Summary � Substitution ciphers � Permutations ���������������������������� � Making good ciphers � Data Encryption Standard (DES) �������������������� � Advanced Encryption Standard (AES) ��������������������������� ������������� �������������������������������������������������� ��������������������������������� � 2 Basic Terminology & Notation Terminology and Background Threats to Messages � Cryptology: � Interception � cryptography + cryptanalysis � Interruption � Cryptography: � Blocking msgs � art/science of keeping message secure � Modification � Cryptanalysis: � Fabrication � art/science of breaking ciphertext � ��� �� in world war II “ ������������������������������������ � Read the real story – not fabrications! ���������������� ��������������������� [cf. B. Endicott�Popovsky, U. 3 4 Washington] Basic Terminology & Notation Basic Terminology & Notation � Security � Cryptography � Confidentiality � Confidentiality � Integrity (Data Authentication) � Integrity (Data Authentication) � User Authentication (Data Origin Authentication) � User Authentication (Data Origin Authentication) � None4Repudiation � None4Repudiation � Availability � Access Control 5 6 �
Benefits of Cryptography Basic Cryptographic Scheme � Improvement not a Solution! original ������ !"� #����� !"� � Minimizes problems plaintext ciphertext plaintext ���"#!�$ #��"#!�$ � Doesn’t solve them P ���!�%��!�$ C #��!�%��!�$ P � Remember: There is �� solution! � # � Adds an envelope (encoding) to an open postcard • P = <p 1 , p 2 , ..., p n > p i = i�th char of P (plaintext or cleartext) – P = “DO NOT TELL ANYBODY” p 1 = „D”, p 2 = „O”, etc. – By convention, cleartext in uppercase • C = <c 1 , c 2 , ..., c n > c i = i�th char of C – C = “ep opu ufmm bozcpez” c 1 = „e”, c 2 = „p”, etc. – By convention, ciphertext in lowercase [cf. D. Frincke, U. of Idaho] 7 8 Formal Notation Cryptography in Practice • Sending a secure message original ������ !"� #����� !"� plaintext ciphertext plaintext ���"#!�$ #��"#!�$ ������ !"� P C P ���!�%��!�$ #��!�%��!�$ plaintext ciphertext hostile ���"#!�$ � # environment P ���!�%��!�$ C Error � • C = E(P) E – encryption rule/algorithm Interception Interruption • P = D(C) D – decryption rule/algorithm • Receiving a secure message • We need a cryptosystem, where: original #����� !"� ciphertext plaintext – P = D(C)= D(E(P)) hostile #��"#!�$ • i.e., able to get the original message back environment #��!�%��!�$ C P # 9 10 Classification of Cryptosystems w.r.t. Crypto System with Keys Keys Encryption Decryption K E K D Key � Keyless cryptosystems exist (e.g., Caesar’s cipher) Key � Less secure P C P E D � Symmetric cryptosystems: K E = K D � Classic • C = E(K E , P) � Encipher and decipher using the same key – E = set of encryption algorithms / K E selects E i ∈ E Or one key is easily derived from other � • P = D(K D , C) � Asymmetric cryptosystems: K E ≠ K D – D = set of decryption algorithms / K D selects D j ∈ D � Public key system • Crypto algorithms and keys like door locks and keys � Encipher and decipher using different keys • We need: P = D(K D , E(K E , P)) Computationally infeasible to derive one from other � [cf. B. Endicott�Popovsky, U. 11 12 Washington] �
Cryptanalysis (1) Cryptanalysis (2) � Information for cryptanalysts: � Cryptanalysts goals: � Intercepted encrypted msgs � Break a single msg � Known encryption algorithms � Recognize patterns in encrypted msgs, to be able to � Intercepted plaintext break the subsequent ones � Data known or suspected to be ciphertext � Infer meaning w/o breaking encryption � Math or statistical tools and techniques Unusual volume of msgs between enemy troops may indicate a � � Properties of natural languages coming attack Busiest node may be enemy headquarters Esp. adversary’s natural language � � � Deduce the key, to facilitate breaking subsequent msgs � To confuse the enemy, Americans used Navajo language in WW2 � Propertiers of computer systems � Find vulnerabilities in implementation or environment of an encryption algorithm � Role of ingenuity / luck � Find a general weakness in an encryption algorithm � There are �� rules!!! 13 14 Breakable Encryption (1) Breakable Encryption (2) � Example: Breakability of an encryption algorithm � Breakable encryption Msg with just 25 characters � ������������� , it is possible to devise unbreakable � 26 25 possible decryptions ~ 10 35 decryptions cryptosystems � Based on Shannon’s theory of information � Only one is the right one � Brute force approach to find the right one: � !�������� cryptosystems almost always are At 10 10 (10 bln) decryption/sec => 10 35 / 10 10 = 10 16 sec = 10 bln breakable, given adequate time and computing � yrs ! power Infeasible with current technology � � The trick is to make breaking a cryptosystem hard � Be smarter – use ingenuity enough for the intruder � Could reduce 26 25 to, say, 10 15 decryptions to check [cf. J. Leiwo, VU, NL] At 10 10 decr./sec => 10 15 / 10 10 = 10 5 sec = ~ 1 day 15 16 Representing Characters Basic Types of Ciphers • Letters (uppercase only) represented by numbers 0�25 • Substitution ciphers (modulo 26). – Letters of P replaced with other letters by E �������������������� • Transposition (permutation) ciphers �������������������� – Order of letters in P rearranged by E • Operations on letters: • Product ciphers ��������� (circular!) ��������� – E “=” E 1 “+” E 2 “+” ... “+” E n ��� • Combine two or more ciphers to enhance the security of the cryptosystem 17 18 �
Substitution Ciphers ������������������$%& � c i =E(p i )=p i +3 mod 26 ( 26 letters in the English alphabet) Change each letter to the third letter following it (circularly) A � D, B � E, ... X � A, Y � B, Z � C • ��������������������� – ����������� ���!���� "��� ������!������� � Can represent as a permutation π : π (i) = i+3 mod 26 ���# π (0)=3, π (1)=4, ..., π (23)=26 mod 26=0, π (24)=1, π (25)=2 � Key = 3, or key = ‘D’ (because D represents 3) 19 �� ������������������$'& (����)����� ������������������� � Example � Exhaustive search [cf. B. Endicott�Popovsky] � P (plaintext): HELLO WORLD � If the key space is small enough, try all possible keys until you find the right one � C (ciphertext): khoor zruog � Cæsar cipher has 26 possible keys from A to Z OR: from 0 to 25 � Caesar Cipher is a monoalphabetic substitution � Statistical analysis (attack) cipher (= simple substitution cipher) One key is used � Compare to so called 1�gram (unigram) model of English One letter substitutes the letter in P � It shows frequency of (single) characters in English � The longer the C, the more effective statistical analysis would be [cf. Barbara Endicott�Popovsky, U. Washington] �� �� %������ $��������&�����#��!��� ����������!�(����)�* �����% � Compute frequency f(c) of each letter c in a 0.080 h 0.060 n 0.070 t 0.090 ciphertext b 0.015 i 0.065 o 0.080 u 0.030 � Example: c = ‘khoor zruog’ c 0.030 j 0.005 p 0.020 v 0.010 � 10 characters: 3 * ‘o’, 2 * ‘r’, 1 * {k, h, z, u, g} � f(c): d 0.040 k 0.005 q 0.002 w 0.015 f(g)=0.1 f(h)=0.1 f(k)=0.1 f(o)=0.3 f(r)= 0.2 e 0.130 l 0.035 r 0.065 x 0.005 f(u)=0.1 f(z)=0.1 f(c i ) = 0 for any other c i f 0.020 m 0.030 s 0.060 y 0.020 � Apply 1�gram model of English g 0.015 z 0.002 � Frequency of (single) characters in English � 1�grams on previous slide [cf. Barbara Endicott�Popovsky, U. Washington] [cf. Barbara Endicott�Popovsky, U. Washington] �� �� �
Recommend
More recommend
