Cryptography Overview

Part 1: Cryptography
Outlines:1. Basics of Cryptography 2. Attacking Cryptography 3. How secure is secure? 4. Properties of Encryption Algorithms 5. Classification of Encryption Algorithms

The Story
Before we start, let us go back to the early methods of encryption or ciphering techniques . They are based on substitution.

Notations and Basics of Cryptography

Examples of Substitution Ciphering techniques

Caesar Cipher
Earliest known substitution cipher by Julius Caesar First attested use in military affairs Replaces each letter by 3rd letter on Example:

MEET ME AFTER THE TOGA PARTY PHHW PH DIWHU WKH WRJD SDUWB

Caesar Cipher

Can define transformation as:

abcdefghijklmnopqrstuvwxyz defghijklmnopqrstuvwxyzabc

Mathematically give each letter a number Then have Caesar cipher as:
c = E(p) = (p + k) mod (26) p = D(c) = (c k) mod (26)

a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

Cryptanalysis of Caesar Cipher

Only have 26 possible ciphers A is mapped to A,B,..,Z Could simply try each in turn (a brute force search) Given ciphertext, just try all shifts of letters Dont need to recognize once we get the plaintext e.g., try to break ciphertext "GCUA VQ DTGCM"

Monoalphabetic Cipher rather than just shifting the alphabet could shuffle (jumble) the letters arbitrarily each plaintext letter maps to a different random ciphertext letter hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz Cipher: dkvqfibjwpescxhtmyauolrgzn

Plaintext: ifwewishtoreplaceletters Ciphertext: wirfrwajuhyftsdvfsfuufya

Monoalphabetic Cipher Security

There is a total of 26! = 4 x 1026 keys with so many keys, is it secure ? The answer is NO because of the language characteristics

Language Redundancy and Cryptanalysis

Human languages are redundant Letters are not equally commonly used In english E is by far the most common letter, followed by T,R,N,I,O,A,S Other letters like Z,J,K,Q,X are fairly rare Combinations of letters such th, gh, ph, ion,..Etc. There are tables of single, double & triple letter frequencies for various languages

English Letter Frequencies

Source: W. Stallings, Cryptography and Networking, 3rd ed. 2003

Use in Cryptanalysis

Key concept - monoalphabetic substitution ciphers do not change relative letter frequencies Discovered by Arabian scientists Al kindi in 9th century Calculate letter frequencies for ciphertext Compare counts/plots against known values If Caesar cipher look for common peaks/troughs peaks at: A-E-I triple, NO pair, RST triple troughs at: JK, X-Z For monoalphabetic; identify each letter Tables of common double/triple letters may help

Example Cryptanalysis

given ciphertext:(Example from W.Stalling)

UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ UTQAOVUOHXMOEVGEOTEEVSGTHATOEFEEAXUDBMETAXAIZ

count relative letter frequencies (from text) guess P & Z are e and t guess ZW is th and hence ZWP is the proceeding with trial and error finally get:
it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the Viet Cong in Moscow

Playfair Cipher

not even the large number of keys in a monoalphabetic cipher provides security one approach to improving security was to encrypt multiple letters the Playfair Cipher is an example invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair

Playfair Key Matrix

a 5X5 matrix of letters based on a keyword fill in letters of keyword (without duplicates) fill rest of matrix with other letters eg. using the keyword MONARCHY
M C E L U O H F P V N Y G Q W A B I/J S X R D K T Z

Encrypting and Decrypting

plaintext is encrypted two letters at a time 1. if a pair is a repeated letter, insert filler like 'X. E.g., Balloon,...> ba lx lo on 2. if both letters fall in the same row, replace each with letter to right (wrapping back to start from end). E.g., ar..> RM 3. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), e.g. mu ..> CM 4. otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair (hs to BP and ea to IM or JM)

Security of Playfair Cipher

security much improved over monoalphabetic since we have 26 x 26 = 676 diagrams would need a 676 entry frequency table to analyse (verses 26 for a monoalphabetic) and correspondingly more ciphertext was widely used for many years by US & British military in WW1 and WW2 it can be broken, given a few hundred letters since still has much of original language or plaintext structure

