Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Basic Crypto Schemes

Published byAnis Wiggins Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction to Basic Crypto Schemes"— Presentation transcript:

1 Introduction to Basic Crypto Schemes
4/26/2017 Introduction to Basic Crypto Schemes In order to achieve confidentiality but at the same communicate/exchange information with intended parties, the information must be hidden from others But how? By encryption/decryption By obscurity 8/27/2013 4:40:35 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

2 By Obscurity – An Example
4/26/2017 By Obscurity – An Example A cover image (no message) 8/27/2013 4:40:36 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

3 By Obscurity – An Example – cont.
4/26/2017 By Obscurity – An Example – cont. A cover image (no message) A stego image 8/27/2013 4:40:37 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

4 4/26/2017 Crypto Terminology Cryptology  The art and science of making and breaking “secret codes” Cryptography  making “secret codes” Cryptanalysis  breaking “secret codes” Crypto  all of the above (and more) 8/27/2013 4:40:39 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

5 Crypto as Black Box A generic use of crypto key key plaintext encrypt
4/26/2017 Crypto as Black Box key key plaintext encrypt decrypt plaintext ciphertext A generic use of crypto 8/27/2013 4:41:15 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

6 4/26/2017 How to Speak Crypto A cipher or cryptosystem is used to encrypt the plaintext The result of encryption is ciphertext We decrypt ciphertext to recover plaintext A key is used to configure a cryptosystem A symmetric key cryptosystem uses the same key to encrypt as to decrypt A public key cryptosystem uses a public key to encrypt and a private key to decrypt Key space is the total number of all possible keys that can be used in a cryptographic system 8/27/2013 4:41:42 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

7 Crypto Basic assumption Also known as Kerckhoffs Principle
4/26/2017 Crypto Basic assumption The system is completely known to the attacker Only the key is secret Also known as Kerckhoffs Principle Crypto algorithms are not secret Why do we make this assumption? Experience has shown that secret algorithms are weak when exposed Secret algorithms never remain secret Better to find weaknesses beforehand 8/27/2013 4:42:05 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

8 Confusion and diffusion
4/26/2017 Proposed by Claude Shannon The founder of Information Theory 1949 paper: Comm. Thy. of Secrecy Systems Confusion and diffusion Confusion  obscure relationship between plaintext and ciphertext Note that the encryption must be invertible in order to be able to recover the original plaintext from the ciphertext Diffusion  spread plaintext statistics through the ciphertext 8/27/2013 4:42:25 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

9 Usage of Crypto for Computer Security
4/26/2017 Usage of Crypto for Computer Security Crypto provides fundamental tools to solve many problems in computer security Confidentiality Integrity We have to understand the crypto algorithms and principles in order to understand many solutions to computer security problems 8/27/2013 4:43:04 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

10 Simple Substitution Plaintext: fourscoreandsevenyearsago Key:
4/26/2017 Simple Substitution Plaintext: fourscoreandsevenyearsago Key: Plaintext a b c d e f g h i j k l m n o p q r s t u v w x y D E F G H I J K L M N O P Q R S T U V W X Y Z A B z C Ciphertext Ciphertext: IRXUVFRUHDAGVHYHABHDUVDIR Shift by 3 is “Caesar’s cipher” 8/27/2013 4:43:17 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

11 Ceasar’s Cipher Decryption
4/26/2017 Ceasar’s Cipher Decryption Suppose we know a Caesar’s cipher is being used Ciphertext: IORULGDVWDWHXQLYHUVLWB Plaintext a b c d e f g h i j k l m n o p q r s t u v w x y D E F G H I J K L M N O P Q R S T U V W X Y Z A B z C Ciphertext Plaintext: floridastateuniversity 8/27/2013 4:44:13 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

12 Not-so-Simple Substitution
4/26/2017 Not-so-Simple Substitution Shift by n for some n  {0,1,2,…,25} The encryption can also be represented using modular arithmetic by first transforming the letters into numbers, according to the scheme, A = 0, B = 1,..., Z = 25.[1]  Encryption of a letter  by a shift n can be described mathematically as,[2] Decryption is performed similarly, a b c d e f g h i j k l m n o p q r s t u v w x y H I J K L M N O P Q R S T U V W X Y Z A B C D E F z G Plaintext Ciphertext 8/27/2013 4:44:20 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

13 Cryptanalysis I: Try Them All
4/26/2017 Cryptanalysis I: Try Them All A simple substitution (shift by n) is used But the key is unknown Given ciphertext: CSYEVIXIVQMREXIH How to find the key? Only 26 possible keys  try them all! Exhaustive key search Solution: key = 4 8/27/2013 4:45:02 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

