Cryptography and Information Security

Cryptography & Information Security

A presentation in ‘knowledge session’ for 10+2 students

25 Oct 16

May 3, 2023 Dr. Naim R Kidwai, Professor & Dean, JIT Jahangirabad 1

CryptographyIn this information era

• Information is related to money & need to be protected. Ex bank password, transaction

• Information is encoded into bit stream (data) and transmitted on wireless networks/ Intranet /Internet

• During transmission information is vulnerable to attack

Solution : Cryptography

May 3, 2023Dr. Naim R Kidwai, Professor & Dean,

JIT Jahangirabad 2

CryptographySolution : Encryption/ Decryption

Cryptography = Crypto + Graphy

Greek word Crypto Hidden secretGreek word Graphy writing

Cryptography art of hidden secret writing


JIT Jahangirabad 3

Basic Terms in Cryptography

• Encryption/Decryption: scrambling a message or data using a cryptographic algorithm or vice versa.

• Plaintext: the message or data

• Cipher text: the encrypted (scrambled) version of the message.

• Key: info used in cipher known only to sender/ receiver

• Cipher: the algorithm that does the encryption.


JIT Jahangirabad 4

Goals of Cryptography (Cipher)

• Authentication

• Data Confidentiality

• Data Integrity

• Non-Repudiation


JIT Jahangirabad 5

Confidentiality

• Confidentiality means that only authorized parties are able to understand the data

• It is okay if unauthorized parties know that there is data, or even if they copy the data, so long as they cannot understand it.

Solution : Encryption


JIT Jahangirabad 6

A B

C could view the secret message by eavesdropping on the communication

Loss of privacy/confidentiality

C

M

Authentication


JIT Jahangirabad 7

Two solutions are:– Passwords– Digital signatures

A B

C

M

C could send a massage to B pretending to be A. If B cannot verify the source of the information then we lack authentication

Data Integrity


JIT Jahangirabad 8

A B

C could alter/corrupt the message, or the message could change while in transit. If B does not detect this, then we have Loss of Integrity

C

M

Technical solutions include:• Encryption• Hashing algorithms

Non-repudiation

Ensuring that• That the intended recipient actually got the message.• That the alleged sender actually sent the message. This is a difficult problem.


JIT Jahangirabad 9

A BM

A might repudiate having sent m to B

solution:– Digital signatures

“Attacks” on information

• passive attacks – eavesdropping on, or monitoring of, transmissions to:

– obtain message contents, or– monitor traffic flows

• active attacks – modification of data stream to:

– masquerade of one entity as some other– replay previous messages– modify messages in transit– denial of service


JIT Jahangirabad 10

Caesar Cipher

• Earliest known substitution cipher by Julius Caesar used in military affairs

• replaces each letter by 3rd letter onwards• example: MEET ME AFTER THE TEA PARTY

PHHW PH DIWHU WKH WHD SDUWB• only have 26 possible ciphers A maps to A,B,..Z • could simply try each in turn (brute force search) eg.

break cipher text "GCUA VQ DTGCM“ plaintext “EASY TO BREAK”


JIT Jahangirabad 11

Scytale: by the Spartans in ~700 B.C.


JIT Jahangirabad 12

- transposes the characters of the message- key diameter of the baton- practical size of the key space is small

One-Time Pad• Invented by Major Joseph Mauborgne & Benam in 1917

• if a truly random key as long as the message is used, the cipher will be secure

• called a One-Time pad

• is unbreakable since ciphertext bears no statistical relationship to the plaintext

• since for any plaintext & any ciphertext there exists a key mapping one to other

• can only use the key once though

• have problem of safe distribution of key


JIT Jahangirabad 13

Enigma : first electro-mechanical ciphering machine


JIT Jahangirabad 14

- patented by Arthur Scherbius in 1918- introduced in the German Army in 1926Three main parts:– keyboard – for typing in plaintexts and ciphertexts– display panel – for displaying plaintexts and ciphertexts– mixing unit – to produce ciphertext from plaintext and vice versa (the soul of Enigma is the rotor)

Confusion and Diffusion

According to Shannon (1949), confusion and diffusion are two properties of the operation of a secure cipher

• diffusion – dissipates statistical structure of plaintext over bulk of ciphertext

• confusion – makes relationship between ciphertext and key as complex as possible

• In other words cipher needs to completely change statistical properties of original message

a one-time pad does this perfectly


JIT Jahangirabad 15

Symmetric Cipher Model


JIT Jahangirabad 16

Ciphertext C

“Eorz xs wkh Eulgjh ehiruh sodwrrq uhdfkhv”

Plaintext M

“Blow up the Bridge before platoon reaches”

Key K

Encryption Algorithm

Key K

Decryption Algorithm

Plaintext

“Blow up the Bridge before platoon reaches”

• Also known as conventional/ private-key/ single-key Cipher

• was only type prior to invention of public-key in 1976



JIT Jahangirabad 17

• A simple example Key K = Alphabet + x• Increased level of security

Alternate letters Alphabet + xAlphabet – x

• Key based system encrypts blocks of data of same length as keyExample : 4 bit Key 1011 (to be X-OR ed with 4 bit data)

Message M (numbers) 6 2 9 7M (binary form) 6 2 9 7 0110 0010 1001 0111 Key 1011 1011 1011 1011 C 13 9 2 12 1101 1001 0010 1100 Decrypted Message 0110 0010 1001 0111



JIT Jahangirabad 18

• Strength does not lie in the Algorithm as it is public

• Strength lies in the Key

• Key has to be random & periodically changed

• Key may be A value, An Image, Typing speed …………

• Key needs to be transmitted to receiver (either manually or on a

secured channel).

A severe problem on shared networks, wireless networks, internet

Asymmetric (Public) key Cipher Model


JIT Jahangirabad 19

Ciphertext C”Plaintext M

Sender APublic Key of B

Encryption Algorithm

Receiver BPrivate Key of B

Decryption Algorithm

Plaintext”

• Also known as conventional/ private-key/ single-key Cipher

• was only type prior to invention of public-key in 1976

Asymmetric (Public Key) Cryptography Ex.


JIT Jahangirabad 20

Private Key de*d=1 mod[(p-1)*(q-1)]7d=1mod(12*18)7d=1mod(216)d=31

Public KeyN=247e=7

EncryptionPlaintext : 4Encryption C=Me mod[N]C=47mod(247)C = 16384 mod(247)Ciphertext =82

Let N=p x q, N=247, p=13, q=19 a prime numberPick another prime number e=7

DecryptionCiphertext: 82M=Cd mod[N]M=8231mod(247)M=4

Security of Cipher : Size of Key

• Security of Cipher lies in the key.

• The large size key, more secure is the Cipher

• Most security experts believe that 256-bit keys are good for the lifetime of the universe (many billions of years).


JIT Jahangirabad 21

Those who claim to have unbreakable cipher simply because they can not break , are either genius or fools;

unfortunately there are more of later

Size of Key


JIT Jahangirabad 22

Time required to break cipher by brute force approach (assuming all key has to be tried, assuming trying each key takes 1 machine cycle in decryption

Size of Key


JIT Jahangirabad 23

Thank You


JIT Jahangirabad 24

Cryptography and Information Security

Engineering

Transcript of Cryptography and Information Security