This action might not be possible to undo. Are you sure you want to continue?

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

1

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

2

Introduction to Cryptosystems

Cryptosystem

**converts the original message into unintelligible The Cryptosystem can be broadly classified into:
**

Cryptography Cryptanalysis

Cryptography

is dedicted to encrypting/decrypting the messages Cryptanalysis is used to break the encrypted codes without the known key

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 3

Elements of Cryptography

Original

For

**message, called the plain-text
**

example orders to attack, Bank A/c No., Credit card details etc., that we want hide

An

**algorithm, commonly known as the cipher
**

the

**process that makes the original message un-readable
**

4

The

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

information that has been altered, which we call the cipher-

Elements of Cryptography

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

5

Encryption and Decryption

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

6

Parts of Cryptography

Private-key

A

encryption

**Private-key cryptosystem is used among a small group of people Also known as Symmetric-key encryption
**

Public-key

A

encryption

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

public-key cryptosystem is encryption at a much larger scale Also known as Asymmetric-key encryption

7

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

8

**Symmetric-Key Cryptography
**

The sender uses the shared key for encryption The receiver uses the same key for decryption Symmetric-key cryptography is often used for long messages

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

9

Cryptanalysis

The

focus of Cryptanalysis is the break those encrypted codes. This discipline is the study of decoding information without the use of a known key The various algorithms to decipher encrypted messages are

Exhaustive

**Key Search Frequency Analysis
**

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 10

Traditional Ciphers

In

the earliest and simplest ciphers, a character was the unit of data to be encrypted. Suitable for the general public These traditional ciphers

Substitution

Ciphers Transposition Ciphers Permutation/Matrix Ciphers

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

11

**Schemes of Private-key Encryption
**

Substitutional

Caesar

Ciphers

**Cipher Vigenere Cipher Affine Cipher Random Cipher
**

Transposition

**Ciphers Permutation/Matrix Ciphers
**

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 12

Substitution Cipher

Substitution

Alphabetic

**Cipher substitutes one symbol with another
**

characters are replaced with another character Numbers are replaced with another number

Substitution

**Ciphers can be categorized as:
**

Mono-alphabetic Poly-alphabetic

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

13

**Mono-alphabetic Substitution
**

In

monoalphabetic substitution, the relationship between a character in the plain-text to the character in the cipher-text is always one-to-one

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

14

**Mono-alphabetic Substitution
**

In

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

this substitution, a character in the plain-text is always changed to the same character in the cipher-text regardless of its position in the text Example: If character ‘A’ in the plaintext must be changed to character ‘D’, every character ‘A’ is changed to character ‘D’, regardless of its position in the text The first recorded cipher-text was used by Julius Caesar called “Caesar cipher”

15

Caesar Cipher

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

16

**Caesar Cipher an example
**

ABCDEFGHIJKLMNOPQRSTUVWXYZ

rotate 13 positions

**NOPQRSTUVWXYZABCDEFGHIJKLM ATTACK AT MIDNIGHT
**

13 Plain-text Key Cipher-text

NFFNPW NF YVQZVTUF

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

17

Encryption Practice

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

**Let character A=0, B=1,…,Z=25 as shown above Let the key be K= +9 Encrypt: CAPTURE TBEEBN Procedure:
**

Convert plain-text into numbers as shown in the table Add the key If the total is more than 25 deduct 26 (mod 26) Convert the numbers into characters as shown in the table This is cipher-text, which can be transmitted

18

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Encryption Practice (contd.)
**

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

Plain-text Covert to number Add key (+9) Deduct 26 if > 25 Re-convert to letters Cipher-text

C 2 11 11

A 0 9 9

P 15 24 24

T 19 28 2

U 20 29 3

R 17 26 0

E 4 13 13

T 19 28 2

B 1 10 10

E 4 13 13

E 4 13 13

B 2 10 10

N 13 22 22

L

J

Y

C

D

A

N

C

K

N

N

K

W

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

19

Decryption Practice

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

**Let character A=0, B=1,…,Z=25 as shown above Let the key be K= -9 Decrypt: LJYCDAN CKNNKW Procedure:
**

Convert cipher-text into numbers as shown in the table Deduct the key If the result is less than 0 add 26 (mod 26) Convert the numbers into characters as shown in the table This is plain-text, which can be understood

20

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Decryption Practice (contd.)
**

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5

cipher-text Covert to number Deduct key (-9) Add 26 if < 0 Re-convert to letters Cipher-text

L 11 2 2

J 9 0 0

Y 24 15 15

C 2 -7 19

D 3 -6 20

A 0 -9 17

N 13 4 4

C 2 -7 19

K 10 1 1

N 13 4 4

N 13 4 4

K 10 1 1

W 22 13 13

C

A

P

T

U

R

E

T

B

E

E

B

N

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

21

**Caesar Cipher, Good ?
**

No,

Not Secure. Key-space is very small, only 25 possible keys. Can easily be deciphered by an exhaustive key search. Try K=1…25, until get a text that makes sense.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 22

**Mono-alphabetic substitution problems
**

Mon-alphabetic

substitution is very simple and the code can be attacked easily This method cannot hide the natural frequencies of characters in the language being used Example: In English the most frequently used characters are E, T, O, A. An attacker can easily break the code by finding which character is used the most and replace that one with the letter E

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 23

**Poly-alphabetic substitution
**

In

this substitution, each occurrence of a character can have a different substitute. The relationship between a character in the plaintext to a character in the ciphertext is one-to-many.

