1.53k likes | 1.81k Views
Security in Computing Chapter 2, Elementary Cryptography. Summary created by Kirk Scott. 1. Notation. S = Sender R = Recipient or Receiver T = Transmission Medium O = Outsider, possibly an Interceptor or Intruder. 2. Possible Attacks on Messages in Transition. A. Block the message
E N D
Security in ComputingChapter 2, Elementary Cryptography Summary created by Kirk Scott
1. Notation • S = Sender • R = Recipient or Receiver • T = Transmission Medium • O = Outsider, possibly an Interceptor or Intruder
2. Possible Attacks on Messages in Transition • A. Block the message • R does not receive it • This violates availability • B. Intercept the message • If it is readable, this violates confidentiality • Even if unreadable, knowing that a message was sent may be of value
C. Modify the message • Intercept, modify, and retransmit • This violates integrity • D. Fabricate a message • Send a message to R that appears to come from S • This violates integrity
3. Terminology • Encryption = encoding = enciphering = converting plaintext to ciphertext = scrambling the contents of a message so it can only be read by the intended recipient • Decryption = decoding = deciphering = converting ciphertext to plaintext • A rational scheme for encryption and decryption is known as a cryptosystem
4. More Notation • A plaintext sequence of characters can be represented in this way: • P = <p1, p2, …, pn> • Ciphertext can be represented in this way: • C = < c1, c2, …, cn> • Encoding and decoding can be represented as functions E() and D()
5. Relationships in a Cryptosystem • Encryption: C = E(P) • Decryption: P = D(C) • A successful cryptosystem has this property: • P = D(E(P))
6. Encryption Algorithms • An encryption algorithm is a set of rules for converting plaintext to ciphertext • Algorithms commonly come in families • A slight variation in the use of the rules yields a different encryption
7. Keys • In certain cryptosystems the variation between different applications of an algorithm is embodied in keys • A key, K, identifies or characterizes a particular variation on an algorithm • This is the notation for encrypting with a key, where E() represents the algorithm overall: • C = E(K, P) • If encryption is done with a key, decryption will also be done with a key: • P = D(K, P)
8. Symmetric and Asymmetric Keys • Symmetric: The key for encryption and decryption are the same: • P = D(K, E(K, P)) • Asymmetric: The key for encryption and decryption are different: • P = D(KD, E(KE, P)) • Both kinds of systems will eventually be discussed in depth
9. Keys or No Keys • Keyless cryptosystems are possible • A system with a key makes multiple encryptions of plaintext possible • It makes the code breaker’s task more difficult • Figure out the algorithm • Also figure out the key • Even if the algorithm is known, it’s still necessary to figure out the key
10. Cryptology/Cryptography • Cryptology = research and study of codes • Cryptography = use and application of codes • Cryptographer = (authorized) user of codes • Cryptanalyst = breaker of codes
11. Functions of Cryptanalysis • Break a single message • Deduce a key for an algorithm • Deduce an algorithm • Signals intelligence: Infer meaning from message traffic without decryption • Find weaknesses in the use of a cryptosystem • Find weaknesses in a cryptosystem in the absence of intercepted messages
12. Sources for Cryptanalysis • Intercepted plaintext • Intercepted ciphertext or suspected ciphertext • Properties of human languages • Mathematical and statistical tools • Known algorithms • Intuition, ingenuity, perseverance, luck • All approaches, licit and illicit, are open to the attacker
13. Breakable Encryption • A code may be theoretically breakable through brute force • Even given all possible decryptions, it would still be necessary to pick the right one • The real problem is not having the computing resources to afford a brute force solution • On the other hand, computing resources are getting cheaper and cheaper • The real opportunity comes from applying strategies better than brute force
14. Numeric Representations of the Alphabet • A = 0, B = 1, …, Z = 25 • Starting with zero makes it possible to work in modular fashion • Simple codes can be based on + and – • If the result goes below 0 or above 25, modular arithmetic rolls over or wraps around
15. Two Simple Example Techniques of Encryption • Substitution: Exchange one letter for another • This embodies the idea of confusion • One thing stands for another • Transposition: Rearrange the letters in a message • This embodies the idea of diffusion • Parts of the original message are spread throughout the encrypted message
These two techniques alone are too weak for commercial use • They are of historical interest • They are also useful for learning the concepts without getting bogged down in heavy math
16. Simple Substitution • This may be called a mono-alphabetic cipher • Example: Caesar’s Cipher: • A d, B e, …, Z c • ci = E(pi) = (pi + 3) mod 26 • Example: • TREATY IMPOSSIBLE wuhdwblpsrvvleoh
18. Aspect’s of Caesar’s Cipher • Easy to use • No need for written instructions • In a world where most were illiterate anyway, it was reasonably secure • On the other hand, it is also quite weak
19. Cryptanalysis of Caesar’s Cipher • Spaces between words are preserved • Plaintext letters always map to the same ciphertext letters • As a consequence, regularly occurring sequences of letters in plaintext will recur as ciphertext sequences (prefixes, suffixes, etc.) • In the small example given, the appearance of the double letters SS/vv illustrates the idea
20. A Cryptanalysis Example • wklvphvvdjhlvqrwwrrkdugwreuhdn • This is based on a 27 letter alphabet with the space included • Furthermore, the space hasn’t been encrypted (or “it codes to itself”) • This opens up lots of cryptanalytic possibilities
The number of short words in English is small • For example, am, is, to , be, he , we, and, are, you, she, … • Approach: Substitute whole short words, then do the same letter substitutions elsewhere to see what you get
