1 / 73

760 likes | 952 Vues

Dr. Igor Santos. Security of Information Systems Cryptology. Contents. Historical Evolution Definitions Classic cipher Symmetric cryptography Asymmetric cryptography Cryptanalysis Steganography. Perspectiva histórica. Historical Evolution. Historical Evolution.

Télécharger la présentation
## Dr. Igor Santos

**An Image/Link below is provided (as is) to download presentation**
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.
Content is provided to you AS IS for your information and personal use only.
Download presentation by click this link.
While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

**Dr. Igor Santos**• Security of InformationSystemsCryptology**Contents**• Historical Evolution • Definitions • Classic cipher • Symmetric cryptography • Asymmetric cryptography • Cryptanalysis • Steganography**Perspectiva histórica**HistoricalEvolution**HistoricalEvolution**«When Julius Caesar sent messages to his generals, he didn't trust his messengers. So he replaced every A in his messages with a D, every B with an E, and so on through the alphabet. Only someone who knew the "shift by 3" rule could decipher his messages.» And so we begin. Phill Zimmerman, "An Introduction to Cryptography"**HistoricalEvolution**• Cryptology has always had a great interest in military and political • Egyptian and Babylonian hieroglyphs • Escítala of Sparta • Julius Caesar, Charlemagne, Philip II, Napoleon • San Bernardino already used usaba homophonic substitution • WW1: ADFGVX Code. Jefferson Cylinder • WW2: Enigma machines, Lorenz SZ-40/42: Bombe, Colossus • WW2: PURPLE Machine: Magic • Machines SIGABA and Typex ; Navajo Code**HistoricalEvolution**• Key of sector such as: • Banking • ATMs, wire transfers, electronic banking, … • Communication Networks • VPNs, secure email, … • E-Commerce • Mobile Phones • Pay TV and satellite TV • Digital Rights Management (DRM)…**PORTADA DEFINICIONES**¿WhatisCryptology?**Definitions**• Cryptology • From Greek krypto, "hidden" and logos, "word" • Science of secure communications (usually secret)**Definitions**• Secure Communication, 4 requirements • Confidentiality • The message can not be accessed or disclosed to individuals, entities or processes unauthorized • Authentication • Ensures the identities of the participants in a communication**Definitions**• Integrity • Ensures that the message has not been altered or destroyed in an unauthorized manner • Non-Repudiation • Allows to test the involvement of the parties to a communication, not being able to deny having sent or received a message**Definitions**• Cryptography • From Greek krypto, "hidden", and graphein "write“ • Literally meaning "hidden writing“ • Concepts • Text "clear" text that you want to hide • Text "encrypted" or "cipher" unreadable gibberish • Encryption Algorithm: converts text "clear" in "encrypted" and viceversa • Key: secret that enables the encryption algorithm to convert**Definitions**• Goal • Maintain the privacy of the communication between two entities altering the original message so that it is incomprehensible to anyone other than the addressee**Definitions**• Encryption y De-cryption**Definitions**• Cryptanalysis • From Greek Kryptos, "hidden" and analýein, "loose“ • It is the study of methods for obtaining the meaning of encrypted information, without access to the secret information required • Cryptology = Cryptography + Cryptanalysis**Definitions**• Criptosistema • {M, C, K, E, D} set, where: • M represents the set of all messages unencrypted or clear • Crepresents the set of all possible encrypted messages, or cryptograms • Krepresents the set of keys that can be used in the cryptosystem**Definitions**• E is the set of cryptographic transformations applied to each elem. M to become elem. of C • There