Presentation is loading. Please wait.

Presentation is loading. Please wait.

CRYPTOGRAPHY Presented by: Debi Prasad Mishra Institute of Technical Education & Reaserch Electronics & Telecommunication Engineering Section - A Section.

Published byMeagan Williams Modified over 9 years ago

Similar presentations

Presentation on theme: "CRYPTOGRAPHY Presented by: Debi Prasad Mishra Institute of Technical Education & Reaserch Electronics & Telecommunication Engineering Section - A Section."— Presentation transcript:

1 CRYPTOGRAPHY Presented by: Debi Prasad Mishra Institute of Technical Education & Reaserch Electronics & Telecommunication Engineering Section - A Section - A 7 th Semester Regd. No. - 0301212148

2 Talk Flow  Terminology  Secret-key cryptographic system  Block cipher  Stream cipher  Requirement of secrecy  Information theoretic approach Perfect security Diffusion and confusion  Practicability of cipher  Substitution cipher  Transposition cipher  Data Encryption Standard (DES) algorithm  Public-key cryptographic system Diffie-Hellman key distribution  Rivest-Shamir-Adleman (RSA) algorithm  Digital Signature: A hybrid approach

3  Cryptology is the term used to describe the science of secret communication.  Derived from Greek words kryptos (hidden) & logos (word).  Divided into two parts. Cryptography:- transforms message into coded form and recovers the original signal. Cryptanalysis:- deals in how to undo cryptographic communication by breaking coded signals tht may be accepted as genuine.

4 Terminology  Plaintext:- The original message to be encoded  Enciphering or Encryption:- The process of encoding  Ciphertext or Cryptogram:- The result produced by encryption  Cipher:- The set of data transmission used to do encryption  Key:- parameters of transformation

5 Services offered by Cryptography  Secrecy, which refers to the denial of access to information by unauthorised users  Authenticity, which refers to the validation of the source of message  Integrity, which refers to the assurance that a message was not modified by accidental or deliberate means in transit

6 Cryptography Secret-key (Single-key) Cryptography Public-key (Two-key) Cryptography A conventional Cryptographic system relies on use of a single piece of private and necessarily secret key. Key is known to sender & receiver, but to no others. Each user is provided with key material of one’s own with a private component & a public component The private component must be kept secret for secure communication.

7 Secret-key Cryptography Let X -> Plaintext message; Y -> Cryptogram; Z -> Key F ->Invertible transformation producing the cryptogram Y = F (X, Z) =F Z (X) Let F -1 ->Inverse transform of F to recover original message F -1 (Y, Z) = F z -1 (Y) = F Z -1 (F Z (X)) = X

8 Secret-key Cryptography continued… Here Y’ ->fraudulent message modified by an interceptor or eavesdropper

9 Block Ciphers Block ciphers are normally designed in such a way that a small change in an input block of plaintext produces a major change in the resulting output. This error propagation property of block ciphers is valuable in authentication in that it makes it improbable for an enemy cryptanalyst to modify encrypted data, unless knowledge of key is available.

10 Stream ciphers  Whereas block ciphers operate on large data on a block-by- block basis, stream ciphers operate on individual bits. Let x n -> Plaintext bit; y ->ciphertext bit; z ->keystream bit at n th instant For encryption: y n = x n z n, n=1, 2, …, N For decryption: x n = y n z n, n=1, 2, …, N

11 Stream ciphers continued…  A binary additive stream cipher has no error propagation; the decryption of a distorted bit in the ciphertext affects only the corresponding bits of the resulting output.  Stream ciphers are generally better suited for secure transmission of data over error – prone communication channels; they are used in application where high data rates are a requirement (as in secure video) or when a minimal transmission delay is essential.

12 Requirement of Secrecy ASSUMPTION:- An enemy cryptanalyst has knowledge of the entire mechanism used to perform encryption, except for the secret key.

13 Requirement of Secrecy continued… Attacks employed by enemy cryptanalyst: Ciphertext-only attack  Access to part or all of the ciphertext Known-plaintext attack  Knowledge of some ciphertext:-plaintext pairs formed with the actual secret key Chosen-plaintext attack  Submit any chosen plaintext message and receive in return the correct ciphertext for the actual secret key. Chosen-ciphertext attack  Choose an arbitrary ciphertext and find the correct result for its decryption.

14 Information theoretic approach In Shannon model of cryptography (published in Shannon’s 1949 landmark paper on information- theoretic approach to secrecy systems) ASSUMPTION:- 1.Enemy cryptanalyst has unlimited time & computing power. 2.But the enemy is presumably restricted to ciphertext- only attack. The secrecy of the system is said to be broken when decryption is performed successfully, obtaining a unique solution to the cryptogram

15 Information theoretic approach (continued…) Let X = {X 1, X 2, …, X N } ->N-bit plaintext message, Y = {Y 1, Y 2, …,Y N } ->N-bit cryptogram Secret key Z is assumed to be determined by some probability distribution Let H (X) ->uncertainty about x H (X | Y) ->uncertainty about X given knowledge of Y Now, mutual information between X & Y, I (X;Y) = H (X) – H(X | Y) represents a basic measure of security in the Shannon model.

