6 views

Uploaded by samaher hussein

Dr. Samaher Hussein Ali

save

You are on page 1of 8

By Dr. Samaher Hussein Ali

College of Information Technology, University of Babylon, Iraq Samaher_hussein@yahoo.com

10/24/2012

Cryptographic Primitives

There are a number of basic cryptographic tools (primitives) used to provide information security. Examples of primitives include encryption schemes, hash functions, and digital signature schemes. The figure in below provides a schematic listing of the primitives considered and how they relate.

10/24/2012

Notes of Lecture 5

Cryptographic Primitives

These primitives should be evaluated with respect to various criteria such as: 1. Level of Security. This is usually difficult to quantify. Often it is given in terms of the number of operations required (using the best methods currently known) to defeat the intended objective. Typically the level of security is defined by an upper bound on the amount of work necessary to defeat the objective. This is sometimes called the work factor. 2. Functionality. Primitives will need to be combined to meet various information security objectives. Which primitives are most effective for a given objective will be determined by the basic properties of the primitives. 3. Methods of Operation. Primitives, when applied in various ways and with various inputs, will typically exhibit different characteristics; thus, one primitive could provide very different functionality depending on its mode of operation or usage. 4. Performance. This refers to the efficiency of a primitive in a particular mode of operation. (For example, an encryption algorithm may be rated by the number of bits per second which it can encrypt.) 5. Ease of implementation. This refers to the difficulty of realizing the primitive in a practical instantiation. This might include the complexity of implementing the primitive in either a software or hardware environment.

10/24/2012

Notes of Lecture 5

Requirements of Cryptosystems

1. 2. 3. 4. 5. 6. 7. 8. 9. The encryption and decryption transformation must be efficient for all keys. The system must be easy to use The security of the system must depend only on the secrecy of the key and not on the secrecy of the algorithm encryption /decryption) It should be computationally infeasible1 for a cryptanalyst to determine the deciphering transformation from intercepted ciphertext , even if the corresponding plaintext is known. It should be computationally infeasible for a cryptanalysis to determine the plaintext from interpreted cipher text In addition to providing confidentiality, cryptography is often asked to do other jobs. Authentication: it should be possible for the receiver of a message to ascertain its origin. Integrity: it should be possible for the receiver of a message to verify that it has not been modified in transmits. No repudiation: a sender should not be able to falsely deny later that he/she sent a message.

10/24/2012

Notes of Lecture 5

Methods of Cryptanalysis

Cryptanalysis is the study of mathematical techniques for attempting to defeat cryptographic techniques. Cryptanalysis is the science of analyzing and breaking secure communication. Classical cryptanalysis involves an interesting combination of analytical reasoning, application of mathematical tools, pattern finding, patience, determination, and luck. Cryptanalysts are also called attackers. History of Cryptanalysis Cryptanalysis has coevolved together with cryptography, and the contest can be traced through the history of cryptography new ciphers being designed to replace old broken designs, and new cryptanalytic techniques invented to crack the improved schemes . In practice, they are viewed as two sides of the same coin: in order to create secure cryptography, you have to design against possible cryptanalysis. Although the actual word "cryptanalysis" is relatively recent (it was coined by William Friedman in 1920), methods for breaking codes and ciphers are much older. The first known recorded explanation of cryptanalysis was given by 9th-century Arabian polymath, Al-Kindi (also known as "Alkindus" in Europe), in A Manuscript on Deciphering Cryptographic Messages.

10/24/2012

Notes of Lecture 5

Classical Cryptanalysis

Frequency analysis is the basic tool for breaking most classical ciphers. In natural languages, certain letters of the alphabet appear more frequently than others; in English, "E" is likely to be the most common letter in any sample of plaintext. Similarly, the digraph "TH" is the most likely pair of letters in English, and so on. Frequency analysis relies on a cipher failing to hide these statistics. For example, in a simple substitution cipher (where each letter is simply replaced with another), the most frequent letter in the ciphertext would be a likely candidate for "E". Beker and Piper partition the 26 letters into five groups as follows: 1. 2. 3. 4. 5. E, having probability about 0.120 T, A, O, I, N, S, H, R, each having probabilities between 0.06 and 0.09. D, L, each having probabilities around 0.04. C, U, M, W, F, G, Y, P, B, each having probabilities between 0.015 and 0.028. V, K, J, X, Q, Z, each having probabilities less than 0.01.

Steps in Cryptanalysis The solution of nearly every cryptogram involves four basic steps: 1. Determination of the language used. 2. Determination of the general system used. 3. Reconstruction of the specific keys to the system. 4. Reconstruction of the plaintext.

10/24/2012

Notes of Lecture 5

The objective of the following attacks is to systematically recover plaintext from ciphertext, or even more drastically, to deduce the decryption key. 1. A ciphertext-only attack is one where the adversary (or cryptanalyst) tries to deduce the decryption key or plaintext by only observing ciphertext. Any encryption scheme vulnerable to this type of attack is considered to be completely insecure. 2. A known-plaintext attack is one where the adversary has a quantity of plaintext and corresponding ciphertext. This type of attack is typically only marginally more difficult to mount. 3. A chosen-plaintext attack is one where the adversary chooses plaintext and is then given corresponding ciphertext. Subsequently, the adversary uses any information deduced in order to recover plaintext corresponding to previously unseen ciphertext. 4. An adaptive chosen-plaintext attack is a chosen-plaintext attack where in the choice of plaintext may depend on the ciphertext received from previous requests. 5. A chosen-ciphertext attack is one where the adversary selects the ciphertext and is then given the corresponding plaintext. One way to mount such an attack is for the adversary to gain access to the equipment used for decryption (but not the decryption key, which may be securely embedded in the equipment). The objective is then to be able, without access to such equipment, to deduce the plaintext from (different) ciphertext. 6. An adaptive chosen-ciphertext attack is a chosen-ciphertext attack where the choice of ciphertext may depend on the plaintext received from previous requests.

