This action might not be possible to undo. Are you sure you want to continue?
What is Cryptography
Protecting information by transforming it into an unreadable format Encryption is the process that transforms the data into the unreadable format, Decryption restores it to its original format. Used to prevent information from ³falling into the wrong hands´ Data is only available to the people that are supposed to see it
A little history
Cryptography is not new
1900 BC hieroglyphics 60 BC Caesar cipher
± Simple substitution cipher ± Replace each letter with alphabet shifted K letters ± If K=3 then ³hello´ becomes ³khoor´
Thomas Jefferson considered by some to be the father of U.S. cryptography Cryptography vital during World Wars
± German Enigma machine in WW II
³Lucifer´ IBM project in late 1960¶s became successful commercial product
How does it work
A few terms
Plaintext ± the original message Ciphertext ± the encrypted message Encryption ± how the message is scrambled Decryption ± how the message is unscrambled Cryptographic system ± specific method of encryption and decryption (also called a cipher or cryptosystem) Transposition ± rearranging elements Substitution ± replacing elements
How does it work
Encryption is NOT the same as a code Code ± words are substituted for other words Navajo code talkers from WW II
dah-he-tih-hi (hummingbird) substituted for ³fighter plane´ besh-lo (iron fish) meant ³submarine´
How does it work Encryptkey(Plaintext) = Ciphertext Decryptkey(Ciphertext) = Plaintext Must know method and key (if used) Not all crypto methods use keys .
How does it work Caesar cipher Plaintext = ³hello´ Encryption method = substitute letter with letter plus 3 Encrypt(³hello´) = Ciphertext = ³khoor´ How can we make this method more secure? .
How does it work Caesar cipher with incrementing substitution Plaintext = ³hello´ Encryption method = substitute letter with letter(I) where I starts at 3 and increments 1 for each letter Encrypt(³hello´) = Ciphertext = ³kiqrv´ .
Digital Cryptography Block Ciphers Operate on blocks of plaintext and ciphertext ± usually 64 bits. Key K Keystream Generator Keystream Key K Keystream Generator Keystream Ki Ciphertext Ki Plaintext Pi Plaintext XOR Ci XOR Pi . Stream Ciphers Convert plaintext to ciphertext 1 bit at a time.
Different Methods Symmetric ± same key is used for both encryption and decryption (also called private key encryption) DES .Advanced Encryption Standard IDEA ± International Data Encryption Algorithm .Data Encryption Standard ± Loosely based on Lucifer which used 112 bit keys ± NSA asked that the key length be shortened to 56 bits Triple-DES ± variant of DES AES .
Different Methods DES Encrypts 64-bit blocks using a 56-bit key 64-bit block is permutated 64-bit block split into two 32-bit blocks Each sub-block is combined with the key and processed 16 times Sub-blocks are joined and sent through an inverse permutation process .
How DES works .
How DES works .
Senate officially cleared NSA of any improper manipulation of the DES algorithm though official findings are classified .S.How DES works S-Boxes Integral part of DES algorithm Selects which 32 bits to use after the key and 32bit data block have been shifted and combined Some suspect NSA inserted a ³trap door´ into the S-Box function U.
Triple DES Encipher DES DES-1 DES Plaintext K1 K2 K1 Ciphertext DES-1 DES Decipher DES-1 .
Different Methods Skipjack ± developed and released by NSA Uses 80-bit keys Used in Clipper chip ± Meant to help FBI combat criminals using encryption ± Built in back door for law enforcement ± Government has ³master key´ ± Key escrow ± session key held for later release to law enforcement when needed Government tried to force this as a standard Not widely accepted .
Different Methods Problems with symmetric methods Same key is used to encrypt and decrypt Shared key is more likely to be compromised Possible to brute force short keys Certain keys are weak Different keys can produce identical ciphertext Distribution of keys .
