1 / 22

CHAPTER 6

CHAPTER 6. CRYPTOGRAPHY. An Overview of Cryptography and Some of its Algorithms. Crypto, origins in Greek word ‘kruptos’ means hidden Objective of cryptography to hide information & only intended recipient(s) can unhide it Encryption  hide, decryption  unhide

zavad
Télécharger la présentation

CHAPTER 6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CHAPTER 6 CRYPTOGRAPHY

  2. An Overview of Cryptography and Some of its Algorithms • Crypto, origins in Greek word ‘kruptos’ means hidden • Objective of cryptography to hide information & only intended recipient(s) can unhide it • Encryption  hide, decryption  unhide • Cipher is used to accomplish the encryption & decryption • Merriam Webster’s Collegiate Dictionary defines cipher as a method of transforming text in order to conceal its meaning

  3. Cryptography Process Sender Receiver Plaintext Plaintext Encryption Ciphertext Decryption

  4. History • Julius Caesar has his own cryptography called Caesar’s Cipher, where rotated the letters of the alphabet to the right by three • ROT13 (rotate 13) similar to Caesar’s Cipher and still in use today • V GUVAX JVAQBJF FHPXF

  5. Encryption Key Types • Symmetric and Asymmetric • Symmetric • The longest and single key that used for both encryption and decryption of the ciphertext, also called as secret key • Using a key because the algorithms are well known • Problems: • How to confirm sender & receiver have the same key • Have to used another protected transportation mechanism

  6. Encryption Key Types • Asymmetric • Use two different keys, encryption & decryption, also known as public key & private key • Public key cryptography was first publicly released in 1976 as a method of exchanging keys in a secret system

  7. Symmetric Algorithms • DES (Data Encryption Standard) • Encryption standard for US government since 1976 • IBM first developed it with name Lucifer in 1974 • Block cipher, works on block of data • 64 bits length, but use only 56 bits called active key • The other 8 bits used for parity • Use two different techniques; substitution (confusion) and transposition (diffusion), for 16 rounds in order to create the cipher text • During each round data is XOR’ed (Exclusive OR’ed) with a subkey & then result is run through eight S-Boxes (substitution boxes, for security) and then through a P-Box (permutation box)

  8. Symmetric Algorithms • DES (Data Encryption Standard) • Has reaffirmed as the encryption standard for the U.S Government every five years since 1976 • Over 20 years old • Several variations, 3DES and DESX • 3DES, uses multiple keys and DESX uses 64 bits additional key • Replace with AES (Advance Encryption Standard)

  9. Symmetric Algorithms • IDEA (International Data Encryption Algorithm) • It operates on a 64 bits plaintext block and uses a 128 bits key • It uses a total of eight rounds in which it XOR’s, adds and multiplies four sub-blocks with each other, as well as six 16-bit sub-blocks of key material

  10. Asymmetric Algorithm • Diffie-Hellman • It uses a key pair that is mathematically related so that one key (public) is used to encode a message and the other key (private) is used to decode the message • The public key is very difficult to derive the corresponding private key, if the keys are of sufficient length. The strength is based on the discrete logarithm problem (easy to perform forwards, very difficult to perform backwards) • DH is commonly called a key exchanged mechanism as it is used to exchange a secret key over an insecure medium, such as the Internet

  11. Asymmetric Algorithm • RSA • The algorithm is used for both encryption and authentication and is widely used • It is used in a variety of system including TLS (Transport Layer Security) and IPSec (IP Security)

  12. Problem With Cryptography • Secret Storage • Secret storage consists of storing the secret somewhere that can easily be attacked • In this case, it doesn’t matter if 3DES is used, as long as the key is stored somewhere where it can be attacked • Universal Secret • A universal secret is where products containing cryptography are allowed to talk to each other without to exchange authenticated session keys • When this occurs, then it is only a matter of time until the crypto in the product gets broken • For example, the cryptography in DVD

  13. Problem With Cryptography • Entropy And Cryptography • Entropy is defined as a process of degradation or running down or a trend to disorder • Both of these applications use strong cryptographic algorithms, but rely on passwords or passphrases of the end user • The password/passphrase selected can be directly related to the strength of the bits used in a crypto key

  14. Brute Force • Brute force is a description of a primitive programming style, one in which programmer relies on the computer’s processing power instead of using his or her own intelligence to simplify the problem, often ignoring problems of scale an applying naïve methods suited to small problems directly to large ones • Brute force programs are written in a heavyhanded, tedious way, and full of repetition and devoid of any elegance or useful abstraction

  15. Brute Force • The canonical example of a brute force algorithm is associated with the ‘traveling salesman problem’ (TSP), a classical NP-hard problem • The brute force method is to simply generate all possible routes and compare distances

  16. Brute Force • L0phtCrack • L0phtcrack is a Windows NT password auditing tool from the L0pht that came onto the scene in 1997 • It provides several different mechanisms for retrieving the passwords from the hashes • Crack • Crack is a password-guessing program for UNIX systems • It runs only on UNIX systems and is for the most part, a dictionary-based program • Crack7 is a brute force password cracker that can be used if your dictionary-based attack fails

  17. Brute Force • Crack • The most interesting of this combination is that crack can test for common variants that people use, which think they are picking more secure passwords • John The Ripper • John the Ripper is also primarily a UNIX password-cracking program, but it differs from crack because it can be run on not only UNIX systems, but also DOS and Windows NT/9x • It also does an option to break Windows NT LM (LanMan) hashes • It supports brute force attacks, but it calls it incremental mode

  18. Brute Force • Distributed.net • Distributed.net is dedicated to the advancement of distributed computing • Distributed computing is harnessing the unused CPU cycles of computers all over the world in order to work on a specific task problem • Distributed.net has concentrated their efforts on breaking cryptographic algorithms by using computers around the world to tackle a portion of the problem • Currently, distributed.net is working on the RC5-64 project • This effort has been underway, at the time of this writing for, 988 days

  19. Brute Force • Deep Crack • Deep crack consists of six cabinets that house 29 circuit boards • Each circuit board contains 64 custom search microchips that were develop by AWT

  20. Real Cryptanalysis • Differential Cryptanalysis • Eli Biham and Adi Shamir wrote a paper titled “Differential Cryptanalysis of DES-like Cryptosystems” • With DES, sometimes that the difference between two plaintext strings sometimes appears as a similar difference in the two ciphertexts • The goal of any cryptographic attack: from the ciphertext is to get the key • The problem is, with most decent crypto systems there are a lot of keys to try. It is depend on the length of the key and how well it was chosen • Differential cryptanalysis wasn’t significantly better than brute force for regular DES

  21. Real Cryptanalysis • Side-Channel Attacks • A side-channel attack is an attack against a particular implementation of the crypto algorithm, not the algorithm • Bruce Schneier describes an attack against some sort of password authentication system • Normally, all one gets back is go or no go • Another powerful type of side-channel attacks is fault analysis. This is the practice of intentionally causing faults to occur in a device in order to see what effect it has on the processing and analyzing output

  22. End Of Chapter 6

More Related