Computer Security Cryptography
Cryptography Now and Before In the past – mainly used for confidentiality Today –Still used for confidentiality –Data integrity –Source authentication –Non-repudiation
Definitions Cryptography –Hiding the meaning of communication Cipher –Transforms characters or bits into an unreadable format Cryptographic Algorithm –Procedure that turns readable data into an unreadable format (usually through mathematical formulas
More Definitions Cryptanalysis –Science of studying and breaking encryption mechanisms Cryptology –Study of cryptography and cryptanalysis Key Clustering –When two keys generate the same ciphertext from the same plaintext
MORE Definitions Cryptosystem –Encompasses all of the components for encryption and decryption Plaintext –Readable format / decrypted Ciphertext –Unreadable format / encrypted Work Factor –Time, effort, and resources necessary to break a cryptosystem (should be too high for compromise)
Symmetric Cryptography Two instances of the same key –One key used for encryption and decryption –Sender/receiver use same key (public/shared) Key distribution a problem Secure 2 nd channel needed or offline Does not implement non-repudiation
Historical Symmetric Keys Hieroglyphics –Recorded in use in 2000 B.C. –1 st known type of cryptography –Only certain people knew the symbols –Used to glorify the life of deceased
Scytale Cipher Paper or leather was wrapped around a rod Message was written on paper and delivered by messenger Sender and receiver had to have rod of same diameter Was used around 400 B.C. Transposition Cipher
Caesar Cipher Symmetric cipher Keys shifted ‘n’ number of letters Also referred to as a shift cipher If one alphabet is used – monoalphabetic substitution If two alphabets are used – polyalphabetic substitution
Example Decode the following messages: OP CPOVT QPJOUT PO FYBN
Vigenere Cipher Polyalphabetic substitution cipher Proposed by court of King Henry III An extension of the Caesar Cipher Strength is no frequency analysis can be performed
Enigma Machine Rotor cipher used polyalphabetic substitution Employed in WWII Symmetric – original setting of rotors and how rotors moved must be the same Sender entered characters and the rotors moved
Vernam Cipher One-time pad –Only method that is completely secure –Still used today for backups encryption method –Senders uses one-time pad to encrypt and receiver uses twin to decrypt
Vernam Deemed unbreakable if: –Pad is truly random values –Used only once –Securely distributed –Securely stored –Pad is at least as long as message
Key & Algorithm Relationship Key – long string of values Algorithm – group of mathematical equations that can be used for the encryption process Used together – key values are used by the algorithm to indicate which equations to use, in what order, and with what values
Breaking Cryptosystems Brute Force –Attempts all possible combinations of a given key space to derive the key Takes ciphertext, applies key, and sees if understandable plaintext is derived –How many possible keys? 40-bit key = 1 trillion 56-bit key = 72 quadrillion –Easily breakable due to Moore’s Law –In 1998, broke DES in three days with 1536 PCs running at 40 MHz
Frequency Analysis Patterns in ciphertext are identified and matched back to plaintext For example, the most common letters in the English language are “iron seat” Allows attackers to reverse-engineer encryption process
Characteristics of Strong Algorithms Confusion –Complexity of the process to increase the workfactor of reverse engineering –Interceptor should not be able to predict what changing one character will do to ciphertext Diffusion –Component going through an encryption should have MANY things take place –Change should affect many part of the ciphertext
Kerckhoff’s Principle Only secrecy involved with cryptography should be the key Should not base security on figuring out the algorithm Algorithms should be publicly known Government does NOT agree