Lesson 2 - Encryption ITD2323 Lecture by: IZWAN SUHADAK ISHAK Assistant Lecturer Universiti Industri Selangor

Things to learn about  Concepts of encryption  Cryptanalysis  Symmetric encryption  Assymmetric encryption  Protocols and certificates  Digital signatures  Types of encryption algorithms

Cryptography  Secret writing – strongest tool to control against many kinds of security threats  Users of cryptography usually do not create their encryption techniques – just use what’s available

Terminology  Imagine S (sender) sending a message to R (recipient) through T (transmission medium)  However there’s an intruder or interceptor (O) who tries to access the message in any of these: –Block it – affects the availability –Intercept it – affecting the confidentiality –Modify it – affecting the integrity –Fabricate it – affecting the integrity as well

…continued  Encryption – the process of encoding a message (scrambling)  Decryption – the process to reverse, transforming encrypted message back to original form  Encode, decode, encipher, decipher are terms used in lieu of encrypt or decrypt  Encode could mean translating entire word or phrases into something new  Encipher could mean translating letters or symbols individually

…continued  Cryptosystem – a system for encryption and decryption  Plaintext, cleartext – original form  Ciphertext – encrypted (scrambled) form EncryptionDecryption PlaintextCiphertext Original Plaintext

Encryption Algorithms  Set of rules for how to encrypt plaintext and how to decrypt ciphertext  Often use a device called ‘key’ (K)  When C=E(K,P), it means E acts as an encryption algorithm, and K is the key. C is ciphertext; P is plaintext

…continued  When P=D(K, E(K,P)), it shows that both encryption and decryption keys are the same –This form is called ‘symmetric’ encryption  When P=D(K D, E(K E,P)), it shows that encryption and decryption keys are NOT the same –This form is called ‘asymmetric’ encryption

…continued EncryptionDecryption PlaintextCiphertext Original Plaintext KEY EncryptionDecryption PlaintextCiphertext Original Plaintext KEKEKEKE KDKDKDKD Encryption Key Decryption Key SYMMETRIC ENCRYPTION ASYMMETRIC ENCRYPTION

…continued  A key gives flexibility in using an encryption scheme  Can create different encryptions by just changing the key  Provides additional security  Any encryption scheme that does not require a key = keyless cipher

Some interesting terms…  Cryptography – hidden writing, practice of using encryption to conceal text  Cryptanalyst – studies encryption and encrypted messages, hoping to find hidden messages  Cryptographer (& cryptanalyst) attempt to translate coded material to plaintext

…continued  Cryptographer works on behalf of a legitimate sender/receiver  Cryptanalyst works on behalf of an unauthorized interceptor  Cryptology – research into and study of encryption and decryption

Two simples types  Substitution –One letter is exchanged for another –Some call it monoalphabetic cipher or simple substitution  Transposition –Order of the letters rearranged

Caesar Cipher ABCDEFGHIJKLMNOPQRSTUVWXYZ defghijklmnopqrstuvwxyzabc Plaintext Ciphertext In this example: Shift of 3 c i = E(p i ) = p i + 3 What would the ciphertext for UNISEL? Answer: xqlvho TREATY IMPOSSIBLE? Answer: wuhdwb lpsrvvleoh

Permutation  Almost like Caesar Cipher  Uses a word as the key  E.g. if ‘word’ is the key:  If ‘professional’ as the key:  If the word has several similar alphabets, only ONE of it should be used ABCDEFGHIJKLMNOPQRSTUVWXYZ wordabcefghijklmnpqstuvxyz Plaintext Ciphertext ABCDEFGHIJKLMNOPQRSTUVWXYZ profesinalbcdghjkmqtuvwxyz Tmepty adjhqqarce

…continued  Encrypt “TREATY IMPOSSIBLE” using both permutation algorithms –Answer: –Answer: spawsy fjmlqqfola – –Answer: tmepty adjhqqarce

…continued  Both types of permutation algorithms may invoke easy access by cryptanalyst, therefore it is more desirable to have less regular rearrangement of letters  A possibility is to count by three (or 5, or 7, or 9) and rearrange in that order

