Introduction Cryptography is the study of Encryption Greek
kryptos means hidden and graphia means writtings Encryption is an
ancient form of information protection. dates back 4,000 years.
process by which plaintext is converted into ciphertext. Decryption
is the inverse of Encryption. 3
Slide 4
Introduction A sender S wanting to transmit message M to a
receiver R To protect the message M, the sender first encrypts it
into meaningless message M After receipt of M, R decrypts the
message to obtain M plaintext M is called the plaintext What we
want to encrypt ciphertext M is called the ciphertext The encrypted
outpu t 4
Slide 5
Introduction Notation Given P=Plaintext C=CipherText C = E K
(P) Encryption P = D K ( C) Decryption 5
Slide 6
Terminologies Cryptography: Cryptography: Schemes for
encryption and decryption Encryption algorithm Encryption
algorithm: technique or rules selected for encryption. Key Key: is
secret value used to encrypt and/or decrypt the text.
Cryptanalysis: The study of breaking the code. Cryptology:
Cryptography and cryptanalysis together constitute the area of
cryptology. 6
Slide 7
Encryption vs. C-I-A Encryption provides :
Confidentiality/Secrecy keeps our data secret. Integrity protect
against forgery or tampering 7
Slide 8
Cryptographic systems three dimensions are characterized along
three dimensions operations used for transforming Substitution:
Substitution: Replace (bit, letter, group of bits letters
Transposition Transposition: Rearrange the order Product : Product
:use multiple stages of both number of keys used Symmetric
Symmetric: same key, secret-key, private-key Asymmetric Asymmetric:
different key, public-key way in which the plaintext is processed
block cipher Stream cipher 8
Classical Substitution Caesar Cipher: used by Julius Caesar's
military substitutes each letter of the alphabet with the letter
standing three places further down the alphabet 10
Slide 11
Caesar cipher 11
Slide 12
Activity Convert it....to Caesar Ciphertext? Plaintext: are you
ready Ciphertext : duh brx uhdgb 12 abcdefghijklmnopqrstuvwxy
DEFGHIJKLMNOPQRSTUVWXYZAB z C Plaintext Ciphertext
Slide 13
Caesar Cipher the algorithm can be expressed as, for each
plaintext letter P, substitute ciphertext letter C. C = E(3, p) =
(p + 3) mod 26 mathematically give each letter a number a b c d e f
g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11
12 13 14 15 16 17 18 19 20 21 22 23 24 25 General Caesar algorithm
General Caesar algorithm as: c = E(k, p) = (p + k) mod (26) p =
D(k, c) = (c k) mod (26) Where k is [1 to 25]. Secret-key Where k
is [1 to 25]. Secret-key 13
Slide 14
Classical Transposition Spartans cipher, fifth century B.C.
Start the war today Rewrite it by reading down Srhaoytterdatwta S t
a r t t h e w a r t o d a y Encryption: rearrange the text in 3
columns 14
Slide 15
Cryptanalysis objective to recover key not just message general
approaches: cryptanalytic attack exploits the characteristics of
the algorithm brute-force attack try every possible key on a piece
of ciphertext if either succeed all key use compromised 15
Slide 16
Cryptanalytic Attacks ciphertext only only know algorithm &
ciphertext, is statistical, know or can identify plaintext.Most
difficult known plaintext know/suspect plaintext & ciphertext
chosen plaintext select plaintext and obtain ciphertext chosen
ciphertext select ciphertext and obtain plaintext chosen text
select plaintext or ciphertext to en/decrypt 16
Slide 17
More Definitions unconditional security no matter how much
computer power or time is available, the cipher cannot be broken
since the ciphertext provides insufficient information to uniquely
determine the corresponding plaintext computational security given
limited computing resources (eg time needed for calculations is
greater than age of universe), the cipher cannot be broken it
either takes too long, or is too expensive, 17
Slide 18
Cryptanalysis given a ciphertext Caesar cipher, then a
brute-force is easy performed: simply try all the 25 possible keys.
