Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Chapter 2
Elementary Cryptography
Chapter 2
In this chapter
Concepts of encryption
Cryptanalysis: how encryption systems are
"broken"
Symmetric (secret key) encryption and the DES
and AES algorithms
Asymmetric (public key) encryption and the RSA
algorithm
Key exchange protocols and certificates
Digital signatures
Cryptographic hash functions
Chapter 2
Cryptography
Chapter 2
from a sender, S
to a recipient, R
If S entrusts the message to T, who then delivers it to
R, T then becomes the transmission medium.
If an outsider, O, wants to access the message (to
read, change, or even destroy it), we call O an
interceptor or intruder.
Encryption is a means of maintaining secure data in
an insecure environment.
Chapter 2
Terminology
Encryption is the process of encoding a
message so that its meaning is not obvious
Decryption is the reverse process, transforming
an encrypted message back into its normal,
original form.
Alternatively, the terms encode and decode or
encipher and decipher are used instead of
encrypt and decrypt
A system for encryption and decryption is called
a cryptosystem.
Chapter 2
Terminology
The original form of a message is known as
plaintext, and the encrypted form is called
ciphertext.
Chapter 2
Terminology
The original form of a message is known as
plaintext, and the encrypted form is called
ciphertext.
Chapter 2
Terminology
Chapter 2
Encryption Algorithms
The cryptosystem involves a set of rules for how
to encrypt the plaintext and how to decrypt the
ciphertext.
The encryption and decryption rules, called
algorithms, often use a device called a key,
denoted by K, so that the resulting ciphertext
depends on the original plaintext message, the
algorithm, and the key value.
C = E(K, P)
Chapter 2
Encryption Algorithms
It would be very expensive for you to contract with
someone to invent and make a lock just for your house.
10
Chapter 2
Encryption Algorithms
11
Chapter 2
Encryption Algorithms
12
Chapter 2
cryptology
13
Chapter 2
cryptology
14
Chapter 2
Cryptanalysis
A cryptanalyst's chore is to break an encryption.
15
Chapter 2
16
Chapter 2
17
Chapter 2
18
Chapter 2
Attack models
Attack models for the cryptanalysis
Ciphertext-only:
Known-plaintext
is an attack model for cryptanalysis where the attacker has samples of both
the plaintext and its encrypted version (ciphertext). These can be used to
reveal further secret information such as secret keys.
Chosen-plaintext
is an attack model for cryptanalysis which presumes that the attacker has the
capability to choose arbitrary plaintexts to be encrypted and obtain the
corresponding ciphertexts.[1] The goal of the attack is to gain some further
information which reduces the security of the encryption scheme.
19
Chapter 2
Breakable Encryption
An encryption algorithm is called breakable
when, given enough time and data, an analyst
can determine the algorithm.
Infeasible to compute
20
Chapter 2
Breakable Encryption
Chapter 2
Representing Characters
We begin with the encryption of messages
written in the standard 26-letter Englishalphabet, A through Z.
22
Chapter 2
Representing Characters
23
Chapter 2
Substitution Ciphers
The Caesar Cipher
ci = E(pi) = pi + 3
TREATY IMPOSSIBLE
would be encoded as
T R E AT Y I M P O S S I B LE
wuhd wb l p s r vvl eo h
24
Chapter 2
25
Chapter 2
two very common three-letter words having the pattern xyy are see and too.
other less common possibilities are add, odd, and off
26
Chapter 2
The OT could be cot, dot, got, hot, lot, not, pot, rot, or tot; a likely choice is not.
Unfortunately, q = N does not give any more clues because q appears only once
in this sample.
The word lv is also the end of the word wklv, which probably starts with T.
Likely two-letter words that can also end a longer word include so, is, in, etc.
By now, you might notice that the ciphertext letters uncovered are just three
positions away from their plaintext counterparts.
27
Chapter 2
28
Chapter 2
Other Substitutions
29
Chapter 2
Other Substitutions
30
Chapter 2
31
Chapter 2
32
Chapter 2
33
Chapter 2
One-Time Pads
34
Chapter 2
One-Time Pads
key
Plaintext
ciphertext
35
Chapter 2
Transpositions (Permutations)
36
Chapter 2
Columnar Transpositions
rearrangement of the characters of the plaintext
into columns
The following set of characters is a five-column
transposition.
37
Chapter 2
Columnar Transpositions
38
Chapter 2
Encipherment/Decipherment Complexity
39
Chapter 2
Letter pairs such as -re-, -th-, -en-, and -ed- appear very
frequently.
