8/27/2013 4:40:35 PM week01-crypto.ppt 1 Introduction to Basic Crypto Schemes • In order to achieve confidentiality but at the same communicate/exchange information with intended parties, the information must be hidden from others • But how? – By encryption/decryption – By obscurity
By Obscurity – An Example 4/26/2017 By Obscurity – An Example A cover image (no message) 8/27/2013 4:40:36 PM week01-crypto.ppt CIS5370 week01-crypto.ppt
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
week01-crypto.ppt 18/27/2013 4:40:35 PM
Introduction to Basic Crypto Schemes
• In order to achieve confidentiality but at the same communicate/exchange information with intended parties, the information must be hidden from others
• But how?– By encryption/decryption– By obscurity
week01-crypto.ppt 28/27/2013 4:40:36 PM
By Obscurity – An Example
A cover image (no message)
week01-crypto.ppt 38/27/2013 4:40:37 PM
By Obscurity – An Example – cont.
A cover image (no message)
A stego image
week01-crypto.ppt 48/27/2013 4:40:39 PM
Crypto Terminology
• Cryptology The art and science of making and breaking “secret codes”
• Cryptography making “secret codes”• Cryptanalysis breaking “secret codes”• Crypto all of the above (and more)
week01-crypto.ppt 58/27/2013 4:41:15 PM
Crypto as Black Box
plaintext
keykey
plaintextciphertext
A generic use of crypto
encrypt decrypt
week01-crypto.ppt 68/27/2013 4:41:42 PM
How to Speak Crypto
• A cipher or cryptosystem is used to encrypt the plaintext – The result of encryption is ciphertext – We decrypt ciphertext to recover plaintext
• A key is used to configure a cryptosystem– A symmetric key cryptosystem uses the same key to encrypt
as to decrypt– A public key cryptosystem uses a public key to encrypt and
a private key to decrypt– Key space is the total number of all possible keys that can
be used in a cryptographic system
week01-crypto.ppt 78/27/2013 4:42:05 PM
Crypto
• Basic assumption– The system is completely known to the attacker– Only the key is secret
• Also known as Kerckhoffs Principle– Crypto algorithms are not secret
• Why do we make this assumption?– Experience has shown that secret algorithms are weak
when exposed– Secret algorithms never remain secret– Better to find weaknesses beforehand
week01-crypto.ppt 88/27/2013 4:42:25 PM
Confusion and diffusion
• Proposed by Claude Shannon – The founder of Information Theory– 1949 paper:
Comm. Thy. of Secrecy Systems• Confusion and diffusion
– Confusion obscure relationship between plaintext and ciphertext• Note that the encryption must be invertible in order to be
able to recover the original plaintext from the ciphertext– Diffusion spread plaintext statistics through the
• Crypto provides fundamental tools to solve many problems in computer security– Confidentiality– Integrity– We have to understand the crypto algorithms and
principles in order to understand many solutions to computer security problems
week01-crypto.ppt 108/27/2013 4:43:17 PM
Simple Substitution
• Plaintext: fourscoreandsevenyearsago• Key:
a b c d e f g h i j k l m n o p q r s t u v w x y
D E F G H I J K L M N O P Q R S T U V W X Y Z A B
zC
• Ciphertext: IRXUVFRUHDAGVHYHABHDUVDIR
• Shift by 3 is “Caesar’s cipher”
PlaintextCiphertext
week01-crypto.ppt 118/27/2013 4:44:13 PM
Ceasar’s Cipher Decryption
• Plaintext: floridastateuniversity
a b c d e f g h i j k l m n o p q r s t u v w x y
D E F G H I J K L M N O P Q R S T U V WX Y Z A B
z
CPlaintext
Ciphertext
• Suppose we know a Caesar’s cipher is being used
• Ciphertext: IORULGDVWDWHXQLYHUVLWB
week01-crypto.ppt 128/27/2013 4:44:20 PM
Not-so-Simple Substitution
• Shift by n for some n {0,1,2,…,25}
a b c d e f g h i j k l m n o p q r s t u v w x y
H I J K L M N O P Q R S T U V W X Y Z A B C D E F
z
GPlaintext
Ciphertext
The encryption can also be represented using modular arithmetic by first transforming the letters into numbers, according to the scheme, A = 0, B = 1,..., Z = 25. [1] Encryption of a letter by a shift n can be described mathematically as,[2]
• A simple substitution (shift by n) is used• But the key is unknown• Given ciphertext: CSYEVIXIVQMREXIH• How to find the key?• Only 26 possible keys try them all!• Exhaustive key search• Solution: key = 4
week01-crypto.ppt 148/27/2013 4:45:06 PM
Even-less-Simple Substitution
• Key is some permutation of letters• Need not be a shift• For example
a b c d e f g h i j k l m n o p q r s t u v w x yJ I C A X S E Y V D K WB Q T Z R H F M P N U L G
zO
PlaintextCiphertext
• Then 26! > 288 possible keys!
