Post on 23-Dec-2015
© Yingjiu Li 2007 2
Treasure Hunter’s Parchment
• “53‡‡†305))6*;4826)4‡);806*;48†8 ¶60))85;I‡(;:‡*8†83(88)5*†;46(;88*96 *?;8)*‡(;485);5*†2:*‡(;4956*2(5*-4)8 ¶8*;4069285);)6†8)4‡‡;I(‡9;48081;8:8‡ I;48†85;4)485†528806*81(‡9;48;(88;4 (‡?34;48)4‡;161;:188;‡?;”
© Yingjiu Li 2007 3
Confidentiality• How to protect message from adversary?
Bob Alice
Mallory
The secret is…
plaintext
© Yingjiu Li 2007 4
Cryptography• Use a language that only Alice and Bob can
understand
Bob Alice
Mallory
Nz dsfejr dbse ovncds jt…
ciphertext
© Yingjiu Li 2007 5
Concepts• Cryptography – hidden writing
• Encryption – encode or encipher• Decryption – decode or decipher
• Cryptosystem – a system for encryption and decryption
• Cryptographer – anyone who invents encryption algorithms• Cryptanalyst – anyone who attempts to break encryption
algorithms
• Cryptology – research of encryption and decryption, including both cryptography and cryptanalysis
© Yingjiu Li 2007 6
Cryptosystem
• Algorithms with a parameter – key K
Encryption Algorithm E
Decryption Algorithm D
Plaintext Ciphertext Plaintext
P PC
© Yingjiu Li 2007 8
Encryption• Encryption
– Input: plaintext and key
– Output: ciphertext
EncryptionFunction
Plaintext
© Yingjiu Li 2007 9
Decryption• Decryption
– Input: ciphertext and a key
– Output: original plaintext
DecryptionFunction
Plaintext
© Yingjiu Li 2007 10
Symmetric Cryptosystem
• C=E(P,K)• P=D(C,K)
Encryption Algorithm E
Decryption Algorithm D
Plaintext Ciphertext Plaintext
P PC
K KSecret channel
© Yingjiu Li 2007 11
Cryptanalysis (Attacks)• Cryptanalyst (Mallory)
– E and D are public
– Given ciphertext, find plaintext
– What else Mallory knows?
Ciphertext only Mallory knows ciphertext only
Known plaintext
Mallory happens to know some plaintext-ciphertext pairs
Chosen plaintext
Mallory knows some plaintext-ciphertext pairs for selected plaintext
Chosen ciphertext
Mallory knows some plaintext-ciphertext pairs for selected ciphertext
© Yingjiu Li 2007 12
Classical Ciphers
• Caesar cipher
• Vigenére cipher
• Zimmerman cipher
• Vernam cipher
© Yingjiu Li 2007 14
Discussion• Follow me with CrypTool• Observation:
– The break between two words is preserved
– Repeated letters are mapped to repeated letters
• Decrypt the following Caesar cipher– Wklv phvvdjh lv qrw wrr kdug wr euhdn
– Hints: Observe the following patterns• Wrr, wr
• Wklv, lv
© Yingjiu Li 2007 15
“Unbreakable” cipher: Vigenére Tableau
– Same letters are not mapped to the same letters– Encrypt
• Keyword: hothot (repeat: row)
• Plaintext: attack (column)
• ciphertext: hhmhqd
– Decrypt• Keyword: hothot (repeat: column)
• Ciphertext: hhmhqd (from that column find c letter)
• Plaintext: attack (the index of row)
© Yingjiu Li 2007 18
Codebook/Zimmermann Cipher
• A codebook is literally a dictionary-like book containing words and their corresponding codewords.
• Zimmerman Telegram Februar 13605
fest 13732
finanzielle 13850
folgender 13918
Frieden 17142
Friedenschluss 17149
• What is the key? • Compare it with Vigenére cipher w.r.t key size
• How secure is Zimmermann cipher?
