SlideShare a Scribd company logo

4.Cryptography handout 2.pptx

Download as PPTX, PDF
M
MikiAbera

Cryptography is the study of techniques for securing communication and information. The document provides an introduction to cryptography, including definitions of encryption, decryption, plaintext and ciphertext. It discusses classical ciphers like the Caesar cipher, monoalphabetic and polyalphabetic ciphers, the Playfair cipher, Vigenère cipher and the one-time pad cipher. It also covers cryptanalysis techniques and introduces concepts in modern cryptography like symmetric and asymmetric key cryptography.

Technology
1 of 87
Cryptography 1
Introduction What is cryptography ?  Cryptography is the study of Encryption ◦ Greek kryptos means “hidden” and graphia means “writtings”  Encryption is an ancient form of information protection. … dates back 4,000 years. ◦ process by which plaintext is converted into ciphertext.  Decryption is the inverse of Encryption. 2
Introduction …  A sender S wanting to transmit message M to a receiver R  To protect the message M, the sender first encrypts it into meaningless message M’  After receipt of M’, R decrypts the message to obtain M  M is called the plaintext ◦ What we want to encrypt  M’ is called the ciphertext ◦ The encrypted output 3
Introduction…  Notation Given P=Plaintext C=CipherText  C = EK (P) Encryption  P = DK ( C) Decryption 4
Terminologies  Cryptography: Schemes for encryption and decryption  Encryption algorithm: technique or rules selected for encryption.  Key: is secret value used to encrypt and/or decrypt the text.  Cryptanalysis: The study of “breaking the code”.  Cryptology: Cryptography and cryptanalysis together constitute the area of cryptology. 5
Encryption vs. C-I-A Encryption provides : ◦ Confidentiality/Secrecy  keeps our data secret. ◦ Integrity  protect against forgery or tampering 6
Cryptographic systems are characterized along three dimensions  operations used for transforming ◦ Substitution: Replace (bit, letter, group of bits letters ◦ Transposition: Rearrange the order ◦ Product :use multiple stages of both  number of keys used ◦ Symmetric: same key , secret-key, private-key ◦ Asymmetric: different key , public-key  way in which the plaintext is processed ◦ block cipher 7
 . For any encryption approach, there are two major challenges:  Key distribution: how do we convey keys to those who need them to establish secure communication.  Key management: given a large number of keys, how do we preserve their safety and make them available as needed. 8
Transposition and Substitution  Simple Simple Substitution Transposition security cusetyri Encryption security Encryption tfdvsjuz security Encryption 19 5 3 20 18 9 19 25 9
Classical Substitution  Caesar Cipher: used by Julius Caesar's military ◦ substitutes each letter of the alphabet with the letter standing three places further down the alphabet 10
Caesar cipher 11
Activity  Convert it ....to Caesar Ciphertext?  Plaintext: are you ready  Ciphertext: duh brx uhdgb 12 a b c d e f g h i j k l m n o p q r s t u v w x y D E F G H I J K L M N O P Q R S T U V W X Y Z A B z C Plaintext Ciphertext
Caesar Cipher  the algorithm can be expressed as, for each plaintext letter P, substitute ciphertext letter C. ◦ C = E(3, p) = (p + 3) mod 26  mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25  General Caesar algorithm as: c = E(k, p) = (p + k) mod (26) p = D(k, c) = (c – k) mod (26) 13
Classical Transposition  Spartans cipher , fifth century B.C. Start the war today Rewrite it by reading down Srhaoytterdatwta S t a r t t h e w a r t o d a y Encryption: rearrange the text in 3 columns 14
Cryptanalysis  objective to recover key not just message  general approaches: ◦ cryptanalytic attack  exploits the characteristics of the algorithm ◦ brute-force attack  try every possible key on a piece of ciphertext  involves trying each key until you find the right one  if either succeed all key use 15
