Professional Documents
Culture Documents
TMN 2073
Lecture 2:
Cryptography and
Basic Security Mechanisms
Lecture Outline
Basic Terminology, Background and Notation
Cryptography Techniques
Cryptanalysis
Types of Algorithm
“Good” Cipher
2
Cryptography - What is it?
The definition:
Cryptography – ‘ A secret manner of writing, either by arbitrary characters, by using letters or
characters in other than their ordinary sense, or by other methods intelligible only to those
possessing the key ’.
(Oxford Dictionary, 2006)
Cryptography(secret writing)
- Is the strongest tool for controlling against many kinds of security threats.
(Security in Computing 4th Ed , 2007)
3
Introduction
Transformation of information into an encrypted form that cannot
be read by third parties
Originally used almost exclusively for diplomatic and military
communications
◦ fundamental change in recent days due to public / commercial
use of IT- based communications
May be applied to data communications or stored information
4
CRYTPGRAPHY
INSURE CHANNEL
Basic Terminology & Notation (1)
Plaintext
◦ plaintext is the readable message or data which will be used by the cryptographic process.
Ciphertext
◦ ciphertext is the un-readable message or data which is the outcome of the cryptographic process.
◦ 2 different key produce 2 different ciphertext
Encryption [encode]
◦ encryption is the process of turning plaintext into ciphertext
◦ Use encryption algorithm
6
cont…
Decryption [decode]
◦ decryption is the process of turning ciphertext into plaintext.
Cryptography
◦ a cipher system where plaintext is transformed into ciphertext using an algorithm
◦ at the recipient end, the message is deciphered to recover the original
Cryptanalysis
◦ used by an interceptor on the ciphertext to determine the plaintext information
7
Implementing Cryptography
Simplest arrangements rely on secrecy of the cryptographic algorithm
◦ once discovered all the information is insecure
8
Basic Cryptographic Scheme
original
plaintext ciphertext plaintext
ENCRYPTION DECRYPTION
P E C D P
9
Formal Notation
ENCRYPTION DECRYPTION original
plaintext ciphertext plaintext
ENCODING DECODING
P ENCIPHERING C DECIPHERING P
E D
◼ C = E(P) E – encryption rule/algorithm
◼ P = D(C) D – decryption rule/algorithm
◼ We need a cryptosystem, where:
◼ P = D(C)= D(E(P))
10
Cryptographic Techniques Vernam Cipher
By Gilbert Vernam for AT&T
Immune to most cryptanalytic attacks
Modulo 2 transformations using binary (XOR)
Key (K) Key (K)
+ +
Plaintext (P) Ciphertext (C) Plaintext
= (P + K) = (P + K) + K = P
11
Benefits of Cryptography
It’s just an improvement but not a Solution!
◦ Minimizes problems
◦ Doesn’t solve them
◦ Remember: There is no solution!
◦ Adds an envelope (encoding) to an open postcard (cleartext)
Cryptographic Techniques
Transposition
◦ the method by which symbols in the plaintext are moved into different
positions in the ciphertext.
Substitution
◦ the method by which symbols in the plaintext are replaced with
different (usually) symbols in the ciphertext.
Concealment
◦ the method by which additional symbols are placed in the ciphertext to
conceal the content.
13
Cryptographic Techniques Transposition
Rearrangement of the order of bits in a data block according to a fixed permutation
Total number 1’s and 0’s is preserved
Only secure if each message has its own transposition
Simple transposition may be target of brute force attack :
◦ attempting each permutation of encrypted text
14
Transposition Methods
Simple Transposition
transposition using matrix
Plaintext SECRET ILOVEASECURITYSUBJECT
S R
E T I L O V E
Encrypt C E S E C U R
R S I T Y S U
E C B J E C T
T E
15
Cryptographic Techniques
Substitution
Systematic replacement of one symbol by another
Uses a lookup table
Number of 1’s and 0’s not preserved
Vulnerable to statistical analysis
◦ e.g. based upon frequency of character occurrence
16
Example of Substitution
(Plaintext)
secretmessage
Encrypt
VHFUHWPHVVDJH
(Ciphertext)
ci = E ( pi ) = pi + 3
17
Cryptographic Techniques
Concealment :
◦ Message symbols are mixed up with many other symbols that carry no useful
information
◦ Gives considerable security, but can greatly expand the message
18
Shannon’s “Rules”
1. The amount of secrecy needed should determine the amount of labor
appropriate for the encryption and decryption.
