Top Banner

Click here to load reader

of 23

1 Cryptography encryption authentication digital signatures one-way functions hash algorithms key generation, exchange and management

Mar 28, 2015



  • Slide 1

1 Cryptography encryption authentication digital signatures one-way functions hash algorithms key generation, exchange and management Slide 2 2 Encryption Transforming a message - the plaintext, into an unrecognisable (encrypted) form, called the ciphertext. To the layman this is known as coding and decoding messages. The proper terms are encrypting and decrypting. Slide 3 3 The intention is that if an encrypted message is intercepted, then the interceptor will not be able to interpret the ciphertext. Messages have been encrypted for many years using letter substitution for example. These days mathematical algorithms are used to encrypt and decrypt messages using computers. Slide 4 4 Caesars Cipher To encrypt a message written using the English alphabet A..Z Each letter in the plaintext message is replaced by the letter k places along in the alphabet (where k is between 0 and 25 inclusive) wrapping around to the beginning of the alphabet if necessary. To decrypt the message, each letter is replaced by the letter 26-k places along. Slide 5 5 Caesars cipher with k=5 Slide 6 6 Substitution cipher Slide 7 7 Substitution cipher 2 (using Brighton Rock) Slide 8 8 The Key One of the reasons for enciphering this text is to show the reader how easily this type of cipher can be broken... Slide 9 9 Definitions The sender A (Alice) wants to send a message m (the plaintext) to a receiver B (Bob). Alice encrypts the message using an encryption key e and an encryption algorithm f to produce a ciphertext c=f(m,e) To decrypt the ciphertext c, Bob uses his decryption key d and a decryption algorithm g to obtain the original message m=g(c,d) Slide 10 10 A property of the encryption process must be that Bob retrieves the original message. Thus for a particular pair of keys e,d, it must be true that for every m in M, if m encrypts to c, then c decrypts to m. Hence for every m in M: if c=f(m,e) then m=g(c,d) or g(f(m,e),d)=m Slide 11 11 Alice keeps the encryption key e secret and Bob keeps the decryption key d secret. Alice and Bob may know each others keys (this is true for symmetric key algorithms) or they might not (in public key cryptosystems). If the message is very long it might be broken up into shorter blocks. Each block is then encrypted and decrypted separately. Slide 12 12 The characters of the message come from a message alphabet M and the ciphertext will be characters of the ciphertext alphabet C The two alphabets M and C may be the same but they could be different. A cryptosystem refers to all the aspects of a particular encryption system, so includes the information about the message and ciphertext alphabets, the encryption and decryption algorithms, the method of blocking and the allowable keys. Slide 13 13 The keyspace K is the set of all possible encryption keys. We usually include the trivial keys in the key space even though they will not be used. The enemy in the cryptosystem is the person who intercepts the message and tries to gain unauthorised information. Such a person is called a cryptanalyst and is usually given the name Charles. A cryptographer is someone who studies all aspects of cryptosystems. Slide 14 14 What Charles might try to do: Determine the message without determining either key Determine the decryption key so that he can decrypt the message (and other messages encrypted using the same encryption key) Determine the encryption key so that he can determine the decryption key Determine the encryption key so that he can masquerade as Alice Slide 15 15 When considering the security of an encryption algorithm, it is best to assume that Charles, the enemy, has knowledge of the encryption and decryption algorithms, the key space and the methods of blocking. In fact assume that Charles knows everything except the keys used. Also assume that Charles has adequate computing power, finance and expertise on his side. Slide 16 16 Attacks on a cryptosystem We always assume that Charles has all the information on a particular cryptosystem except for the keys used. What sort of attack he can launch depends on what other information he has. Types of attack are called: Slide 17 17 Types of attack: ciphertext only known message probable known message chosen message chosen ciphertext chosen message and ciphertext Slide 18 18 Methods of Attack The cryptanalyst has various strategies that he can use. Following are brief explanations of three of them: Slide 19 19 1. Try all possible decryption keys The success of this will depend on the size of the keyspace the redundancy in the message How long it takes to recover the key depends on the number of keys how long it takes to investigate each key Slide 20 20 2. Analyse the ciphertext statistically For example, if the cryptosystem uses a substitution cipher on an English text message, a frequency count on the letters of the ciphertext will give an indication of the substitutions used for the most commonly used letters. Redundancy in the English language will give away the rest of the key. Slide 21 21 Blocking the message into groups of say 8 characters makes this kind of attack much harder. For example, the ciphertext G QT Q TQZ can be decrypted quite easily However, a similar message (encrypted with a different key and blocked together) is SRYSRSP which isnt quite so easy to decrypt. Slide 22 22 3. Differential Cryptanalysis This method requires Charles to generate a large number of messages which only differ by a small amount, persuading Alice to encrypt them, and then analysing the corresponding ciphertexts. Slide 23 23 Properties of a good cryptosystem A large alphabet M to make it hard to do statistical analysis A large keyspace to make it hard to do exhaustive keyspace search Speed of execution (for high message throughput) The same algorithm for encryption and decryption (to reduce costs)