1 / 23

CISC 210 - Class Today

CISC 210 - Class Today. Homework: Chapter 5, exercises E6-E17 Recap Keystream reuse File Encryption. Recap. Trojan horse – a reason for file encryption Bob’s defense What about Chain of Control? Encryption terms Algorithm, plaintext, ciphertext, key. Bob’s defense of his files.

fay
Download Presentation

CISC 210 - Class Today

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CISC 210 - Class Today • Homework: Chapter 5, exercises E6-E17 • Recap • Keystream reuse • File Encryption R. Smith - University of St Thomas - Minnesota

  2. Recap • Trojan horse – a reason for file encryption • Bob’s defense • What about Chain of Control? • Encryption terms • Algorithm, plaintext, ciphertext, key R. Smith - University of St Thomas - Minnesota

  3. Bob’s defense of his files • Block everyones’ access • Allow his own access • What does the game do? R. Smith - University of St Thomas - Minnesota

  4. The attack on Bob • Game does the work under Bob’s process R. Smith - University of St Thomas - Minnesota

  5. The Encryption Process • Convert plaintext to ciphertext with a key R. Smith - University of St Thomas - Minnesota

  6. Cryptanalysis • Known ciphertext attack • a.k.a. ciphertext-only attack – classic attack • Newspaper cryptograms • You have ciphertext, no plaintext • Known plaintext attack • You have some plaintext for some intercepted ciphertext • The attack used against ENIGMA to reduce the problem R. Smith - University of St Thomas - Minnesota

  7. Looking more at Stream Ciphers • Same for streams and one time pads R. Smith - University of St Thomas - Minnesota

  8. The One Time Pad • “Provably secure” • We use 1 bit of random key for EVERY BIT of data we transmit. • Use XOR to encrypt and decrypt • Sender and recipient must share exactly the same stream of random bits, and use them in exactly the same order • NO REUSE!! R. Smith - University of St Thomas - Minnesota

  9. One time pads in Decimal • To Encrypt: • Put plaintext in numeric form • Write decimal numbers from pad underneath • Encrypt by doing add-without-carry • We discard the carry without changing the neighboring digit. • To decrypt: • Write ciphertext digits in a row • Write decimal numbers from pad underneath • Decrypt by doing subtract-without-borrow • We ‘pretend’ to borrow but don’t change the neighboring digit when we do. R. Smith - University of St Thomas - Minnesota

  10. The XOR Reuse Problem • If a xor k = A • and b xor k = B • then A xor B = a xor b • We can do this with Matlab... R. Smith - University of St Thomas - Minnesota

  11. Using Matlab • im = imread(‘file.gif); • reads the gif file and converts it to a matrix • Assigns the matrix to variable ‘im’ • the “;” at the end prevents Matlab from printing the matrix • image(im) • Displays the image. Enable plot tools from the toolbar • Especially the ‘property editor’ • Colormap setting – First choose HSV. Then choose custom • Under custom, change the arrow to increase bit contrast • eiv = xor (im, key); • xors the iv matrix with the key matrix – both same size • eiv gets the result – the ‘;’ suppresses printing the matrix R. Smith - University of St Thomas - Minnesota

  12. Remember this example: • Use 128x128 image to hold the message • XOR with 128x128 random set of bits • SC xor KEY = SCE R. Smith - University of St Thomas - Minnesota

  13. Let’s reuse the bits • Trust me, it’s the same key stream • SM xor KEY = SME R. Smith - University of St Thomas - Minnesota

  14. Look what happens... • We combine the 2 ciphertexts with XOR • Not so secure, eh? • SME xor SCE == SM xor SC R. Smith - University of St Thomas - Minnesota

  15. File encryption issues • Entropy in the passphrases • No truncation • Don’t waste bits • Reusing the same password • All things being equal, if we use the same password twice as the encryption key, we generate an identical keystream • Don’t want that problem again R. Smith - University of St Thomas - Minnesota

  16. File Encryption Process • Here’s the perimeter R. Smith - University of St Thomas - Minnesota

  17. Simple password handling R. Smith - University of St Thomas - Minnesota

  18. Using a hash – better • Makes longer passphrases effective R. Smith - University of St Thomas - Minnesota

  19. Nonce and Hash • Lets us reuse the same password R. Smith - University of St Thomas - Minnesota

  20. Trying file encryption • Let’s download some stuff • Sourceforge.net • Neocrypt – file encryption • Frhed – binary file editor R. Smith - University of St Thomas - Minnesota

  21. Fundamentals of Crypto Here is a basic example of a ‘crypto protocol’ R. Smith - University of St Thomas - Minnesota

  22. Elements of crypto protocols • Encryption functions • Hash functions • Random values (encryption keys) • Nonces • Apply the functions to inputs • Save extra data with the protected output • Use the extra data to retrieve or verify the protected output R. Smith - University of St Thomas - Minnesota

  23. Creative Commons License This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. R. Smith - University of St Thomas - Minnesota

More Related