Overview of Cryptography Rajesh Palit, Ph.D. Assistant Professor Department of Electrical and Computer Engineering
Pinpoint of the discussion Cryptography Cryptology = Cryptography + Cryptanalysis Computer Network Security Computer Security (also Privacy) Cyber Crimes Digital Forensics Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Cryptosystems Steganography (hidden) Code (replace words) Secret Writing Substitution Cryptography (scrambled) Cipher (replace letters) Transposition Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Steganography is the art or practice of concealing a message, image, or file within another message, image, or file The advantage is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages—no matter how unbreakable—will arouse interest. Workshop on Cryptography, NSUCC
Definition of Cryptography The science of “secret” writing (communication) cipher is a function which transforms a plaintext message into a ciphertext (cryptogram) by the process of encipherment plaintext is recovered from the ciphertext by the process of deciphering Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Terminologies Plaintext The initial unencrypted (unscrambled) data to be communicated. Example: “dr partha pratim das” Ciphertext Plaintext is encrypted (scrambled) into something unintelligible – ciphertext for communication Example: “es qbsuib qsbujn ebt” Encryption The process of converting ordinary information (plaintext) into ciphertext. Decryption The reverse process of moving from unintelligible ciphertext to plaintext. Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Crypto Communicators Crypto literature frequently illustrates secret communication scenarios in terms of some fictitious characters: Alice and Bob The common communicating parties. Carol and Dave If there is a third or fourth party to the communication Mallory The malicious party Eve An eavesdropper Trent A trusted third party. Workshop on Cryptography, NSUCC
Goals of Crypto Systems Confidentiality: Ability to keep information communicated between (among) authorized parties private. In a stronger sense, an observer cannot determine the parties involved or whether a communication session occurred Message Authentication (Data Integrity): Ability to ascertain that information exchanged has not been subject to additions, deletions, modifications or undue delay User Authentication: Ability of the authorized parties in a communication session to ascertain the identity of other authorized parties Non-Repudiation: Ability to prevent an authorized party from denying the existence or contents of a communication session Access Control and Availability Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Cryptographic Tools Encryption/Decryption Message Authentication Codes (Hashing) Digital Signatures Workshop on Cryptography, NSUCC
Encryption/Decryption Encryption is the process of transforming a plaintext message M into ciphertext C using an a unique key K C = EK(M) Decryption is just the reverse operation; transforming ciphertext C into plaintext M under control of key K M = DK(C) It should be (computationally) infeasible for an observer of C to recover either M or K (in a reasonable time) – security requirement Security depends on the secrecy of the key, not the secrecy of the algorithm. Plaintext, Encryption algorithm, Secret Key, Ciphertext, Decryption algorithm Workshop on Cryptography, NSUCC
Classification of Secure Systems Unconditionally Secure Cannot be broken regardless of attackers computational abilities One time pad (used once and then discarded) Computationally Secure Secure against attacker with “reasonable” resources Takes one thousand year to break Computationally Insecure Easily breakable Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Perfect Secrecy To achieve perfect secrecy, we wish to make C and M statistically independent I(M;C) = 0, that is, the cryptanalyst can do no better than guess This implies H(M) ≤ H(K), for binary transmissions, # of key bits ≥ # of message bits Workshop on Cryptography, NSUCC
Message Authentication/Hashing This function allows the detection of any modification of the plaintext message It is usually a digest of the message created in such a way that as little as one bit change in the message will produce an unpredictable change in approximately 50% of the bits or characters of the digest Workshop on Cryptography, NSUCC
Hashing Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Digital Signatures Ability to prove to an independent third party at a later date the author and contents of a message Workshop on Cryptography, NSUCC
Properties of Encryption process Confusion Process of substituting characters or symbols to make relationship between ciphertext and key as complex as possible Attacker’s uncertainty as to the contents of a message or the key used for encryption/decryption Diffusion Process of spreading effect of plaintext or key as widely as possible over ciphertext Dispersion of the effect of individual key or message bits over the ciphertext Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Types of Ciphers Block Ciphers Stream Ciphers Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Transposition Cipher Transposition Ciphers rely on rearranging the order of letters according to some predetermined pattern Common method is Columnar Transposition - Write message in a matrix then rearrange columns Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Transposition Cipher “Key” is the order in which columns are read choose 3-1-5-4-2 Ciphertext is now – IUSTATSERSITCEESIEMGHQAES “Looks” complex, but….. Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Substitution Ciphers Message symbols are mapped into permuted set of symbols We observe that Transposition introduces Diffusion while Substitution introduces Confusion to the cipher Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Modern Ciphers Secret-Key (Symmetric) Cryptography Uses a single key for both encryption and decryption Public-Key (Asymmetric) Cryptography Uses one key for encryption and another for decryption Workshop on Cryptography, NSUCC
Secret-Key Cryptography Single key used for both encryption & decryption. Sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. Receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Also called symmetric encryption. The key must be known to sender & receiver both. Popular: Data Encryption Standard (DES) Advanced Encryption Standard (AES) Drawback Distribution of the key. Advantage Very fast in encryption / decryption Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC DES Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC Breaking DES In June 1997 a DES encrypted challenge message, sponsored by RSA Data Security Inc., was broken using a distributed brute force attack involving 10,000 computers - the key was recovered in 96 days. Several more DES Challenges have been broken, the most recent in Jan. 1999. This attack involved 100,000 computers and some special hardware and required only 22 hours to recover the key Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC
Public-Key Cryptography A crypto system for secure communication over a non-secure communications channel without having to share a secret key. Usually, a two-key system Public Key Private Key One key (public / private) is used to encrypt while the other (public / private) is used to decrypt. The most significant new development in cryptography in the last 300-400 years. Workshop on Cryptography, NSUCC
Public-Key Cryptography Applications: Encryption Digital Signature Key Distribution for Symmetric Algorithm Popular: RSA public-key cryptosystem Diffie-Hellman public-key cryptosystem In modern cryptosystem designs, both asymmetric (public key) and symmetric algorithms are used to take advantage of the virtues of both. Workshop on Cryptography, NSUCC
Key Generation: Public-Key Workshop on Cryptography, NSUCC
Encryption: Public-Key Workshop on Cryptography, NSUCC
Signature: Public-Key Workshop on Cryptography, NSUCC
Public-Key Cryptography Based upon one-way trapdoor functions Mathematical functions that are easy to compute whereas their inverse function is relatively difficult to compute. Multiplication vs. factorization Exponentiation vs. logarithms Has a trap door in the one-way function so that the inverse calculation becomes easy given knowledge of some item of information. Workshop on Cryptography, NSUCC
PKC: Multiplication vs Factorization It is easy to multiply two primes: 3 * 5 = 15 17 * 23 = 391 101 * 223 = 22523 It is difficult to factorize into two primes: 35 = 5 * 7 551 = 19 * 29 24503 = 107 * 229 Heart of RSA Workshop on Cryptography, NSUCC
PKC: Exponentiation vs Logarithm It is easy to raise a prime to another: 3 ^ 2 = 9 5 ^ 3 = 125 11 ^ 7 = 19487171 It is difficult to find base-exponent pair: 8 = 2 ^ 3 243 = 3 ^ 5 1977326743 = 7 ^ 11 Heart of Diffie-Hellman Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC
Workshop on Cryptography, NSUCC