Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography Cryptography is the technique of secret writing.

Published byAnna Porter Modified over 9 years ago

Similar presentations

Presentation on theme: "Cryptography Cryptography is the technique of secret writing."— Presentation transcript:

1 Cryptography Cryptography is the technique of secret writing.
A cipher is a method of secret writing. The purpose is to convert an intelligible message, referred to as plaintext, into apparently random nonsense text, referred to as ciphertext. The encryption process consists of an algorithm and a key. The algorithm will produce a different output depending on the specific key being used at the time.

2 Example Message: FIRE MISSILE K={2,1,3} Ciphertext: IMSEFESLRII F I R

3 Example Message: If you do not pay attention, probably, you will fail the course. Key= Ciphertext (produced by using AES): -----BEGIN PGP MESSAGE----- Version: PGP not licensed for commercial use: qANQR1DDDQQJAwLQSwllvgfi62DScAFQk+fIKa04Fxfuy7ROMNJTZ+iT1fVQTe3Z 7QVs/YxtZqfGEQev9OtSrPgK/FCGzBMut2PFZ7ChE0hhInETL2mZO7w0NN4aZRJo aPtraLPOwjCNMTLdYxcYzyAVx9cqlagAbTxbH2DIHNjZ+cs9WVI= =pN/e -----END PGP MESSAGE-----

4 Basic Definitions Plaintext: This is the original message or data that is fed into the algorithm as input Encryption Algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext. Secret Key: The secret key is also an input to the algorithm. The exact substitutions and transformations performed by the algorithm depend on the key. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and on the secret key. For a given message, two different keys will produce two different ciphertexts.

5 Basic Definitions Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the secret key and produces the origin plaintext. Ciphertext = cryptogram Cleartext = plaintext = message Ciphering= encryption Deciphering = decryption

6 Basic Terms plaintext - the original message
ciphertext - the coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintext cryptography - study of encryption principles/methods cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key cryptology - the field of both cryptography and cryptanalysis Briefly review some terminology used throughout the course.

7 7

8 There are two requirements for secure use of conventional encryption:
The opponent should be unable to decrypt a cryptogram or discover the key even if he or she is in possession of a number of cryptograms together with the plaintext that produced each cryptogram. Sender a receiver must have obtained copies of the secret key in a secure fashion and must keep the key secure. It is important to note that the security of conventional encryption depends on the secrecy of the key, not the secrecy of the algorithm The algorithm is supposed to be public.

9 Classification of Cryptographic systems
By the numbers of keys used If both sender and receiver use the same key, the system is referred to as symmetric (or single key, secret-key, conventional) cryptosystem If the sender and receiver each uses a different key, the system is referred to as asymmetric or two-key or public-key cryptosystem.

10 By the way in which the plaintext is processed
A block cipher processes the input one block of elements at a time, producing an output block for each input block.

11 By the way in which the plaintext is processed
A stream cipher processes the input elements continuously, producing output one element at a time, as it goes along.

12 Vernam’s Cipher + 1

13 Cryptanalysis The process of attempting to discover the plaintext or key is known as cryptanalysis. The strategy used by the cryptanalyst depends on the nature of the encryption scheme and the information available to the cryptanalyst. A cipher is breakable if is possible to determine systematically the key (or the plaintext) from pairs plaintext, ciphertext given.

14 Types of Cryptanalytic Attacks
ciphertext only only know algorithm / ciphertext, can identify plaintext known plaintext know/suspect plaintext & ciphertext to attack cipher chosen plaintext select plaintext and obtain ciphertext to attack cipher chosen ciphertext select ciphertext and obtain plaintext to attack cipher chosen text select either plaintext or ciphertext to en/decrypt to attack cipher

15 An encryption scheme is computationally secure if the ciphertext generated by the scheme meets one or both of the following criteria: The cost of breaking the cipher exceeds the value of the encrypted information. The time required to break the cipher exceeds the useful lifetime of the information. It is very difficult to estimate the amount of effort required to cryptanalize ciphertext successfully. However, assuming there are no inherent mathematical weaknesses in the algorithm, then a brute-force approach is indicated, and here we can make some reasonable estimates about costs and time

16 Brute Force Attack A brute-force approach involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. most basic attack, proportional to key size assume either know / recognise plaintext

17 Assuming 1E12 Decryptions / sec 17

18 An encryption scheme is unconditionally secure if the ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext is available. That is, no matter how much computational power an opponent has, it is impossible for him or her to decrypt the cyphertext, simply because the required information is not there. With the exception of a scheme known as the one-time pad, there is no encryption algorithm that is unconditionally secure.

19 Ci= Mi Ki Mi= Ci Ki K1K2……. is a random key as long as the message. The key cannot be repeated. This scheme produces a random output (ciphertext) that does not have statistical relation with the plaintext. The practical difficulty with this method is that the sender and receiver must be in possession of, and protect, the random key. One-time pads have applications in today’s world, primarily for ultra-secure low-bandwith channels.

