Cryptography 1 CS432. Overview  What is cryptography and cryptology?  The main components of a crypto system.  Problems solved by cryptography.  Basic.

Slides:



Advertisements
Similar presentations
CLASSICAL ENCRYPTION TECHNIQUES
Advertisements

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Cryptology  Terminology  plaintext - text that is not encrypted.  ciphertext - the output of the encryption process.  key - the information required.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Cryptography Week-6.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
A Cryptography Education Tool Anna Yu Department of Computer Science College of Engineering North Carolina A&T State University June 18, 2009.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Lecture 2 Overview.
I-4 security.
Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Information Systems Security
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
Midterm Review Cryptography & Network Security
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Elementary Cryptography  Concepts of encryption  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public key) Encryption (RSA)(RSA)
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
Chapter 9 Public Key Cryptography and RSA. Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender.
K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.
Intro to Cryptography Lesson Introduction
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Lecture 2 Overview. Cryptography Secret writing – Disguised data cannot be read, modified, or fabricated easily – Feasibility of complexity for communicating.
Lecture 9 Overview. RSA Invented by Cocks (GCHQ), independently, by Rivest, Shamir and Adleman (MIT) Two keys e and d used for Encryption and Decryption.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Public Key Encryption and Digital Signatures
Cryptography.
PART VII Security.
Presentation transcript:

Cryptography 1 CS432

Overview  What is cryptography and cryptology?  The main components of a crypto system.  Problems solved by cryptography.  Basic concepts: symmetric cryptography, asymmetric cryptography, digital signatures.  Types of algorithms and related concepts.

Cryptography and Cryptology  Encryption: transformation of intelligible, understandable information into unintelligible form to disguise its meaning and intent from intruders.  Decryption: The inverse transformation of encrypted information into intelligible form  Both encryption and decryption are based on keys. It should be difficult or impossible to decrypt a message without knowing the key.  Cryptography: encryption + decryption.  Cryptanalysis: analyzing encrypted information with the intent of recovering the original plain information, without knowing the key.  Cryptology: cryptography + cryptanalysis.

The Encryption and Decryption Process  The encryption model

The major components of a crypto system (the model)  Plain text: the original message before encryption.  Encryption Algorithm: the algorithm used to transform the plaintext into unintelligible form (the cipher text).  The cipher text: the encrypted text.  Encryption key: the encryption process is always based on a key.  Decryption Algorithm: used to transforms cipher text back to plaintext.  The Decryption key: the key used in the decryption process. All algorithms must be public; only the keys are secret.

Intruders and Cryptanalysis  It is assumed that there is an intruder who listens to all communications and he may copy or delete any message An active intruder modifies some messages and re-inserts them An active intruder modifies some messages and re-inserts them A passive intruder just listens A passive intruder just listens  To decrypt a message without having a key, an intruder practices the art of cryptanalysis

What Does Cryptography Solve?  Confidentiality Ensure that nobody can get knowledge of what you transfer even if listening to the whole conversation Ensure that nobody can get knowledge of what you transfer even if listening to the whole conversation  Integrity Ensure that message has not been modified during the transmission Ensure that message has not been modified during the transmission  Authenticity You can verify that you are talking to the entity you think you are talking to You can verify that you are talking to the entity you think you are talking to  Identity You can verify who is the specific individual behind that entity You can verify who is the specific individual behind that entity  Non-repudiation The individual behind that asset cannot deny being associated with it The individual behind that asset cannot deny being associated with it

Symmetric Encryption “An introduction to cryptography” “AxCvGsmWe#4^, sdgfMwir3:dkJeTs “An introduction to cryptography” Clear-text input Clear-text output Cipher-text Same key (shared secret) EncryptionDecryption DES DES

Asymmetric Encryption “An introduction to cryptography” “Py75c%bn&*)9|f nmdFgegMs” “An introduction to cryptography” Clear-text Input Clear-text Output Cipher-text Different keys Encryption Decryption RSA RSA

Asymmetric Encryption  Things to remember about asymmetric keys: The relation between the two keys is unknown and from one key you cannot gain knowledge of the other, even if you have access to clear-text and cipher-text The relation between the two keys is unknown and from one key you cannot gain knowledge of the other, even if you have access to clear-text and cipher-text The two keys are interchangeable. All algorithms make no difference between public and private key. When a key pair is generated, any of the two can be public or private The two keys are interchangeable. All algorithms make no difference between public and private key. When a key pair is generated, any of the two can be public or private g$5knvMd’rk vegMs” Clear text ? Encryption

Example: Confidentiality Different keys Recipient’s public key Recipient’s private key private public Encryption Decryption “An introduction to cryptography” “Py75c%bn&*)9|f nmdFgegMs” “An introduction to cryptography” Clear-text Input Clear-text Output Cipher-text

