1 / 39

390 likes | 503 Vues

CS457 – Introduction to Information Systems Security Cryptography 1a. Elias Athanasopoulos elathan@ics.forth.gr. Cryptography Elements. Symmetric Encryption Block Ciphers Stream Ciphers Asymmetric Encryption Cryptographic Hash Functions Applications.

Télécharger la présentation
## CS457 – Introduction to Information Systems Security Cryptography 1a

**An Image/Link below is provided (as is) to download presentation**
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.
Content is provided to you AS IS for your information and personal use only.
Download presentation by click this link.
While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

**CS457 – Introduction to Information Systems**SecurityCryptography 1a Elias Athanasopoulos elathan@ics.forth.gr**Cryptography Elements**• Symmetric Encryption • Block Ciphers • Stream Ciphers • Asymmetric Encryption • Cryptographic Hash Functions • Applications Elias Athanasopoulos**Computer Security“The protection afforded to an automated**information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/ data, and telecommunications). ” Elias Athanasopoulos**CIA**• Confidentiality • Dataconfidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals. • Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. • Integrity • Data integrity: Assures that information and programs are changed only in a specified and authorized manner. • System integrity: Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. • Availability • Assures that systems work promptly and service is not denied to authorized users. Elias Athanasopoulos**An Example**Confidentiality: Bad guys cannot see messages Availability: The system is operational System/Service Communication Integrity: Bad guys cannot change messages Elias Athanasopoulos**How to achieve CIA?**• Crypto algorithms • “Hide” messages, sign messages, provide guarantees about sent/received messages, etc. • Secure systems • Apply Crypto concepts in protocols, systems, etc. • Software defenses • Ensure that software is not manipulated Elias Athanasopoulos**The need to remain secret**Elias Athanasopoulos**Cryptographic Jargon**• Plaintext • This is the original intelligible message or data that is fed into the algorithm as input. • Encryption algorithm • The encryption algorithm performs various substitutions and transformations on the plaintext. • Secret key • The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time. • Ciphertext: • This is the scrambled message produced as output. It depends on the plaintext and the secret key. • Decryption algorithm • This is essentially the encryption algorithm run in reverse. Elias Athanasopoulos**NOT Security via Obscurity**• The encryption/decryption algorithm is assumed to be known • Security is based on • Secrecy of the key • Hard to infer the plaintext via the ciphertext by just knowing the key • Cryptanalysis • Infer the plaintext from ciphertextwithout knowing the key Elias Athanasopoulos**Symmetric Encryption**Elias Athanasopoulos**Caesar Cipher**Elias Athanasopoulos**Key: 3**C = E(3, p) = (p + 3) mod 26 Elias Athanasopoulos**Or…**Plain: abcdefghijklmnopqrstuvwxyz Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC Elias Athanasopoulos**Encrypting a message**Plain: meet me after the toga party Cipher: PHHW PH DIWHU WKH WRJD SDUWB Elias Athanasopoulos**Simple Brute Force attack: we need to try 25 different keys.**Is this secure? Elias Athanasopoulos**Increase the key space**• Permutations: {a, b, c} • abc, acb, bac, bca, cab, cba • Size: 6 (or 3! ~ 1*2*3) • In general the size is n!(n is the size of the set) • For the alphabet: 26! Elias Athanasopoulos**Frequency Analysis**Is this secure? Elias Athanasopoulos**Example**UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ Elias Athanasopoulos**Count Frequencies**Elias Athanasopoulos**Compare with English**Elias Athanasopoulos**And try…**Elias Athanasopoulos**Voila!**Elias Athanasopoulos**One-Time Pad**Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS key:pxlmvmsydofuyrvzwctnlebnecvgdupahfzzlmnyih plaintext:mrmustard with the candlestick in the hall Ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS key:pxlmvmsydofuyrvzwctnlebnecvgdupahfzzlmnyih plaintext:miss scarlet with the knife in the library Key = Size of message Elias Athanasopoulos**Transposition**Elias Athanasopoulos**Modern Symmetric Ciphers**• DES, 3DES, and AES • AES is the dominant one, today • Based on • Substitutions and transpositions • Very complex • Type • Block • Stream Elias Athanasopoulos**Block vs Stream**• Block cipher • one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. Typically, a block size of 64 or 128 bits is used. • Stream cipher • one that encrypts a digital data stream one bit or one byte at a time. Elias Athanasopoulos**Block Cipher**Elias Athanasopoulos**Stream Cipher**Elias Athanasopoulos**Block cipher**• Plaintext ofn bits produces a ciphertext of n bits • Block size: n bits • Space of different plaintext blocks: 2^n • Each block must be unique Elias Athanasopoulos**Encryption should be reversible**Elias Athanasopoulos**General n-bit-n-bit Block (n = 4)**Elias Athanasopoulos**Decryption/Encryption**Elias Athanasopoulos**Problems**• Vulnerable to statistical attacks • Small blocks can take limited transformations • Increase n • Key size: 4 bits * 16 rows • In general: n * 2^n • Approximate the ideal case Elias Athanasopoulos**Feistel Cipher**• Goal • Approximate the ideal cipher • Reduce statistical properties between plaintext, ciphertext, and key(s) • Difussion • Each plaintext digit affect the value of many ciphertext digits • Confusion • The statistics of the ciphertext and the value of the encryption key is as complex as possible Elias Athanasopoulos**Feistel Cipher**Substitution: right part is transformed by F(Ki) and XORed with left part. Permutation: right part swapped with left part. Elias Athanasopoulos**Properties**• Block size: • Larger block sizes mean greater security but reduced encryption/decryption speed for a given algorithm. A block size of 64 bits is reasonable tradeoff. AES uses a 128-bit block size. • Key size: • Larger key size means greater security but may decrease encryption/ decryption speed. Key sizes of 64 bits or less are now widely considered to be inadequate, and 128 bits has become a common size. Elias Athanasopoulos**Properties**• Number of rounds: • The essence of the Feistel cipher is that a single round offers inadequate security but that multiple rounds offer increasing security. A typical size is 16 rounds. • Subkey generation algorithm: • Greater complexity in this algorithm should lead to greater difficulty of cryptanalysis. • Round function F: • Again, greater complexity generally means greater resistance to cryptanalysis. Elias Athanasopoulos**Extra (desired) properties**• Fast software encryption/decryption: • In many cases, encryption is embedded in applications or utility functions in such a way as to preclude a hardware implementation. • Ease of analysis: • There is great benefit in making the algorithm easy to analyze. It is easier to analyze that algorithm for cryptanalytic vulnerabilities and therefore develop a higher level of assurance as to its strength. DES, for example, does not have an easily analyzed functionality. Elias Athanasopoulos**Block modes**Elias Athanasopoulos

More Related