Introduction to Cryptography Techniques
description
Transcript of Introduction to Cryptography Techniques
Introduction to Introduction to Cryptography Cryptography
TechniquesTechniquesHow secure is that banking network How secure is that banking network
traffic?traffic?
Social and ComputingSocial and ComputingImplications of Implications of CryptographyCryptography The internet is a collection of The internet is a collection of
networks designed to deliver data networks designed to deliver data packets.packets.
Packets are easy to sniff.Packets are easy to sniff. The internet is not secure, but is The internet is not secure, but is
used to connect banks, the power used to connect banks, the power grid, pipelines, transportation grid, pipelines, transportation systems, etc.systems, etc.
TermsTerms Plaintext – the readable messagePlaintext – the readable message Ciphertext – the coded messageCiphertext – the coded message
Encryption
Decryption
plaintext ciphertext plaintextkey key
Types of AttacksTypes of Attacks Ciphertext OnlyCiphertext Only – adversary uses just
the ciphertext to gain either the key or the plaintext (really bad encryption)
Known PlaintextKnown Plaintext – adversary gets the key using some ciphertext and its plaintext
Chosen PlaintextChosen Plaintext – adversary introduces some plaintext to generate some ciphertext
Symmetric Key Symmetric Key EncryptionEncryption Both parties share a secret key The single key is used for both
encryption and decryption Encryption and decryption are
equal efforts
Shift CiphersShift Ciphers
key = amount to shift each character
Example: Rotate13‘A’ + 13 = 1 + 13 = 14 = ‘N’
So, the message “aardvark” becomes “nneqinex”.
Shift CiphersShift Ciphers
Advantage of Rot13:Easy to implement. Rot13('A') = 'N' (1 + 13)%26 = 14
Rot13('N') = 'A' (14 + 13)%26 = 1So, one function does both encoding and decoding.
Disadvantage of Any Rotation:Very easy to break – just try all 26 possibilities.aka - Brute Force Brute Force attack.
Substitution CipherSubstitution Cipher
Key = list of character substitutionsKey = list of character substitutions
Example: Key = “Chair”A B C D E F G H I J K L M N O P Q R S T U V W X Y ZY Z c h a i r B D E F G J K L M N O P Q S T U V W X
Disadvantage:Susceptible to Character Frequency
Analysis
Character FrequenciesCharacter Frequencies
Character FrequenciesCharacter Frequencies
Start of Word Letter Frequencies Letter t a i s o c m f p w Freq 0.1594 0.155 0.0823 0.0775 0.0712 0.0597 0.0426 0.0408 0.040 0.0382
End of Word Letter Frequencies Letter e s d t n y r o l f Freq 0.1917 0.1435 0.0923 0.0864 0.0786 0.0730 0.0693 0.0467 0.0456 0.0408
Polyalphbetic CiphersPolyalphbetic Ciphers
Key is repeated and used to shift Key is repeated and used to shift characters.characters.
Example plaintextnow is the time for all + keyaar dv ark aard var kaaCiphertextopo mo uzp ujei bpj lmm
Polyalphbetic CiphersPolyalphbetic Ciphers
Advantage: Thwarts character frequency analysis. For example, an “e” will encrypt to several different letters.
Disadvantage: Statistics can still be used to break the code.
Polyalphbetic CiphersPolyalphbetic Ciphers
How to Break Them:1 - Look for repeated strings.
For example, if the characters “thi” appear together frequently, then it could be because the key is hitting a common word.
Text = and we need to test and retest Key = ste ve stev es teve ste vestev Sum = thi sj gyjz yh njoy thi njmyxp
Polyalphbetic CiphersPolyalphbetic Ciphers
How to Break Them:2 – Determine Probable Key Length
The start of strings “thi” are frequently separated by distances that are multiples of 5. So, key length is probably five.
3A – Try keys of that length.3B – Use CharFreqAnal on characters
separated by that length.
One-Time PadOne-Time Pad Key is used to shift the plaintext. Key is used only once. Key has same length as the
message.
Advantage: Unbreakable! Disadvantage: Requires lots of keys.
DESDES History History DData EEncryption SStandard Solicited in 1973 by the National
Bureau of Standards (National Institute of Standards and Technology)
Developed by IBM and the NSA Adopted in 1977
DES Design PrinciplesDES Design Principles Confusion Confusion – complicate the
relationship between key and ciphertext
Diffusion Diffusion – spread structure of plaintext around the ciphertext
DES Design OverviewDES Design Overview http://www.itl.nist.gov/fipspubs/fip46-
2.htm
Key = 56 bits plus 8 parity bits 70,000,000,000,000,000 possible
keys of 56 bits Key generates 16 subkeys 16 rounds of functions
Breaking DESBreaking DES 1993 1993 – design of $1M machine to search
entire key space in one day 1997 1997 – design of $1M machine to search
entire key space in one hour 1999 1999 - “DES Challenge” prize claimed in 22
hours by distributed.net 2006 - University of Bochum and Kiel, University of Bochum and Kiel,
Germany, uses $10,000 hardware cost to Germany, uses $10,000 hardware cost to get average time of 6.4 days.get average time of 6.4 days.
triple DES is much less breakable
Unix CryptUnix Crypt
““man 3 crypt”man 3 crypt” #include <unistd.h> char *crypt(const char *key, const char *salt);
crypt is the password encryption function. It is based on the Data Encryption Standard algorithm with variations intended (among other things) to discourage use of hardware implementations of a key search.
Password SaltPassword Salt Based on time when password createdBased on time when password created First two letters in the passwd fieldFirst two letters in the passwd field Used to discourage a brute force Used to discourage a brute force
attackattackEncrypting every dictionary word then comparing that list to passwd entries will not work since every dictionary word can yield 4096 different possibilities.
Even if my password is the same for Even if my password is the same for two systems, they have different salts two systems, they have different salts so they look differentso they look different
Public Key EncryptionPublic Key Encryption Two Keys : encryption and
decryption Encryption key is public Decryption key is private Once sender encrypts a message,
even they can’t decrypt it
Public Key EncryptionPublic Key Encryption
1.1. Receiver sends their public key to Receiver sends their public key to the senderthe sender
2.2. Sender encrypts message using Sender encrypts message using that public keythat public key
3.3. Sender sends encrypted messageSender sends encrypted message4.4. Receiver decrypts message using Receiver decrypts message using
their private keytheir private key
SummarySummary
Nothing on a public Nothing on a public network is completely network is completely
safe.safe.