More Definitions  unconditional security ◦ no matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext  computational security ◦ given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken ◦ it either takes too long, or is too expensive, 16
Cryptanalysis…  given a ciphertext Caesar cipher, then a brute-force is easy performed: ◦ simply try all the 25 possible keys. ◦ Assuming language of the plaintext is known.  Thus, Caesar cipher is far from secure. 17
Monoalphabetic Cipher  rather than just shifting the alphabet  could shuffle (jumble) the letters arbitrarily  each plaintext letter maps to a different random ciphertext letter  hence key is 26 letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA 18
Brute Force Search  always possible to simply try every key  assume either know / recognise plaintext  impractical if we use an algorithm that employs a large number of keys.  most basic attack, proportional to key size 19
Language Redundancy and Cryptanalysis  human languages are redundant  letters are not equally commonly used  in English E is by far the most common letter ◦ followed by T,R,N,I,O,A,S  other letters like Z,J,K,Q,X are fairly rare  have tables of single, double & triple letter frequencies for various languages 20
English Letter Frequencies 21
Use in Cryptanalysis  key concept - monoalphabetic substitution ciphers do not change relative letter frequencies  discovered by Arabian scientists in 9th century  calculate letter frequencies for ciphertext  compare counts/plots against known values 22
Cryptograph cont’…  Playfair cipher  Polyalphabetic ciphers ◦ Vigenère cipher ◦ Vernam cipher ◦ One-timepad  More on Transposition ◦ Rail fence cipher ◦ Message in rectangle ( row transposition ) ◦ Rotor machine 23
24 Playfair Cipher  A.k.a Playfair square  A manual symmetric encryption technique  It was the first literal digraph substitution cipher. ◦ The scheme was invented in 1854 by Charles Wheatstone, but bears the name of Lord Playfair who promoted the use of the cipher.
Playfair Key Matrix  a 5X5 matrix of letters based on a keyword  fill in letters of keyword (no duplicates, i & j)  fill rest of matrix with other letters  eg. using the keyword (key) simple s i/j m p l e a b c d f g h k n o q r t u v w x y z
26 Playfair Cipher  Use filler letter to separate repeated letters ◦ eg. "balloon" encrypts as "ba lx lo on" Encrypt two letters together  Same row– >followed letters ◦ ac--bd  Same column–> letters under ◦ qw--wi  Otherwise—>square’s corner at same row ◦ ar--bq
Activity  Q: construct the playfair matrix using the keyword MONARCHY ?  Plaintext: Ethiopia  Ciphertext: M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z klbfhvs b
Security of Playfair Cipher  security much improved over monoalphabetic  But, still has much of plaintext structure.  it can be broken, given a few hundred letters ◦ With ciphertext only, possible to analyse frequency of occurrence of digrams (pairs of letters) ◦ Obtaining the key is relatively straightforward if both plaintext and ciphertext are known.
Polyalphabetic ciphers 29
Polyalphabetic ciphers  using multiple substitution alphabets.  make cryptanalysis harder with more alphabets to guess and flatter frequency distribution  use a key to select which alphabet is used for each letter of the message ◦ use each alphabet in turn ◦ repeat from start after end of key is reached 30
Vigenere Cipher  simplest polyalphabetic substitution cipher  meaning that instead of there being a one-to-one relationship between each letter and its substitute, there is a one- to-many relationship between each letter and its substitutes. ◦ The encipherer chooses a keyword and repeats it until it matches the length of the plaintext 31
32 Vigenère Cipher  Basically multiple Caesar ciphers  key is multiple letters long ◦ K = k1 k2 ... kd ◦ ith letter specifies ith alphabet to use ◦ use each alphabet in turn, repeating from start after d letters in message  Plaintext: THISPROCESSCANALSOBEEXPRESSED Keyword: CIPHERCIPHERCIPHERCIPHERCIPHE Ciphertext: VPXZTIQKTZWTCVPSWFDMTETIGAHLH
Vigenère Cipher  write the plaintext out  write the keyword repeated above it  use each key letter as a caesar cipher key  encrypt the corresponding plaintext letter
