310 likes | 334 Views
Cryptography. What is cryptography? The study of message secrecy The art of writing or solving codes Heavy mathematics Information Theory Statistics Number Theory. Cryptographic Terms. Cryptology Study of Cryptography and Cryptanalysis Cryptanalysis Code Breaking Encryption
E N D
Cryptography • What is cryptography? • The study of message secrecy • The art of writing or solving codes • Heavy mathematics • Information Theory • Statistics • Number Theory
Cryptographic Terms • Cryptology • Study of Cryptography and Cryptanalysis • Cryptanalysis • Code Breaking • Encryption • Converts ordinary information to unreadable • Decryption • Coverts cipher-text back into plain-text • Cipher • A pair of algorithms which are used to encrypt and decrypt
Cryptographic Terms • Key • A parameter that explains how to run the algorithm • Blocks • Input divided and each block is independent against the key • Symmetric • Single key for encryption and decryption • Asymmetric • A public key for encryption • A private key for decryption • Hash • One-way transformation of data • Two different messages should NEVER have the same hash
Cryptographic Terms • Perfect Secrecy • Occurs when knowledge of cipher gives no knowledge of the original message • Steganography • Hides the fact that there even is a message • Picture example
When? • Ancient Cryptography • Julius Caesar (49-44 BC) • Messages to Generals • Used a shift cipher (shift 3 right) • Vigenére (1553) • Keyword explained the shift • Modern Cryptography • Since Computers
Example Letter to Number Each message letter is added to Each key letter Message: A P P L E 00 15 15 11 04 Key: S H A R E 18 07 00 17 04 Cipher: 18 22 15 02 08 S W P B I
Components • Confidentiality • Storing message unreadable • Integrity • Preventing modifications • Strength • Proving it is secure • Can only be done with years of testing • Availability • Preventing of a denial of access • Incorrect Data • Resource Exhaustion
Pre-Modern Crypto • Purpose • Message Confidentiality • Ciphers • Transposition • Rearrangement of Letters • Substitution • Replacing a group of letters with other letters • Stego • Head Tattoo
Pre-Modern Devices • Scytale (Skytale) • A strip of leather or paper wound around a cylinder • Transposition Cipher • Spartans this for military communication • Cipher Grille • Message contained inside ofa host
Pre-Modern Devices • Enigma • Used by Germans in WWII • Electromagnetic Rotor Machine • Each letter changed the rotors whichmodified the key
Modern Crypto • Started with the birth of computers • Computers are magnitudes faster than humans • Mostly used by government until PCs • Huge role since the Internet • Authentication • Digital Signatures • E-Commerce • Banking
Proprietary vs Public Algorithms • Proprietary • Algorithm is unknown and therefore doesn’t help in cryptanalysis • DVDs • Not widely tested • Public • Tested for 5-8 years before trusted • Allows many to find mistakes or weaknesses • Algorithm knowledge should not help cracking the code
Symmetric Key Cryptography • Uses a shared key between all parties • Key that encrypts also decrypts • 4000 times faster than asymmetric • Stronger than asymmetric • Key needs to be shared in a secure way • DES • Data Encryption Standard • Used by the government and banks since 1977 • AES • Advanced Encryption Standard • First published in 1998 • New Standard approved for use up to TOP SECRET
Modern Algorithms • Linear Mixing • Applying XOR operations on the plain-text with the key • Non-linear functions (Substitution boxes) • Adds confusion • Bit-Shuffling (Permutations) • Rearrangement of the bits • Expansion • Permutates and adds some duplicate bits • Key Mixing • Uses multiple sub keys
One Time Pad • Possible to have perfect secrecy • The key is the length of the document and has no pattern • Key is bitwise XOR with the document • Key can only be used once or else statistics can be gathered from the cipher-text • Very easy to break when used more than once
Data Encryption Standard • 64-bit key • 56-bits used for algorithm • 8-bits for parity checking • Parity bits are the least significant bit of each byte • 64-bit blocks • Split into 32-bit chunks and crisscrossed through the algorithm • Feistel Network • 16 Rounds • Weaknesses • Small key • Differential Cryptanalysis • Linear Cryptanalysis
