440 likes | 656 Views
Cryptography. Comes from the Greek words for secret and writing In reality, it is the art of mangling data into apparently something unintelligible and allowing for a secret method of unmangling.
E N D
Cryptography • Comes from the Greek words for secret and writing • In reality, it is the art of mangling data into apparently something unintelligible and allowing for a secret method of unmangling. • In computer systems it is used to get data from one secure system to another through an unsecured network • Traditional Cryptography: encryption decryption Plain Text Cipher Text Plain Text key key
Cryptography • There are two major aspects to cryptology • Encryption • the ability to keep information secret • Authentication • Proves the data came from who it was supposed to • Proves the data was not changed in transit.
Computational Difficulty • Cyrptographic algorithms must be efficient (quick) at decoding if you have the key • A cryptographic algorithm can be deemed computationally secure if: • The cost of breaking the cipher exceeds the value of the encrypted information • The time required to break the cipher exceeds the useful lifetime of the information • No algorithm is impossible to break, it’s just a matter of time • Brute force will ALWAYS find the key. • The larger the number of combinations the longer it will take to brute force.
Computational Difficulty • No algorithm is impossible to break, it’s just a matter of time • Example: • A combination lock requiring 3 numbers in the range of 0-40. For someone with the combination (key) 10 seconds. How long to brute force? • 403 (64,000) combinations * 10 sec = 7.4 weeks. But on average the solution will be found in ½ that time or 3.7 days • What if the combination was 4 numbers in the range of 0-40. For someone with the combination it takes 3 seconds longer. How long to brute force? • 404(2,560,000) combinations * 13 sec = 385 days. Again averaging give ~ ½ year.
Computational Difficulty • No algorithm is impossible to break, it’s just a matter of time • So, Increasing the length of the key makes it a bit harder for users with the key, but much harder to brute force. • As computer speeds increase, the key length can increase with no perceived performance change to those with keys, but with much greater brute force time required Key Size #Keys 40μs/Decrypt 1 Decrypt/μs 32 4.3 X 109 23.8 hours 35.8 min 56 7.2 X 1016 40 hours 10 hours 128 3.4 X 1038 2.16 x 1020years 5.4 X 1018 years 168 3.7 X 1050 2.36 X 1032 years 5.9 X 1030 years
Computational Difficulty • No algorithm is impossible to break, it’s just a matter of time • Knowledge of a domain may render decryption trivial, regardless of the length of the key. • Example: alphabetic encryption (monoalphabetic cipher) does an arbitrary mapping of letters • There are 26! (4 x 1026) possible letter pairs. • but knowledge of the English language (the letter e is most prevalent, followed by t, a vowel in every word, etc..) makes it trivial to decode
Cryptanalysis • Cryptanalysis is the process of attempting to discover a message or key. • Once the key length gets to long to brute force, the next best method of cryptanalysis is to break the cipher it self • To do cryptanalysis you must have a large enough crypted sample to do an analysis • You must also be able to recognize when the code is broken
Cryptanalysis • There are 3 basic methods to cryptanalysis • All required knowledge of the encryption algorithm which gives some domain knowledge • Cipher Text Only • Only encrypted information is available • Use a brute force approach on it, plus the domain knowledge. • Many attacks check common dictionary words first before trying a brute force • Known Plain text • The attacker gets a plain text / cipher text pair • By analyzing the input and output it is easier to get the key
Cryptanalysis • There are 3 basic attacks to encryption schemes • Chosen Plain Text • The attacker chooses the text to be encoded • By carefully choosing text, breaking a key can become quite trivial • A good encryption algorithm should be able to resist all three attack methods
Types of Encryption • There are three different encryption functions used by computers • Secret Key • Public Key • Hash
Secret Key Encryption • With secret key encryption, the key that encrypts the data also decrypts. • Both sides must have the same key • Also called Symmetric
Secret Key Encryption Alice-Bob Alice-Bob ciphertext ciphertext M M Enck Deck