Activity  Q: encrypt the given plaintext letter using Vigenère Cipher use keyword deceptive  plaintext: wearediscoveredsaveyourself  Key:  Ciphertext: 34 deceptivedeceptivedeceptive zicvtwqngrzgvtwavzhcqyglmgj
Security of Vigenère Ciphers  have multiple cipher text letters for each plaintext letter ◦ hence letter frequencies are masked ◦ but not totally lost  start with letter frequencies ◦ see if look mono alphabetic or not  if not, then need to determine number of alphabets, since then can attach each
Autokey Cipher  ideally want a key as long as the message  Vigenère proposed the autokey cipher  with keyword is prefixed to message as key  knowing keyword can recover the first few letters  use these in turn on the rest of the message  but still have frequency characteristics to attack  eg. given key deceptive key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA
Vernam Cipher  ultimate defense is to use a key as long as the plaintext ◦ with no statistical relationship to it  invented by AT&T engineer Gilbert Vernam in 1918  Originally proposed using a very long but eventually repeating key  His system works on binary data (bits rather than letters)
One-Time Pad  if a truly random key as long as the message is used, the cipher will be secure.  is unbreakable since ciphertext bears no statistical relationship to the plaintext  since for any plaintext & any ciphertext there exists a key mapping one to other  can only use the key once though  problems in generation & safe distribution of key
One-time Pad: Encryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 h e i l h i t l e r 001 000 010 100 001 010 111 100 000 101 111 101 110 101 111 100 000 101 110 000 110 101 100 001 110 110 111 001 110 101 s r l h s s t h s r Encryption: Plaintext  Key = Ciphertext Plaintext: Key: Ciphertext:
One-time Pad: Decryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 s r l h s s t h s r 110 101 100 001 110 110 111 001 110 101 111 101 110 101 111 100 000 101 110 000 001 000 010 100 001 010 111 100 000 101 h e i l h i t l e r Decryption: Ciphertext  Key = Plaintext Ciphertext: Key: Plaintext:
One-time Pad e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 s r l h s s t h s r 110 101 100 001 110 110 111 001 110 101 101 111 000 101 111 100 000 101 110 000 011 010 100 100 001 010 111 100 000 101 k i l l h i t l e r Ciphertext: “key”: “Plaintext”: Double agent claims sender used following “key”
One-time Pad e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 s r l h s s t h s r 110 101 100 001 110 110 111 001 110 101 111 101 000 011 101 110 001 011 101 101 001 000 100 010 011 000 110 010 011 000 h e l i k e s i k e Ciphertext: “Key”: “Plaintext”: Or sender is captured and claims the key is…
43 One-time pad…  the only cryptosystem that exhibits what is referred to as perfect secrecy  Drawbacks ◦ it requires secure exchange of the one-time pad material, which must be as long as the message ◦ pad disposed of correctly and never reused  In practice ◦ Generate a large number of random keys, ◦ Exchange the key material securely between the users before sending an one-time enciphered message, ◦ Keep both copies of the key material for each message securely until they are used, and ◦ Securely dispose of the key material after use, thereby ensuring the key material is never
44  Strength ◦ Is unconditionally secure provided key is truly random
45 Key Management  Using secret channel  Encrypt the key  Third trusted party  The sender and the receiver generate key
More Transposition Ciphers  these hide the message by rearranging the letter order  without altering the actual letters used  can recognise these since have the same frequency distribution as the original text
Rail Fence cipher  write message letters out diagonally over a number of rows  then read off cipher row by row  eg. write message out as: depth 2 m e m a t r h t g p r y e t e f e t e o a a t  giving ciphertext MEMATRHTGPRYETEFETEOAAT  Plain msg : "meet me after the toga party"
