Cryptography Ver 1.0

8/3/2019 Cryptography Ver 1.0

1/86

Applied Cryptography

Sujit ChristyCISA, CRISC, CISSP


2/86

UNIT 1


3/86

Introduction

Cryptography is about writing secrets Cryptography involves scrambling of some

kind of useful information, in its original

form called plaintest, into a garbled form,called ciphertext

The intent is to allow two or more parties to

communicate the information whilepreventing other parties from being privy toit


4/86

Cryptanalysis

Cryptanalysis is the science of cracking codes

decoding secrets

violating authentication schemes and breaking cryptographic protocols

Science devoted to finding and correcting

weaknesses in cryptographic algorithmsAlgorithm should not rely on its secrecy and

be always be available for public scrutiny


5/86

Cryptanalysis

Generally referred to as attacks Cryptanalytic attacks classified into

categories and distinguished from each

other Name comes from the type of information

that is available to the attacker


6/86

Cryptanalytic Attacks

Ciphertext-only attack The attacker has a sample of ciphertext,

without having the associated plaintext

The attacker is trying to recover the plaintext Known-plaintext attack

The attacker obtains a sample of ciphertext andthe corresponding plain text

The attacker is trying to recover the key


7/86


Chosen-plaintext attack The cryptanalyst is able to choose a quantity of

plain text and then obtain the correspondingencrypted text

Recover the key

Adaptive-chosen-plaintext attack

This is a special case

The attacker is able to choose plaintext samplesdynamically, and alter his or her choices basedon results of previous operation


8/86


Chosen-ciphertext attack The attacker selects the ciphertext and can

obtain the corresponding plaintext

Try and recover the keyAdaptive-chosen-ciphertext attack

The attacker is able to choose ciphertextsamples dynamically, depending on theprevious outcomes of the attacks


9/86

Attacks

Brute-Force Referred to as exhaustive search attacks

Technique involves trying every possible

combination (key) until the correct one isidentified

Growth of internet has made it possible toutilize thousands of machines in a distributed

search by splitting the key spaces and allocatingthose key spaces to each computer

56 Bit, 64 Bit, 80 Bit, 128 Bit

Advanced Encryption Standard (AES), Rijndael


10/86

Attacks

Symmetric Block Cipher AttacksA block cipher takes a certain number of letters

and encrypts them all at once

The encryption algorithm takes a fixed-lengthblock of plaintext data and creates a fixedlength block ciphertext of the same length


11/86

Attacks

Symmetric Block Cipher Attacks Differential cryptanalysis

Mounted against block ciphers

Chosen-plaintext attack

Relies on the analysis of the evolution of thedifferences between two related plaintext samples asthey are encrypted using the same key

Probabilities can be assigned to each possible key,and eventually the most probable key is identified asthe correct one


12/86

Attacks

Symmetric Block Cipher Attacks Linear cryptanalysis

Known-plaintext attack

Using linear approximations to describe the behaviorof block cipher

Given enough pairs of plaintext and correspondingciphertext, information about the key can beobtained

Higher probability of success in cracking the key


13/86

Attacks

Symmetric Block Cipher Attacks Weak Keys

Secret keys with a certain value for which the blockcipher in question will exhibit certain regularities in

encryption, or in other cases, a poor level ofencryption

DES there are four keys for which the encryption isexactly the same as the decryption. This means if

someone were to encrypt twice with one of theseweak keys, then the original palintext would berecovered

IDEA Algorithm there is a class of keys for which

cryptanalysis is greatly facilitated


14/86

Attacks

Symmetric Block Cipher AttacksAlgebraic attacks

Rely on block ciphers exhibiting high degree ofmathematical structure

It is conceivable that a block cipher might exhibit agroup structure where encrypting plaintext underone key and then encrypting the result underanother key would always be equivalent to single

encryption under some other key If this is the case, the block cipher would be

considered weaker because the use of multipleencryption would offer no additional security over

single encryption


15/86

Attacks

Stream Cipher Attacks Takes a keystream which is somehow

randomly generated and encrypted using(combined with) a secret key, and combine thatkeystream with the message being encrypted,normally using the XOR (Exclusive OR)operation

The sender and receiver must use the samealgorithm and key to generate the keystream

