Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ciphering and the Theory of Secrecy Systems

Published byHendrik de Veer Modified over 5 years ago

Similar presentations

Presentation on theme: "Ciphering and the Theory of Secrecy Systems"— Presentation transcript:

1 Ciphering and the Theory of Secrecy Systems
Network Security Design Fundamentals ET-IDA-082 Lecture-6 Ciphering and the Theory of Secrecy Systems , v35 Prof. W. Adi

2 And Fundamentals of ciphering
Secrecy Theory And Fundamentals of ciphering Outlines Historical Overview Basic Definitions Shannon’s Secrecy Theorem Perfect Secrecy „Vernam Cipher“ Unicity Distance Secret Key Cipher Principle

3 Two interesting statements around security!
„The only system which is truly secure is one which is switched off , unplugged, locked in a titanium lined safe, buried in a concrete bunker, surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn't stake my life on it ....“ Gene Spafford - Computer Operations, Audit and Security Technology (COAST), Purdue University „If I am asked to stake my life on a cryptographic function, I would not trust any function related to known mathematics“ Ulli Maurer – ETH Zürich, Swisserland

4 Scientific History of Cryptography
The origin of the word Cryptography (Greek: hidden word): Is Cryptography an Art or or a Science ? The scientific story of cryptography has three epochs: I. Conventional Cryptography as Art till 1949 Julius Caesar Cipher Kaisiski “ The Art of Deciphering” 1863, ... Gauss Vernam (AT&T) 1926, first perfect/unbreakable system II world ware 1945, Enigma, Hagelin .... Alan Turing Not widely known in convectional public literature: Jakob Alkindi Bagdad (801–873): "father of Islamic or Arabic philosophy“, Mathematician physician and musician. Presented mathematical tools for cryptanalysis: “Treaties on Extracting Cryptograms”, (Doc 4832 Sulaimania Library Istambul Turky) يقوب بن اسحق الكندي :رسائل في استخراج المعمى Other old cultures: Chines, Indian … crypto history !

5 Akindi’s Contribution in Cryptoanalysis (استخراج المعمى)
(scientific treatment 1000 years before Shannon’s modern entropy techniques) Introduced for the first time Determining the statistics of the frequency of letters in a particular natural language and made use of letter statistics to break a cipher by comparing the letter frequency in the cryptogram (showed an example of a text with 3667 letters) (for comparison: see Shannon’s Entropy Concept in page 17-19) Indicated the importance that cryptogram must be sufficiently long to attain good accuracy. Showed techniques for hiding information in an existing natural text as Steganography Alkindi’s treatise were dedicated to the government (Calif. In Bagdad Abu Al-abbas) Use of Cryptography was mainly to transfer confidential reports to the Caliph from the different wide spread areas of the Islamic rules territories (called “Bareed “ service) Ref.:

6 Akindi’s Cipher Classification (استخراج المعمى) (873 AD)
Classified different ciphering/deciphering techniques using a tree diagram Înteresting historical treatment on secret communication From the year 873

7 Scientific Epochs and Breakthrough in Cryptography
2. Modern scientific epoch: (1949) Shannon (AT&T) “A Mathematical Theory of Communication” Shannon’s Breakthrough in Communication Technology: Error-free transmission is possible on noisy channels! C= B log2 (1 + S/N) Shannon (AT&T) 'Communication Theory of Secrecy System proved mathematically that Vernam cipher is unbreakable Introduced the first modern scientific methodology in cryptography NO breakthrough in cryptography! 3. The breakthrough towards the modern Cryptology came in 1976 Diffie and Hellman introduced in 1976 the Public-Key Cryptography (Stanford University) Diffie Hellman ‘s Breakthrough in Cryptography: Secured transmission is possible on unsecured channels! Any new Breakthrough expected ? !