First discussion of public-key distribution system RSA (named for its inventors Ron Rivest. Adi Shamir. and Leonard Adleman) PGP (Pretty Good Privacy) .Different Methods Asymmetric ± uses two different keys (also called public key) Private key ± known only to one party Public key ± available to anyone Diffie-Hellman ± 1976 .
the message key is the same on both sides .Different Methods Diffie-Hellman Method Ciphertext = Encrypt public key[Plaintext] Plaintext = Decrypt private key[Ciphertext] Each party creates their own private key Each party computes a public key using a mathematical function of the private key Public keys are exchanged Message key is computed from other person¶s public key and your own private key If the math is right.
Uses of Public Key Cryptography Digital Signatures Used to authenticate digital material Prove identity and validity of action or material Transmission of symmetric key (public key encryption is generally slower) .
Uses of Public Key Cryptography Digital Signatures and Public Key Encryption Message encrypted or signed with private key of sender and public key of recipient Recipient decrypts with own private key and sender¶s public key Only sender has the right private key so if it decrypts it must have come from the sender NOTE: Assumes keys have not been compromised .
Uses of Cryptography SSL ± Secure Socket Layer Used to encrypt web-based transactions Usually 40. is an open technical standard for the commerce industry developed by Visa and MasterCard as a way to facilitate secure payment card transactions over the Internet. 56. . or 128-bit key lengths Very popular with e-tailers Look for little padlock on your browser TLS ± Transport Layer Security protocol Developed by Internet Engineering Task Force (IETF) and based on SSL SET ± Secure Electronic Transactions The SET Specification.
Uses of Cryptography Digital Certificates Used to encode and verify messages Requires a Certificate Authority that creates a digital certificate based on a private key and other authentication information Implements the ³trusted third party´ concept X.509 is a popular standard for defining digital certificates .
Uses of Cryptography VPN (Virtual Private Network) Connects geographically separate offices using public communication means Packets are usually ³tunneled´ ± entire packet is encrypted and encapsulated in a new packet before sending Hardware or software based Sometimes integrated into firewalls Usually cheaper than leased lines Very good for mobile employees that need access to the company network .
each with half of the key Often requires two or more people to access and recover key .Uses of Cryptography Key Escrow and Key Recovery Keys held in ³reserve´ in case the original keys are lost or damaged Usually split between two parties.
Breaking Crypto Weaknesses The human factor ± Two person authentication Security of key and message Key length ± Short keys can be broken even with a good algorithm Algorithm ± Very difficult to develop a secure algorithm ± Weak algorithm can be insecure even with a long key .
Breaking Crypto Differential Cryptanalysis Look for differences in pairs of messages Only works on certain ciphers Linear Cryptanalysis Looks for simple approximation of encryption function Differential Power Analysis Measures power consumption of hardware encryption devices .
000 PCs on Internet and DES Cracker Testing 245 billion keys per second Depends on where key falls in possible keyspace .Breaking Crypto Brute Force Just try different keys until you get one that works DES Challenge Worked off of 56 bit keys Sponsored by RSA to show weaknesses in DES Electronic Frontier Foundation built special system (DES Cracker) to crack DES in 56 hours Jan 19. 1999 ± Distributed.Net cracks 56-bit DES in 22 hours and 15 minutes using 100.
3 years Computing power advances a factor of 100 every decade .Breaking Crypto Crypto potentially vulnerable to advances in computing power Moore¶s Law Named after creator Gordon Moore of Intel Computing power advances a factor of 10 every 3.
Breaking Crypto 56-bit DES broken in less than a day Roughly 70 thousand trillion possible keys 128-bit DES would have 3 * 10^38 possible keys 1 billion processors capable of processing 100 million keys/sec would take 10^20 years to try all keys Cracking just needs to find a suitable key. not try every combination .
e.Hiding Information Cryptography ± concerned with protecting the content of information but is not concerned with hiding its existence. Watermarks ± used to indicate ownership Visible digital watermarks Imperceptible digital watermarks . the sender and the recipients of a message). Covert Channels ± ³communication paths that were neither designed nor intended to transfer information at all.´ Anonymity ± ³finding ways to hide the metacontent of messages (i.´ Steganography ± concerned with hiding the existence or presence of a message.
