1 / 31

Cryptography

Cryptography. What is cryptography? The study of message secrecy The art of writing or solving codes Heavy mathematics Information Theory Statistics Number Theory. Cryptographic Terms. Cryptology Study of Cryptography and Cryptanalysis Cryptanalysis Code Breaking Encryption

olgawest
Download Presentation

Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptography • What is cryptography? • The study of message secrecy • The art of writing or solving codes • Heavy mathematics • Information Theory • Statistics • Number Theory

  2. Cryptographic Terms • Cryptology • Study of Cryptography and Cryptanalysis • Cryptanalysis • Code Breaking • Encryption • Converts ordinary information to unreadable • Decryption • Coverts cipher-text back into plain-text • Cipher • A pair of algorithms which are used to encrypt and decrypt

  3. Cryptographic Terms • Key • A parameter that explains how to run the algorithm • Blocks • Input divided and each block is independent against the key • Symmetric • Single key for encryption and decryption • Asymmetric • A public key for encryption • A private key for decryption • Hash • One-way transformation of data • Two different messages should NEVER have the same hash

  4. Cryptographic Terms • Perfect Secrecy • Occurs when knowledge of cipher gives no knowledge of the original message • Steganography • Hides the fact that there even is a message • Picture example

  5. When? • Ancient Cryptography • Julius Caesar (49-44 BC) • Messages to Generals • Used a shift cipher (shift 3 right) • Vigenére (1553) • Keyword explained the shift • Modern Cryptography • Since Computers

  6. Example Letter to Number Each message letter is added to Each key letter Message: A P P L E 00 15 15 11 04 Key: S H A R E 18 07 00 17 04 Cipher: 18 22 15 02 08 S W P B I

  7. Components • Confidentiality • Storing message unreadable • Integrity • Preventing modifications • Strength • Proving it is secure • Can only be done with years of testing • Availability • Preventing of a denial of access • Incorrect Data • Resource Exhaustion

  8. Pre-Modern Crypto • Purpose • Message Confidentiality • Ciphers • Transposition • Rearrangement of Letters • Substitution • Replacing a group of letters with other letters • Stego • Head Tattoo

  9. Pre-Modern Devices • Scytale (Skytale) • A strip of leather or paper wound around a cylinder • Transposition Cipher • Spartans this for military communication • Cipher Grille • Message contained inside ofa host

  10. Pre-Modern Devices • Enigma • Used by Germans in WWII • Electromagnetic Rotor Machine • Each letter changed the rotors whichmodified the key

  11. Modern Crypto • Started with the birth of computers • Computers are magnitudes faster than humans • Mostly used by government until PCs • Huge role since the Internet • Authentication • Digital Signatures • E-Commerce • Banking

  12. Proprietary vs Public Algorithms • Proprietary • Algorithm is unknown and therefore doesn’t help in cryptanalysis • DVDs • Not widely tested • Public • Tested for 5-8 years before trusted • Allows many to find mistakes or weaknesses • Algorithm knowledge should not help cracking the code

  13. Symmetric Key Cryptography • Uses a shared key between all parties • Key that encrypts also decrypts • 4000 times faster than asymmetric • Stronger than asymmetric • Key needs to be shared in a secure way • DES • Data Encryption Standard • Used by the government and banks since 1977 • AES • Advanced Encryption Standard • First published in 1998 • New Standard approved for use up to TOP SECRET

  14. Modern Algorithms • Linear Mixing • Applying XOR operations on the plain-text with the key • Non-linear functions (Substitution boxes) • Adds confusion • Bit-Shuffling (Permutations) • Rearrangement of the bits • Expansion • Permutates and adds some duplicate bits • Key Mixing • Uses multiple sub keys

  15. One Time Pad • Possible to have perfect secrecy • The key is the length of the document and has no pattern • Key is bitwise XOR with the document • Key can only be used once or else statistics can be gathered from the cipher-text • Very easy to break when used more than once

  16. Data Encryption Standard • 64-bit key • 56-bits used for algorithm • 8-bits for parity checking • Parity bits are the least significant bit of each byte • 64-bit blocks • Split into 32-bit chunks and crisscrossed through the algorithm • Feistel Network • 16 Rounds • Weaknesses • Small key • Differential Cryptanalysis • Linear Cryptanalysis