To be effective, they must use a keystream thatis totally random


16/86

Attacks

Stream Cipher Attacks The attacker should have no additional

advantage in being able to predict any of thesubsequent bits of sequence

It is imperative that a keystream generated bythe stream cipher have no structuralweaknesses that would allow an attacker to

deduce some of the keystreams and,eventually, the key itself


17/86

Attacks

Hash Function Attacks The hash function has to be one-way and

collision free

A good hash function should not produce thesame hash value from two different inputs. If itdoes, this is know as collision

Most attacks against hash function involve

choosing inputs to the hash function at randomuntil an input that gives the target output isfound, or finding two inputs that produce thesame output is found


18/86

Attacks

Message Authentication Code (MAC) Attacks There are a variety of threats to the security of

a MAC

Use of MAC should not reveal information aboutsecret key being used

Should not be possible for the attacker to forgethe correct MAC to some message without

knowing the secret key, even after being ableto see many messages and their associatedMACs


19/86

Attacks

Message Authentication Code (MAC) Attacks It should also not be possible to replace the

message in a message/MAC pair with anothermessage for which the MAC remains legitimate

The most pertinent attacks against MAC involvethe sophisticated application of the birthdayparadox

The birthday paradox can be used in attackinghash functions


20/86

Attacks

The Birthday Paradox The probability that two or more people in a

group of 23 share the same birthday is greaterthan 50%

This paradox can be applied mathematically toattack types of hashing functions

Considered a type of brute-force attack because

the attacker keeps trying hash messages untilones that yield the same hash are obtained

A good hashing algorithm will resist, as much aspossible, the possibilities that duplicate hashes


21/86

Attacks

The Birthday Paradox The birthday paradox shows that the probaility

that two messages will end up with the samehash is high even if the number of messages isconsiderably less than the number of hashespossible


22/86


23/86

UNIT 2


24/86

Padlocks Combinations = Keys

Lock = Methods or algorithms

Work factor


25/86

Block Ciphers

The block ciphers takes a certain number ofletters (actually bits) and encrypts all ofthem at once

The encryption algorithm is taking a fixed-length block of plaintext data and creating ablock of ciphertext data of the same length

This transformation takes place under theaction of users secret key


26/86

Block Ciphers

Decryption is performed by applying thereverse transformation to the ciphertextusing the same secret key

The fixed length is called the block size Block ciphers the size is 64 bits


27/86

Stream Ciphers

Stream ciphers typically operate on smallerunits of plaintext, usually bits

A stream cipher generates a keystream,

which is a sequence of bits used as a key Encryption is accomplished by combining

the keystream with plaintext, usually with

an XOR operation Stream ciphers can be designed to be

exceptionally fast, much faster than any

block cipher


28/86

Stream Ciphers

It takes a simple bit of plaintext andcombines it with a simple bit of thekeystreams

The operation is simple binary arithmetic Example of XOR operation

Keystream: 10010000000

Plaintext: 01110011011 XOR Result: 11100011011


29/86

Stream Ciphers

Stream cipher to be effective Keystream length = plaintext that is being

encrypted

Keystream is generated using an algorithmbased on the input from the user (the key)

Generation of keystream should be independentof the plaintext and the ciphertext


30/86

INFORMATION SECURITY &ENCRYPTION


31/86

Information Security & Encryption

Protect Stored Information

Transmitted information while in transit


32/86

Common Information Security Objectives

Confidentiality Keep information secret from those who are

unauthorized to see it

Data Integrity Ensuring information has nit been altered in

unexpected ways

Availability Ensuring information is available to those

authorized at all times


33/86


Entity Authentication Being able to prove the identity of an entity

e.g., Person, process etc.,

Data Origin Authentication Being able to prove the source of information

Signature

Binding information to specific entityAccess Control

Restricting access to resources


34/86


ReceiptAcknowledging that information has been

received

ConfirmationAcknowledge that services have been provided

Authorization

Giving an entity the authorization to perform orbe something

Timestamping

Recording the time of creation of information


35/86


Non-repudiation Preventing the denial of previous actions

Certification

Endorsing information by a trusted entity Revocation

Retracting a certification or authorization

Anonymity Concealing the identity of an entity involved in

some process


36/86


Validation Providing timelininess of authorization to use or

change information


37/86

Framework

Confidentiality Is a service that ensures keeping information

secret from those who are not authorized tohave it. Secrecy is a term often used to meanconfidentiality

Data Integrity

Is a service that prevents data from being altered in

unexpected ways. To ensure this, one must have theability to detect manipulation by unauthorized partiesor prevent unauthorized parties from gaining accessto make unauthorized changes