14 Even-less-Simple Substitution
4/26/2017 Even-less-Simple Substitution Key is some permutation of letters Need not be a shift For example a b c d e f g h i j k l m n o p q r s t u v w x y J I C A X S E Y V D K W B Q T Z R H F M P N U L G z O Plaintext Ciphertext Then 26! > 288 possible keys! 8/27/2013 4:45:06 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

15 Cryptanalysis II: Be Clever
4/26/2017 We know that a simple substitution is used But not necessarily a shift by n Can we find the key given ciphertext: PBFPVYFBQXZTYFPBFEQJHDXXQVAPTPQJKTOYQWIPBVWLXTOXBTFXQWAXBVCXQWAXFQJVWLEQNTOZQGGQLFXQWAKVWLXQWAEBIPBFXFQVXGTVJVWLBTPQWAEBFPBFHCVLXBQUFEVWLXGDPEQVPQGVPPBFTIXPFHXZHVFAGFOTHFEFBQUFTDHZBQPOTHXTYFTODXQHFTDPTOGHFQPBQWAQJJTODXQHFOQPWTBDHHIXQVAPBFZQHCFWPFHPBFIPBQWKFABVYYDZBOTHPBQPQJTQOTOGHFQAPBFEQJHDXXQVAVXEBQPEFZBVFOJIWFFACFCCFHQWAUVWFLQHGFXVAFXQHFUFHILTTAVWAFFAWTEVOITDHFHFQAITIXPFHXAFQHEFZQWGFLVWPTOFFA 8/27/2013 4:45:29 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

16 Cryptanalysis II Can’t try all 288 simple substitution keys
4/26/2017 Cryptanalysis II Can’t try all 288 simple substitution keys Can we be more clever? English letter frequency counts Also the relative frequencies for pairs and triples of characters 8/27/2013 4:45:45 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

17 Cryptanalysis II week01-crypto.ppt 4/26/2017 8/27/2013 4:46:12 PM
CIS5370 week01-crypto.ppt

18 Cryptanalysis II Ciphertext: Decrypt this message using info below
4/26/2017 Ciphertext: PBFPVYFBQXZTYFPBFEQJHDXXQVAPTPQJKTOYQWIPBVWLXTOXBTFXQWAXBVCXQWAXFQJVWLEQNTOZQGGQLFXQWAKVWLXQWAEBIPBFXFQVXGTVJVWLBTPQWAEBFPBFHCVLXBQUFEVWLXGDPEQVPQGVPPBFTIXPFHXZHVFAGFOTHFEFBQUFTDHZBQPOTHXTYFTODXQHFTDPTOGHFQPBQWAQJJTODXQHFOQPWTBDHHIXQVAPBFZQHCFWPFHPBFIPBQWKFABVYYDZBOTHPBQPQJTQOTOGHFQAPBFEQJHDXXQVAVXEBQPEFZBVFOJIWFFACFCCFHQWAUVWFLQHGFXVAFXQHFUFHILTTAVWAFFAWTEVOITDHFHFQAITIXPFHXAFQHEFZQWGFLVWPTOFFA Decrypt this message using info below Ciphertext frequency counts: A B C D E F G H I J K L M N O P Q R S T U V W X Y 21 26 6 10 12 51 25 9 3 1 15 28 42 27 4 24 22 Z 8 8/27/2013 4:47:20 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

19 Cryptanalysis Terminology
4/26/2017 Cryptanalysis Terminology Cryptosystem is secure if best known attack is to try all keys Cryptosystem is insecure if any shortcut attack is known By this definition, an insecure system might be harder to break than a secure system, depending on the size of the key space In practice, we need to select a secure cipher with a large enough key space As a secure cipher with a small key space can be broken 8/27/2013 4:47:53 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

20 Even-less-Simple Substitution – cont.
4/26/2017 Even-less-Simple Substitution – cont. Key is some permutation of letters It is not secure when used to encrypt plain English messages It uses only confusion How can we improve the security of this cipher? 8/27/2013 4:48:14 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

21  Double Transposition Plaintext: attackxatxdawn
4/26/2017 Double Transposition Plaintext: attackxatxdawn Permute rows and columns Ciphertext: xtawxnattxadakc Key: matrix size and permutations (3,5,1,4,2) and (1,3,2) 8/27/2013 6:01:19 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

22  Double Transposition Plaintext: attackxatxdawn
4/26/2017 Double Transposition Plaintext: attackxatxdawn Permute rows and columns Which principles does a double transposition cipher use, confusion, diffusion, or both? 8/27/2013 6:01:24 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