16 Perfect Security Perfect Security Assuming that an enemy cryptanalyst can observe only the cryptogram Y, for perfect security X & Y should be statistically independent. I (X;Y)=0 =>H (X) = H (X|Y) …………….......(1) Given the secret key Z; H (X|Y) ≤ H (X; Z|Y) = H (Z|Y) + H (X|Y,Z) …(2) H(X|Y,Z)=0; iff Y & Z together uniquely determine X Equation 2 can be rewritten as H(X|Y) ≤ H(Z|Y) ≤ H(Z) …………(3) With equation 3 equation 1 becomes H(Z) ≥ H(X) ……………………………..(4) Is called Shannon’s fundamental bound for perfect security. Result: The key must be at least as long as the plaintext.

17 Diffusion & Confusion  In diffusion, statistical nature of the plaintext is hidden by spreading out the influence of single bit in plaintext over large number of bits in ciphertext.  In confusion, the data transformations are designed to complicate the determination of the way in which the statistics of ciphertext depend on that of the plaintext. Practicability of Cipher For a cipher to be of practical value 1.It must be difficult to be broken by enemy cryptanalyst. 2.It must be easy to encrypt & decrypt with knowledge of secret key.

18 Substitution cipher Each letter of plaintext is replaced by a fixed substitute. For plaintext X = {x 1,x 2,x 3,x 4,…) ciphertext Y ={y 1,y 2,y 3,y 4,,…) ={f(x 1 ),f(x 2 ),f(x 3 ),f(x 4 ),….}

19 Transposition cipher The plaintext is divided into groups of fixed period d & the same permutation is applied to each group. The particular permutation rule being determined by the secret key.

20 Data Encryption Standard (DES)  It is the most widely used secret-key cryptalgorithm.  It operates on 64-bit plaintext and uses 56-bit key.  The overall procedure can be given as P -1 {F[P(X)]} where, X->plaintext P->certain permutation F->certain transposition & substitution F is obtained by cascading a certain function f, with each stage of cascade referred as around.  There are 16 rounds employed here.

21 How DES works?  DES operates on 64-bit of data. Each block of 64 bits is divided into two blocks of 32 bits each, a left half block L and a right half R. M = 0123456789ABCDEF M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111 L = 0000 0001 0010 0011 0100 0101 0110 0111 R = 1000 1001 1010 1011 1100 1101 1110 1111

22 Key Computation  The 64-bit key is permuted according to the following table & 56-bit key is calculated from it. 5749413325179 1585042342618 1025951432527 1911360524436 63554739312315 7625446383022 1466153453729 211352820124 LET K = 00010011 00110100 01010111 01111001 10011011 10111100 11011111 11110001 The 56-bit permutation: K+ = 1111000 0110011 0010101 0101111 0101010 1011001 1001111 0001111 From the permuted key K+, we get C 0 = 1111000 0110011 0010101 0101111 D 0 = 0101010 1011001 1001111 0001111

23 Key Computation continued…  With C 0 and D 0 defined, we now create sixteen blocks C n and D n, 1<=n<=16. Each pair of blocks C n and D n is formed from the previous pair C n-1 and D n-1, respectively, for n = 1, 2,..., 16, using the following schedule of "left shifts" of the previous block. Iteration Number 12345678910111213141516 Number of Left Shifts 1122222212222221 C0 = 1111000011001100101010101111 D0 = 0101010101100110011110001111 C1 = 1110000110011001010101011111 D1 = 1010101011001100111100011110 C2 = 1100001100110010101010111111 D2 = 0101010110011001111000111101 and so on upto C 16 & D 16.

24 Key Computation continued…  We now form the keys Kn, for 1<=n<=16, by applying the following permutation table to each of the concatenated pairs C n D n. 1417112415 3281562110 2319124268 1672720132 415231374755 304051453348 444939563453 464250362932 C 1 D 1 = 1110000 1100110 0101010 1011111 1010101 0110011 0011110 0011110 K 1 = 000110 110000 001011 101111 111111 000111 000001 110010 Similarly, K 2 = 011110 011010 111011 011001 110110 111100 100111 100101 K 3 = 010101 011111 110010 001010 010000 101100 111110 011001 and so on upto K 16. Thus the 16, 48-bit subkeys are obtained.

