NET 311 Information Security Networks and Communication Department Lec2 : Cryptography
lecture contents: Basic Terminology Cryptography Categories General Cryptanalysis Approaches Symmetric-key Cryptography Traditional Ciphers Substitution ciphers Transposition ciphers Steganography 19-Sep-18 Networks and Communication Department
Introduction Definition Cryptography, a word with Greek origins, means “secret writing”. It refers to the science of transferring messages to make them secure and immune to attacks.
Basic Terminology Plaintext : original message before being transformed. Ciphertext: The message after transformation (coded). Cipher : algorithm for transforming plaintext to ciphertext Key: information used in cipher known only to sender/receiver Encrypt: converting plaintext to ciphertext Decrypt: recovering ciphertext from plaintext Cryptography: study of encryption principles/methods Cryptanalysis (codebreaking) - study of principles/ methods of decrypting ciphertext without knowing key
19-Sep-18 Networks and Communication Department
Cryptography Categories The book is devided into two main parts (sym and asym)
Cryptography Categories In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared.
Cryptography Categories In asymmetric-key cryptography, one key is used by the sender (for encryption) and other key is used by receiver (for decryption). The key are different.
Cryptography Categories Comparison In the symmetric-key cryptography, both sender and receiver use the same key for lock and unlock the message respectively. In the asymmetric-key cryptography, the sender uses a key to lock the message and the receiver uses another key to unlock the message.
Symmetric Encryption Requirements: Two requirements for secure use of symmetric encryption: a strong encryption algorithm a secret key known only to sender / receiver Mathematically have: Y = E(K, X) X = D(K, Y) *X=plaintext, Y=ciphertext, K=key, E=encryption algorithm, D=decryption algorithm Assume encryption algorithm is known Implies a secure channel to distribute key 19-Sep-18 Networks and Communication Department
Symmetric Cryptosystem Model 19-Sep-18 Networks and Communication Department
Cryptanalysis General Approaches Objective to recover key not just message Cryptanalytic attack: relies on: Nature of the algorithm + some knowledge of the general characteristics of the plaintext (or some plaintext- ciphertext pairs). Ex: language, often used headers Brute-force attack: try every possible key on a piece of ciphertext until plaintext is obtained. if either succeed all key use compromised Typically objective is to recover the key in use rather then simply to recover the plaintext of a single ciphertext. There are two general approaches: Cryptanalysis: relies on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or even some sample plaintext- ciphertext pairs. This type of attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used. Brute-force attacks try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. On average,half of all possible keys must be tried to achieve success. If either type of attack succeeds in deducing the key, the effect is catastrophic: All future and past messages encrypted with that key are compromised. 19-Sep-18 Networks and Communication Department
Number of Alternative Keys Time required at 1 decryption/µs Brute Force Search always possible to simply try every key most basic attack, proportional to key size assume either know / recognise plaintext Key Size (bits) Number of Alternative Keys Time required at 1 decryption/µs Time required at 106 decryptions/µs 32 232 = 4.3 109 231 µs = 35.8 minutes 2.15 milliseconds 56 256 = 7.2 1016 255 µs = 1142 years 10.01 hours 128 2128 = 3.4 1038 2127 µs = 5.4 1024 years 5.4 1018 years 168 2168 = 3.7 1050 2167 µs = 5.9 1036 years 5.9 1030 years 26 characters (permutation) 26! = 4 1026 2 1026 µs = 6.4 1012 years 6.4 106 years A brute-force attack involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. On average, half of all possible keys must be tried to achieve success. Stallings Table 2.2 shows how much time is required to conduct a brute-force attack, for various common key sizes (DES is 56, AES is 128, Triple-DES is 168, plus general mono-alphabetic cipher), where either a single system or a million parallel systems, are used.