For

e.g.: Character ‘A’ can be changed to ‘D’ in the beginning of the text, but it could be changed to ‘N’ at the middle

24

“Vigenere

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Cipher” is an example of Poly-alphabetic substitution.

Vigenere Cipher

The

Vigenere cipher has been widely used to develop cryptosystems dating back to the 16th century. Its basic construction is a combination of a Caesar shift combined with a keyword. To construct the Vigenere cipher, first a keyword must be chosen.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 25

Vigenere Cipher

In

the Vigenere cipher, the cipher-text is chosen from a two-dimensional table Not all rows are shown Each row is a permutation of 26 letters A key is to be chosen of length ‘m’ (m>0) Therefore Key-space= 26m If the key is longer code-breaking becomes difficult

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 26

**Vigenere Cipher – Encryption
**

Plain-text

A B C D E F G H I J J K L K L J J M N O P Q R S T U V W X Y Z M N O P Q R S T U V W X Y Z M N O P Q R S T U V W X Y M N O P Q R S T U V W X M N O P Q R S T U V W M N O P Q R S T U V M N O P Q R S T U M N O P Q R S T M N O P Q R S M N O P Q R K L K L J K L J K L J K L J K L J K L J A A B C D E F G H I B Z A B C D E F G H I K L

C Y Z A B C D E F G H I

D X Y Z A B C D E F G H I

Key

E W X Y Z A B C D E F G H I

F V W X Y Z A B C D E F G H I

G U V W X Y Z A B C D E F G H I I

H T U V W X Y Z A B C D E F G H I

S T U V W X Y Z A B C D E F G H I

Let key length be ‘m’ (m>0) Let today’s key = HIDE Plain-text : CAPTURE TBEEBN Key : HIDEHID EHIDEH Cipher-text Cipher-text : VSMPNJB PUWBXG Watch: for same letters ‘B’ & ‘E’ differenet substitutions. This is the power of vigenere cipher

27

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Vigenere Cipher – Decyption
**

Plain-text

A B C D E F G H I A A B C D E F G H I J J K L K L J J M N O P Q R S T U V W X Y Z M N O P Q R S T U V W X Y Z M N O P Q R S T U V W X Y M N O P Q R S T U V W X M N O P Q R S T U V W M N O P Q R S T U V M N O P Q R S T U M N O P Q R S T M N O P Q R S M N O P Q R K L K L J K L J K L J K L J K L J K L J B Z A B C D E F G H I K L

C Y Z A B C D E F G H I

D X Y Z A B C D E F G H I

Key

E W X Y Z A B C D E F G H I

F V W X Y Z A B C D E F G H I

G U V W X Y Z A B C D E F G H I I

H T U V W X Y Z A B C D E F G H I

S T U V W X Y Z A B C D E F G H I

Let’s Decrypt Today’s key Cipher-text Key Plain-text Watch

: = : : : :

VSMPNJB HIDE VSMPNJB HIDEHID CAPTURE Without

PUWBXG PUWBXG

EHIDEH

TBEEBN

Cipher-text

**key decyption is difficult
**

28

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Vigenere Cipher, Good ?
**

Better

than Shift Cipher Key-space is (26)m If m=5, then key-space size is (26)5 approx 1.1x107 So, exhaustive key search not feasible by hand That is why Vigenere Cipher was famous in 16th century.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 29

Affine Transformations

“Affine

transformation” is more secure than Shift cipher It is mono-alphabetic transformation An Affine transformation is a function of the form

C

= f (P) (aP + b) mod N, where

P

is the numerical value assigned to the plaintext character (0 .. 25) C is the result of each letter (cipher-text) a and b are integers N=26 is the number of characters in the plaintext alphabet

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 30

**Affine Cipher functions
**

To

**make affine transformation to be a one-to-one function
**

the

integer ‘a’ and the number N should be co-prime. i.e. the numbers ‘a’ & ‘N’ both should not have any common divisors other than ‘1’

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

31

**Affine Cipher encryptionExample
**

Consider

mod

**the function defined as C=f(P) = [3P + 8] mod 26
**

26 means

divide

by 26 ignore the quotient & take the reminder as the result

Encrypt:

Convert

FIRE AT NOON

**each letter to a number (0..25) The message FIRE AT NOON is converted into its numerical equivalent 5 8 17 4 0 19 13 14 14 13
**

