Cryptography Cryptography 1. Activity What is cryptography ? 2.
<ul><li> Slide 1 </li> <li> Cryptography Cryptography 1 </li> <li> Slide 2 </li> <li> Activity What is cryptography ? 2 </li> <li> Slide 3 </li> <li> Introduction Cryptography is the study of Encryption Greek kryptos means hidden and graphia means writtings Encryption is an ancient form of information protection. dates back 4,000 years. process by which plaintext is converted into ciphertext. Decryption is the inverse of Encryption. 3 </li> <li> Slide 4 </li> <li> Introduction A sender S wanting to transmit message M to a receiver R To protect the message M, the sender first encrypts it into meaningless message M After receipt of M, R decrypts the message to obtain M plaintext M is called the plaintext What we want to encrypt ciphertext M is called the ciphertext The encrypted outpu t 4 </li> <li> Slide 5 </li> <li> Introduction Notation Given P=Plaintext C=CipherText C = E K (P) Encryption P = D K ( C) Decryption 5 </li> <li> Slide 6 </li> <li> Terminologies Cryptography: Cryptography: Schemes for encryption and decryption Encryption algorithm Encryption algorithm: technique or rules selected for encryption. Key Key: is secret value used to encrypt and/or decrypt the text. Cryptanalysis: The study of breaking the code. Cryptology: Cryptography and cryptanalysis together constitute the area of cryptology. 6 </li> <li> Slide 7 </li> <li> Encryption vs. C-I-A Encryption provides : Confidentiality/Secrecy keeps our data secret. Integrity protect against forgery or tampering 7 </li> <li> Slide 8 </li> <li> Cryptographic systems three dimensions are characterized along three dimensions operations used for transforming Substitution: Substitution: Replace (bit, letter, group of bits letters Transposition Transposition: Rearrange the order Product : Product :use multiple stages of both number of keys used Symmetric Symmetric: same key, secret-key, private-key Asymmetric Asymmetric: different key, public-key way in which the plaintext is processed block cipher Stream cipher 8 </li> <li> Slide 9 </li> <li> Transposition and Substitution SimpleSimple Substitution Transposition security cusetyri Encryption security Encryption tfdvsjuz security Encryption 19 5 3 20 18 9 19 25 9 </li> <li> Slide 10 </li> <li> Classical Substitution Caesar Cipher: used by Julius Caesar's military substitutes each letter of the alphabet with the letter standing three places further down the alphabet 10 </li> <li> Slide 11 </li> <li> Caesar cipher 11 </li> <li> Slide 12 </li> <li> Activity Convert it....to Caesar Ciphertext? Plaintext: are you ready Ciphertext : duh brx uhdgb 12 abcdefghijklmnopqrstuvwxy DEFGHIJKLMNOPQRSTUVWXYZAB z C Plaintext Ciphertext </li> <li> Slide 13 </li> <li> Caesar Cipher the algorithm can be expressed as, for each plaintext letter P, substitute ciphertext letter C. C = E(3, p) = (p + 3) mod 26 mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 General Caesar algorithm General Caesar algorithm as: c = E(k, p) = (p + k) mod (26) p = D(k, c) = (c k) mod (26) Where k is [1 to 25]. Secret-key Where k is [1 to 25]. Secret-key 13 </li> <li> Slide 14 </li> <li> Classical Transposition Spartans cipher, fifth century B.C. Start the war today Rewrite it by reading down Srhaoytterdatwta S t a r t t h e w a r t o d a y Encryption: rearrange the text in 3 columns 14 </li> <li> Slide 15 </li> <li> Cryptanalysis objective to recover key not just message general approaches: cryptanalytic attack exploits the characteristics of the algorithm brute-force attack try every possible key on a piece of ciphertext if either succeed all key use compromised 15 </li> <li> Slide 16 </li> <li> Cryptanalytic Attacks ciphertext only only know algorithm & ciphertext, is statistical, know or can identify plaintext.Most difficult known plaintext know/suspect plaintext & ciphertext chosen plaintext select plaintext and obtain ciphertext chosen ciphertext select ciphertext and obtain plaintext chosen text select plaintext or ciphertext to en/decrypt 16 </li> <li> Slide 17 </li> <li> More Definitions unconditional security no matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext computational security given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken it either takes too long, or is too expensive, 17 </li> <li> Slide 18 </li> <li> Cryptanalysis given a ciphertext Caesar cipher, then a brute-force is easy performed: simply try all the 25 possible keys. Assuming language of the plaintext is known. Thus, Caesar cipher is far from secure. 