1 / 36

Computer Security Set of slides 3

Computer Security Set of slides 3. Dr Alexei Vernitski. Another useful example of a Cipher. Vigenere’s cipher (16 th century) It is like Caesar’s cipher However, instead of one number acting as a key, a sequence of numbers is used, one for each letter of the plaintext

kordell
Download Presentation

Computer Security Set of slides 3

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Computer SecuritySet of slides 3 Dr Alexei Vernitski

  2. Another useful example of a Cipher Vigenere’s cipher (16th century) • It is like Caesar’s cipher • However, instead of one number acting as a key, a sequence of numbers is used, one for each letter of the plaintext • When you come to the end of the sequence, you start using it from the beginning again

  3. For discussion • Is Vigenere’s cipher more secure than Caesar’s cipher? • How does Vigenere’s cipher make the attacker’s statistical analysis of the cipher text difficult? • What statistical analysis can be applied to Vigenere’s cipher? • As to the key length of Vigenere’s cipher, what would you consider the safe length of the key?

  4. The key length The general conclusions: • If the key is longer, it is used fewer times in the encryption process, • therefore, the attacker can obtain less useful statistics from the cyphertext. • The ultimate case of this is the one-time pad, which is a key that is at least as long as the message.

  5. One-time pad • By a one-time pad we mean a Vigenere cipher whose key sequence (known as key stream) is as long as the message, and never reused. • A one-time pad cipher is unbreakable. Why?

  6. One-time pad • Venona project is an example of breaking incorrectly used one-time pads • Cryptanalysis by American and British code-breakers revealed that some of the one-time pad material had incorrectly been reused by the Soviets (specifically, entire pages, although not complete books), which allowed decryption (sometimes only partial) of a small part of the traffic. http://en.wikipedia.org/wiki/Venona_project

  7. Example: optical encryption • This is an unusual example of a one-time pad • This cipher is unbreakable • It can be used e.g. if one half is shown on the computer screen and the other is printed on a transparent film

  8. To encrypt a black pixel: The first slide The second slide and either or and

  9. To encrypt a white pixel: The first slide The second slide and either or and

  10. Towards ciphers in computers • Caesar’s cipher • Substitution cipher • Vigenere’s cipher • One-time pad (Vernam’s cipher) • In computers data is stored as bits, not as letters • How can one re-apply the principles of these classical ciphers to binary data?

  11. Substitution as XOR • Each bit of a block is either 0 or 1 • When you encrypt, one of two possible substitutions can be used: • Either 0 → 0, 1 → 1, • Or 0 → 1, 1 → 0. • Each of these two substitution can be produced by XORing this bit with 0 or 1

  12. Bitwise XOR • The same idea as in Vigenere’s cipher • The key is a binary array • The message is split in blocks • The length of the block is the same as the length of the key • Each bit of the block is XORed with the corresponding bit of the key

  13. Bitwise XOR: example block XOR key

  14. XOR • Each computer cipher uses • either XOR (typically, so-called stream ciphers) • or bit-wise XOR (typically, so-called block ciphers) • In your opinion, what is the main design problem of stream ciphers? • In your opinion, what is the main design problem of block ciphers?

  15. Block cipher • A message is a sequence of bits, for example:0110010100001011110… • We split the message in blocks of a fixed length • Each block is encrypted in exactly the same way, until the whole message is encrypted

  16. Block cipher • Each block is encrypted in exactly the same way, until the whole message is encrypted • Therefore, to make cryptoanalysis more difficult… • Each block should be sufficiently long (why?) • The encryption of each block should be good

  17. Permutation • Also called transposition • (but is NOT the same as substitution) • This is a rule directing how the order of bits should be changed, for example:

  18. Permutation • Permutation makes ciphers stronger • For example, probably nobody can break the Dorabella cipher because it uses both substitution and permutation • However, there are techniques designed to break ciphers based on substitution and permutation: for example, differential cryptanalysis

  19. Differential cryptanalysis • It is called ‘differential’ because the attacker studies how a small change in the plaintext block affects the encrypted block • It can be attempted against every cipher, but is especially successful against ciphers based on substitution and permutation • We present it in the scenario of a known plaintext attack • For the sake of an example, we consider a cipher with block length merely 4 bits

  20. Example of differential cryptanalysis • We shall apply differential cryptanalysis against a block cipher based only on applying a fixed permutation to each block and XOR of each block with a fixed binary array. • Suppose the following known plaintext blocks0000 1000 1100 0110 1111 • correspond to the following ciphertext blocks1001 1000 0000 0101 0110. • Break the cipher by determining exactly what permutation was applied and what binary array was used to XOR with each block.

  21. S-box • S-box or a substitution box is a function producing a highly non-linear substitution of bits in a binary array • In books, S-boxes are normally represented as look-up tables

  22. S-box: an example(in the form of a table as S-boxes are often represented in books)

  23. S-box: non-linearity For example, does the first bit of the output depend on the third bit of the input? Yes in a half of the cases, No in the other half of the cases

  24. Famous block ciphers • DES • Triple DES • AES

  25. A round in a Feistel cipher Left-hand part of the block Right-hand part of the block XOR F Left-hand part of the block Right-hand part of the block

  26. Rounds in a Feistel cipher Left-hand part of the block Right-hand part of the block XOR F Left-hand part of the block Right-hand part of the block F XOR Left-hand part of the block Right-hand part of the block

  27. DES • DES stands for Data Encryption Standard • This is a block cipher with the block size 64 and the key size 56 • Number of S-boxes: 8 • Number of rounds: 16 • Which of these parameters make DES an insecure cipher?

  28. Breaking DES • In 1998, a purpose-built computer Deep Crack decrypted a DES-encrypted text in only 56 hours • In 2012, a cloud computing tool allows members of the general public to recover a DES key from a known plaintext-ciphertext pair in about 24 hours.

  29. Triple DES • The algorithm is easy: • Encrypt with DES using key 1 • Decrypt with DES using key 2 • Encrypt with DES using key 3 • Why is Triple DES stronger than DES?

  30. AES • AES has been created in the 1990s to provide the businesses worldwide with a new common secure cryptosystem instead of DES • It has been tested by many cryptologists and is very good • AES can work with keys consisting of 128 or 192 or 256 bits (which is much better than the 56-bit keys of DES) • A cute cartoon guide to AES: http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html

  31. Modes of operation (of block ciphers) • What if blocks repeat because of the peculiar nature of your data? • What if you are sending the same message again? • How can we improve security in these scenarios?

  32. Homework • You might read that triple DES is ‘too slow’.For example:http://1.bp.blogspot.com/_Zfbv3mHcYrc/SreojET_QBI/AAAAAAAABkc/knYwS6AsM04/s1600-h/aes_act_1_scene_11_triple_des_1100.pngIn what sense and in what context can one be saying that triple DES is too slow? • Some experts think that the block length of DES is too short and, therefore, is insecure (why?). What is the block length of Triple DES? What is the block length of AES?

  33. Sample exam questions • Describe how an attack based on differential cryptanalysis can be organised against a block cipher • Explain briefly what an S-box is and how it contributes to security

  34. Sample exam questions • You work as a computer consultant. Your customer asks you which vulnerabilities were discovered in DES that made it necessary to invent new ciphers to replace DES. What will you reply? • You work as a computer consultant. Your customer asks you about a computer cipher called Triple AES. What will you reply?

  35. Sample exam questions • Explain how the short key length makes DES a weak cipher • Explain how the short block length might make DES a weak cipher

  36. Sample exam questions • Explain the difference between DES, Triple DES and AES. • State which one of them you would recommend to use.

More Related