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 32

**Affine Cipher encryptionExample
**

Applying Similarly,

**the function to the number 5
**

+ 8] mod 26= 23 mod 26 + 8] mod 26=6 mod 26

f(5)=[3(5) f(8)=[3(8)

the number 8 is encoded as in this method yields the

Continuing

code

23

6 7 20 8 13 21 24 24 21

Converting

XGHU

**each number back into letters the cipher-text is
**

IN VYYV

33

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Affine Cipher decryptionExample
**

To

**decode the message, we use the inverse of the function f, which is
**

P=f-1(C)

**= [a-1(C) – a-1(b)] mod N The mathematics of finding inverse is skipped here P= f -1(C)= (9(C) + 6) mod 26
**

With

**the above decoding function decrypt: XGHU IN VYYV
**

34

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Affine Cipher decryptionExample
**

Decrypt:

Convert

XGHU IN VYYV

each letter to a number (0..25) 23 6 7 20 8 13 21 24 24 21 f-1(23)=[9(23) + 6] mod 26=5 mod 26 Similarly all cipher-text is converted to 5 8 17 4 0 19 13 14 14 13 Converting each number into plain-text: FIRE AT NOON This is plain-text

Uhh

! Full of Mathematics

35

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Random Substitution Ciphers
**

A

**random substitution cipher randomly maps each letter A,B, .., Z to some other letter in the same set { A,B,..,Z}
**

This

method differs from the affine transformations that there is no mathematics in this. Ah ! Great relief ! (feel-good factor increased?)

As

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**there is no predictable pattern involved in this encryption, the encoded message is much harder to break
**

36

**Random Substitution Ciphers
**

In

**Random Substitution Cipher,
**

are 26 choices of letters to substitute

there

for a, then 25 remaining letters that can be substituted for b, then 24 remaining letters that can be substituted for c, etc.

This

**results in 26 x 25 x 24 x…..x 2 x 1 possible random keys ( 26! Keys) In fact, there are
**

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

403,291,461,126,605,635,584,000,000 37

**Random Substitution Ciphers
**

Key

**Distribution (Problem & head ache)
**

Traditionally

this has been done by means of a trusted courier. Key distribution is always a problem. The large number of possible keys makes life difficult for the cryptanalyst

Key

security (Problem & head ache)

cannot memorize, the plaintext-ciphertext relation (key) must be written Unauthorized may steal the key and BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 break all messages enciphered by it. 38

Sender/Receiver

**The Enigma Machine
**

Germans

developed the Enigma Cipher machine & used during World War-II The machine was based on a system of three rotors that substituted cipher-text letters for plain-text letters. Substitutions much like the Caesar Shift.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 39

The Enigma Machine - front panel

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

40

**The Enigma Machine
**

This cipher is the basic idea behind the Enigma machine, which used three rotors to encode. When a letter was typed, the first rotor substitues the letter according to its present setting

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

41

The Enigma Machine- a closer look

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

42

**The Enigma Machine (contd.)
**

Then

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

the second rotor substitutes the letter according to the present setting on it The third rotor also substitutes the letter according to the present setting on it Now, this new letter would be bounced off of a reflector, and back through the three rotors in reverse order. This cipher-text is transmitted

43

**The Enigma Machine- the trick
**

**The trick of Enigma is the spinning of the rotors which made it so powerful, until Polish broke it.
**

When one letter is typed, the first rotor would rotate one position The other two rotors would remain stationary Then the second rotor would rotate one position for every 26 letters The third rotor would rotate one position for every 26x26 letters

The original combination returns after 26X26X26 = 17576 letter inputs. German had Initial key setting every day

44

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Transposition Cipher

The

transpostition cipher is very simple The order of the characters are changed Instead of replacing the characters Since no substitution is done, this cipher is not affected by a frequency analysis. The key for this cipher is also not standard.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 45

**Transposition Cipher-Example
**

For

**example break the message “WORLD IS SMALLEST”into 5 letter blocks
**

WORLD

ISSMA LLEST (plain-text)

Transposition

means

key is such as:

(1,2,3,4,5)=(3,4,5,2,1)

that the 3rd element is put in place of the first, followed by the 4th, 5th, 2nd, and finally 1st element.

RLDOW

**SMASI ESTLL (cipher-text)
**

46

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Permutations/Matrix Ciphers
**

Permutations

**of this cipher run in blocked matrices. The message is spread out into a matrix.
**

The

**message is:"FOOD IS GOOD FOR YOU" In a matrix form this becomes:
**

F O O D I S G O

Let the key is ROW (1,2,3,4)=ROW (4,1,3,2)

R F I

Y

O U F O

O O D S G O

O D F O R Y O U

O D

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

47

**Permutations/Matrix Ciphers
**

Now

**transmit the message left to right in a row and top to bottom as
**

RYOU

FOOD ODFO ISGO

Or

**it can be transmitted top to bottom in a column and left to right as:
**

RFOI

YODS OOFG UDOO

Is

this sounds good for you? The main advantage the permutation method is the a cryptanalysts will become mad