23 One-time Pad Encryption
4/26/2017 One-time Pad Encryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 Encryption: Plaintext  Key = Ciphertext h e i l t r 001 000 010 100 111 101 Plaintext: Key: 111 101 110 100 000 001 s r l h t Ciphertext: 8/27/2013 6:01:28 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

24 One-time Pad Encryption
4/26/2017 One-time Pad Encryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 Encryption: Plaintext  Key = Ciphertext h e i l t r 001 000 010 100 111 101 Plaintext: Key: 111 101 110 100 000 001 s r l h t Ciphertext: How to decrypt a message encrypted using one-time pad? 8/27/2013 6:01:33 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

25 One-time Pad Decryption
4/26/2017 One-time Pad Decryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 Decryption: Ciphertext  Key = Plaintext s r l h t 110 101 100 001 111 Ciphertext: Key: 111 101 110 100 000 001 010 h e i l t r Plaintext: 8/27/2013 6:01:39 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

26 One-time Pad Double agent claims sender used “key”: s r l h t k i l h
4/26/2017 One-time Pad Double agent claims sender used “key”: s r l h t 110 101 100 001 111 Ciphertext: “key”: 101 111 000 100 110 011 010 001 k i l h t e r “Plaintext”: e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 8/27/2013 6:01:41 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

27 One-time Pad Sender is captured and claims the key is: s r l h t h e l
4/26/2017 One-time Pad Sender is captured and claims the key is: s r l h t 110 101 100 001 111 Ciphertext: “Key”: 111 101 000 011 110 001 100 010 h e l i k s “Plaintext”: e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 8/27/2013 6:01:44 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

28 One-time Pad Summary Provably secure, when used correctly
4/26/2017 One-time Pad Summary Provably secure, when used correctly Ciphertext provides no info about plaintext All plaintexts are equally likely Pad must be random, used only once Pad is known only by sender and receiver Pad is same size as message No assurance of message integrity Why not distribute message the same way as the pad? 8/27/2013 6:01:52 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

29 4/26/2017 Messages in Depth Messages are in depth if they are encrypted with the same key 8/27/2013 6:02:03 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

30 Real-world One-time Pad
4/26/2017 Real-world One-time Pad Project VENONA Soviet spy messages from U.S. in 1940’s Nuclear espionage, etc. Thousands of messages Spy carried one-time pad into U.S. Spy used pad to encrypt secret messages Repeats within the “one-time” pads made cryptanalysis possible 8/27/2013 6:02:11 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

31 Codebook Literally, a book filled with “codewords”
4/26/2017 Literally, a book filled with “codewords” Zimmerman Telegram encrypted via codebook Februar fest finanzielle folgender Frieden Friedenschluss : : Modern block ciphers are codebooks. 8/27/2013 6:02:39 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

32 Zimmerman Telegram One of most famous codebook ciphers ever
4/26/2017 One of most famous codebook ciphers ever Led to US entry in WWI Ciphertext shown here… 8/27/2013 6:02:57 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

33 Zimmerman Telegram Decrypted
4/26/2017 British had recovered partial codebook Able to fill in missing parts 8/27/2013 6:03:12 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

34 Taxonomy of Cryptography
4/26/2017 Symmetric Key Same key for encryption as for decryption Stream ciphers Block ciphers Public Key Two keys, one for encryption (public), and one for decryption (private) Digital signatures  nothing comparable in symmetric key crypto Hash algorithms 8/27/2013 6:03:26 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

35 Taxonomy of Cryptanalysis
4/26/2017 Ciphertext only Known plaintext Chosen plaintext “Lunchtime attack” Protocols might encrypt chosen text Adaptively chosen plaintext Related key Forward search (public key crypto only) 8/27/2013 6:03:35 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

36 4/26/2017 Summary Substitutions and transpositions are the building blocks of ciphers While the ones we covered so far are simple and straightforward, their generalized versions are used extensively in modern ciphers 8/27/2013 6:03:42 PM week01-crypto.ppt CIS5370 week01-crypto.ppt

37 4/26/2017 Class Discussion Do you agree with the following (p. 722, E. Skoudis, “Counter Hack Reloaded”, 2nd Edition)? “Just as this is the Golden Age of Hacking, so too is it the Golden Age of Information Security. We live in very exciting times with technologies rapidly advancing, offering tremendous opportunities for learning and growing. If technology itself doesn’t get you excited, think of the tremendous job security afforded to system administrators, security personnel, and network managers who know how to secure their systems properly.” CIS5370 week01-crypto.ppt

38 4/26/2017 Class Discussion If you place an unpatched computer on the Internet, what is the average survival time before being completely compromised? The answer is on p. XXIV (E. Skoudis, “Counter Hack Reloaded”, 2nd Edition). Also from . CIS5370 week01-crypto.ppt