Assuming language of the plaintext is known. Thus, Caesar cipher is
far from secure. 18
Slide 19
Introducing Alice Bob Trudy
Slide 20
Monoalphabetic Cipher rather than just shifting the alphabet
could shuffle (jumble) the letters arbitrarily each plaintext
letter maps to a different random ciphertext letter hence key is 26
letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher:
DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA 20
Slide 21
Monoalphabetic Cipher Security now have a total of 26! = 4 x 10
26 keys with so many keys, might think is secure but would be
!!!WRONG!!! problem is language characteristics, statistical
techniques 21
Slide 22
Brute Force Search always possible to simply try every key
assume either know / recognise plaintext impractical if we use an
algorithm that employs a large number of keys. most basic attack,
proportional to key size 22
Slide 23
Language Redundancy and Cryptanalysis human languages are
redundant letters are not equally commonly used in English E is by
far the most common letter followed by T,R,N,I,O,A,S other letters
like Z,J,K,Q,X are fairly rare have tables of single, double &
triple letter frequencies for various languages 23
Slide 24
English Letter Frequencies 24
Slide 25
Use in Cryptanalysis key concept - monoalphabetic substitution
ciphers do not change relative letter frequencies discovered by
Arabian scientists in 9 th century calculate letter frequencies for
ciphertext compare counts/plots against known values 25
Slide 26
Example Cryptanalysis given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ count relative letter
frequencies guess P & Z are e and t guess ZW is th and hence
ZWP is the proceeding with trial and error finally get: it was
disclosed yesterday that several informal but direct contacts have
been made with political representatives of the viet cong in moscow
26
Slide 27
Given this cipher text
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX
EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ Relative frequency of the
letters in the text P 13.33 H 5.83 F 3.33 B 1.67 C 0.00 Z 11.67 D
5.00 W 3.33 G 1.67 K 0.00 S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00 U 8.33
V 4.17 T 2.50 I 0.83 N 0.00 O 7.50 X 4.17 A 1.67 J 0.83 R 0.00 M
6.67 27
Slide 28
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ t a e e te a that
e e a a t VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX e t ta t ha e ee
a e th t a EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ e e e tat e the t
Continued analysis of frequencies plus trial and error should
easily yield a solution from this point it was disclosed yesterday
that several informal but direct contacts have been made with
political representatives of the viet cong in moscow. 28
Slide 29
Cryptograph cont Playfair cipher Polyalphabetic ciphers Vigenre
cipher Vernam cipher One-timepad More on Transposition Rail fence
cipher Message in rectangle ( row transposition ) Rotor machine
29
Slide 30
30 Playfair Cipher A.k.a Playfair square A manual symmetric
encryption technique It was the first literal digraph substitution
cipher. The scheme was invented in 1854 by Charles Wheatstone, but
bears the name of Lord Playfair who promoted the use of the cipher.
Used in WWI and WWII
Slide 31
Playfair Key Matrix a 5X5 matrix of letters based on a keyword
fill in letters of keyword (no duplicates, i & j) fill rest of
matrix with other letters eg. using the keyword (key) simple
si/jmpl eabcd fghkn oqrtu vwxyz
Slide 32 fo"> followed letters ac--bd Same column>
letters under qw--wi Otherwise>squares corner at same row
ar--bq"> fo" title="32 Playfair Cipher Use filler letter to
separate repeated letters eg. "balloon" encrypts as "ba lx lo on"
Encrypt two letters together Same row >fo">
32 Playfair Cipher Use filler letter to separate repeated
letters eg. "balloon" encrypts as "ba lx lo on" Encrypt two letters
together Same row >followed letters ac--bd Same column>
letters under qw--wi Otherwise>squares corner at same row
ar--bq
Slide 33
Activity Q: construct the playfair matrix using the keyword
MONARCHY ? Plaintext: Ethiopia Ciphertext: MONAR CHYBD EFGI/JK
LPQST UVWXZ klbfhvsb
Slide 34
Security of Playfair Cipher security much improved over
monoalphabetic But, still has much of plaintext structure. it can
be broken, given a few hundred letters With ciphertext only,
possible to analyse frequency of occurrence of digrams (pairs of
letters) Obtaining the key is relatively straightforward if both
plaintext and ciphertext are known.
