Upload
imogen-short
View
224
Download
1
Embed Size (px)
Citation preview
CryptographyCryptography
What is cryptography?The study of message secrecyThe art of writing or solving codesHeavy mathematics
Information Theory Statistics Number Theory
Cryptographic TermsCryptographic Terms
Cryptology Study of Cryptography and Cryptanalysis
Cryptanalysis Code Breaking
Encryption Converts ordinary information to unreadable
Decryption Coverts cipher-text back into plain-text
Cipher A pair of algorithms which are used to encrypt and decrypt
Cryptographic TermsCryptographic Terms
Key A parameter that explains how to run the algorithm
Blocks Input divided and each block is independent against the key
Symmetric Single key for encryption and decryption
Asymmetric A public key for encryption A private key for decryption
Hash One-way transformation of data
Two different messages should NEVER have the same hash
Cryptographic TermsCryptographic Terms
Perfect Secrecy Occurs when knowledge of cipher gives no
knowledge of the original message
Steganography Hides the fact that there even is a message Picture example
When?When?
Ancient Cryptography Julius Caesar (49-44 BC)
Messages to Generals Used a shift cipher (shift 3 right)
Vigenére (1553) Keyword explained the shift
Modern Cryptography Since Computers
ExampleExample
A 0 N 13 B 1 O 14 C 2 P 15 D 3 Q 16 E 4 R 17 F 5 S 18 G 6 T 19 H 7 U 20 I 8 V 21 J 9 W 22 K 10 X 23 L 11 Y 24 M 12 Z 25
Letter to Number
Message: A P P L E 00 15 15 11 04
Key: S H A R E 18 07 00 17 04
Cipher: 18 22 15 02 08 S W P B I
Each message letter is added toEach key letter
ComponentsComponents
Confidentiality Storing message unreadable
Integrity Preventing modifications
Strength Proving it is secure
Can only be done with years of testing
Availability Preventing of a denial of access
Incorrect Data Resource Exhaustion
Pre-Modern CryptoPre-Modern Crypto
Purpose Message Confidentiality
Ciphers Transposition
Rearrangement of Letters
Substitution Replacing a group of letters with other letters
Stego Head Tattoo
Pre-Modern DevicesPre-Modern Devices
Scytale (Skytale) A strip of leather or paper wound around a cylinder Transposition Cipher Spartans this for military communication
Cipher Grille Message contained inside of
a host
Pre-Modern DevicesPre-Modern Devices
Enigma Used by Germans in WWII Electromagnetic Rotor Machine Each letter changed the rotors which
modified the key
Modern CryptoModern Crypto
Started with the birth of computers Computers are magnitudes faster than humans Mostly used by government until PCs Huge role since the Internet
Authentication Digital Signatures E-Commerce Banking
Proprietary vs Public AlgorithmsProprietary vs Public Algorithms
Proprietary Algorithm is unknown and therefore doesn’t help in
cryptanalysis DVDs Not widely tested
Public Tested for 5-8 years before trusted Allows many to find mistakes or weaknesses Algorithm knowledge should not help cracking the code
Symmetric Key CryptographySymmetric Key Cryptography
Uses a shared key between all parties Key that encrypts also decrypts 4000 times faster than asymmetric Stronger than asymmetric Key needs to be shared in a secure way DES
Data Encryption Standard Used by the government and banks since 1977
AES Advanced Encryption Standard First published in 1998 New Standard approved for use up to TOP SECRET
Modern AlgorithmsModern Algorithms
Linear Mixing Applying XOR operations on the plain-text with the key
Non-linear functions (Substitution boxes) Adds confusion
Bit-Shuffling (Permutations) Rearrangement of the bits
Expansion Permutates and adds some duplicate bits
Key Mixing Uses multiple sub keys
One Time PadOne Time Pad
Possible to have perfect secrecy The key is the length of the document and has no pattern Key is bitwise XOR with the document Key can only be used once or else statistics can be gathered
from the cipher-text Very easy to break when used more than once
Data Encryption StandardData Encryption Standard
64-bit key 56-bits used for algorithm 8-bits for parity checking
Parity bits are the least significant bit of each byte
64-bit blocks Split into 32-bit chunks and crisscrossed through the algorithm Feistel Network
16 Rounds Weaknesses
Small key Differential Cryptanalysis Linear Cryptanalysis
Public Key EncryptionPublic Key Encryption
Relatively new Based on the unproven idea that large numbers composed of