Conventional Secret Key Algorithms • There are two ways of doing symmetric key encryption • Stream cipher • Encrypt/decrypt is done one symbol at a time • Good for real time processing • Block cipher • Split the original message into fixed sized blocks • Pad the block if necessary to complete a block • Encrypt the blocks • Output the encrypted blocks • Good for file encryption, generally considered better
Conventional Secret Key Algorithms • Stream Ciphers • RC4 • A byte stream (8 bits) of plain text is exclusive-ored with a byte of a key • Used in SSL/TLS, WEP, WPA1 • Uses a key up to 256 bytes • Believed weak if the key is less the 16 bytes. • Attacks have been found for key sizes less the 5 bytes • If the same key is used over and over it is subject to crypanalysis • A5/1 • A bit stream is xored 228 bits at a time with a 228 bit key frame • Used in Global Systems for Mobile Communications (GSM) • Uses a 64 bit key • Several attacks have been show against it. • Some attacks can break it in 2-5 minutes with chosen plain text
Conventional Secret Key Algorithms • Block Ciphers • Data Encryption Standard (DES) • Adopted in 1977 by the National Bureau of Standards • For unclassified applications • Uses a 56 bit key • Uses a 64-bit block size • Weakness • Key size – less then 24 hours to brute force • Weak keys • 4 keys have been shown to make des trivial to break • Semi Weak keys • 6 keys have been shown to be somewhat harder to break • Possible Weak keys • 48 keys are suspect • Possibility of choosing a weak key is almost impossible • 1 in 1.13 x 10 15
Conventional Secret Key Algorithms • Block Ciphers • Double DES (2 DES) • Encrypt with DES twice with different keys • Double the key space - 2112 • There is a know plain text attack renders the key space only slightly larger then DES - 257 • Triple DEA (TDEA, Triple DES, EDE) • Use DES and 3 keys. • Encrypt with the first key, Decrypt with the second key, encrypt with the third key • Strengths • Uses DES which is a tested algorithm • Uses a 168 bit key, which is still very much a valid key length • Weakness • SLOW, because of the encode-decode-encode process • Used by financial institutions, PGP, and S/MIME
Conventional Secret Key Algorithms • Block Ciphers • International Data Encryption Algorithm (IDEA) • Uses a 128 bit key • Released in 1991 and has been studied extensively • No known exploit • Used in pgp but not gpg (free pgp) because it is patented • Blowfish • Developed in 1993 • Quickly became an alternative to DES • Designed to be FAST with a small memory imprint (~5k) • Takes a variable key length. As long as 448 bits (in practice only 128 bit is used) • Use mostly in commercial products
Conventional Secret Key Algorithms • Block ciphers • RC5 • Developed in 1994 • Can be embedded in hardware • Low memory requirement • Can be run on a smart card • Variable key length • Proprietary to RSA Data Security • CAST-128 • Developed in 1997 • Variable key from 40-128 bit in 8 bit increments • Used in pgp
Conventional Secret Key Algorithms • Block Ciphers • Advanced Encryption Standard (AES) (FIPS 197) • Supports 128,192, and 256 bit keys • Open algorithm • Security equal to or greater then triple DES • Much faster then triple DES • Small memory print • Slowly being adopted
Message Hashing • What if the message contents are not sensitive, but you want a guarantee that the message came from Alice? • Alice would create a hash or message digest • A hash is a one way function that takes a message of arbitrary length and computes a fixed length “finger-print” of the message • It is very difficult to take a hash and reconstruct the message • The finger-print must be unique enough so that it is nearly impossible to generate the same finger-print using a different input message. • Again the length of the hash determines how many different messages can be uniquely constructed
Message Hashing • A good hash algorithm will generate a completely different hash if even one bit is altered. • Current standard hash algorithms include SHA-1, MD2, MD4, and MD5 • SHA-1 has variants – none have been broken (yet) • SHA-1 - 160 bit key • SHA-256; 256 bit key • SHA-512; 512 bit key • MD has variants – all have been broken • MD2 • Optimized for 8 bit computers • 128 bit key • MD4 • Used as the Microsoft password hash • 128 bit key • MD5 • Strengthened version of MD4 • 128 bit key • MD6 • Designed for large files • 256 bit key • new
Message Hashing • So, back to Bob and Alice… • If Alice sends the hash of the message and Bob does the hash of the message and the hashes compare, then the message is considered good. • NO SO FAST… • What happens if the message is altered and the corresponding hash is also altered?
