Professional Documents
Culture Documents
Chapter 2
Cryptography
Overview
• What is cryptography?
• Symmetric cryptography
– Brief crypto history
– Stream cipher
– Block cipher
– Hash functions
• Asymmetric cryptography
– Asymmetric encryption in general
– Diffie-Hellman key exchange
– Digital signatures
• Post quantum cryptography
2
Terminology
Cryptology
Cryptography Cryptanalysis
Cryptography 3
Cryptography at a glance
Messag Messag
e Plain text e
Cryptography 4
Cryptography at a glance
Messag Messag
e e
Cipher Cipher
encryption decryption
Plain text Plain text
Cipher text
5
What can cryptography be used for?
– Confidentiality:
• Makes data unreadable by devices that do not have the correct cryptographic keys, even if
they have the data.
– Data integrity:
• Devices with correct cryptographic keys can verify that data is correct and has not been altered by
unauthorized persons.
– Authentication:
• Communicating entities can be assured that the identity of the other user/
entity or the sender of a message is what it claims to be.
– Digital Signature and PKI (Public-Key Infrastructure):
• Strong evidence of data authenticity that can be verified by third parties.
• Scalable (to the entire Internet) secure distribution of cryptographic keys.
6
Cryptographic Cryptographic functions
functions
Encryption Hash-
Also called
algorithms functions “public-key
cryptography"
7
Terminology
• Encryption: plain text M is transformed with an encryption function E to ciphertext C
controlled by encryption key k.
– Formal spelling:C =E(M, k).
• Decryption:cipher text C transformed with decryption function D for plain textMcontrolled by
encryption keyk.
– Formal disc style:M =D(C,k).
• Symmetric cipher: the same secret key is used for both encryption and
decryption.
• Asymmetric cipher: Key pair with a private and a public key.
– Encryption with public key and decryption with private key
– Digital signature with private key and validation of signature with public key
8
Cryptography| the algebraic prespective
Symmetric encryption (with secret key)
Alice Secret Secret Bob
key key
Messag Messag
e e
Cipher Cipher
Cipher text
encryption decryption
Plain text Plain text
M E(M,k) C D(C,k) M
• “Secret key” means that the key is shared In secret between all entities authorized to encrypt/decrypt.
Cryptography 9
The history of cryptography
Classic Middle Ages Pre-WW2 WW2 Pre-2000 Post-2000
cipher cipher cipher cipher cipher cipher
and
Vernam
transposition
1916
Vigenère
Substitution SP network
1566 Asymmetrical
caesar- Info theory crypto SHA-3
cipher
Shannon
Diffie
Hellmann Post quantum
asymmetrical
crypto
Cryptography
10
Caesar Cryptosystem
Letter frequencies→ Statistical cryptanalysis
• Classical ciphers, such as the Caesar
cipher, are weak because they fail to
hide statistical ones
irregularities in the cipher text.
Caesar chi
Cryptography 16
Claude Shannon (1916 – 2001)
Father of Information Theory – MIT / Bell Labs
• Information theory
– Defined "binary digit" (bit) as the smallest unit
of information
- Defined information entropy as a measure of the amount of
information
• Cryptography
– Model for secret secure systems
– Defined perfect secrecy security
– Principle of encryption with SP network
(substitution and permutation) to erase
statistical irregularities
Cryptography 19
One-Time Pad: One-Time Pad (Gilbert Vernam, 1917)
Alice Bob
shared secret shared secret
disposable key K disposable key K
Message Message
• OTP provides perfect security by assuming that the OTP key is completely random, of the same length as the message, and
is used only once.
Cryptography 20
The perfect cipher machine: One-Time-Pad
Time Pad
Key as long as message
Key must be absolutely random keys Key must never be
re-used
guarantees perfetc security y Key Key management
very hard
Computer generated random number sequences are
lly) not good Enough
Modern cryptography
- Finding the key by cryptanalysis can exploit statistical irregularities in the cipher text.
- To prevent cryptanalysis, the bit patterns / characters in the ciphertext should have a uniform/even
distribution, that is, all bit patterns / characters should be equally likely.
24
Block cipher
Shannon's SP network (1949)
Erases statistical irregularities Plaintext block (typically 128 bits)
...
the plaintext block and the ciphertext block.
E
.
• Permutation
– Sub-blocks are moved around the block. S S .... S
Roundn
– Provides “diffusion”, i.e. that changing a .P
single plaintext bit (or key bit) causes
many ciphertext bits to change.
•The key is included in S or P or in a separate
function Ciphertext block (typically 128 bits)
Cryptography 26
AES - Advanced Encryption Standard
• DES (Data Encryption Standard) from 1977 had a 56-bit key and a
64-bit block. In the mid-1990s, DES could be cracked with full key
search.
• In 1997, NIST announced an open competition to design a new
block cipher to replace DES.
• The best proposal called "Rijndael" (designed by Vincent Rijmen and Joan
Daemen from Belgium) was considered the best, and nominated to become
AES (Advanced Encryption Standard) in 2001.
• AES has key sizes of 128, 192 or 256 bits and
block sizes of 128 bits.
Cryptography 35
Block cipher and stream cipher
Block cipher Stream cipher
Block with
plain text Key
n bits
Key-
current-
Block-
generator
cipher
Key Key current
Cryptography 36
Block Cipher: Modes of Operation
Cryptography 37
Electronic Code Book (ECB)
• Simplest encryption mode
• The plain text is divided into blocksM1, M2, …, Mn
• Each block is encrypted separately.