38/86

Framework

Authentication Is a service that allows entities wanting to

communicate with each other to positivelyidentify each other. Information delivered over

a channel should be authenticated as to origin,date of origin, data content, time sent, etc.,

Non-repudiation

Is a service that prevents an entity fromdenying having participated in a previous action


39/86

Framework

ConfidentialityAchieved by encrypting the message content

Data Integrity

Achieved through cryptographic hash functionsAuthentication

Achieved through the use of asymmetric

cryptography Non-repudiation

Achieved through the use of cryptographicdigital signatures


40/86

CLASSICAL ENCRYPTION


41/86

Classical Encryption

Substitution Techniques Transposition Techniques

Steaganography

Permutation Methods


42/86

Substitution Techniques

Involves replacing each letter of theplaintext with another farther down thealphabet

Most encryption systems will combine amethod, usually called the algorithm and akey

With substitution ciphers, the method isadd the key how many times to do it

Caesars case the key was 3


43/86

Substitution Techniques

Caesars case the key was 3 Plaintext : A B C D E F G H I J

Ciphertext : D E F G H I J K L M


44/86

Transposition Techniques

Transposition is also called permutation Involves changing the position of plaintext

letters

e.g., JumbleATTACT AT ELEVEN PM


45/86

Steaganography


46/86

PROBLEMS WITHSUBSTITUTION AND

TRANSPOSITION CIPHERS


47/86

Frequency Analysis

E is the letter most often used, followed byT, O, A and N

T is the most common letter at the

beginning of a word E is the most common letter at the end of a

word


48/86

Frequency Analysis

A and I are the only single-letter words inEnglish. The words OF, TO and IN are themost frequent two-letter words. THE and

AND are the most frequent three-letterwords; THAT is the most common four-letter word

The most common double letters are II, EE,OO, TT, FF, RR, NN, PP and CC

TH, HE, AN, RE and IN are the mostfrequent two-letter combinations


49/86

Frequency Analysis

N is the consonant that most often follows avowel

U always follows Q

k h


50/86

Symmetric key cryptography

DES & Rijndael use multiple combinations oftranspositions and substitutions. Thesetypes of ciphers, coupled with frequentlychanged keys, can be very difficult crack


51/86

ADVANCED ENCRYPTIONTECHNIQUES & SECURITY

ISSUES

RC4


52/86

RC4

Home work R5 & R6

O Ti P d


53/86

One-Time Pad

Stream ciphers are most commonly equatedto what is referred to as One-Time Pad

Uses a keystream string of bits that is

generated completely at random Keystream length = plaintext message

length; both are combined using XOR

operation Entire keystream is totally random and used

only once

O Ti P d


54/86

One-Time Pad

A one-Time Pad is said to have perfectsecrecy

Unable to be defeated by a brute-force attack

Stream ciphers were developed to try andapply the action of a One-Time Pad. Whilecurrent stream ciphers are unable toprovide the true theoretical security of aOne-Time Pad, they at least very practical

RSA


55/86

RSA

Ron Rivest, Adi Shamir and LeonardAdleman (1977)

Public key cryptosystems offers both

encryption and digital signatures(authentication)

Asymmetric key

DES


56/86

DES

National Institute of Standards andTechnology (NIST) assisted in thedevelopment of a secure cryptographicalgorithm for sensitive, not governmentclassified, information

NIST to settled on DES, a method submittedby IBM

DES


57/86

DES

NIST made DES design public and theproliferation of computer technologypermitted faster processing makingsoftware implementations of DES feasible

The 1977 DES mandated a review every fiveyears

1997 NIST Solicited candidates for a newsymmetric key cryptography standard whichthey called the Advanced EncryptionStandard (AES)

DES


58/86

DES

Uses a key of 56 bits and 16 rounds oftransposition and substitution to encrypteach group of eight (64 bit) plaintext letters

T i l DES


59/86

Triple DES

DES-EEE3: three DES encryptions with threedifferent keys

DES-EDE3: three DES operations in the

sequence encrypt-decrypt-encrypt withthree different keys

DES-EEE2 and DES-EDE2: same as the

previous formats except that the first andthird operations use the same key

AES


60/86

AES

Key length is variable 128, 192, or 256

It must be one of these three

Variable block size 128, 192, or 256

All nine combinations of key length and block sizesare possible

Official Block size is 128

AES


61/86

AES

The number of rounds or iteration of thealgorithm can vary from 10 to 14 anddepends on block size and key length