25 Encoding Data  There is an initial permutation, IP of the 64 bits of the message data, M. This rearranges the bits according to the following table. 585042342618102 605244362820124 625446383022146 645648403224168 57494133251791 595143352719113 615345372921135 635547393123157 M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111 IP = 1100 1100 0000 0000 1100 1100 1111 1111 1111 0000 1010 1010 1111 0000 1010 1010  Next divide the permuted block IP into a left half L 0 of 32 bits, and a right half R 0 of 32bits. L 0 = 1100 1100 0000 0000 1100 1100 1111 1111 R 0 = 1111 0000 1010 1010 1111 0000 1010 1010

26 Encoding Data continued…  We now proceed through 16 iterations, for 1<=n<=16, using a function, f which operates on two blocks - a data block of 32 bits and a key K n of 48 bits - to produce a block of 32 bits. L n = R n-1 R n = L n-1 f(R n-1, K n ) For n = 1, we have K 1 = 000110 110000 001011 101111 111111 000111 000001 110010 L 1 = R 0 = 1111 0000 1010 1010 1111 0000 1010 1010 R 1 = L 0 + f(R 0, K 1 )  It remains to explain how the function f works.

27 Encoding Data continued…  To calculate f, we first expand each block R n-1 from 32 bits to 48 bits.  This is done by using a selection table called E-table that repeats some of the bits in R n-1. 3212345 456789 8910111213 121314151617 161718192021 202122232425 242526272829 28293031321 E-table We calculate E(R 0 ) from R 0 as follows: R 0 = 1111 0000 1010 1010 1111 0000 1010 1010 E(R 0 ) = 011110 100001 010101 010101 011110 100001 010101 010101

28 Encoding Data continued…  Next in the f calculation, we XOR the output E(R n-1 ) with the key K n : For K 1, E(R 0 ), we have K 1 = 000110 110000 001011 101111 111111 000111 000001 110010 E(R 0 ) = 011110 100001 010101 010101 011110 100001 010101 010101 K 1 +E(R 0 ) = 011000 010001 011110 111010 100001 100110 010100 100111  We now use each group of six bits as addresses in tables called "S boxes".  Each group of six bits will give us an address in a different S box. Located at that address will be a 4 bit number.  This 4 bit number will replace the original 6 bits.  The net result is that the eight groups of 6 bits are transformed into eight groups of 4 bits (the 4-bit outputs from the S boxes) for 32 bits total. K n E(R n-1 )

29 Encoding Data continued… 0123456789101112131415 014 4131 3151183106125907 1 015 7414213110612119538 2 4 114813621115129731050 31512 82 4917511314100613 Column number Row numberRow number S 1 Box Here S 1 (011011) = 0101 Similarly, there exists S 1, S 2,…, S 8 For the first round, we obtain as the output of the eight S boxes: K1 + E(R0) = 011000 010001 011110 111010 100001 100110 010100 100111. S = 0101 1100 1000 0010 1011 0101 1001 0111

30 Encoding Data continued…  The final stage in the calculation of f is to do a permutation P of the S-box output to obtain the final value of f:  The permutation P is defined in the following table. P yields a 32-bit output from a 32-bit input by permuting the bits of the input block. f = P(S) 1672021 29122817 1152326 5183110 282414 322739 1913306 2211425 P From S = 0101 1100 1000 0010 1011 0101 1001 0111 f = 0010 0011 0100 1010 1010 1001 1011 1011

31 Encoding Data continued…  R 1 = L 0 f(R 0, K 1 )  Proceeding like this we obtain L 1 R 1, L 2 R 2,…, L 16 R 16.  At the end of the sixteenth round we have the blocks L16 and R16. We then reverse the order of the two blocks into the 64-bit block R 16 L 16 and apply a permutation IP -1. = 1100 1100 0000 0000 1100 1100 1111 1111 0010 0011 0100 1010 1010 1001 1011 1011 = 1110 1111 0100 1010 0110 0101 0100 0100

32 Encoding Data continued… 408481656246432 397471555236331 386461454226230 375451353216129 364441252206028 353431151195927 342421050185826 33141949175725 IP -1 LET R 16 L 16 = 00001010 01001100 11011001 10010101 01000011 01000010 00110010 00110100 IP -1 = 10000101 11101000 00010011 01010100 00001111 00001010 10110100 00000101 which in hexadecimal format is 85E813540F0AB405. Thus the encrypted form of M = 0123456789ABCDEF: namely, C = 85E813540F0AB405

33 Decryption Decryption is simply the inverse of encryption, following the same steps as above, but reversing the order in which the subkeys are applied.

34 Disadvantages of Secret-key Cryptography  Use of physical secure channel Courier service or registered mail for key distribution is costly, inconvenient & slow  Requirement of large network For n user channels required n*(n-1)/2  This large network leads to use of insecure channel for key distribution & secure message transmission.