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 48

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

49

**Asymmetric-Key Encryption
**

**Asymmetric-key encryption schemes are more difficult to implemen Also known as Public-key cryptography
**

Public-key algorithms are more efficient for short messages. Mathematically-sophisticated More secure than the Symmetric-key encryption schemes

**The popular Asymmetric-key encryption schemes are:
**

**Rivest, Shamir, Adelman (RSA) Pretty Good Privacy (PGP)
**

50

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Public-Key Cryptography
**

In

**Public-key cryptography there exists two keys:
**

Public

The

key

public key is announced to the public. Example: Alice sends a message to Bob Alice uses the “public key” to encrypt the message

Private

The

key

**private key is kept by the receiver Bob uses the “private key” to decrypt the message
**

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 51

Public-Key Cryptography

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

52

**Public-Key (Advantages)
**

Public

**key encryption has two advantages: The First advantage is:
**

removes the restriction of a shared symmetric key between two entities In a shared symmetric key the key is shared by two parties and cannot be used when one wants to communicate with a third party In public key each entity creates a pair of keys, private one is kept and the BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 53 public one is distributed

It

**Public-Key (Advantages)
**

The

second advantage is:

The

number of keys needed is reduced greatly In this system for 1 million users to communicate only 2 million keys are needed. Whereas in symmetric key encryption 500 billion would be needed

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

54

**Public-Key (Disadvantages)
**

The

two disadvantages are:

The

**complexity of the algorithm, to be effective algorithm needs large numbers
**

Takes

a lot of time for large amount of

text

The

In

association between an entity and its public key must be verified.

other words if Alice sends her public key to Bob in an email, Bob must be BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 55 sure it really is Alice’s key.

RSA algorithm

The

is:

most common public-key algorithm

RSA

(Rivest, Shamir, and Adleman) method. The private key is a pair of numbers (N, d) The public key is also a pair of numbers (N, e)

The

sender uses the following algorithm to encrypt: C = P e mod N P is the plain-text, C is the number that represents the cipher-text.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 56

RSA algorithm

The

receiver uses the following algorithm to decrypt: P = C d mod N d and N are components of the private key P is the plain-text, C is the number that represents the cipher-text

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 57

**RSA algorithm – an Example
**

Private key is the pair (119, 77) public key is the pair (119, 5). The sender sends the character ‘F’. Encryption calculates 65 mod 119 = 41 This number is sent to the receiver as the cipher text. The receiver calculates P = 4177 mod 119 = 6. The number 6 is then interpreted as ‘F’. For security reasons large numbers are used for ‘d’ and ‘e’. Uses number theory to choose ‘N’ , ‘d’, and ‘e’.

58

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

RSA algorithm

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

59

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

60

Message Security

Privacy: achieved using shared-key or

public-key

Authentication: verifying sender’s identity. Integrity: data must arrive exactly as it was

sent.

Non-repudiation: receiver must be able to

prove that a message came from a specific Message sender. Security

Privacy

Authentication

Integrity

Non-repudiation

61

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Privacy with Shared-key encryption

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

62

Privacy with Public-key encryption

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

63

**Use of Digital Signature
**

Digital

**signatures provides each of the following services.
**

Message

Authentication: means a receiver has to be sure of the sender’s identity. Integrity: means that data must arrive exactly as it was sent. Non-repudiation: means a receiver must be able to prove that a message came from a specific sender.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 64

**What is Digital Signature?
**

Similar

**to the signing of a document. Have two choices:
**

entire

**document can be signed or a digest of the document can be signed
**

Public-key

the

**encryption can be used to sign a document or the digest
**

private key is used for encryption

65

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

and

**Signing the whole document
**

Digital

signature does not provide privacy If there is a need for privacy, another layer of encryption & decryption must be applied with Bob’s Public & Bob’s private-key

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

66

What is Digest?

Public-key

encryption is inefficient if the message is long The solution is to let the sender sign a digest instead of the whole document To create a digest a “hash function” is used The hash function creates a fixed length digest from a variableBRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 67

Hash function & Message Digest

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

68

Hash Functions

Hash

is also called message digest One-way function: Cannot find the message given a digest Arbitrary-length message to fixedlength digest Most common hash functions are:

MD5

( Message Digest 5)

produces a 128-bit digest

MD5

SHA-1

**(Secure Hash Algorithm-1)
**

produces a 160-bit digest

69

SHA-1

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Hash Functions

Most

**common hash functions are:
**

( Message Digest 5)

produces a 128-bit digest

MD5

MD5

SHA-1

**(Secure Hash Algorithm-1)
**

produces a 160-bit digest

SHA-1

After

**the digest has been created, it is encrypted using the sender’s private key
**

70

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Signing the Digest at Sender’s site

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

71

Verifying the signed Digest at Receiver’s site

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

72

**Pretty Good Privacy – a History
**

PGP is a personal high-security cryptographic software application that allows people to exchange messages or files with privacy, authentication, and convenience. PGP can be used to encrypt and digitally sign files and e-mail. Developed by Phil Zimmerman in the mid ‘80s. First version released on the Internet in 1991; Encountered legal issues on its use of RSA and Merkle-Hellman cryptography patents. BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 73

**Pretty Good Privacy
**

PGP

stores each public key in a key certificate which contains: The public key itself. The ID of the key’s creator (usually name & email address). The date the key was created & expiration date. A list of digital signatures provided by people who attest to the key’s authenticity.

