Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intro to Cryptography Hanqiu Peng.

Published by Modified over 6 years ago

Similar presentations

Presentation on theme: "Intro to Cryptography Hanqiu Peng."— Presentation transcript:

1 Intro to Cryptography Hanqiu Peng

2 Definitions: Cypher: an algorithm for performing encryption or decryption. Plaintext (cleartext): text contains human-readable information. Ciphertext: text has unreadable by a human or computer. Cryptosystem: method of disguising (encrypting) plaintext messages so that only select parties can decipher (decrypt) the ciphertext. Cryptography: the art/science of using and developing cryptosystems.

3 History 4000 years ago, Egyptians’ use of non-standard hieroglyphics. This code was the secret known only to the scribes who used to transmit messages on behalf of the kings. Al-Kindi (801–873 A.D.), the first people to systematically document cryptanalytic methods. His manuscript contains the first descriptions of cryptanalysis and frequency analysis. Italian Leon Battista Alberti (“father of western cryptography”) invented polyalphabetic ciphers in Ninth century Crack the code

4 Enigma Machine German WWII encryption device
invented by German engineer Arthur Scherbius.  Used polyalphabetic substitution cipher Decrypted by the Allied powers The Allied intelligence department called the deciphered code ULTRA Procedural flaws, operator mistakes, and the Allies capture of key tables and hardware Win the war 2 years in advance

5 What Can Cryptography Do?
Confidentiality – Keep data and communication secret – Encryption / decryption Integrity – Protect reliability of data against tampering – “Was this the original message that was sent?” Authenticity – Provide evidence that data/messages are from their purported originators – “Did Hanqiu really send this message?”

6 Caesar Cipher It is a monoalphabetic cipher in which each letter in the plaintext is 'shifted' a fixed number of places down the alphabet. Used by Julius Caesar to communicate with his generals. A key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm.  Encryption: Right-shift every character by x: c = E(x, p) = (p + x) mod 26 Decryption: Left-shift every character by x: p = D(x, c) = (c – x) mod 26 x is the key, both sender and receiver have it. Remainder for negative number =divisor - (opposite number mod divisor) 2000 years ago Give example:attack (x=3) dwwdfn

7 Cryptanalyze this ... Cryptanalysis: the art/science of breaking cryptosystems Example: Assume key x=3, Ciphertext: ghihqg wkh hdvw zdoo ri wkh fdvwoh. Plaintext: defend the east wall of the castle. Plaintext: defend the east wall of the castle.

8 Frequency Analysis Knowing the usual frequencies of letters in English communication, if the encryption method does not effectively mask these frequencies, it is possible to compare the frequencies of letters in ciphertext with those in English communication, and calculate the key. Ciphertext: ghihqg wkh hdvw zdoo ri wkh fdvwoh. Let’s get the letter frequencies (how often each letter appears) of this ciphertext. h=6, w=4, d=3, o=3, g=2, i=2, k=2, v=2, z=1, r=1, f=1, q=1 Take out h and w, match them with e and t. Since we know the cipher used is the Caesar cipher, we guess the steps shift from h to e (w to t) is -3. Use -3 to decrypt the whole ciphertext. If the result make sense, we probably find the correct key. Al-Kindi from Baghdad

9 Polyalphabetic Cipher
Use a number of substitutions at different positions in the message. Example: Vigenère Cipher – A set of Caesar Ciphers where each cipher is denoted by a key letter that designates the shift. – The key letters repeat for the length of the message. key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext: zicvtwqngrzgvtwavzhcqyglmgj

10 Modern Cryptography Modern cryptosystems use a key to control encryption and decryption. Ciphertext should be undecipherable without the correct key. Encryption key may be different from decryption key. Kerckhoffs’s principles [1883]: – Assume the attacker knows cipher algorithm. – Security should rely on choice of key. – If attacker discovers the key, a new key can be chosen. Kerckhoffs’s Principles are contrary to the principle of “security by obscurity”, which relies only upon the secrecy of the algorithm/cryptosystem. If security of a keyless algorithm compromised, cryptosystem becomes permanently useless (and unfixable)

11 Why We Need Cryptography?
Eve: an eavesdropper, who is usually a passive attacker. While she can listen in on messages between Alice and Bob, she cannot modify them. Mallory: an active attacker (often used in man-in-the-middle attacks), who can modify messages, substitute messages, or replay old messages.