Slide 35
Polyalphabetic ciphers 35
Slide 36
Polyalphabetic ciphers using multiple substitution alphabets.
make cryptanalysis harder with more alphabets to guess and flatter
frequency distribution use a key to select which alphabet is used
for each letter of the message use each alphabet in turn repeat
from start after end of key is reached 36
Slide 37
Vigenere Cipher simplest polyalphabetic substitution cipher
meaning that instead of there being a one- to-one relationship
between each letter and its substitute, there is a one-to-many
relationship between each letter and its substitutes. The
encipherer chooses a keyword and repeats it until it matches the
length of the plaintext 37
Slide 38
38 Vigenre Cipher Basically multiple Caesar ciphers key is
multiple letters long K = k 1 k 2... k d ith letter specifies ith
alphabet to use use each alphabet in turn, repeating from start
after d letters in message Plaintext: THISPROCESSCANALSOBEEXPRESSED
Keyword: CIPHERCIPHERCIPHERCIPHERCIPHE Ciphertext:
VPXZTIQKTZWTCVPSWFDMTETIGAHLH
Slide 39
Vigenre Cipher write the plaintext out write the keyword
repeated above it use each key letter as a caesar cipher key
encrypt the corresponding plaintext letter
Slide 40
Activity Q: encrypt the given plaintext letter using Vigenre
Cipher use keyword deceptive plaintext: wearediscoveredsaveyourself
Key: Ciphertext: 40 deceptivedeceptivedeceptive
zicvtwqngrzgvtwavzhcqyglmgj
Slide 41
Security of Vigenre Ciphers have multiple ciphertext letters
for each plaintext letter hence letter frequencies are masked but
not totally lost start with letter frequencies see if look
monoalphabetic or not if not, then need to determine number of
alphabets, since then can attach each
Slide 42
Kasiski Method method developed by Babbage / Kasiski
repetitions in ciphertext give clues to period so find same
plaintext an exact period apart which results in the same
ciphertext. eg repeated VTW in previous activity suggests size of 3
or 9 then attack each monoalphabetic cipher individually using same
techniques as before
Slide 43
Autokey Cipher ideally want a key as long as the message
Vigenre proposed the autokey cipher with keyword is prefixed to
message as key knowing keyword can recover the first few letters
use these in turn on the rest of the message but still have
frequency characteristics to attack eg. given key deceptive key:
deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA
Slide 44
Vernam Cipher ultimate defense is to use a key as long as the
plaintext with no statistical relationship to it invented by
AT&T engineer Gilbert Vernam in 1918 Originally proposed using
a very long but eventually repeating key His system works on binary
data (bits rather than letters)
Slide 45
One-Time Pad if a truly random key as long as the message is
used, the cipher will be secure. is unbreakable since ciphertext
bears no statistical relationship to the plaintext since for any
plaintext & any ciphertext there exists a key mapping one to
other can only use the key once though problems in generation &
safe distribution of key
One-time Pad e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
srlhssthsr 110101100001110 111001110101 111000101111100000101110000
011010100 001010111100000101 killhitler Ciphertext: key: Plaintext:
Double agent claims sender used following key
Slide 49
One-time Pad e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111
srlhssthsr 110101100001110 111001110101 111101000011101110001011101
001000100010011000110010011000 helikesike Ciphertext: Key:
Plaintext: Or sender is captured and claims the key is
Slide 50
50 One-time pad the only cryptosystem that exhibits what is
referred to as perfect secrecy Drawbacks it requires secure
exchange of the one-time pad material, which must be as long as the
message pad disposed of correctly and never reused In practice
Generate a large number of random keys, Exchange the key material
securely between the users before sending an one-time enciphered
message, Keep both copies of the key material for each message
securely until they are used, and Securely dispose of the key
material after use, thereby ensuring the key material is never
reused.
