1 / 57

Cryptography

Cryptography. History – Of Cryptography. Pen and Paper Cryptography 2000 B.C. – 1750 AD Examples: Caesar Vigenère Mechanical cipher machines 1750- 1950 Confederate Army ’ s Cipher Disk Japanese Red and Purple Machines German Enigma Modern Computer Cryptography

xander-riddle
Télécharger la présentation

Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptography

  2. History – Of Cryptography • Pen and Paper Cryptography 2000 B.C. – 1750 AD • Examples: Caesar Vigenère • Mechanical cipher machines 1750- 1950 • Confederate Army’s Cipher Disk • Japanese Red and Purple Machines • German Enigma • Modern Computer Cryptography • DES, Rijndael / AES, RSA, ECC, Chameleon,

  3. Crypto Vocabulary Plaintext – A message in its natural format readable by an attacker Ciphertext – Message altered to be unreadable by anyone except the intended recipients Key – Sequence that controls the operation and behavior of the cryptographic algorithm Keyspace– Total number of possible values of keys in a crypto algorithm

  4. Crypto Vocabulary 2 Initialization Vector – Random values used with ciphers to ensure no patterns are created during encryption Cryptosystem – The combination of algorithm, key, and key management functions used to perform cryptographic operations

  5. Cryptosystem Services • Confidentiality • Integrity • Authenticity • Nonrepudiation • Access Control

  6. Types of Cryptography • Asymmetric, and Symmetric • Stream-based Ciphers • Mixes plaintext with key stream • Good for real-time services • Block Ciphers • Substitution and transposition

  7. Encryption Systems • Substitution Cipher • Convert one letter to another • Cryptoquip • Transposition Cipher • Change position of letter in text • Word Jumble • Monoalphabetic Cipher • Caesar

  8. Encryption Systems Polyalphabetic Cipher Vigenère Modular Mathematics Running Key Cipher One-time Pads Randomly generated keys 8

  9. Steganography • Hiding a message within another medium, such as an image • Example • Modify color map of JPEG image • Image of Snowden’s Girlfriend Lindsey Mills that contains encoded Information that is still unknown

  10. Cryptographic Methods • Symmetric • Same key for encryption and decryption • Key distribution problem • Asymmetric • Mathematically related key pairs for encryption and decryption • Public and private keys

  11. Cryptographic Methods • Hybrid • Combines strengths of both methods • Asymmetric distributes symmetric key • Also known as a session key • Symmetric provides bulk encryption • Example: • SSL negotiates a hybrid method

  12. Attributes of Strong Encryption • Confusion • Change key values each round • Performed through substitution • Complicates plaintext/key relationship • Diffusion • Change location of plaintext in ciphertext • Done through transposition

  13. Symmetric Algorithms • DES • 3DES • AES (ECB, CBC, TXC,) • RC4, RC5 • IDEA • Blowfish, TwoFish • Chameleon

  14. E, D: cipher k: secret key (e.g., 128 bits) m, c: plaintext, ciphertextn: nonce (aka IV) Symmetric Encryption Alice Bob m, n D(k,c,n)=m E c, n D E(k,m,n)=c k k

  15. 0 1 1 1 1 0 0 0 0 1 0 1 0 1 1 1 0 1 0 1 1 0 0 0 0 1 1 0 0 0 First example: One Time Pad (single use key) • Vernam (1917) • Shannon ‘49: • OTP is “secure” against ciphertext-only attacks Key:  Plaintext: Ciphertext:

  16. Stream ciphers (single use key) Problem: OTP key is as long the message Solution: Pseudo random key -- stream ciphers Stream ciphers: RC4 (113MB/sec) , SEAL (293MB/sec) key c  PRBG(k)  m PRBG  message ciphertext

  17. One time key !! “Two time pad” is insecure: C1 m1  PRBG(k) C2 m2  PRBG(k) Eavesdropper does: C1  C2  m1  m2 Enough redundant information in English that: m1  m2  m1 , m2 Dangers in using stream ciphers

  18. E, D: cipher k: secret key (e.g., 128 bits) m, c: plaintext, ciphertext n: nonce (aka IV) Symmetric encryption: nonce (IV) nonce Alice Bob m, n D(k,c,n)=m E c, n D E(k,m,n)=c k k

