Cryptography Week-6. Cryptography Introduction Cryptography, secret writing, is the strongest tool...

Cryptography

Week-6

CryptographyIntroduction

• Cryptography, secret writing, is the strongest tool for controlling against many kinds

of security threats.

• Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing)

• Well-disguised data cannot be read, modified, or fabricated easily.

• Cryptography is rooted in higher mathematics: group and field theory, computational

complexity, and even real analysis, not to mention probability and statistics.

• Fortunately, it is not necessary to understand the underlying mathematics to be able

to use cryptography.

CryptographyTerms and Concept

Encryption: is the process of encoding a message so that its meaning is not obvious.

Decryption: is the reverse process, transforming an encrypted message back into its

normal, original form.

• Alternatively, the terms encode and decode or encipher and decipher are used

instead of encrypt and decrypt.

Plaintext: unencrypted version of a message (i.e. original message)

Ciphertext: encrypted versions of a message

Cipher: Encryption algorithm

• A system for encryption and decryption is called a Cryptosystem.


Key: object (string) that personalises an encryption algorithm (in the same way that a

key personalises a physical lock)

Types of Encryption

Symmetric: same key performs both encryption and decryption


Types of Encryption

Asymmetric: distinct keys, very different keys, one for encryption only and the other

for decrypting only


Process

Cryptography: performing encryption and decryption

Cryptology: designing encryption algorithms

Cryptanalysis: analyzing algorithms and encrypted text with the objective of breaking

the encryption


Breaking Encryption

• Determining the content of an encrypted message without the use of the key

• Almost any encryption can be broken in theory; in practice the amount of work

(time) to do so may be prohibitive

• “Work factor” is the estimate of amount of time sufficient to break an encryption;

work factor may depend on speed of computers

• The attacker can use any tools, techniques and approaches

‘All is fair in love, war and cryptanalysis’!

CryptographySecure Encryption Characteristics

According to Shannon(1949) characteristics of good ciphers:

1. Desired amount of secrecy should determine the amount of labour for encryption

and decryption

• Low sensitivity items should not be protected under a cipher that is very difficult to

implement

• For high sensitivity items, it is worth paying a price in difficulty to encrypt

2. Keys and algorithms should not be complex

• Applying a complex algorithm or allowing only particular keys is error-prone

• A complex algorithm may be avoided in the field


According to Shannon(1949) characteristics of good ciphers:

3. The implementation of the process should be as simple as possible

• Hand implementation or complex computer programs are error-prone

4. Error in ciphering should not propagate and corrupt further cipher text – e.g.

acknowledges the possibility of error

5. Size of ciphertext should be no be larger than the size of the plaintext

• a larger ciphertext size cannot carry more information (because that depends on the

plaintext)

• Longer ciphertext required more space and time to decrypt


Properties of trustworthy encryption

1. Based on sound mathematics

• Has a strong theoretical underpinning to justify its strength

2. Analysed by competent experts

• Has been scrutinized (examine carefully) objectively

3. Has stood the test of time

• Has been used without problem and continues to undergo expert review


More terms and concept

• Key distribution: problem of establishing shared secret keys between sender and

receiver

• Key management: problem of storing and changing keys over time

Stream Vs block ciphers

• Stream cipher: plaintext converted immediately to ciphertext

• Block cipher: plaintext queued up until a full block is ready, then encrypted as a

block


Confusion and Diffusion

• Confusion: complex relationship between a plaintext unit and its ciphertext

• Diffusion: effect of changing a plaintext character to ciphertext is spread widely

through the ciphertext

Types of Cryptanalysis

• Ciphertext only: common case, ciphertext intercepted without context

• Note: The algorithm used may be known but not the key


Types of Cryptanalysis

• Known plaintext: some plaintext and corresponding (matched) ciphertext

• the goal is to figure out how the plaintext was transformed to that ciphertext

• use the same approach to break the ciphertext for which the plaintext is not available

• Chosen plaintext:

• ability to force the system to encrypt anything (“chosen plaintext”) and see the effect

• deduce what algorithm (or key was used)

• To break other ciphertext

CryptographySimple Traditional Ciphers

Building Blocks

• Substitution – change one symbol (or unit) into another

• Achieves confusion: obscures the meaning of a symbol

• Transposition (or permutation): move symbols (or units) around in ciphertext

•Achieves diffusion: spreads effects of encryption throughout ciphertext


Caesar Cipher (a form of substitution)

• Shifts all letters of alphabet n positions forward. original cipher used n = 3

• Easily implemented, can be done easily in the head, required no paper or other

physical resources

• Also easy to break

n o p q r s t u v w x y z

13 14 15 16 17 18 19 20 21 22 23 24 25



• For each plaintext letter p, substitute the ciphertext letter C:

C = E(3, p) = (p + 3) mod 26

P = D(k, C) = (C – 3) mod 26

a b c d e f g h i j k l m

0 1 2 3 4 5 6 7 8 9 10 11 12



1. Use Caeser cipher to encrypt the the text “The World is not Enough” using the

shift of 7.

2. Decrypt the ciphertext “wklv lv d vhfuhw phvvdjh”. Initially find out the SHIFT KEY

used.

• One-Time Pad (next week)

• Multiple Substitutions (next week)

• Columnar Transposition (next week)

• Other (next week)

CryptographyTypes of Attacks

Brute Force

• Try all the possible keys

E.g.: Cesar Cipher – there are only 25 possible keys to try - try all 25 possible keys and

the plaintext leaps out

• Cryptanalysis

• the art of breaking ciphers based on nature of algorithm or plaintext

• Based on letter frequency distributions of written language, e.g.: English

Thank You !

Cryptography Week-6. Cryptography Introduction Cryptography, secret writing, is the strongest tool...

Documents

Transcript of Cryptography Week-6. Cryptography Introduction Cryptography, secret writing, is the strongest tool...