Presentation is loading. Please wait.

Presentation is loading. Please wait.

15-349 Introduction to Computer and Network Security Iliano Cervesato 24 August 2008 – Introduction to Cryptography.

Published byDorcas Newton Modified over 9 years ago

Similar presentations

Presentation on theme: "15-349 Introduction to Computer and Network Security Iliano Cervesato 24 August 2008 – Introduction to Cryptography."— Presentation transcript:

1 15-349 Introduction to Computer and Network Security Iliano Cervesato 24 August 2008 – Introduction to Cryptography

2 2 Where we are  Course intro  Cryptography  Intro to crypto  Modern crypto  Symmetric encryption  Asymmetric encryption  Beyond encryption  Cryptographic protocols  Attacking protocols  Program/OS security & trust  Networks security  Beyond technology

3 3 Outline  Basic concepts  Protecting information  Goals of cryptography  Brief history  Cryptographic toolbox (preview)  Cryptanalysis  Traditional attack models  Side-channel attacks  Early ciphers  Substitution ciphers  Transposition ciphers

4 4 Confidentiality of Communication Implement a virtual trusted channel over an insecure medium ED

5 5 Confidentiality of storage Implement a virtual trusted safebox over an insecure storage medium E

6 6 Insecure Channels External observer can  Read traffic  Interception  Inject new traffic  Fabrication  Block traffic … (sometimes)  Interruption  Modify traffic … (sometimes)  Modification Active attack Passive attack

7 7 Representing Data  Divide data into blocks  Character, records, …  Represent each block by a number  E.g., ASCII  Why?  Cryptography is based on mathematics

8 8 Encryption and Decryption E, D realize a virtual trusted channel E D Message (cleartext, plaintext) Message (cleartext, plaintext) Encrypted message (ciphertext) Encrypted message (ciphertext) EncryptionDecryption X X

9 9 Keys What are E and D?  Channel-specific algorithm  Requires a lot of algorithms  Hard  Universal algorithms  Parameterized by key  Easier –1 algorithm –Large space of keys E ms E ms k

10 10 Classical Cryptography E, D realize a virtual trusted channel, given key E D Message (cleartext, plaintext) Message (cleartext, plaintext) Encrypted message (ciphertext) Encrypted message (ciphertext) EncryptionDecryption key X X

11 11 Goals of Cryptography Not just about confidentiality!  Integrity  Digital signatures  Hash functions  Non-repudiation, fair exchange  Contract signing  Anonymity  Electronic cash  Electronic voting  … Non-goals  Denial of service

12 12 A Brief History of Cryptography  ~2000 years ago: Substitution ciphers  A few centuries later: Transposition ciphers  Renaissance: Polyalphabetic ciphers  1844: Mechanization  1976: Public-key cryptography

13 13 Substitution Ciphers Replace each letter with another  Key: substitution table  How to break it?  Brute force? 26! possibilities (= 4x10 26 )  Count the frequencies of letters, pairs, …  Koran was tabulated by 1412  Ciphertext is enough: ciphertext-only attack  Example: A  C B  E D  F … X  A Y  B Z  C Caesar’s cipher: QVAQBCWZQRLWDVEFW V  X W  M X  T Y  J Z  P O  S P  R Q  I R  D S  U T  Y U  K H  L I  Q J  N K  H L  F M  A N  B A  V B  E C  Z D  C E  W F  G G  O IAMINDECIPHERABLE

14 14 Renaissance Ciphers Use message and key letters for cipher  Key: a word ( CRYPTO )  Example:  Polyalphabetic cipher:  Encryption of letter is context-dependent  Seed of modern cryptography CRYPTOCRYPTOCRYPT WHATANICEDAYTODAY ZZZJUCLUDTUNWGCQS + (mod 26)

15 15 Book Ciphers Same thing but with very long key  Key: a poem, a book, … ( TOBEORNOTTOBETHATISTHEQUESTION… )  Example:  … there are not all that many famous books, poems, etc. TOBEORNOTTOBETHAT WHATANICEDAYTODAY PVBXOEVQXWOZXHKAR + (mod 26)