Polyalphabetic Ciphers

improve security using multiple cipher alphabets make cryptanalysis harder with more alphabets to guess and flatter frequency distribution use a key to select which alphabet is used for each letter of the message use each alphabet in turn repeat from start after end of key is reached

Vigenre Cipher

simplest polyalphabetic substitution cipher effectively multiple Caesar ciphers key is multiple letters long K = k1 k2 ... kd ith letter specifies ith alphabet to use use each alphabet in turn repeat from start after d, length of key letters in message decryption simply works in reverse

10

Example of Vigenre Cipher

write the plaintext out write the keyword repeated above it use each key letter as a Caesar cipher key encrypt the corresponding plaintext letter e.g. using keyword deceptive

Key : deceptivedeceptivedeceptive (det. Row) plaintext: wearediscoveredsaveyourself (det. Col) ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ

One-Time Pad

if a truly random key as long as the message is used, the cipher will be secure , called a One-Time pad, is unbreakable since ciphertext bears no statistical relationship to the plaintext, since for any plaintext & any ciphertext there exists a key mapping one to other, can only use the key once though, and problems in generation & safe distribution of key

11

Types of Cryptographic Alogrithms

23

Cryptographic Algorithms
The two main applications of cryptographic algorithms of principal interest are:

Data Encryption : transforms plaintext data into

ciphertext in order to conceal its meaning Data Signature: computes a check value or digital signature to a given plain- or ciphertext, that can be verified by some or all entities being able to access the signed data. Some cryptographic algorithms can be used for both purposes, some are only secure and / or efficient for one of them.
24

12

Principal categories of cryptographic algorithms:

Symmetric cryptography
Asymmetric cryptography

Cryptographic hash functions

25

Symmetric cryptography
Encryption and decryption keys are known to both communicating parties. They are usually related and it is easy to derive the decryption key once one knows the encryption key. In most cases, they are identical. All of the classical (pre-1970) cryptosystems are symmetric. Examples : DES and AES (Rijndael) A Secret should be shared (or agreed) between the communicating parties.
26

13

Asymmetric cryptography
Each user has a pair of keys which are generated together under a scheme: Private Key - known only to the owner Public Key - known to anyone in the systems with assurance Why public key cryptography ? Key Distribution and Management is difficult in Symmetric Cryptoystems (DES, 3DES, IDEA, AES(Rijndael) over large networks. No Electronic Signature with symmetric ciphers
27

Examples of Public Key Cryptosystems are: RSA Discrete Logarithm based cryptosystems. (El-Gamal) Elliptic Curve Cryptosystems

28

14

Cryptographic hash functions

using 0 keys (the key is not a separate input but appended to or mixed with the data).

29

2- Attacking Cryptography
Cryptanalysis

Cryptanalysis is the process of attempting to

discover the plaintext and / or the key.

30

15

Types of cryptanalytic attacks:

ciphertext only

Only you know the algorithm and ciphertext. Statistical can identify plaintext

Ciphertext-Only Attack
31

known plaintext

You only Know a copy of ciphertext and the corresponding plaintext. Try to deduce the key.

Known-Plaintext Attack
32

16

chosen plaintext

You have a copy of ciphertext corresponding to a copy of a selected plaintext which may be useful to deduce the key.

Chosen Plaintext Attack

33

chosen ciphertext You have a plaintext corresponding to a copy of a selected ciphertext which may be useful to deduce the key.

Chosen-ciphertext Attack
34

17

chosen text select either plaintext or ciphertext to en/decrypt to attack cipher Important directions in cryptanalysis: -Computation of discrete logarithms -Factorization of large integers

35

36

18

Attacks on protocols

Known-key attack: obtain some previous keys and use the information to get the new ones Replay: the adversary records a communication session and replays the entire session or portions of it at a later time

37

Impersonation: adversary identity of a legitimate user

assume

the

Dictionary: the attacker has a list of probable passwords, hashes them and compares with the entries in the list of true encrypted passwords hoping to get a match

38

19

3- How secure is secure?

In general, evaluating the security of a system is a crucial and most difficult task.

