Cryptography Week-6. Cryptography Introduction Cryptography, secret writing, is the strongest tool...
-
Upload
russell-davis -
Category
Documents
-
view
221 -
download
2
Transcript of Cryptography Week-6. Cryptography Introduction Cryptography, secret writing, is the strongest tool...
CryptographyIntroduction
• Cryptography, secret writing, is the strongest tool for controlling against many kinds
of security threats.
• Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing)
• Well-disguised data cannot be read, modified, or fabricated easily.
• Cryptography is rooted in higher mathematics: group and field theory, computational
complexity, and even real analysis, not to mention probability and statistics.
• Fortunately, it is not necessary to understand the underlying mathematics to be able
to use cryptography.
CryptographyTerms and Concept
Encryption: is the process of encoding a message so that its meaning is not obvious.
Decryption: is the reverse process, transforming an encrypted message back into its
normal, original form.
• Alternatively, the terms encode and decode or encipher and decipher are used
instead of encrypt and decrypt.
Plaintext: unencrypted version of a message (i.e. original message)
Ciphertext: encrypted versions of a message
Cipher: Encryption algorithm
• A system for encryption and decryption is called a Cryptosystem.
CryptographyTerms and Concept
Key: object (string) that personalises an encryption algorithm (in the same way that a
key personalises a physical lock)
Types of Encryption
Symmetric: same key performs both encryption and decryption
CryptographyTerms and Concept
Types of Encryption
Asymmetric: distinct keys, very different keys, one for encryption only and the other
for decrypting only
CryptographyTerms and Concept
Process
Cryptography: performing encryption and decryption
Cryptology: designing encryption algorithms
Cryptanalysis: analyzing algorithms and encrypted text with the objective of breaking
the encryption
CryptographyTerms and Concept
Breaking Encryption
• Determining the content of an encrypted message without the use of the key
• Almost any encryption can be broken in theory; in practice the amount of work
(time) to do so may be prohibitive
• “Work factor” is the estimate of amount of time sufficient to break an encryption;
work factor may depend on speed of computers
• The attacker can use any tools, techniques and approaches
‘All is fair in love, war and cryptanalysis’!
CryptographySecure Encryption Characteristics
According to Shannon(1949) characteristics of good ciphers:
1. Desired amount of secrecy should determine the amount of labour for encryption
and decryption
• Low sensitivity items should not be protected under a cipher that is very difficult to
implement
• For high sensitivity items, it is worth paying a price in difficulty to encrypt
2. Keys and algorithms should not be complex
• Applying a complex algorithm or allowing only particular keys is error-prone
• A complex algorithm may be avoided in the field
CryptographySecure Encryption Characteristics
According to Shannon(1949) characteristics of good ciphers:
3. The implementation of the process should be as simple as possible
• Hand implementation or complex computer programs are error-prone
4. Error in ciphering should not propagate and corrupt further cipher text – e.g.
acknowledges the possibility of error
5. Size of ciphertext should be no be larger than the size of the plaintext
• a larger ciphertext size cannot carry more information (because that depends on the
plaintext)
• Longer ciphertext required more space and time to decrypt
CryptographySecure Encryption Characteristics
Properties of trustworthy encryption
1. Based on sound mathematics
• Has a strong theoretical underpinning to justify its strength
2. Analysed by competent experts
• Has been scrutinized (examine carefully) objectively
3. Has stood the test of time
• Has been used without problem and continues to undergo expert review
CryptographySecure Encryption Characteristics
More terms and concept
• Key distribution: problem of establishing shared secret keys between sender and
receiver
• Key management: problem of storing and changing keys over time
Stream Vs block ciphers
• Stream cipher: plaintext converted immediately to ciphertext
• Block cipher: plaintext queued up until a full block is ready, then encrypted as a
block
CryptographySecure Encryption Characteristics
Confusion and Diffusion
• Confusion: complex relationship between a plaintext unit and its ciphertext
• Diffusion: effect of changing a plaintext character to ciphertext is spread widely
through the ciphertext
Types of Cryptanalysis
• Ciphertext only: common case, ciphertext intercepted without context
• Note: The algorithm used may be known but not the key
CryptographySecure Encryption Characteristics
Types of Cryptanalysis
• Known plaintext: some plaintext and corresponding (matched) ciphertext
• the goal is to figure out how the plaintext was transformed to that ciphertext
• use the same approach to break the ciphertext for which the plaintext is not available
• Chosen plaintext:
• ability to force the system to encrypt anything (“chosen plaintext”) and see the effect
• deduce what algorithm (or key was used)
• To break other ciphertext
CryptographySimple Traditional Ciphers
Building Blocks
• Substitution – change one symbol (or unit) into another
• Achieves confusion: obscures the meaning of a symbol
• Transposition (or permutation): move symbols (or units) around in ciphertext
•Achieves diffusion: spreads effects of encryption throughout ciphertext
CryptographySimple Traditional Ciphers
Caesar Cipher (a form of substitution)
• Shifts all letters of alphabet n positions forward. original cipher used n = 3
• Easily implemented, can be done easily in the head, required no paper or other
physical resources
• Also easy to break
n o p q r s t u v w x y z
13 14 15 16 17 18 19 20 21 22 23 24 25
CryptographySimple Traditional Ciphers
Caesar Cipher (a form of substitution)
• For each plaintext letter p, substitute the ciphertext letter C:
C = E(3, p) = (p + 3) mod 26
P = D(k, C) = (C – 3) mod 26
a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
CryptographySimple Traditional Ciphers
Caesar Cipher (a form of substitution)
1. Use Caeser cipher to encrypt the the text “The World is not Enough” using the
shift of 7.
2. Decrypt the ciphertext “wklv lv d vhfuhw phvvdjh”. Initially find out the SHIFT KEY
used.
• One-Time Pad (next week)
• Multiple Substitutions (next week)
• Columnar Transposition (next week)
• Other (next week)
CryptographyTypes of Attacks
Brute Force
• Try all the possible keys
E.g.: Cesar Cipher – there are only 25 possible keys to try - try all 25 possible keys and
the plaintext leaps out
• Cryptanalysis
• the art of breaking ciphers based on nature of algorithm or plaintext
• Based on letter frequency distributions of written language, e.g.: English