Example: Authenticity Different keys Sender’s public key Sender’s private key private public Encryption Decryption “An introduction to cryptography” “Py75c%bn&*)9|f nmdFgegMs” “An introduction to cryptography” Clear-text Input Clear-text Output Cipher-text

Creating a Digital Signature 3kJfgf*£$& Py75c%bn This is the document created by Gianni Message or File Digital Signature Message Digest Calculate a short message digest from even a long input using a one-way message digest function (hash) Signatory's private key priv GenerateHash SHA, MD5 AsymmetricEncryption RSA This is the document created by Ahmed 3kJfgf*£$& Signed Document (Typically 128 bits)

Verifying a Digital Signature RSA This is the document created by Ahmed 3kJfgf*£$& Signed Document Py75c%bn Message Digest GenerateHash Gianni's public key (from certificate) AsymmetricDecryption pub Digital Signature Py75c%bn ? Compare ?

Classification of Ciphers  Substitution ciphers Cesar’s cipher Cesar’s cipher Affine transformation ciphers Affine transformation ciphers  Transposition ciphers  One-time pad  Block ciphers  Exponentiation ciphers RSA RSA

Substitution Ciphers  Each symbol is replaced by another symbol (Example: with Latin alphabet, in monoalphabetic substitution, the key is a 26-letter string that represents the substituting permutation of the alphabet, so 26! keys are available) Case study: Caesar cipher (A -> D, B -> E, C->F, …Z->C ), or ord (s) = [ord(s) + 3] mod 26. Letters are packed in equal blocks to prevent cryptanalysis based on the word length

Case Study: Cesar’s Cipher Plaintext: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphertext: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z THIS MESSAGE IS TOP SECRET | | | | 4 19| | | | | 7 22 WKLVP HVVDJ HLVWR SVHFU HW

Substitution Ciphers Substitution ciphers are easy to break with a relatively small amount of ciphertext, using statistical properties of the language (frequency of letters, bigrams, trigrams, etc.)

A Cryptanalysis Example Letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Frequency <1 < < <1 2 <1 The frequencies of occurrence of letters in English text: Letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Frequency Analysis of the frequencies of occurrence of letters in the ciphertext: Ciphertext: YFXMP CESPZ CJTDF DPQFW QZCPY NTASP CTYRX PDDLR PD (Suppose, we know that shift transformation cipher was used) Guess: P(7) = E(13) => 15 = 4 + k (mod 26) => k = 11. Plaintext: NUMBE RTHEO RYISU SEFUL FOREN CIPHE RINGM ESSAG ES (NUMBER THEORY IS USEFUL FOR ENCIPHERING MESSAGES)

Transposition Cipher  All symbols are reordered according to a permutation specified by the key Example: WISPER the key—must have no repeated symbols the relative order of each symbol in the key the relative order of each symbol in the key “CIS IS THE BEST COLLEGE IN TOWN” “CIS IS THE BEST COLLEGE IN TOWN” C I S I S T H E B E S T C O L L E G E I N T O W plaintext is written in rows of the key’s size N x x x x x the last row is padded SOXLEIEEGTTHUTTMNY (ciphertext is written in columns permuted in the order of key’s symbols) SOXLEIEEGTTHUTTMNY (ciphertext is written in columns permuted in the order of key’s symbols) Transposition ciphers can also be broken by guessing the key size and using statistical analysis when the cryptanalyst knows that it is a transposition cipher.

Transposition Ciphers C I S I S T H E B E S T C O L L E G E I N T O W plaintext is written in rows of the key’s size N x x x x x the last row is padded WISPER SIITSCSEETBHEOLGLCOITWNEXXXXXN Cipher Text: SSEOX IEOIX IELTX TTGWX SBLNX CHCEN

Any bit sequence the size of plaintext can be a key. Each bit of plaintext is XOR-ed with the corresponding bit of the key to produce a bit of the ciphertext One-Time Pad Ciphers (XOR) + = Plaintext: Key: Ciphertext: Example: One-time Pad is unbreakable; however key distribution is a big problem…

Block Ciphers (Affine Transformation)  Key: A is a square integer matrix of order n such that (|A|, 26) = 1 A is a square integer matrix of order n such that (|A|, 26) = 1 B is an n-vector of integers B is an n-vector of integers  The ciphertext is split into blocks of length n; the last block is padded  For each block P, compute C = (AP + B) (mod 26) C = (AP + B) (mod 26)

