Lecture 2 Overview

Cryptography• Secret writing– Disguised data cannot be read, modified, or fabricated

easily– Feasibility of complexity for communicating parties

• Encryption : encoding (encipher)plaintext cipher textC = E(c) (E = encryption rule)

• Decryption : decoding (decipher)Cipher text plaintextP = D(c) (D = decryption rule)

2CS 450/650 – Lecture 2 Overview

Encryption

3

Encryption Decryptionplaintext

Original

plaintextciphertextKeylessKeyless

Encryption Decryptionplaintext

Original

plaintextciphertext

Symmetric keySymmetric key

Encryption Decryptionplaintext

Original

plaintextciphertext

Asymmetric keyAsymmetric key

CS 450/650 – Lecture 2 Overview

Symmetric Encryption System

• Secret Key• Both sender and receiver share one key• Encryption and decryptions algorithms are

closely related• N * (N-1) /2 keys are needed for N users to

communicate in pairs• Key must be kept secret

4CS 450/650 – Lecture 2 Overview

Asymmetric Encryption System

• Public Key

• One key must be kept secret, the other can be freely exposed – private key and public key

• Only the corresponding private key can decrypt what has been encrypted using the private key

5CS 450/650 – Lecture 2 Overview

Cryptanalysis

• How to break an encryption!

• Cryptanalyst– Deduce the original meaning of the ciphertext– Determine the decryption algorithm that matches

the encryption one used

Breakable Encryption!

6CS 450/650 – Lecture 2 Overview

Substitution Ciphers

• Substitute a character or a symbol for each character of the original message

• Caesar Cipher– Ci = pi + 3

• Permutation– Alphabet is scrambled, each plaintext letter maps

to a unique ciphertext letter– Key can be used to control the permutation to be

used

7CS 450/650 – Lecture 2 Overview

Cryptanalysis of substitution ciphers

• Clues– Short words,– Words with repeated patterns,– Common initial and final letters, …

• Knowledge of language may simplify it– English E, T, O, A occur far more than J, Q, X, Z– Digrams, Trigrams, and other patterns– Context

8CS 450/650 – Lecture 2 Overview

One-Time Pads

• One-Time Pad – Set of sheets of paper with keys, glued into a pad– Pre-arranged charts (Vignere Tableau)

• Vernam Cipher– random numbers

• Book Ciphers– access to identical objects

9CS 450/650 – Lecture 2 Overview

Transposition Ciphers

• The order of letters is rearranged

• Columnar transposition

• cryptanalysis using digrams

10CS 450/650 – Lecture 2 Overview

Lecture 3

Entropy

CS 450/650

Fundamentals of Integrated Computer Security

Slides are modified from David Madison

Exercise

Decrypt the following encrypted quotation:

fqjcb rwjwj vnjax bnkhj whxcq

nawjv nfxdu mbvnu ujbbf nnc

12CS 450/650 – Lecture 3: Entropy

Ciphers

• The intent of cryptography is to provide secrecy to messages and data

• Substitutions– ‘hide’ letters of plaintext

• Transposition– scramble adjacent characters

13CS 450/650 – Lecture 3: Entropy

Entropy

• Shannon demonstrated mathematical methods of treating communication channels, bandwidth, and the effects of random noise on signals

– pi is the probability of a given message (or piece of information)

– n is the number of possible messages (or pieces of information)

14CS 450/650 – Lecture 3: Entropy

Example 1

• Suppose there is only one possible signal– i.e., n = 1, and p1 = 1

H = -1 x log 1 = 0

• There is only one possible message that has a probability of 1– Since there is no uncertainty, the entropy in this

case is zero15CS 450/650 – Lecture 3: Entropy

Example 2

• There are only two possible, equally probable, messages.

