8. Cryptography1 ISA 562 Information Security Theory & Practice Introduction to Cryptography.
Post on 25-Dec-2015
221 Views
Preview:
Transcript
8. Cryptography 2
Agenda
• Basics & Definitions• Classical Cryptography• Symmetric (Secret Key) Cryptography• DES (Data Encryption Standard)• Multiple Encryptions• Modes of Block Cipher Operations• Math Essential• Asymmetric (Public Key) Cryptography
8. Cryptography 3
Basic Definitions
Cryptography– Crypt = secret– Graph = writing
• science / art of transforming meaningful information into unintelligible text
Relies on mathematics (number theory, algebra)Cryptanalysis • science / art of breaking cryptographic codesCryptology • science / art / study of cryptography and
cryptanalysis
8. Cryptography 4
Applications of Cryptography
• Assuring document integrity• Assuring document confidentiality• Authenticating parties• Document signature• Non-repudiation• Secure transactions• Exchanging keys• Sharing Secrets• Digital cash• Preserving anonymity• Copyright protection …
8. Cryptography 5
Cryptographic Services (I)
Starting from BasicsA B A B
Ca) Source Integrity b) Data Confidentiality Normal Flow Eavesdropping
A B A B C C
c) Data Integrity d) Source Authentication
Modification Fabrication
8. Cryptography 7
Encryption/DecryptionPlaintext ciphertext Plaintext
encryption decryption
key key
• Plaintext: message in original form• Ciphertext: message in the transformed, unrecognized form• Encryption: process that transforms a plaintext into a ciphertext• Decryption: process that transforms a ciphertext back to plaintext• Key: value used to control encryption/decryption.
8. Cryptography 8
Cryptanalytic AttackAttacker only knows Ciphertext– Tries to reveal plaintext and/or key
• Attacker Knows Plaintext, Ciphertext Pairs <plaintext , ciphertext>– Cryptanalysis tries to reveal the key– Relevant when plaintext is known or can be obtained
• Attacker chooses a Plaintext –and receives the Ciphertext– Cryptanalysis tries to reveal the key– Relevant when attacker can “inject” a plaintext message
8. Cryptography 9
Classical Cryptography
Cryptography used by early civilizations (including Egyptians, Greeks, Romans) for Secrecy
Confidentiality now includes Integrity, Authentication & Authenticity, and in sometimes Non-Repudiation.
• Early cryptography mainly encryption by substitution and/or transposition methods– They were simple because of the lack of computing
engines– Could easily be attacked• Same ideas in use today but with stronger properties
and powerful computing engines
8. Cryptography 10
Substitution Ciphers (1)
Caesar Cipher: fixed permutation (move 3 up in the alphabet)
a b c d e f g h i j k l m n o p q r s t u v w x y zd e f g h i j k l m n o p q r s t u v w x y z a b c
Algorithm is:C = ENC( P ) = P + 3 (mod 26)
For example: GMU →JPX• The secrecy is in the algorithm !• There is one key (fixed permutation)• Easy to break
8. Cryptography 11
Substitution Ciphers (2)Shift Cipher similar to Caesar Cipher, but there is a cyclic shift of the 26
letters of the alphabet by key K, where0 ≤ K < 26.• Algorithm:C = ENCK( P ) = P + K (mod 26)
There are 26 different keys• Easy to break – check which of 26 possible keys returns thea meaningful plaintext• Decipher HAL (the computer from the movie 2001: A SpaceOdyssey) using a shift cipher of one.– So the shift variable n=1.• • HAL ?
8. Cryptography 12
Mono-Alphabetic Ciphers
Generalization: arbitrary mapping of one letter toanother• One of N! permutations on N letters of the alphabet• The key is the index of the permutation• Key is secret (one of N! options)• Example:– N = 26 letters of the English alphabet– N! = 26! ≈ 4 • 1026 ≈ 288 permutations or 309 Septillion– ≈ 309,485,009,821,345,000,000,000,000 permutations• IS IT SECURE?Not with Frequency Analysis
8. Cryptography 13
Cryptanalysis Attacking Mono-Alphabetic Ciphers
Began in later part of the first millennium AD in the Middle East.
• Frequency analysis is the study of the frequency of occurrence of letters. (statistics) • First treatise on it was written by
• Ab‾uY‾us‾uf Ya‘q‾ub ibn Is-h‾aq ibn as-Sabb‾ah• ibn ‘omr‾an ibn Isma‾il al-Kind‾i, the “philosopher• of the Arabs.”
8. Cryptography 14
Letter Frequency
Western Languages are redundant, they have a non-uniform distribution of about 26 letters.
• Each symbol of ciphertext depends on only onesymbol of plaintext and one value of the
permutation key, so guessing part of the key gives part of the plaintext.
• Attack proceeds by guessing parts of key corresponding to most common letters, which makes it possible to decipher an entire message.
8. Cryptography 16
Attacking Mono-Alphabetic Ciphers in English
Appearance frequency of letters (in long texts) in a language is well known. Appearance frequency of pairs of letters in a language is also well known:
th, ee, oo, tt, qu, is, ae, . . . Not zq, kv, etcAppearance frequency of certain words is also well defined:the ≈ 6.4% a ≈ 2.1% i ≈ 0.9%of ≈ 4.0% in ≈ 1.8% it ≈ 0.9%and ≈ 3.2% that ≈ 1.2% for ≈ 0.8%to ≈ 2.4% is ≈ 1.0% as ≈ 0.8%
8. Cryptography 17
Attacking Mono-Alphabetic Ciphers
Using the appearance frequencies of letters, words,and pairs-of-letters – accelerates the identification ofcertain letter substitutions (part of the key)
• Identification of word patterns, vowels, and consonants helps in finding parts of the text
• The identification of the remaining parts of the key now reduces the search space dramatically (from N!)