Product Ciphers  ciphers using substitutions or transpositions are not secure because of language characteristics  hence consider using several ciphers in succession to make harder, but: ◦ two substitutions make a more complex substitution ◦ two transpositions make more complex transposition ◦ but a substitution followed by a transposition makes a new much harder cipher  this is bridge from classical to modern ciphers
Taxonomy of Cryptography Modern world….  Symmetric key ◦ Same key for encryption and decryption ◦ Two types : Stream Cipher, Block Cipher  Public key (or asymmetric crypto) ◦ Two keys, one for encryption (public), and one for decryption (private) ◦ Also, digital signatures…not possible before  Hash algorithms (Crypto hash function)
Symmetric Key Crypto  Stream cipher  like a one-time pad ◦ Except that key is relatively short ◦ Key is stretched into a long keystream ◦ Keystream is used just like a one-time pad. ◦ Employs “substitution” only  Block cipher  based on codebook concept ◦ Block cipher key determines a codebook ◦ Each key yields a different codebook ◦ Employs both “substitution” and “transposition”
Block vs. Stream Ciphers…
Summary  Stream cipher  like a one-time pad ◦ Key is stretched into a long keystream then XOR ◦ Psudorandom key stream generator ◦ Confusion only just like a one-time pad ◦ Efficient for hardware implementation (low powered device)  Block cipher  based on codebook concept ◦ Block cipher key determines a codebook ◦ Employs both “confusion” and “diffusion” ◦ Faster, Good for Software implementation
 Data encryption standard (DES)
Data Encryption Standard  Most widely used block cipher in world  DES developed in 1970’s  Based on IBM revised Lucifer cipher  U.S. government standard  DES development was controversial ◦ NSA secretly involved ◦ Design process was secret ◦ Key length reduced from 128 to 56 bits ◦ clever changes to Lucifer algorithm
DES Design Controversy  although DES standard is public  was considerable controversy over design ◦ in choice of 56-bit key (vs Lucifer 128-bit) ◦ and because design criteria were classified  subsequent events and public analysis show in fact design was appropriate.  use of DES has flourished ◦ especially in financial applications ◦ still standardised for legacy application use
DES  DES is a Feistel cipher with… ◦ 64 bit block length ◦ 56 bit key length ◦ 16 rounds ◦ 48 bits of key used each round (subkey)  Each round is simple (for a block cipher)  Security depends heavily on “S-boxes” ◦ Each S-boxes maps 6 bits to 4 bits
DES Encryption Overview
Initial Permutation IP  IP: the first step of the encryption.  It reorders the input data bits.  The last step of encryption is the inverse of IP.  IP and IP-1 are specified by tables
L R expand shift shift key key S-boxes compress L R 28 28 28 28 28 28 48 32 48 32 32 32 32 One Roun d of DES 48 32 Ki P box  
DES Round Structure
DES Encryption Overview
DES review  The left side shows the basic process for enciphering a 64-bit data block which consists of: ◦ - an initial permutation (IP) which shuffles the 64-bit input block ◦ - 16 rounds of a complex key dependent round function involving substitutions & permutations ◦ - a final permutation, being the inverse of IP  The right side shows the handling of the 56-bit key and consists of: ◦ - an initial permutation of the key (PC1) which selects 56-bits out of the 64-bits input, in two 28-bit halves ◦ - 16 stages to generate the 48-bit subkeys using a
Strength of DES – Key Size  56-bit keys have 256 = 7.2 x 1016 values  brute force search looks hard  recent advances have shown is possible ◦ in 1997 on Internet in a few months ◦ in 1998 on dedicated h/w (EFF) in a few days ◦ in 1999 above combined in 22hrs!  still must be able to recognize
Multiple Encryption & DES  clear a replacement for DES was needed ◦ theoretical attacks that can break it ◦ demonstrated exhaustive key search attacks  AES is a new cipher alternative  prior to this alternative was to use multiple encryption with DES implementations  Triple-DES is the chosen form
