CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.

CS1001CS1001

Lecture 24Lecture 24

OverviewOverview

EncryptionEncryption Artificial IntelligenceArtificial Intelligence Homework 4Homework 4

ReadingReading

Brookshear, 11.6Brookshear, 11.6 Brookshear, 10Brookshear, 10

Homework 4Homework 4

Check CourseworksCheck Courseworks Problems based onProblems based on

– Handout (Smullyan, Natural Handout (Smullyan, Natural Deduction)Deduction)

– Question from Ch. 10Question from Ch. 10– Question from Ch. 11Question from Ch. 11

Some Trivial SchemesSome Trivial Schemes Caesar cipher: substitution cipher:Caesar cipher: substitution cipher:

– A A D, B D, B E E Captain Midnight Secret Decoder rings:Captain Midnight Secret Decoder rings:

– shift variable by shift variable by nn: IBM : IBM HAL, or : HAL, or : (letter + offset) mod 26(letter + offset) mod 26

– only 26 possible ways of secret coding.only 26 possible ways of secret coding. Monoalphabetic cipher: Monoalphabetic cipher:

– generalization, arbitrary mapping of one letter generalization, arbitrary mapping of one letter to anotherto another

– 26!, approximately 4 26!, approximately 4 10 102626

– statistical analysis of letter frequenciesstatistical analysis of letter frequencies One-time padOne-time pad

– A random sequence of 0’s and 1’s XORed to A random sequence of 0’s and 1’s XORed to plaintextplaintext

DefinitionsDefinitions

Process data into unintelligible Process data into unintelligible form, reversible, without data lossform, reversible, without data loss

Usually one-to-one (not Usually one-to-one (not compression)compression)

Other services:Other services:– Integrity checking: no tamperingIntegrity checking: no tampering– Authentication: not an imposterAuthentication: not an imposter

Plaintext Plaintext encryptionencryption ciphertext ciphertext decryption decryption

plaintextplaintext

Computational Computational DifficultyDifficulty

Algorithm needs to be efficient.Algorithm needs to be efficient.– Otherwise only short keys can be used.Otherwise only short keys can be used.

Most schemes can be broken: depends on Most schemes can be broken: depends on $$$.$$$.– E.G. Try all possible keys.E.G. Try all possible keys.

Longer key is often more secure:Longer key is often more secure:– Encryption Encryption OO((NN+1).+1).– Brute-force cryptanalysis: Brute-force cryptanalysis: OO((22NN+1+1), twice as ), twice as

hard with each additional bit.hard with each additional bit. Cryptanalysis tools:Cryptanalysis tools:

– Special-purpose hardware.Special-purpose hardware.– Parallel machines.Parallel machines.– Internet coarse-grain parallelism.Internet coarse-grain parallelism.

Secret Key vs. Secret Secret Key vs. Secret AlgorithmAlgorithm Secret algorithm: additional hurdleSecret algorithm: additional hurdle Hard to keep secret if used widely:Hard to keep secret if used widely:

– Reverse engineering, social Reverse engineering, social engineeringengineering

Commercial: publishedCommercial: published– Wide review, trustWide review, trust

Military: avoid giving enemy good Military: avoid giving enemy good ideasideas

Cryptanalysis: Cryptanalysis: Breaking an Encryption Breaking an Encryption SchemeScheme Ciphertext only:Ciphertext only:

– Exhaustive search until “recognizable Exhaustive search until “recognizable plaintext”plaintext”

– Need enough ciphertextNeed enough ciphertext Known plaintext:Known plaintext:

– Secret may be revealed (by spy, time), thus Secret may be revealed (by spy, time), thus <ciphertext, plaintext> pair is obtained<ciphertext, plaintext> pair is obtained

– Great for monoalphabetic ciphersGreat for monoalphabetic ciphers Chosen plaintext:Chosen plaintext:

– Choose text, get encryptedChoose text, get encrypted– Useful if limited set of messagesUseful if limited set of messages

Models for Evaluating Models for Evaluating SecuritySecurity Unconditional security (perfect secrecy)Unconditional security (perfect secrecy)

– Observation of ciphertext provides no Observation of ciphertext provides no informationinformation

– Uncertainty/entropy Uncertainty/entropy HH((pp)=)=HH((pp||cc)) Complexity-theoretic securityComplexity-theoretic security Provable securityProvable security

– As difficult to break as solving well-known As difficult to break as solving well-known and and supposedlysupposedly difficult problem difficult problem

Computational securityComputational security Ad hoc securityAd hoc security

Brute Force AttacksBrute Force Attacks Number of encryption/sec: 1 Number of encryption/sec: 1

million to 1 billion/secmillion to 1 billion/sec 56-bit key broken in 1 week with 56-bit key broken in 1 week with

120,000 processors ($6.7m)120,000 processors ($6.7m) 56-bit key broken in 1 month with 56-bit key broken in 1 month with

28,000 processors ($1.6m)28,000 processors ($1.6m) 64-bit key broken in 1 week with 64-bit key broken in 1 week with

3.1 3.1 10 1077 processors ($1.7b) processors ($1.7b) 128-bit key broken in 1 week with 128-bit key broken in 1 week with

5.6 5.6 10 102626 processors processors

Types of CryptographyTypes of Cryptography

Hash functions: no keyHash functions: no key Secret key cryptography: one keySecret key cryptography: one key Public key cryptography: two keys Public key cryptography: two keys

