1 / 22

Chapter 1: Foundations

Chapter 1: Foundations. Dulal C. Kar. Terminology. Sender and Receiver Messages and Encryption Encryption and decryption Plaintext and ciphertext Cryptography and cryptographers Cryptanalysis and cryptanalysts Cryptology and cryptologists. Encryption and Decryption.

fcomer
Télécharger la présentation

Chapter 1: Foundations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 1: Foundations Dulal C. Kar Based on Applied Cryptography by Schneier

  2. Terminology • Sender and Receiver • Messages and Encryption • Encryption and decryption • Plaintext and ciphertext • Cryptography and cryptographers • Cryptanalysis and cryptanalysts • Cryptology and cryptologists

  3. Encryption and Decryption • Notations • Message, M • Plaintext, P • Ciphertext, C • Encryption function, E • E(M) = C • Decryption function, D • D(C) = M • Identity:D(E(M)) = M Plaintext Original Plaintext Ciphertext Encryption Decryption

  4. Authentication, Integrity, and Nonrepudiation • In addition to providing confidentiality (privacy), other cryptographic services are: • Authentication • Ascertaining a message’s true origin • Integrity • Verifying that a message has not been modified in transit • Nonrepudiation • A sender should not be able to falsely deny later that he sent a message

  5. Algorithms and Keys • Cryptographic algorithm • Also called cipher • Mathematical function for encryption and decryption • Restricted algorithm • Secret algorithm, popular for low security applications, no standard • Modern cryptography • Key, K • Keyspace • Range of possible values of the key

  6. Key-Based Cryptography • Key-based encryption and decryption • Ek(M) = C • Dk(C) = M • Identity • Dk(Ek(M)) = M Key Key Plaintext Original Plaintext Ciphertext Encryption Decryption

  7. Different Keys for Encryption and Decryption • Encryption key, K1 • Decryption key, K2 • Ek1(M) = C • Dk2(C) = M • Dk2(Ek1(M)) = M Decryption Key Encryption Key Plaintext Original Plaintext Ciphertext Encryption Decryption

  8. Cryptosystem • An algorithm, plus all possible plaintexts, ciphertexts, and keys

  9. Symmetric Algorithms • Same key for encryption and decryption • Also called, secret-key algorithms, one-key algorithms,single-key algorithms • Ek(M) = C • Dk(C) = M • Two categories • Stream algorithms or stream ciphers (operate on a single bit or sometimes bytes) • Block algorithms or block ciphers (a typical block size is 64 bits for modern computer algorithms)

  10. Public-Key Algorithms • Key used for encryption is different from key used for decryption • Encryption key is often called the public key • Decryption key is often called the private key • Decryption key cannot be calculated from encryption key in any reasonable amount of time • Also called asymmetric algorithms • Ek1(M) = C • Dk2(C) = M • For digital signatures, messages are encrypted with the private key and decrypted with the public key

  11. Cryptanalysis • Science of recovering plaintext of a message without access to the key • An attempted cryptanalysis is called an attack • Kerckhoffs’ assumptions in cryptanalysis • Cryptographic algorithm and implementation known • Secrecy resides only in the key

  12. Cryptanalytic Attacks • Ciphertext-only attack • Given ciphertext of several messages, recover plaintext, key(s), or algorithm • Formally Given:C1 = Ek(P1), C2 = Ek(P2), . . ., Ci = Ek(Pi) Deduce:Either P1, P2, . . . Pi; k; or an algorithm to infer Pi+1 from Ci+1 = Ek(Pi+1) • Known-plaintext attack • Given ciphertext and corresponding plaintext of several messages, deduce the key(s) or algorithm • Formally Given:(P1, C1), (P2, C2), . . ., (Pi, Ci) where Ci = Ek(Pi) Deduce:Either k, or an algorithm to infer Pi+1 from Ci+1 = Ek(Pi+1)

