03-Overview of Cryptographic Techniques (1)

8/11/2019 03-Overview of Cryptographic Techniques (1)

1/33

Overview of CryptographicTechniques

Hector M Lugo-CorderoCIS 4361

Secure Operating System Administration

1


2/33

2

Resources Used

Lecture slides from Dr Ratan Guha CNT

6519 Wireless Security Forensics

Cryptography and Network Security,

Fourth Edition, by William Stallings

Lecture slides for the textbook by Lawrie

Brown

Lecture slides by Henric Johnson,Blekinge

Institute of Technology, Sweden


3/33

3

Outline

Some Basic Terminology

Conventional Encryption Principles

Characteristics of Cryptographic

Techniques

Symmetric Encryption

Classical Symmetric Encryption

Algorithms

Modern Symmetric Encryption

Techniques


4/33

4

Some Basic Terminology

plaintext- original message ciphertext- coded message

cipher- algorithm for transforming plaintext to ciphertext

key- info used in cipher known only to sender/receiver

encipher (encrypt)- converting plaintext to ciphertext

decipher (decrypt)- recovering ciphertext from plaintext

cryptography- study of encryption principles/methods

cryptanalysis (codebreaking)- study of principles/methods of deciphering ciphertext withoutknowing key

cryptology- field of both cryptography and cryptanalysis


5/33

5

Conventional Encryption

Principles An encryption scheme has five ingredients: Plaintext

Encryption algorithm

Secret Key Ciphertext

Decryption algorithm

Security depends on the secrecy of the key, not

the secrecy of the algorithm


6/33

6

Characteristics of Cryptographic

Techniques

Classified along three independent dimensions:

The type of operations used for transforming plaintext

to ciphertext

The number of keys used

symmetric (single key)

asymmetric (two-keys, or public-key encryption)

The way in which the plaintext is processed


7/33

7

Symmetric Encryption

or conventional / private-key / single-key

sender and recipient share a common key

all classical encryption algorithms areprivate-key

was only type prior to invention of public-

key in 1970s and by far most widely used


8/33

8

Symmetric Cipher Model


9/33

9

Requirements

two requirements for secure use ofsymmetric encryption:

a strong encryption algorithm

a secret key known only to sender / receiver

mathematically have:

Y = EK(X) [= E(K,X) ]

X = DK(Y) [= D(K, Y) ] assume encryption algorithm is known

implies a secure channel to distribute key


10/33

10

Brute Force Search

always possible to simply try every key

most basic attack, proportional to key size

assume either know / recognize plaintext

Key Size (bits) Number of Alternative

Keys

Time required at 1

decryption/s

Time required at 106

decryptions/s

32 232 = 4.3 109 231s = 35.8 minutes 2.15 milliseconds

56 256 = 7.2 1016 255s = 1142 years 10.01 hours

128 2128 = 3.4 1038 2127s = 5.4 1024years 5.4 1018years

168 2168 = 3.7 1050 2167s = 5.9 1036years 5.9 1030years

26 characters

(permutation)

26! = 4 1026 2 1026s = 6.4 1012years 6.4 106years


11/33

11

Classical Substitution Ciphers

where letters of plaintext are replaced by

other letters or by numbers or symbols

or if plaintext is viewed as a sequence of

bits, then substitution involves replacing

plaintext bit patterns with ciphertext bit

patterns


12/33

12

Caesar Cipher

earliest known substitution cipher

by Julius Caesar

first attested use in military affairs

replaces each letter by 3rd letter after

example:

meet me after the toga party

PHHW PH DIWHU WKH WRJD SDUWB


13/33

13

Caesar Cipher

can define transformation as:a b c d e f g h i j k l m n o p q r s t u v w x y z

D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

mathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

then have Caesar cipher as:

c = E(p) = (p + k) mod (26)p = D(c) = (ck) mod (26)


14/33

14

Monoalphabetic Cipher

rather than just shifting the alphabet

could shuffle (jumble) the letters arbitrarily

each plaintext letter maps to a different random

ciphertext letter hence key is 26 letters long

Plain: abcdefghijklmnopqrstuvwxyz

Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN

Plaintext: ifwewishtoreplaceletters

Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA


15/33

15

Playfair Cipher

not even the large number of keys in a

monoalphabetic cipher provides security

one approach to improving security was to

encrypt multiple letters

thePlayfair Cipheris an example

invented by Charles Wheatstone in 1854,but named after his friend Baron Playfair


16/33

16

Playfair Key Matrix

a 5X5 matrix of letters based on a keyword

fill in letters of keyword (minus duplicates)

fill rest of matrix with other letters eg. using the keyword MONARCHY

M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z


17/33

17

Encrypting and Decrypting

plaintext is encrypted two letters at a time1. if a pair is a repeated letter, insert filler like 'X

