Scribd Logo
Upload

Welcome to Scribd!

  • SEC220-Week 3

    Uploaded by

    Darshit Patel
    11 views31 pages

    Original Title

    SEC220-Week 3 (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views31 pages

    SEC220-Week 3

    Uploaded by

    Darshit Patel

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 31

    Enigma

    Machine

    3-1
    Copyright © 2015 Pearson Education, Inc.
    World’s first: electronic digital
    programmable computer

    World’s first: electronic digital What is this?


    programmable computer
    3-2
    Copyright © 2015 Pearson Education, Inc.
    Cryptography

    Copyright © 2015 Pearson Education, Inc.


    Cryptography (2)
    • Cryptography is the use of mathematical operations to
    protect messages traveling between parties or stored
    on a computer;
    • The field of study related to encoding information
    Crypto = “secret“ graphy = “writing”

    ???

    Copyright © 2015 Pearson Education, Inc.


    Introduction
    Some Early History:
    1900 BC: Egyptians use non-standard hieroglyphics
    475 BC: Spartans of Greece develop the scytale
    50 BC: Julius Caesar using a simple cipher for military and
    government communications.
    725 AD: Abu `Abd al-Rahman al-Khalil ibn Ahmad ibn `Amr
    ibn Tammam al Farahidi al-Zadi al Yahmadi wrote a
    (now lost) book on cryptography
    1466 AD: Leon Battista Alberti, the Father of Western
    cryptography worked on polyaphabetic substitution and
    a cipher disk.
    1623 AD: Sir Francis Bacon described one of the first uses of
    steganography

    Copyright © 2015 Pearson Education, Inc.


    Our concern is bigger than secret writing
    • CIA: Confidentiality- Integrity- Availability
    • Authentication means proving one’s identity to another
    so they can trust you more;

    • Non-repudiation is the assurance that someone cannot


    deny something;

    Copyright © 2015 Pearson Education, Inc.


    Keys and Locks
    • Cryptography can be compared with locks
    in physical world.

    • Locks by themselves are useless unless they


    are part of big system (Like system of
    protecting buildings with doors, even
    including people)
    • Similarly Cryptography is a small part of
    a big security system.

    • So when we are dealing with the security of


    a system we deal with all aspects of the
    security.
    Copyright © 2015 Pearson Education, Inc.
    Cipher: a method /algorithm that encrypts or
    disguises “text”

    Key: the set of parameter that guide a cipher

    Plaintext: The undisguised text is called


    “plaintext”
    Some
    Terminologies Ciphertext: The disguised text is called
    “ciphertext”

    Cryptanalysis: the process of deciphering


    ciphertext without knowing the key

    Copyright © 2015 Pearson Education, Inc.


    Types of Cryptosystems
    There are two fundamental types of cryptosystems based
    on the keys
     Symmetric Key Encryption
    • same keys are used for encryption and decryption
    • symmetric key encryption = symmetric key
    cryptography= secret key cryptography
    • Examples: DES, AES, IDEA
     Asymmetric Key Encryption
    • different keys are used for encrypting and
    decrypting the data
    • keys are mathematically related
    • Example: RSA

    Copyright © 2015 Pearson Education, Inc.


    Types of Cryptosystems (2)
    There are two fundamental types of cryptosystems based
    on the input

    • Computer data is represented in the form of bits


    instead of alphabets
    • Modern cryptosystems need to process this
    binary strings to convert into another binary
    string
    • Based on how these binary strings are processed, a
    symmetric encryption schemes can be classified into
    ‒Block Ciphers
    ‒Stream Ciphers

    Copyright © 2015 Pearson Education, Inc.


    • Encrypt messages a bit or byte at a time
    • One bit of plaintext is taken, and a series of
    operations are performed on it to generate
    one bit of ciphertext
    • Typical approach for Stream Cipher
    • Key used as input to bit stream generator
    algorithm
    Stream • Algorithm generates cryptographic bit
    stream (ki) used to encrypt plain text
    Cipher • Users share a key; use it to generate
    keystream

    Copyright © 2015 Pearson Education, Inc.


    Block Ciphers

    • Encrypt a block of plaintext as a whole


    to produce same sized ciphertext
    • Typical sizes are 64 or 128
    • A block of plaintext is selected, a series
    of operations is performed on this block
    to generate a block of ciphertext

    Copyright © 2015 Pearson Education, Inc.


    Types of Cryptosystems (3)
    •There are two fundamental types of cryptosystems
    based on the function
    • The two basic building blocks of all Most real ciphers use
    encryption functions: both substitution and
    substitution and transposition. transposition
    • Substitution Cipher
    • A cipher that substitutes one character
    with another, it can be as simple as
    swapping a list, or can be based on more
    complex rules
    • These are NOT secure
    anymore, but they used to be quite
    common. What has changed?
    • Examples: Caesar Cipher, Vigenère Cipher
    • Transposition Cipher
    • Change the position of characters
    Copyright © 2015 Pearson Education, Inc.
    Caesar’s Cipher

    • Caesar’s Cipher is a type of substitution cipher


    • To encrypt: Replace each plaintext letter with the letter “k”
    positions to the right.
    • For example: if k = 3 then

    • Substitution is circular
    K=19
    • The person encrypting the messages
    chooses key, “k”.
    Copyright © 2015 Pearson Education, Inc.
    CAESAR’S CIPHER TRANSPOSITION
    EXAMPLE EXAMPLE

    Examples

    Copyright © 2015 Pearson Education, Inc.


