Cryptography

1. Cryptography Module I

2. Cryptographic Protocols • Messages should be transmitted to destination • Only the recipient should see it • Only the recipient should get it • Proof of the sender’s identity • Message shouldn’t be corrupted in transit • Message should be sent/received once only K. Salah

3. Terminology • Cipher: • Arabic word means “meaningless” or “hiding meaning” • The term cipher is used to refer to encryption and decryption algorithms. • Decryption: recovering meaning from ciphertext • Cryptography: art and science of keeping messages secure • Cryptanalysis: art and science of breaking ciphertext • Brute force attack • Tries all possible keys on a piece of ciphertext • Cryptology: study of both cryptography and cryptanalysis K. Salah

4. Encryption and decryption • A key is a number (value) that the cipher, as an algorithm, operates on. • To encrypt a message, we need an encryption algorithm, an encryption key, and the plaintext. These create the ciphertext. • To decrypt a message, we need a decryption algorithm, a decryption key, and the ciphertext. These reveal the plaintext. • In cryptography, the encryption/decryption algorithms are public; the keys are secret. K. Salah

5. Symmetric-key cryptography • In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared. • In symmetric-key cryptography, the same key is used in both directions • The algorithm used for decryption is the inverse of the algorithm used for encryption. • It takes less time to encrypt a message using a symmetric-key algorithm than it takes to encrypt using a public-key algorithm. • Symmetric-key cryptography is often used for long messages • Disadvantages: • Each pair of users must have a unique symmetric key. • Key distribution must be done secretly (difficult when parties are geographically distant, or don't know each other) • Need a key for each pair of users • n users need n*(n-1)/2 keys • If the secret key (and cryptosystem) is compromised, the adversary will be able to decrypt all traffic and produce fake messages K. Salah

6. Symmetric (Secret Key) Cryptosystem Plaintext Ciphertext Plaintext Encryption Decryption Sender Recipient K C=E(K,M) M=D(K,C) K needs secure channel K. Salah

7. Asymmetric or Public Key Cryptosystem Recipient’s public Key (Kpub) Recipient’s private Key (Kpriv) Plaintext Ciphertext Plaintext Encryption Decryption Sender Recipient C=E(Kpub,M) M=D(Kpriv,C) Kpubneeds reliable channel K. Salah

8. Basic Encryption Techniques • Substitution (Replacement) • Transposition or Permutation (Rearranging) • Combinations and iterations of these • The principle of “Rounds” K. Salah

9. Caesar cipher • A cipher using the substitution method substitutes one symbol with another. • Monoalphabetic: A character in the plaintext is always changed to the same character in the ciphertext regardless of its position in the text. Ex. Caesar Cipher. • In monoalphabetic substitution, the relationship between a character in the plaintext to the character in the ciphertext is always one-to-one • Simple to implement but easy to break • Common alphabets in English • Letters E, T, O, A occur far more often than J, Q, X, Z • Can id the pattern easily K. Salah

10. Vigenere cipher • In polyalphabetic substitution, the relationship between a character in the plaintext and a character in the ciphertext is one-to-many • Each occurrence of a character can have a different substitute • ‘A’ can be changed to ‘D’ at the beginning, and later ‘A’ can be changed to ‘X’ at the middle • Key is like: Take the position of the character in the text, divide the number by 10, and let the remainder be the shift value. • Ex. Vigenere Cipher. • The reminder is not shifted, but chosen from a table • Difficult to attack when compared to Monoalphabetic. K. Salah

11. Transpositional cipher • The characters retain their plaintext form but change their positions to create the ciphertext. • The text is organized into a two-dimensional table, and the columns are interchanged according to a key. K. Salah

12. Block cipher • Modern ciphers use a block of bits as the unit of encryption/decryption. • P-box (P for permutation) performs a transposition at the bit level. It can be implemented in hardware or software, but hardware is faster. K. Salah

13. S-box • S-box (S for substitution) performs a substitution at the bit level. • The S-box substitutes one decimal digit with another. • The S-box normally has three components: an encoder, a decoder, and a P-box. • The decoder changes an input of n bits to an output of 2n bits. This output has one single 1 (the rest are 0s) located at a position determined by the input. The P-box permutes the output of decoder, and the encoder changes the output of the P-box backs to a binary number in the same way as the decoder, but inversely. • For example, • If the number is 010  00000100  01000000  110 K. Salah

14. What makes a good cryptosystem? • A good cryptosystem is one whose security does not depend upon the secrecy of the algorithm. • Two reasons: • Achieving security through obscurity does not last for long • The algorithm can not be shared by public • From Bruce Schneier: • “Good cryptographers rely on peer review to separate the good algorithms from the bad.'' • Confusion (by substitution) • Has a complex relationship between plaintext/key and ciphertext • Not easy to deduce the relation and thus see a pattern • Diffusion (by permutation) • Distributing and spreading the information from plaintext over the entire ciphertext • Therefore, changes in plaintext produce numerous changes in different and random parts of the ciphertext, not the same ones! K. Salah