1 / 57

Cryptography

Terminology. Encryption: transforming a plain text message or file into a disguised cipher text Plain text ? Cipher text Decryption: involves turning the cipher text back into plain text Cipher text ? Plain text Plain text? Data to be protected Cipher text?Data after encryp

tallis
Download Presentation

Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Cryptography Cryptography: is the art and science of keeping files and messages secure Creating texts that can only be read by authorized individuals only.

    2. Terminology Encryption: transforming a plain text message or file into a disguised cipher text Plain text ? Cipher text Decryption: involves turning the cipher text back into plain text Cipher text ? Plain text Plain text? Data to be protected Cipher text? Data after encryption. Key? - secret knowledge shared by sender and receiver

    3. Why Cryptography? Classifications of security services Confidentiality Authentication Integrity Non-repudiation Availability

    4. Cryptography Cryptography is not all about security but there is NO global security without it.

    5. Examples of Threats Bob wants to buy Alice’s car. He agrees to pay her $500 and transfer it to her bank account via their online bank.

    11. Major Cryptographic Systems Secret key Cryptography(Symmetric) Public key Cryptography(Asymmetric)

    12. Secret Key Cryptography (symmetric) A single key is used to both encrypt and decrypt a message. A secure channel must be in place for users to exchange this common key.

    13. Secret Key Cryptography (symmetric)

    14. Classification of Cipher Systems Stream Cipher Symmetric Block Cipher Public Key Cipher

    15. Threats to Security Passive wiretapping Active wiretapping

    16. Methods of Attack Ciphertext alone attack Known plaintext attack Chosen plaintext attack

    17. Note Cipher which can be attacked using ciphertext alone is generally considered to be highly insecure. A cipher which is secure from chosen plaintext attack is generally considered to offer a high level of security.

    18. Assumptions in Assessing Security of Cipher Assumption 1: -Cryptanalyst has complete knowledge of cipher except key. Assumption 2: - The cryptanalyst has intercepted the cryptogram. Assumption 3 - The cryptanalyst has a small amount of Known plaintext.

    19. Symmetric (Private Key) Cryptography Examples: DES, RC4, RC5, IDEA, Skipjack, AES Advantages: fast, ciphertext secure Disadvantages: must distribute key in advance, key must not be divulged

    20. General Principles Longer keys make better ciphers Random keys make better ciphers Good ciphers produce “random” ciphertext Best keys are used once and thrown away

    21. DES (Data Encryption Standard) published in 1977 56 bit key, 64 bit input, 64 bit output.

    22. History of DES IBM developed Lucifer for banking systems (1970 ) NIST and NSA evaluated and modified Lucifer (1974) Modified Lucifer adopted as federal standard (1976) Name changed to Data Encryption Standard (DES) Defined in FIPS (46-3) and ANSI standard X9.32

    23. History of DES NIST defined Triple DES (3DES) (1999) Single DES use deprecated NIST approved Advanced Encryption Std. (AES) (2001) AES which will replaces DES and 3DES.

    24. DES: Data Encryption Standard Widely published & used - federal standard Complex series of bit substitutions, permutations and recombination's Basic DES: 56-bit keys Crack able in about a day using specialized hardware Triple DES: effective 112-bit key Uncrackable by known techniques

    25. 1-to-1 Bit Permutation (P)

    27. Circle

    29. DES Standard Cipher Iterative Action : Input: 64 bits Key: 48 bits Output: 64 bits Key Generation Box : Input: 56 bits Output: 48 bits

    30. Cipher Iterative Action

    31. S-Box (Substitute,Shrink,Secret) 48 bits ==> 32 bits. (8*6 ==> 8 *4).

    32. Key Generation Box

    33. DES

    34. Why 16 Rounds/Iterations? Avalanche Effect: change one bit in plaintext ==> many bits changed in ciphertext.

    35. How to use DES boxes

    36. Electronic Code Book (ECB)

    37. ECB’s problem

    38. Cipher Block Chaining (CBC)

    39. How to decrypt CBC?

    40. CBC Decryption

    41. CBC Problems

    42. Output FeedBack (OFB)

    43. Think about them: How to decrypt in OFB? If (M-1 == M-3), will (C-1 == C-3) likely? If we loss one cipher block (e.g., C-2)… If we have one bit error in M-1,… Can we parallelize?

