1 / 18

Cryptography II

Cryptography II. Jagdish S. Gangolly School of Business State University of New York at Albany. Cryptography II: Topics. Substitutions Complexity of substitution encryption/decryption One-time pad (Vignere tableau) Vernam and book ciphers Transpositions (or Permutations)

aleta
Télécharger la présentation

Cryptography II

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptography II Jagdish S. Gangolly School of Business State University of New York at Albany Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  2. Cryptography II: Topics • Substitutions • Complexity of substitution encryption/decryption • One-time pad (Vignere tableau) • Vernam and book ciphers • Transpositions (or Permutations) • Digrams, Trigrams, n-grams • Shannon’s characteristics of “Good” ciphers Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  3. Cryptography II: Topics (Continued) • Data Encryption Standard) DES, Double DES and Triple DES • Advanced Encryption Standard (AES) • Certificates: Trust & Certificates Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  4. Substitutions • Complexity: Since it takes constant time to substitute a character, the complexity of the algorithms is n; i.e., a message twice as long takes twice the time to encrypt. • Cryptanalysis: Substitution ciphers can be attacked by guessing, using short words, repeated characters, statistical analysis of character frequencies, using dictionaries, n-gram analysis. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  5. One-Time Pads • A synchronized sequence of non-repeating keys, similar to those in Vignere cipher. • Key management (generation, synchronization, distribution, storage) is a problem. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  6. Vernam and Book Ciphers • Characters in plain text combined with arbitrarily long non-repeating sequence of numbers. • Vernam ciphers immune to most cryptanalytic attacks. • In book ciphers, a book commonly agreed upon is used as a source of “random numbers (e.g., telephone book or any other book) • If the book so used is known, it is easier to cryptanalyze the ciphertext. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  7. Digrams, Trigrams, n-grams • Statistical analysis of frequency of characteristic patterns of letter sequences. • Study of conditional probabilities. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  8. Transpositions (Permutations) • Rearrangement of the letters (or bits) of the plaintext. The aim is to confuse the cryptanalyst. • Requires large storage (since the entire plaintext message must be stored for columnar permutation). • Involves delay in decrypting since the entire ciphertext needs to be entered in storage before it can be deciphered. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  9. Shannon’s characteristics of “Good” ciphers • The amount of secrecy needed should determine the amount of labour appropriate for the encryption and decryption • The set of keys and the enciphering algorithm should be free from complexity • The implementation of the system should be as simple as possible • The errors in ciphering should not propagate and cause corruption of further information in the message • The size of the enciphered text should be no larger than the text of the original message Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  10. Data Encryption Standard) DES, Double DES and Triple DES • DES (Developed by IBM based on the Lucifer algorithm, original name is Data Encryption Algorithm or DEA): • Uses 16 iterations of substitution (confusion) and permutation (diffusion) • Block cipher, block size being 64 bits • Uses key 64 bits long (can be any 56 bit number, the remaining 8 bits often used as check digits Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  11. Data Encryption Standard) DES, Double DES and Triple DES (Continued) • Double DES: • message m, two keys k1 and k2, ciphertext c c = E(k2, E(k1,m)) • Double DES Cryptanalysis: Suppose you have two plaintext messages P1and P2, and their corresponding ciphertext messages C1 and C2 Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  12. Double DES Cryptanalysis (Continued) Step 1: For each of the 256 possible keys k, compute P1´= E(k,P1) Step 2: For eachof the 256 possible keys k, compute P1´´= D(k,C1) Step 3: Find the key pair k´ and k´´ for which P1´= P1´´ Step 4: Check the match using P2and C2. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  13. Double DES Cryptanalysis (Continued) • Merkle-Hellman result:Computing P1´ requires 256 steps. Computing backward from C1 to obtain P1´´ requires 256 steps. Therefore the total number of steps required to identify the key pair k1 and k2 is 2* 256 steps, which is equivalent to using a 57 bit key. Hence doubling the encryption only doubles the effort required of an cryptanalyst. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  14. Triple DES Consider a message m, two keys k1 and k2, ciphertext C, and the encryption scheme C = E(k1,D(k2,E(k1,m))) Even though triple DES only doubles the key length from 56 to 112 bits (and is the same as double DES), it is effective against all feasible known attacks. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  15. Advanced DES • Based on the Rijndael-Daemen algorithm. Each round (cycle) consists of • byte substitution (confusion step): substitution of each byte of a 128-bit block using a table, • shift row (transposition, also confusion step), • mix column (confusion and diffusion step), and • add sub key (confusion step). • Selected by as a Federal Information Processing standard in 2001. Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  16. DES Comparison (Source: Pfleeger & Pfleeger) Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  17. Certificates: Trust & Certificates • Need for establishment of trust when the two parties to a transaction do not know each other • Hierarchical relationships as a basis for trust • The function of digital certificates in the establishment of trust, and in the maintenance of the integrity of public keys • Need for trust at the top level in the hierarchy Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

  18. Trust & Certificates (Continued) • Trust infrastructure in the internet • Root certification authorities • C&W, HKT, SecureNet, Verisign, Baltimore Technologies, Deutsche Telecom, Societa Interbancaria per l’Automatzione di Milano, Entrust, Certiposte,… • Certificate path and its role in the establishment of trust in e-commerce carried through the web Acc 661 Auditing of Adv Acctg Sys (Spring 2003) Gangolly

More Related