© Yingjiu Li 2007 21
Vernam Cipher• The only unbreakable stream cipher
– K: a long, non-repeating sequence of random numbers
Exclusive OR Exclusive ORPlaintext Ciphertext Plaintext
P PC
K KSecret channel
1 0 =1; 0 1=1
0 0 =0; 1 1=0
© Yingjiu Li 2007 22
Vernam Cipher
• An example of Vernam Cipher– Alice:
– Bob:
1 0 =1; 0 1=1
0 0 =0; 1 1=0
P: 100 010 111 011 110 001…
K: 010 011 101 101 010 111…
C: 110 001 010 110 100 110…
P: 100 010 111 011 110 001…
K: 010 011 101 101 010 111…
C: 110 001 010 110 100 110…
© Yingjiu Li 2007 24
Modern Ciphers
• Basic ideas: confusion and diffusion
• Combinations
• Evaluation
© Yingjiu Li 2007 26
Confusion
• Permutation operations1. First remove spaces
• A legitimate receiver can breakmostmessagesintowordsfairlyeasily
2. Then break messages arbitrarily into blocks of a uniform size (e.g., every five letters)
3. Map each plaintext letter to a unique ciphertext letter (usually in the same alphabet)
• How many keys for permuting 26 English letters?
© Yingjiu Li 2007 27
Caveat
• All permutation ciphers are subject to – ciphertext only attack
– not to mention known plaintext attack, chosen plaintext and chosen ciphertext attacks
© Yingjiu Li 2007 28
Frequency Attack
source: http://knight.cis.temple.edu/~jfiore/2006/fall/386/handouts/ch2/ch2_part2_4ups.pdf
© Yingjiu Li 2007 30
Product Cipher
Combinations of confusion and diffusion operations in many rounds– DES (56 bits) 16 rounds– AES (128, 192, 256) 9, 11, 13 rounds
• Deterministic vs non-deterministic
© Yingjiu Li 2007 31
Evaluation
• Shannon’s characteristics of good ciphers– Amount of secrecy (key size) determines
amount of labor– Set of keys and enciphering algorithm are
simple– Implementation is simple– Errors do not propagate– Size of ciphertext is no larger than original
message
© Yingjiu Li 2007 32
How Secure is Secure
It takes your computer at least
1000 years to break my cipher!!
No matter how powerful your computer is, you
don’t have enough information to defeat the
system !!
Computational securityComputational security
Unconditional security
Unconditional security
© Yingjiu Li 2007 34
Hands-On Exercise
• Installation:– Download LabPrep.doc and follow its
instructions to install • OpenSSL (Win32openSSL-0_9_8d.exe)
• HHD HexEditor (http://www.asciitable.com/)• JCE (jdk-1_5_0_08-windows-i586-p.exe)
– Mac computers have already these tools pre-installed
© Yingjiu Li 2007 35
Hands-On Exercise
• Testing:– Download LabTest.doc– Follow its instructions in section 2.1 to test
openSSL– Follow its instructions in section 2.2 to test JCE
© Yingjiu Li 2007 36
Introduction to OpenSSL
• OpenSSL is an open source toolkit to ensure secure communication.– Symmetric key (secret key) encryption – Asymmetric key (public key) encryption – Message Digests and digital signatures – Certificates
© Yingjiu Li 2007 37
Example 1: Keys Generationopenssl genrsa -des3 -out privkey.pem 2048
• genrsa – Generates RSA Key
• des3 – Password protects the key using triple DES encryption
• out <filename>– Save the key in a file. In this example, its privkey.pem
• <key size> -Size of the key generated. In this example, its 2048 bits
© Yingjiu Li 2007 38
Example 2: Certificate Request
openssl req -new -key privkey.pem -out cert.csr• req - Generate certificate request.
• new –New certificate request.
