1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond...
description
Transcript of 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond...
![Page 1: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/1.jpg)
1Serbia 2003
INTRODUCTIONto
CRYPTOGRAPHYFred Piper
Codes & Ciphers Ltd12 Duncan Road, RichmondSurrey, TW9 2JDENGLAND
Royal Holloway, University of LondonEgham Hill, EghamSurrey TW20 0EX
ENGLAND
![Page 2: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/2.jpg)
2Serbia 2003
Sender Am I happy that the whole world sees this ? What am I prepared to do to stop them ? What am I allowed to do to stop them ?
Recipient Do I have confidence in :
the originator the message contents and message stream no future repudiation.
Network Manager Do I allow this user on to the network ? How do I control their privileges ?
Some Security Issues
![Page 3: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/3.jpg)
3Serbia 2003
Cipher System
cryptogramc
EncipheringAlgorithm
DecipheringAlgorithm
Key k(E) Key k(D)
messagem
messagem
Interceptor
![Page 4: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/4.jpg)
4Serbia 2003
The Attacker’s Perspective
DecipheringAlgorithm
Unknown Keyk(D)
Known c Wants m
Note: k(E) is not needed unlessit helps determine k(D)
![Page 5: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/5.jpg)
5Serbia 2003
Two Types of Cipher System
• Conventional or Symmetrick(D) easily obtained from k(E)
• Public or AsymmetricComputationally infeasible to determine k(D) from k(E)
![Page 6: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/6.jpg)
6Serbia 2003
Mortice Lock.If you can lock it, then you can unlock it.
Bevelled Sprung Lock.Anyone can lock it, only keyholder can unlock it.
![Page 7: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/7.jpg)
7Serbia 2003
Types of Attack
• Ciphertext only• Known plaintext• Chosen ciphertext
![Page 8: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/8.jpg)
8Serbia 2003
Assumptions About Attacker (1)
Military/Government:Try to keep details of system (including algorithm) secret
Worst Case Conditions:Commercial:
Assume he knows: System (including algorithm) All ciphertext Some corresponding plaintext/ ciphertext
![Page 9: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/9.jpg)
9Serbia 2003
Warning
THE FACT THAT AN ALGORITHM HAS
BEEN PUBLISHED SAYS NOTHING
ABOUT ITS STRENGTH.
![Page 10: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/10.jpg)
10Serbia 2003
Breaking Algorithm
• Finding a method of determining
message from cryptogram without
being given deciphering key.
![Page 11: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/11.jpg)
11Serbia 2003
Exhaustive Key Search Attacks
• The security depends on the secrecy of the deciphering key.
• One potential attack, if the algorithm is known, is to try all possible deciphering keys and to eliminate all incorrect ones.
• To withstand this type of attack a large key space is required.
![Page 12: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/12.jpg)
12Serbia 2003
Exhaustive Key Searches
Estimating time required for key
search requires assumptions about the
attacker’ resources
![Page 13: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/13.jpg)
13Serbia 2003
Saints or Sinners ?Receiver
Interceptor
Sender
Who are the ‘good’ guys ?
![Page 14: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/14.jpg)
14Serbia 2003
If Someone Wants Your Plaintext
• Give it to them• Give them the decryption key• They may break algorithm• They may ‘find’ plaintext in system• They may ‘find’ key in system
![Page 15: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/15.jpg)
15Serbia 2003
Practical Considerations when Implementing Encryption
• Key management is the difficult part • Keys need to be generated, distributed,
stored, changed securely• History shows that most cryptanalytic
attacks exploit poor implementation and/or key management Example: Enigma in World War 2
![Page 16: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/16.jpg)
16Serbia 2003
Cryptography is used to provide:
1. Confidentiality
2. Data Integrity
3. Entity/Origin Verification
4. Non-Repudiation
5. Access Control
![Page 17: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/17.jpg)
17Serbia 2003
Choosing an Algorithm
The choice of algorithm depends upon the application.
Applications of encryption include :• Data confidentiality• Data integrity• Digital Signatures.
