ITMS – 3153 Information Systems Security Chapter 2 – Elementary Cryptography SHIRAJ MOHAMED M | MIS UNIT
Coverage Areas Concepts of encryption Cryptanalysis Symmetric (secret key) Encryption Asymmetric (public key) Encryption Key exchange protocols and certificates Digital Signatures Cryptographic hash functions SHIRAJ MOHAMED M | MIS UNIT
SHIRAJ MOHAMED M | MIS UNIT
Terminology & Background Sender (S), Recipient (R), Transmission media (T) Interceptor / intruder (O) (availability) O might block message from reaching R O might intercept message (confidentiality) O might modify message (integrity) O might fabricate an authentic-looking message (integrity) SHIRAJ MOHAMED M | MIS UNIT
Terminology & Background Encryption – process of encoding a message Decryption – transforming encoded message back to normal Encrypt – encode , encipher Decrypt – decode, decipher Cryptosystem – system for encryption and decryption Plaintext – original form of message Ciphertext – encoded form of message SHIRAJ MOHAMED M | MIS UNIT
Terminology & Background Algorithms – rules for encryption and decryption Key – value used to encrypt message C = E(K, P) where P=plaintext, K = key, E = encryption algorithms, and C = ciphertext Symmetric encryption P = D(K, E(K,P)) Asymmetric encryption P = D(KD, E(KE,P)) Keyless cipher Cryptography (hidden writing) – uses encryption to hide message Cryptanalysis – attempts to find meanings in encrypted messages Cryptology – study of encryption and decryption SHIRAJ MOHAMED M | MIS UNIT
P = D (K, E (K, P)) Symmetric Sometimes the encryption and decryption keys are the same P = D (K, E (K, P)) where P=plaintext, K = key, E = encryption algorithms, and C = ciphertext SHIRAJ MOHAMED M | MIS UNIT
P = D (KD, E (KE, P)) Asymmetric At other times, encryption and decryption keys come in pairs Decryption key, KD Encryption key KE P = D (KD, E (KE, P)) where P=plaintext, K = key, E = encryption algorithms, and C = ciphertext SHIRAJ MOHAMED M | MIS UNIT
Cryptography Cryptography (secret writing) is the strongest tool for controlling against many kinds of security threats. Well-disguised data cannot be read, modified, or fabricated easily. Cryptography is rooted in higher mathematics: group and field theory, computational complexity, and even real analysis, not to mention probability and statistics. Fortunately, it is not necessary to understand the underlying mathematics to be able to use cryptography. SHIRAJ MOHAMED M | MIS UNIT
Cryptanalysis Attempt to break a single message Attempt to recognize patterns in encrypted messages Attempt to infer some meaning without breaking the encryption Attempt to realize the key Attempt to find weaknesses in the implementation or environment of use of encryption Attempt to find general weaknesses in an encryption algorithm SHIRAJ MOHAMED M | MIS UNIT
Cryptographer v Cryptanalyst A cryptographer works on behalf of a legitimate sender or receiver Cryptanalyst A cryptanalyst works on behalf of an unauthorized interceptor SHIRAJ MOHAMED M | MIS UNIT
Encryption SHIRAJ MOHAMED M | MIS UNIT
Encryption with Keys SHIRAJ MOHAMED M | MIS UNIT
Breakable Encryption An encryption algorithm is called breakable when, given enough time and data, an analyst can determine the algorithm May be impractical A 25-character message of just uppercase letters has 2625 (1035) possible decipherments. A computer performing 1010 operations/sec would take 1011 years SHIRAJ MOHAMED M | MIS UNIT
Representing Characters we use the convention; plaintext is written in UPPERCASE letters, and ciphertext is in lowercase letters LASANTHA 11018131970 SHIRAJ MOHAMED M | MIS UNIT
Arithmetic on the characters A + 3 = D N - 1 = ? C+10 = ? S + 9 = ? X + 4 = ? SHIRAJ MOHAMED M | MIS UNIT
Types of Encryption Substitution – one or more characters are replaced with another Transpositions (permutations) – order of characters is rearranged Hybrid – combinations of the two types SHIRAJ MOHAMED M | MIS UNIT
Substitution Ciphers This technique is called a monoalphabetic cipher or simple substitution A substitution is an acceptable way of encrypting text SHIRAJ MOHAMED M | MIS UNIT
Caesar Cipher Each letter is translated a fixed number of positions in the alphabet Ci = E(pi) = pi + 3 (Caesar used a shift of 3) Easy to perform; easy to break Look for double letters and then use common words with double letters SHIRAJ MOHAMED M | MIS UNIT
Other Substitution Ciphers Use a key to scramble the letters A B C D E F G H I J K L M N O … c i p h e r s a b d f g j k l … Rearrange using a fixed distance between letters (e.g. every 3rd) a d g j m p s v y b e h k n r … SHIRAJ MOHAMED M | MIS UNIT