18 </li> <li> Slide 19 </li> <li> Introducing Alice Bob Trudy </li> <li> Slide 20 </li> <li> Monoalphabetic Cipher rather than just shifting the alphabet could shuffle (jumble) the letters arbitrarily each plaintext letter maps to a different random ciphertext letter hence key is 26 letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA 20 </li> <li> Slide 21 </li> <li> Monoalphabetic Cipher Security now have a total of 26! = 4 x 10 26 keys with so many keys, might think is secure but would be !!!WRONG!!! problem is language characteristics, statistical techniques 21 </li> <li> Slide 22 </li> <li> Brute Force Search always possible to simply try every key assume either know / recognise plaintext impractical if we use an algorithm that employs a large number of keys. most basic attack, proportional to key size 22 </li> <li> Slide 23 </li> <li> Language Redundancy and Cryptanalysis human languages are redundant letters are not equally commonly used in English E is by far the most common letter followed by T,R,N,I,O,A,S other letters like Z,J,K,Q,X are fairly rare have tables of single, double & triple letter frequencies for various languages 23 </li> <li> Slide 24 </li> <li> English Letter Frequencies 24 </li> <li> Slide 25 </li> <li> Use in Cryptanalysis key concept - monoalphabetic substitution ciphers do not change relative letter frequencies discovered by Arabian scientists in 9 th century calculate letter frequencies for ciphertext compare counts/plots against known values 25 </li> <li> Slide 26 </li> <li> Example Cryptanalysis given ciphertext: UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ count relative letter frequencies guess P & Z are e and t guess ZW is th and hence ZWP is the proceeding with trial and error finally get: it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow 26 </li> <li> Slide 27 </li> <li> Given this cipher text UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ Relative frequency of the letters in the text P 13.33 H 5.83 F 3.33 B 1.67 C 0.00 Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00 S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00 U 8.33 V 4.17 T 2.50 I 0.83 N 0.00 O 7.50 X 4.17 A 1.67 J 0.83 R 0.00 M 6.67 27 </li> <li> Slide 28 </li> <li> UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ t a e e te a that e e a a t VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX e t ta t ha e ee a e th t a EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ e e e tat e the t Continued analysis of frequencies plus trial and error should easily yield a solution from this point it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow. 28 </li> <li> Slide 29 </li> <li> Cryptograph cont Playfair cipher Polyalphabetic ciphers Vigenre cipher Vernam cipher One-timepad More on Transposition Rail fence cipher Message in rectangle ( row transposition ) Rotor machine 29 </li> <li> Slide 30 </li> <li> 30 Playfair Cipher A.k.a Playfair square A manual symmetric encryption technique It was the first literal digraph substitution cipher. The scheme was invented in 1854 by Charles Wheatstone, but bears the name of Lord Playfair who promoted the use of the cipher. Used in WWI and WWII </li> <li> Slide 31 </li> <li> Playfair Key Matrix a 5X5 matrix of letters based on a keyword fill in letters of keyword (no duplicates, i & j) fill rest of matrix with other letters eg. using the keyword (key) simple si/jmpl eabcd fghkn oqrtu vwxyz </li> <li> Slide 32 fo"> followed letters ac--bd Same column> letters under qw--wi Otherwise>squares corner at same row ar--bq"> fo" title="32 Playfair Cipher Use filler letter to separate repeated letters eg. "balloon" encrypts as "ba lx lo on" Encrypt two letters together Same row >fo"> </li><li> 32 Playfair Cipher Use filler letter to separate repeated letters eg. "balloon" encrypts as "ba lx lo on" Encrypt two letters together Same row >followed letters ac--bd Same column> letters under qw--wi Otherwise>squares corner at same row ar--bq </li> <li> Slide 33 </li> <li> Activity Q: construct the playfair matrix using the keyword MONARCHY ? Plaintext: Ethiopia Ciphertext: MONAR CHYBD EFGI/JK LPQST UVWXZ klbfhvsb </li> <li> Slide 34 </li> <li> Security of Playfair Cipher security much improved over monoalphabetic But, still has much of plaintext structure. it can be broken, given a few hundred letters With ciphertext only, possible to analyse frequency of occurrence of digrams (pairs of letters) Obtaining the key is relatively straightforward if both plaintext and ciphertext are known. </li> <li> Slide 35 </li> <li> Polyalphabetic ciphers 35 </li> <li> Slide 36 </li> <li> Polyalphabetic ciphers using multiple substitution alphabets. make cryptanalysis harder with more alphabets to guess and flatter frequency distribution use a key to select which alphabet is used for each letter of the message use each alphabet in turn repeat from start after end of key is reached 36 </li> <li> Slide 37 </li> <li> Vigenere Cipher simplest polyalphabetic substitution cipher meaning that instead