Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS457 – Introduction to Information Systems Security Cryptography 1a Elias Athanasopoulos

Published byLeo McKenzie Modified over 9 years ago

Similar presentations

Presentation on theme: "CS457 – Introduction to Information Systems Security Cryptography 1a Elias Athanasopoulos"— Presentation transcript:

1 CS457 – Introduction to Information Systems Security Cryptography 1a Elias Athanasopoulos elathan@ics.forth.gr

2 Cryptography Elements SSymmetric Encryption -B-Block Ciphers -S-Stream Ciphers AAsymmetric Encryption CCryptographic Hash Functions AApplications CS-457Elias Athanasopoulos2

3 Computer Security “ The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/ data, and telecommunications). ” CS-457Elias Athanasopoulos3

4 CIA  C onfidentiality - Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. - Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.  I ntegrity - Data integrity: Assures that information and programs are changed only in a specified and authorized manner. - System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.  A vailability - Assures that systems work promptly and service is not denied to authorized users. CS-457Elias Athanasopoulos4

5 An Example CS-457Elias Athanasopoulos5 Confidentiality: Bad guys cannot see messages Integrity: Bad guys cannot change messages Availability: The system is operational System/Service Communication

6 How to achieve CIA?  Crypto algorithms - “Hide” messages, sign messages, provide guarantees about sent/received messages, etc.  Secure systems - Apply Crypto concepts in protocols, systems, etc.  Software defenses - Ensure that software is not manipulated CS-457Elias Athanasopoulos6

7 CS-457Elias Athanasopoulos7

8 Cryptographic Jargon  Plaintext - This is the original intelligible message or data that is fed into the algorithm as input.  Encryption algorithm - The encryption algorithm performs various substitutions and transformations on the plaintext.  Secret key - The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time.  Ciphertext: - This is the scrambled message produced as output. It depends on the plaintext and the secret key.  Decryption algorithm - This is essentially the encryption algorithm run in reverse. CS-457Elias Athanasopoulos8

9 NOT Security via Obscurity  The encryption/decryption algorithm is assumed to be known  Security is based on - Secrecy of the key - Hard to infer the plaintext via the ciphertext by just knowing the key  Cryptanalysis - Infer the plaintext from ciphertext without knowing the key CS-457Elias Athanasopoulos9

10 Symmetric Encryption CS-457Elias Athanasopoulos10

11 Caesar Cipher CS-457Elias Athanasopoulos11

12 CS-457Elias Athanasopoulos12 Key: 3

13 Or… Plain: abcdefghijklmnopqrstuvwxyz Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC CS-457Elias Athanasopoulos13

14 Encrypting a message Plain: meet me after the toga party Cipher: PHHW PH DIWHU WKH WRJD SDUWB CS-457Elias Athanasopoulos14

15 CS-457Elias Athanasopoulos15 Simple Brute Force attack: we need to try 25 different keys.

16 Increase the key space  Permutations: {a, b, c} - abc, acb, bac, bca, cab, cba  Size: 6 (or 3! ~ 1*2*3) - In general the size is n! (n is the size of the set)  For the alphabet: 26! CS-457Elias Athanasopoulos16

17 CS-457Elias Athanasopoulos17 Frequency Analysis

18 Example UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPES XUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ CS-457Elias Athanasopoulos18

19 Count Frequencies CS-457Elias Athanasopoulos19

20 Compare with English CS-457Elias Athanasopoulos20

21 And try… CS-457Elias Athanasopoulos21

22 Voila! CS-457Elias Athanasopoulos22

23 One-Time Pad Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS key: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih plaintext: mr mustard with the candlestick in the hall Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS key: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih plaintext: miss scarlet with the knife in the library Key = Size of message CS-457Elias Athanasopoulos23

24 Transposition CS-457Elias Athanasopoulos24

25 Modern Symmetric Ciphers  DES, 3DES, and AES - AES is the dominant one, today  Based on - Substitutions and transpositions  Very complex  Type - Block - Stream CS-457Elias Athanasopoulos25