Complexity of Substitution Encryption and Decryption Substitution encryption algorithms can be performed by direct lookup in tables. An important issue in using any cryptosystem is the time it takes to turn plaintext into ciphertext, and vice versa. SHIRAJ MOHAMED M | MIS UNIT
Cryptanalysis of Substitution Ciphers The techniques described for breaking the Caesar cipher can also be used on other substitution ciphers Look for short words, words with repeated patterns, common first and last letters Can use our knowledge of language Look at frequency distributions Could reduce time to hours Nature and context of the text being analyzed SHIRAJ MOHAMED M | MIS UNIT
One-Time Pads The pad consists of a large number of pages where each page contains a non- repeating key The sender would write the keys above the message (e.g. a 300 character message would require 30 pages of 10 character keys) The message is scrambled using a Vigenere tableau built from the message and key Problem is synchronizing the receiver’s pad with the senders pad SHIRAJ MOHAMED M | MIS UNIT
Vigenere tableau SHIRAJ MOHAMED M | MIS UNIT
How to use Vigenere tableau I am, I exist, that is certain. uaopm kmkvt unhbl jmed SHIRAJ MOHAMED M | MIS UNIT
Vernam Cipher One-time pad consists of an arbitrary long non-repeating sequence of numbers that are combined with the plaintext Each plaintext character is represented by its numeric equivalent and is added to one of the random numbers. The ciphertext character is computed from the sum mod 26 Repeated characters are typically represented by different ciphertext characters SHIRAJ MOHAMED M | MIS UNIT
Vernum Cipher SHIRAJ MOHAMED M | MIS UNIT
Book Ciphers Uses a passage from a book to form the letters at the top of a Vigenere Tableau Computes ciphertext character by taking the intersection of the plaintext character and corresponding character at that position from the book passage Relatively easy to break using frequency distributions SHIRAJ MOHAMED M | MIS UNIT
Transpositions (Permutations) Columnar Transposition rearranging plaintext message into columns and then reading it row by row Transposition algorithms require a constant amount of time per character and are (n) algorithms, but space required to store results and delay in waiting for all characters to be read are dependent on the size of the plaintext SHIRAJ MOHAMED M | MIS UNIT
Transpositions…. THIS IS A MESSAGE TO SHOW HOW A COLUMNAR TRANSPOSITION WORKS tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc nasns SHIRAJ MOHAMED M | MIS UNIT
Infrequent letter If the message length is not a multiple of the length of a row, the last columns will be one or more letters short. When this happens, we sometimes use an infrequent letter, such as X, to fill in any short columns SHIRAJ MOHAMED M | MIS UNIT
Cryptoanalysis of Transposition Algorithms Compute letter frequencies of ciphertext; if appear with normal frequency, then assume a transposition algorithm was used SHIRAJ MOHAMED M | MIS UNIT
Shannon's Characteristics of "Good" Ciphers The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption The set of keys and the enciphering algorithm should be free from complexity The implementation of the process should be as simple as possible Errors in ciphering should not propagate and cause corruption of further information in the message The size of the enciphered text should be no larger than the text of the original message SHIRAJ MOHAMED M | MIS UNIT
Stream Ciphers Most of the ciphers we have presented so far are stream ciphers (exception is the columnar transposition cipher) convert one symbol of plaintext immediately into a symbol of ciphertext SHIRAJ MOHAMED M | MIS UNIT
Stream Ciphers System SHIRAJ MOHAMED M | MIS UNIT
Errors of Stream Ciphers Skipping a character in the key during encryption SHIRAJ MOHAMED M | MIS UNIT
Block Cipher A block cipher encrypts a group of plaintext symbols as one block Eg: columnar transposition SHIRAJ MOHAMED M | MIS UNIT
Block Cipher Systems SHIRAJ MOHAMED M | MIS UNIT
Advantages and disadvantages of stream and block encryption algorithms SHIRAJ MOHAMED M | MIS UNIT
Confusion and Diffusion SHIRAJ MOHAMED M | MIS UNIT
Confusion The interceptor should not be able to predict what will happen to the ciphertext by changing one character in the plaintext The goal of substitution is confusion SHIRAJ MOHAMED M | MIS UNIT
Diffusion The cipher should also spread the information from the plaintext over the entire ciphertext so that changes in the plaintext affect many parts of the ciphertext SHIRAJ MOHAMED M | MIS UNIT
References Charles P. Pfleeger, (2005) "Security in Computing (Fourth Edition)", Prentic-Hall International, Inc. SHIRAJ MOHAMED M | MIS UNIT
thank you SHIRAJ MOHAMED M | MIS UNIT