![Page 18: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/18.jpg)
18Serbia 2003
Misuse of Encryption
GradeGood student xxxxxBad student xxxxx
Grades can be changed
![Page 19: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/19.jpg)
19Serbia 2003
Classification of Techniques
• Bit / Block operation
• Positional dependence/independence
• Message dependence/independence
![Page 20: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/20.jpg)
20Serbia 2003
Vernam Cipher
Random sequence k1,k2,…,kn
Message m1,m2,…,mn
+Ciphertext
k1m1,k2 m2,…,kn mn
The message and key are bit strings
![Page 21: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/21.jpg)
21Serbia 2003
Stream Cipher
Plaintext data
Keystream sequence
Ciphertext
Key
SequenceGenerator
XOR
![Page 22: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/22.jpg)
22Serbia 2003
Stream Cipher
• Enciphers bit by bit
• Positional dependence
• Security depends on properties of
the keystream
![Page 23: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/23.jpg)
23Serbia 2003
Stream Ciphers
Applications•Widely used for military and paramilitary applications for both data and digitised speech
•The main reason for their wide use is that military communications are often over poor channels and error propagation is unacceptable
![Page 24: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/24.jpg)
24Serbia 2003
Symmetric Block Cipher System
Key dependentpermutation
on s-bit blocks
s-bitplaintext block
s-bitciphertext block
Key
![Page 25: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/25.jpg)
25Serbia 2003
Block Ciphers : Key Sizes
• Depends on security requirement
• Key searches on size 290 are currently considered infeasible
![Page 26: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/26.jpg)
26Serbia 2003
DES: Key Search on Internet (1997)
DES has 256 keys DES key found Search took 140 days Search used over 10,000 computers Peak rate: 7.109 keys/sec ‘Might’ have taken 32 days
![Page 27: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/27.jpg)
27Serbia 2003
DES Breaker (1998)
Electronic Frontier FoundationDesign cost $ 80,000Manufacturing cost $130,000Test key found in 56 hoursComplete search in 220 hours90 Billion keys per secondDesign details published
![Page 28: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/28.jpg)
28Serbia 2003
DES : Double Length Key
k = (k1,k2) k1,k2 DES keys Ek(m) = Ek1(Dk2(Ek1(m))) key is 112 bits key search with 2112 trials is
infeasible.
![Page 29: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/29.jpg)
29Serbia 2003
Advanced Encryption Standard (AES)
• Block ciphers
• Block size 128 bits
• Key lengths 128, 192, 256 bits
• Must be faster than triple DES
![Page 30: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/30.jpg)
30Serbia 2003
AES (Continued)
June 1998: 15 candidates
August 1998: 11
April 1999: 5
Decision October 2000
Rijndael
![Page 31: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/31.jpg)
31Serbia 2003
The following slides will not be discussed but are included for completeness
![Page 32: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/32.jpg)
32Serbia 2003
Applications
• Access Control• Authentication
![Page 33: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/33.jpg)
33Serbia 2003
The Challenge / Response Principle
Key Key
Random number
Challenge PIN-Controlled
A A
Response
A - Encipher or OWFY/N = ?
![Page 34: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/34.jpg)
34Serbia 2003
Digital Signatures
According to ISO, the term Digital Signature is used: ‘to indicate a particular authentication technique used to establish the origin of a message in order to settle disputes of what message (if any) was sent’.
![Page 35: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/35.jpg)
35Serbia 2003
Digital Signatures
A signature on a message is some data• that validates a message and verifies its origin• a receiver can keep as evidence• a third party can use to resolve disputes.
It depends on• the message• a secret parameter only• available to the sender
It should be• easy to compute • (by one person only)• easy to verify• difficult to forge
![Page 36: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/36.jpg)
36Serbia 2003
Principle of Digital Signatures
There is a (secret) number which:• Only one person can use• Is used to identify that person• ‘Anyone’ can verify that it has been
used NB: Anyone who knows the value of
a number can use that number.
![Page 37: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/37.jpg)
37Serbia 2003
Certification Authority
Aim :To guarantee the authenticity of public keys.
Method :The Certification Authority guarantees the authenticity by signing a certificate containing user’s identity and public key with its secret key.
Requirement :All users must have an authentic copy of the Certification Authority’s public key.
![Page 38: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/38.jpg)
38Serbia 2003
Certification Process
Verifies credentials
CreatesCertificate
Receives(and checks)
Certificate
Presents Public Key and
credentials
Generates Key Set
Distribution
Centre
Owner
![Page 39: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/39.jpg)
39Serbia 2003
How Does it Work?
The Certificate can accompany all Fred’s messages
The recipient must directly or indirectly:• Trust the CA• Validate the certificate
The CA certifiesthat Fred Piper’s
public key is………..
Electronicallysigned by
the CA
![Page 40: 1 Serbia 2003 INTRODUCTION to CRYPTOGRAPHY Fred Piper Codes & Ciphers Ltd 12 Duncan Road, Richmond Surrey, TW9 2JD ENGLAND Royal Holloway, University of.](https://reader036.fdocuments.us/reader036/viewer/2022062223/5a4d1b0a7f8b9ab05998a390/html5/thumbnails/40.jpg)
40Serbia 2003
Fundamental Requirement
Internal infrastructure to support secure technological implementation