Symmetric-Key Cryptography Traditional Cipher(Character-oriented) : Substitution ciphers Ceaser cipher Monoalphabetic Polyalphabetic Transposition ciphers Simple Modern Cipher(bit-oriented): XOR Cipher Rotation Cipher Substitution cipher: S-box Transposition cipher: P-box Modern Round Ciphers(bit-oriented) : Data Encryption Standard (DES) Advanced Encryption Standard (AES)
Traditional Cipher Shift (Ceasar) cipher
Substitution ciphers Shift Cipher (Caesar cipher) Earliest known substitution cipher by Julius Caesar In this cipher, the encryption algorithm is “shift key characters down”, key is N number The decryption algorithm is “shift key characters up”, key is N number Example: Use the shift cipher with key=15 to encrypt the message “HELLO” Is this Cipher Polyalphabetic? Plaintext: “HELLO” Key=15 Cipher= “shift 15 characters down” Thus, the Ciphertext would be “WTAAD”
Cryptanalysis of Caesar Cipher only have 26 possible ciphers A maps to A,B,..Z could simply try each in turn a brute force search given ciphertext, just try all shifts of letters do need to recognize when have plaintext With a caesar cipher, there are only 26 possible keys, of which only 25 are of any use, since mapping A to A etc doesn't really obscure the message! Note this basic rule of cryptanalysis "check to ensure the cipher operator hasn't goofed and sent a plaintext message by mistake"! Can try each of the keys (shifts) in turn, until can recognise the original message. See Stallings Fig 2.3 for example of search. Note: as mentioned before, do need to be able to recognise when have an original message (ie is it English or whatever). Usually easy for humans, hard for computers. Though if using say compressed data could be much harder. Example "GCUA VQ DTGCM" when broken gives "easy to break", with a shift of 2 (key C).
Substitution ciphers Substitution ciphers replaces one symbol with another, it can be either: Monoalphabetic Where a character (or symbol) in the plaintext is always changed to the same character (or symbol) in the ciphertext regardless of its position in the text. 1:1 hence key is 26 letters long Polyalphabetic Where each occurrence of a character can have a different substitute. 1:N
Substitution ciphers Examples#1 : Examples#2 : Plaintext: HELLO Ciphertext: KHOOR Is the cipher monoalphabetic? Examples#2 : Ciphertext: ABNZF A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Monoalphabetic Cipher Security now have a total of 26! = 4 x 1026 keys with so many keys, might think is secure but would be !!!WRONG!!! problem is language characteristics Note that even given the very large number of keys, being 10 orders of magnitude greater than the key space for DES, the monoalphabetic substitution cipher is not secure, because it does not sufficiently obscure the underlying language characteristics.
Language Redundancy and Cryptanalysis human languages are redundant In English E is by far the most common letter followed by T,R,N,I,O,A,S other letters like Z,J,K,Q,X are fairly rare have tables of single, double & triple letter frequencies for various languages As the example shows, we don't actually need all the letters in order to understand written English text. Here vowels were removed, but they're not the only redundancy. cf written Hebrew has no vowels for same reason. Are usually familiar with "party conversations", can hear one person speaking out of hubbub of many, again because of redundancy in aural language also. This redundancy is also the reason we can compress text files, the computer can derive a more compact encoding without losing any information. Basic idea is to count the relative frequencies of letters, and note the resulting pattern.
English Letter Frequencies Note that all human languages have varying letter frequencies, though the number of letters and their frequencies varies. Stallings Figure 2.5 shows English letter frequencies. Seberry & Pieprzyk, "Cryptography - An Introduction to Computer Security", Prentice-Hall 1989, Appendix A has letter frequency graphs for 20 languages (most European & Japanese & Malay). Also useful are tables of common two-letter combinations, known as digrams, and three-letter combinations, known as trigrams.