• Using heuristics and associative word-completions, the rest of the key can be easily revealed
– In English the most common letters: are E, T, A, O, I, N, S, H. more than half of all words end in E, T, D, S. Q is always followed by U.
– most common word is “THE.” and most common doublets are EE, TT, OO, SS, LL, FF.
– most common 2-letter combos: HE, RE, AN, TH, ER,IN.– most common 3-letter combos: ION, AND, ING, THE, ENT.
8. Cryptography 18
Possible solutions
• Do not use redundant letters, like the letter e– Done by French writer Georges Perec in 1969. He
published a 300-page novel La Disparition (The Disappearance)…translated into English by Gilbert Adair and called “A Void”
• Or use different Mono-Alphabetic Ciphers in different parts of the plaintext:“Poly-Alphabetic Ciphers”. Quite strong
• • Or group plaintext into blocks that go through a transformation
8. Cryptography 19
Vig`enere Cipher (I)
Blaise de Vig`enere: (1523) Created the cipher but unused almost 200 years.
• One type of Poly-Alphabetic Cipher The collection of Mono-Alphabetic Ciphers consists of the 26 options for Caesar Cipher (with K = 0, 1, 2, . . ., 25) where each of the 26 is given a letter, which is the ciphertext letter that replaces the letter ‘a’
In practice:• A table of 26 rows by 26 columns is built. Row i in the
table contains the 26 letters of the alphabet circularly shifted by i.
• A keyword is used (over and over again) to select which of the mono-alphabetic ciphers to use. The cipher used is selected by the current letter in the keyword.
8. Cryptography 20
The Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y ZA A B C D E F G H I J K L M N O P Q R S T U V W X Y ZB B C D E F G H I J K L M N O P Q R S T U V W X Y Z AC C D E F G H I J K L M N O P Q R S T U V W X Y Z A BD D E F G H I J K L M N O P Q R S T U V W X Y Z A B CE E F G H I J K L M N O P Q R S T U V W X Y Z A B C DF F G H I J K L M N O P Q R S T U V W X Y Z A B C D EG G H I J K L M N O P Q R S T U V W X Y Z A B C D E FH H I J K L M N O P Q R S T U V W X Y Z A B C D E F GI I J K L M N O P Q R S T U V W X Y Z A B C D E F G HJ J K L M N O P Q R S T U V W X Y Z A B C D E F G H IK K L M N O P Q R S T U V W X Y Z A B C D E F G H I JL L M N O P Q R S T U V W X Y Z A B C D E F G H I J KM M N O P Q R S T U V W X Y Z A B C D E F G H I J K LN N O P Q R S T U V W X Y Z A B C D E F G H I J K L MO O P Q R S T U V W X Y Z A B C D E F G H I J K L M NP P Q R S T U V W X Y Z A B C D E F G H I J K L M N OQ Q R S T U V W X Y Z A B C D E F G H I J K L M N O PR R S T U V W X Y Z A B C D E F G H I J K L M N O P QS S T U V W X Y Z A B C D E F G H I J K L M N O P Q RT T U V W X Y Z A B C D E F G H I J K L M N O P Q R SU U V W X Y Z A B C D E F G H I J K L M N O P Q R S TV V W X Y Z A B C D E F G H I J K L M N O P Q R S T UW W X Y Z A B C D E F G H I J K L M N O P Q R S T U VX X Y Z A B C D E F G H I J K L M N O P Q R S T U V WY Y Z A B C D E F G H I J K L M N O P Q R S T U V W XZ Z A B C D E F G H I J K L M N O P Q R S T U V W X Y
8. Cryptography 21
Class Exercise using Vig`enere Cipher
• Keyword: GMU
• • Plaintext: SECURITY
• • Ciphertext:
8. Cryptography 22
Attacking Vig`enere CipherCheck whether the cipher is Mono-Alphabetic– Check whether the appearance frequency of letters in the ciphertext
complies with that of a Mono-Alphabetic cipherDetermine the length of the keyword– If two identical sequences of plaintext letters occur at a distance that
is an integer multiple of the keyword length – than the two corresponding sequences of ciphertext letters will be identical
– Detect identical sequences of ciphertext letters– Conjecture that the keyword length is the GCD (greatest common
divisor) of distances between identical sequences of ciphertext• Neutralize shifts and break each of the suspected Mono-Alphabetic
Ciphers independently
8. Cryptography 23
Running Key Cipher One Time Pads
Running Key Does not use mathematical formula, instead uses everyday item such as a set of books
– Numbers give the book, page number, line number, and word number
One Time Pad
• Cipher only used for a small message and then destroyed
8. Cryptography 24
Transposition Methods
Letters rearranged in particular fashion
Plaintext buffered in size N bufer
Plaintext scrambled to a defiined order in buffer
Key is the transposition mapping
8. Cryptography 26
Rail-Fence Cipher
Method:• Plaintext written as a sequence of diagonals and
read as a sequence of rows
m e m t d y t
e t e o a a 9
8. Cryptography 27
Row-Column Cipher
Key is 2 4 1 5 3
A T T A C
K F R O M
E A S T A
T D A W N
Ciphertext is TRSAAKETCMANTFADAOTW
8. Cryptography 28
Attacking Transposition Methods
Pure Transposition Cipher easily recognized: it has same letter frequencies as original text
Di-grams and tri-grams also are visible
Arrange text in rectangle and move rows and columns
8. Cryptography 29
Rotor Machines
Combine Substitution and Transposition Methods
• produce ciphers that are very difficult to break
Rotor Machines in World War II: German “Enigma” and Japanese “Purple”
• Breaking by the Allies was a significant factor in the outcome of the war (Turing)
top related