74

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

PGP – at sender’s site

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

75

PGP – at receiver’s site

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

76

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

77

Block Ciphers

Modern

ciphers use a block of bits as the unit of encryption/decryption. It can be implemented in hardware or software. Hardware implementation is faster.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 78

Block Ciphers

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

79

**Data Encryption Standard (DES)
**

One

example of a complex block cipher is the Data Encryption Standard (DES). DES was designed by IBM Adopted by the U.S. government as the standard encryption method for non-military use.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 80

DES Procedure

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

81

DES Algorithm

The

**alogrithim for it is complex however very straight-forward There are two basic steps:
**

Confusion

and Diffusion

After

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

each of the these steps are down, a permutation or shift is performed This process is known as a round To complete the algorithim, this process is repeated 16 times Hence DES is a 16 round algorithim

82

**Data Encryption Standard (DES)
**

The

algorithm encrypts a 64-bit plaintext using a 56-bit key. The text is put through 19 different complex procedures to create a 64-bit cipher text. DES has 2 transposition blocks, one swapping and 16 complex blocks called “Iteration blocks”. Each “Iteration block” uses a different key derived from the original key.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 83

DES Procedure

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

84

**DES Algorithm (contd.)
**

Permutation-Box

(P-box) performs a transposition at the bit level (Confusion) During each round, the 64-bit block is split Each half is expanded to 48 bits (Diffusion), then substituted with 48 bits of the key As with most ciphers, the heart of the algorithim is in the key

key for the DES is a 56-bit number in BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 85 a hexidecimal format.

The

P- Box

Input bits

Output bits

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

86

**DES - Confusion & Diffusion
**

block Iteration block divides this into two 32 bit blocks 2nd 32 bits block is swapped and put in the beginning of the block Also 2nd 32 bits block diffused to 48 bits by adding additional bits before X-OR ing with 48 bit key 1st 32 bits block is diffused the to 48 bits and X-OR ed with the result of previous step The result of the previous steps is BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 87 nd reduced to 32 bits and stored as 2 32

P-Box

creates confusion in each 64 bit

Iteration Block

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

88

**Data Encryption Standard (DES)
**

DES

takes the data and chops them into 8-byte segments. The encryption and the key are the same for each segment. Critics of DES contend the key is too short. Therefore, “Triple DES” was designed to lengthen the key and keep the new block compatible with the original.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 89

Triple DES

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

90

**DES/Triple DES
**

Triple

DES uses three DES blocks and two 56-bit keys DES / triple DES are long cipher substitutes that operate on 8character messages. The DES/Triple DES uses the same concept as the Caesar cipher

The

encryption/decryption algorithm is more complex due to the sixteen 48-bit keys derived from a 56-bit key.

91

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Electronic Code Block Mode (ECB)
**

In

ECB the message is divided into 64-bit blocks, and encrypt each block separately. Encryption is independent for each block.

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

92

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

93

Hash Functions

Hash

is also called message digest One-way function: Cannot find the message given a digest Arbitrary-length message to fixedlength digest Most common hash functions are:

MD5

( Message Digest 5)

produces a 128-bit digest

MD5

SHA-1

**(Secure Hash Algorithm-1)
**

produces a 160-bit digest

94

SHA-1

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

MD5 algorithm

Message

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

digest algorithm developed by Ron Rivest RFC 1321 describes MD5 algorithm MD5 algorithm takes a message of arbitrary length and produces a 128-bit digest The resulting digest is the unique “fingerprint” of the original

95

MD5 Box

512-bit message chunks (16 words)

Initial 128-bit vector

F: (x∧y)∨(~x ∧ z) G:(x ∧ z) ∨(y ∧~ z) H:x⊕y⊕ z I: y⊕(x ∧ ~z) +: binary sum x↵y: x left rotate y bits

**128-bit result
**

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 96

MD5 Blocks

512: B1 MD5

Initial Vector (128 bits)

512: B2 MD5 512: B3 MD5 512: BL MD5

Result (128 bits)

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

97

MD5 algorithm

Pad

512

message so its length is 448 mod

Append

**a 64-bit length value to message Initialize 4-word (128-bit) MD buffer (A,B,C,D)
**

Process

blocks:

Use

message in 16-word (512-bit)

4 rounds of 16 bit operations on message block & buffer Add output to buffer input to form new buffer value Output hash value is the final buffer BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 98 value

MD5 algorithm

Append PAD (1- 512 bits) upto 448 mod 512 Append message Length(64 bits)

Message L X 512 bits 512 bits Block0 512 128 MD buffer0 HMD5 512 bits Block1 512 HMD5 MD buffer1 ... 512 bits Blockn 512 HMD5 MD buffern ...

