A Cryptography Education Tool Anna Yu Department of Computer Science College of Engineering North Carolina A&T State University June 18, 2009

Outline Overview and Objectives Graphic User Interface Transmission of Password Secret Key Cryptography Public Key Cryptography Conclusion

Overview and Objectives Meet the ever-increasing demand for well- trained information security professionals Help students to understand and use cryptography algorithms

GUI The GUI should be user friendly It includes Help, Encryption, Demonstration In the First Screen of GUIs a user can select Transmission of Password Secret key cryptography Public key cryptography

Transmission of Password The Transmission of Password demonstrates the concepts of classical encryption. It includes: Change case algorithm Substitution cipher

Transmission of Password Change case algorithm Change case algorithm changes an input capital letter into an output low case and an input low case into an output capital letter. Example: Input Yu Output yU The student keys in encrypted user name and password. If the input is not correct the student can try again.

Transmission of Password Substitution Cipher A substitution cipher substitutes characters in the input plaintext according to the rules to produce the ciphertext. Transmission password and user ID is one of applications. The convert table provides substitution rules Character: a b c d e f g h i j k l Substitution code: Example: Input jab Output: 1012

Secret Key Cryptography 1. Introduce secret key cryptography 2. Explain functions of the key 3. Explain how the secret key cryptography works

Secret Key Cryptography DES uses Data Encryption Algorithm (DEA), a secret key block-cipher. It uses a 56-bit key operating on 64-bit blocks. The 56-bit key is divided into eight 7-bit blocks and an 8th odd parity bit is added to each block (i.e., a "0" or "1" is added to the block so that there are an odd number of 1 bits in each 8-bit block). By using the 8 parity bits for rudimentary error detection, a DES key is actually 64 bits in length.

Secret Key Cryptography-SDES SDES uses an 8-bit key operating on an 8- bit block of plaintext. It invokes 2 rounds of permutations, swaps, and substitutes.

Secret Key Cryptography-SDES Generating SDES Keys

Secret Key Cryptography-SDES The initial permutation function The 10-bit key input will be transformed into two 8-bit sub keys that are K1 and K2. The permutation function P10 yields a 10-bit output from a 10- bit input key by permuting the bits of the input block. P10 = {3, 5, 2, 7, 4, 10, 1, 9, 8, 6} The distinct selection function P8 P8 = {6, 3, 7, 4, 8, 5, 10, 9} An example of generating keys that are K1 and K2 Step 1 10-bit key input: Step 2 Execute the permutation using P10: Output P10: Step 3 Execute left most shift 1 bit (LS-1) Divide Output P10 into left 5 bits ( ) and right 5 bits ( ) Execute left most shift 1 bit separately Output left LS-1: Output right LS-1: LS-1 output:

Secret Key Cryptography-SDES Step 4 Generate K1 Use the distinct selection function P8 to select bits from LS-1 output K1 = Step 5 Execute left most shift 2 bits Execute left most shift 2-bits for Output left LS-1: Execute left most shift 2-bits for Output right LS-1: LS-2 output: Step 6 Generate K2 Use the distinct selection function P8 to select bits from LS-2 output K2 =

Secret Key Cryptography-SDES SDES encryption

Secret Key Cryptography-SDES The First Round Step 1.1. Input an 8-bit block of plaintext: Step 1.2. Execute an initial permutation (IP). Initial Permutation (IP) = { 2, 6, 3, 1, 4, 8, 5, 7}Output IP: Step 1.3. Execute expansion/permutation (E/P) Apply E/P to the right 4 bits of Output IP and generate 8 bits from 4 bits. Extension/Permutation (E/P) = {4, 1, 2, 3, 2, 3, 4, 1} E/P output: Step 1.4. Perform binary XOR operation with K 1 EP output XOR K 1, i.e XOR E/P Output : Step 1.5. Determine a row and a column in S i table from E/P output Table S 0 : C0 C1 C2 C3 R R R R For a row combine bits 1 and 4, convert it to decimal, i.e. bits 1 & 4 -> 11 -> 3 For a column combine bits 2&3, convert it to decimal, i.e. bits 2&3 -> 00 -> 0 Value of row 3 and column 0 in table S 0 is 3. Convert 3 into binary 11. S 0 output: 11

