310 likes | 391 Views
Cryptography. Lynn Ackler Southern Oregon University. Information Assurance. Keep information in a known and trusted state that can be used appropriately. NSA Information Security Model. Information States. Transmission. Storage. Processing. Security Measures. Training. Confidentiality.
E N D
Cryptography Lynn Ackler Southern Oregon University
Information Assurance Keep information in a known and trusted state that can be used appropriately.
NSA Information Security Model Information States Transmission Storage Processing Security Measures Training Confidentiality Policies Critical Information Characteristics Technology Integrity Availability
Cryptography – Introduction Chapter 1 Cryptography - Services • Confidentiality • Authentication • Integrity • Nonrepudiation
Encryption/Decryption Render text unreadable • Plaintext – message to be scrambled • Encryption – scrambling the message • Ciphertext – scrambled message • Decryption – unscrambling the ciphertext
Cryptography Cryptography • Art and science of encryption techniques • Cryptographers Cryptanalysis • Art and science of braking encryption • Cryptanalysts Cryptology • Branch of mathematics studing both cryptography and cryptanalysis
Encryption/Decryption Original Plaintext Plaintext Ciphertext Encryption Decryption M C M E(M) = C D(C) = M D(E(M)) = M
Keys(Magic decoder rings) Secrecy by obscurity • Secret algorithm Secrecy via a secret • Keys, usually a number kept secret • Algorithm is public and studied Keyspace • Set of all possible keys • Should be big
Symmetric Key Cryptography Key to encrypt is the same as to decrypt • Usually very fast • Problem is to distribute the key Block ciphers/algorithms Stream ciphers/algorithms
Encryption/Decryption Key Key Original Plaintext Plaintext Ciphertext Encryption Decryption M C M EK(M) = C DK(C) = M DK(EK(M)) = M
Asymmetric Key Cryptography Key to encrypt is different from the key to decrypt • Usually very slow • Distribution is not a problem Block algorithm only
Encryption/Decryption Decryption Key Encryption Key Original Plaintext Plaintext Ciphertext Encryption Decryption M C M EK1(M) = C DK2(C) = M DK2(EK1(M)) = M
Public - Key Cryptography Two keys: • Public key • Private key If one is used to encrypt the other must be used to decrypt.
Cryptanalysis Break the encryption • Attack: a cryptanalysis attempt • Compromise: loss of a key
Standard Attacks Cryptanalytic attacks • Ciphertext–only attack • Known–plaintext attack • Chosen–plaintetxt attack • Adaptive–chosen–plaintext attack • Chosen–ciphertext attacks • Rubber–hose attack
Ciphertext-only Attack Ciphertext of several messages • Same key, hopefully • Same algorithm Goals • Recover plaintext and/or key/keys Example: • Encrypted hard drive
Known-plaintext Attack Plaintext and Ciphertext of several messages are known • Same key, hopefully • Same algorithm Goals • Recover key/keys • At least recover the next messasge Example • A collection of e-mails
Chosen-plaintext Attack Plaintext and Ciphertext of several messages are known Can have ciphertext for any chosen plaintext • Same key and algorithm Goals • Recover the key • At least recover the next message Example • Encrypted bank deposits to your account
Chosen-ciphertext Attack Any Ciphertext can be decrypted • Same key and algorithm Goals • Recover the key Example • Breaking a tamper proof crypto box
Rubber Hose Attack Uncooperative person Goals • Recover the key • Recover password Example • Any one with a secret Technique • Sex, Money and Pain
Security of Algorithms If the cost to break is greater than the value of the data, you are probably safe. Not always though. Seti at home
Categories of Breaks Total break Algorithm and key is deduced Global deduction An alternative algorithm is found Local deduction The plaintext is found for a single intercepted ciphertext Information deduction Format of plaintext, a few bits of the key, etc.
Security Levels Unconditionally secure • One time pad Conditionally secure • Brute force attack • Computationally secure
Steganography Data hiding in plain sight. Often is not invariant under data compression.
Substitution Ciphers Alphabet substitution • Monoalphabetic – letter for letter • Homophonic – one or more for a letter • Polygram – block for block • Polyalphabetic – multiple simple substitutions Substitution algorithms • Caeser Cipher – rotate n mod 26 • Modulo arithmetic • Lookup tables
Transposition Cipher Plaintext in rows Ciphertext from the columns Ciphertext: t hfteoh xeq ujliuacmz key d b d rooovgwe nr
Simple XOR XOR: '^' in C, Å in mathematics 0 Å 0 = 0 0 Å 1 = 1 1 Å 0 = 1 1 Å 1 = 0 Note: a Å 0 = a a Å a = 0 (a Å b)Å b = a
Simple XOR Encryption Key: K Messag: M Ciphertext: C = M Å K Message: M = C Å K = (M Å K) Å K = M Å (K Å K) = M
One-Time Pads The one time pad is a substitution cipher with a very very long random substitution key. Statistically it is perfectly secure.
One-Time PadsProblems The key must be a random sequence of characters. The pad can be used only once. Both parties must have the exact same pad. If one character is dropped everything afterward is lost.
One-Time PadsUses Low bandwidth communication. Ultra secure communication. Forever secure.