• key <file name> - Specify the file to read the private key from. In this example, its privkey.pem
• out <file name> - Save the request in a file. In this example, its cert.csr
© Yingjiu Li 2007 39
Example 3: Encryptionopenssl des3 -salt -in file.txt -out file.des3
• des3 – Encrypt using the TripleDES algorithm
• salt - Use a salt in the key derivation routines
• in <file name> - Input file with the clear message
• out <file name> - Output file with the encrypted message
– Users will be prompted to enter a password to complete the encryption
© Yingjiu Li 2007 40
Example 4: Decryptionopenssl des3 -d -salt -in file.des3 -out file.txt
• des3 – Use the TripleDES algorithm
• d – decrypt the file
• salt - Use a salt in the key derivation routines
• in <file name> - Input file with the encrypted message
• out <file name> - Output file with the decrypted message
– Users will be prompted to enter a password to complete the decryption
© Yingjiu Li 2007 41
Introduction to JCA and JCE
• Java Cryptography Architecture (JCA) is part of Java 2 run-time environment. java.security.*
• Java Cryptography Extension (JCE) is an extension to JCA and is integrated into Java 2 SDK since the 1.4
release. javax.crypto.*
© Yingjiu Li 2007 42
JCE Core Classes
– Cipher Class• Provide the functionality of encryption and decryption
– KeyGenerator Class • Generate secret keys for encryption and decryption
– The SealedObject Class• Create an object and protect its confidentiality
– The Mac Class • Provide integrity protection with Message Authentication
Code (MAC).
Reference: http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html
© Yingjiu Li 2007 43
Class: java.crypto.KeyGenerator
Methods:– getInstance(String algorithm)
• Creates an instance of KeyGenerator for a specific algorithm such as
• “AES”,“DES”,”HMACSHA1”
– generateKey()• Generate a key for the algorithm specified in the KeyGenerator
instance
© Yingjiu Li 2007 44
Example: Key Generation• The following example generate a SecretKey
object using AES.
//Create an instance of KeyGenerator with algorithm AES
KeyGenerator kg = KeyGenerator.getInstance(“AES");
//Generate the secret key
SecretKey mykey = kg.generateKey();
© Yingjiu Li 2007 45
Secure Key Storage
• JCA provides an extensible architecture to
manage keys through KeyStore.
• A KeyStore object maintains an in-memory table
of key and certificate entries, indexed by alias
strings, allowing retrieval, insertion and deletion
of entries.
• Keystore files are usually password protected.
© Yingjiu Li 2007 46
Class: java.security.KeyStore
Methods: – getInstance (String type)
• Create an instance of KeyStore of the specified type.– load(InputStream stream, char[] password))
• Open keystore with password and load keys from keystore file to memory
– getKey(String alias, char[] password)• Access the keystore with password and get the key based on a given
key alias– setEntry(String alias, KeyStore.Entry entry,
KeyStore.ProtectionParameter protParam)• Set a new key entry in the keystore
– store(OutputStream stream, char[] password)• Store this keystore to the given output stream, and protect its integrity
with the given password.
© Yingjiu Li 2007 47
Example:Create a null KeyStore object
• The following sample creates null KeyStore object with password protection.
//Create an instance of KeyStore of type “JCEKS”.
//JCEKS refers the KeyStore implementation from SunJCE provider ks = KeyStore.getInstance("JCEKS");
//Load the null Keystore and set the password to “changeme” ks.load(null, "changeme".toCharArray());
© Yingjiu Li 2007 48
Example:Set Key Entry• The following sample sets the generated key “mykey” in
the KeyStore. //Create an instance of KeyStore.SecretKeyEntry using “mykey”KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(mykey);
//Get key alias name from user input. String alias=args[0];
//Create KeyStore PasswordKeyStore.PasswordProtection password;password = new KeyStore.PasswordProtection("changeme".toCharArray());
//Set the key entry in the key store with an alias.ks.setEntry(alias, skEntry, password);
© Yingjiu Li 2007 49
Example:Store KeyStore object in file
• The following sample writes the KeyStore object into a file for storage.
//Create a new file to store the KeyStore objectjava.io.FileOutputStream fos = new java.io.FileOutputStream("keystorefile.jce");
//Write the KeyStore into the fileks.store(fos, "changeme".toCharArray());
//Close the file streamfos.close();
© Yingjiu Li 2007 50
Example:Retrieving Keys from KeyStore
• The following sample retrieves keys from a KeyStore file.
//Open the KeyStore fileFileInputStream fis = new FileInputStream("keystorefile.jce");
//Create an instance of KeyStore of type “JCEKS”ks = KeyStore.getInstance("JCEKS");
//Load the key entries from the file into the KeyStore object. ks.load(fis, "changeme".toCharArray());fis.close();
//Get the key with the given alias. String alias=args[0];Key k = ks.getKey(alias, "changeme".toCharArray());