100…0

...

...

512 bits BlockL-1 512 HMD5

MD bufferL-1

128-bit digest

Note: HMD5 = 4-round compression function

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

99

Padding

Message

means

**is padded so that its length in bits is equal to 448 modulo 512
**

Length of padded message is 64 bits less than an integer multiple of 512 bits

Padding

is always added even if the message is the desired length(min 1 to max 512 bits) Padding consists of a single 1 bit followed by 0 bits (1000~000*)

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 100

Append Length

A

64 bit length field containing the length in bits of the original message (before padding) is appended to the result of previous step If the original length is greater than 264, only the low-order 64 bits of the length are used

The

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

outcome of the adding PAD & length makes the message a multiple of 512 bits

101

Initialize MD buffer

A

128-bit buffer is used to hold intermediate and final results of the hash function Buffer can be represented as Four 32bit registers (A,B,C,D) As 32 bit strings the init values (in hex):

word

**A: 01 23 45 67 word B: 89 AB CD EF word C: FE DC BA 98 word D: 76 54 32 10
**

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 102

Message Processing

Message

is processed in 512-bit

blocks Each block goes through a 4 round compression function After all 512-bit blocks have been processed, the output from the compression function is the 128bit digest

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 103

**MD5 Processing of 512-bit Block
**

Block q 512 Buffer q A 128 B C D Round 1 Round 2 Round 3 Round 4

+ Buffer q +1

+

+ 128

+

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

104

Round 1 & 2 (F & G)

g = primitive function X[k] = kth 32-bit word in one of the 512 bit blocks T[i] = 232 x abs(sin(i)) Round 1 (F)

**g(b,c,d) = (b AND c) OR (NOT b AND d) k = 0...15 i = 1...16 g(b,c,d) = (b AND d) OR (c AND NOT d) k = (1 + 5j)mod 16 where j = 1…16 i = 17..32
**

105

Round 2 (G)

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Round 3 & 4 (H& I)

**Round 3 (H) = b XOR c XOR d k = (5 + 3j)mod 16 where j = 1…16 i = 33…48 Round 4 (I)
**

g(b,c,d)

g(b,c,d) = c XOR (b OR NOT d) k = 7j mod 16 where j = 1…16 i = 49…64

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

106

**MD5 Compression Function
**

**Each round (F,G,H & I) has 16 steps of the form:
**

a <- b+((a+g(b,c,d)+X[k]+T[i])<<<s) a,b,c,d refer to the 4 words of the buffer, but used in varying permutations note each step updates only 1 word of the buffer ‘s’ is left shift (for more details see RFC 1321)

**after 16 steps each word is updated 4 times
**

g(b,c,d) is a non-linear function in each round (F,G,H,I) X[k] is one of the 16 words (32 bits) of the 512 bits block T[i] is a constant value derived from sine(i) T[i] = 264 x abs(sin (i)) 2006 BRBRAITT/Basics of Cryptography & Hash Functions/ Sept(take the Integer 107

**MD5 Compression Function (one step)
**

A + X[k] T[i] + + CLSs + A B C D

108

B

C g

D

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Security of MD5

**MD5 hash is dependent on all message bits However known attacks include
**

Berson in 1992 attacked any 1 round using differential cryptanalysis (but can’t extend) Boer & Bosselaers in 1993 found a pseudo collision (again unable to extend) Dobbertin in 1996 created collisions on MD compression function (but initial constants prevent exploit) Wang et al announced cracking MD5 on Aug 17, 2004 (paper available on Useful Links)

**Thus MD5 looks vulnerable soon
**

109

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Secure Hash Algorithm (SHA)
**

Developed

by NIST(National Institute of Standards & Technology), specified in the Secure Hash Standard (SHS, FIPS Pub 180), 1993 SHA is specified as the hash algorithm in the Digital Signature Standard (DSS) & NIST

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 110

**Secure Hash Algorithm (SHA-1)
**

SHA-0

was revised 1995 as SHA-1 Internet standard is RFC 3174 Produce hash values of 160 bits Now the generally preferred hash algorithm Based on design of MD4 with key differences

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 111

**SHA-General Logic
**

Input

not

**message must be < 264 bits
**

really a problem

Message

is processed in 512-bit blocks sequentially Message digest is 160 bits SHA design is similar to MD5, but a lot stronger

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 112

SHA-1 Algorithm

Block q 512 Buffer q A B C 160 D E Round 1 Round 2 Round 3 Round 4

+

+

+

+ 160

+

Buffer q +1

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

113

**SHA-1 Compression Function
**

Each

**round has 20 steps which replaces the 5 buffer words thus:
**

(A,B,C,D,E) <(E+f(t,B,C,D)+(A<<5)+Wt+Kt),A,(B<<30),C,D)

a,b,c,d

refer to the 4 words of the

**buffer t is the step number f(t,B,C,D) is nonlinear function for round Wt is derived from the message block
**

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Kt is a constant value derived from

114

**SHA-1 Compression Function
**

A B C ft S5 D E + + + S30 + Wt Kt

A

B

C

D

A

115

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Basic Steps

Step1: Padding Step2: Appending length as 64 bit unsigned Step3: Initialize MD buffer five 32-bit words

A|B|C|D|E A = 67452301 B = efcdab89 C = 98badcfe D = 10325476 BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 E = c3d2e1f0

116

Basic Steps...