  19. Use Cases • Single use key: (one time key) • Key is only used to encrypt one message • encrypted email: new key generated for every email • No need for nonce (set to 0) • Multi use key: • Key used to encrypt multiple messages • SSL: same key used to encrypt many packets • Need either unique nonce or random nonce • Multi use key, but all plaintexts are distinct: • Can eliminate nonce (use 0) using special mode (SIV)

  20. Block ciphers: crypto work horse n Bits n Bits E, D PT Block CT Block Key k Bits • Canonical examples: • 3DES: n= 64 bits, k = 168 bits • AES: n=128 bits, k = 128, 192, 256 bits • IV handled as part of PT block

  21. mL mR mR  mLF(k,mR) Building a block cipher Input: (m, k) Repeat simple mixing operation several times  DES: Repeat 16 times:  AES-128: Mixing step repeated 10 times Difficult to design: must resist subtle attacks  differential attacks, linear attacks, brute-force, …

  22. Block Ciphers Built by Iteration key k R(k,m): round function for DES (n=16), for AES (n=10) key expansion k1 k2 k3 kn m c R(k1, ) R(k2, ) R(k3, ) R(kn, )

  23. Incorrect use of block ciphers • Electronic Code Book (ECB): • Problem: • if m1=m2 then c1=c2 PT: m1 m2 c2 c1 CT:

  24. AES

  25. AES

  26. AES

  27. Chameleon

  28. Asymmetric Algorithms • Diffie-Hellman • RSA • Elliptic Curve Cryptography (ECC)

  29. Answer in polynomial space may need exhaustive search If yes, can guess and check in polynomial time Answer in polynomial time, with high probability Answer in polynomial time compute answer directly Complexity Classes hard PSpace NP BPP P easy

  30. Example: RSA • Arithmetic modulo pq • Generate secret primes p, q • Generate secret numbers a, b with xab  x mod pq • Public encryption key n, a • Encrypt(n, a, x) = xa mod n • Private decryption key n, b • Decrypt(n, b, y) = yb mod n • Main properties • This appears to be a “trapdoor permutation” • Cannot compute b from n,a • Apparently, need to factor n = pq n

  31. Why RSA works (quick sketch) • Let p, q be two distinct primes and let n=p*q • Encryption, decryption based on group Zn* • For n=p*q, order (n) = (p-1)*(q-1) • Proof: (p-1)*(q-1) = p*q - p - q + 1 • Key pair: a, b with ab  1 mod (n) • Encrypt(x) = xa mod n • Decrypt(y) = yb mod n • Since ab  1 mod (n), have xab  x mod n • Proof: if gcd(x,n) = 1, then by general group theory, otherwise use “Chinese remainder theorem”.

  32. Textbook RSA is insecure • What if message is from a small set (yes/no)? • Can build table • What if I want to outbid you in secret auction? • I take your encrypted bid c and submit c (101/100)e mod n • What if there’s some protocol in which I can learn other message decryptions?

  33. 00..0 01 Message rand. H + G + Plaintext to encrypt with RSA OAEP [BR94, Shoup ’01] Preprocess message for RSA • If RSA is trapdoor permutation, then this is chosen-ciphertext secure (if H,G “random oracles”) • In practice: use SHA-1 or MD5 for H and G Check padon decryption.Reject CT if invalid. {0,1}n-1

  34. Digital Signatures • Public-key encryption • Alice publishes encryption key • Anyone can send encrypted message • Only Alice can decrypt messages with this key • Digital signature scheme • Alice publishes key for verifying signatures • Anyone can check a message signed by Alice • Only Alice can send signed messages

  35. Properties of signatures • Functions to sign and verify • Sign(Key-1, message) • Verify(Key, x, m) = • Resists forgery • Cannot compute Sign(Key-1, m) from m and Key • Resists existential forgery: given Key, cannot produce Sign(Key-1, m) for any random or arbitrary m • true if x = Sign(Key-1, m) • false otherwise