- public, private- public, private

Secret Key Secret Key CryptographyCryptography Same key is used for encryption Same key is used for encryption

and decryptionand decryption– Symmetric cryptographySymmetric cryptography

Ciphertext approximately the same Ciphertext approximately the same length as plaintextlength as plaintext

Substitution codes, DES, IDEASubstitution codes, DES, IDEA Message transmission: Message transmission:

– Agree on key (but how?)Agree on key (but how?)– Communicate over insecure channelCommunicate over insecure channel

Secure storage: Secure storage: cryptcrypt

Secret Key Cryptography Secret Key Cryptography (Cont’d)(Cont’d) Strong authentication: prove Strong authentication: prove

knowledge of key without revealing it:knowledge of key without revealing it:– Send challenge Send challenge rr, verify the returned , verify the returned

encrypted {encrypted {rr}}– Fred can obtain chosen plaintext, Fred can obtain chosen plaintext,

cihpertext pairscihpertext pairs Challenge should chosen from a large poolChallenge should chosen from a large pool

Integrity check: fixed-length Integrity check: fixed-length checksum for messagechecksum for message– Send MIC along with the messageSend MIC along with the message

Public Key CryptographyPublic Key Cryptography

Asymmetric cryptographyAsymmetric cryptography Invented/published in 1975Invented/published in 1975 Two keys: private (Two keys: private (dd), public (), public (ee))

– Encryption: public key; Decryption: Encryption: public key; Decryption: private keyprivate key

– Signing: private key; Verification: Signing: private key; Verification: public keypublic key

Much slower than secret key Much slower than secret key cryptographycryptography

Public Key Cryptography Public Key Cryptography (Cont’d)(Cont’d) Data transmission:Data transmission:

– Alice encrypts Alice encrypts mmaa using using eeBB, Bob decrypts to , Bob decrypts to mmaa using using ddbb..

Storage:Storage:– Can create a safety copy: using public key of Can create a safety copy: using public key of

trusted person.trusted person. Authentication:Authentication:

– No need to store secrets, only need No need to store secrets, only need public public keys.keys.

– Secret key cryptography: need to share Secret key cryptography: need to share secretsecret key for every person to communicate key for every person to communicate with.with.

Public Key Cryptography Public Key Cryptography (Cont’d)(Cont’d)

Digital signaturesDigital signatures– Encrypt Encrypt hashhash hh((mm) with private key) with private key

AuthorshipAuthorship IntegrityIntegrity Non-repudiation: can’t do with secret key Non-repudiation: can’t do with secret key

cryptographycryptography

Hash AlgorithmsHash Algorithms Message digests, one-way Message digests, one-way

transformationstransformations Length of Length of hh((mm) much shorter then ) much shorter then

length of length of mm Usually fixed lengths: 48-128 bitsUsually fixed lengths: 48-128 bits Easy to compute Easy to compute hh((mm) ) Given Given hh((mm), no easy way to find ), no easy way to find mm Computationally infeasible to find Computationally infeasible to find mm11, ,

mm22 s.t. s.t. hh((mm11) = ) = hh((mm22)) Example: (Example: (mm++cc))22, take middle , take middle nn digits digits

Hash Algorithms Hash Algorithms (Cont’d)(Cont’d) Password hashing Password hashing

– Doesn’t need to know password to verify Doesn’t need to know password to verify itit

– Store Store hh((pp++ss), ), ss (salt), and compare it with (salt), and compare it with the user-entered the user-entered pp

– Salt makes dictionary attack less Salt makes dictionary attack less convenientconvenient

Message integrityMessage integrity– Agree on a password Agree on a password pp– Compute Compute hh((pp||mm) and send with ) and send with mm– Doesn’t require encryption algorithm, so Doesn’t require encryption algorithm, so

the technology is exportablethe technology is exportable

Public Key Crypto’s Public Key Crypto’s TrickTrick Consider the Knapsack problem Consider the Knapsack problem

(p482)(p482) We have a knapsack filled with We have a knapsack filled with

numbersnumbers The goal is to select out a series of The goal is to select out a series of

numbers that adds to some numbers that adds to some desired numberdesired number

How do we do this How do we do this efficientlyefficiently??

The TrickThe Trick

The trick is factoringThe trick is factoring You know ahead of time what You know ahead of time what

certain properties of the number certain properties of the number will be. This allows you to reduce will be. This allows you to reduce the problem to a computable onethe problem to a computable one

Otherwise, you are dealing with a Otherwise, you are dealing with a non-polynomial problemnon-polynomial problem

Artificial IntelligenceArtificial Intelligence

Reasoning (Production SystemsReasoning (Production Systems– Goal is to Goal is to derivederive a solution given facts and a solution given facts and

rulesrules SearchingSearching

– You are given facts and rules and You are given facts and rules and searchsearch all all possible combinations to find some desired possible combinations to find some desired solution (usually minimum/max)solution (usually minimum/max)

HeuristicsHeuristics– Operate based on guidelines you know to Operate based on guidelines you know to

be true about a problembe true about a problem

A Production SystemA Production System

Artificial IntelligenceArtificial Intelligence

Neural NetworksNeural Networks Genetic AlgorithmsGenetic Algorithms Machine LearningMachine Learning