40
Chapter 2
41
Chapter 2
42
Chapter 2
Combinations of Approaches
43
Chapter 2
44
Chapter 2
45
Chapter 2
46
Chapter 2
One error early in the process should not throw off the entire
remaining ciphertext
For example, dropping one letter in a columnar transposition
throws off the entire remaining encipherment
47
Chapter 2
48
Chapter 2
A and B share a secret key, and they can both encrypt information to send to
the other as well as decrypt information from the other
49
Chapter 2
50
Chapter 2
51
Chapter 2
52
Chapter 2
53
Chapter 2
Confusion
Diffusion: distributing the information from single
plaintext letters over the entire output
54
Chapter 2
1976
intended for use by the general public
accepted as a cryptographic standard both in the
United States and abroad
many hardware and software systems have been
designed with the DES
However, recently its adequacy has been questioned
55
Chapter 2
Overview
in fact it is only 56-bit (the other bits are used to check digits)
56
Chapter 2
57
Chapter 2
58
Chapter 2
DES (Cont.)
Types of Permutations.
59
Chapter 2
DES (Cont.)
Details of a Cycle.
60
Chapter 2
DES (Cont. )
61
the DES 56-bit key length is not long enough for some
people to feel comfortable
Chapter 2
62
Chapter 2
63
Chapter 2
64
Chapter 2
65
Chapter 2
66
Chapter 2
P = E(D(P)) = D(E(P))
67
Chapter 2
68
Chapter 2
RSA Example
Choose p = 3 and q = 11
Compute n = p * q = 3 * 11 = 33
Compute (n) = (p - 1) * (q - 1) = 2 * 10 = 20
1 is included
Choose e such that 1 < e < (n) and e and n are co-prime. Let e = 7
Compute a value for d such that (d * e) % (n) = 1. One solution is d
= 3 [(3 * 7) % 20 = 1]
Public key is (e, n) => (7, 33)
Private key is (d, n) => (3, 33)
The encryption of m = 2 is c = 27 % 33 = 29
The decryption of c = 29 is m = 293 % 33 = 2
69
Chapter 2
70
Chapter 2
71
Chapter 2
72
Chapter 2
73
Chapter 2
http://md5-hash-online.waraxe.us
http://sha1-hash-online.waraxe.us/
For SHA, the attack is to find two plaintexts that produce the
same hash digest (collision)
263 steps, far short of the 280 steps that would be expected of a 160-bit
hash function
74
Chapter 2
Birthday Attack
In probability theory, the birthday problem or birthday paradox
concerns the probability that, in a set of n randomly chosen people,
some pair of them will have the same birthday.
By the pigeonhole principle, the probability reaches 100% when the
number of people reaches 367 (since there are 366 possible
birthdays, including February 29).
However, 99% probability is reached with just 57 people, and 50%
probability with 23 people.
These conclusions are based on the assumption that each day of
the year (except February 29) is equally probable for a birthday.
The mathematics behind this problem led to a well-known
cryptographic attack called the birthday attack, which uses this
probabilistic model to reduce the complexity of cracking a hash
function.
75
Chapter 2
Birthday Attack
76
Chapter 2
Key Exchange
We talk about symmetric keys here
The problem is almost circular: To establish an
encrypted session, you need an encrypted
means to exchange keys.
77
Chapter 2
Key Exchange
kPRIV-S, kPUB-S, kPRIV-R, and kPUB-R, are the private and public keys
for S and R, respectively
S chooses any symmetric key K
S sends E(kPRIV-S,K) to R
R takes S's public key, removes the encryption, and obtains K
Ooops, any eavesdropper who can get S's public key can also obtain K
Ooops, R has no assurance that K came from S
78
Chapter 2
Key Exchange
79
Chapter 2
Key Exchange
Another key exchange approach
http://dkerr.home.mindspring.com/diffie_hellman_calc.html
Diffie-Hellman, however, does NOT provide authentication
You can not be sure if you are talking to the right person
80
Chapter 2
Digital Signatures
81
Chapter 2
Digital Signatures
Two conditions
It must be unforgeable:
82
Chapter 2
Digital Signatures
83
Chapter 2
Digital Signatures
84
Chapter 2
Digital Signatures
Public Key Protocol
85
Chapter 2
Certificates
A public key and user's identity are bound together in a
certificate, which is then signed by someone called a
certificate authority, certifying the accuracy of the
binding.
86
Chapter 2
Certificates
87
Chapter 2
Certificates
88
Chapter 2
Certificates
89
Chapter 2
Certificates
90
Chapter 2
Certificates
Certification Authorities
91