20 unconditional security
no matter how much computer power is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext computational security given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken Unconditional security would be nice, but the only known such cipher is the one-time pad (later). For all reasonable encryption algorithms, have to assume computational security where it either takes too long, or is too expensive, to bother breaking the cipher.

21 Classical Substitution Ciphers
where letters of plaintext are replaced by other letters or by numbers or symbols or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns In this section and the next, we examine a sampling of what might be called classical encryption techniques. A study of these techniques enables us to illustrate the basic approaches to symmetric encryption used today and the types of cryptanalytic attacks that must be anticipated. The two basic building blocks of all encryption techniques: substitution and transposition. We examine these in the next two sections. Finally, we discuss a system that combine both substitution and transposition.

22 Caesar Cipher Message: meet me after the toga party
A substitution cipher is one in which the letters of plaintext are replaced by other letters or by numbers or symbols. The Caesar cipher involves replacing each letter of the alphabet with the letter standing three places further down the alphabet. For example: Rule (algorithm) a b c d e f g h i j k l m n o p q r s t u v w x y z d e f g h i j k l m n o p q r s t u v w x y z a b c Message: meet me after the toga party Ciphertext: phhw ph diwhu wkh wrjd sduwb

23 Caesar Cipher If we assign a numerical equivalent to each letter (a=0, b=1,.., z=25), then the algorithm can be expressed as follows: C= E(P)= (p+3) modulo 26, Where p is a letter (i.e. a number between 0 and 25) and C=E(P) is the corresponding ciphertext. The decryption algorithm is as follows: P=D(C)=(C-3) modulo 26. The “key space” has 25 elements, i.e. There are 25 possible keys.

24 Caesar Cipher can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y Z then have Caesar cipher as: C = E(P) = (P + k) mod (26) p = D(C) = (C – k) mod (26) This mathematical description uses modulo arithmetic (ie clock arithmetic). Here, when you reach Z you go back to A and start again. Mod 26 implies that when you reach 26, you use 0 instead (ie the letter after Z, or goes to A or 0). Example: howdy (7,14,22,3,24) encrypted using key f (5) is MTBID

25 Cryptanalysis of Caesar Cipher
only have 26 possible keys! a brute force attack given ciphertext, just try all shifts of letters do need to recognize when have plaintext eg. break ciphertext "GCUA VQ DTGCM" With a caesar cipher, there are only 26 possible keys, of which only 25 are of any use, since mapping A to A etc doesn't really obscure the message! cf. basic rule of cryptanalysis "check to ensure the cipher operator hasn't goofed and sent a plaintext message by mistake"! Can try each of the keys (shifts) in turn, until can recognise the original message. See Stallings Fig 2.3 for example of search. Note: as mentioned before, do need to be able to recognise when have an original message (ie is it English or whatever). Usually easy for humans, hard for computers. Though if using say compressed data could be much harder. Example "GCUA VQ DTGCM" when broken gives "easy to break", with a shift of 2 (key C).

26 Monoalphabetic Cipher
rather than just shifting the alphabet could shuffle the letters arbitrarily each plaintext letter maps to a different random ciphertext letter The “cipher” line can be any permutation of the 26 alphabetic characters.

27 Keyphrase “THE HILLS ARE ALIVE”
B H C E D I L F S G R V J K M N O P Q U W X Y Z Keyphrase “THE HILLS ARE ALIVE”

28 Monoalphabetic Cipher Security
Now have a total of 26! = keys =4 x E26 Keys with so many keys, might think is secure ! !WRONG! The problem is language characteristics

29 Language Redundancy and Cryptanalysis
letters are not equally commonly used in English e is by far the most common letter then T,R,N,I,O,A,S other letters are fairly rare cf. Z,J,K,Q,X have tables of single, double & triple letter frequencies As the example shows, we don't actually need all the letters in order to understand written English text. Here vowels were removed, but they're not the only redundancy. cf written Hebrew has no vowels for same reason. Are usually familiar with "party conversations", can hear one person speaking out of hubbub of many, again because of redundancy in aural language also. This redundancy is also the reason we can compress text files, the computer can derive a more compact encoding without losing any information. Basic idea is to count the relative frequencies of letters, and note the resulting pattern.

30 English Letter Frequencies
This graph is based on counts done at ADFA in the late 1980's, and used to develop the tables published in Seberry & Pieprzyk [SEBE89]. Note that all human languages have varying letter frequencies, though the number of letters and their frequencies varies. Seberry & Pieprzyk [SEBE89] Appendix A has graphs for 20 languages (most European & Japanese & Malay).

31 Use in Cryptanalysis key concept - monoalphabetic substitution ciphers do not change relative letter frequencies calculate letter frequencies for ciphertext compare frequencies against known values tables of common double/triple letters help The simplicity and strength of the monoalphabetic substitution cipher meant it dominated cryptographic use for the first millenium AD. It was broken by Arabic scientists. The earliest known description is in Abu al-Kindi's "A Manuscript on Deciphering Cryptographic Messages", published in the 9th century but only rediscovered in 1987 in Istanbul, but other later works also attest to their knowledge of the field.

