1 / 50

Information Security: Cryptography (part 2)

Information Security: Cryptography (part 2). Dr. Shahriar Bijani Shahed University. Slides References. Matt Bishop, Computer Security: Art and Science , the author homepage, 2002-2004. Addam Schroll , Cryptography , Purdue university.

kendis
Download Presentation

Information Security: Cryptography (part 2)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security:Cryptography (part 2) Dr. ShahriarBijani Shahed University

  2. Slides References • Matt Bishop, Computer Security: Art and Science, the author homepage, 2002-2004. • AddamSchroll, Cryptography, Purdue university. • Nikita Borisov, Cryptography, Illinois university, CS461, 2007.

  3. Vigenere cipher • A different caesar cipher per letter MORESECURETHANCAESAR (Ciphertext) + SECRETSECRETSECRETSE (Key) = FTUWXYVZUWYBTSFSJMTW • M (13) + A (19) = F (6) mod 26 • O (15) + E (5) = T (20) mod 26 • ...

  4. Vigenere analysis • Key space? • 26Length(Key) • Frequency analysis? • Doesn’t work because of different keys • For many years, the Vigenère cipher was considered unbreakable!

  5. Useful Terms • period: length of key • In earlier example, period is 3 • tableau: table used to encipher and decipher • Vigènere cipher has key letters on top, plaintext letters on the left • polyalphabetic: the key has several different letters • Caesar cipher is monoalphabetic

  6. Vigenere Analysis • Guess period of the cipher= p • Construct p frequency tables • Cryptanalyze each one http://math.ucsd.edu/~crypto/java/EARLYCIPHERS/Vigenere.html • Better yet, recover period • Look for repeated n-grams

  7. Vigenere Analysis • The index of coincidence • measures the differences in the frequencies of the letters in the ciphertext. • the probability that two randomly chosen letters from the ciphertext will be the same. • Fc= frequency of cipher character c, N = length of the ciphertext • Indices of coincidences for different periods:

  8. Vigenère tableau • The key letters on top, plaintext letters on the left

  9. G I V A G I V B H J W E L M Z H N P C L R T G O U W J S Y A N T Z B O Y E H T Tableau shown has relevant rows, columns only Example encipherments: key V, letter T: follow V column down to T row (giving “O”) Key I, letter H: follow I column down to H row (giving “P”) Relevant Parts of Tableau

  10. VigenèreAnalysis • Ciphertext: • Could this be a Caesar cipher? • We find that the index of coincidence is 0.043, which indicates a key of length 5 or more. • So we assume that the key is of length greater than 1, and apply the Kasiski method

  11. Vigenère Analysis • Repetitions of 2 letters or more • The only factors that occur more in the gaps are 2 (in eight gaps) and 3 (in seven gaps). As a first guess, let us try 6.

  12. VigenèreAnalysis • To verify this guess, we compute the index of coincidence for each alphabet. We first arrange the message into 6 columns. • Each column represents one alphabet. The indices of coincidence are: • All ICs indicate a single alphabet except for the ICs of alphabets #4 (period between 1 and 2) and #6 (period between 5 and 10).

  13. Vigenère Analysis • Counting characters in each column (alphabet) : • An unshifted alphabet has the characteristics in the last row (L=low frequency, M = moderate frequency, H =high frequency) • now compare the frequency counts in the six alphabets with the frequency count of the unshifted alphabet. • The first alphabet matches the characteristics of the unshifted alphabet (note the values for A, E, and I in particular).

  14. Vigenère Analysis • the 3rd alphabet seems to be shifted with I mapping to A. • in the 6th alphabet : V maps to A.

  15. Vigenère Analysis

  16. Vigenère Analysis • With proper spacing and punctuation, we have A LIMERICK PACKS LAUGHS ANATOMICAL INTO SPACE THAT IS QUITE ECONOMICAL BUT THE GOOD ONES I'VE SEEN SO SELDOM ARE CLEAN, AND THE CLEAN ONES SO SELDOM ARE COMICAL. The key is ASIMOV.

  17. Vigenere Analysis • Here is a ciphertext message

  18. DES: Data Encryption Standard • A block cipher: • encrypts blocks of 64 bits using a 64 bit key • Key: 8 bits for parity, so the effective key length is 56 bits. • outputs 64 bits of ciphertext • performs both substitution and transposition (permutation) on the bits.

