310 likes | 546 Views
Lesson 2 - Encryption. ITD2323. Lecture by: IZWAN SUHADAK ISHAK Assistant Lecturer Universiti Industri Selangor. Things to learn about. Concepts of encryption Cryptanalysis Symmetric encryption Assymmetric encryption Protocols and certificates Digital signatures
E N D
Lesson 2 - Encryption ITD2323 Lecture by:IZWAN SUHADAK ISHAKAssistant LecturerUniversiti Industri Selangor
Things to learn about • Concepts of encryption • Cryptanalysis • Symmetric encryption • Assymmetric encryption • Protocols and certificates • Digital signatures • Types of encryption algorithms
Cryptography • Secret writing – strongest tool to control against many kinds of security threats • Users of cryptography usually do not create their encryption techniques – just use what’s available
Terminology • Imagine S (sender) sending a message to R (recipient) through T (transmission medium) • However there’s an intruder or interceptor (O) who tries to access the message in any of these: • Block it – affects the availability • Intercept it – affecting the confidentiality • Modify it – affecting the integrity • Fabricate it – affecting the integrity as well
…continued • Encryption – the process of encoding a message (scrambling) • Decryption – the process to reverse, transforming encrypted message back to original form • Encode, decode, encipher, decipher are terms used in lieu of encrypt or decrypt • Encode could mean translating entire word or phrases into something new • Encipher could mean translating letters or symbols individually
Encryption Decryption Original Plaintext Plaintext Ciphertext …continued • Cryptosystem – a system for encryption and decryption • Plaintext, cleartext – original form • Ciphertext – encrypted (scrambled) form
Encryption Algorithms • Set of rules for how to encrypt plaintext and how to decrypt ciphertext • Often use a device called ‘key’ (K) • When C=E(K,P), it means E acts as an encryption algorithm, and K is the key. C is ciphertext; P is plaintext
…continued • When P=D(K, E(K,P)), it shows that both encryption and decryption keys are the same • This form is called ‘symmetric’ encryption • When P=D(KD, E(KE,P)), it shows that encryption and decryption keys are NOT the same • This form is called ‘asymmetric’ encryption
Encryption Encryption Decryption Decryption Original Plaintext Original Plaintext Plaintext Plaintext Ciphertext Ciphertext …continued KEY SYMMETRIC ENCRYPTION ASYMMETRIC ENCRYPTION Decryption Key Encryption Key KE KD
…continued • A key gives flexibility in using an encryption scheme • Can create different encryptions by just changing the key • Provides additional security • Any encryption scheme that does not require a key = keyless cipher
Some interesting terms… • Cryptography – hidden writing, practice of using encryption to conceal text • Cryptanalyst – studies encryption and encrypted messages, hoping to find hidden messages • Cryptographer (& cryptanalyst) attempt to translate coded material to plaintext
…continued • Cryptographer works on behalf of a legitimate sender/receiver • Cryptanalyst works on behalf of an unauthorized interceptor • Cryptology – research into and study of encryption and decryption
Two simples types • Substitution • One letter is exchanged for another • Some call it monoalphabetic cipher or simple substitution • Transposition • Order of the letters rearranged
Caesar Cipher Plaintext Ciphertext • In this example: • Shift of 3 • ci = E(pi) = pi + 3 • What would the ciphertext for UNISEL? • Answer: xqlvho • TREATY IMPOSSIBLE? • Answer: wuhdwb lpsrvvleoh
Permutation Tmepty adjhqqarce • Almost like Caesar Cipher • Uses a word as the key • E.g. if ‘word’ is the key: • If ‘professional’ as the key: • If the word has several similar alphabets, only ONE of it should be used Plaintext Ciphertext
…continued • Encrypt “TREATY IMPOSSIBLE” using both permutation algorithms • Answer: spawsy fjmlqqfola • Answer: tmepty adjhqqarce
…continued • Both types of permutation algorithms may invoke easy access by cryptanalyst, therefore it is more desirable to have less regular rearrangement of letters • A possibility is to count by three (or 5, or 7, or 9) and rearrange in that order
…continued • In this case, a+3=d, d+3=g, g+3=j • Encrypt “TREATY IMPOSSIBLE” • Answer: fzmafu yktqccydhm
Vernam Cipher • Involves an arbitrarily long nonrepeating sequence of numbers combined with the plaintext • Equate each alphabet with corresponding number, add to its random 2-digit, find the mod of its sum with 26 to get the ciphertext
Vigenère Cipher • Uses a table called “Vigenère Tableau” • Table is a series of alphabets from A to Z • Encryption is done from top to bottom, following the key which follows the ‘Permutation’ style key
Transposition • Goal is confusion • Encryption in which the letters of the message are rearranged; breaking established patterns
Columnar Transposition • Rearranging characters of plaintext into columns • In a 5-column transposition, plaintext characters are written in rows of five and arranged one row after another: • Ciphertext is written from column to column ciphertext plaintext
…continued THISI SAMES SAGET OSHOW HOWAC OLUMN ARTRA NSPOS ITION WORKS tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc nasns PUTAN XIFWO RDSDO NOTFI LLALL COLUM NSXXX pxrnl cnuid olost Fstal xawdf luxno oilmx
Public Key Encryption • Each user has a key that does not have to be kept secret • Secret is the decryption technique, not the key itself • Public key cryptosystem accomplish this goal by using two keys; one to encrypt and one to decrypt • Each user has two keys: a public key and a private key
…continued • P = D(kPRIV, E(kPUB, P)) • Some public key encryption algorithms have this relationship: P=D(kPUB, E(kPRIV, P))
…continued • Let’s say there’s 3 users, B, C and D • All three have to send a message to A and each other • Each distinct pair of users needs a key, each user would need 3 different keys; A would need a key for B, C and D each. • With public key, each B, C and D can use A’ s public key to send the message, but A’s private key remains private, so C cannot decrypt message sent by B to A
Rivest-Shamir-Adelman (RSA) Encryption • A public key system • Introduced in 1978 and remains secure until now • Combines results from number theory with degree of difficulty in determining the prime factors of a given number • Uses two keys, d & e for decryption and encryption – either private or public key can be used in the encryption • P=E(D(P))=D(E(P))
…continued • C=Pe mod n • P=Cd mod n • P=Cd mod n = (Pe)d mod n = (Pd)e mod n • Key choice: • Consists of pair of integer (e,n) for encryption and integer (d,n) for decryption • Start point to find value of n • n should be quite large (a product of two prime numbers p and q) • p and q are usually 100 digits each • e is relatively prime to (p-1)*(q-1) e has no factors in common with (p-1)*(q-1) where e>(p-1) and e>(q-1)
…continued • e * d = 1 mod (p-1)*(q-1) • Usually n is made public and d is kept secret