of there being a one- to-one relationship between each letter and its substitute, there is a one-to-many relationship between each letter and its substitutes. The encipherer chooses a keyword and repeats it until it matches the length of the plaintext 37 </li> <li> Slide 38 </li> <li> 38 Vigenre Cipher Basically multiple Caesar ciphers key is multiple letters long K = k 1 k 2... k d ith letter specifies ith alphabet to use use each alphabet in turn, repeating from start after d letters in message Plaintext: THISPROCESSCANALSOBEEXPRESSED Keyword: CIPHERCIPHERCIPHERCIPHERCIPHE Ciphertext: VPXZTIQKTZWTCVPSWFDMTETIGAHLH </li> <li> Slide 39 </li> <li> Vigenre Cipher write the plaintext out write the keyword repeated above it use each key letter as a caesar cipher key encrypt the corresponding plaintext letter </li> <li> Slide 40 </li> <li> Activity Q: encrypt the given plaintext letter using Vigenre Cipher use keyword deceptive plaintext: wearediscoveredsaveyourself Key: Ciphertext: 40 deceptivedeceptivedeceptive zicvtwqngrzgvtwavzhcqyglmgj </li> <li> Slide 41 </li> <li> Security of Vigenre Ciphers have multiple ciphertext letters for each plaintext letter hence letter frequencies are masked but not totally lost start with letter frequencies see if look monoalphabetic or not if not, then need to determine number of alphabets, since then can attach each </li> <li> Slide 42 </li> <li> Kasiski Method method developed by Babbage / Kasiski repetitions in ciphertext give clues to period so find same plaintext an exact period apart which results in the same ciphertext. eg repeated VTW in previous activity suggests size of 3 or 9 then attack each monoalphabetic cipher individually using same techniques as before </li> <li> Slide 43 </li> <li> Autokey Cipher ideally want a key as long as the message Vigenre proposed the autokey cipher with keyword is prefixed to message as key knowing keyword can recover the first few letters use these in turn on the rest of the message but still have frequency characteristics to attack eg. given key deceptive key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA </li> <li> Slide 44 </li> <li> Vernam Cipher ultimate defense is to use a key as long as the plaintext with no statistical relationship to it invented by AT&T engineer Gilbert Vernam in 1918 Originally proposed using a very long but eventually repeating key His system works on binary data (bits rather than letters) </li> <li> Slide 45 </li> <li> One-Time Pad if a truly random key as long as the message is used, the cipher will be secure. is unbreakable since ciphertext bears no statistical relationship to the plaintext since for any plaintext & any ciphertext there exists a key mapping one to other can only use the key once though problems in generation & safe distribution of key </li> <li> Slide 46 </li> <li> One-time Pad: Encryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 heilhitler 001000010100001010111100000101 111101110101111100000101110000 110101100001110 111001110101 srlhssthsr Encryption: Plaintext Key = Ciphertext Plaintext: Key: Ciphertext: </li> <li> Slide 47 </li> <li> One-time Pad: Decryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 srlhssthsr 110101100001110 111001110101 111101110101111100000101110000 001000010100001010111100000101 heilhitler Decryption: Ciphertext Key = Plaintext Ciphertext: Key: Plaintext: </li> <li> Slide 48 </li> <li> One-time Pad e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 srlhssthsr 110101100001110 111001110101 111000101111100000101110000 011010100 001010111100000101 killhitler Ciphertext: key: Plaintext: Double agent claims sender used following key </li> <li> Slide 49 </li> <li> One-time Pad e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 srlhssthsr 110101100001110 111001110101 111101000011101110001011101 001000100010011000110010011000 helikesike Ciphertext: Key: Plaintext: Or sender is captured and claims the key is </li> <li> Slide 50 </li> <li> 50 One-time pad the only cryptosystem that exhibits what is referred to as perfect secrecy Drawbacks it requires secure exchange of the one-time pad material, which must be as long as the message pad disposed of correctly and never reused In practice Generate a large number of random keys, Exchange the key material securely between the users before sending an one-time enciphered message, Keep both copies of the key material for each message securely until they are used, and Securely dispose of the key material after use, thereby ensuring the key material is never reused. </li> <li> Slide 51 </li> <li> 51 Strength Is unconditionally secure provided key is truly random </li> <li> Slide 52 </li> <li> 52 Random numbers needed If the key material is generated by a deterministic program then it is not actu...</li></ul>