    44. What can Eve do?? Brute-Force Breaking the Secret Key: If |K| == 32 bits, in worst case, Eve needs to try 2^32 different keys to recover the plaintext. Smartly Breaking the Secret Key: Cryptanalysis (much less than 2^32, e.g.,). Collect Statistical Information information leakage.

    45. DES Box Summary Simple, easy to implement: Hardware/Gbits/second, Software/Mbits/second Reasonable secure for less-critical applications. Operation mode: ECB (Electronic Codebook Mode), CBC, OFB, CFB. Session Key Refreshing Frequency

    46. A Good Encryption Protocol Key Space must be large. Impossible/Hard to perform smart attacks. Does not reveal information statistically. Security Strength: NOT depend on keeping the Algorithm secret. depend on the key being kept secretly.

    47. Concerns about DES Key Space problem: 56 bit key. (2^56) Brute Force: $20 Millions in 1977 and $0.1M in 1993. (to break it in a few minutes.) Cryptanalysis Differential Cryptanalysis. (2^47 pairs of chosen plaintext/ciphertext), 1991 Linear Cryptanalysis. (2^43 pairs of known plaintext/ciphertext), 1995.

    48. DEStroying Security Differential Cryptanalysis (1990): Say you know plaintext, ciphertext pairs Difference dP = P1 ? P2, dC = C1 ? C2 Distribution of dC’s given dP may reveal key Need lots of pairs to get lots of good dP’s Look at pairs, build up key in pieces Could find some bits, brute-force for rest

    49. DEServing of Praise Against 8-round DES, attack requires: 214 = 16,384 chosen plaintexts, or 238 known plaintext-ciphertext pairs Against 16-round DES, attack requires: 247 chosen plaintexts, or Roughly 255.1 known plaintext-ciphertext pairs Differential cryptanalysis not effective Designers knew about it

    50. DESperate measures Linear cryptanalysis: Look at algorithm structure: find places where, if you XOR plaintext and ciphertext bits together, you get key bits S-boxes not linear, but can approximate Need 243 known pairs; best known attack DES apparently not optimized against this Still, not an easy-to-mount attack

    51. DESuetude “Weakest link” is size of key Attacks take advantage of encryption speed 1993: Weiner: $1M machine, 3.5 hours 1998: EFF’s Deep Crack: $250,000 92 billion keys per second; 4 days on average 1999: distributed.net: 23 hours OK for some things (e.g., short time horizon) DES sliDES into wiDESpread DESuetude

    52. What size key is secure enough?

    53. Estimated Time to Crack

    54. Triple-DES Run DES three times: ECB mode: If K2 = K3, this is DES Backwards compatibility Known not to be just DES with K4 (1992) Has 112 bits of security, not 3 56 = 168 Why? What’s the attack? What’s wrong with Double-DES?

    55. DESpair Double-DES: Ci = EB(EA(Pi)) Given P1, C1: Note that DB(C1) = EA(P1) Make a list of every EK(P1). Try each L: if DL(C1) = EK(P1), then maybe K = A, L = B. (248 L’s might work.) Test with P2, C2: if it checks, it was probably right. Time roughly 256. Memory very large.

    56. Advanced Encryption Standard 1997: AES announced, call for algorithms August 1998: 15 candidate algorithms August 1999: 5 finalists October 2000: Rijndael selected Two Belgians: Joan Daemen, Vincent Rijmen DES cracked, Triple-DES slow: what next? May 2001: Comment period ended Summer 2001: Finalized, certified until ‘06

    57. AES Similar to DES: block cipher (with different modes), but 128-bit blocks 128-bit, 192-bit, or 256-bit key Mix of permutations, “S-boxes” S-boxes based on modular arithmetic with polynomials: Non-linear Easy to analyze, prove attacks fail

More Related