Exponentiation Ciphers Given:  p is a prime  The key, e > 0 satisfies: (e, p-1) = 1 Plaintext: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Group the resulting numbers into blocks of 2m decimal digits, where m is the largest even integer such that the decimal value of each block is less than p 2.For each plaintext block, P, compute a ciphertext block C = P e (mod p) 3.To decipher, find d such that de ≡ 1 (mod p-1) and compute P = C d (mod p) C d ≡ P ed P ≡ P k(p-1)+1 ≡ [P (p-1) ] k P ≡ P (mod p) (By Fermat’s Little Theorem)

Exponentiation Ciphers: An Example  p = 2633;  the key e = 29; (e, p-1) = (29, 2632) = 1;  Block length is 4 (m=2) Plaintext: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z THIS IS AN EXAMPLE OF AN EXPONENTIATION CIPHER ≡ 2199 (mod 2633) d = *2622 ≡ 1 (mod 2622) ≡ 1907 (mod 2633)

One Immediate Application: The Diffie-Hellman Algorithm Problem: Establish common keys (for symmetric cryptography) to be used by two individuals so that intruders cannot discover them in a feasible amount of computer time. Let p be a large prime a be an integer relatively prime to p These are known to all! Pick k 1 relatively prime to p-1 Pick k 2 relatively prime to p-1 =

A Simple Example of a DH Exchange p =17 a = 2 k 1 = 3k 2 = 5 =

Modern Symmetric-Key Algorithms  Combine transpositions and substitutions and cascade them to make the algorithms very complex (to prevent cryptanalysis even when large amounts of ciphertext are available)  Often use block ciphers 4-bit transposition (T) SS SS SSTSTST Cascading into a product 4 to 2 encoder 2-bit substitution (S) T 2 to 4 decoder

Some Common Symmetric-Key Cryptographic Algorithms (after A. Tanenbaum) Cipher Key size (bits) Characteristics Rijndael Best Triple DES 168 Second best Serpent, Twofish Very strong IDEA128 Good (but patented) RC RC Some keys are weak DES56Weak

Public-Key Cryptography A (public key, private key) pair Publish the public key (= encryption key) Publish the public key (= encryption key) Keep the private key (= decryption key) secret Keep the private key (= decryption key) secret Two essential requirements: 1) 2) It is very hard (i.e, computationally infeasible) to obtain from To send a message M to you, I send To send a message M to you, I send You decrypt it, obtaining: You decrypt it, obtaining:

RSA (Rivest, Shamir, Adleman)  Parameters: p, q, n, z, d, e Choose, large (1024 bits) primes: p, q Choose, large (1024 bits) primes: p, q Compute n = pq, z = φ(n) = (p-1)(q-1) Compute n = pq, z = φ(n) = (p-1)(q-1) Choose the exponent e relatively prime to z Choose the exponent e relatively prime to z Find d: ed ≡ 1(mod z) Find d: ed ≡ 1(mod z)  Keys: public, (e, n); private, (d, n);  Encryption and decryption: Brake the plaintext into largest equal even-digit blocks (P) shorter than n bits Brake the plaintext into largest equal even-digit blocks (P) shorter than n bits Encrypt each block P by computing C = E(P) ≡ P e (mod n) Encrypt each block P by computing C = E(P) ≡ P e (mod n) Decrypt C by computing D(C) ≡ C d (mod n) ≡ P ed (mod n) ≡ P kφ(n)+1 (mod n) ≡ P kφ(n) P(mod n) ≡ P(mod n) Decrypt C by computing D(C) ≡ C d (mod n) ≡ P ed (mod n) ≡ P kφ(n)+1 (mod n) ≡ P kφ(n) P(mod n) ≡ P(mod n) Euler’s Theorem: If n > 0 and e and d are integers, such that (a, m) = 1, then a φ(m) ≡ 1 (mod m). The probability that P and n are not relatively prime is extremely low!

RSA: An Example  p = 43, q=59; n = 43*59 = 2357; φ(n) = 42*58 =2436  Exponent e = 13; (e, φ(n) ) = (13, 42*58) = 1;  Block length is 4 Plaintext: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z PUBLIC KEY CRYPTOGRAPHY ≡ 95 (mod 2537) * 13 ≡ 1 (mod 2436) ≡ 1520 (mod 2537) d = 937 E(P) ≡ P e (mod n) P ≡ C d (mod n) Public key: (13, 2357) Private key: (937, 2357)

Properties of RSA  The algorithm is secure because of the difficulty of factoring N. Factoring a 500-digit number should take years using a CPU with 1 microsecond instruction time  Encryption and decryption are inverse and commutative (an important property for digital signatures)  The algorithm is slow (compared to DES and other symmetric algorithms with much shorter keys) RSA may be prohibitively slow when dealing with large blocks of data. It is typically used for one-time session key distribution for a symmetric-key algorithm (such as triple-DES)