– Notation encryption: C1=
– Notation decryption: E(M1,K)
Mciphertext
- Equal plaintext blocks give equal 1= blocks, this is the problem!
D(C1,K)
M1 M2 M3 C1 C2 C3
K K K K K K
E E E D D D
C1 C2 C3 M1 M2 M3
Encryption Decryption
Cryptography 38
Vulnerability using ECB mode
Plain text Ciphertext with ECB mode Cipher text with secure mode
Cryptography 39
Counter Mode (CTR)
• The plain text is divided into blocksM1, M2, …, Mn
• An incrementing counter valueTis encrypted
• Each encrypted count value is added to the plaintext block with binary XOR-
- Identical plaintext blocks give different ciphertext blocks, this provides security!
T1 T2 T3 T1 T2 T3
K K K K K K
E E E E E E
M1 - M2 - M3 - C1 - C2 - C3 -
C1 C2 C3 M1 M2 M3
Encryption Decryption
Cryptography 40
CTR encryption and binary addition with XOR
• The plain text is divided into blocks:M1, M2, …, M n
• Incrementing counter values with the same block size:T1, T2, …, Tn
• The counter values are encrypted and added to the plaintext blocks:
– Notation encryption: C1= E(T1,K)-M1
– Notation decryption: M1= E(T1,K)-C1 = E(T1,K)-E(T1,K)-M1
41
Cryptography
HASH FUNCTIONS AND
MESSAGE AUTHENTICATION
24
Hash functions
Requirements for a hash functionHash:
Cryptography 43
Properties of hash functions
Cryptography 44
Well known hash functions
• MD5(1991): 128-bit hash value. Easy to find collisions, due to small hash
size and poor design. Should no longer be used.
• SHA-2designed by NSA in 2001. Can generate 256, 384 and 512 bit hash value.
Considered safe. Replacement for SHA-1.
Cryptography 45
Applications of hash functions
• Comparison of files
• Password protection
• Integrity check
• Generation of Message Authentication Codes (MAC)
• Digital signatures
• Bitcoin and cryptocurrency
• Generation of pseudorandom numbers
• Generation of crypto keys
Cryptography 46
Message Authentication Code - MAC
(Message Authentication Code)
• A message M with a simple hash value Hash(M) can be easily changed by attacker.
• To prevent attacks, it is necessary to use an authenticated hash value.
• MAC (message authentication code) includes a secret key k for hash function
calculation, which provides an authenticated hash value MAC=Hash(M, k).
• To validate and authenticate a message, the recipient must have the same secret
key k which was used by the sender to calculate MAC.
• A third party who does not know the key cannot validate MAC-value.
Cryptography 47
Message authentication with MAC
• Asymmetric encryption
• Diffie-Hellman key exchange
• Digital signature
Cryptography 49
Asymmetric encryption – basic principle
Alice Bob
PKI
Cryptography 51
Hybrid encryption
• Symmetric ciphers are much faster than asymmetric ciphers (because
symmetric ciphers have simple mathematical computation), but ...
• Asymmetric ciphers simplify key distribution, therefore…
• Practical to use a combination of both symmetric and
asymmetric ciphers - a hybrid system:
– The asymmetric cipher is used to distribute a secret symmetric key.
Alice Bob
PKI
Cryptography 58
Diffie-Hellman key exchange
• Problem:
- Provides no authentication
- Alice and Bob cannot know who they are communicating with
- Man-in-the-middle attack possible
• Solution
- Combination with digital signature provides authenticated key exchange
• Applications:
– TLS (Transport Layer Security) and https
– IKE (Internet Key Exchange) and IPSec (IP Security)
Cryptography 60
Need for digital signature
Cryptography 38
Digital signature: Basic principle
PKI
Alice's private
key Digital Send message as Alice's public
private
S digital signatureS key
signing pub
Cryptography 62
Practical digital signing
PKI Alice's public
key pub
Send digital signatureS
Alice's private
along with messageM Validate Calculate the hash
key Digital
private
S signature = Val( ,
signing pub)
Cryptography 64
POSTQUANTUM
CRYPTOGRAPHY
Cryptography 65
Quantum computers
• Quantum computing (Quantum Computing - QC) is based on
quantum "qubits" instead of binary bits
Experimental
quantum computer
Symmetrical
encryption Confidentiality
Authenticity / Integrity
Hash-
functions
Digital Signature
PKI / key distribution
T Asymmetrical
encryption Confidentiality
& Digital Signature
(Traditional), e.g.
RSA, DSA, Diffie- The quantum threat
Hellmann
Cryptography 44
Cryptographic functions
Symmetrical
encryption Confidentiality
Authenticity / Integrity
Hash-
functions
Digital Signature
PKI / key distribution
PQ Asymmetrical
encryption Confidentiality
& Digital Signature
(Post-Quantum), With post quantum crypto we
e.g. Lattice-based, can keep DigSig and PKI even
Multivariate, Hash-
based, Code-based, with quantum computers that
Elliptic curve isogeny have 1 million qubits
Cryptography 45
Standardization of post quantum crypto
Cryptography 69
Breakdown of trad. asymmetric crypto?
Quantum
Computer
?
Qubit size
10,000,000
?
Collapse
1,000,000
No
collapse
10,000
?
50 qubits
1000
computer
0 Year
2020 2030 2040 2050 2060 2070 2080 2090
Cryptography 70
Why move to post-quantum cryptography?
48
END OF THE
PRESENTATION
50
Refrence