Download presentation
Presentation is loading. Please wait.
Published byFrancine Carson Modified over 9 years ago
1
A Cryptography Tutorial Jim Xu College of Computing Georgia Tech http://www.cc.gatech.edu/~jx
2
Why Cryptography? Network information needs to be communicated through insecure channel. Stored information may be accessed without proper authorization. Cryptography is a systematic way to make that harder.
3
Common Security Requirements Secrecy(encryption) Authenticity(signature/encryption) Integrity (signature/encryption) Non-repudiation (signature)
4
What Cryptography can do? Encryption: only the authorized party can understand the encrypted message. Signature: allow people to verify the authenticity of the message.
5
Classical Cryptography Shift Cipher (a special case used by Caesar) Substitution Cipher Affine Cipher Vigenere Cipher Hill Cipher Permutation Cipher
6
Cryptoanalysis Ciphertext-only attack Known plaintext attack Chosen plaintext attack Adaptive Chosen plaintext attack
7
Cryptoanalysis Shift Cipher: English histogram Substitution Cipher: histogram again Affine Cipher: histogram Vigenere Cipher: more complicated stat Hill Cipher: Known plaintext attack Permutation Cipher: histogram + semantics
8
Frequency of Letter Occurance
9
How to achieve perfect secrecy? One-pad: have a key as long as the plaintext For example, shift cipher is perfectly secure if the key is random and it is only used to encrypt one character! Spurious keys: S(n) >= |K|/(|P|^(n*R))-1 Unicity distance: that n to make S(n) zero
10
Modern Cryptography Two broad classes –1. Shared-key cryptography –2. Public-key cryptography
11
Shared-key cryptography Rooted in computational complexity Sender has M Sender sends (M XOR f(x, k), x) f is a random function Algorithms: –DES, Various fishes, Lucifer, Fiestel, AES standards (Rijendel),...
12
DES A round can be described as: –L i = R i-1 The key generation is performed –An initial permutation PC1 which selects 56 bits and divide them in two halves –In each round Select 24 bits from each half using a permutation function PC2 Rotate left each half by one or two position
13
Rich theory on pseudorandomness Pseudorandom number/bit generator Pseudorandom functions (ideal cryptographic hash functions) Stretch a small completely random string into a longer but less random string Though less random, indistinguishable to “naked eyes”
14
Public Key Cryptography Public/private key pair Only the owner knows the private key, but everyone knows the public key If the message is encrypted with the private key, then everyone with the public key can recover the message, but only the owner can generate the encrypted message
15
Continued If the message is encrypted with the public key, only the owner can decrypted it using its private key The first property can be used for signature and the second property can be used for encryption.
16
Digital signature Sender sends M, T=E(hash(M), private) The receiver compares E(T, public) and compares it with hash(M) M is considered genuine if they match
17
RSA Find two big prime numbers p and q Let B = p*q Choose private key C to be a number that is coprime with (p-1)*(q-1) Choose public key D such that C*D=1 mod (p-1)*(q-1)
18
Continued Encrypt M: T=M^C (or M^D) Decrypt M: M = T^D (or T^C) Theorem: (M^C)^D = M mod B Why: all the numbers that is coprime with B form a group, and the size of that group is (p-1)(q-1)
19
Security of RSA Hinge upon how hard the factorization is If one can break down B into p and q then finding C: C*D = 1 mod (p-1)(q-1) is easy Factorization is found to be quite hard, at least for now.
20
Cryptographic Protocols System needs are more complicated than what the primitives can provide Improperly designed, be broken even if none of the underlying primitives are broken Hard to check whether it is properly designed (proof logic/model checking/theorem proving methods are involved)
21
Key exchange Diff-Hellman Based on the assumption that knowing prime p and p^n, finding n will be hard Allow two party to share a key A senders B p^a and remembers a B senders A p^b and remembers b Both sides can generate p^(ab) Third party can not do that!
22
Man in the middle C can establish a key with both A and B, by posing as B and A respectively Solution: introduce public key or using return address as authentication method
23
Public Key Infrastructure Need this infrastructure to prevent A from claiming that B uses the public key that A generates Both hierachical and flat infrastructure are proposed Revocation list a major headache
24
Advanced Issues Group encryption/signature Forward security Everlasting security
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.