wrr is a strong clue because it contains a double letter, and wr only reinforces this • Small words fitting the wrr pattern include see, too, add, odd, off, … • You also need one where the first two letters make a smaller word • Add and ad would work • Too and to are probably more common
This is an educated guessing game • Trying too and to gives: • wklvphvvdjhlvqrwwrrkdugwreuhdn • T--- ------- -- -OT TOO ---- TO ----- • Now consider lv which is a short word in its own right and also ends wklv • Is and this are reasonable guesses • At some point either the message or the transformation will become obvious…
21. Permutations of the Alphabet • The alphabet can be rearranged in less obvious ways than shifting 3 to the right • In general a permutation is any reordering of the elements of a set • Given a set, {1, 2, 3, 4, 5, 6, 7, 8, 9, 10} • A permutation can be represented: • Π1 = {1, 3, 5, 7, 10, 8, 6, 4, 2} • For an individual element: • Π1(3) = 5
22. Keys, Permutations, and Substitution Ciphers • Any permutation of the alphabet can be used as a substitution cipher • A key can be the basis for coming up with a substitution • Let the key be “word” • Here is a way of using it to determine a code: • ABCDEFGHIJKLMNOPQRSTUVWXYZ • wordabcefghijklmnpqstuvxyz
The key is short, so lots of substitutions are near their originals • At the end, letters “substitute” for themselves • The letters at the end of the alphabet are uncommon • Still, this is weak
The books suggests an alternative of counting by 3: • ABCDEFGHIJKLMNOPQRSTUVWXYZ • adgjmpsvybehknqtwzcfilorux • You could probably come up with a mathematical expression for this • It works because of the relationship between 3 and 26 (relatively prime?)
23. The Complexity of Substitution • All simple substitutions are equivalent to table look up • For practical purposes, the time to look up each letter is constant • For a message of length n, both encryption and decryption are O(n)
The simplicity of table look makes use easy for authorized users • Low order of complexity is a sign of a weak algorithm • If a key is involved, the encryption may be strong • The point is that the security of the encryption now depends largely on the key and not the algorithm
24. Cryptanalysis of Substitution Ciphers • Superficially, substitution ciphers appear to be based on a hard problem • There are 26! Permutations of the English alphabet • Trying all by brute force would be daunting
If encryption was done by mono-alphabetic substitution, letter frequency analysis breaks the code • The cryptanalyst is not restricted to solving the underlying hard problem • Consider the program LetterCount.java, given with the first assignment • Empirically determine letter frequencies in English text and see what frequencies occur in ciphertext
25. The Cryptographer’s Dilemma • Encryption is not random • In order to encrypt and decrypt, there has to be a pattern which authorized users know • It’s the pattern which gives clues to the cryptanalyst • The contest between cryptographers and cryptanalysts is never-ending
Consider these additional points • 1. If a message is short enough, it will not include sufficient traces of the pattern for analysis • Suppose you simply intercept a message consisting of 6 characters • What could it be? • You need context to even hazard a guess
2. In the cryptographic arms race, you can essentially assume that anything encrypt is breakable • The question is, will it be breakable before the data loses its value • This is the principle of adequate protection applied to thinking about how strongly to encrypt something
26. Vernam Ciphers • A diagram of the Vernam process is shown on the following overhead • Note that the diagram shows XOR as the transformation
The book chooses to illustrate the idea behind Vernam with an example based on addition and modular arithmetic rather than XOR • Letters of plaintext are represented by numbers • Then a sequence of 2 digit random numbers is considered • The random numbers are added to the plaintext, mod 26
The idea is that this is a system where the algorithm is extremely simple • Security depends on the secrecy and randomness of the key • The problem with this illustration is that it’s not clear how you decrypt • It does not appear to me that this is true: • p = ((p + n) mod 26) + n) mod 26
XOR actually makes a better example • Let the letters and random numbers be represented in binary • If p is the plaintext and q is the random number key: • E(p) = c = p XOR q • D(c) = c XOR q = (p XOR q) XOR Q = p • In other words, applying XOR q twice returns you to p
Here is a little truth table showing that on a bit-wise basis, (p XOR q) XOR q = p:
27. Vigenere Tables • A Vigenere table is shown on the overhead following the next one • Across the top the columns are labeled with small letters • This can be interpreted as key look up • Down the side the rows are labeled with big letters • This can be interpreted as plaintext look up
At the right-most edge there is a column labeled π • This tells you that each row in the table is one of 26 permutations of the alphabet • Encryption using a Vigenere table involves substitution • This is poly-alphabetic substitution (not mono-alphabetic)
28. Vigenere Example • Key: • iamiexistthatiscert • Message: • MACHINESCANNOTTHINK • Encryption of first letter, for example: • Look up intersection of row M, column i, getting u
The complete encryption is: • uaopmkmkvtunhbljmed • Substitution has occurred, but substitution was done on each letter from a potentially different permutation of the alphabet, depending on what the corresponding key value was.
29. Cryptanalysis of the Example • The original message is English and has corresponding letter frequencies • In this example the key is also English and will have corresponding letter frequencies • A, E, O, and T make up 40% of English text • The probability that both the plaintext and the key come from this set: • .4 X .4 = .16
A, E, O, T, N, and I make up 50% of English text • The probability that both the plaintext and the key come from this set: • .5 X .5 = .25 • A Vigenere table is shown on the following overhead with the intersections of the rows and columns for these letters circled