…continued ABCDEFGHIJKLMNOPQRSTUVWXYZ adgjmpsvybehknqtwzcfilorux  In this case, a+3=d, d+3=g, g+3=j  Encrypt “TREATY IMPOSSIBLE” –Answer: fzmafu yktqccydhm

Vernam Cipher  Involves an arbitrarily long nonrepeating sequence of numbers combined with the plaintext  Equate each alphabet with corresponding number, add to its random 2-digit, find the mod of its sum with 26 to get the ciphertext

…continued ABCDEFGHIJKLMNOPQRSTUVWXYZ VERNAMCIPHER tahrspItxmab

Vigenère Cipher  Uses a table called “Vigenère Tableau”  Table is a series of alphabets from A to Z  Encryption is done from top to bottom, following the key which follows the ‘Permutation’ style key abcdefghijklmnopqrstuvwxyz A abcdefghijklmnopqrstuvwxyz B bcdefghijklmnopqrstuvwxyza C cdefghijklmnopqrstuvwxyzab X xyzabcdefghijklmnopqrstuvw Y yzabcdefghijklmnopqrstuvwx Z zabcdefghijklmnopqrstuvwxy

Transposition  Goal is confusion  Encryption in which the letters of the message are rearranged; breaking established patterns

Columnar Transposition  Rearranging characters of plaintext into columns  In a 5-column transposition, plaintext characters are written in rows of five and arranged one row after another:  Ciphertext is written from column to column C1C1C1C1 C2C2C2C2 C3C3C3C3 C4C4C4C4 C5C5C5C5 C6C6C6C6 C7C7C7C7 C8C8C8C8 C9C9C9C9 C 10 C 11 C 12 C 13 C 12 CnCnCnCn plaintext ciphertext

…continued THISISAMESSAGETOSHOWHOWACOLUMNARTRANSPOSITIONWORKS tssoh oaniw haaso lrsto imghw tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc nasns utpir seeoa mrook istwc nasnsPUTANXIFWORDSDONOTFILLALLCOLUMNSXXX pxrnl cnuid olost Fstal xawdf luxno oilmx

Public Key Encryption  Each user has a key that does not have to be kept secret  Secret is the decryption technique, not the key itself  Public key cryptosystem accomplish this goal by using two keys; one to encrypt and one to decrypt  Each user has two keys: a public key and a private key

…continued  P = D(k PRIV, E(k PUB, P))  Some public key encryption algorithms have this relationship: P=D(k PUB, E(k PRIV, P))

…continued  Let’s say there’s 3 users, B, C and D  All three have to send a message to A and each other  Each distinct pair of users needs a key, each user would need 3 different keys; A would need a key for B, C and D each.  With public key, each B, C and D can use A’ s public key to send the message, but A’s private key remains private, so C cannot decrypt message sent by B to A

Comparison Secret key (Symmetric) Public Key (Asymmetric) Number of Keys 12 Protection of key Must be kept secret One key must be kept secret, the other can be freely exposed Best uses Cryptographic workhorse; secrecy and integrity of data – single characters to blocks of data, messages, files Key exchange, authentication Key distribution Must be out-of-hand Public key can be used to distribute other keys SpeedFast Slow; typically, 10,000 times slower than secret key

Rivest-Shamir-Adelman (RSA) Encryption  A public key system  Introduced in 1978 and remains secure until now  Combines results from number theory with degree of difficulty in determining the prime factors of a given number  Uses two keys, d & e for decryption and encryption – either private or public key can be used in the encryption  P=E(D(P))=D(E(P))

…continued  C=P e mod n  P=C d mod n  P=C d mod n = (P e ) d mod n = (P d ) e mod n  Key choice: –Consists of pair of integer (e,n) for encryption and integer (d,n) for decryption –Start point to find value of n  n should be quite large (a product of two prime numbers p and q)  p and q are usually 100 digits each  e is relatively prime to (p-1)*(q-1)  e has no factors in common with (p-1)*(q-1) where e>(p-1) and e>(q-1)

…continued  e * d = 1 mod (p-1)*(q-1)  Usually n is made public and d is kept secret