10/24/2012

Notes of Lecture 5

The general strategy with the two substitution ciphers is to substitute symbols from the plaintext alphabet with different symbols from the ciphertext alphabet(s). The weakness with this strategy is that character frequency distributions are not significantly altered by the encryption process. Thus, most attacks on substitution ciphers attempt to match the character frequency statistics of the encrypted message with those of some known language (for example, English). Character frequency statistics (or ngrams) indicate the frequency distribution of all possible instances of n adjacent characters (for example, THE is a very common 3-gram (or trigram) in the English language). The attack on the simple substitution cipher is particularly simple since the frequency of any n-gram in the plaintext (or unencrypted) message will correspond exactly to the frequency of the corresponding encrypted version in the ciphertext. A major factor influencing the success of an attack on the simple substitution cipher (or any cipher where the attack is based on n-gram statistics of the language) is the length of the intercepted cipher text message which is being cryptanalysed. The amount of cipher text required in order to recover the entire key (with a high degree of certainty) varies depending on the type of cipher.

10/24/2012

Notes of Lecture 5

- Rc4 ExampleElements of Information TheoryUploaded byRohan Ghige
- Survey on Scalable load balancing and Data security in Cloud IaaS serversUploaded byShruti
- Modern CiphersUploaded byVanquy Do
- Java 1Uploaded byKallol Sen
- Final PaperUploaded byMichael Yamamoto
- Keamanan Jaringan APJII.pdfUploaded byCosmas Eko Suharyanto
- Privacy-Preserving Ciphertext Multi-Sharing Control for Big Data StorageUploaded bySai Sandeep
- CryptUploaded byhotguysb
- Cybersecurity: It’s Not Just About TechnologyUploaded bySAMETampaBay
- 28-MSCIT2Uploaded byAllison Watson
- AesUploaded byAlok Yadav
- AMIETE_ETmain.pdfUploaded bySwapnil Hule
- Chaos Image Encryption using Pixel shufflingUploaded byCS & IT
- MAC Address as a Key for Data EncryptionUploaded byijcsis
- Image Encription Rinaldi 2012Uploaded byhanizaki
- E-votingUploaded byTushar Meena
- Certainty Based Privacy Service Mechanism on Key Policy Behavioral Based EncryptionUploaded byAnonymous vQrJlEN
- MAA EnigmaUploaded byAn Nisa
- Using Modern Symmetric-Key CiphersUploaded byVanquy Do
- my3Uploaded byGabrealDisalel
- ICC 2015 Plug and Secure Communication for CANUploaded byJasmin Bijedic
- Cryptography.docxUploaded byJosh

- Lecture 4Uploaded bysamaher hussein
- Lecture 2Uploaded bysamaher hussein
- Lecture 13Uploaded bysamaher hussein
- Lecture 9Uploaded bysamaher hussein
- Lecture 4Uploaded bysamaher hussein
- Lecture 1Uploaded bysamaher hussein
- Lecture 13Uploaded bysamaher hussein
- Lecture 9Uploaded bysamaher hussein
- Lecture 4Uploaded bysamaher hussein
- Quantum CryptographyUploaded bysamaher hussein

- ACTAS SUFRAGIO APAFAUploaded byErmitaño Aguirre Huaman
- Insertos Para Torneado FUploaded byEDWIN JOSE LOPEZ PACHECO
- El mercado de productos ecológicosUploaded byUn metro cuadrado
- Causas de la contaminación del aguaUploaded byYefri Altamirano
- 9. BOLSA DE METALES EN EL MUNDO.pptxUploaded byober tintaya cahuapaza
- Trabajo Final_Matemática FinancieraUploaded byLeonel Rosales Rosales
- Cifra Club RESSUSCITA-ME - Aline BarrosUploaded byHercules Santhus
- Sky ChillersUploaded byJorge Martinez
- Supervisory SkillsUploaded bysabby_khurram
- Direct ShearUploaded byMUHAMMAD RIAZ AHMAD 2009-CIV-140
- PMBOK para proyectos de inversion mineraUploaded byJuanCarlosValenzuelaMedina
- Trabajo CientificoUploaded bymaria mendoza
- ORGANISMOS AUTÓNOMOSUploaded byMiguel Angel Luna Larico
- TP 1 - Emanuel AldreyUploaded bymaxibongio
- Appraising the Appraisal Process in IT Sector – a ReviewUploaded byarcherselevators
- 9706_s04_ms(1)Uploaded byroukaiya_peerkhan
- Micro Rubber MillingUploaded byMocerneac Bogdan
- Homero - Himnos Homericos Epigramas La bUploaded byESTGS
- Guia de Fallos-Decretos DelegadosUploaded byGaston Chagra
- South_African_Social_Attitudes__The_2nd_Report_-_Entire_ebookUploaded byjapbur
- Salar de UyuniUploaded byelisa055
- Temario EMTP Especialidad ElectrónicaUploaded byalfredomamaniblanco
- Human Resources Homework Final Oleg AndreevUploaded byOleg Andreev
- Yashpal Malik SynopsisUploaded byYashpal Malik
- Ley No.56 General de PuertosUploaded byJose Luis
- 9789491216732-c2Uploaded bymichael17ph2003
- Ejercicios Ed MicroeconomiaUploaded byCharles Angel Bartra Villanueva
- blog nubeUploaded bydaniel
- HSAMB Cold Storage & Pack House PresentationUploaded byHsamb Abm
- Thomas-Fiering Model for the Sequential Generation of Stream FlowUploaded byyahya