Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITS 451 – Crypto Basics1 Cryptography. ITS 451 – Crypto Basics2 A simple example… Text: U-M ASCII Encoded: 01010101 00101101 01001101 “Encoding” refers.

Published byStuart Hodge Modified over 9 years ago

Similar presentations

Presentation on theme: "ITS 451 – Crypto Basics1 Cryptography. ITS 451 – Crypto Basics2 A simple example… Text: U-M ASCII Encoded: 01010101 00101101 01001101 “Encoding” refers."— Presentation transcript:

1 ITS 451 – Crypto Basics1 Cryptography

2 ITS 451 – Crypto Basics2 A simple example… Text: U-M ASCII Encoded: 01010101 00101101 01001101 “Encoding” refers to convenient reformatting. No secrecy here. Call it plaintext. Let’s “Encrypt” it, i.e. hide its meaning from nosy 3 rd parties.

3 ITS 451 – Crypto Basics3 A simple example… Let’s generate 24 random bits, call it a key. –Say, by coin flips. –Tails  1. Heads  0 -------- -------- -------- 01010101 00101101 01001101 For each bit, if the same, result is 0. If they’re different, result is 1. This is the XOR (exclusive OR) function.

4 ITS 451 – Crypto Basics4 A simple example… _ _ _ _ _ _ _ _ _ _ _ _ The result is an encrypted string. Call it ciphertext. This simple XOR method is unbreakable. –Even by the CIA or NSA or Microsoft. –Even by the most hard working hacker. IF…

5 ITS 451 – Crypto Basics5 Simple XOR To decrypt, need to know: –That simple XOR is in use. –The key pattern. Strength of the system depends on: –Secrecy of the key

6 ITS 451 – Crypto Basics6 Encryption Generally, you need to understand the process and have the key. In the Practical Cryptography’s notation: c := E(K e, m)

7 ITS 451 – Crypto Basics7 Decrypting Undoing the encryption is easy for this simple example. -------- -------- -------- Once more: For each bit, if the same, result is 0. If they’re different, result is 1. This is the XOR (exclusive OR) function.

8 ITS 451 – Crypto Basics8 Decryption Generally, you need to understand the encryption method and have the key. In the Practical Cryptography’s notation: m := D(K e, c) We have assumed the same key is used for encryption and decryption.

9 ITS 451 – Crypto Basics9 Secrecy of XOR Example? Unbreakable, if: –Key remains secret –Key never reused

10 ITS 451 – Crypto Basics10 SKE Using the same key for both encryption and decryption is called SKE: –Symmetric Key Encryption –Secret Key Encryption

11 ITS 451 – Crypto Basics11 SKE – The Whole Thing

12 ITS 451 – Crypto Basics12 PCs Changed The World Evolution of encryption methods: –Pencil & paper –Machines, e.g. German Enigma –Computers, e.g. PC Computers allow much more sophisticated methods. Internet allows rapid dissemination of information, including computer code, algorithms, commentary, and analysis.

13 ITS 451 – Crypto Basics13 Kerckhoffs’ Principle Genuine security lies in keeping the key secret, not in keeping the process secret. Why? –Public algorithms have public analysis. –Weaknesses are publicly exposed. Analogous to open source software. This is a machine era notion.

14 ITS 451 – Crypto Basics14 How can I attack SKE? For any encryption scheme there are two strategies: Brute Force and Analytic Attacks. Brute Force –I know the algorithm, so I just try different keys until I get lucky. –Highly dependent on machine power. »The bigger the “key space” the more tries it takes to get lucky.

15 ITS 451 – Crypto Basics15 Moore’s Law Often quoted as “Computers double in speed every two years.” –Gordon Moore noted exponential growth in the # of transistors per integrated circuit. –1965 A brute force attack that takes 8 days with current technology will take 4 days in two years…?!? – Practical Cryptography suggests 50-year horizon…

16 ITS 451 – Crypto Basics16 “Computationally Impractical” You know what to do and can write a program to do it, but the program takes so long to run that it’s effectively useless.

17 ITS 451 – Crypto Basics17 Analytic Attack Instead of systematically trying all the keys, we attempt to determine the key based on: –The ciphertext –What we know about the plaintext –What we know about the algorithm

18 ITS 451 – Crypto Basics18 Symmetric Key Encryption

19 ITS 451 – Crypto Basics19 The Problem with SKE The intended recipient must know the process and have the key. A cracker seeks these, too. The problem, then, is to get the key to the recipient. –Worse if you communicate with many people! The Key Distribution Problem

20 ITS 451 – Crypto Basics20 Some Key Distribution Solutions “One time pads.” –Run out eventually. Keep using the same key. –Every transmission provides data for crackers. Transmit new keys using old keys. –Or have a special key used only for transmission of new keys.

