Encryption and Decryption

Encryption and Encryption and Decryption

Speaker:Tsung Ray Wang Advisor:Prof.Li-Chun Wang

Contents

MODELS,GOALS,AND EARLY CIPHER SYSTEMS

THE SECRECY OF A CIPHER SYSTEM

PRACTICAL SECURITY STREAM ENCRYPTION PUBLIC KEY CRYPTOSYSTEMS

Model of a cryptographic channel

Plaintext

M

Encipher DecipherPublic channel

Plaintext

Cryptanalyst

Key

)(CDM k)(MEC k

CiphertextKK

Secure channel

The two primary reasons for using cryptosystems in communications

(1)privacy,to prevent unauthorized persons from exacting information from the channel

(2)authentication,to prevent unauthorized persons from injecting information into the channel

System GoalsThe major requirements for a cryptosystem

1.To provide an easy and inexpensive means of

encryption and decryption to authorized users in

possession of the appropriate key

2.To ensure that the cryptanalyst’s task of producing an

estimate of the plaintext without benefit of the key is

made difficult and expensive

Classic Threats

Ciphertext-Only Attack Known-Plaintext Attack Chosen-Text Attack

Classic Ciphers

Caesar Cipher ex. Plaintext : N O W I S T H E T I M E

: Ciphertext : Q R Z L V W K H W L P H

Polybius square . Plaintext : NOWI S T H E T I M E Ciphertext: 33 43 25 42 34 44 32 51 44 42 23 51

Polyalphabetic cipher . Plaintext: NOWI S T H E T I M E Ciphertext: OQZMXZ O M CS X Q

Caesar’s alphabet with a shift of 3

Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ

CHIPHERTEXT: DEFGHIJKLMNOPQRSTUVWXYZABC

Polybius square

1 2 3 4 5

1 2 3 4 5

A B C D E

F G H IJ K

L M N O P

Q R S T U

V W X Y Z

Trithemius progressive key

THE SECRECY OF A CIPHER SYSTEM

•What is Perfect Secrecy??

• Entropy and Equivocation

• Rate of a language and Redunancy

• Unicity Distance and Ideal Secrecy

P(Mo)=1/4 M00 C01

C1

C2

2

C3

3

P(M1)=1/4 M1

P(M2)=1/4M2

P(M3)=1/4 M3

Plaintext Ciphertext

Example of perfect secrecy Key

Cs=Tkj(Mi)

S=( ) modulo-Nji

PRACTICAL SECURITY

Substitution Permutation Product Cipher System The Data Encryption Standard

Substitution box

n=3

input

2n=8

1

1

0

output

0

1

1

2n=8012

3456

7

01234567

input

output

000

011

001

111

010

000

011

110

100

010

101

100

110

101

111

001

Permutation box

input output

1

0

0

1

0

0

1

0

0

1

Individual keying capability

Example of binary key

1 0 1 0 0 0 1 0 1 1 1 1 1 0 1 1 0 1 0 1 1 1 0 1 0

Initial Permutation (IP)

58 50 42 34 26 18 10 2

60 52 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 55 45 37 29 21 13 5 63 55 47 39 31 23 15 7

E-Table Bit Selection

32 1 2 3 4 5 4 5 6 7 8 98 9 10 11 12 1312 13 14 15 16 1716 17 18 19 20 2120 21 22 23 24 2524 25 26 27 28 2928 29 30 31 32 1

P-Table Permutation

16 7 20 21

29 12 28 17

1 15 23 26

5 18 31 10

2 8 24 14

32 27 3 9

19 13 30 6

22 11 4 25

Final Permutation (IP-1)

40 8 48 16 56 24 64 3239 7 47 15 55 23 63 3138 6 46 14 54 22 62 3037 5 45 13 53 21 61 2936 4 44 12 52 20 60 2835 3 43 11 51 19 59 2734 2 42 10 50 18 58 2633 1 41 9 49 17 57 25

Key Permutation PC-1

57 49 41 33 25 17 9

1 58 50 42 34 26 18 10 2 59 51 43 35 27

19 11 3 60 52 44 36

63 55 47 39 31 23 15

7 62 54 46 38 30 22

14 6 61 53 45 37 29

21 13 5 28 20 12 4

Key Schedule of Left Shifts

Iteration Number of left shifts i

12345678910111213141516

1

21

2222212222221

Key Permutation PC-2

14 17 11 24 1 5

3 28 15 6 21 10

23 19 12 4 26 8

16 7 27 20 13 2

41 52 31 45 33 48

30 40 51 45 33 48

44 49 39 56 34 53

46 42 50 36 29 32

STREAM ENCRYPTION

Key Generation Using a Linear Feedback Shift Register

Vulnerabilities of Linear Feedback Shift Registers

Linear feedback shift register example

feedback

output

x4x3 x2 x1

Modulo-2

adder

PUBLIC KEY CRYPTOSYSTEMS

Signature Authentication Using a Public Key Cryptosystem

A Trapdoor One-Way Function The Rivest-Shamir-Adelman Scheme The Knapsack Problem A Public Key Cryptosystem Based on a Trapdoor