Step 4: the 80-step processing of 512-bit blocks (4 rounds x 20 steps each) Each step t (0 <= t <= 79):

Input:

Wt

**– a 32-bit word from the message Kt – a constant. ABCDE: current MD (160 bits)
**

Output:

ABCDE:

**new MD (160 bits)
**

117

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Constant (Kt ) for each round
**

Distinctive

**additive constants Kt = 5A827999 Kt = 6ED9EBA1 Kt = 8F1BBCDC Kt = CA62C1D6
**

118

Round 1: 0 <=t<= 19 Round 2: 20<=t<=39 Round 3: 40<=t<=59 Round 4: 60<=t<=79

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**Basic Logic Functions
**

Only

**3 different functions Function (B∧C)∨(~B ∧D) B⊕C⊕D (B∧C)∨(B∧D)∨(C∧D) B⊕C⊕D
**

119

Round ft(B,C,D) 0 <=t<= 19 20<=t<=39 40<=t<=59 60<=t<=79

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Mixing of Wt’s

Additional

For

**mixing used with input message 512-bit block
**

15 < t <80: Wt = Wt-16 ⊕Wt-14 ⊕Wt-8 ⊕Wt-3

XOR

**is a very efficient operation (with multilevel shifting it produces very extensive and random mixing)
**

120

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

**MD5 (Actual Sample)
**

The MD4, MD5 and SHA-1 algorithms are secure hash functions. They take a string input, and produce a fixed size number - 128 bits for MD4 and MD5; 160 bits for SHA-1. This number is a hash of the input - a small change in the input results in a substantial change in the output. The functions are thought to be secure, in the sense that it would require an enormous amount of computing power to find a string which hashes to a chosen value. In others words, there's no way to decrypt a secure hash. The uses of secure hashes include digital signatures and challenge hash authentication

Input

MD5 Box

Output

c530bc8598173467fafa354dce9048bb

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

121

**SHA-1 (Actual sample)
**

The MD4, MD5 and SHA-1 algorithms are secure hash functions. They take a string input, and produce a fixed size number - 128 bits for MD4 and MD5; 160 bits for SHA1. This number is a hash of the input - a small change in the input results in a substantial change in the output. The functions are thought to be secure, in the sense that it would require an enormous amount of computing power to find a string which hashes to a chosen value. In others words, there's no way to decrypt a secure hash. The uses of secure hashes include digital signatures and challenge hash authentication

Input

SHA-1 Box

b4078946a42c9cabf175ebc2d41d9171a804c91b Output

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 122

SHA-1 vs MD5

Not

vulnerable to any known attacks (compared to MD4 and MD5) A little slower than MD5 (80 vs 64 steps) Optimised for big-endian CPU’s (vs MD5 which is optimised for little-endian CPU’s)

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 123

**Revised Secure Hash Standard
**

NIST

issued a revision FIPS 180-2 in 2002 Add 3 additional hash algorithms (SHA-256, SHA-384, SHA-512) Structure and details are similar to SHA-1 Hence analysis should be similar

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 124

RIPEMD-160

Developed

Réseaux

by RIPE

IP Européens (RIPE)

Originally

INPUT:

**a 128-bit RIPEMD Now 160-bit RIPEMD
**

length Overall processing: Similar to MD5 with a block length of 512 bits and a hash length of 160 bits Output: 160-bit message digest

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 125

a message of arbitrary

**RIPEMD-160 (Processing)
**

Initialize

160-bit

MD buffer

buffer 5 32-bit registers (A, B, C, D, E) Initial Vector: {A=67452301,B=EFCDAB89,C=98B ADCFE,D=10325476,E=C3D2E1F0} Stored in little-endian format as MD5 SHA-1 stores and processes the data in big-endian format

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 126

**RIPEMD-160 (Processing)
**

Process

message in 512bit blocks

that consists of 10 rounds of processing of 16 steps each 10 rounds are arranged as 2 parallel lines of 5 rounds 4 rounds have a similar structure, but each uses a different primitive logical function(f1,f2,f3,f4,f5) INPUT: 512-bit block Yq, 160-bit CVq ABCDE(L), A’B’C’D’E’(R) Each round uses an additive 9 constants OUTPUT: CVq+1 (addition2006 mod 232) 127 BRBRAITT/Basics of Cryptography & Hash Functions/ Sept is

Module

RIPEMD-160 (2x5=10 Rounds)

