Computer Security

TMN 2073

Lecture 2:
Cryptography and
Basic Security Mechanisms
Lecture Outline
Basic Terminology, Background and Notation
Cryptography Techniques
Cryptanalysis
Types of Algorithm
“Good” Cipher

2
Cryptography - What is it?
The definition:
Cryptography – ‘ A secret manner of writing, either by arbitrary characters, by using letters or
characters in other than their ordinary sense, or by other methods intelligible only to those
possessing the key ’.
(Oxford Dictionary, 2006)
Cryptography(secret writing)
- Is the strongest tool for controlling against many kinds of security threats.
(Security in Computing 4th Ed , 2007)

3
Introduction
Transformation of information into an encrypted form that cannot
be read by third parties
Originally used almost exclusively for diplomatic and military
communications
◦ fundamental change in recent days due to public / commercial
use of IT- based communications
May be applied to data communications or stored information

4
 CRYTPGRAPHY

STUDY OF CRYPTOGRAPHY IS CRYTOLOGY

Cryptology = Cryptography + Cryptanalysis

PLAINTEXT P = D(C) PLAINTEXT
(PT) P = D(C)= D(E(P)) (PT)
ENCRYPT/DECRYPT –SAME KEY (SYMMETRIC ENCRYPTION)
ENCRYPTION ALGORITHM DECRYPTION ALGORITHM

ENCRYPT/DECRYPT –DIFFERENT KEY (ASYMMETRIC ENCRYPTION)

CIPHERTEXT CIPHERTEXT
C = E(P)
CT CT
CRYTPANALYSIS

INSURE CHANNEL
Basic Terminology & Notation (1)
Plaintext
◦ plaintext is the readable message or data which will be used by the cryptographic process.

Ciphertext
◦ ciphertext is the un-readable message or data which is the outcome of the cryptographic process.
◦ 2 different key produce 2 different ciphertext

Encryption [encode]
◦ encryption is the process of turning plaintext into ciphertext
◦ Use encryption algorithm

6
cont…
Decryption [decode]
◦ decryption is the process of turning ciphertext into plaintext.

Cryptography
◦ a cipher system where plaintext is transformed into ciphertext using an algorithm
◦ at the recipient end, the message is deciphered to recover the original

Cryptanalysis
◦ used by an interceptor on the ciphertext to determine the plaintext information

Cryptology = Cryptography + Cryptanalysis

7
Implementing Cryptography
Simplest arrangements rely on secrecy of the cryptographic algorithm
◦ once discovered all the information is insecure

Security improved by using a key :

◦ constant algorithm, but produces different output depending on key value
◦ key can be changed if compromise suspected
◦ Number of possible keys = ‘key space’
◦ problem with key distribution - require secure protocols

8
Basic Cryptographic Scheme
original
plaintext ciphertext plaintext
ENCRYPTION DECRYPTION
P E C D P

◼ P = <p1, p2, ..., pn> pi = i-th char of P

◼ P = “DO NOT TELL ANYBODY” p1 = “D”, p2 = “O”, etc.
◼ By convention, cleartext in uppercase

◼ C = <c1, c2, ..., cn> ci = i-th char of C

◼ C = “ep opu ufmm bozcpez” c1 = “e”, c2 = “p”, etc.
◼ By convention, ciphertext in lowercase

9
Formal Notation
ENCRYPTION DECRYPTION original
plaintext ciphertext plaintext
ENCODING DECODING
P ENCIPHERING C DECIPHERING P

E D
◼ C = E(P) E – encryption rule/algorithm
◼ P = D(C) D – decryption rule/algorithm
◼ We need a cryptosystem, where:
◼ P = D(C)= D(E(P))

◼ i.e., able to get the original message back

10
 Cryptographic Techniques Vernam Cipher
By Gilbert Vernam for AT&T
Immune to most cryptanalytic attacks
Modulo 2 transformations using binary (XOR)
Key (K) Key (K)

+ +
Plaintext (P) Ciphertext (C) Plaintext
= (P + K) = (P + K) + K = P

e.g. P = 110101, K = 101010

◦ P + K = 011111 = C
◦ C + K = 110101 = P

11
Benefits of Cryptography
It’s just an improvement but not a Solution!
◦ Minimizes problems
◦ Doesn’t solve them
◦ Remember: There is no solution!
◦ Adds an envelope (encoding) to an open postcard (cleartext)
Cryptographic Techniques
Transposition
◦ the method by which symbols in the plaintext are moved into different
positions in the ciphertext.
Substitution
◦ the method by which symbols in the plaintext are replaced with
different (usually) symbols in the ciphertext.
Concealment
◦ the method by which additional symbols are placed in the ciphertext to
conceal the content.