Triple DES  Today, 56 bit DES key is too small ◦ Exhaustive key search is feasible  But DES is everywhere, so what to do?  Triple DES or 3DES (112 bit key) ◦ C = E(D(E(P,K1),K2),K1) ◦ P = D(E(D(C,K1),K2),K1)  Why Encrypt-Decrypt-Encrypt with 2 keys? ◦ Backward compatible: E(D(E(P,K),K),K) = E(P,K) ◦ And 112 bits is enough
Reading assignments  Differential and linear cryptanalysis attack  Different block cipher modes  Deniable encryption
 Advanced Encryption Standard (AES)
Origins  clear a replacement for DES was needed ◦ have theoretical attacks that can break it. ◦ have demonstrated exhaustive key search attacks.  can use Triple-DES – but slow, has small blocks ◦ US NIST issued call for ciphers in 1997 ◦ 15 candidates accepted in Jun 98 ◦ 5 were shortlisted in Aug-99  Rijndael was selected as the AES in Oct- 2000 ◦ designed by Rijmen-Daemen in Belgium
The AES Cipher - Rijndael  Iterated block cipher (like DES)  Not a Feistel cipher (unlike DES) ◦ operates on entire data block in every round.  Block size:128 bits (192 or 256)  Key length: 128, 192 or 256 bits (independent of block size)  10 to 14 rounds (depends on key length)  Each round uses 4 functions (3 “layers”) ◦ ByteSub (nonlinear layer) ◦ ShiftRow (linear mixing layer) ◦ MixColumn (nonlinear layer) ◦ AddRoundKey (key addition layer)
AES Encryption Process
AES Structure  data block of 4 columns of 4 bytes is state(16 byte)  key is expanded to array of words  has 9/11/13 rounds in which state undergoes: ◦ byte substitution (1 S-box used on every byte) ◦ shift rows (permute bytes between groups/columns) ◦ mix columns (subs using matrix multiply of groups) ◦ add round key (XOR state with key material) ◦ view as alternating XOR key & scramble data bytes  initial XOR key material & incomplete last round
AES Structure
Substitute Bytes  AES treat 128 bit block as 4x4 byte array  a simple byte-by-byte substitution of the block!  uses one table of 16x16 bytes containing a permutation of all 256 8-bit values.  each byte of state is replaced by byte indexed by row (left 4-bits) & column (right 4- bits) ◦ eg. byte {95} is replaced by byte in row 9 column 5 ◦ which has value {2A}
Substitute Bytes
Substitute Bytes Example
AES ByteSub  ByteSub is AES’s “S-box”  Treat 128 bit block as 4x4 byte array
Shift Rows  a circular byte shift in each ◦ 1st row is unchanged ◦ 2nd row does 1 byte circular shift to left ◦ 3rd row does 2 byte circular shift to left ◦ 4th row does 3 byte circular shift to left  decrypt inverts using shifts to right  since state is processed by columns, this step permutes bytes between the columns
Shift Rows
AES MixColumn  Implemented as a (big) lookup table  Nonlinear, invertible operation applied to each column
Mix Columns  each column is processed separately  each byte is replaced by a value dependent on all 4 bytes in the column  effectively a matrix multiplication in GF(28) using prime poly m(x) =x8+x4+x3+x+1
Mix Columns
Mix Columns Example
Mix Columns  can express each col as 4 equations ◦ to derive each new byte in col  decryption requires use of inverse matrix ◦ with larger coefficients, hence a little harder  have an alternate characterisation ◦ each column a 4-term polynomial ◦ with coefficients in GF(28) ◦ and polynomials multiplied modulo (x4+1)  coefficients based on linear code with maximal distance between codewords
AES Round
AES Decryption  To decrypt, process must be invertible  Inverse of MixAddRoundKey is easy, ◦ since “”is its own inverse  MixColumn is invertible ◦ (inverse is also implemented as a lookup table)  Inverse of ShiftRow is easy ◦ (cyclic shift the other direction)  ByteSub is invertible ◦ (inverse is also implemented as a lookup table)
AES Decryption
Some Comments on AES 1. an iterative rather than feistel cipher 2. key expanded into array of 32-bit words 1. four words form round key in each round 3. 4 different stages are used as shown 4. has a simple structure 5. only AddRoundKey uses key 6. AddRoundKey a form of Vernam cipher 7. each stage is easily reversible 8. decryption uses keys in reverse order 9. decryption does recover plaintext 10. final round has only 3 stages

