The Elements of Cryptography (April 1, 2015) © Abdou Illia – Spring 2015.

The Elements of Cryptography

(April 1, 2015)

© Abdou Illia – Spring 2015

2

Learning Objectives

Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish between Hashing and Encryption

3

Cryptography?

Traditionally, cryptography refers to The practice and the study of encryption Transforming information in order to prevent

unauthorized people to read it.

Today, cryptography goes beyond encryption/decryption to include Techniques for making sure that encrypted

messages are not modified en route Techniques for secure

identification/authentication of communication partners.

4

Your knowledge about Cryptography

1) Which of the following do cryptographic systems protect?

a) Data stored on local storage media (like hard drives) from access by unauthorized users.

b) Data being transmitted from point A to point B in a network

c) Both a and b

#$%^@#$5hh&*9(?>/@$#)>

5

Your knowledge about Cryptography

2) Which of the following security issues is addressed by cryptographic systems?

a) Confidentiality; i.e. protection against eavesdroppingb) Authentication; i.e. assurance parties involved in a

communication are who they claim to bec) Message integrity; i.e. assurance that messages are not

altered en routed) Availability; i.e. making sure that communication systems

are not shut down by intruders.e) All of the above

6

Basic Terminology 1

Network

Plaintext“Hello”

Ciphertext “11011101”

Ciphertext “11011101”Plaintext“Hello”

DecryptionAlgorithm

Interceptor

Party A

Party B

Plaintext: original message to be sent. Could be text, audio, image, etc. Encryption/Decryption Algorithm: mathematical tool (software) used to

encrypt or decrypt Key: A string of bits used by to encrypt the plaintext or decrypt the ciphertext Ciphertext: encrypted message. Looks like a random stream of bits

+ Decryption key

EncryptionAlgorithm

+ Encryption key

HelloHello

7

Basic Terminology 2 Encryption:

Converting plaintext into ciphertext using algorithms and keys The size of the ciphertext is proportional to the size of the plaintext Ciphertext is reversible to plaintext

Symmetric Key Encryption: Same key is used both for encryption and decryption Keys are usually identical or trivially identical*

Asymmetric Key Encryption: Also called Public/Private Key Encryption Two different keys are used: one for encryption, one for decryption

Party A Party B

Party A Party B

* Trivially identical means simple transformation could lead from one key to the another.

Flexcrypt: http://www.flexcrypt.com/flexcryptfree.html | Tools4noobs.com

8

Your knowledge about Cryptography

3) Based on how symmetric encryption systems work, which of the following is the worst thing to happen?

a) An attacker gets a copy of the encryption and decryption algorithms

b) An attacker gets the decryption key

c) a and b are equally damaging

4) Which of the following presents more challenge for exchanging keys between partners?a) Asymmetric encryption

b) Symmetric encryption

c) A and b are equally challenging

9

Exhaustive search and Key length

Key Length in bits Number of possible keys (2key length in bits)

1 2

2 4

4 16

8 256

16 65536

56 72057594037927900

112 5192296858534830000000000000000000 or 5.1923E+33

168 3.74144E+50

256 1.15792E+77

512 1.3408E+154

Attacker could use the right algorithm and do an exhaustive search (i.e. try all possible keys) in order to decrypt the ciphertext

Most attacks require the capture of large amount of ciphertext Every additional bit in the length of the key doubles the search time Every additional bit in the length of the key doubles the requirements in terms of

minimum processor’s speed to crack the key.

10

Your knowledge about Cryptography

4) If you increase the key length from 56 bits to 66 bits. How much more key combinations an attacker who captures enough ciphertext will have to try in order to decipher the captured ciphertext using the appropriate algorithm?

_______________________________________

5) Assuming that it takes 7 days to try all possible combinations of a 56 bit key, how much time it would take to try all possible combinations when the key length is increased to 58 bits?

________________

11

Weak vs. Strong Keys

Symmetric Key Encryption Usually for private of customer e-business Keys < 100-bit long are considered weak today. Keys 100-bit long or more are considered strong today.

Asymmetric Key Encryption Usually used for B2B e-commerce Key pairs must be much longer (512 bit and more) because of

the disastrous consequences of breaking the decryption keyKey Length in bits

Number of possible keys (2key length in bits) Type of communication

1 21 = 2

2 22 = 4

16 216 = 65536

56 256 = 72057594037927900 Private, symmetric, weak asymmetric (e.g. DES)

100 2100 = Private, symmetric

112 2112 = 5192296858534830000000000000000000 or 5.1923E+33 Business, asymmetric (e.g. 112-bit DES)

168 3.74144E+50 Business, asymmetric (e.g. 3DES)

256 1.15792E+77 Business, asymmetric (e.g. AES)

512 1.3408E+154 Business, asymmetric (e.g. RSA)

1024 to 4096 21024 to 24096 Business, asymmetric (e.g. RSA)

12

Your knowledge about Cryptography

6) Most attacks require the capture of large amount of ciphertext, which can take a certain amount of time. Beside using strong keys what else can be done to make it harder to crack the key?