39 Class Discussion http://isc.sans.edu/survivaltime.html 4/26/2017
CIS5370 week01-crypto.ppt

40 Class Discussion http://isc.sans.edu/survivaltime.html 4/26/2017
CIS5370 week01-crypto.ppt

41 Before Class Discussion
4/26/2017 Before Class Discussion Homeland Security Secretary Janet Napolitano in her farewell address given on Aug. 27, 2013 Homeland Security Chief Advice To Successor: Advil by The Associated Press August 27, :03 PM WASHINGTON (AP) — Homeland Security Secretary Janet Napolitano, who is resigning next week, expressed disappointment Tuesday during her farewell remarks that Congress failed to pass a law providing a path to citizenship for many young immigrants living in the U.S. illegally. Her legacy includes managing the Obama administration's responses to foiled and successful terrorism attacks against the U.S., the Gulf oil spill disaster, other important changes to immigration policies, the Secret Service prostitution scandal and rampant cyber break-ins of U.S. government computers blamed on China and others. She offered this advice to whoever succeeds her: "You will need a large bottle of Advil." Napolitano, the third Homeland Security secretary, will leave Sept. 6 to take over as president of the University of California system. It is unclear when President Barack Obama will name a permanent successor or who that person will be. Rand Beers, the department's acting No. 2 is expected to become the acting secretary when Napolitano leaves. With more than 240,000 employees, the Homeland Security Department is among Washington's most sprawling bureaucracies and includes immigration and intelligence offices, the Coast Guard, Secret Service, Transportation Security Administration, Federal Emergency Management Agency and others. She popularized her catchphrase, "If you see something, say something." "Some have said that being the secretary of DHS is the most thankless job in Washington. That is not true," she said. "No doubt, it's a very big and complex job. It's literally a 24/7 job. Yet, as my successor will soon learn, it's also one of the most rewarding jobs there is." When she took office in early 2009 after her re-election as Arizona's governor, Napolitano made immigration reform a top priority and did not mention terrorism during her first appearance on Capitol Hill. But she presided as Homeland Security secretary during violent attacks against the United States, including the Boston Marathon bombings earlier this year, which killed three people. The federal government's review of its own performance in the attack — including whether it missed any signs before the bombings — is still pending. An al-Qaida operative attempted to blow up a commercial jetliner over Detroit on Christmas Day in In the wake of failed attack Napolitano famously declared that the "system worked," although the Obama administration immediately ordered an urgent overhaul of its terror screening systems for travelers. Napolitano said security improvements after the attempted bombing — and after a disrupted plot in 2010 to detonate bombs hidden inside printer cartridges aboard planes flying to the U.S. — have made the U.S. safer. "We faced a threat. We responded," she said. "And we addressed the weaknesses in our systems. And while there is always more work to do, our aviation system is now stronger and more resilient." Napolitano chided Congress for failing to pass the DREAM Act, which would have provided a path to legal status for many young immigrants living in the United States illegally. The latest push for immigration reforms, which passed earlier this year in the Senate, now appears stalled in the House. "Congress had a chance to give the so-called dreamers a way to stay in our country through the DREAM Act but, unfortunately, that legislation failed to garner the 60 votes need for cloture, falling just five votes short despite strong bipartisan support," Napolitano said. She said the administrative policy changes she made were "no substitute for comprehensive immigration reform, which is the only way to face the long-standing problems with our immigration system." The Homeland Security Department is the government's lead agency for cybersecurity, and Napolitano was secretary during a period of rampant break-ins of U.S. government computers blamed on China's government and others. The department is soon to have its third deputy undersecretary for cybersecurity. In her remarks Tuesday, made only brief reference to the growing concern of a major cyberattack, which Napolitano said appeared inevitable. "Our country will, at some point, face a major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society," Napolitano said. "While we build systems, protections and a framework to identify attacks and intrusions, share information with the private sector and across government and develop plans and capabilities to mitigate the damage, more must be done, and quickly." ___ CIS5370 week01-crypto.ppt

Download ppt "Introduction to Basic Crypto Schemes"

Similar presentations

CLASSICAL ENCRYPTION TECHNIQUES

CLASSICAL ENCRYPTION TECHNIQUES
Cryptography encryption authentication digital signatures

Cryptography encryption authentication digital signatures
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”

Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.

CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Chapter 2 Basic Encryption and Decryption (part B)

Chapter 2 Basic Encryption and Decryption (part B)
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Cryptography Week-6.

Cryptography Week-6.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
CIS 5371 Cryptography Introduction.

CIS 5371 Cryptography Introduction.

Similar presentations

Ads by Google