Slide 51
51 Strength Is unconditionally secure provided key is truly
random
Slide 52
52 Random numbers needed If the key material is generated by a
deterministic program then it is not actually random Why not to
generate keystream from a smaller (base) key? Use some
pseudo-random function to do this Although this looks very
attractive, it proves to be very very difficult in practice to find
a good pseudo-random function that is cryptographically strong This
is still an area of much research
Slide 53
53 Key Management Using secret channel Encrypt the key Third
trusted party The sender and the receiver generate key
Slide 54
More Transposition Ciphers these hide the message by
rearranging the letter order without altering the actual letters
used can recognise these since have the same frequency distribution
as the original text
Slide 55
Rail Fence cipher write message letters out diagonally over a
number of rows then read off cipher row by row eg. write message
out as: depth 2 m e m a t r h t g p r y e t e f e t e o a a t
giving ciphertext MEMATRHTGPRYETEFETEOAAT Plain msg : "meet me
after the toga party"
Slide 56
Row Transposition Ciphers is a more complex transposition write
letters of message out in rows over a specified number of columns
reorder the columns then reorder the columns according to some key
before reading off the rows Key: 4 3 1 2 5 6 7 Plaintext: a t t a c
k p o s t p o n e d u n t i l t w o a m x y z Ciphertext:
TTNAAPTMTSUOAODWCOIXKNLYPETZ
Slide 57
Product Ciphers ciphers using substitutions or transpositions
are not secure because of language characteristics hence consider
using several ciphers in succession to make harder, but: two
substitutions make a more complex substitution two transpositions
make more complex transposition but a substitution followed by a
transposition makes a new much harder cipher this is bridge from
classical to modern ciphers
Slide 58
Information Security Principles 58
Slide 59
10 generally accepted basic principles Principle 1:There is no
such thing as absolute Security Given enough time, tools, skills
and inclination ; a hacker can break through any security measure.
E.g. safes & vaults: are usually rated according to their
resistance to attacks. How long would it take ? 59
Slide 60
Principle 2: C-I-A All information security tries to address at
least one of the three: Protect the Confidentiality of data
Preserve Integrity of data Promote the Availability of data 60
Slide 61
CIA Triad 61
Slide 62
Prevent Detect Response E.g. Bank Human guard/door lock
CCTV/Motion sensor Alarm/Tear gas E.g Internet attached devices
Firewall(IPS) IDS/Traffic analyzer Auto traffic block 62 Principle
3: Defense in depth Layered security approach
Slide 63
Principle 4: people are easy to be tricked into giving up
secrets. Studies have proved it ! Pen for password study. I love
you virus. 63
Slide 64
Principle 5: Security through Obscurity If hackers dont know
how software is secured, does it make security is better ?
WRONG!!!!! Leads to false sense of security ! 64
Slide 65
Principle 6: Security = Riskmanagement Careful balance of the
above two. E.g buy $500 safe to secure $200 jewelry Risk analysis
Mitigate Insurance Accept Likely hood/consequence 65
Principle 8: people, process &technology All are needed to
adequately secure a system E.g firewall with out process Dual
control Separation of duties 67
Slide 68
Principle 9:Open disclosure of vulnerabilities is good for
security! To disclose or not to disclose; that is the question !
E.g. Automobile defects 68
Slide 69
The ethical Question is how should that valuable information be
disseminated to the good guys while keeping it away from the bad
guys! Anyhow Hackers know about most vulnerability long before the
public! Problem shared is half solved! 69
Slide 70
Principle 10: Complexity is the enemy of security. With too
many interfaces b/n programs and other systems, the interface
became difficult to secure. 70