Knapsack

The important features of a public key cryptosystem

The encryption algorithm, ,and the decryption algorithm, ,are invertible transformations on the plaintext ,M,or the ciphertext ,C,defined by the key K. That is,for each K and M,

For each K, and are easy to compute. For each K,the computation of from is

computa-tionally intractable.

)()(),( MCMMC EDDE kkkk

E k

Dk

E kDk

E kDk

Public Key cryptosystem

M Cryptomachine

Subscriber A

DirectoryA-B-C- . . . .

AE

BE

CE

EB

Cryptomachine

Subscriber B

M

DB

)(MC EB

Signature authenticaton using a public key cryptosystem

MCrypto

machine

A

Date

Cryptomachine

A

Public channel

Directory

)(1

MS E A

))((1

MEC E AB

BEAD

Cryptomachine

B

Cryptomachine

B

M

Directory

Signaturestorage

))((1

MC EE AB

)(1

MS E A

E A

BD

The Rivest-Shamir-Adelman Scheme

1.Each user chooses his own value of n and another pair of positive integers (e,d) ,and n=pq, =(p-1)(q-1),gcd[ ,d]=1,

ed modulo- =1,and p,q are prime numbers.

2..The user places his encryption key the number pair (n,e),in the public directory.

3. The decryption key consists of the number pair (n,d),of which d is kept secret.

4.messages are first represented as integers in the range (0,n-1)

5.Encryption: modulo-n

Decryption: modulo-neMMEC )()(

dCCDM )()(

)(n

)(n)(n

RSA

How to Compute e

A variation of Euclid’s algorithm for computing the gcd of and d is to compute e

1.First,compute a series …... where = , =d ,and = modulo- ,until an =0 is found.

than the gcd ( , d )=

2.For each compute numbers and such that

= +

3.If =1,then is the multiplicative inverse of

modulo- .If is a negative number, the solution is

+

,.....,,, 210 xxx

)(n

)(n

0x )(n

1x 1ix 1ix ix

1kx

kx

ix ia ib

ix ia 0xib 1x

1kx1kb

0x 1kb1kb )(n

The Knapsack problem

1.Let us express the knapsack problem in terms of a knapsack

vector ‘a’ and a data vector ’ x’.

2.The knapsack,S,is the sum of a subset of the components of the

knapsack vector where

= ax

n

n

xxxx

aaaa

,,.........,

,........,,

21

21

n

iii xaS

1

1,0ix

Super-increasing and how to slove “x”

1.super-increasing is

2.When a is super-incresing,the solution of x is found by starting

with if S (otherwise ) ,and continuing

as follows:

=

where

1

1

i

j ji aa ni ,......,3,2

1nx na 0nx

ix

n

ijijj aaxS

1

0

1 if

otherwise

1..,,.........2,1 nni

A Public key Cryptosystem Based on a Trapdoor Knapsack

-this scheme,also known as the Merkle-Hellman scheme

method:

1.we form a super-increasing n-tuple a’,and select a prime number

M such that ,also select a random number,W, where 1<W<M,and we form to satisfy the following relationship:

W modulo -M =1,note:the vector a’ and the number M,W,

are all kept hidden.

2.we form a with the elements from a’ as: modulo-M

n

iiaM

11W

1W 1W

ii Waa

3.When a data vector x is to be transmitted ,we multiply x by a,

yielding the number S,which is sent on the public channel.

n

iii

n

iii xMuloWaxaaxS

11

)mod(

4.The authorized user receives S and converts it to S’ :

= =

n

iii MuloxMuloWaWMuloSWS

1

11 mod)mod(mod

n

iii MuloxMuloWaW

1

1 mod)mod(

n

iii Muloxa

1

mod

n

iii xa

1

5.Since the authorized user knowns the secretly held super-increasing

vector a’ ,he can use S’ to find x.

CONCLUSION

1.We have presented the basic models and goals of the cryptographic

process,and looked at some early cipher systems.

2.We defined a system that can exhibit perfect secrecy .

3.We outlined the DES algorithm in detail,and we also considered

the use of linear feedback shift registers(LFSR) for stream

encryption systems.

4.RSA scheme ,based on the product of two large prime numbers,

and the Merkle-Hellman scheme,based on the classical knapsack

problem.