Secret Key Message Authentication Alice-Bob Alice-Bob M M Hash(M) Compare Hash(M) MAC MAC Hash(M) Enck Deck
Secret Key Message Authentication • By comparing the hashes of the messages we are assured that the message has not been altered • By encrypting the hash we are assured that the hash came from Alice. • So, if the hash came from Alice and the hashes match, the message came from Alice
Secret Key Problems • The major problem with secret keys is the secret keys • How do you get the key to the other side? • Diffe-Helman key Exchange
Secret Key Problems • The major problem with secret keys is the secret keys • How do you get the key to the other side? • Diffe-Helman key Exchange • Problem with Diffe-Helman is the “man in the middle attack”. • The man in the middle gives each one the p and g • Lots of keys • For every person you want to exchange data with you need another key • Solution – Public key encryption
Public Key Encryption • With public key encryption you have two keys • One key will decrypt a message encrypted with the other key • One key is held private so that no one else knows the key • The other key is given freely to anyone who wants it. • Also called asymmetric
Public Key Encryption Alice (private) Bob (private) Bob (public) Alice (public) ciphertext ciphertext M M Enck (Alice – private) Deck (Alice – public) ciphertext ciphertext M M Deck (Alice – private) Inck (Alice – public)
Public Key Digital Signature (HMAC) Alice (private) Bob (private) Bob (public) Alice (public) M M Hash(M) Compare Hash(M) Signature Signature Hash(M) Enck (Alice – private) Deck (Alice – public)
Public Key Encryption • A public key signature assures that the message came from Alice • Admissible in court • Only Alice can generate the signature…maybe?!?!?
Birthday Attack • Bob prepares two versions of a contract • One favorable to Alice – contract 1 • The other would bankrupt Alice – contract 2 • Bob makes subtle changes to contract 1 and 2 • E.g. replace spaces with space-backspace-space characters • By making or not making changes on 32 lines, you get 232 different docs • Bob compares hash codes for both documents with all changes • If the hash is only 64 bits, he should find a hash match in all the different contracts he created. • Bob gets Alice to sign contract 1 for which there is a hash collision with contract 2 • Bob can convince a judge that Alice signed contract 2.
Public Key Encryption • There are currently four public key encryption algorithms • Elgamal • Can only be used with digital signatures • Very Complex • DSS • A broken apart insecure version of Elgamal pushed forth by NIST. • Very controversial • RSA • The defacto standard in public key encryption • Does messages, signatures, and private key creation. • Problem • SLOW!
Key Exchange • Problem: Alice wants to send Bob a large amount of secure data. And she only wants Bob to get the data. And it should be done efficiently. How?
Key Exchange Alice (private) Bob (private) Bob (public) Alice (public) Key Please Key Please ciphertext ciphertext Enck (Alice – private) Deck (Alice – public)
Key Exchange Alice (private) Bob (private) Bob (public) Alice (public) Random Key ciphertext ciphertext Key Enck (Alice – public) Deck (Alice – private) ciphertext ciphertext Deck (Bob – public) Enck (Bob – private)
Secret Key Encryption Alice (private) Bob (private) Bob (public) Alice (public) Alice-Bob (Temp) Alice-Bob (Temp) Using Secret Key Encryption ciphertext ciphertext M M EncK(Alice-Bob) DecK (Alice – Bob)