1 / 130

Security in Computing Chapter 2, Elementary Cryptography

Security in Computing Chapter 2, Elementary Cryptography. Summary created by Kirk Scott. 1. Notation. S = Sender R = Recipient or Receiver T = Transmission Medium O = Outsider, possibly an Interceptor or Intruder. 2. Possible Attacks on Messages in Transition. A. Block the message

kimn
Télécharger la présentation

Security in Computing Chapter 2, Elementary Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security in ComputingChapter 2, Elementary Cryptography Summary created by Kirk Scott

  2. 1. Notation • S = Sender • R = Recipient or Receiver • T = Transmission Medium • O = Outsider, possibly an Interceptor or Intruder

  3. 2. Possible Attacks on Messages in Transition • A. Block the message • R does not receive it • This violates availability • B. Intercept the message • If it is readable, this violates confidentiality • Even if unreadable, knowing that a message was sent may be of value

  4. C. Modify the message • Intercept, modify, and retransmit • This violates integrity • D. Fabricate a message • Send a message to R that appears to come from S • This violates integrity

  5. 3. Terminology • Encryption = encoding = enciphering = converting plaintext to ciphertext = scrambling the contents of a message so it can only be read by the intended recipient • Decryption = decoding = deciphering = converting ciphertext to plaintext • A rational scheme for encryption and decryption is known as a cryptosystem

  6. 4. More Notation • A plaintext sequence of characters can be represented in this way: • P = <p1, p2, …, pn> • Ciphertext can be represented in this way: • C = < c1, c2, …, cn> • Encoding and decoding can be represented as functions E() and D()

  7. 5. Relationships in a Cryptosystem • Encryption: C = E(P) • Decryption: P = D(C) • A successful cryptosystem has this property: • P = D(E(P))

  8. 6. Encryption Algorithms • An encryption algorithm is a set of rules for converting plaintext to ciphertext • Algorithms commonly come in families • A slight variation in the use of the rules yields a different encryption

  9. 7. Keys • In certain cryptosystems the variation between different applications of an algorithm is embodied in keys • A key, K, identifies or characterizes a particular variation on an algorithm • This is the notation for encrypting with a key, where E() represents the algorithm overall: • C = E(K, P) • If encryption is done with a key, decryption will also be done with a key: • P = D(K, P)

  10. 8. Symmetric and Asymmetric Keys • Symmetric: The key for encryption and decryption are the same: • P = D(K, E(K, P)) • Asymmetric: The key for encryption and decryption are different: • P = D(KD, E(KE, P)) • Both kinds of systems will eventually be discussed in depth

  11. 9. Keys or No Keys • Keyless cryptosystems are possible • A system with a key makes multiple encryptions of plaintext possible • It makes the code breaker’s task more difficult • Figure out the algorithm • Also figure out the key • Even if the algorithm is known, it’s still necessary to figure out the key

  12. 10. Cryptology/Cryptography • Cryptology = research and study of codes • Cryptography = use and application of codes • Cryptographer = (authorized) user of codes • Cryptanalyst = breaker of codes

  13. 11. Functions of Cryptanalysis • Break a single message • Deduce a key for an algorithm • Deduce an algorithm • Signals intelligence: Infer meaning from message traffic without decryption • Find weaknesses in the use of a cryptosystem • Find weaknesses in a cryptosystem in the absence of intercepted messages

  14. 12. Sources for Cryptanalysis • Intercepted plaintext • Intercepted ciphertext or suspected ciphertext • Properties of human languages • Mathematical and statistical tools • Known algorithms • Intuition, ingenuity, perseverance, luck • All approaches, licit and illicit, are open to the attacker

  15. 13. Breakable Encryption • A code may be theoretically breakable through brute force • Even given all possible decryptions, it would still be necessary to pick the right one • The real problem is not having the computing resources to afford a brute force solution • On the other hand, computing resources are getting cheaper and cheaper • The real opportunity comes from applying strategies better than brute force

  16. 14. Numeric Representations of the Alphabet • A = 0, B = 1, …, Z = 25 • Starting with zero makes it possible to work in modular fashion • Simple codes can be based on + and – • If the result goes below 0 or above 25, modular arithmetic rolls over or wraps around

  17. 15. Two Simple Example Techniques of Encryption • Substitution: Exchange one letter for another • This embodies the idea of confusion • One thing stands for another • Transposition: Rearrange the letters in a message • This embodies the idea of diffusion • Parts of the original message are spread throughout the encrypted message

  18. These two techniques alone are too weak for commercial use • They are of historical interest • They are also useful for learning the concepts without getting bogged down in heavy math

  19. 16. Simple Substitution • This may be called a mono-alphabetic cipher • Example: Caesar’s Cipher: • A  d, B  e, …, Z  c • ci = E(pi) = (pi + 3) mod 26 • Example: • TREATY IMPOSSIBLE  wuhdwblpsrvvleoh

  20. 18. Aspect’s of Caesar’s Cipher • Easy to use • No need for written instructions • In a world where most were illiterate anyway, it was reasonably secure • On the other hand, it is also quite weak

  21. 19. Cryptanalysis of Caesar’s Cipher • Spaces between words are preserved • Plaintext letters always map to the same ciphertext letters • As a consequence, regularly occurring sequences of letters in plaintext will recur as ciphertext sequences (prefixes, suffixes, etc.) • In the small example given, the appearance of the double letters SS/vv illustrates the idea

  22. 20. A Cryptanalysis Example • wklvphvvdjhlvqrwwrrkdugwreuhdn • This is based on a 27 letter alphabet with the space included • Furthermore, the space hasn’t been encrypted (or “it codes to itself”) • This opens up lots of cryptanalytic possibilities

