1 / 38

Cryptographic Tools

Cryptographic Tools. Three basic tools are used Encryption is used to provide confidentiality Digital signatures are used to provide authentication, integrity protection, and non-repudiation Checksums/hash algorithms are used to provide integrity protection

tab
Download Presentation

Cryptographic Tools

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptographic Tools Three basic tools are used • Encryption is used to provide confidentiality • Digital signatures are used to provide authentication, integrity protection, and non-repudiation • Checksums/hash algorithms are used to provide integrity protection However, if the underlying system is unsecure, no amount of cryptography will help.

  2. Cryptographic Keys A long series of binary digits used in various ways to transform a message from its original form, into a stream of seemingly random numbers, and back again. The strength of a key is roughly based upon the number of bits it has – known as its “length”. • Here, strength is used to mean how long it would take an attacker to guess the key used to transform or obscure a message. • This is similar to how the number of teeth in your house key determines the total number of keys there are and, thus, how many keys a burglar might have to try before guessing yours.

  3. In Encryption, Most Folks Say “Key Size Matters!” In general, the longer the secret key, the harder it will be for an adversary to guess the key’s value and decrypt the secret. It’s the same as the “teeth” on your house key • The more teeth your house key has, the longer it would take for persistent criminal to cut various combinations of teeth into test keys in order to find yours. • e.g., a house key with 8 teeth, each having 3 cut positions, yields 6,500 different keys

  4. Unfortunately, It’s Not That Simple • Key size gets way too much attention, but it’s the easiest metric • So far, encryption failures have always been due to • Implementation errors • Protocol errors • Usage errors (cockpit errors) • Therefore, a more accurate summary would be • In encryption, it’s not the size that matters, it’s the technique.* * Ran Canetti of IBM Research

  5. Encryption – Caveat Emptor Beware of strangers selling “crypto snake oil” • Unbreakable encryption • One-Time Pads • “Military-grade encryption” • “Million-bit” key lengths • Proprietary cryptography • a.k.a. “I know more than all the world’s cryptographers”

  6. Would You Buy This? Our unbreakable military-grade 10,240-bit bi-Gaussian encryption system, using a proprietary one-time pad algorithm, has recently been reviewed by the NSA and approved by a Fortune 500 customer and is available both inside and outside of the US. Adapted from Peter Gutman’s crypto tutorial: http://www.cryptoapps.com/~peter/part6.pdf

  7. In Summary If you take away anything from this part of today’s talk, it should be these 3 rules: • Cryptography is indeed rocket science. • Proprietary cryptography must be assumed to be broken, by definition • Adding cryptography to an unsecure system is like putting steel doors on a grass hut.

  8. Auguste Kerckhoffs, ‘La cryptographie militaire’, 1883 • The system must be substantially, if not mathematically, undecipherable; • The system must not require secrecy and can be stolen by the enemy without causing trouble; • It must be easy to communicate and remember the keys without requiring written notes, it must also be easy to change or modify the keys with different participants; • The system ought to be compatible with telegraph communication; • The system must be portable, and its use must not require more than one person; • Finally, regarding the circumstances in which such system is applied, it must be easy to use and must neither require stress of mind nor the knowledge of a long series of rules.

  9. Monoalphabetic substitution cipher #1 • Pick some number of position to rotate the plaintext alphabet. Here, we use rot13 : Ac: NOPQRSTUVWXYZABCDEFGHIJKLMequivalent to adding ‘M’ mod 26 to each letter of the message. • Then use Ac to encipher the plaintext P: Ap: ABCDEFGHIJKLMNOPQRSTUVWXYZ Ac: NOPQRSTUVWXYZABCDEFGHIJKLM P: dont forget your towel C: qbag sbetrg lbhe gbjry

  10. Monoalphabetic substitution cipher #2 • Pick a keyword to initialize the ciphertext alphabet: Ac: CRYPTOISEZ ABDFGHJKLMNQUVWX • Then use Ac to encipher the plaintext P: Ap: ABCDEFGHIJKLMNOPQRSTUVWXYZ Ac: CRYPTOISEZABDFGHJKLMNQUVWX M: dont forget your towel C: pgfm ogkitm wgnk mgutb