12 Encryption and Decryption
1. Symmetric-key cryptography, where a single key is used for encryption and decryption. Alice and Bob share the same key (shared secret). Doesn't imply that encrypting and decrypting are the same algorithm. M = plaintext C = cipher text E(x) = encryption function D(y) = decryption function C=E(M),M=D(C),M=D(E(M))

13 Diffie–Hellman key exchange
non-secret values in blue, and secret values in red. 1. Alice and Bob agree to use a modulus p = 23 and base g = 5 2. Alice chooses her private key  a = 4, then sends her public key = (ga mod p) = (54 mod 23)  = 4 to Bob. 2. Bob chooses his private key b = 3, then sends his public key = (gb mod p) = (53 mod 23)  = 10 to Alice. 3. Alice computes s = (Ba mod p) = (104 mod 23) = 18 4. Bob computes s = (Ab mod p) = (43 mod 23) = 18 Alice and Bob now share a secret (the number 18) Once Alice and Bob compute the shared secret, they can use it as an encryption key, known only to them, for sending messages across the same open communications channel. Of course, much larger values of a, b, and p would be needed to make this example secure, since there are only 23 possible results of n mod 23.  Here it is a coincidence that the private key equals to public key. Note here the private key is supposed to be different from the public key.

14 Encryption and Decryption
2. Public-key cryptography, where different keys are used for encryption and decryption. Separate keys for encryption and decryption -Public key: anyone can know this -Private key: kept confidential Anyone can encrypt a message to you using your public key. The private key is required to decrypt the communication.

15 Digital signatures A valid digital signature gives a recipient reason to believe that the message was created by a known sender (authentication), that the sender cannot deny having sent the message (non-repudiation), and that the message was not altered in transit (integrity). In this example the message is only digitally signed and not encrypted. Alice signs a message with her private key. Bob can verify that Alice sent the message and that the message has not been modified.

16 RSA Key Generation Algorithm: Choose distinct primes p and q
Compute n = pq. Compute Φ(pq) = (p-1)(q-1). Randomly choose 1<e< Φ(pq) such that e and Φ(pq) are coprime. e is the public key exponent Compute d, which satisfies [ed mod(Φ(pq))]=1 and 1<d< Φ(pq). d is the private key exponent Example: choose p=3, q=11 n=3*11=33 Φ(pq)=(3-1)(11-1)=20 choose e=7 7d mod 20 = 1 => d=3 Values of p,q should be large for practical use.

17 RSA Encryption/Decryption
Algorithm: Public key is (e,n) private key is (d,n) Encryption: ciphertext = plaintexte mod n Decryption: plaintext = ciphertextd mod n Example: Public key (7,33) Private Key (3,33) If we know plaintext = 4, ciphertext = 47 mod 33 = 16384 mod 33 = 16 If we know ciphertext = 16, plaintext = 163 mod 33 = 4096 mod 33 = 4

18 Cryptanalysis Goal: figure out the key. Classifications:
Ciphertext-only attack: attacker has access only to ciphertext. Known-plaintext attack: attacker has access to plaintext and corresponding ciphertext. Chosen-plaintext attack: attacker can choose plaintext and learn ciphertext. Chosen-ciphertext attack: attacker can choose ciphertext and learn plaintext.

19 Other cryptanalysis ... Brute force cryptanalysis: just keep trying different keys and check result Linear cryptanalysis: construct linear equations relating plaintext, ciphertext and key bits that have a high bias. Use these linear equations in conjunction with known plaintext-ciphertext pairs to derive key bits. Differential cryptanalysis: Study how differences in an input can affect the resultant difference at the output. Use chosen plaintext to uncover key bits.

20 Use HTTPS Instead of HTTP
Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Google Chrome does well on it.

21 Questions & Comments?

22 Thank You Guys!

Download ppt "Intro to Cryptography Hanqiu Peng."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)

Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
RSA Exponentiation cipher

RSA Exponentiation cipher
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
Chapter 12 Cryptography (slides edited by Erin Chambers)

Chapter 12 Cryptography (slides edited by Erin Chambers)
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Cryptography ECT 582 – Winter 2004 Robin Burke. Discussion.

Cryptography ECT 582 – Winter 2004 Robin Burke. Discussion.
CS110: Computers and the Internet Encryption and Certificates.

CS110: Computers and the Internet Encryption and Certificates.
T TT The Cryptography Istituto Tecnico Industriale “E.Divini” San Severino Marche.

T TT The Cryptography Istituto Tecnico Industriale “E.Divini” San Severino Marche.

Similar presentations

Ads by Google