Recommended

Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
classicalencryptiontechniques.ppt
classicalencryptiontechniques.pptclassicalencryptiontechniques.ppt
classicalencryptiontechniques.ppt
utsavkakkad1
 
unit 2.ppt
unit 2.pptunit 2.ppt
unit 2.ppt
HetaDesai13
 
Ch02
Ch02Ch02
Ch02Joe Christensen
 
Classical_Encryption_techniquescryp.pptx
Classical_Encryption_techniquescryp.pptxClassical_Encryption_techniquescryp.pptx
Classical_Encryption_techniquescryp.pptx
MohammadRafsunIslam
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
Dr. Kapil Gupta
 
2. Classical Cryptosystems Classical.ppt
2. Classical Cryptosystems Classical.ppt2. Classical Cryptosystems Classical.ppt
2. Classical Cryptosystems Classical.ppt
Rakesh Bachchan
 
ch02.ppt
ch02.pptch02.ppt
ch02.ppt
ShailendraPardeshi4
 

Recommended

Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
classicalencryptiontechniques.ppt
classicalencryptiontechniques.pptclassicalencryptiontechniques.ppt
classicalencryptiontechniques.ppt
utsavkakkad1
 
unit 2.ppt
unit 2.pptunit 2.ppt
unit 2.ppt
HetaDesai13
 
Ch02
Ch02Ch02
Ch02Joe Christensen
 
Classical_Encryption_techniquescryp.pptx
Classical_Encryption_techniquescryp.pptxClassical_Encryption_techniquescryp.pptx
Classical_Encryption_techniquescryp.pptx
MohammadRafsunIslam
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
Dr. Kapil Gupta
 
2. Classical Cryptosystems Classical.ppt
2. Classical Cryptosystems Classical.ppt2. Classical Cryptosystems Classical.ppt
2. Classical Cryptosystems Classical.ppt
Rakesh Bachchan
 
ch02.ppt
ch02.pptch02.ppt
ch02.ppt
ShailendraPardeshi4
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
Mohammed Adam
 
unit -1.ppt
unit -1.pptunit -1.ppt
unit -1.ppt
DHANABALSUBRAMANIAN
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
Janani S
 
Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniques
babak danyal
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
babak danyal
 
Unit i
Unit iUnit i
Unit i
tamil arasan
 
Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )
Anas Rock
 
Cryptography (Revised Edition)
Cryptography (Revised Edition)Cryptography (Revised Edition)
Cryptography (Revised Edition)
Somaditya Basak
 
Cryptography 387 © David Lippman Creative Commons BY-.docx
Cryptography 387 © David Lippman Creative Commons BY-.docx Cryptography 387 © David Lippman Creative Commons BY-.docx
Cryptography 387 © David Lippman Creative Commons BY-.docx
robert345678
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
vishnukp34
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
dhivyakesavan3
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
bcanawakadalcollege
 
ch02.ppt
ch02.pptch02.ppt
ch02.ppt
ssuser4198c4
 
Information and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphersInformation and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphers
Vaibhav Khanna
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applications
thai
 
Ch02
Ch02Ch02
Ch02
ssusere796b3
 
Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
Vasuki Ramasamy
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2AfiqEfendy Zaen
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 

More Related Content

Similar to 4.Cryptography handout 2.pptx

Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
Mohammed Adam
 
unit -1.ppt
unit -1.pptunit -1.ppt
unit -1.ppt
DHANABALSUBRAMANIAN
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
Janani S
 
Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniques
babak danyal
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
babak danyal
 
Unit i
Unit iUnit i
Unit i
tamil arasan
 
Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )
Anas Rock
 
Cryptography (Revised Edition)
Cryptography (Revised Edition)Cryptography (Revised Edition)
Cryptography (Revised Edition)
Somaditya Basak
 
Cryptography 387 © David Lippman Creative Commons BY-.docx
Cryptography 387 © David Lippman Creative Commons BY-.docx Cryptography 387 © David Lippman Creative Commons BY-.docx
Cryptography 387 © David Lippman Creative Commons BY-.docx
robert345678
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
vishnukp34
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
dhivyakesavan3
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
bcanawakadalcollege
 
ch02.ppt
ch02.pptch02.ppt
ch02.ppt
ssuser4198c4
 
Information and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphersInformation and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphers
Vaibhav Khanna
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applications
thai
 
Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
Vasuki Ramasamy
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2AfiqEfendy Zaen
 

Similar to 4.Cryptography handout 2.pptx (20)

Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
 
unit -1.ppt
unit -1.pptunit -1.ppt
unit -1.ppt
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Cryptography
CryptographyCryptography
Cryptography
 