  11. How to attack substitution ciphers? • They don’t obscure the underlying letter frequencies in the plaintext • Similarly, bigram (a.k.a. digram) and trigram analysis is still quite possible. • Straightforward programs can solve these with several dozen characters of ciphertext. • ETOAIN SHRDLU • SS, EE, TT, FF, TH, ER, ON

  12. Polyalphabetic Substitution Cipher: Vigenère Cipher This is the Vignere Square, or Tabula Recta. P =SAMBRADFORD KEY=HEISMANHEIS C= ZEUTDAQMSZV

  13. Breaking a Vigenère cipher • Look for sequences that repeat • Example cracking tool from Simon Singh

  14. Transposition cipher:Columnar transposition THISISATESTOFTHEEARLYWARNINGSYSTEM Becomes TEENE HSAIM ITRNSOLGIF YSSTW YAHASTERT

  15. ROTOR Machines • Variation of Vigenère • Series of rotors each with an arbitrary permutation of the alphabet. • Output of one rotor connected to inputs of next

  16. Rotor machines:ENIGMA After the A is encrypted as a G, the rightmost rotor is advanced one position. Then another A is encrypted, but this time as a C.The breaking of the ENIGMA code is said to have ended the European war by two years (WWII). Wikimedia Commons

  17. Simple XOR $ ./xor abcd xor.c xorx /* abcd is 0x61626364 */ $ hexdump xor.c | head -2 23 69 6e 63 6c 75 64 65 20 3c 73 74 64 69 6f 2e 68 3e 0a 0a 76 6f 69 64 20 6d 61 69 6e 20 28 69 $ hexdump xorx | head -2 42 0b 0d 07 0d 17 07 01 41 5e 10 10 05 0b 0c 4a 09 5c 69 6e 17 0d 0a 00 41 0f 02 0d 0f 42 4b 0d $ ./xor abcd xorx xorxx $ hexdump xorxx | head -2 23 69 6e 63 6c 75 64 65 20 3c 73 74 64 69 6f 2e 68 3e 0a 0a 76 6f 69 64 20 6d 61 69 6e 20 28 69

  18. Feistel network generalized

  19. Feistel Networks Guaranteed to be invertible Rd Ld Ld-1 Rd-1 L1 R1 Li = Ri-1 Ri = Li-1 XOR f(Ri-1), then Ri = Li-1 XOR f(Ri-1,Ki) ) Then you can add encryption decryption to the F’s. Ld-2 Rd-2 L2 R2 Ld Rd

  20. DES IP occurs before round 1, transposing the input block in specific manner In each round, the key bits are shifted, and 48 bits are selected from the 56 bits of the key The data is split in half, with permutations and substitutions applied to the right half. After 16 rounds, the FP (inverse of IP) is applied.

  21. AES Here’s a super animation of AES

  22. Modes of operation: ECB(Electronic Code Book) Wikimedia Commons

  23. ECB can leave data patterns behind Encrypted using ECB Encrypted using other modes Tux the Penguin, the Linux mascot. Created by Larry Ewing with The GIMP. Other two images are from Wikipedia Commons

  24. Initialization Vector (IV) • All the modes of operation besides ECB need their pumps to be primed with a random block of data. • No need for secrecy, but an IV should only be used once for a given key.

  25. Modes of operation: CBC(Cipher-Block Chaining) Ci = EK (Pi Ci-1) Pi = Ci-1 DK (Ci) Wikimedia Commons

  26. Modes of operation: CFB (Cipher Feedback) Ci = Pi EK (Ci-1) Pi = Ci DK (Ci-1) Wikimedia Commons

  27. Cryptographic Hash Function Wikimedia Commons

  28. Message Authentication Codes Wikimedia Commons

  29. Vernam Cipher If a binary message m1m2...mt is operated on by a binary key string k1k2…kt of the same length to produce a ciphertext c1c2…ct where ci = miki , 1 ≤ i ≤ t If the key string is randomly chosen and never used again, the cipher is a one-time pad.

  30. Russian One-Time Pad captured by MI5

  31. Playfair Cipher Key is: ECHOSMITH http://www.simonsingh.net/The_Black_Chamber/playfair_cipher.html

More Related