Basic Cryptography

Ge ZhangKarlstad University

What is Cryptography

CryptographyCryptosystem: 5-tuple (M, C, E, D, K)

M: the set of plaintextsC: the set of ciphertextsE: M x K -> C enciphering functionsD: C x K -> M deciphering functionsK: the set of keys

Example: Caesar cipher

00000000001111111111222222 01234567890123456789012345…ABCDEFGHIJKLMNOPQRSTUVWXYZ

M={all sequences of Roman letters}K={i | i is an integer such that 0<=i<=25}E=(m+k) mod 26D=(c-k) mod 26

Relative Frequency of Letters in English Text

Example

Break it!

WKHIDNHUDQGWKHZDONHUPHHWQHAWZHHN

Example: Vigenère cipher

Transportation cipher

Recorder the plaintext lettersPlain text: attack on tomorrowKey: 4312567

Same letter frequencies as the original plaintext

A taxonomy of Cryptosystems

OperationsSubstitution ciphersTransposition ciphers

Number of Keys usedSymmetricAsymmetric (public key)

The way in which the plaintext is processedBlock cipherStream cipher

Attacks on Cryptosystems

CryptanalysisBrute-force attack: tries every possible keyComputational secure

TimeCost

Classical Feistel Network

Block sizeKey size Number of roundsSubkey generation algorithm Round function (F)

The Data Encryption Standard (DES)

Block size: 64 bitKey size: 56 bitSubkey generation

56bit key->16x48bit subkeys

Round time: 16S-boxes: 16 X 4Permutation rule:

Round function (F) of DES

DES-- avalanche effect

Strong avalanche effect2 Plaintext

0000 0000 …. 0000 00001000 0000 …. 0000 0000

Encrypted with the same key, 34 bits differentInput 1.5% differenceOutput 53% difference

Weakness of DES

Design in 1970s56 bit key: 2 56 = 7.2 X 10 16

Brute force1142 years, 1 decryption/us10 hrs, 106 decryptions/us

Triple DES

Asymmetric Key Cryptography

The problems of symmetric key?Asymmetric Key Cryptography

Private/secret keyPublic key

RSA algorithm

Asymmetric Key Cryptography

The RSA algorithm

each user generates a public/private key pair by: selecting two large primes at random - p,qcomputing n=p.q-define ø(n)=(p-1)(q-1)selecting at random the encryption key e

where 1<e<ø(n), gcd(e,ø(n))=1

solve following equation to find decryption key ded mod ø(n)= 1 and 0≤d≤n

publish their public encryption key: PU={e,n} keep secret private decryption key: PR={d,n}

The RSA algorithm

to encrypt a message M the sender:obtains public key of recipient PU={e,n}computes: C = Me mod n, where 0≤M<n

to decrypt the ciphertext C the owner:uses their private key PR={d,n}computes: M = Cd mod n

Public-Key Applications

can classify uses into 3 categories:encryption/decryption (provide confidentiality)digital signatures (provide authentication)key exchange (of session keys)

Message Authentication

message authentication is concerned with:

protecting the integrity of a message validating identity of originator

then two alternative functions used:hash functionmessage authentication code (MAC)

Hash Functions

a Hash Function produces a digest of some file/message/data

h = H(M)Input a variable-length message Moutput a fixed-sized digest h

usually assume that the hash function is public and not keyedUsage of hash:

Requirements for Hash Functions

1. produces fixed-length output h2. is easy to compute h=H(M) for any message M3. given h is infeasible to find x s.t. H(x)=h

• one-way property4. given x is infeasible to find y s.t. H(y)=H(x)

• weak collision resistance5. is infeasible to find any x,y s.t. H(y)=H(x)

• strong collision resistance

Pigeonhole principle

Message Authentication Code (MAC)

Keyed hashdepending on both message and some keylike encryption though need not be reversible

appended to message as a signaturereceiver performs same computation on message and checks it matches the MACprovides assurance that message is unaltered and comes from sender

Questions

Lab assignment

Secure communication

Blowfish

characteristicsfastLess memoryEasy to implementvarying key size

Allows tuning for speed/security tradeoff

Blowfish Key Schedule

Block size either 64 bit or 128 bituses a 32 to 448 bit key 16 roundsSubkey generationRound function

Initialize s-boxes and p-arrays

Initialize subkeys before en(de)cryptingUpdate:

P-arrayS-boxes

Algorithm of blowfish

Blowfish Encryption

uses two primitives: addition & XORdata is divided into two 32-bit halves L0 & R0for i = 1 to 16 do

Ri = Li-1 XOR Pi;Li = F[Ri] XOR Ri-1;

L17 = R16 XOR P18;R17 = L16 XOR i17;

whereF[a,b,c,d] = ((S1,a + S2,b) XOR S3,c) +

S4,aBreak 32-bit Ri into (a,b,c,d)

F function

Diffie-Hellman Algorithm

Global Public Elements

q: Prime numberα: α < q and α is a primitive root of q

What is a primitive root of Prime number q?One whose power modulo q generate all the integers from 1 to q-1

User A Key Generation

Select private XA XA < qCalculate public YA YA = α X

Amod q

User B Key Generation

Select private XB XB < qCalculate public YB YB = α X

Bmod q

Diffie-Hellman Key Exchange

Diffie-Hellman Key Exchange

XA -> YA : YA = α XA mod q

YA -> XA : XA = d logα,q (YA)Discrete logarithm

Notice

To simplify, we use fixed Global Public Elements q = 353, α = 3.The session key for blowfish should be with 64 bit length. (Depends on your own design)Deadline: 20th Dec 2009.