Public Key Encryption • Relatively new • Based on the unproven idea that large numbers composed of primes are hard to factor • Is always breakable given enough time and resources • It is always known whether the key tried was correct • Based on math functions rather than bit scrambling • Used in situations where a symmetric key cannot be passed between parties • Used to keep the Internet secure
Diffie-Hellman • Whitfield Diffie and Martin Hellman (1976) • DH Key Exchange • Used to pass a key for symmetric crypto between two parties who have no knowledge of each other • Primarily used over insecure channels
Diffie-Hellman Algorithm • Alice (A) wants to communicate securely to Bob (B) • A and B agree on P (a prime) and G (a generator) • For every number N between 1 and P-1, pick G that works for the following equation:N = GK mod P • A and B independently choose their secret integer (a and b respectively) • Alice’s public value U = Ga mod pBob’s public value V = Gb mod p • Alice computes K = Va mod p • Bob Computes K = Ub mod p • Alice and bob have both computed K which happens to be the same number
Diffie-Hellman In Action • A and B agree on P = 23 and G = 5 • A chooses a = 6 and B chooses b = 15 (independently) • A computes U = 56 mod 23 U = 8 • B computes V = 515 mod 23 V = 19 • Alice and Bob exchange their U and V • Alice computes K1 = 196 mod 23 K1 = 2 • Bob computes K2 = 815 mod 23 K2 = 2 • Since K1 = K2, both Alice and Bob have the same key value
RSA Algorithm • Compute two large prime numbers p,q • n = p * q (n is public knowledge) • r = (p-1)(q-1) • Choose e>1 and relatively prime to r • Find d such that d = 1 + (i * r) / e where i is an integer counting up from one until a solution is found • Public Key (e, n) • Private Key (d, n) or (d, n, p, q) • Using p and q can speed up the algorithm • Encryption • c = me mod n • Decryption • m = cd mod n • d, p, and q should all be kept private
RSA Algorithm in Action • Bob chooses p = 863 and q = 937 giving N = 863*937 = 808631 • (p-1)(q-1) = 806832 • Bob chooses e = 7, which satisfies gcd(806832, 7) = 1 • Bob’s public key: [N, e] or [808631, 7] • Bob finds d = 461047 where d = 1 + ( i * 806832 ) / e works for some integer i • Bob’s private key: [p, q, d] or [863, 937, 461047] • Say Alice wants to send bob a message M = 205632 • Alice computes C = Me mod NC = 2056327 mod 808631 = 256779 • Alice transmits C in the public • Bob computes M = Cd mod NM = 256779461047 mod 808631 = 205632
Cryptanalysis • Study of breaking code • Uses knowledge of letter frequency
Digrams and Trigrams • th, he, in, en, nt, re, er, an, ti, es, on, at, se, nd, or, ar, al, te, co, de, to, ra, et, ed, it, sa, em, ro • the, and, tha, ent, ing, ion, tio, for, nde, has, nce, edt, tis, oft, sth, men
Differential Cryptanalysis • Studies the difference between each input and their corresponding outputs • Looks for non-random behavior • Discovered in the late 1980s • DES was resilient to this because the of the NSA’s S-box contribution • A secret method the US government used to attack ciphertext from other countries
PGP and GPG • PGP - Pretty Good Privacy • Proprietary • GPG - Gnu Privacy Guard • Open source using public cryptographic algorithms • Essentially the same as PGP • Used for encryption and digital signatures • Public key and private generated locally • Public key is often uploaded to a key server
Thawte Certificate • Company owned by Verisign • Provides free personal email certificates • Can sign and encrypt emails • Advantages over PGP/GPG • Certificate is signed by a normally trusted CA • Most email clients automatically handle the signatures without extensions • Can only be used for email • Usually doesn’t get verified by webmail clients
How a Digital Signature Works • Public and private keys are created • Public key is attached to a certificate • Certificate contains identification information • Certificates are signed by certificate authorities • The document is hashed • Hash is encrypted with private key • Result is appended to the document • Receiving Party does the following: • Hashes the message • Takes the signature and decrypts it with the public key • The decrypted signature is compared to the message hash • If equal, message has a valid signature
Email Encryption • To send an encrypted email, you must have the receiver’s public key • Message can only be decrypted by the receiver’s private key
Steganography • Concealing a message in a host • Example, embedding a message in a bitmap file • Changing least significant bits of the file • File is different but undetectable by the human eye