2. The set of keys and the enciphering algorithm should be free from
complexity.
3. The implementation of the process should be as simple as possible.
4. Errors in ciphering should not propagate and cause corruption of further
information in the message.
5. The size of the ciphertext should be no larger than the plaintext.
19
Cryptanalysis (1)
Cryptanalyst attempts to deduce the original meaning of the ciphertext
message.
Cryptanalysts goals:
◦ Break a single msg
◦ Recognize patterns in encrypted msgs, to be able to break the subsequent ones
◦ Infer meaning without breaking encryption
◦ Unusual volume of msgs between enemy troops may indicate a coming attack
◦ Busiest node may be enemy headquarters
◦ Deduce the key, to facilitate breaking subsequent msgs
◦ Find vulnerabilities in implementation or environment of an encryption algorithm
◦ Find a general weakness in an encryption algorithm
20
Cryptanalysis (2)
Information used for cryptanalysts:
◦ Intercepted encrypted msgs
◦ Known encryption algorithms
◦ Intercepted plaintext
◦ Data known or suspected to be ciphertext
◦ Math or statistical tools and techniques
◦ Properties of natural languages
◦ Esp. adversary’s natural language
◦ To confuse the Japanese cryptanalysts, Americans used Navajo language in WW2
◦ Propertiers of computer systems
21
Classification of
Cryptosystems -
Keys
22
Breakable Encryption
An encryption algorithm is called breakable
- given enough time and data, an analyst can determine the algorithm.
-
Breakable encryption
◦ Practical cryptosystems almost always are breakable, given adequate time and computing power
[cf. J. Leiwo, VU, NL]
23
Requirements for Crypto Protocols
◦ Messages should get to destination
◦ Only the recipient should get it
◦ Only the recipient should see it
◦ Proof of the sender’s identity
◦ Message shouldn’t be corrupted in transit
◦ Message should be sent/received once
◦ Proofs that message was sent/received (non-repudiation)
24
Making “Good” Ciphers
Cipher = encryption algorithm
25
1. Criteria for “Good” Ciphers (1)
◼ “Good” depends on intended application
◼ Substitution
◼ C hides chars of P
◼ Transposition
◼ C scrambles text => hides n-grams for n > 1
◼ Product ciphers
◼ Can do all of the aboveWhat is more important for your app?
What facilities available to sender/receiver?
◼ E.g., no supercomputer support on the battlefield
26
Criteria for “Good” Ciphers (2)
◼ Claude Shannon’s criteria (1949):
27
Criteria for “Good” Ciphers (3)
◼ Shannon’s criteria (1949) – cont.
28
Criteria for “Good” Ciphers (4)
◼ Characteristics of good encryption schemes
◼ Confusion:
interceptor cannot predict what will happen to C when she changes one char in P
◼ E with good confusion:
29
Criteria for “Good” Ciphers (5)
◼ Commercial Principles of Sound Encryption Systems
1. Sound mathematics
▪ Proven vs. not broken so far
2. Verified by expert analysis
▪ Including outside experts
3. Stood the test of time
▪ Long-term success is not a guarantee
▪ Still. Flows in many E’s discovered soon after their release
◼ Examples of popular commercial E’s:
DES = Data Encryption Standard
◼ DES / RSA / AES RSA = Rivest-Shamir-Adelman
AES = Advanced Encryption Standard (rel. new)
[cf. A. Striegel]
30
Types of Algorithm
Symmetric algorithm
◦ uses a common secret key at sender and receiver ends
◦ aka secret or private key cryptography
◦ e.g. DES, IDEA
Asymmetric algorithm
◦ uses a pair of keys, one secret and one public
◦ aka public key cryptography
◦ e.g. RSA
31
Symmetric Algorithm
32
Asymmetric Algorithm
33
Symmetric and Asymmetric Cryptosystems (2)
◼ Problems with symmetric encryption:
◼ Ensuring security of the “key channel”
pair
◼ For n communicating users, need:
n * (n -1) /2 keys
34
Symmetric and Asymmetric Cryptosystems (3)
35
Symmetric and Asymmetric Cryptosystems (4)
◼ One PKE approach:
◼ R keeps her private key KD
36
Symmetric and Asymmetric Cryptosystems (5)
Symm. vs. Asymm. Key Algorithms
Symmetric Asymmetric
37
Symmetric and Asymmetric Cryptosystems (6)
Need for Key Management
ASYMMETRIC CRYPTOGRAPHY
40