Implemented efficiently on a wide variety ofprocessors and in hardware or software

Considered very secure and has no know

weakness

Diffi H ll


62/86

Diffie Hellman

Key agreement protocol and not anencryption algorithm

Developed by Whitefield Diffie and Martin

Hellman in 1976Allows two users to exchange a secret key

over an insecure medium without having to

exchange prior secrets Both sender and recipient have key-pairs

Vulnerable to man-in-the-middle attack


63/86


64/86

UNIT 3

C fid ti lit i ti l E ti


65/86

Confidentiality using conventional Encryption

Placement of Encryption Traffic Confidentiality

Key Distribution

Random Number Generation

Key Management


66/86

Key Management

Key management can be defined as thegeneration, recording, transcription,distribution, installation, storage, change,disposition and control of cryptographickeys

Attacks against keys and key managementare far more likely and efficient than attacksagainst algorithms

Generating Keys


67/86

Generating Keys

Key generation is the selection of charactersthat are going to be used to tailor anencryption mechanism to a particular use

The use may be a sender and receiver pair,a domain, an application, a device or dataobject

The key must be chosen in such a way thatit is not predictable and that knowledge of itis not leaked by the process

Generating Keys


68/86

Generating Keys

It is necessary, but not sufficient , that thekey be randomly chosen

Chosen key not be disclosed at the time of

selection While a key may be stored securely after its

generation, it may be vulnerable to

disclosure at the time of its generationwhen it may appear in the clear

Generating Keys


69/86

Generating Keys

Alternatively, information used in thegeneration of the key may be recorded atthe time it is collected, thus making the keymore predictable than might otherwise beexpected by the key size of the keyspace

Distribution or Transferring Keys


70/86

Distribution or Transferring Keys

Key distribution is the process of getting akey from the point of its generation to thepoint of its intended use

Symmetric key protect key from disclosurein the process

Channel separate from the one in which thetraffic moves

Installation


71/86

Installation

Process of getting the key into the storageof the device or process that is going to useit

Traditionally, this step has involved somemanual operations might result is leakageof information about the key , error in itstranscription or might be so cumbersome as

to discourage its use

Storing Keys


72/86

Storing Keys

Keys may be protected by the integrity ofthe storage mechanism itself

Mechanism can be designed so that once

the key is installed, it cannot be observedfrom outside the encryption machine itself

Key can be stored in an encrypted form, sothat the stored key does not discloseinformation about the behavior of thedevice under the key

Change or Updating Keys


73/86

Change or Updating Keys

Key change is ending the use of one keyand beginning that of another

Key was most likely to leak was at key

change time Longer the key is in use, the more traffic is

encrypted under it higher the probabilityof key being discovered

Nonlinear Keyspaces


74/86

Nonlinear Keyspaces

When an algorithm has keys that are all ofequal strength, it is said to have a liner orflat space

Conversely if an algorithm has keys that arenot all of equal strength, it has a nonlinearkeyspace

Verifying Keys


75/86

Verifying Keys

Using Keys


76/86

Using Keys

Backup Keys


77/86

Backup Keys


78/86

Principles of Key Management


79/86


Key Management must be fully automated No key may appear in the clear outside a

cryptographic device

Keys must be randomly chosen from theentire keyspace

Key-encrypting keys must be separate from

data encrypting keys



80/86


Brute-force attacks Corresponding cleartext amd ciphertext attacks

trying to find the key

Ciphertext only attacks trying to the cleartext

At a minimum the attacker should have a copyof the algorithm and a copy of thecryptoprogram


81/86

UNIT 4


82/86

Key Management


83/86

Key Management

Lifetime of Keys Destroying Keys

Public-Key Key Management


84/86

UNIT 5


85/86

Cipher System Analysis Simple Substitution Ciphers

Keyword Number Ciphers

Telephone Keypad Cipher

Masonic Cipher

RC4 Attack and Prevention

MD4 Attack and Prevention

RSA implementation attacks


86/86

Criminal Code Systems Analysis Sports Bookmaking Codes

Horse Race Bookmaking Codes

Number Bookmaking Codes

Drug Codes

Pager Codes

Cryptography Ver 1.0

Documents

Transcript of Cryptography Ver 1.0