H = -(0.5 log (0.5) + 0.5 log(0.5)) = - ( 0.5(-1)+0.5 (-1)) = 1

• There are two possible equally probable messages, and the uncertainty (entropy) is 1– one bit can specify two possible conditions, • i.e., 0 or 1

16CS 450/650 – Lecture 3: Entropy

Example 3

• There are 1024 (= 210) possible signals, all of equal probability (pi = 2-10).

H = -(210 x 2-10 log(2-10)) = 10

• There are 1024 equally probably possible messages, and the uncertainty (entropy) is 10 bits.

17CS 450/650 – Lecture 3: Entropy

Entropy

• Entropy gives an indication of the complexity, or randomness, of a message or a data set.

• Generally, signals or data sets with high entropy,– Have a greater chance of a data transmission error– Require greater bandwidth to transmit– Have smaller capacity for compression– Appear to have a greater degree of "disorder”

18CS 450/650 – Lecture 3: Entropy

Entropy

• English language (and most other human languages) have a relatively low entropy due to the frequency of certain characters– the letters 'e' and 't‘

• Information can be compressed using algorithms that "squeeze out" the redundancies in a message– making the compressed version much smaller, and

much more random• Compressing a file twice doesn't reduce the size !

19CS 450/650 – Lecture 3: Entropy

Entropy and Cryptography

• Through cryptography, we increase the uncertainty in the message for those who do not know the key

• Plaintext has an entropy of zero as there is no uncertainty about it.– This class is CS 450

• Encryption using one of x equally probable keys increases the entropy to x– KBXT LWER ACMF OSJU

20CS 450/650 – Lecture 3: Entropy

Entropy and Cryptography

• With a perfect cipher “all keys are essentially equivalent”– having an encrypted sample won't help the

cryptanalyst do his or her job– an encrypted message is similar to a signal that is

buried in noise; • the higher the noise level, the more difficult it is to

extract the message

• A good cipher will make a message look like noise

21CS 450/650 – Lecture 3: Entropy

Entropy and Cryptography

• Encryption should "scramble" the original message to the maximum possible extent

• Algorithms should take a message through a sequence of substitutions and transpositions

• Shannon:– “Encrypting a message will intentionally increase

the message's entropy”

22CS 450/650 – Lecture 3: Entropy

Shannon Characteristics of ‘Good’ Ciphers

1. “The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption”– Hold off the interceptor for required time duration

2. “The set of keys and enciphering algorithm should be free from complexity”– There should not be restriction on choice of keys or types

of plaintext

3. “The implementation of the process should be as simple as possible”– Hand implementation, software bugs

23CS 450/650 – Lecture 3: Entropy

Shannon Characteristics of ‘Good’ Ciphers

4. “Errors in ciphering should not propagate and cause corruption of further information in the message”– An error early in the process should not throw off the

entire remaining cipher text

5. “The size of the enciphered text should be no larger than the text of original message”– A ciphertext that expands in size cannot possibly carry

more information than the plaintext

24CS 450/650 – Lecture 3: Entropy

Trustworthy Encryption Systems

• Commercial grade encryption1. Based on sound mathematics2. Analyzed by competent experts3. Test of time

DES: Data Encryption StandardRSA: River-Shamir-AdelmanAES: Advanced Encryption Standard

25CS 450/650 – Lecture 3: Entropy

Stream and Block Ciphers

• Stream–Converts one symbol of plaintext into a

symbol of ciphertex

• Block– Encrypts a group of plaintext symbols as

one block

26CS 450/650 – Lecture 3: Entropy

Confusion and Diffusion

• Confusion–Has complex relation between plaintext,

key, and ciphertext– The interceptor should not be able to

predict what will happen to ciphertext by changing one chatracter in plaintext– Example• Caesar Cipher• One time pad

27CS 450/650 – Lecture 3: Entropy

Confusion and Diffusion

• Diffusion–Cipher should spread information from

plaintext over entire ciphertext– The interceptor should require access to

much of ciphertext to infer algorithm– Example• Caesar Cipher• One time pad

28CS 450/650 – Lecture 3: Entropy