  19. General structure of DES • Cipher consists of 16 rounds (iterations) each with a round key generated from the user-supplied key

  20. DES: Initialand Final Permutations

  21. DES: Initialand Final Permutations Example Find the output of the final permutation box when the input is given in hexadecimal as: Solution Only bit 25 and bit 64 are 1s; the other bits are 0s. In the final permutation, bit 25 becomes bit 64 and bit 63 becomes bit 15. The result is

  22. DES: Initialand Final Permutations • The initial and final permutations are straight P-boxes that are inverses of each other. • They have no cryptography significance in DES.

  23. DES: Rounds • DES uses 16 rounds. Each round of DES has a 48 bit key. A round in DES

  24. The DES Function • The heart of DES is the DES function. The DES function applies a 48-bit key to the rightmost 32 bits to produce a 32-bit output. • Expansion P-box • Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to expand RI−1 to 48 bits. K1(48 bit)

  25. The DES Function: S-Boxes • The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit input and a 4-bit output.

  26. The DES Function: S-Boxes S-box 1 Table

  27. S-Box Example The input to S-box 1 is 100011. What is the output? Solution If we write the first and the sixth bits together, we get 11 in binary, which is 3 in decimal. The remaining bits are 0001 in binary, which is 1 in decimal. We look for the value in row 3, column 1, in Table 6.3 (S-box 1). The result is 12 in decimal, which in binary is 1100. So the input 100011 yields the output 1100.

  28. The DES Function:Straight Permutation Straight permutation table

  29. Differential Cryptanalysis • A chosen ciphertext attack • Requires 247 plaintext, ciphertextpairs

  30. Current Status of DES • Design for computer system, associated software that could break any DES-enciphered message in a few days published in 1998 • Several challenges to break DES messages solved using distributed computing • NIST selected Rijndael as Advanced Encryption Standard, successor to DES • Designed to withstand attacks that were successful on DES

  31. Public Key Cryptography • Two keys • Private key known only to individual • Public key available to anyone • Public key, private key inverses • Idea • Confidentiality: encipher using public key, decipher using private key • Integrity/authentication: encipher using private key, decipher using public one

  32. Requirements • It must be computationally easy to encipher or decipher a message given the appropriate key • It must be computationally infeasible to derive the private key from the public key • It must be computationally infeasible to determine the private key from a chosen plaintext attack

  33. Diffie-Hellman • Compute a common, shared key • Called a symmetric key exchange protocol • Based on discrete logarithm problem • Given integers n and g and prime number p, compute k such that n = gk mod p • Solutions known for small p • Solutions computationally infeasible as p grows large

  34. Algorithm • Constants: prime p, integer g ≠ 0, 1, p–1 • Known to all participants • Anne chooses private key kAnne, computes public key KAnne= gkAnne mod p • To communicate with Bob, Anne computes Kshared = KBobkAnne mod p • To communicate with Anne, Bob computes Kshared = KAnnekBob mod p • It can be shown these keys are equal

  35. Example • Assume p = 53 and g = 17 • Alice chooses kAlice= 5 • Then KAlice= 175 mod 53 = 40 • Bob chooses kBob= 7 • Then KBob= 177 mod 53 = 6 • Shared key: • KBobkAlice mod p = 65 mod 53 = 38 • KAlicekBobmod p = 407 mod 53 = 38

  36. RSA • Asymmetric cryptographic algorithm published in 1978 • The most popular asymmetric algorithm used today • Now free to use – patent expired in 2000 • Relies on the hardness of factoring a number consisting of two primes

  37. Background • Totient function (n) • Number of positive integers less than n and relatively prime to n • Relatively prime means with no factors in common with n • Example: (10) = 4 • 1, 3, 7, 9 are relatively prime to 10 • Example: (21) = 12 • 1, 2, 4, 5, 8, 10, 11, 13, 16, 17, 19, 20 are relatively prime to 21

  38. Algorithm • Choose two large prime numbers p, q • Let n = pq; then (n) = (p–1)(q–1) • Choose e < n such that e is relatively prime to (n). • Compute d such that ed mod (n) = 1 • Public key: (e, n); private key: d • Encipher: c = me mod n • Decipher: m = cd mod n