primes are hard to factor Is always breakable given enough time and resources It is always known whether the key tried was correct Based on math functions rather than bit scrambling Used in situations where a symmetric key cannot be passed
between parties Used to keep the Internet secure
Diffie-HellmanDiffie-Hellman
Whitfield Diffie and Martin Hellman (1976) DH Key Exchange
Used to pass a key for symmetric crypto between two parties who have no knowledge of each other
Primarily used over insecure channels
Diffie-Hellman AlgorithmDiffie-Hellman Algorithm
Alice (A) wants to communicate securely to Bob (B) A and B agree on P (a prime) and G (a generator)
For every number N between 1 and P-1, pick G that works for the following equation:N = GK mod P
A and B independently choose their secret integer (a and b respectively) Alice’s public value U = Ga mod p
Bob’s public value V = Gb mod p Alice computes K = Va mod p Bob Computes K = Ub mod p Alice and bob have both computed K which happens to be the same number
Diffie-Hellman In ActionDiffie-Hellman In Action
A and B agree on P = 23 and G = 5 A chooses a = 6 and B chooses b = 15 (independently) A computes U = 56 mod 23 U = 8 B computes V = 515 mod 23 V = 19 Alice and Bob exchange their U and V Alice computes K1 = 196 mod 23 K1 = 2
Bob computes K2 = 815 mod 23 K2 = 2
Since K1 = K2, both Alice and Bob have the same key value
RSA AlgorithmRSA Algorithm
Compute two large prime numbers p,q n = p * q (n is public knowledge) r = (p-1)(q-1) Choose e>1 and relatively prime to r Find d such that d = 1 + (i * r) / e where i is an integer counting up from one until a
solution is found Public Key (e, n) Private Key (d, n) or (d, n, p, q)
Using p and q can speed up the algorithm
Encryption c = me mod n
Decryption m = cd mod n
d, p, and q should all be kept private
RSA Algorithm in ActionRSA Algorithm in Action
Bob chooses p = 863 and q = 937 giving N = 863*937 = 808631 (p-1)(q-1) = 806832 Bob chooses e = 7, which satisfies gcd(806832, 7) = 1 Bob’s public key: [N, e] or [808631, 7] Bob finds d = 461047 where d = 1 + ( i * 806832 ) / e works for some
integer i Bob’s private key: [p, q, d] or [863, 937, 461047] Say Alice wants to send bob a message M = 205632 Alice computes C = Me mod N
C = 2056327 mod 808631 = 256779 Alice transmits C in the public Bob computes M = Cd mod N
M = 256779461047 mod 808631 = 205632
English Letter Frequency
E - 12.7% H - 6.1% W - 2.3% K - 0.8%
T - 9.1% R - 6.0% F - 2.2% J - 0.2%
A - 8.2% D - 4.3% G - 2.0% X - 0.1%
O - 7.5% L - 4.0 Y - 2.0% Q - 0.1%
I - 7.0% C - 2.8% P - 1.9% Z - 0.1%
N - 6.7% U - 2.8% B - 1.5%
S - 6.3% M - 2.4% V - 1.0%
Digrams and TrigramsDigrams and Trigrams
th, he, in, en, nt, re, er, an, ti, es, on, at, se, nd, or, ar, al, te, co, de, to, ra, et, ed, it, sa, em, ro
the, and, tha, ent, ing, ion, tio, for, nde, has, nce, edt, tis, oft, sth, men
Differential CryptanalysisDifferential Cryptanalysis
Studies the difference between each input and their corresponding outputs
Looks for non-random behavior Discovered in the late 1980s DES was resilient to this because the of the
NSA’s S-box contribution A secret method the US government used to
attack ciphertext from other countries
PGP and GPGPGP and GPG
PGP - Pretty Good Privacy Proprietary
GPG - Gnu Privacy Guard Open source using public cryptographic algorithms Essentially the same as PGP
Used for encryption and digital signatures Public key and private generated locally Public key is often uploaded to a key server
Thawte CertificateThawte Certificate
Company owned by Verisign Provides free personal email certificates Can sign and encrypt emails Advantages over PGP/GPG
Certificate is signed by a normally trusted CA Most email clients automatically handle the signatures
without extensions
Can only be used for email Usually doesn’t get verified by webmail clients
How a Digital Signature WorksHow a Digital Signature Works
Public and private keys are created Public key is attached to a certificate
Certificate contains identification information Certificates are signed by certificate authorities
The document is hashed Hash is encrypted with private key Result is appended to the document Receiving Party does the following:
Hashes the message Takes the signature and decrypts it with the public key The decrypted signature is compared to the message hash If equal, message has a valid signature
Email EncryptionEmail Encryption
To send an encrypted email, you must have the receiver’s public key
Message can only be decrypted by the receiver’s private key