  13. Cryptanalytic Attacks (cont’d) • Chosen-plaintext attack Given: (P1, C1), (P2, C2), . . ., (Pi, Ci) where the cryptanalyst gets to choose P1, P2, . . ., Pi Deduce:Either k, or an algorithm to infer Pi+1 from Ci+1 = Ek(Pi+1) • Adaptive-chosen-plaintext attack • A special case of chosen-plaintext attack • Cryptanalyst modifies his or her choice of plaintext based on the results of previous encryption • Chosen-ciphertext attack • Given:C1, P1 = Dk(C1), C2, P2 = Dk(C2), . . ., Ci, Pi = Dk(Ci) • Deduce:k • Primarily applicable to public-key algorithms • Sometimes effective against a symmetric algorithm as well

  14. Cryptanalytic Attacks (cont’d) • Chosen-key attack • Cryptanalyst has some knowledge about the relationship between different keys • Not very practical • Rubber-hose cryptanalysis • Cryptanalyst threatens, blackmails, or tortures someone to get the key • Purchase-key attack • Bribe someone to get the key • Author’s Comments • The best cryptographic algorithms are the ones that have been made public, have been attacked by the world’s best cryptographers for years, and are still unbreakable • Those who claim to have an unbreakable cipher simply because they cannot break are either geniuses or fools • Good cryptographers rely on peer review to separate the good algorithms from the bad

  15. Security of Algorithms • Different algorithms offer different degrees of security • Cost of breaking must be greater than the value of encrypted data • Value of most data decreases over time • An algorithm is unconditionally secure if, no matter how much ciphertext a cryptanalyst has, there is not enough information to recover the plaintext (ex: one-time pad) • Cryptography is concerned with cryptosystems that are computationally infeasible to break • An algorithm is considered computationally secure (also called strong) if it cannot be broken with available resources, either current or future.

  16. Complexity Measures of An Attack • Data complexity • Amount of data needed as input to the attack • Processing complexity (also called work factor) • Time needed to perform the attack • Storage requirements • Amount of memory needed to do the attack • As a rule of thumb, the complexity of an attack is taken to be the minimum of the three factors • Some attacks involve trading off the three complexities

  17. Steganography • Existence of a secret message is concealed by hiding it in other messages • Example • Hiding secret messages in graphic images

  18. Substitution Ciphers and Transposition Ciphers • Substitution Ciphers • Classical cryptography • Each character in the plaintext is substituted for another character in the ciphertext. Ex: Caesar Cipher • Transposition Ciphers • Plaintext remains the same, but the order of characters is shuffled around. Ex: columnar transposition cipher • Rotor Machines • Enigma machine • Used by the Germans during World War II • A team of Polish cryptographers broke the first German Enigma

  19. Simple XOR • A symmetric algorithm • Plaintext is XORed with a keyword to generate ciphertext • Not secured at all; trivial to break • How to break • Discover the length of the key by a procedure known as counting coincidences • Shift the ciphertext by that length and XOR it with itself

  20. One-Time Pads • Perfect encryption scheme, primarily used for ultra-secure low bandwidth channels • Invented by Major Joseph Mauborgne and AT&T’s Gilbert Vernam in 1917 • Start by representing the message as a sequence of 0s and1s • Key is a random sequence of 0s and 1s of the same length as the message • Add the key to the message mod 2, bit by bit (Actually XOR operation) • Discard the key, once used and never use again (plaintext) 00101001 (key) + 10101100 ------------------------------------ (ciphertext) 10000101

  21. A Variation of One-Time Pads • Consider plaintext as a sequence of letters • Key is a random sequence of shifts, each one between 0 and 25 • Decryption uses the same key, but subtracts instead of adding the shifts • This encryption is completely unbreakable for a ciphertext only attack • Example: Assume A  1, B  2, . . ., Z  0 Plaintext:ONETIMEPADkey:TBFRGFARFM Ciphertext:IPKLPSFHGQ How?O+T mod 26 = I N + B mod 26 = P etc. • Caveats: • key letters have to be generated randomly. Using pseudo-random number generator is not useful. • No authenticity.

  22. Computer Algorithms • Thee most common cryptographic algorithms • DES (Data Encryption Standard) • Most popular symmetric key algorithm • 3DES • AES (Advanced Encryption Standard) • RSA (Rivest, Shamir, and Adleman) • Most popular public-key algorithm • Can be used for both encryption and digital signatures • DSA (Digital Signature Algorithm) • A public-key algorithm; cannot be used for encryption, but only for digital signatures

More Related