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

128

**RIPEMD-160 (Compression)
**

Each

round consists of a sequence of 16

**steps The processing algorithm of one round
**

A:=CVq(0);B:=CVq(1);C:=CVq(2);D:=CVq(3);E:= CVq(4) A’:=CVq(0);B’:=CVq(1);C’:=CVq(2);D’:=CVq(3);E’:= CVq(4) for j=0 to 79 do T:=rols(j)(A+f(j,B,C,D)+Xr(j)+K(j))+E; A:=E;E:=D;D:= rol10(C);C:=B;B:=T; T:=rols’(j)(A’+f(79-j,B’,C’,D’)+Xr’(j)+K’(j))+E’; A’:=E’;E’:=D’;D’:= rol10(C’);C’:=B’;B’:=T’; enddo CVq+1(0)=CVq(1)+C+D’; CVq+1(1)=CVq(2)+D+E’; CVq+1(2)=CVq(3)+E+A’; CVq+1(3)=CVq(4)+A+B’; CVq+1(4)=CVq(0)+B+C’; BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

129

RIPEMD-160 Single step

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

130

Performance Comparison

Name Bit Length 128 128 128 160 160 Rounds x Steps per Round 3 x 16 4 x 16 4 x 16 twice (in parallel) 4 x 20 5 x 16 twice (in parallel) Maximu Relative m Speed Messag e size Infinity 1.00 Infinity Infinity 264-1 Infinity 0.68 0.39 0.28 0.24

MD4 MD5 RIPEMD128 SHA-1 RIPEMD160

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

131

**Message Authentication Code MAC
**

Message

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

is hashed and sent along with the message for authentication Since it was also vulnerable to attack “keyed hash functions as MAC” are developed “Keyed hash functions as MAC” is designed to provide high level security for Authentication services

132

**HMAC – Keyed Hash Functions as MAC
**

Desirable

**to create a MAC using a hash function rather than a block cipher
**

hash

functions are generally faster

Hash

**includes a key along with the message Original proposal:
**

KeyedHash

**= Hash(Key|Message)
**

133

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

HMAC

Specified

**2104 Use hash function on the message:
**

as Internet standard RFC

HMACK = Hash[(K+ XOR opad) ||Hash[(K+ XOR pad)|| M)]]

K+

is the key padded out to size opad, ipad are specified padding constants Any of MD5, SHA-1, RIPEMD-160 can be used

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006 134

HMAC Structure

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

135

HMAC Algorithm

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

Append zeros to the left end of K to create a b-bit string K+ XOR K+ with ipad to produce the b-bit block Si Append M to Si Apply H to the stream generated in step 3 XOR K+ with opad to produce the b-bit block So Append the hash result from step 4 to So Apply H to the stream generated in step

136

BRBRAITT/Basics of Cryptography & Hash Functions/ Sept 2006

137

- w1-09-X
- w1-07-DLC
- w1-06-CCT_PKT_MSG
- w1 05 Error Control
- w1 04 Modem Data Multiplexers
- w1 03 Physical Layer
- w1-02-OSI
- Cover Page
- XML
- Xhtml
- Wi-Fi Overview 24092007 Dcs
- WiFi Networking Final Dcs
- wi-fi-&-wimax.ttc.4.1
- WhySmartCOPAnti-Virus1
- TCP_IP_RLY
- MPLS Overview
- Ldp
- Lan SwitchIII
- Ip Routing Principles
- IP Routing and Routing Protocols Ver 2
- Internet Routing
- DotNET Tutorial for Beginners
- Dcs Wi MAX Protocol
- dcs_wi_MAX
- Dcs Overview on Wi MAX

Sign up to vote on this title

UsefulNot useful- A Cryptographic Compendium
- HELIX, HACKING
- Cryptography and Data Security
- Secure Hash Function
- CISSP_PDFstd
- Penetration Testing and Network Defense
- Strategic Cyber Security K Geers
- Hacking - 201204
- Information Security Manual 2012 Controls
- Hakin9 - June 2011 (True PDF)
- Extreme Tech Hacking Video Game Consoles
- CRC.introduction.to.Modern.cryptography.2nd.edition.1466570261
- Beginner Guide to SEO
- Cisco.press.penetration.testing.and.Network.defense.oct.2005
- Specification for Interoperable Electronic Ticketing System
- Hacking Roomba
- Hakin9 en TBO 01 2014 Teaser
- Active Directory Domain Services 2008 How-To
- 9781780172651 - information risk management.pdf
- Advances in Coding Theory and Cryptography
- CryptographyNetSecurity-2008
- Cryptography - Cryptography and Data Security
- The Laws of Cryptography With Java Code
- Network Security
- Security in Computing, 5_e - Charles P. Pfleeger.pdf
- Cryptography Hash Functions GP

Are you sure?

This action might not be possible to undo. Are you sure you want to continue?

We've moved you to where you read on your other device.

Get the full title to continue

Get the full title to continue reading from where you left off, or restart the preview.