8 2. Is Security a Science, Art or Magic ?
BIG OPEN QUESTIONS 1. Is Security Measurable? 2. Is Security a Science, Art or Magic ? Question raised by James L. Massey Cryptography - Science or Magic? MIT, October 1, 2001, Running Time: 00:57:10

9 Two Major Security Tasks
Authentication Securely identify an entity Secrecy Keep data safe against illegal users Security tasks require to deploy Cryptographic mechanisms to be realized Cryptography is the science dealing with hiding information and data security questions

10 Secret Key Cryptography in Use
Conventional Secret Key Cryptography in Use Fundamental Concepts

11 Cryptography : Basic definetions
Attacker Crypto-analyser Channel Y = E (Ze,X) Cryptogram/Cipher text Message Clear text D (Zd,Y) Decryption Key Deciphering X Receiver Message X Sender Clear text Ciphering Encryption-Key E (Ze,X) Intruder Attacker Ze Zd

12 Cryptographic Attacks: Basic definetions
Type of attacks: Cipher text only attack Known plaintext attack Chosen plaintext attack Chosen ciphertext attack Chosen Cipher/Plain Text Attack: is mostly assumed as a basis to evaluate the quality of a cipher Kerckhoff’s Principle: A General system security evaluation assumption: Attacker knows everything but not the key !

13 Secret Key Crypto-System : mechanical analog
Key = Z Secret key agreement Key = Z Z SENDER RECEIVER Z Lock Message Message Z

14 Conventional Cryptography till 1976 : Secret Key systems
Known locks as Standard Ciphers Security rests on the Cipher Ciphering De-Ciphering Sender Receiver Y = E (Z,X) X E ( Z,X ) X D ( Z,Y ) Message Channel Message Secret Key = Z Z Secret Key Channel Z

15 Is Cryptographic Security Measurable ?
Yes and No ! Security measures adopted today: System is unconditionally secure (perfect) : System impossible to break with any means (whatever) One not very practical system is known ! Non-sceientific statement System is practically secure: System possible to break but with very huge means All modern practical systems fall under this category!

16 The Theory of “System Secrecy”
The Concept of Information Entropy: Shannon 1949 InformationSOURCE Output Examples: P : Probability function

17 The Theory of “System Secrecy”
Example for calculating information entropy The probability of Head is 0.5 and the probability of Tail is 0.5 too. If you get either head or tail you will get 1 bit of information : For instance, 0 denotes Head and 1 denotes Tail : vice versa flipping a fair coin The entropy for that case is = 1 2 Possibilities which are equally probable!

18 The Theory of “System Secrecy” Information Entropy: Shannon 1949
Amount of information in a message M having n possible combinations is defined by Shannon as “Entropy” H(M) where: over all n-possible messages Mi Maximum entropy if all n combinations are equally probable , that is Prob(Mi) = 1/n for any i, Hence: = n  ( 1/n log2 n ) = log2 n where n is the number of possible meanings Example 1: M = months of the year H(M) = log2 12  3.6 bits Example 2: 2k equally probable keys H(M) = log2 2k = k bits

19 The Theory of Secrecy Systems
Shannon 1949 If the entropy function for information source X: H (X) = -  pr(xi) . log2 pr(xi) {x} Then: 0  H (X)  log2 t (for t possibilities for message X) If the key entropy similarly is is H(Z) , then: Shannon Condition for Perfect Security is H (Z)  H (X) The key entropy (H(Z) for a key with k-bits if all key combinations are equally used: H(Z) = - 2k [ ( 1/2k ) . Log2 (1/2k) ] H (Z) = k In this case the necessary condition for Perfect Security is : k  H (X)

20 The only known Perfect Cipher: One-time-Pad OTP (Vernam Cipher)
Invented by Vernam (AT&T 1926) Proved later to be impossible to break by Shannon (AT&T 1949) Gilbert Vernam 1890 – 1960 (AT&T) Cipher Text X+Z Clear Text X Z + Clear Text X+Z+Z=X + Z !Addition in GF(2)! key-tape Use key just one time!! Random One Time secret Key Unconditional Secrecy if : Key length = Clear text length (Shannon 1949) H(z) > H(X)

21 Generalised One-Time Pad
System is also perfect for any Group < G, * > Cipher Text X*Z Clear Text X * Z * Z-1 =X Z-1 * Clear Text X * Z Key-tape One Time secret Key Key length = Clear text length !!! No key is repeatedly used!!

