Basics of Cryptography An Introduction to Theory of Cryptography 10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 1 WORK IN PROGRESS | PRIVATE USE ONLY
Dec 18, 2014
Basics of Cryptography
An Introduction to Theory of Cryptography
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 1
WORK IN PROGRESS | PRIVATE USE ONLY
BASIC TERMINOLOGY AND CONCEPTS
Section I
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 2
Terminology
• A Message (M) is a crucial piece of information • Sender (S) is the party that originates the message • Recipient (R) is the intended party of receipt for M • The medium through which M is sent, is called Transmission
Medium (T) • Usually this involves a Computer System (or System), composed of
hardware, software and data • A Vulnerability is a weakness in the security of the system • An Attack is an exploitation of a vulnerability, by an Intruder
(human/machine) who perpetrates (commonly an Outsider O)
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 3
Properties of a Message
Confidentiality
• Only intended parties must receive M
Integrity
• Contents of M must be unchanged from S to R
Non-repudiation
• Once received M cannot be denied by R
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 4
Main Types of Attack
1. Interception – Listening to the message while it passes from S to R – Does not stop R from getting the message M – Causes loss of confidentiality of message M
2. Interruption / Blocking – Prevents R from getting message M – Causes loss of availability of message M
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 5
Main Types of Attack
3. Modification – Alteration of the contents of message M – R does not receive the original M sent by S – Causes loss of integrity of message M
4. Fabrication – R receives an authentic-looking message, as if it was
originated by S – Causes loss of integrity of message M
Closely related but different scenario is denial of M by S—called repudiation
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 6
Requirements for a Successful Attack
• Method: tools, knowledge, skills • Opportunity: time and access to resources • Motivation: a reason to conduct the attack
• If any of these are denied, attack would not occur • But all three lie with the intruder, not system • Not practical to target and eliminate these
Method–Opportunity–Motivation: MOM
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 7
Control of Attacks
• Control is the means by which an attack is stopped / prevented
• Stops a vulnerability from becoming an attack
• Control is a part of the system and is under our influence
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 8
Cryptology, Cryptography & Cryptanalysis
• Cryptography is the science of (overt) secret writing, and its unauthorized decryption
• Cryptology = cryptography + cryptanalysis • Cryptography is the science of overt secret
writing • Cryptanalysis is the science of unauthorized
decryption of an encrypted message
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 9
Cryptography Cryptography
Steganography
Technical Linguistic
Semagrams Open Code
Jargon Code
Cue
Concealment cipher
Null cipher
The Grille
Cryptography Proper
• Steganography is covert secret writing—only R and S know that M is being passed
• Cryptography proper is about overt secret writing—not only R and S know that an M is being passed
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 10
MATHEMATICS OF CRYPTOGRAPHY
Section II
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 11
Plaintext & Ciphertext
• Plaintext P is the original form of the message • Ciphertext C is the message in its encrypted form
• P and C are sequences of characters in the form
– P = <P1, P2, P3, P4, … > – C = <C1, C2, C3, C4, … >
• Usually P is written in lowercase while C is written in
uppercase
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 12
Encryption & Decryption
• Encryption is the process of translating P into C • Decryption is the reverse process: C into P
– Encryption: C = E(P) – Decryption: P = D(C) – Satisfying, P = D(E(C))
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 13
Character Sets
• A Vocabulary is a set of characters, V, used to formulate plaintext P, or set of characters, W, used to formulate C
• Length of a word is usually denoted in superscript – V*– set of words constructed from V – W*– set of words constructed from W – ε – the empty (null) word – Zn – the set of all words of length n, where, – Zn = {ε}Z1 Z2 … Zn | Zn Z*
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 14
Encryption & Decryption
• An encryption X is a relation / rule / algorithm that is injective: – X ∶ V∗ ⇢ W∗ where x ↦ z ⋀ y ↦ z ⟶ (x = y)
• The converse is written X-1: – X−1: V∗ ⇠ W∗ x ↤ z iff (x ↦ y)
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 15
Fiber, Homophones and Nulls
• Fiber of message 𝑥: (𝑥 ∈ 𝑉∗) is defined 𝐻𝑥 where – 𝐻𝑥 = 𝑦 ∈ 𝑊∗ 𝑥 ↦ 𝑦 𝑢𝑢𝑢𝑢𝑢 𝑋}
• If 𝑢(𝐻𝑥) > 1 then each 𝑦 ∈ 𝐻𝑥 is called a Homophone (same x, many y’s)
• If (∆∈ 𝐻𝑥: 𝜀 ↦ ∆ 𝑢𝑢𝑢𝑢𝑢 𝑋), that is, non-empty 𝐻𝑥 for empty word 𝜀 exist, they are called Nulls
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 16
Homophones and Nulls help to mask character and word frequencies.
Cryptosystem
• A cryptosystem M is an N-tuple formed by
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 17
Keys
• A Key is an external parameter that selects a subset of the encryption steps – C = E(P, KE): KE is the encryption key – P = D(C, KD): KD is the decryption key
• If KE = KD then the cryptosystem is symmetric,
otherwise asymmetric
• If KE = KD = ε then M is a keyless cipher
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 18
Alphabets
• Number of steps in system M = |M| is known as its cardinality
• If |M|=1 then the system M is monoalphabetic, otherwise polyalphabetic
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 19
Word Lengths and Blocks Word Length Encryption Decryption
1 Monographic Unipartite / Monopartite
2 Digraphic Bipartite
3 Trigraphic Tripartite
etc. Polygraphic Polypartite
• A Block is a word from 𝑉𝑛
that is subjected to one step from M
• If block length is 1 it is a stream cipher, otherwise it is a block cipher
• Note that in a suitable vocabulary of character n-tuples, a block encryption is simplified to a monographic encryption
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 20
All the above assumes that each encryption step X is injunctive. If not, more than one word from V would encrypt to the same W. This, known as polyphony, is rarely seen.
The most basic encryption types are Substitution and Permutation (Transposition)
CRYPTANALYSIS Section III
10/29/2012 © 2012, C.J. Dedduwage, University of Colombo 21