dawn of computer era –

    still valid!

  • [cf. A. Striegel]


    Criteria for good ciphers 4 l.jpg
    Criteria for „Good” Ciphers (4)

    • Characteristics of good encryption schemes

      • Confusion:

        interceptor cannot predict what will happen to C when she changes one char in P

        • E with good confusion:

          hideswell relationship between P”+”K, and C

      • Diffusion:

        changes in P spread out over many parts of C

        • Good diffusion => attacker needs access to much of C to infer E


    Criteria for good ciphers 5 l.jpg
    Criteria for „Good” Ciphers (5)

    • Commercial Principles of Sound Encryption Systems

      1. Sound mathematics

      • Proven vs. not broken so far

        2. Verified by expert analysis

      • Including outside experts

        3. Stood the test of time

      • Long-term success is not a guarantee

        • Still. Flows in many E’s discovered soon after their release

  • Examples of popular commercial E’s:

    • DES / RSA / AES

  • DES = Data Encryption Standard

    RSA = Rivest-Shamir-Adelman

    AES = Advanced Encryption Standard (rel. new)

    [cf. A. Striegel]