week01-crypto.ppt 158/27/2013 4:45:29 PM
Cryptanalysis II: Be Clever• We know that a simple substitution is used• But not necessarily a shift by n• Can we find the key given ciphertext: PBFPVYFBQXZTYFPBFEQJHDXXQVAPTPQJKTOYQWIPBVWLXTOXBTFXQ
transposition cipher use, confusion, diffusion, or both?
week01-crypto.ppt 238/27/2013 6:01:28 PM
One-time Pad Encryption
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
h e i l h i t l e r001 000 010 100 001 010 111 100 000 101111 101 110 101 111 100 000 101 110 000
110 101 100 001 110 110 111 001 110 101
s r l h s s t h s r
Encryption: Plaintext Key = Ciphertext
Plaintext:Key:
Ciphertext:
week01-crypto.ppt 248/27/2013 6:01:33 PM
One-time Pad Encryption
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
h e i l h i t l e r001 000 010 100 001 010 111 100 000 101111 101 110 101 111 100 000 101 110 000
110 101 100 001 110 110 111 001 110 101
s r l h s s t h s r
Encryption: Plaintext Key = Ciphertext
Plaintext:Key:
Ciphertext:
How to decrypt a message encrypted using one-time pad?
week01-crypto.ppt 258/27/2013 6:01:39 PM
One-time Pad Decryption
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
s r l h s s t h s r110 101 100 001 110 110 111 001 110 101
111 101 110 101 111 100 000 101 110 000
001 000 010 100 001 010 111 100 000 101
h e i l h i t l e r
Decryption: Ciphertext Key = Plaintext
Ciphertext:Key:
Plaintext:
week01-crypto.ppt 268/27/2013 6:01:41 PM
One-time Pad
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
s r l h s s t h s r110 101 100 001 110 110 111 001 110 101101 111 000 101 111 100 000 101 110 000
011 010 100 100 001 010 111 100 000 101
k i l l h i t l e r
Ciphertext:“key”:
“Plaintext”:
Double agent claims sender used “key”:
week01-crypto.ppt 278/27/2013 6:01:44 PM
One-time Pad
e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
s r l h s s t h s r110 101 100 001 110 110 111 001 110 101111 101 000 011 101 110 001 011 101 101
001 000 100 010 011 000 110 010 011 000
h e l i k e s i k e
Ciphertext:“Key”:
“Plaintext”:
Sender is captured and claims the key is:
week01-crypto.ppt 288/27/2013 6:01:52 PM
One-time Pad Summary
• Provably secure, when used correctly– Ciphertext provides no info about plaintext– All plaintexts are equally likely– Pad must be random, used only once– Pad is known only by sender and receiver– Pad is same size as message– No assurance of message integrity
• Why not distribute message the same way as the pad?
week01-crypto.ppt 298/27/2013 6:02:03 PM
Messages in Depth
• Messages are in depth if they are encrypted with the same key
week01-crypto.ppt 308/27/2013 6:02:11 PM
Real-world One-time Pad
• Project VENONA– Soviet spy messages from U.S. in 1940’s– Nuclear espionage, etc.– Thousands of messages
• Spy carried one-time pad into U.S.• Spy used pad to encrypt secret messages• Repeats within the “one-time” pads made
• Substitutions and transpositions are the building blocks of ciphers– While the ones we covered so far are simple and
straightforward, their generalized versions are used extensively in modern ciphers
37
Class Discussion
• Do you agree with the following (p. 722, E. Skoudis, “Counter Hack Reloaded”, 2nd Edition)?– “Just as this is the Golden Age of Hacking, so too is
it the Golden Age of Information Security. We live in very exciting times with technologies rapidly advancing, offering tremendous opportunities for learning and growing. If technology itself doesn’t get you excited, think of the tremendous job security afforded to system administrators, security personnel, and network managers who know how to secure their systems properly.”
38
Class Discussion
• If you place an unpatched computer on the Internet, what is the average survival time before being completely compromised?