  17. Public Key Encryption • Relatively new • Based on the unproven idea that large numbers composed of primes are hard to factor • Is always breakable given enough time and resources • It is always known whether the key tried was correct • Based on math functions rather than bit scrambling • Used in situations where a symmetric key cannot be passed between parties • Used to keep the Internet secure

  18. Diffie-Hellman • Whitfield Diffie and Martin Hellman (1976) • DH Key Exchange • Used to pass a key for symmetric crypto between two parties who have no knowledge of each other • Primarily used over insecure channels

  19. Diffie-Hellman Algorithm • Alice (A) wants to communicate securely to Bob (B) • A and B agree on P (a prime) and G (a generator) • For every number N between 1 and P-1, pick G that works for the following equation:N = GK mod P • A and B independently choose their secret integer (a and b respectively) • Alice’s public value U = Ga mod pBob’s public value V = Gb mod p • Alice computes K = Va mod p • Bob Computes K = Ub mod p • Alice and bob have both computed K which happens to be the same number

  20. Diffie-Hellman In Action • A and B agree on P = 23 and G = 5 • A chooses a = 6 and B chooses b = 15 (independently) • A computes U = 56 mod 23 U = 8 • B computes V = 515 mod 23 V = 19 • Alice and Bob exchange their U and V • Alice computes K1 = 196 mod 23 K1 = 2 • Bob computes K2 = 815 mod 23 K2 = 2 • Since K1 = K2, both Alice and Bob have the same key value

  21. RSA Algorithm • Compute two large prime numbers p,q • n = p * q (n is public knowledge) • r = (p-1)(q-1) • Choose e>1 and relatively prime to r • Find d such that d = 1 + (i * r) / e where i is an integer counting up from one until a solution is found • Public Key (e, n) • Private Key (d, n) or (d, n, p, q) • Using p and q can speed up the algorithm • Encryption • c = me mod n • Decryption • m = cd mod n • d, p, and q should all be kept private

  22. RSA Algorithm in Action • Bob chooses p = 863 and q = 937 giving N = 863*937 = 808631 • (p-1)(q-1) = 806832 • Bob chooses e = 7, which satisfies gcd(806832, 7) = 1 • Bob’s public key: [N, e] or [808631, 7] • Bob finds d = 461047 where d = 1 + ( i * 806832 ) / e works for some integer i • Bob’s private key: [p, q, d] or [863, 937, 461047] • Say Alice wants to send bob a message M = 205632 • Alice computes C = Me mod NC = 2056327 mod 808631 = 256779 • Alice transmits C in the public • Bob computes M = Cd mod NM = 256779461047 mod 808631 = 205632

  23. Cryptanalysis • Study of breaking code • Uses knowledge of letter frequency

  24. English Letter Frequency

  25. Digrams and Trigrams • th, he, in, en, nt, re, er, an, ti, es, on, at, se, nd, or, ar, al, te, co, de, to, ra, et, ed, it, sa, em, ro • the, and, tha, ent, ing, ion, tio, for, nde, has, nce, edt, tis, oft, sth, men

  26. Differential Cryptanalysis • Studies the difference between each input and their corresponding outputs • Looks for non-random behavior • Discovered in the late 1980s • DES was resilient to this because the of the NSA’s S-box contribution • A secret method the US government used to attack ciphertext from other countries

  27. PGP and GPG • PGP - Pretty Good Privacy • Proprietary • GPG - Gnu Privacy Guard • Open source using public cryptographic algorithms • Essentially the same as PGP • Used for encryption and digital signatures • Public key and private generated locally • Public key is often uploaded to a key server

  28. Thawte Certificate • Company owned by Verisign • Provides free personal email certificates • Can sign and encrypt emails • Advantages over PGP/GPG • Certificate is signed by a normally trusted CA • Most email clients automatically handle the signatures without extensions • Can only be used for email • Usually doesn’t get verified by webmail clients

  29. How a Digital Signature Works • Public and private keys are created • Public key is attached to a certificate • Certificate contains identification information • Certificates are signed by certificate authorities • The document is hashed • Hash is encrypted with private key • Result is appended to the document • Receiving Party does the following: • Hashes the message • Takes the signature and decrypts it with the public key • The decrypted signature is compared to the message hash • If equal, message has a valid signature

  30. Email Encryption • To send an encrypted email, you must have the receiver’s public key • Message can only be decrypted by the receiver’s private key

  31. Steganography • Concealing a message in a host • Example, embedding a message in a bitmap file • Changing least significant bits of the file • File is different but undetectable by the human eye

More Related