Automatic monitoring of copyrighted material on the Web A µbot¶ can search the web for copies of marked material identifying illegal copies Tamper proofing ± information hidden may be a signed ³summary´ or a hash value which can be used to detect unauthorized modifications. purchasing info. Data augmentation ± information can be added for the benefit of the public (e. Detection of a signal may lead quickly to the sender being attacked. «) .Applications of Information Hiding Unobtrusive communications ± important on the modern battlefield.g. annotations. details about the work.
the message will be completely invisible. sound recording. Done by embedding the message in some medium such as a document. or video. image. For those who don¶t know about it.Steganography Literally means ³covered writing´ The practice of hiding a message in such a manner that its very existence is concealed. Those who know the medium contains a message can extract it. Related concept is digital ³watermarking´ .
the message carved into the wood. microdots .Steganography -.historical examples In the Histories of Herodotus Demaratus wanted to notify the Spartans that Xerxes planned to invade Greece. He had the wax scraped off of writing tablets. The message was thus hidden. then recovered with the wax. Codes. tattoo the message on his head. Shave the head of a messenger. let his hair grow back. invisible ink.
.Y.Historical example: Encoded messages ³Pershing sails from N. Example 2: Apparently neutral's protest is thoroughly discounted and ignored. statement foreshadows ruin of many neutrals. June 1´ Example 1: President¶s embargo ruling should have immediate notice. ejecting suets and vegetable oils. Blockade issue affects pretext for embargo on byproducts. Yellow journals unifying national excitement immensely. Grave situation affecting international law. Isman hard hit.
but all communication between them is arbitrated by the warden. Thus.Classic Steganography Model ³Prisoners¶ problem´ Alice and Bob are arrested for some crime and are thrown in two different cells. The warden may alter messages or forge messages as well so the system they develop must be able to handle these occurrences. The warden will not let them communicate using encryption and in fact will not allow them to communicate at all if suspicious communications are detected. they must be able to hide meaningful information in some harmless message.g. both parties must communicate ³invisibly´ ± e. They want to develop an escape plan. .
Stego Process Cover objects Stego Scheme Secret Message Stego Transmission over object insecure channel Stego Key Stego object Stego Scheme Secret Message Stego Key .
private key of receiver used in extraction process . for each individual Public key of receiver used in embedding process.Stego Keys Private key steganography Similar to a symmetric cipher Only individuals knowing the secret key can extract the hidden message Public Key steganography Does not rely on the exchange of a secret key Requires the use of two keys. one public and one private.
Spread spectrum techniques ± adopting ideas from spread spectrum communication Statistical methods ± encode info by changing several statistical properties of a cover and use hypothesis testing in the extraction process Distortion techniques ± store information by signal distortion and measure the deviation from the original cover in the decoding step. files) Transform domain techniques ± embed secret information in a transform space of the signal (e. Least significant bit replacement Unused or reserved space (e. Cover generation methods ± encode information in the way a cover for secret communication is created.g.. . in the frequency domain).g.Steganographic Classifications Substitution systems ± substitute redundant parts of a cover with a secret message.
000 bytes (characters). ± If RGB scheme used with 3 bytes/pixel (one for each color RGB) even more data can be hidden since the resulting file is much larger.Hiding images in files Takes advantage of coding scheme For pictures.000 bits of coded message can be encrypted or 15. A 400 x 300 image will have 120. each pixel represented by 1 or more bytes. small variations in the picture may occur but the message will be hidden inside. If the least significant bit is used to encode the message. .000 pixels thus ± if 8 bit coding scheme (256 colors) 120.
Steganography 111 000 000 000 111 000 111 000 111 000 000 000 111 000 000 000 111 000 111 000 111 000 000 000 111 111 000 000 000 111 000 111 000 111 000 000 000 111 000 000 000 111 000 111 000 111 000 000 000 111 CAB = 01000011 01000001 01000010 8 shades of gray 000 001 010 011 100 101 110 111 .
