1 / 36

Data Encryption

Data Encryption. Phil Johnson. Overview. Standards Techniques Examples of Algorithms Cryptanalysis. What is Data Encryption?. Conversion of some information into a form that is no longer easily readable Difficult to reverse without special knowledge Normally applied to binary data.

chamomile-green
Télécharger la présentation

Data Encryption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Encryption Phil Johnson

  2. Overview • Standards • Techniques • Examples of Algorithms • Cryptanalysis

  3. What is Data Encryption? • Conversion of some information into a form that is no longer easily readable • Difficult to reverse without special knowledge • Normally applied to binary data

  4. Kerckhoff’s Law • Truly secure encryption techniques will have the following characteristics: • 1) The system must be practically, if not mathematically, indecipherable • 2) It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience • 3) Its key must be communicable and retainable without the help of written notes, and changeable or modifiable at the will of the correspondents

  5. Kerckhoff’s Law (cont’d) • For an encryption technique to be secure: • 4) It must be applicable to telegraphic correspondence • 5) It must be portable, and its usage and function must not require the concourse of several people • 6) Finally, it is necessary, given the circumstances that command its application, that the system be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to observe

  6. Keys • Used for encryption and decryption • Should be very long • Some say at least 128 bits • Can be derived from words or phrases • Two Types of Keys • Symmetric • Asymmetric

  7. Symmetric Keys • Also known as private-keys or single-keys • Same key used for both encryption and decryption • Practical Example: Alice and Bob

  8. Symmetric Keys – Advantages • Good for storing files for single-user access • Quite secure mathematically speaking • Tough to brute force a 128-bit key

  9. Symmetric Keys – Disadvantages • Can be risky when used for data transfer • More than one person must know the key • Mathematical difficulties can be sidestepped • Undetectable tampering possible

  10. Asymmetric Keys • Also known as public keys • Different keys for encryption and decryption • Public key – used for encryption • Private key – used for decryption • Alice and Bob

  11. Asymmetric Keys – Advantages • Much more secure than symmetric keys for data transfer • Often rely on factoring or some other ‘hard’ mathematical problem

  12. Asymmetric Keys – Disadvantages • Public and private keys must be somehow related • Security is tied to ‘hard’ math problem used to create the keys • If the problem is solved, all data is at risk

  13. One-Way Functions • Function which is easy to compute normally but exceedingly difficult to invert • Example: ceiling (log log x) • Most commonly used in cryptography: Factoring of very large numbers whose only factors are two very large primes

  14. Example Algorithms • RSA Algorithm • DES Algorithm • One-time pad

  15. RSA Algorithm • Developed by Ron Rivest, Adi Shamir, and Len Adleman • Uses asymmetric keys • Relies upon factorization problem

  16. The Algorithm • Method is mathematically complex • Result is simple: • Two numbers: • e – used for public key • d – used for private key • One ‘extra’ number: • n – used for both keys

  17. The Algorithm (cont’d) • Using these three numbers, encryption itself is quite simple • For some unencrypted message m, c = me mod n Where c is the encrypted result • Similarly, to decrypt a message, m = cd mod n

  18. Digital Signatures • RSA method is completely reversible • Private key = public key, vice versa • Applying digital signature: • Private key holder sends message, attaches some value encrypted with private key • Recipient decrypts value with public key • If the value is ok, the recipient knows that whoever sent the message knows the private key

  19. DES Algorithm • Data Encryption Standard – Developed by IBM and approved by NBS • Uses symmetric key • Same key used for encryption, decryption • Adopted as a US standard in 1976

  20. The Algorithm • Uses a 64-bit key for encryption • 56 bits for actual encryption • 8 bits for error detection • Divides data into 64-bit blocks, and applies algorithm to each • Algorithm itself extremely complex

  21. Controversy • Original IBM plan called for 128-bit encryption • Modified by the NSA down to only 56 • Questionable motives, security • Became much less trusted over its lifetime • Was cracked for the first time in 1997 • Replaced by AES in 2001