  39. The RSA algorithm – key generation • Choose two large prime numbers p, q • Let n = pq; then (n) = (p–1)(q–1) • Choose e < nsuch that gcd(e,(p–1)(q–1)) = 1 • eis relatively prime to (n). • Compute d such that ed mod ((p–1)(q–1))= 1 • The public key is the pair (e, n) • The private key is the pair (d, n) • Message m – number 0 < m < n • Encryption E(m) = me mod n • Decryption D(m) = md mod n • Exercise – check that D(E(m)) = m.

  40. Example: Confidentiality • Take p = 7, q = 11, so n = 77 and (n) = 60 • Alice chooses e = 17, making d = 53 • Bob wants to send Alice secret message HELLO (07 04 11 11 14) • 0717 mod 77 = 28 • 0417 mod 77 = 16 • 1117 mod 77 = 44 • 1117 mod 77 = 44 • 1417 mod 77 = 42 • Bob sends 28 16 44 44 42

  41. Example • Alice receives 28 16 44 44 42 • Alice uses private key, d = 53, to decrypt message: • 2853 mod 77 = 07 • 1653 mod 77 = 04 • 4453 mod 77 = 11 • 4453 mod 77 = 11 • 4253 mod 77 = 14 • Alice translates message to letters to read HELLO • No one else could read it, as only Alice knows her private key and that is needed for decryption

  42. Example: Integrity/Authentication • Take p = 7, q = 11, so n = 77 and (n) = 60 • Alice chooses e = 17, making d = 53 • Alice wants to send Bob message HELLO (07 04 11 11 14) so Bob knows it is what Alice sent (no changes in transit, and authenticated) • 0753 mod 77 = 35 • 0453 mod 77 = 09 • 1153 mod 77 = 44 • 1153 mod 77 = 44 • 1453 mod 77 = 49 • Alice sends 35 09 44 44 49

  43. Example • Bob receives 35 09 44 44 49 • Bob uses Alice’s public key, e = 17, n = 77, to decrypt message: • 3517 mod 77 = 07 • 0917 mod 77 = 04 • 4417 mod 77 = 11 • 4417 mod 77 = 11 • 4917 mod 77 = 14 • Bob translates message to letters to read HELLO • Alice sent it as only she knows her private key, so no one else could have enciphered it • If (enciphered) message’s blocks (letters) altered in transit, would not decrypt properly

  44. Example: Both • Alice wants to send Bob message HELLO both enciphered and authenticated (integrity-checked) • Alice’s keys: public (17, 77); private: 53 • Bob’s keys: public: (37, 77); private: 13 • Alice enciphers HELLO (07 04 11 11 14): • (0753 mod 77)37 mod 77 = 07 • (0453 mod 77)37 mod 77 = 37 • (1153 mod 77)37 mod 77 = 44 • (1153 mod 77)37 mod 77 = 44 • (1453 mod 77)37 mod 77 = 14 • Alice sends 07 37 44 44 14

  45. Security Services • Confidentiality • Only the owner of the private key knows it, so text enciphered with public key cannot be read by anyone except the owner of the private key • Authentication • Only the owner of the private key knows it, so text enciphered with private key must have been generated by the owner

  46. More Security Services • Integrity • Enciphered letters cannot be changed undetectably without knowing private key • Non-Repudiation • Message enciphered with private key came from someone who knew it

  47. RSA • Asymmetric cryptographic algorithm published in 1978 • The most popular asymmetric algorithm used today • Now free to use – patent expired in 2000 • Relies on the hardness of factoring a number consisting of two primes

  48. Warnings • Encipher message in blocks considerably larger than the examples here • If 1 character per block, RSA can be broken using statistical attacks (just like classical cryptosystems) • Attacker cannot alter letters, but can rearrange them and alter message meaning • Example: reverse enciphered message of text ON to get NO

  49. Key Points • Two main types of cryptosystems: classical and public key • Classical cryptosystems encipher and decipher using the same key • Or one key is easily derived from the other • Public key cryptosystems encipher and decipher using different keys • Computationally infeasible to derive one from the other

More Related