13
Cryptographic Techniques Transposition
Rearrangement of the order of bits in a data block according to a fixed permutation
Total number 1’s and 0’s is preserved
Only secure if each message has its own transposition
Simple transposition may be target of brute force attack :
◦ attempting each permutation of encrypted text

Use of transposition matrix is more secure

14
Transposition Methods
Simple Transposition
transposition using matrix
Plaintext SECRET ILOVEASECURITYSUBJECT

S R
E T I L O V E
Encrypt C E S E C U R
R S I T Y S U
E C B J E C T
T E

Ciphertext RTESCE ISIBLETJOCYEVUSCERUT

15
Cryptographic Techniques
Substitution
Systematic replacement of one symbol by another
Uses a lookup table
Number of 1’s and 0’s not preserved
Vulnerable to statistical analysis
◦ e.g. based upon frequency of character occurrence

E.g. Caesar Cipher (3 place offset in alphabet)

16
Example of Substitution
(Plaintext)
secretmessage

Encrypt

VHFUHWPHVVDJH
(Ciphertext)
ci = E ( pi ) = pi + 3

17
Cryptographic Techniques
Concealment :
◦ Message symbols are mixed up with many other symbols that carry no useful
information
◦ Gives considerable security, but can greatly expand the message

18
 Shannon’s “Rules”
1. The amount of secrecy needed should determine the amount of labor
appropriate for the encryption and decryption.
2. The set of keys and the enciphering algorithm should be free from
complexity.
3. The implementation of the process should be as simple as possible.
4. Errors in ciphering should not propagate and cause corruption of further
information in the message.
5. The size of the ciphertext should be no larger than the plaintext.

19
Cryptanalysis (1)
Cryptanalyst attempts to deduce the original meaning of the ciphertext
message.
Cryptanalysts goals:
◦ Break a single msg
◦ Recognize patterns in encrypted msgs, to be able to break the subsequent ones
◦ Infer meaning without breaking encryption
◦ Unusual volume of msgs between enemy troops may indicate a coming attack
◦ Busiest node may be enemy headquarters
◦ Deduce the key, to facilitate breaking subsequent msgs
◦ Find vulnerabilities in implementation or environment of an encryption algorithm
◦ Find a general weakness in an encryption algorithm

20
Cryptanalysis (2)
Information used for cryptanalysts:
◦ Intercepted encrypted msgs
◦ Known encryption algorithms
◦ Intercepted plaintext
◦ Data known or suspected to be ciphertext
◦ Math or statistical tools and techniques
◦ Properties of natural languages
◦ Esp. adversary’s natural language
◦ To confuse the Japanese cryptanalysts, Americans used Navajo language in WW2
◦ Propertiers of computer systems

21
 Classification of
Cryptosystems -
Keys

Keyless Keyed cryptosystems

cryptosystems
- Less secure 1. Symmetric cryptosystem KE = KD
- classic, using the same key
2. Asymmetric cryptosystem: KE ≠ KD
- using the same key

22
Breakable Encryption
An encryption algorithm is called breakable
- given enough time and data, an analyst can determine the algorithm.
-

Breakable encryption
◦ Practical cryptosystems almost always are breakable, given adequate time and computing power
[cf. J. Leiwo, VU, NL]

23
Requirements for Crypto Protocols
◦ Messages should get to destination
◦ Only the recipient should get it
◦ Only the recipient should see it
◦ Proof of the sender’s identity
◦ Message shouldn’t be corrupted in transit
◦ Message should be sent/received once
◦ Proofs that message was sent/received (non-repudiation)

24
Making “Good” Ciphers
Cipher = encryption algorithm

25
1. Criteria for “Good” Ciphers (1)
◼ “Good” depends on intended application
◼ Substitution
◼ C hides chars of P

◼ If > 1 key, C dissipates high frequency chars

◼ Transposition
◼ C scrambles text => hides n-grams for n > 1

◼ Product ciphers
◼ Can do all of the aboveWhat is more important for your app?
What facilities available to sender/receiver?
◼ E.g., no supercomputer support on the battlefield

26
 Criteria for “Good” Ciphers (2)
◼ Claude Shannon’s criteria (1949):

1. Needed degree of secrecy should determine amount of labor

◼ How long does the data need to stay secret?