21 ITS 451 – Crypto Basics21 Some Key Distribution Solutions Couriers –Can be intercepted/bribed. Algorithmic key construction –Key based on day of month –Key based on readily available data »from newspapers? radio broadcast? Special hardware for key construction

22 ITS 451 – Crypto Basics22 Gotcha If the key is secret, SKE can be made very secure. –long keys –complex processes Weakness is the necessity to distribute the key.

23 ITS 451 – Crypto Basics23 SKE & Big Five Attributes of Security Availability – Need to make sure algorithm isn’t too computationally onerous. Integrity – Will mostly handle separately. If key uncompromised & algorithm chosen well: –Confidential – Sure. –Authenticated – Sure. –Non-repudiated – Sure.

24 ITS 451 – Crypto Basics24 PKE - Public Key Encryption Suppose we could encrypt and decrypt with different, but uniquely corresponding keys. The public key is public – –Hand it out freely –Post it on web –Email it to your friends The private key is private – –Guard it closely. aka Asymmetric Key Encryption

25 ITS 451 – Crypto Basics25 PKE, More Formally The ciphertext is based on the recipient’s public key: –c := E(P Bob, m) The decryption process uses the recipient’s private key: –m := D(S Bob, c) This means: –m = D(S Bob, E(P Bob, m)) Always.

26 ITS 451 – Crypto Basics26 PKE, Graphically

27 ITS 451 – Crypto Basics27 The Secrecy Here...... is in the keys. Usually the processes themselves are publicly available. Most commonly used: –RSA »Rivest, Shamir and Adleman

28 ITS 451 – Crypto Basics28 Message Authentication You can encrypt using either key of the pair. You then decrypt with its partner. If you can decrypt using my public key, the encryption must have been done with my private key. If I can decrypt using my private key, the encryption must have been done with my public key.

29 ITS 451 – Crypto Basics29 Hash Functions Consider this text: “John went to OSU.” Count the occurrences of the letters. a b c d e f g h i j k l m n

30 ITS 451 – Crypto Basics30 Another simple example… Text: U-M ASCII Encoded: 01010101 00101101 01001101

31 ITS 451 – Crypto Basics31 Another simple example… Let’s XOR them sequentially: 01010101 00101101 01111000 01001101 00110101 What’s the connection between “U-M” and 00110101? Let’s call this function H for hash. –00110101 = H(“U-M”)

32 ITS 451 – Crypto Basics32 Another simple example… It’s not unique. –Other strings give 00110101 as their H value. »Easy to find others. »Note:  There are 2 8 (= 256) 8-bit strings.  There are an infinite number of possible text strings.

33 ITS 451 – Crypto Basics33 Another simple example… It’s not reversible. –Given 00110101, it’s not possible to say “this came from ‘U-M’”. »Easy to find others.

34 ITS 451 – Crypto Basics34 Suppose H(“U-M”) = MD5(“U-M”) = c57b94ee2455d6932eae85efa2bfc091 This is the MD5 function. –All input strings produce 16-byte output, usually written as hex string. »MD5(451 syllabus) = 86721e0212256155e170a413a899a76a –Not unique, but ‘computationally impractical’ to find others. –Not reversible except by trial & error.

35 ITS 451 – Crypto Basics35 What Good Is It? Error Detection –Transmit block of data, append MD5. –Recipient calculates MD5, compares.

36 ITS 451 – Crypto Basics36 Suppose We have a document: important, but not necessarily confidential. I do this: –Compute the MD5 digest. –Encrypt the digest with my private PKE key. –Call the result a signature.

37 ITS 451 – Crypto Basics37 Then you… You get the document & signature. You can… –Compute the MD5 digest of the file. –Decrypt the signature file using my public PKE key, yielding a message digest. –Compare the two. This means… what?

38 ITS 451 – Crypto Basics38 ITS 453 – Encrypted Communication How, when, where to use encryption methods. –What protocol layer? –What specific encryption techniques? –Solving key distribution problems.

39 ITS 451 – Crypto Basics39 ITS 453 – Encrypted Communication Basics of encryption, hash functions. –NSA, RSA, etc. PGP: encrypted files / digital signatures Public Key Infrastructure –Trust arrangements –Digital certificates, etc. Authentication –Kerberos WEP / WPA wireless encryption

Download ppt "ITS 451 – Crypto Basics1 Cryptography. ITS 451 – Crypto Basics2 A simple example… Text: U-M ASCII Encoded: 01010101 00101101 01001101 “Encoding” refers."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Copyright Justin Klein Keane InfoSec Training Encryption.

Copyright Justin Klein Keane InfoSec Training Encryption.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies

Cryptographic Technologies
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Similar presentations

Ads by Google