Symmetric Key Encryption

14

Symmetric Key Encryption methods Two categories of methods

Stream cipher: algorithm operates on individual bits (or bytes); one at a time Block cipher: operates on fixed-length groups of bits called blocks

Only a few symmetric methods are used today

Methods Year approved Comments

Data Encryption Standard - DES 1977 1998: Electronic Frontier Foundation’s Deep Crack breaks a DES key in 56 hours

DES-Cipher Block Chaining

Triple DES – TDES or 3DES 1999

Advanced Encryption Standard – AES 2001 Its versions among the most used today

Other symmetric encryption methods

IDEA (International Data Encryption Algorithm), RC5 (Rivest Cipher 5), CAST (Carlisle Adams Stafford Tavares), Blowfish

15

Data Encryption Standard (DES)

DES EncryptionProcess

64-Bit CiphertextBlock

64-Bit DES Symmetric Key(56 bits + 8 redundant bits)64-Bit Plaintext

Block

DES is a block encryption method, i.e. uses block cipher DES uses a 64 bit key; actually 56 bits + 8 bits computable

from the other 56 bits Problem: same input plaintext gives same output ciphertext

16

DES-Cipher Block Chaining

First64-Bit Plaintext Block

DES EncryptionProcess

Second64-Bit Plaintext Block

First64-Bit Ciphertext Block

InitializationVector (IV)

DES EncryptionProcess

Second64-Bit Ciphertext Block

DES Key

DES Key

DES-CBC uses ciphertext from previous block as input making decryption by attackers even harder

An 64-bit initialization vector is used for first block

17

Triple DES (3DES)

Sender Receiver

Encrypts original plaintext with the1st key

Decrypts ciphertext withthe 3d key

Decrypts output of firststep with the 2nd key

Encrypts output of thefirst step with the 2nd key

Encrypts output of secondstep with the 3d key; givesthe ciphertext to be sent

Decrypts output of secondstep with the 1st key; givesthe original plaintext

168-Bit Encryption with Three 56-Bit Keys

1st

2nd

3rd

3rd

2nd

1st

18

Triple DES (3DES)

Sender Receiver

Encrypts plaintext with the1st key

Decrypts ciphertext withthe 1st key

Decrypts output with the 2nd key

Encrypts output with the2nd key

Encrypts output with the1st key

Decrypts output with the1st key

112-Bit Encryption With Two 56-Bit Keys

1st

2nd

1st

1st

2nd

1st

19

Your knowledge about Cryptography

7) Based on the way DES and 3DES work, which of the following is true?a) 3DES requires more processing time than DES

b) Compared 3DES, DES requires more RAM

c) Both a and b

8) Given the increasing use of hand-held devices, 3DES will be more practical than DES.

a) True

b) False

20

Advanced Encryption Standard - AES

Developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, and submitted to the AES selection process under the name "Rijndael", a portmanteau of the names of the inventors

Offers key lengths of 128 bit, 192 bit, and 256 bit Efficient in terms of processing power and RAM

requirements compared to 3DES Can be used on a wide variety of devices including

Cellular phones PDAs Etc.

21

DES, 3DES, and AES

DES

56

Weak

Moderate

Moderate

3DES

112 or 168

Strong

High

High

AES

128, 192, 256

Strong

Modest

Modest

Key Length (bits)

Key Strength

ProcessingRequirements

RAM Requirements

22

Encryption Algorithms Used by MS Operating Systems

Operating SystemDefault Algorithm Other

Algorithms

Windows 2000 DESX (none)

Windows XP RTM DESX 3DES

Windows XP SP1 AES 3DES, DESX

Windows Server 2003 AES 3DES, DESX

Windows Vista AES 3DES, DESX

Windows Server 2008 AES 3DES, DESX (?)