  36. RSA Signature Scheme • Publish decryption instead of encryption key • Alice publishes decryption key • Anyone can decrypt a message encrypted by Alice • Only Alice can send encrypt messages • In more detail, • Alice generates primes p, q and key pair a, b • Sign(x) = xa mod n • Verify(y) = yb mod n • Since ab  1 mod (n), have xab  x mod n Generally, sign hash of message instead of full plaintext

  37. Public-Key Infrastructure (PKI) • Anyone can send Bob a secret message • Provided they know Bob’s public key • How do we know a key belongs to Bob? • If imposter substitutes another key, can read Bob’s mail • One solution: PKI • Trusted root authority (VeriSign, IBM, United Nations) • Everyone must know the verification key of root authority • Check your browser; there are hundreds!! • Root authority can sign certificates • Certificates identify others, including other authorities • Leads to certificate chains

  38. Public-Key Infrastructure Known public signature verification key Ka Certificate Authority Certificate Sign(Ka-1, Ks) Ka Ks Sign(Ka-1, Ks), Sign(Ks, msg) Client Server Server certificate can be verified by any client that has CA key Ka Certificate authority is “off line”

  39. Hashing Algorithms • MD5 • Computes 128-bit hash value • Widely used for file integrity checking • SHA-1 • Computes 160-bit hash value • NIST approved message digest algorithm • SHA-256

  40. Birthday Attack • Collisions • Two messages with the same hash value • Based on the “birthday paradox” • Hash algorithms should be resistant to this attack

  41. Message Authentication Codes • Small block of data generated with a secret key and appended to a message • HMAC (RFC 2104) • Uses hash instead of cipher for speed • Used in SSL/TLS and IPSec

  42. Digital Signatures • Hash of message encrypted with private key • Digital Signature Standard (DSS) • DSA/RSA/ECD-SA plus SHA • DSS provides • Sender authentication • Verification of message integrity • Nonrepudiation

  43. Encryption Management • Key Distribution Center (KDC) • Uses master keys to issue session keys • Example: Kerberos • ANSI X9.17 • Used by financial institutions • Hierarchical set of keys • Higher levels used to distribute lower

  44. Public Key Infrastructure • All components needed to enable secure communication • Policies and Procedures • Keys and Algorithms • Software and Data Formats • Assures identity to users • Provides key management features

  45. PKI Components • Digital Certificates • Contains identity and verification info • Certificate Authorities • Trusted entity that issues certificates • Registration Authorities • Verifies identity for certificate requests • Certificate Revocation List (CRL)

  46. PKI Cross Certification • Process to establish a trust relationship between CAs • Allows each CA to validate certificates issued by the other CA • Used in large organizations or business partnerships

  47. Cryptanalysis • The study of methods to break cryptosystems • Often targeted at obtaining a key • Attacks may be passive or active

  48. Cryptanalysis • Kerckhoff’s Principle • The only secrecy involved with a cryptosystem should be the key • Cryptosystem Strength • How hard is it to determine the secret associated with the system?

  49. Cryptanalysis Attacks • Brute force • Trying all key values in the keyspace • Frequency Analysis • Guess values based on frequency of occurrence • Dictionary Attack • Find plaintext based on common words

  50. Cryptanalysis Attacks (statistical) • WORD COUNT PERCENT bar graph • the 53.10 B 7.14% the • of 30.97 B 4.16% of • and 22.63 B 3.04% and • to 19.35 B 2.60% to • in 16.89 B 2.27% in • a 15.31 B 2.06% a • is 8.38 B 1.13% is • that 8.00 B 1.08% that • for 6.55 B 0.88% for LET COUNT PERCENT bar graph E 445.2 B 12.49% E T 330.5 B 9.28% T A 286.5 B 8.04% A O 272.3 B 7.64% O I 269.7 B 7.57% I N 257.8 B 7.23% N S 232.1 B 6.51% S R 223.8 B 6.28% R H 180.1 B 5.05% H L 145.0 B 4.07% L D 136.0 B 3.82% D C 119.2 B 3.34% C U 97.3 B 2.73% U M 89.5 B 2.51% M F 85.6 B 2.40% F P 76.1 B 2.14% P

More Related