Basic Cryptography Ge Zhang What is Cryptography Cryptography - PDF document

Karlstad University Basic Cryptography Ge Zhang

What is Cryptography � Cryptography � Cryptosystem: 5-tuple (M, C, E, D, K) � M: the set of plaintexts � C: the set of ciphertexts � E: M x K -> C enciphering functions � D: C x K -> M deciphering functions � K: the set of keys

Example: Caesar cipher � 00000000001111111111222222 � 01234567890123456789012345 � …ABCDEFGHIJKLMNOPQRSTUVWXYZ � M={all sequences of Roman letters} � K={i | i is an integer such that 0<=i<=25} � E=(m+k) mod 26 � D=(c-k) mod 26

Relative Frequency of Letters in English Text

Example � Break it! � WKHIDNHUDQGWKHZDONHUPHH WQHAWZHHN

Example: Vigenère cipher

Transportation cipher � Recorder the plaintext letters � Plain text: attack on tomorrow � Key: 4312567 � Same letter frequencies as the original plaintext

A taxonomy of Cryptosystems � Operations Substitution ciphers � Transposition ciphers � � Number of Keys used Symmetric � Asymmetric (public key) � � The way in which the plaintext is processed Block cipher � Stream cipher �

Attacks on Cryptosystems � Cryptanalysis � Brute-force attack: tries every possible key � Computational secure � Time � Cost

Classical Feistel Network � Block size � Key size � Number of rounds � Subkey generation algorithm � Round function (F)

The Data Encryption Standard (DES) � Block size: 64 bit � Key size: 56 bit � Subkey generation 56bit key->16x48bit � subkeys � Round time: 16 � S-boxes: 16 X 4 � Permutation rule:

Round function (F) of DES

DES-- avalanche effect � Strong avalanche effect � 2 Plaintext � 0000 0000 …. 0000 0000 � 1000 0000 …. 0000 0000 � Encrypted with the same key, 34 bits different � Input 1.5% difference � Output 53% difference

Weakness of DES � Design in 1970s � 56 bit key: 2 56 = 7.2 X 10 16 � Brute force � 1142 years, 1 decryption/us � 10 hrs, 10 6 decryptions/us

Triple DES

Asymmetric Key Cryptography � The problems of symmetric key? � Asymmetric Key Cryptography � Private/secret key � Public key � RSA algorithm

Asymmetric Key Cryptography

The RSA algorithm each user generates a public/private key pair by: � selecting two large primes at random - p,q � computing n=p.q � -define ø(n)=(p-1)(q-1) selecting at random the encryption key e � where 1< e<ø(n), gcd(e,ø(n))=1 � solve following equation to find decryption key d � ed mod ø(n)= 1 and 0 ≤ d ≤ n � publish their public encryption key: PU={e,n} � keep secret private decryption key: PR={d,n} �

The RSA algorithm � to encrypt a message M the sender: � obtains public key of recipient PU={e,n} � computes: C = M e mod n , where 0 ≤ M<n � to decrypt the ciphertext C the owner: � uses their private key PR={d,n} � computes: M = C d mod n

Public-Key Applications � can classify uses into 3 categories: � encryption/decryption (provide confidentiality) � digital signatures (provide authentication) � key exchange (of session keys)

Message Authentication � message authentication is concerned with: � protecting the integrity of a message � validating identity of originator � then two alternative functions used: � hash function � message authentication code (MAC)

Hash Functions � a Hash Function produces a digest of some file/message/data h = H(M) � Input a variable-length message M � output a fixed-sized digest h � usually assume that the hash function is public and not keyed � Usage of hash:

Requirements for Hash Functions produces fixed-length output h 1. is easy to compute h=H(M) for any message M 2. given h is infeasible to find x s.t. H(x)=h 3. one-way property • given x is infeasible to find y s.t . H(y)=H(x) 4. weak collision resistance • is infeasible to find any x,y s.t . H(y)=H(x) 5. strong collision resistance •

Pigeonhole principle

Message Authentication Code (MAC) Keyed hash � � depending on both message and some key � like encryption though need not be reversible appended to message as a signature � receiver performs same computation on � message and checks it matches the MAC provides assurance that message is unaltered � and comes from sender

Questions

� Secure communication Lab assignment

Blowfish � characteristics fast � Less memory � Easy to implement � varying key size � Allows tuning for � speed/security tradeoff

Blowfish Key Schedule � Block size either 64 bit or 128 bit � uses a 32 to 448 bit key � 16 rounds � Subkey generation � Round function

Initialize s-boxes and p-arrays � Initialize subkeys before en(de)crypting � Update: � P-array � S-boxes

Algorithm of blowfish

Blowfish Encryption � uses two primitives: addition & XOR � data is divided into two 32-bit halves L 0 & R 0 for i = 1 to 16 do R i = L i-1 XOR P i ; L i = F[ R i ] XOR R i-1 ; L 17 = R 16 XOR P 18 ; R 17 = L 16 XOR i 17 ; � where F[ a , b , c , d ] = ((S 1, a + S 2,b ) XOR S 3,c ) + S 4, a Break 32-bit R i into (a,b,c,d)

F function

Diffie-Hellman Algorithm

Global Public Elements � q: Prime number � α : α < q and α is a primitive root of q � What is a primitive root of Prime number q ? � One whose power modulo q generate all the integers from 1 to q -1

User A Key Generation � Select private X A X A < q Y A = α X � Calculate public Y A A mod q

User B Key Generation � Select private X B X B < q Y B = α X � Calculate public Y B B mod q

Diffie-Hellman Key Exchange

Diffie-Hellman Key Exchange � X A -> Y A : Y A = α X A mod q � Y A -> X A : X A = d log α ,q (Y A ) � Discrete logarithm

Notice � To simplify, we use fixed Global Public Elements q = 353, α = 3. � The session key for blowfish should be with 64 bit length. (Depends on your own design) � Deadline: 20 th Dec 2009.