Asymmetric Key Encryption

24

Public Key Encryption For confidentiality

Party A Party BDecrypt with

Party A’s Private KeyEncrypt with

Party A’s Public Key

Encrypt withParty B’s Public Key

Decrypt withParty B’s Private Key

EncryptedMessage

EncryptedMessage

Each Party uses other party’s public key for encryption Each Party uses own private key for decryption No need to exchange private key, but key needs to be very strong (512+

bit)

25

Public Key Encryption methods

Asymmetric encryption methods are used both for Encryption in order to provide confidentiality Digital signature in order to provide partners’ authentication

Methods Year proposed Comments

RSA by Ron Rivest, Adi Shamir, and Leonard Adleman

1977 1995: First attack in lab conditions was reported

Elliptic Curve Cryptosystem - ECC 1985 Becoming widely used

Other symmetric encryption methods:

Dieffe-Hellman, El-Gamal

26

Basic Terminology 3 Hashing:

Mathematical process for converting inputs into fixed-length outputs Hash function:

Algorithm that does the hashing. Uses an input + a shared secret or password. Example: MD5, Secure Hash Algorithm.

Hash: Fixed-length output of the hashing

27

Encryption Versus Hashing

Encryption

Uses a key as aninput to an encryption method

Output is similar inlength to input

Reversible; ciphertextcan be decryptedback to plaintext

Use of Key

Length of Result

Reversibility

Hashing

Password is usually addedto text; the two arecombined, and thecombination is hashed

Output is of a fixedshort length, regardless of input

One-way function; hashcannot be “de-hashed” back to the original string

28

Hashing & Public Key for authentication

Asymmetric Key Encryption is also used for authentication Usually used along with hashing

Confidentiality Authentication

Public KeyEncryption

Sender encrypts with receiver’s public key. Receiver decrypts with the receiver’s own private key.

Sender (supplicant) encrypts with own private key. Receiver (verifier) decrypts with the public key of the true party, usually obtained from a Certificate Authority.

Hashing Used in MS-CHAP for initial authentication and in HMACs for message-by-message authentication

Hashing and Public Key for authentication very used in cryptographic systems like SSL/TLS or IPSec

29

Cryptographic Systems

Packaged set of cryptographic countermeasures used for protecting dialogues

Example: Secure Socket Layer/Transport Layer Security –SSL/TLS used in secured webservice

Each cryptographic system includes different security standards (algorithms, hashing methods, security parameters) that comm. partners needs to “agree” on.

Typical Process:

Handshaking stages

Ongoing communication stage: Message-by-Message authentication

30

Cryptographic Systems (cont.)

Packaged set of cryptographic countermeasures used for protecting dialogues

Handshaking Stage 1:Initial Negotiation of Security Parameters

Handshaking Stage 2:Initial Authentication

(Usually mutual)

Handshaking Stage 3:Keying

(Secure exchange of keys and other secrets)

Ongoing Communication Stagewith Message-by-Message

Confidentiality, Authentication,and Message Integrity

ServerClient PC

Time

Encrypted for Confidentiality

PlaintextElectronic Signature(Authentication, Integrity)

31

MS-CHAP* Hashing for Authentication

* Microsoft’s version of Challenge Handshake Authentication Protocol

CHAP is an authentication scheme used by Point to Point Protocol (PPP) servers to validate the identity of remote clients

1) After the completion of the link establishment phase, the server sends a "challenge" message to the client.

2) The client responds with a value calculated using a one-way hash function, such as an MD5 or SHA (Secure Hash Algorithm).

3) The server checks the response against its own calculation of the expected hash value. If the values match, the server acknowledges the authentication; otherwise it should terminate the connection.

4) At random intervals the server sends a new challenge to the peer and repeats steps 1 through 3.

Shared secret

32

Message-by-Message Authentication using Hashing and Public Key

To Create the Digital Signature:

1. Hash the plaintext to create abrief Message Digest; this is NOT the Digital Signature.

2. Sign (encrypt) the messagedigest with the sender’s privatekey to create the Digital Signature.

3. Transmit the plaintext + digitalsignature, encrypted withsymmetric key encryption.

Plaintext

MD

DS

Hash

Sign (Encrypt)with Sender’sPrivate Key

4. Encrypted withSession Key

DS Plaintext

Sender Receiver

33

Message-by-Message Authentication (cont.)

To Test the Digital Signature

5. Hash the received plaintextwith the same hashing algorithm

the sender used. This givesthe message digest.

6. Decrypt the digital signaturewith the sender’s public key.

This also should give themessage digest.

7. If the two match, themessage is authenticated.

MD

Received Plaintext

MD

DS

5. 6.

HashDecrypt withTrue Party’sPublic Key

7.Are they equal?

Plaintext

MD

DS

Hash

Sign (Encrypt)with Sender’sPrivate Key

34

Summary Questions

See Questions on Your knowledge About Cryptography’s slides in these class notes

See ReadingQuestionCh3.doc file in Notes’ section of web site.

Encryption Exercises posted to the course website