    Cryptanalysis of Caesar’s Cipher
    • Cryptanalysis = breaking a code
    • Blackhat decrypts without knowing key
    • Approaches for Cryptanalysis: brute force
    – take ciphertext c and try all shifts k until a readable
    message comes out

    • Statistical Approach using frequency analysis

    Copyright © 2015 Pearson Education, Inc.


    THE KEY
    OR
    THE ALGORITHM?

    3-17

    Copyright © 2015 Pearson Education, Inc.


    Kerckhoffs' Principle
    • Bob needs two things to decrypt the cipher text
    • ‒The decryption algorithm
    • ‒The key
    • Kerckhoffs' principle says: “the security of the encryption
    scheme must depend only on the secrecy of the key K,
    and not on the secrecy of the algorithm”
    • Think about it! Why algorithms should be published instead
    of keep them a secret?

    Copyright © 2015 Pearson Education, Inc.


    Key Length and Exhaustive Search Time
    Key Length in Number of Possible Keys
    Bits Each extra bit
    doubles the number of
    1 keys 2
    2 4
    4 16
    8 256
    16 65,536
    40 1,099,511,627,776
    56 72,057,594,037,927,900
    112 5,192,296,858,534,830,000,000,000,000,000,000
    112 5.1923E+33
    168 Shaded keys are 3.74144E+50
    256 Strong symmetric keys 1.15792E+77
    512 (>=100 bits) 1.3408E+154

    Copyright © 2015 Pearson Education, Inc.


    Symmetric Key Encryption for
    Confidentiality

    Copyright © 2015 Pearson Education, Inc.


    • Authentication

    Symmetric
    Key
    Encryption • Integrity

    for:

    • Non-repudiation

    Copyright © 2015 Pearson Education, Inc.


    Exhaustive Search vs. Weakest Link

    Copyright © 2015 Pearson Education, Inc.


    Major Symmetric Key Encryption Ciphers
    RC4 DES 3DES AES
    Key Length 40 bits or 56 112 or 168 128, 192, or
    (bits) more 256
    Key Strength Very weak at Weak Strong Strong
    40 bits
    Processing Low Moderate High Low
    Requirements
    RAM Low Moderate Moderate Low
    Requirements
    Remarks Can use keys Created in Applies Today’s gold
    of variable the 1970s DES three standard for
    length times with symmetric
    two or three key
    different encryption
    DES keys

    Copyright © 2015 Pearson Education, Inc.


    Symmetric Key Encryption
    advantage and disadvantage

    • Symmetric ciphers are fast and cheap


    • Symmetric ciphers use same secret key
    for encryption and decryption, no
    secure
    • Key distribution is a big problem
     Send the key through an existing
    encryption channel
    o Depends on the security of channel’s key

    Copyright © 2015 Pearson Education, Inc.


    Hashing

    • Hash function is a mathematical


    function that converts any input
    value into compressed numerical
    value
    • The result of the calculation is called
    the hash

    Copyright © 2015 Pearson Education, Inc.


    Hashing (2)
    • The input to the hash function is of arbitrary length
    but output is always of fixed length;

    • Hash is a one-way function, knowing the


    hash, infeasible to determine the original
    message;

    • No two messages can have same hash


    value (unique)

    Copyright © 2015 Pearson Education, Inc.


    Hashing (3)
    •A small change in the input (in the word "over") drastically
    changes the output (digest).

    5
    Copyright © 2015 Pearson Education, Inc.
    Source of the diagram: https://en.wikipedia.org/wiki/Cryptographic_hash_function
    Hashing (4)
    Characteristic Encryption Hashing
    Result length About the Short fixed
    same length length
    as the regardless of
    • Hashing plaintext message length

    versus Reversible? Yes. No. There is


    Decryption no way to get
    Encryption from the short
    hash back to
    the long
    original
    message

    3-28

    Copyright © 2015 Pearson Education, Inc.


    Hashing (5)

    • Hashing Algorithms

    • MD5 (128-bit hashes)

    • SHA-1 (160-bit hashes)

    • SHA-224, SHA-256, SHA-384, and SHA-


    512 (name gives hash length in bits)

    • Note: MD5 and SHA-1 should not be used


    because they have been shown to be
    unsecure

    3-29

    Copyright © 2015 Pearson Education, Inc.


    Summery
    • Cryptography is the practice and study of
    techniques for secure communication in the
    presence of third parties called adversaries;
    • Symmetric vs asymmetric
    • Block cipher vs stream cipher
    • Substitution vs transposition
    • Confidentiality in symmetric encryption
    • Hashing

    3-30

    Copyright © 2015 Pearson Education, Inc.


    End

    31

    3-31
    Copyright © 2015 Pearson Education, Inc.

    You might also like