Cryptography Instructor: Dr. Yanqing Zhang Presented by: Rajapaksage Jayampthi S
Dec 24, 2015
OutlineSection I (Theory)
Introduction Symmetric Key Cryptography
Examples Key Issues
Public Key Encryption Algorithms
Comparison of Cryptographic systems Hybrid Secret-Public Key Cryptography
Section II (Recent Work) Quantum Cryptography: A New Generation of
Information Technology Security System [Mehrdad S. Sharbaf, 2009]
Section III (Future Work)
Introduction
Intruders can get the encrypted data, but can not do anything with it.
Encryption techniques are published, standardized and available to every one.
Must be some bit of secret information (key) that prevent an intruder from decrypting .
Introduction (contd.)
Symmetric key cryptography: encryption and decryption keys are identical. the key must be kept secret. The encryption and decryption functions used can be
the same or different. Public key cryptography:
different keys for encryption and decryption (one public, the other private).
plaintext plaintextciphertext
KA
encryptionalgorithm
decryption algorithm
Alice’s encryptionkey
Bob’s decryptionkey
KB
Symmetric Key Cryptography Cryptographic algorithms involve substituting one
thing for another, in many possible ways. Caesar cipher:
Substitution with an offset of β for all letters Eg if β = 4 then a-> d b-> e there are only 25 possible keys available. Easy to break.
monoalphabetic cipher: substitute one letter for another; now there are 26! possibilities.
polyalphabetic cipher:
plaintext: abcdefghijklmnopqrstuvwxyzciphertext: mnbvcxzasdfghjklpoiuytrewq
Plaintext: bob. i love you. alice
ciphertext: nkn. s gktc wky. mgsbc
Symmetric Key Cryptography: Examples Examples:
ROT13: Very simple rotation algorithm Caesar cipher: Another (better) rotation algorithm crypt: Original Unix encryption program DES: Data Encryption Standard [NIST 1993] AES: Advanced Encryption Standard Skipjack: U.S. National Security Agency developed
algorithm (classified) DES: Data Encryption Standard
In 1997 DES was cracked in only 140 days by a team
In 1999 DES was cracked in little over 22 hours by a network of volunteers and special purpose computer.
Symmetric Key Cryptography (contd.)
How to break simple encryption scheme Brute force: attempt all possibilities
Simple with the Caesar cipher, but gets quite difficult with monoalphabetic or polyalphabetic ciphers.
Ciphertext-only attack: use statistics and other information to decrypt intercepted ciphertext
Known-plaintext attack: if some of the plaintext is known, one could uncover some of the plaintext-ciphertext mappings, making decryption easier.
Chosen-plaintext attack: the intruder can choose the plaintext message and receive the ciphertext form. Can break the encryption scheme.
Symmetric Key Cryptography: Key Issues
How do sender and receiver agree on key value?
How is the agreed upon key distributed to both sender and receiver in a secure fashion?
plaintextciphertext
KA-B
encryptionalgorithm
decryption algorithm
KA-B
plaintextmessage, m
K (m)A-B
K (m)A-Bm = K ( )
A-B
Public Key Encryption
Diffie-Hellman 1976: the first public key approach proposed.
Sender and receiver do not share secret key Public key is available to every one Private key is known by only receiver
Public Key Encryption (contd.)
plaintextmessage, m
ciphertextencryptionalgorithm
decryption algorithm
Bob’s public key
plaintextmessageK (m)
B+
K B+
Bob’s privatekey
K B-
m = K (K (m))B+
B-
Public Key Encryption (contd.)
plaintextmessage, m
ciphertextencryptionalgorithm
decryption algorithm
Alice’s private key
plaintextmessageK (m)
A-
K A-
Alice’s publickey
K A+
m = K (K (m))A-
A+
Public Key Encryption (contd.)
Result is the sameif one key can decrypt a message, it
must have been encrypted by the other.
It must be extremely difficult, if not impossible, to deduce the private key when given a public key.
K (K (m)) = m BB
- +K (K (m))
AA+ -
=
Public Key Encryption Algorithms
Diffie-Hellman: the first public key approach proposed.
RSA: the best known public key system, developed by Rivest, Shamir, and Adleman (hence RSA).
DSA: Digital Signature Algorithm, developed by the U.S. National Security Agency (NSA).
Comparison of Cryptographic systems With suitable keys and algorithms, both
methods can be secure enough for most purposes.
To use symmetric cryptography, both parties must know the secret key, which can be quite inconvenient.
To use public key cryptography, one only needs to find the public key to communicate with someone else, which can be a lot more convenient.
Encrypting and decrypting a lot of information with public key cryptography can be painfully slow in comparison to symmetric cryptography.
Hybrid Secret-Public Key Cryptography combine the strengths of symmetric and
public key cryptography, and avoid their weaknesses.
When two parties want to communicate securely, public key cryptography is used to exchange a random symmetric session key. Since the session key is encrypted, we can ensure
secrecy and mutual authentication. Since secret key cryptography is used, this can be
done relatively efficiently. When done, both parties destroy the session
key. If communication is required in the future, this process is repeated from the beginning to obtain a completely new session key.
Introduction Apply the phenomena of quantum physics Relies on
The Heisenberg Uncertainty principle The principle of photon polarization
classical cryptography communicating parties need to share the keys protocols based on mathematical algorithms
introduce security holes rarely on refresh their cryptography keys unproven computational assumptions Not efficient Can break
Quantum Cryptography What are qubits?
both in state 0 and state 1 can exists
In classical register composed of three bits can store in a given moment of time only one out of eight different numbers
register composed of three qubits can store in a given moment of time all eight numbers in a quantum superposition
Quantum Cryptography (contd.) Why Quantum Cryptography is secure?
when measuring the polarization of a photon, the choice of what direction to measure affects all subsequences measurements.
photons can be easily polarized (by photon polarization principle)
intruder can not copy unknown qubits (no-cloning theorem).
presence of the intruder can be determined
Harvard, and Boston University built the DARPA quantum network, the world’s first network that delivers end-to-end network security via highspeed quantum key distribution, and tested that network against sophisticated eavesdropping attacks.
Future Direction of Quantum CryptographyDistance limitation
quantum key distribution distances are limited to tens of kilometers because of optical amplification destroys the qubit state.
Develop optical devices capable of generating, detecting and guiding single photons.
Lack of a security certification process or standard for the equipment.
Reassurance QKD is theoretically sound. (By experiments)
Referances [1].
http://en.wikipedia.org/wiki/Quantum_Cryptography
[2]. Mehrdad S. Sharbaf,” Quantum Cryptography: A New Generation of Information Technology Sec urity System”, 2009 IEEE
[3]. Computer Networking A Top-Down Approach Featuring the Internet James F. Kurose and Keith W. Ross
[4].http://www.quantiki.org/wiki/index.php/What_is_Quantum_Computation%3F
[5].http://www.quantiki.org/wiki/index.php/Shor%27s_factoring_algorithm