Cns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption TechniquesCns 13f-lec03- Classical Encryption Techniques
Cns 13f-lec03- Classical Encryption Techniques
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
 
Unit i
Unit iUnit i
Unit i
 
Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )Information Security Cryptography ( L03- Old Cryptography Algorithms )
Information Security Cryptography ( L03- Old Cryptography Algorithms )
 
Cryptography (Revised Edition)
Cryptography (Revised Edition)Cryptography (Revised Edition)
Cryptography (Revised Edition)
 
Cryptography 387 © David Lippman Creative Commons BY-.docx
Cryptography 387 © David Lippman Creative Commons BY-.docx Cryptography 387 © David Lippman Creative Commons BY-.docx
Cryptography 387 © David Lippman Creative Commons BY-.docx
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
ch02.ppt
ch02.pptch02.ppt
ch02.ppt
 
Information and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphersInformation and network security 12 classical substitution ciphers
Information and network security 12 classical substitution ciphers
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applications
 
Ch02
Ch02Ch02
Ch02
 
Traditional symmetric-key cipher
Traditional symmetric-key cipherTraditional symmetric-key cipher
Traditional symmetric-key cipher
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2
 

Recently uploaded

UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 

4.Cryptography handout 2.pptx

  • 2. Introduction What is cryptography ?  Cryptography is the study of Encryption ◦ Greek kryptos means “hidden” and graphia means “writtings”  Encryption is an ancient form of information protection. … dates back 4,000 years. ◦ process by which plaintext is converted into ciphertext.  Decryption is the inverse of Encryption. 2
  • 3. Introduction …  A sender S wanting to transmit message M to a receiver R  To protect the message M, the sender first encrypts it into meaningless message M’  After receipt of M’, R decrypts the message to obtain M  M is called the plaintext ◦ What we want to encrypt  M’ is called the ciphertext ◦ The encrypted output 3
  • 4. Introduction…  Notation Given P=Plaintext C=CipherText  C = EK (P) Encryption  P = DK ( C) Decryption 4
  • 5. Terminologies  Cryptography: Schemes for encryption and decryption  Encryption algorithm: technique or rules selected for encryption.  Key: is secret value used to encrypt and/or decrypt the text.  Cryptanalysis: The study of “breaking the code”.  Cryptology: Cryptography and cryptanalysis together constitute the area of cryptology. 5
  • 6. Encryption vs. C-I-A Encryption provides : ◦ Confidentiality/Secrecy  keeps our data secret. ◦ Integrity  protect against forgery or tampering 6
  • 7. Cryptographic systems are characterized along three dimensions  operations used for transforming ◦ Substitution: Replace (bit, letter, group of bits letters ◦ Transposition: Rearrange the order ◦ Product :use multiple stages of both  number of keys used ◦ Symmetric: same key , secret-key, private-key ◦ Asymmetric: different key , public-key  way in which the plaintext is processed ◦ block cipher 7
  • 8.  . For any encryption approach, there are two major challenges:  Key distribution: how do we convey keys to those who need them to establish secure communication.  Key management: given a large number of keys, how do we preserve their safety and make them available as needed. 8
  • 9. Transposition and Substitution  Simple Simple Substitution Transposition security cusetyri Encryption security Encryption tfdvsjuz security Encryption 19 5 3 20 18 9 19 25 9
  • 10. Classical Substitution  Caesar Cipher: used by Julius Caesar's military ◦ substitutes each letter of the alphabet with the letter standing three places further down the alphabet 10
  • 12. Activity  Convert it ....to Caesar Ciphertext?  Plaintext: are you ready  Ciphertext: duh brx uhdgb 12 a b c d e f g h i j k l m n o p q r s t u v w x y D E F G H I J K L M N O P Q R S T U V W X Y Z A B z C Plaintext Ciphertext
  • 13. Caesar Cipher  the algorithm can be expressed as, for each plaintext letter P, substitute ciphertext letter C. ◦ C = E(3, p) = (p + 3) mod 26  mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25  General Caesar algorithm as: c = E(k, p) = (p + k) mod (26) p = D(k, c) = (c – k) mod (26) 13