(cf. Principle of Adequate Protection)

2. Set of keys and enciphering algorithm should be free from complexity
◼ Can choose any keys or any plaintext for given E

◼ E not too complex (cf. Principle of Effectiveness)

3. Implementation should be as simple as possible
◼ Complexity => errors (cf. Principle of Effectiveness)

27
 Criteria for “Good” Ciphers (3)
◼ Shannon’s criteria (1949) – cont.

4. Propagation of errors should be limited

◼ Errors happen => their effects should be limited

◼ One error should not invlidate the whole C

(None of the 4 Principles — Missing? — Invent a new Principle?)

5. Size / storage of C should be restricted

◼ Size (C) should not be > size (P)

◼ More text is more data for cryptanalysts to work with

◼ Need more space for storage, more time to send

(cf. Principle of Effectiveness)

◼ Proposed at the dawn of computer era – still valid!

28
Criteria for “Good” Ciphers (4)
◼ Characteristics of good encryption schemes
◼ Confusion:
interceptor cannot predict what will happen to C when she changes one char in P
◼ E with good confusion:

hides well relationship between P “+” K, and C

◼ Diffusion:
changes in P spread out over many parts of C
◼ Good diffusion => attacker needs access to much of C to infer E

29
 Criteria for “Good” Ciphers (5)
◼ Commercial Principles of Sound Encryption Systems
1. Sound mathematics
▪ Proven vs. not broken so far
2. Verified by expert analysis
▪ Including outside experts
3. Stood the test of time
▪ Long-term success is not a guarantee
▪ Still. Flows in many E’s discovered soon after their release
◼ Examples of popular commercial E’s:
DES = Data Encryption Standard
◼ DES / RSA / AES RSA = Rivest-Shamir-Adelman
AES = Advanced Encryption Standard (rel. new)
[cf. A. Striegel]
30
Types of Algorithm
Symmetric algorithm
◦ uses a common secret key at sender and receiver ends
◦ aka secret or private key cryptography
◦ e.g. DES, IDEA
Asymmetric algorithm
◦ uses a pair of keys, one secret and one public
◦ aka public key cryptography
◦ e.g. RSA

31
Symmetric Algorithm

32
Asymmetric Algorithm

33
Symmetric and Asymmetric Cryptosystems (2)
◼ Problems with symmetric encryption:
◼ Ensuring security of the “key channel”

◼ Need an efficient key distribution infrastructure

◼ A separate key needed for each communicating S-R

pair
◼ For n communicating users, need:

n * (n -1) /2 keys

34
Symmetric and Asymmetric Cryptosystems (3)

◼ Asymmetric encryption = public key encryption (PKE)

◼ KE ≠ KD — public and private keys

◼ PKE systems eliminate symmetric encr. problems

◼ Need no secure key distribution channel
◼ => easy key distribution

35
 Symmetric and Asymmetric Cryptosystems (4)
◼ One PKE approach:
◼ R keeps her private key KD

◼ R can distribute the correspoding public key KE to anybody who wants to

send encrypted msgs to her
◼ No need for secure channel to send KE

◼ Can even post the key on an open Web site — it is public!

◼ Only private KD can decode msgs encoded with public KE!

◼ Anybody (KE is public) can encode

◼ Only owner of KD can decode

36
Symmetric and Asymmetric Cryptosystems (5)
Symm. vs. Asymm. Key Algorithms
Symmetric Asymmetric

Key: K (= KD = KE) ◼ Key pair: < KE, KD >, KD ≠ KE

K kept secret ◼ KD kept secret

KE public (usually; or known to n users)
K agreed upon between 2 parties in
advance
◼ KE distributed to k users before first
Like using a “simple” communication (by owner of KD)
safe (with one door)
◦ Need safe key to deposit doc in ◼ Like using a safe with locked deposit slot
safe ◼ Need deposit slot key to slide doc into
◦ Need safe key to get doc from safe
safe ◼ Need safe door key to get doc from safe

37
Symmetric and Asymmetric Cryptosystems (6)
Need for Key Management

◼ Private key must be carefully managed in both SE and PKE

(asymm.) cryptosystems
◼ Storing / safeguarding / activating-deactivating

Keys can expire - e.g. to take a key

away from a fired employee

◼ Public key must be carefully distributed in PKE systems

=> Key management is a major issue
38
OUR FOCUS

ASYMMETRIC CRYPTOGRAPHY
40