35 Public-key Cryptography  It contains two components. Private component, known to the authorised user only Public component, visible to everybody  Each pair of keys must have two basic properties. Whatever message encrypted with one of the keys can be decrypted by the other key. Given knowledge of the public key, it is computationally infeasible to compute the private key.  The key management here helps in development of large network.

36 Diffie-Hellman Public-key Distribution  It uses the concept that, it is easy to calculate the discrete exponential but difficult to calculate discrete logarithm. Discrete exponential : Y = α X mod p, for 1≤ X ≤p-1 Discrete logarithm : X = log α Y mod p, for 1≤ Y≤p-1  All users are assumed to know both α, p.  A user i, selects an independent random number X i, uniformly from the set of integers {1, 2,…, p} that is kept private.  But the discrete exponential Y i = α X i mod p is made public.

37 Diffie-Hellman Public-key Distribution continued…  Now, user I & j want to communicate.  To proceed, user i fetches Y j from public directory & uses the private X i to compute K ji =(Y j ) X i mod p =(α X j ) X i mod p =α X j X i mod p  In a similar way, user j computes K ij. But we have K ij = K ji  For an eavesdropper must compute K ji from Y i & Y j applying the formula K ji =(Y j ) log Y i mod p  Since it involves discrete logarithm not easy to calculate.

38 Rivest-Shamir-Adleman (RSA) System It is a block cipher based upon the fact that finding a random prime number of large size (e.g., 100 digit) is computationally easy, but factoring the product of two such numbers is considered computationally infeasible.

39 RSA algorithm 1.Key Generation 2.Generate two large prime numbers, p and q 3.Let n = p*q 4.Let m = (p-1)*(q-1) 5.Choose a small number e, coprime to m 6.Find d, such that de % m = 1 Encryption C = P e % n Decryption P = C d % n x % y means the remainder of x divided by y Publish e and n as the public key. Keep d and n as the secret key. To be secure, very large numbers must be used for p and q - 100 decimal digits at the very least.

40 RSA : An Illustration  Generate two large prime numbers, p and q To make the example easy to follow I am going to use small numbers, but this is not secure. Lets have: p = 7;q=19  Let n = p*q = 7 * 19 = 133  Let m = (p - 1)*(q - 1) = (7 - 1)(19 - 1) = 6 * 18 = 108  4) Choose a small number, e coprime to m e = 2 => gcd(e, 108) = 2 (no); e = 3 => gcd(e, 108) = 3 (no); e = 4 => gcd(e, 108) = 4 (no); e = 5 => gcd(e, 108) = 1 (yes!)  Find d, such that de % m = 1 n = 0 => d = 1 / 5 (no); n = 1 => d = 109 / 5 (no); n = 2 => d = 217 / 5 (no); n = 3 => d = 325 / 5 = 65 (yes!)

41 RSA : An Illustration continued…  Public Key: n = 133; e = 5  Secret Key: n = 133; d = 65 Encryption  lets use the message "6". C = P e % n = 6 5 % 133 = 7776 % 133 = 62 Decryption P = C d % n = 62 65 % 133 = 6

42 Digital Signature: A hybrid approach  The most useful requirements for a digital signature is authenticity and secrecy.  RSA provide an effective method for key management, but they are inefficient for bulk encryption of data.  DES provide better throughput, but require key management.  So, a combinational approach can be considered for practical usability, e.g., RSA may be used for authentication and DES used for encryption.

43 Reference  Simon Haykin, Communication Systems, 4th ed. (New York: John Wiley & Sons, 2004)  Martin A. Hellman, “An overview of public key cryptography,” IEEE communications magazine, vol. 16, no. 6, November 1978.  C. E. Shannon, “A mathematical theory of communication,” Bell system technical journal, p. 623, July 1948.  Gary C. Kessler, “An overview of cryptography,” May 1998  edited version of Handbook on Local Area Networks (Auerbach, September 1998)  http://orlingrabbe.com/  www.rsasecurity.com www.rsasecurity.com  www.wikipedia.com www.wikipedia.com  www.bambooweb.com www.bambooweb.com

44 QUERIES???

45 THANK YOU

Download ppt "CRYPTOGRAPHY Presented by: Debi Prasad Mishra Institute of Technical Education & Reaserch Electronics & Telecommunication Engineering Section - A Section."

Similar presentations

6.1.2 Overview DES is a block cipher, as shown in Figure 6.1.

6.1.2 Overview DES is a block cipher, as shown in Figure 6.1.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Data Encryption Standard (DES)

Data Encryption Standard (DES)
1 The RSA Algorithm Supplementary Notes Prepared by Raymond Wong Presented by Raymond Wong.

1 The RSA Algorithm Supplementary Notes Prepared by Raymond Wong Presented by Raymond Wong.
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.

Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)

Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
Cryptography & Number Theory

Cryptography & Number Theory
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

Similar presentations

Ads by Google