22 Improving Security by Message Compression
Enhance security by reducing redundancy Perfect security always possible iff: Key length = Clear text length that is K=N Idea: make K=N if N > K by reducing N trough data compression Compressed to k Bits Clear text X N Bits / N > K K / K / Ideal Compressor Cipher Cipher text / K Unconditionally Secure! Key

23 Unicity Distance: Minimum required ciphertext to break a cipher
Key equivocation function: H (Z|y1, y2, y3...yn) for non-randomized cipher Cipher Unicity Distance Information Redundancy Unicity Distance nu : is the minimum amount of ciphertext symbols which in principle can determin the secret key in a ciphertext only attack Or: Expected minimum amount of ciphertext needed for brute-force to break a cipher

24 (by increasing the unicity distance) Original Clear text N-Bits
Plain Text Padding technique to improve security (by increasing the unicity distance) As larger uniucity distance means higher security, therefore a technique is proposed to increase the unicity distance by appending random unknown clear text as follows: Original Clear text N-Bits How to reduce r without compression? N Bits Random pattern L Random Bits New clear text N+L Bits H(X) N‘= N +L New unicity distance: u n N N + L =

25 Compute the cipher‘s unicity distance nu and the clear text entropy.
Example: A block cipher having a key size of 128 bits is encrypting a clear text with a block length of 128 bits. The clear text redundancy is r=0.8. Compute the cipher‘s unicity distance nu and the clear text entropy. The „unicity distance was doubled by appending L random bits to the clear text block. Compute L and the new clear text entropy. After all the above cipher changes an observer was able to watch 1000 cipher text bits. Would the observer with unlimited resources theoretically be able to uniquely break the cipher in that case ? Give a reasoning for your answer. SDF2009

26 Solution: K= 128 Bits, H(x)=? Bits, r = 0.8 K
before 128 bits Data K= 128 Bits, H(x)=? Bits, r = 0.8 after 128 bits Data 128 random bits K r 1. Unicity distance nu = = 128/0.8 = 160 Bits (the cipher can be theoretically broken after 160 cipher bits) As r = [ N – H(x) ] / N => N . r = N – H(x) => entropy H(x) = N · (1-r) => H(x) = 128 · (1-0.8) = 25.6 Bits n‘u = [ ( N + L ) / N ] · nu 2 ∙ 160 = [( L ) / 128] · 160 => L = 128 Bits H‘(x) = L + H(x) = ,6 = bits 3. The observer can theoretically break the cipher as the number of the observed cryptogram bits (1000 bits) is more than the unicity distance (320 bits) of the cipher. 26

Download ppt "Ciphering and the Theory of Secrecy Systems"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.

CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
Ref. Cryptography: theory and practice Douglas R. Stinson

Ref. Cryptography: theory and practice Douglas R. Stinson
Shannon ’ s theory part II Ref. Cryptography: theory and practice Douglas R. Stinson.

Shannon ’ s theory part II Ref. Cryptography: theory and practice Douglas R. Stinson.
CS470, A.SelcukIntroduction1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIntroduction1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
CryptographyPerfect secrecySlide 1 Today What does it mean for a cipher to be: –Computational secure? Unconditionally secure? Perfect secrecy –Conditional.

CryptographyPerfect secrecySlide 1 Today What does it mean for a cipher to be: –Computational secure? Unconditionally secure? Perfect secrecy –Conditional.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Cryptography Week-6.

Cryptography Week-6.
EE5552 Network Security and Encryption block 4 Dr. T.J. Owens CEng MIET Dr T. Itagaki MIET, MIEEE, MAES.

EE5552 Network Security and Encryption block 4 Dr. T.J. Owens CEng MIET Dr T. Itagaki MIET, MIEEE, MAES.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Lecture 2 Overview.

Lecture 2 Overview.
Security in Computing Cryptography (Introduction) Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing.

Security in Computing Cryptography (Introduction) Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing.
Chapter 1 Introduction Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li

Chapter 1 Introduction Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li
T TT The Cryptography Istituto Tecnico Industriale “E.Divini” San Severino Marche.

T TT The Cryptography Istituto Tecnico Industriale “E.Divini” San Severino Marche.
One-Time Pad Or Vernam Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.

One-Time Pad Or Vernam Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.
Lec. 5 : History of Cryptologic Research II

Lec. 5 : History of Cryptologic Research II
1 Chapter 2-1 Conventional Encryption Message Confidentiality.

1 Chapter 2-1 Conventional Encryption Message Confidentiality.

Similar presentations

Ads by Google