(low probability of appearance in language)

2. if both letters fall in the same row, replace

each with letter to right (wrapping back to startfrom end)

3. if both letters fall in the same column, replaceeach with the letter below it (again wrapping totop from bottom)

4. otherwise each letter is replaced by the letterin the same row and in the column of the otherletter of the pair

Wireless Wi re le sx sz XG MK UL XA XT


18/33

18

Polyalphabetic Ciphers polyalphabetic substitution ciphers

A set of related monoalphabetic substitution rules is

used

use a key to select which alphabet is used for each

letter of the message

use each alphabet in turn

repeat from start after end of key is reached

make cryptanalysis harder with more alphabets to

guess and flatter frequency distributionKey: deceptive 3 42 415 198 214

plaintext: wireless 22 817 4 11 418 18

ciphertext: zmtiaxao 25 1219 826 2326 39


19/33

19

Vigenre Cipher

simplest polyalphabetic substitution cipher

effectively multiple caesar ciphers

key is multiple letters long K = k1k2... kd ithletter specifies ithalphabet to use

use each alphabet in turn

repeat from start after d letters in message decryption simply works in reverse


20/33

20

Example of Vigenre Cipher

write the plaintext out

write the keyword repeated above it

use each key letter as a caesar cipher key

encrypt the corresponding plaintext letter

eg using keyword deceptive

key: deceptivedeceptivedeceptive

plaintext: wearediscoveredsaveyourselfciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ


21/33

Vernam Cipher and One-time

Pad Keyword is as long as the plaintext and

has no statistical relationship to it.

Vernam system works on binary data with

ith bit of text exclusive ored with ith bit of

key to produce ith bit of cipher

In one one-time pad key is used only once

This scheme is unbreakable

21


22/33

Transposition Cipher

Mapping is performed by some sort of

permutation on the plaintext letters.

Example: Rail fence of depth 2

text : meet me after the toga party

me ma tr ht gp ry

et ef et eo aa tcipher:

MEMATRHTGPRYETEFETEOAAT

Rail fence of depth 2 22


23/33

Classical Ciphers

Caesar Cipher

Monoalphabetic Cipher

Playfair Cipher Polyphabetic Cipher

Vigenre Cipher

Vernam Cipher and One-time Pad Transposition Cipher

Cryptography -Part -I 23


24/33

Modern Block Ciphers

now look at modern block ciphers

one of the most widely used types of

cryptographic algorithms

provide secrecy /authentication services

focus on DES (Data Encryption Standard)

to illustrate block cipher design principles


25/33

Block vs Stream Ciphers

block ciphers process messages in blocks,

each of which is then en/decrypted

like a substitution on very big characters

64-bits or more

stream ciphers process messages a bit or

byte at a time when en/decrypting

many current ciphers are block ciphers

broader range of applications


26/33

Block Cipher Principles

most symmetric block ciphers are based on aFeistel Cipher Structure

needed since must be able to decryptciphertext

to recover messages efficiently block ciphers look like an extremely largesubstitution

would need table of 264entries for a 64-bit block

instead create from smaller building blocks using idea of a product cipher


27/33

Ideal Block Cipher


28/33

Claude Shannon and Substitution-

Permutation Ciphers

Claude Shannon introduced idea of substitution-

permutation (S-P) networks in 1949 paper

form basis of modern block ciphers

S-P nets are based on the two primitivecryptographic operations seen before:

substitution(S-box)

permutation (P-box)

provide confusion& diffusionof message & key


29/33

Confusion and Diffusion

cipher needs to completely obscurestatistical properties of original message

a one-time pad does this

more practically Shannon suggestedcombining S & P elements to obtain:

diffusiondissipates statistical structure

of plaintext over bulk of ciphertext confusionmakes relationship between

ciphertext and key as complex as possible


30/33

Feistel Cipher Structure

Horst Feistel devised the feistel cipher

based on concept of invertible product cipher

partitions input block into two halves

process through multiple rounds which

perform a substitution on left data half

based on round function of right half & subkey

then have permutation swapping halves

implements Shannons S-P net concept


31/33

Feistel Cipher Structure


32/33

Feistel Cipher Design Elements

block size key size

number of rounds

subkey generation algorithm round function

fast software en/decryption

ease of analysis


33/33

Feistel Cipher Encryption & Decryption

03-Overview of Cryptographic Techniques (1)

Documents

Transcript of 03-Overview of Cryptographic Techniques (1)