One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time pad is unbreakable since ciphertext bears no statistical relationship to the plaintext since for any plaintext & any ciphertext there exists a key mapping one to other can only use the key once though problems in generation & safe distribution of key The One-Time Pad is an evolution of the Vernham cipher. An Army Signal Corp officer, Joseph Mauborgne, proposed an improvement using a random key that was truly as long as the message, with no repetitions, which thus totally obscures the original message. It produces random output that bears no statistical relationship to the plaintext. Because the ciphertext contains no information whatsoever about the plaintext, there is simply no way to break the code, since any plaintext can be mapped to any ciphertext given some key. The one-time pad offers complete security but, in practice, has two fundamental difficulties: There is the practical problem of making large quantities of random keys. And the problem of key distribution and protection, where for every message to be sent, a key of equal length is needed by both sender and receiver. Because of these difficulties, the one-time pad is of limited utility, and is useful primarily for low-bandwidth channels requiring very high security. The one-time pad is the only cryptosystem that exhibits what is referred to as perfect secrecy.
Transposition cipher Transposition cipher, it reorders (permutes) symbols in a block of symbols. Key is a mapping between the position of the symbols in the plaintext and cipher text.
Transposition cipher Solution Example : Encrypt the message “HELLO MY DEAR,” using the key shown in the previous figure. Solution First remove the spaces in the message. Then divide the text into blocks of four characters. Add a bogus character Z at the end of the third block. The result is HELL OMYD EARZ. Ciphertext will be ELHLMDOYAZER.
Transposition cipher Using same Example decrypt the message “ELHLMDOYAZER”. Solution The result is HELL OMYD EARZ. After removing the bogus character and combining the characters, we get the original message “HELLO MY DEAR.”
Steganography an alternative to encryption hides existence of message using only a subset of letters/words in a longer message marked in some way using invisible ink hiding in LSB in graphic image or sound file has drawbacks high overhead to hide relatively few info bits advantage is can obscure encryption use Steganography is an alternative to encryption which hides the very existence of a message by some means. There are a large range of techniques for doing this. Steganography has a number of drawbacks when compared to encryption. It requires a lot of overhead to hide a relatively few bits of information. Also, once the system is discovered, it becomes virtually worthless, although a message can be first encrypted and then hidden using steganography. The advantage of steganography is that it can be employed by parties who have something to lose should the fact of their secret communication (not necessarily the content) be discovered.
Example: letter to John Trevanion Worthie Sir John:- Hope, that is ye beste comfort of ye afflicted, cannot much, I fear me, help you now. That I would saye to you, is this only: if ever I may be able to requite that I do owe you, stand not upon asking me. 'Tis not much that I can do: but what I can do, bee ye verie sure I wille. I knowe that, if dethe comes, if ordinary men fear it, it frights not you, accounting it for a high honor, to have such a rewarde of your loyalty. Pray yet that you may be spared this soe bitter, cup. I fear not that you will grudge any sufferings; only if bie submission you can turn them away, 'tis the part of a wise man. Tell me, an if you can, to do for you anythinge that you wolde have done. The general goes back on Wednesday. Restinge your servant to command. - R.T. Ref: DR Alexei Vernitski , Computer Security , University of Essex
Example: letter to John Trevanion Worthie Sir John:- Hope, that is ye beste comfort of ye afflicted, cannot much, I fear me, help you now. That I would saye to you, is this only: if ever I may be able to requite that I do owe you, stand not upon asking me. 'Tis not much that I can do: but what I can do, bee ye verie sure I wille. I knowe that, if dethe comes, if ordinary men fear it, it frights not you, accounting it for a high honor, to have such a rewarde of your loyalty. Pray yet that you may be spared this soe bitter, cup. I fear not that you will grudge any sufferings; only if bie submission you can turn them away, 'tis the part of a wise man. Tell me, an if you can, to do for you anythinge that you wolde have done. The general goes back on Wednesday. Restinge your servant to command. - R.T.
Summary Basic Terminology Cryptography Categories Symmetric-key Cryptography Asymmetric-Key Cryptography General Cryptanalysis Approaches: Cryptanalytic attack Brute-force attack 1- Traditional Cipher : Substitution ciphers Ceaser cipher and cryptanalysis Monoalphabetic and cryptanalysis Polyalphabetic Transposition ciphers Steganography 19-Sep-18 Networks and Communication Department
References Cryptography and Network Security: Principles and practice’, William Stallings Fifth edition, 2011. 19-Sep-18 Networks and Communication Department