39

Unconditionally secure system

If the ciphertext does not contain enough information to determine uniquely the corresponding plaintext. Consequently, the attacker cannot find the plaintext regardless of how much time and computational power he has because the information is not there! Bad news: only one known system has this property: one-time pad
40

20

How secure is secure?

Contd.

Complexity-theoretic security
Consider a model of computation (e.g., Turing machine) and adversaries modeled as having polynomial computational power Consider the weakest possible assumptions and the strongest possible attacker and do worst-case or at least average-case analysis

41

Provable security

Prove that breaking the system is equivalent with solving a supposedly difficult (math) problem (e.g., from Number Theory)

Computationally secure

The (perceived) cost of breaking the system exceeds the value of the encrypted information. The (perceived) time required to break the system exceeds the useful lifetime of the information

42

21

Brute Force Attack

The brute force attack tries every possible key until it finds an intelligible plaintext: Every cryptographic algorithm can in theory be attacked by brute force On average, half of all possible keys will have to be tried

Source: W. Stallings

43

44

22

How large are these numbers?

Source : Menezes et al.

45

4- Properties of Encryption Algorithms

Consider, a sender is encrypting plaintext messages P1, P2,.. to ciphertext messages C1, C2, ... Then the following properties of the encryption algorithm are of special interest:
Error Propagation, and Synchronization.

46

23

Properties of Encryption Algorithms Ctd.

Error propagation

characterizes the effects of bit-errors during transmission of ciphertext to reconstructed plaintext P1, P2, ... Depending on the encryption algorithm there may be one or more erroneous bits in the reconstructed plaintext per erroneous ciphertext bit.

.
47

Synchronization

characterizes the effects of lost ciphertext data units to the reconstructed plaintext. Some encryption algorithms can not recover from lost ciphertext and need therefore explicit re-synchronization in case of lost messages. Other algorithms do automatically resynchronize after 0 to n (n depending on the algorithm) ciphertext bits

48

24

5- Classification of Encryption Algorithms

Encryption Algorithms can be classified according to: 1- The type of operations used for transforming plaintext to ciphertext: Substitution, which maps each element in the plaintext (bit, letter, group of bits or letters) into another element Transposition, which re-arranges elements in the plaintext 2- The number of keys used: Symmetric ciphers, which use the same key for en- / decryption. Asymmetric ciphers, which use different keys for en- / decryption.
.
49

Classification of Encryption Algorithms

ctd.

3-

The way in which the plaintext is processed:

It work on blocks of width b, where b depends on the used c algorithm

Block ciphers

Stream ciphers

It work on bit streams and encrypt one bit after another: Many stream ciphers are based on the idea of linear feedback shift registers, and there have been detected vulnerabilities of a lot of algorithms of this class, as there exists a profound mathematical theory on this subject.

50

25

6- Steganography
An alternative to encryption that : It hides existence of message using only a subset

of letters/words in a longer message marked in some way such as:

using invisible ink hiding in LSB in graphic image or sound file Its basic drawbacks high overhead to hide

relatively few info bits.

51

Cryptographic Algorithms Examples

52

26

7- Fundamental Cryptographic Applications Confidentiality

Hiding the contents of the messages exchanged in a transaction

Authentication
Ensuring that the origin of a message is correctly identified

Integrity
Ensuring that only authorized parties are able to modify computer system assets and transmitted information

Non-repudiation
Requires that neither of the authorized parties deny the aspects of a valid transaction
53

Other Cryptographic Applications

Digital Signatures: allows electronically sign (personalize) the electronic documents, messages and transactions Identification: is capable of replacing password-based identification methods with more powerful (secure) techniques. Key Establishment: To communicate a key to your correspondent (or perhaps actually mutually generate it with him) whom you have never physically met before. Secret Sharing: Distribute the parts of a secret to a group of people who can never exploit it individually. E-commerce: carry out the secure transaction over an insecure channel like Internet. E-cash Games

54

27

A final Word Almost all of the practical cryptosystems are theoretically breakable given the time and computational resources However, there is one system which is even theoretically unbreakable: One-time-pad.

55

28