26 Block vs Stream  Block cipher - one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. Typically, a block size of 64 or 128 bits is used.  Stream cipher - one that encrypts a digital data stream one bit or one byte at a time. CS-457Elias Athanasopoulos26

27 Block Cipher CS-457Elias Athanasopoulos27

28 Stream Cipher CS-457Elias Athanasopoulos28

29 Block cipher  Plaintext of n bits produces a ciphertext of n bits - Block size: n bits  Space of different plaintext blocks: 2^n - Each block must be unique CS-457Elias Athanasopoulos29

30 Encryption should be reversible CS-457Elias Athanasopoulos30

31 General n-bit-n-bit Block (n = 4) CS-457Elias Athanasopoulos31

32 Decryption/Encryption CS-457Elias Athanasopoulos32

33 Problems  Vulnerable to statistical attacks - Small blocks can take limited transformations - Increase n  Key size: 4 bits * 16 rows - In general: n * 2^n - Approximate the ideal case CS-457Elias Athanasopoulos33

34 Feistel Cipher  Goal - Approximate the ideal cipher - Reduce statistical properties between plaintext, ciphertext, and key(s)  Difussion - Each plaintext digit affect the value of many ciphertext digits  Confusion - The statistics of the ciphertext and the value of the encryption key is as complex as possible CS-457Elias Athanasopoulos34

35 Feistel Cipher CS-457Elias Athanasopoulos35 Substitution: right part is transformed by F(Ki) and XORed with left part. Permutation: right part swapped with left part.

36 Properties  Block size: - Larger block sizes mean greater security but reduced encryption/decryption speed for a given algorithm. A block size of 64 bits is reasonable tradeoff. AES uses a 128-bit block size.  Key size: - Larger key size means greater security but may decrease encryption/ decryption speed. Key sizes of 64 bits or less are now widely considered to be inadequate, and 128 bits has become a common size. CS-457Elias Athanasopoulos36

37 Properties  Number of rounds: - The essence of the Feistel cipher is that a single round offers inadequate security but that multiple rounds offer increasing security. A typical size is 16 rounds.  Subkey generation algorithm: - Greater complexity in this algorithm should lead to greater difficulty of cryptanalysis.  Round function F: - Again, greater complexity generally means greater resistance to cryptanalysis. CS-457Elias Athanasopoulos37

38 Extra (desired) properties  Fast software encryption/decryption: - In many cases, encryption is embedded in applications or utility functions in such a way as to preclude a hardware implementation.  Ease of analysis: - There is great benefit in making the algorithm easy to analyze. It is easier to analyze that algorithm for cryptanalytic vulnerabilities and therefore develop a higher level of assurance as to its strength. DES, for example, does not have an easily analyzed functionality. CS-457Elias Athanasopoulos38

39 Block modes CS-457Elias Athanasopoulos39 ModeDescriptionTypical Application Electronic Codebook (ECB)Each block of 64 plaintext bits is encoded independently using the same key. Secure transmission of single values (e.g., an encryption key) Cipher Block Chaining (CBC) The input to the encryption algorithm is the XOR of the next 64 bits of plaintext and the preceding 64 bits of ciphertext. General-purpose block- oriented transmission Authentication

Download ppt "CS457 – Introduction to Information Systems Security Cryptography 1a Elias Athanasopoulos"

Similar presentations

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
Cryptography and Network Security

Cryptography and Network Security
CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos

CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos
Announcement Grading adjusted –10% participation and two exams 20% each Newsgroup up Assignment upload webpage up Homework 1 will be released over the.

Announcement Grading adjusted –10% participation and two exams 20% each Newsgroup up Assignment upload webpage up Homework 1 will be released over the.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
ICS 454: Principles of Cryptography

ICS 454: Principles of Cryptography
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Review What is security: history and definition Security policy, mechanisms and services Security models.

Review What is security: history and definition Security policy, mechanisms and services Security models.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Similar presentations

Ads by Google