  23. The number of short words in English is small • For example, am, is, to , be, he , we, and, are, you, she, … • Approach: Substitute whole short words, then do the same letter substitutions elsewhere to see what you get

  24. wrr is a strong clue because it contains a double letter, and wr only reinforces this • Small words fitting the wrr pattern include see, too, add, odd, off, … • You also need one where the first two letters make a smaller word • Add and ad would work • Too and to are probably more common

  25. This is an educated guessing game • Trying too and to gives: • wklvphvvdjhlvqrwwrrkdugwreuhdn • T--- ------- -- -OT TOO ---- TO ----- • Now consider lv which is a short word in its own right and also ends wklv • Is and this are reasonable guesses • At some point either the message or the transformation will become obvious…

  26. 21. Permutations of the Alphabet • The alphabet can be rearranged in less obvious ways than shifting 3 to the right • In general a permutation is any reordering of the elements of a set • Given a set, {1, 2, 3, 4, 5, 6, 7, 8, 9, 10} • A permutation can be represented: • Π1 = {1, 3, 5, 7, 10, 8, 6, 4, 2} • For an individual element: • Π1(3) = 5

  27. 22. Keys, Permutations, and Substitution Ciphers • Any permutation of the alphabet can be used as a substitution cipher • A key can be the basis for coming up with a substitution • Let the key be “word” • Here is a way of using it to determine a code: • ABCDEFGHIJKLMNOPQRSTUVWXYZ • wordabcefghijklmnpqstuvxyz

  28. The key is short, so lots of substitutions are near their originals • At the end, letters “substitute” for themselves • The letters at the end of the alphabet are uncommon • Still, this is weak

  29. The books suggests an alternative of counting by 3: • ABCDEFGHIJKLMNOPQRSTUVWXYZ • adgjmpsvybehknqtwzcfilorux • You could probably come up with a mathematical expression for this • It works because of the relationship between 3 and 26 (relatively prime?)

  30. 23. The Complexity of Substitution • All simple substitutions are equivalent to table look up • For practical purposes, the time to look up each letter is constant • For a message of length n, both encryption and decryption are O(n)

  31. The simplicity of table look makes use easy for authorized users • Low order of complexity is a sign of a weak algorithm • If a key is involved, the encryption may be strong • The point is that the security of the encryption now depends largely on the key and not the algorithm

  32. 24. Cryptanalysis of Substitution Ciphers • Superficially, substitution ciphers appear to be based on a hard problem • There are 26! Permutations of the English alphabet • Trying all by brute force would be daunting

  33. If encryption was done by mono-alphabetic substitution, letter frequency analysis breaks the code • The cryptanalyst is not restricted to solving the underlying hard problem • Consider the program LetterCount.java, given with the first assignment • Empirically determine letter frequencies in English text and see what frequencies occur in ciphertext

  34. 25. The Cryptographer’s Dilemma • Encryption is not random • In order to encrypt and decrypt, there has to be a pattern which authorized users know • It’s the pattern which gives clues to the cryptanalyst • The contest between cryptographers and cryptanalysts is never-ending

  35. Consider these additional points • 1. If a message is short enough, it will not include sufficient traces of the pattern for analysis • Suppose you simply intercept a message consisting of 6 characters • What could it be? • You need context to even hazard a guess

  36. 2. In the cryptographic arms race, you can essentially assume that anything encrypt is breakable • The question is, will it be breakable before the data loses its value • This is the principle of adequate protection applied to thinking about how strongly to encrypt something

  37. 26. Vernam Ciphers • A diagram of the Vernam process is shown on the following overhead • Note that the diagram shows XOR as the transformation

  38. The book chooses to illustrate the idea behind Vernam with an example based on addition and modular arithmetic rather than XOR • Letters of plaintext are represented by numbers • Then a sequence of 2 digit random numbers is considered • The random numbers are added to the plaintext, mod 26

  39. The idea is that this is a system where the algorithm is extremely simple • Security depends on the secrecy and randomness of the key • The problem with this illustration is that it’s not clear how you decrypt • It does not appear to me that this is true: • p = ((p + n) mod 26) + n) mod 26

  40. XOR actually makes a better example • Let the letters and random numbers be represented in binary • If p is the plaintext and q is the random number key: • E(p) = c = p XOR q • D(c) = c XOR q = (p XOR q) XOR Q = p • In other words, applying XOR q twice returns you to p

  41. Here is a little truth table showing that on a bit-wise basis, (p XOR q) XOR q = p:

  42. 27. Vigenere Tables • A Vigenere table is shown on the overhead following the next one • Across the top the columns are labeled with small letters • This can be interpreted as key look up • Down the side the rows are labeled with big letters • This can be interpreted as plaintext look up

  43. At the right-most edge there is a column labeled π • This tells you that each row in the table is one of 26 permutations of the alphabet • Encryption using a Vigenere table involves substitution • This is poly-alphabetic substitution (not mono-alphabetic)

  44. 28. Vigenere Example • Key: • iamiexistthatiscert • Message: • MACHINESCANNOTTHINK • Encryption of first letter, for example: • Look up intersection of row M, column i, getting u

  45. The complete encryption is: • uaopmkmkvtunhbljmed • Substitution has occurred, but substitution was done on each letter from a potentially different permutation of the alphabet, depending on what the corresponding key value was.

  46. 29. Cryptanalysis of the Example • The original message is English and has corresponding letter frequencies • In this example the key is also English and will have corresponding letter frequencies • A, E, O, and T make up 40% of English text • The probability that both the plaintext and the key come from this set: • .4 X .4 = .16

  47. A, E, O, T, N, and I make up 50% of English text • The probability that both the plaintext and the key come from this set: • .5 X .5 = .25 • A Vigenere table is shown on the following overhead with the intersections of the rows and columns for these letters circled

More Related