is a transformation Ek for each key K • D is the set of decryption transformations analogous to E • Necessary condition for every cryptosystem • Dk( Ek (m) ) = m (reversibility)**Definitions**• Basictypesofcryptosystems • Symmetric or private key cryptosystems • They use the same key k to encrypt and decrypt • Asymmetric or public key cryptosystems • They use a key pair { kpub, kpr}, so that one is used to encrypt and one to decrypt • Hybridcryptosystems • They combine the two previous cryptosystems**Definitions**• Kerckhoffs’ principle (1883) • “The security of a cryptosystem must not depend on keeping secret the crypto algorithm. Safety depends only on keeping secret the key.” • True security is: • Public availability of cryptographic algorithms • To demonstrate theoretical and practical resistance • The opposite to “Security through obscurity” • ¿Windows is secure? • DVD protection • GSM algorithm • Wide range of potential keys**Classiccipher**• Substitution cipher • Aims to introduce confusion into the cryptosystem • Simple substitution • Polyalphabeticsubstitution • Homophonic substitution • E.g.: Caesar chiper • Transposition cipher • Aims to introduce diffusion in the cryptosystem • E.g.: Escítala • Combination • E.g.: ADFGVX**Cifrado por sustitución simple**• Sustitución simple(Ej: CifradoCésar) • Claro: GALLIA EST OMNIS DIVISA... • Clave • ABCDEFGHIJKLMNOPQRSTUVWXYZ • DEFGHIJKLMNOPQRSTUVWXYZABC • Cifrado: JDOOLD HVW RPQLV GLYLVD... • ¿Qué clave está usando? • ¿Cuántas claves posibles hay?**Simple substitutioncipher**• Caesarcipherattack • Frequencyanalysis • Charactertypicaldistribution • Bruteforce • Only25 possiblekeys**Simple substitutioncipher**• Simplesubstitution (E.g.: Kamasutra) • Clear • ENCONTREMONOS A MEDIANOCHE • Key • A D H I K M O R S U W Y Z • V X B G J C Q L N E F P T • Encrypted • USMQSZLUCQSQN V CUXGVSQMBU**Polyalphabeticsubstitutioncipher**• Polyalphabeticsubstitution • Set of simple monoalphabetic ciphers • E.g.: Alberti • Use two or more cipher alphabets, switching between them during encoding • clear: aquello • encrypted: FENFPAD Plainalphabet Encryptedalphabet 1 Encryptedalphabet 2**Polyalphabeticsubstitutioncipher**Key character • E.g.: Vigènere • clear: VIGENERE • key: CHIFFRE • encrypted: XPOJSVVG Plaincharacter Encryptedcharacter**Polyalphabeticsubstitutioncipher**• AttacktoVigènere • Kasiski test • Search words repeated in the ciphertext • Determine key length • Frequency Analysis • Problem: longer key than the ciphertext**Homophonicsubstitutioncipher**• Homophonicsubstitution • Using different symbols depending on the frequency of occurrence of letters in a language • Example • A (50%) → 1, 2, 3, 4 • B (12.5%) → 5 • C (12.5%) → 6 • D (25%) → 7, 8 • When you encrypt an A, you choose 1, 2, 3 or 4 depending on the criteria to be (random, sequential, etc.)**Homophonicsubstitutioncipher**• E.g., HomophonicsubstitutioncipherforEnglish**Transpositioncipher**• Clutter the "clear“ text • Outline • Split the“clear”text in blocks of N characters • Example, N=6: • “clear” text: WE WILL ATTACK AT DAWN • Bloques: WEWILL ATTACK ATDAWN • Choose a permutation of N elements • {1, 2, 3, 4, 5, 6} → {4, 3, 5, 1, 2, 6} • Shuffleeach block accordingtothepermutation: • IWLWEL ATCATK WAWATDN**Transpositioncipher**• E.g.: Escítala • Clear: ASI CIFRABAN CON LA ESCITALA • Encrypted: AAC SNI ICT COA INL FLA RA AE BS**Combinationcipher**• Substitution + trasposition(E.g.: ADFGVX) • Monoalphabeticsubstituation • 6x6 table • Random disposition of the 26 characters and the 10 digits • Message: Come at 10 pm**Combinationcipher**• Transpositionphase • Key word (rows) • Transpositition byalphabeticorder • Cypheredtext (bycolumns) • DDAD GXDA GVXX GDVG FXDG**Combinationcipher**• E.g.: Enigma (electromechanicdevice) • http://enigmaco.de/enigma/enigma.swf**Combinationcipher**• Rotors / modifiers (26 possible positions) • 3 rotors -> 26 x 26 x 26 = 17576 • Disposition of the rotors / modifiers • 3! = 6 • Pegbox • 6 cables, exchange 6 pairs of letters between 26 • Total multiple of keys = 3> 10,000,000,000,000,000**Symmetriccryptography**• Mainfeature característica • Keyencrypt = keydecrypt • Transmitter and receiver must hide a “shared secret” • Many drawbacks • Key Distribution • Keeping the key secret • Advantage • The process of encryption / decryption is very fast**Symmetriccryptography**• Security depends on: • Keeping the key secret • How good the algorithm is • You do not need to keep it secret • It is assumed that it is virtually impossible to decrypt a message by just knowing the algorithm**Symmetriccryptography- DES**• DES (Data Encryption Standard) • Adopted as the standard for secure communications in the U.S. in 1976 • Designed by IBM in collaboration with the NSA • Backdoor?? • Unsafe • Key Size 56 bits • Possibility to break it in 24 hours by brute force**Symmetriccryptography- DES**• Based on a mathematical mechanism known as "The Feistel Network" • Block ciphering • Basic operations transformed by N-bit plain text into N-bits ciphered text • Block = 64 bits • 64-bit key, but 8 bits are used for parity, so that the algorithm uses 56 bits**Symmetriccryptography- DES**• Basic structure DES • Entrance • Plaintext (64bits) • Key (56 bits) • Initial Permutation (IP) • 16 rounds (Feistel function) • Final Permutation (PF)**Symmetriccryptography- DES**• Feistel function • Expansion • Shuffle • Substitution • Permutation Semiblock (32 bits) Subkey (48 bits)**Symmetriccryptography– Triple DES**• Triple DES • Algorithm that performs triple DES encryption • Powered by IBM in 1998 • Standard on credit cards and other forms of electronic payment • Variants • 2 keys -> resulting key 112 bits (56 x 2) • 3 keys -> resulting key 168 bits (56 x 3)**Symmetriccryptography - AES**• AES (Advanced Encryption Standard) • Also known as Rijndael • New U.S. encryption standard in 2002 • Due to the replacement of the standard DES, the U.S. Institute of Standards (NIST) organized in 1996 the AES contest • Requirements of the new algorithm • Public • Symmetric block cipher algorithm • Variable key length (which can grow) • Easily implementable in hardware and software**Symmetriccryptography - AES**• Criteria • Strength against cryptanalysis • Computational efficiency (time) • Efficiency of implementation (memory) • Software and hardware adaptation • Simplicity of design • Flexibility • public License • Supporting 128-bit block and key sizes of 128, 192 and 256 bits**Symmetriccryptography - AES**• Variable block and key length • 128, 192, and 256 • During the encryption process, it maintains an internal status array • Based on round schemas • 9 rounds for block for 128-bit key • 11 rounds for blockfor 192bits key • 13 rounds for block for 256-bit key**Symmetriccryptography - AES**• In each round, four transformations are applied to the matrix of state • Nonlinear byte substitution, independent for each byte of the status matrix • Transposing the state rows cyclically with different offsets • Shuffling the columns based on polynomial operations • Adding the subkey of the round (of course, key expansion) using XOR**Symmetriccryptography**• FromDEStoAES: • “A Stick Figure Guide to the Advanced Encryption Standard (AES)”, byJeffMoser**Asymmetriccryptography**• In 1976, Diffie and Hellman developed a secure way to transfer a key • Two different but complementary keys • What key A encrypts, is only decrypted by key B • What key B encrypts, is only decrypted by key A • A key will be secret, and must be kept safely • The other will be public, and it should be shared for communication

More Related