Secret Key Cryptography-SDES Table S 1 : C0 C1 C2 C3 R R R R For a row combine bits 5&8, convert it to decimal, i.e. bits 5 & 8 -> 10 -> 2 For a column combine bits 6&7, convert it to decimal, i.e. bits 6&7 -> 00 -> 0 Value of row 2 and column 0 in table S 1 is 3. Convert 3 into binary 11. S 1 output: 11 S 0 S 1 output: Step 1.6. Execute permutation 4 Permutation 4 = { 2, 4, 3, 1}Output P4: Step 1.7. Execute XOR with left 4 bits of Output IP Output P4 XOR left 4 bits of Output IP xor Output: Step 1.8. Generate new 8-bits Replace left 4-bits of Output IP by the above result, copy right 4-bits of Output IP GN output: Step 1.9. Swap the two 4-bit halves of GN outputSW Output:

Secret Key Cryptography-SDES The second Round Step 2.1. Execute expansion/permutation (E/P) Apply E/P to the right 4 bits of SW Output and generate 8 bits from 4 bits. Extension/Permutation (E/P) = {4, 1, 2, 3, 2, 3, 4, 1} E/P output: Step 2.2. Perform binary XOR operation with K 2 EP output XOR K 2, i.e XOR E/P Output : Step 2.3. Determine a row and a column in S i table from E/P output For a row combine bits 1 and 4, convert it to decimal, i.e. bits 1 & 4 -> 10 -> 2 For a column combine bits 2&3, convert it to decimal, i.e. bits 2&3 -> 10 -> 2 Value of row 2 and column 2 in table S 0 is 1. Convert 1 into binary 0 1 S 0 output: 01 For a row combine bits 5&8, convert it to decimal, i.e. bits 5 & 8 -> 0 1 -> 1 For a column combine bits 6&7, convert it to decimal, i.e. bits 6&7 -> 0 0 -> 0 Value of row 1 and column 0 in table S 1 is 2. Convert 3 into binary 10. S 1 output: 1 0 S 0 S 1 output:

Secret Key Cryptography-SDES Step 2.4. Execute permutation 4 Permutation 4 = { 2, 4, 3, 1}Output P4: Step 2.5. Execute XOR with left 4 bit of SW Output Output P4 XOR left 4 bit of SW Output XOR Output: Step 2.6. Generate new 8-bits Replace left 4-bits of SW Output by the above result copy right 4-bits of SW Output GN2 output: Step 2.7. Execute reverse of initial permutation IP -1 IP -1 = {4, 1, 3, 5, 7, 2, 8, 6} Encrypted the 8-bit block:

Public Key Cryptography 1. Introduce public key cryptography 2. Explain functions of a public key and a private key 3. Explain how the public key cryptography works

Public Key Cryptography Public key cryptography is referred to as asymmetric cryptography. A user has a pair of mathematically related keys that are public key and a private key. A public key can be published. A private key can never leave the possession of its owner. A user sends a secret message simply encipher the message with the recipient’s public key. The recipient can decipher it using his private key.

Public Key Cryptography-RSA RSA uses a variable size encryption block and a variable size key. It can be used for key exchange, digital signatures, or encryption of small blocks of data.

Public Key Cryptography-RSA Key generation algorithm Step 1. Select two primes p and q Step 2. Calculate n = p * q Step 3. Calculate φ(n) = (p-1)(q-1). Step 4. Choose an integer e, and 1 < e < φ(n) Step 5. Determine d, 1 < d < φ(n), such that e*d mod φ(n) = 1. The public key is (n, e) and the private key is (n, d). Example: Select primes p=11, q=3 n = p*q = 11*3 = 33 φ(n) = (p-1)*(q-1) = 10*2 = 20 Choose e=3 Determine d such as d * e mod 20 = 1 and d < 20 d = 7, (3*7 = 21 = 2 * ) Generated keys are: Public key (33, 3), Private key (33, 7)

Encryption Input the message-decimal number m = 7 Encrypted output: c = m ^e mod n = 7 ^3 mod 33 = 343 mod 33 = 13 Encrypted message c = 13 Decryption m' = c ^d mod n = 13 ^7 mod 33 = 7 Public Key Cryptography-RSA

Thank You … Q & A Follows Thank you for your attention … Q & A follows