32 Example Cryptanalysis
given ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ count relative letter frequencies P 13.33 H 5.83 F 3.33 B 1.67 C 0.00 Z D 5.00 W 3.33 G 1.67 K 0.00 S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00 U 8.33 V 4.17 T 2.50 I 0.83 N 0.00 O 7.50 X 4.17 A 1.67 J 0.83 R M 6.67

33 Example Cryptanalysis
guess P and Z are e and t guess ZW is th and hence ZWP is the proceeding with trial and error finally get: it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the vietcong in moscow Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original alphabet.

34 Polyalphabetic Ciphers
another approach to improving security is to use multiple cipher alphabets makes cryptanalysis harder with more alphabets to guess and flatter frequency distribution use a key to select which alphabet is used for each letter of the message use each alphabet in turn repeat from start after end of key is reached Vigenère Cipher One approach to reducing the "spikyness" of natural language text is used the Playfair cipher which encrypts more than one letter at once. We now consider the other alternative, using multiple cipher alphabets in turn. This gives the attacker more work, since many alphabets need to be guessed, and because the frequency distribution is more complex, since the same plaintext letter could be replaced by several ciphertext letters, depending on which alphabet is used.

35 Example write the plaintext out write the keyword repeated above it
use each key letter as a caesar cipher key encrypt the corresponding plaintext letter eg using keyword deceptive key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

36 Security of Vigenère Ciphers
The key must be used several times for encrypting long messages. So the key becomes a periodic sequence. By determining the size of the key, the cryptanalysis is reduced to the case of several Caesar ciphers.

37 One-Time Pad If a truly random key ( with no petitions) as long as the message is used, the cipher will be secure. This scheme is know as One-Time pad Because the ciphertext contains no information whatsoever about the plaintext, there is simply no way to break the code. There is the practical problem of making large quantities of random keys. Any heavily used system might require millions of random characters on a regular basis. Supplying truly random characters is a significant task. The key cannot be reused. The safe distribution of keys is a big problem. The one-time pad is used primarily for low-bandwidth channels requiring very high security. The One-Time Pad is an evolution of the Vernham cipher, which was invented by Gilbert Vernham in 1918, and used a long tape of random letters to encrypt the message. An Army Signal Corp officer, Joseph Mauborgne, proposed an improvement using a random key that was truly as long as the message, with no repetitions, which thus totally obscures the original message. Since any plaintext can be mapped to any ciphertext given some key, there is simply no way to determine which plaintext corresponds to a specific instance of ciphertext.

Download ppt "Cryptography Cryptography is the technique of secret writing."

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Cryptography and Network Security Chapter 2

Cryptography and Network Security Chapter 2
Cryptography and Network Security Chapter 2. Chapter 2 – Classical Encryption Techniques Many savages at the present day regard their names as vital parts.

Cryptography and Network Security Chapter 2. Chapter 2 – Classical Encryption Techniques Many savages at the present day regard their names as vital parts.
Announcement Grading adjusted –10% participation and two exams 20% each Newsgroup up Assignment upload webpage up Homework 1 will be released over the.

Announcement Grading adjusted –10% participation and two exams 20% each Newsgroup up Assignment upload webpage up Homework 1 will be released over the.
CSCE 790G: Computer Network Security

CSCE 790G: Computer Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
Chapter 2 – Classical Encryption Techniques. Classical Encryption Techniques Symmetric Encryption Or conventional / private-key / single-key sender and.

Chapter 2 – Classical Encryption Techniques. Classical Encryption Techniques Symmetric Encryption Or conventional / private-key / single-key sender and.
Review What is security: history and definition Security policy, mechanisms and services Security models.

Review What is security: history and definition Security policy, mechanisms and services Security models.
Classical Encryption Techniques

Classical Encryption Techniques
Overview of Cryptographic Techniques Hector M Lugo-Cordero CIS 4361 Secure Operating System Administration 1.

Overview of Cryptographic Techniques Hector M Lugo-Cordero CIS 4361 Secure Operating System Administration 1.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
SYMPATRIC ENCRYPTION L.Tahani Al jehani. Introduction  Definition  Cryptography, a word with Greek origins, means “secret writing”.  It refers to the.

SYMPATRIC ENCRYPTION L.Tahani Al jehani. Introduction  Definition  Cryptography, a word with Greek origins, means “secret writing”.  It refers to the.
Cryptography Week-6.

Cryptography Week-6.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Cryptography. Secret (crypto) Writing (graphy) –[Greek word] Practice and study of hiding information Concerned with developing algorithms for: –Conceal.

Cryptography. Secret (crypto) Writing (graphy) –[Greek word] Practice and study of hiding information Concerned with developing algorithms for: –Conceal.
Dr. Lo’ai Tawalbeh 2007 Chapter 2: Classical Encryption Techniques Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007 INCS.

Dr. Lo’ai Tawalbeh 2007 Chapter 2: Classical Encryption Techniques Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Chapter 2 Classical Encryption Techniques. Symmetric Encryption n conventional / private-key / single-key n sender and recipient share a common key n.

Chapter 2 Classical Encryption Techniques. Symmetric Encryption n conventional / private-key / single-key n sender and recipient share a common key n.
Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Similar presentations

Ads by Google