16 16 One-Time Pad Same thing, but now key is a infinite random string  Example:  This is a perfect cipher  How to remember/transmit the key??  Short key stretched by means of a random number generator  Vernam cipher  Use  (xor) to combine key and message YKSUFTGOARFWPFWEL WHATANICEDAYTODAY ZZZJUCLUDTUNWGCQS + (mod 26)

17 17 Book Ciphers  Same thing, but now use a very long key

18 18 Transposition Ciphers Switch letters around by a permutation  Example: HELLOWORLD   Key: permutation  Breakable with ciphertext-only attack 1 2 3 4 5 3 5 4 1 2 k = LOLHERDLWO

19 19 More transposition  Write code in rows and read it in columns  A very regular type of permutation THEGOAL OFSUBSI TUTIONI SCONFUS IONXXXX THE GOAL OF SUBSITUTION IS CONFUSION TOTSIHFUCOESTONGUINXOBOFXASNUXLIISX

20 20 Confusion and Diffusion Confusion  Replace symbol with another Diffusion  Mix up symbols WHATANI ZZZJUCL WHATANI ANWIHAT Modern ciphers are a combination

21 21 Mechanization  1844: invention of telegraph  Beginning of civilian crypto  Rotor machines  Key: initial position of rotors  Culminate in WW II  1975: DES  1996-2000 AES  1976: Public key cryptography We will examine in some detail The Enigma

22 22 Cryptographic Toolbox  Encryption  Symmetric  Asymmetric  Digests  Hashing  Digital signatures  Certificates

23 23 Symmetric Encryption D k (E k (m)) = m E D M M X X k Message (cleartext) Message (cleartext) Encrypted message (ciphertext) Encrypted message (ciphertext) Secret key Decryption box Encryption box

24 24 Asymmetric Encryption D k (E k (m)) = m E D M M X X k Cleartext Ciphertext Public key Decryption box Encryption box k -1 Private key Public data k

25 25 Digital Signatures V k (m,s) = S V M M M, s k Message Signature signature key Verification box Signature box k -1 Verification key Public data k true if s =S k (m) false otherwise

26 26 Certificates How do you know this public key is mine?  Certificate  Binding between key and owner  Certified by authority  Who is the authority?  Public-key infrastructure

27 27 Message Digests  Short message to certify integrity  Un-keyed  Checksums, hashes  No crypto  Anybody can calculate/modify it  Keyed  MACs  Based on a secret key  Only owners can calculate/modify it

28 28 Cryptanalysis The art  science of breaking a cipher  Try all possible plaintext corresponding to a ciphertext  Plain silly!  Try all possible keys for an encryption algorithm  Algorithm must be known  Enormous space of keys  Exploit weaknesses, regularities, shortcuts  Side-channel attacks  E.g., basic substitution cipher

29 29 What is “breaking a cipher”?  Recover the key k  Hard  Often not needed!  Decipher a single message  Decipher all messages  Modify messages  “Attack at dawn”  “attack at dusk”  Exploit properties of the cipher

30 30 Attack Models Good ciphers resist all attack models x Random Ciphertext Only m, x Ek(m)Ek(m) Known Plaintext Random x, m Dk(x)Dk(x) Chosen Ciphertext Chosen m, x Ek(m)Ek(m) Chosen Plaintext Chosen

31 31 Sneaky Attacks  Obtain the key somehow  Network sniffers, worms, backup tapes, …  Blackmail, bribery, torture, …  Side-channel cryptanalysis  Power consumption  Encryption time  Radiation Be careful!  off-peak computation  random noise  physical shielding Better implementation and design From http://www.cryptography.com/dpa/technical Detail: Round 2 Round 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Differential Power Analysis on DES

Download ppt "15-349 Introduction to Computer and Network Security Iliano Cervesato 24 August 2008 – Introduction to Cryptography."

Similar presentations

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”

Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.

CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Lecture 1 Overview.

Lecture 1 Overview.
15-349 Introduction to Computer and Network Security Iliano Cervesato 26 August 2008 – Modern Cryptography.

Introduction to Computer and Network Security Iliano Cervesato 26 August 2008 – Modern Cryptography.
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.

What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
A Cryptography Tutorial Jim Xu College of Computing Georgia Tech

A Cryptography Tutorial Jim Xu College of Computing Georgia Tech
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

Similar presentations

Ads by Google