  22. One-Time Pad • Has been used for quite a long time • Can be done without a computer • Has been proven to be completely impossible to crack

  23. The Algorithm • Most useful for text, can be used on binary data as well • Key must be at least as long as the message itself • Each letter in key represents the amount to change the corresponding letter in the message

  24. Example • Message = ‘WELCOME’ • Key = ‘PBKVAUJ’ • Ciphertext = ‘LGYYPHO’

  25. The Catch • Key must be purely random • Key must accompany encrypted data at all times • Key must only be used once, then discarded and destroyed

  26. The Proof of Security • Message = ‘WELCOME’ • Key = ‘PBKVAUJ’ • Ciphertext = ‘LGYYPHO’ • Key guessed by computer with infinite computing power = ‘ERJUNMU’ • Result = ‘GOODBYE’

  27. Modern Applications • Widespread usage would be infeasible • Too many keys • Unsafe • No known source for pure randomness on a large scale • Still used on occasion, but only rarely

  28. Cryptanalysis • Refers to the attempts at getting past encryption security measures • Most commonly refers to algorithmic analysis, not other means, such as theft, bribery, keylogging, etc.

  29. Types of attacks • Ciphertext-only attack • No plaintext available, only ciphertext • Known-plaintext attack • The attacker has a set of ciphertexts along with corresponding plaintexts • Chosen plaintext attack • The attacker is able to produce ciphertexts based on strategically chosen plaintexts

  30. Types of Attacks (cont’d) • Adaptive Chosen Plaintext Attack • Attacker can follow a chosen plaintext attack with another, using information gained from the first • Related-Key Attack • Attacker can perform chosen plaintext attacks with different keys and compare the results of each

  31. Modern Cryptanalysis • Nowadays, ciphertext-only attacks are rare • Can be successful with weaker algorithms • Usually difficult to have success with more modern ciphers • Most attackers are able to utilize at least a known-plaintext attack

  32. Breaking Ciphers • Brute force • Often unsuccessful • Most algorithms ensure sufficient protection against brute-force attacks • Find patterns • Weakness in algorithm • Information about key

  33. Frequency Analysis • Letters in the English language occur at different rates • ‘e’ is most common letter • ‘th’ is most common pair of letters • ‘the’ is most common trio of letters • Weak ciphers fail to sufficiently mask this information

  34. Cryptanalysis Example - Vigenere Cipher • Requires a key of arbitrary length • The longer the key, the stronger the algorithm • If key length = message length, one-time pad • Adjust letters according to key • Message: LOVEL YWEAT HERTO DAY • Key: PSSWD PSSWD PSSWD PSS • Ciphertext: AGNAO NOWWW WWJPR SSQ

  35. Cryptography Example (cont’d) • http://homepage.cs.uri.edu/research/cryptography/classicalvigenerecryptdemo.htm • Ciphertext: ODFWDMSUDLKUCSNISNGTNSZDAMCZLHKIHATKRMLAZSMGFGAYJIIOUFDZCNZEXSJMBRWWXOXKBACNWNKTGBXKOTSHSTOCHMNJSLYOJWHVIBWMABRSQATNZCTEXHSSNJXOKTOQYXOXOFD

  36. References • References • [1] http://catalog.com/sft/encrypt.html • [2] http://en.wikipedia.org/wiki/Data_encryption • [3] http://en.wikipedia.org/wiki/One-time_pad • [4] http://homepage.cs.uri.edu/research/cryptography/index2.htm • [5] http://www.itl.nist.gov/fipspubs/fip46-2.htm • [6] http://www.ciphersbyritter.com/GLOSSARY.HTM • [7] Stinson, Douglas R. Cryptography: Theory and Practice. 2nd Edition. New York: Chapman & Hall/CRC, 2002. • [8] Welsh, Dominic Codes and Cryptography. Oxford: Clarendon Press, 1988.

More Related