CS457 – Introduction to Information Systems Security Cryptography 1a
Cryptography and Information Security
-
Upload
dr-naim-r-kidwai -
Category
Engineering
-
view
92 -
download
0
Transcript of Cryptography and Information Security
Cryptography & Information Security
A presentation in ‘knowledge session’ for 10+2 students
25 Oct 16
May 3, 2023 Dr. Naim R Kidwai, Professor & Dean, JIT Jahangirabad 1
CryptographyIn this information era
• Information is related to money & need to be protected. Ex bank password, transaction
• Information is encoded into bit stream (data) and transmitted on wireless networks/ Intranet /Internet
• During transmission information is vulnerable to attack
Solution : Cryptography
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 2
CryptographySolution : Encryption/ Decryption
Cryptography = Crypto + Graphy
Greek word Crypto Hidden secretGreek word Graphy writing
Cryptography art of hidden secret writing
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 3
Basic Terms in Cryptography
• Encryption/Decryption: scrambling a message or data using a cryptographic algorithm or vice versa.
• Plaintext: the message or data
• Cipher text: the encrypted (scrambled) version of the message.
• Key: info used in cipher known only to sender/ receiver
• Cipher: the algorithm that does the encryption.
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 4
Goals of Cryptography (Cipher)
• Authentication
• Data Confidentiality
• Data Integrity
• Non-Repudiation
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 5
Confidentiality
• Confidentiality means that only authorized parties are able to understand the data
• It is okay if unauthorized parties know that there is data, or even if they copy the data, so long as they cannot understand it.
Solution : Encryption
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 6
A B
C could view the secret message by eavesdropping on the communication
Loss of privacy/confidentiality
C
M
Authentication
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 7
Two solutions are:– Passwords– Digital signatures
A B
C
M
C could send a massage to B pretending to be A. If B cannot verify the source of the information then we lack authentication
Data Integrity
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 8
A B
C could alter/corrupt the message, or the message could change while in transit. If B does not detect this, then we have Loss of Integrity
C
M
Technical solutions include:• Encryption• Hashing algorithms
Non-repudiation
Ensuring that• That the intended recipient actually got the message.• That the alleged sender actually sent the message. This is a difficult problem.
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 9
A BM
A might repudiate having sent m to B
solution:– Digital signatures
“Attacks” on information
• passive attacks – eavesdropping on, or monitoring of, transmissions to:
– obtain message contents, or– monitor traffic flows
• active attacks – modification of data stream to:
– masquerade of one entity as some other– replay previous messages– modify messages in transit– denial of service
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 10
Caesar Cipher
• Earliest known substitution cipher by Julius Caesar used in military affairs
• replaces each letter by 3rd letter onwards• example: MEET ME AFTER THE TEA PARTY
PHHW PH DIWHU WKH WHD SDUWB• only have 26 possible ciphers A maps to A,B,..Z • could simply try each in turn (brute force search) eg.
break cipher text "GCUA VQ DTGCM“ plaintext “EASY TO BREAK”
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 11
Scytale: by the Spartans in ~700 B.C.
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 12
- transposes the characters of the message- key diameter of the baton- practical size of the key space is small
One-Time Pad• Invented by Major Joseph Mauborgne & Benam in 1917
• if a truly random key as long as the message is used, the cipher will be secure
• called a One-Time pad
• is unbreakable since ciphertext bears no statistical relationship to the plaintext
• since for any plaintext & any ciphertext there exists a key mapping one to other
• can only use the key once though
• have problem of safe distribution of key
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 13
Enigma : first electro-mechanical ciphering machine
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 14
- patented by Arthur Scherbius in 1918- introduced in the German Army in 1926Three main parts:– keyboard – for typing in plaintexts and ciphertexts– display panel – for displaying plaintexts and ciphertexts– mixing unit – to produce ciphertext from plaintext and vice versa (the soul of Enigma is the rotor)
Confusion and Diffusion
According to Shannon (1949), confusion and diffusion are two properties of the operation of a secure cipher
• diffusion – dissipates statistical structure of plaintext over bulk of ciphertext
• confusion – makes relationship between ciphertext and key as complex as possible
• In other words cipher needs to completely change statistical properties of original message
a one-time pad does this perfectly
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 15
Symmetric Cipher Model
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 16
Ciphertext C
“Eorz xs wkh Eulgjh ehiruh sodwrrq uhdfkhv”
Plaintext M
“Blow up the Bridge before platoon reaches”
Key K
Encryption Algorithm
Key K
Decryption Algorithm
Plaintext
“Blow up the Bridge before platoon reaches”
• Also known as conventional/ private-key/ single-key Cipher
• was only type prior to invention of public-key in 1976
Symmetric Cipher Model
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 17
• A simple example Key K = Alphabet + x• Increased level of security
Alternate letters Alphabet + xAlphabet – x
• Key based system encrypts blocks of data of same length as keyExample : 4 bit Key 1011 (to be X-OR ed with 4 bit data)
Message M (numbers) 6 2 9 7M (binary form) 6 2 9 7 0110 0010 1001 0111 Key 1011 1011 1011 1011 C 13 9 2 12 1101 1001 0010 1100 Decrypted Message 0110 0010 1001 0111
Symmetric Cipher Model
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 18
• Strength does not lie in the Algorithm as it is public
• Strength lies in the Key
• Key has to be random & periodically changed
• Key may be A value, An Image, Typing speed …………
• Key needs to be transmitted to receiver (either manually or on a
secured channel).
A severe problem on shared networks, wireless networks, internet
Asymmetric (Public) key Cipher Model
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 19
Ciphertext C”Plaintext M
Sender APublic Key of B
Encryption Algorithm
Receiver BPrivate Key of B
Decryption Algorithm
Plaintext”
• Also known as conventional/ private-key/ single-key Cipher
• was only type prior to invention of public-key in 1976
Asymmetric (Public Key) Cryptography Ex.
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 20
Private Key de*d=1 mod[(p-1)*(q-1)]7d=1mod(12*18)7d=1mod(216)d=31
Public KeyN=247e=7
EncryptionPlaintext : 4Encryption C=Me mod[N]C=47mod(247)C = 16384 mod(247)Ciphertext =82
Let N=p x q, N=247, p=13, q=19 a prime numberPick another prime number e=7
DecryptionCiphertext: 82M=Cd mod[N]M=8231mod(247)M=4
Security of Cipher : Size of Key
• Security of Cipher lies in the key.
• The large size key, more secure is the Cipher
• Most security experts believe that 256-bit keys are good for the lifetime of the universe (many billions of years).
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 21
Those who claim to have unbreakable cipher simply because they can not break , are either genius or fools;
unfortunately there are more of later
Size of Key
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 22
Time required to break cipher by brute force approach (assuming all key has to be tried, assuming trying each key takes 1 machine cycle in decryption
Size of Key
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 23
Thank You
May 3, 2023Dr. Naim R Kidwai, Professor & Dean,
JIT Jahangirabad 24