Steganography 111 000 000 000 111 000 111 000 111 000 000 000 111 000 000 000 111 000 111 000 111 000 000 000 111 CAB = 0 1 0 0 0 0 1 1 0 1 0 0 0 0 0 1 0 1 0 0 0 0 1 0 Original = 111 000 000 000 111 000 111 000 111 000 000 000 111 000 000 000 111 000 111 000 111 000 000 000 111 Hidden = 110 001 000 000 110 000 111 001 110 001 000 000 110 000 000 001 110 001 110 000 110 000 001 000 111 8 shades of gray 000 001 010 011 100 101 110 111 .
Steganography Hidden = 110 001 000 000 110 000 111 001 110 001 000 000 110 000 000 001 110 001 110 000 110 000 001 000 111 110 000 000 001 110 001 111 000 110 000 000 001 110 001 001 000 110 000 110 000 110 001 000 000 111 original hidden original 8 shades of gray 000 001 010 011 100 101 110 111 .
Example (hideseek on gif file) Original Version with hidden text Text: ³This is a MacGregor 26X.´ .
.Example (hideseek on gif file) Original Text: ³This is a MacGregor 26X under power. Uses water ballast system so very easily trailered.´ Version with hidden text . This also results in an extremely shallow draft so it can be easily beached. Cool looking boat with lots of neat features.
Example (PGE on jpg file) Original Picture with hidden text Text: ³A sample text to hide.´ .
Example (PGE on jpg file) Original Text: ³A sample text to hide. This is a larger file to hide. The photo is cool. how did that car get underneath the jet in the first place?´ Picture with hidden text .
Example (Hide4pgp with wav) Original Wav file with hidden text Text: ³An example of text hidden in a sound file.´ .
Steganography (TextHide) .
Steganography (TextHide) .
Lossy compression can result in total loss of the hidden message. . compressions). Lossy compression techniques attempt to remove imperceptible (³unneeded´) signal components to reduce the size. Addition of noise may also modify the hidden message and may not be able to be filtered out. smoothing.Some problems for stego Steganographic systems are extremely sensitive to cover_object modifications (e. The message may thus be lost entirely.g. filtering.
Detection Watermarks harder than complete stego images Any manipulation of image introduces distortion Changes between colors rarely occur in 1-bit shifts ± (not true of gray-scale) one way to foil is to use color palettes that change dramatically with 1-bit shifts . why worry? There are some legitimate concerns but often there are many other easy ways to conceal/capture info.What can you do about it? First of all.
Steganalysis Attempt to detect the existence of hidden information Stego-only attack: only the stego-object is available for analysis Known cover attack: the original cover-object and stegoobject are both available. Known message attack: the hidden message and the stego-object are available. Chosen message attack: goal is to determine the specific stego tool or algorithm Known stego attack: the tool (algorithm) is known and both the original and steg-objects are available. . Chosen stego attack: The stego tool (algorithm) and stego-object are known.
. is a technique used to imperceptibly convey information by embedding it into the cover-data. Watermarking has the additional notion of resilience against attempts to remove the hidden data. Stego as described so far typically used for point-topoint communication ± Methods usually not robust enough to handle more than minor technical modifications of the data as a result of events such as compression or format conversion.Digital Watermarking Like steganography.
Watermarking All methods share same components: Watermark embedding system Watermark recovery system Watermark W Digital Cover Data I Watermark Secret/ lic ke Watermark W or original data I Watermarked Data I¶ Watermark Test Data I¶ detection Secret/ lic ke Watermark or Confidence meas re .
Watermarking Applications Watermarking for Copy and Copyright protection. Fingerprinting for ³traitor tracking´ Useful in monitoring or tracing back unauthorized copies Image authentication .
Summary What is the Importance and Significance of this material? How does this topic fit into the subject of ³Voice and Data Security´? This is a hidden message²you find it you win--RJK .
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue reading from where you left off, or restart the preview.