  • 14. Classical Transposition  Spartans cipher , fifth century B.C. Start the war today Rewrite it by reading down Srhaoytterdatwta S t a r t t h e w a r t o d a y Encryption: rearrange the text in 3 columns 14
  • 15. Cryptanalysis  objective to recover key not just message  general approaches: ◦ cryptanalytic attack  exploits the characteristics of the algorithm ◦ brute-force attack  try every possible key on a piece of ciphertext  involves trying each key until you find the right one  if either succeed all key use 15
  • 16. More Definitions  unconditional security ◦ no matter how much computer power or time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext  computational security ◦ given limited computing resources (eg time needed for calculations is greater than age of universe), the cipher cannot be broken ◦ it either takes too long, or is too expensive, 16
  • 17. Cryptanalysis…  given a ciphertext Caesar cipher, then a brute-force is easy performed: ◦ simply try all the 25 possible keys. ◦ Assuming language of the plaintext is known.  Thus, Caesar cipher is far from secure. 17
  • 18. Monoalphabetic Cipher  rather than just shifting the alphabet  could shuffle (jumble) the letters arbitrarily  each plaintext letter maps to a different random ciphertext letter  hence key is 26 letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA 18
  • 19. Brute Force Search  always possible to simply try every key  assume either know / recognise plaintext  impractical if we use an algorithm that employs a large number of keys.  most basic attack, proportional to key size 19
  • 20. Language Redundancy and Cryptanalysis  human languages are redundant  letters are not equally commonly used  in English E is by far the most common letter ◦ followed by T,R,N,I,O,A,S  other letters like Z,J,K,Q,X are fairly rare  have tables of single, double & triple letter frequencies for various languages 20
  • 22. Use in Cryptanalysis  key concept - monoalphabetic substitution ciphers do not change relative letter frequencies  discovered by Arabian scientists in 9th century  calculate letter frequencies for ciphertext  compare counts/plots against known values 22
  • 23. Cryptograph cont’…  Playfair cipher  Polyalphabetic ciphers ◦ Vigenère cipher ◦ Vernam cipher ◦ One-timepad  More on Transposition ◦ Rail fence cipher ◦ Message in rectangle ( row transposition ) ◦ Rotor machine 23
  • 24. 24 Playfair Cipher  A.k.a Playfair square  A manual symmetric encryption technique  It was the first literal digraph substitution cipher. ◦ The scheme was invented in 1854 by Charles Wheatstone, but bears the name of Lord Playfair who promoted the use of the cipher.
  • 25. Playfair Key Matrix  a 5X5 matrix of letters based on a keyword  fill in letters of keyword (no duplicates, i & j)  fill rest of matrix with other letters  eg. using the keyword (key) simple s i/j m p l e a b c d f g h k n o q r t u v w x y z
  • 26. 26 Playfair Cipher  Use filler letter to separate repeated letters ◦ eg. "balloon" encrypts as "ba lx lo on" Encrypt two letters together  Same row– >followed letters ◦ ac--bd  Same column–> letters under ◦ qw--wi  Otherwise—>square’s corner at same row ◦ ar--bq
  • 27. Activity  Q: construct the playfair matrix using the keyword MONARCHY ?  Plaintext: Ethiopia  Ciphertext: M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z klbfhvs b
  • 28. Security of Playfair Cipher  security much improved over monoalphabetic  But, still has much of plaintext structure.  it can be broken, given a few hundred letters ◦ With ciphertext only, possible to analyse frequency of occurrence of digrams (pairs of letters) ◦ Obtaining the key is relatively straightforward if both plaintext and ciphertext are known.
  • 30. Polyalphabetic ciphers  using multiple substitution alphabets.  make cryptanalysis harder with more alphabets to guess and flatter frequency distribution  use a key to select which alphabet is used for each letter of the message ◦ use each alphabet in turn ◦ repeat from start after end of key is reached 30
  • 31. Vigenere Cipher  simplest polyalphabetic substitution cipher  meaning that instead of there being a one-to-one relationship between each letter and its substitute, there is a one- to-many relationship between each letter and its substitutes. ◦ The encipherer chooses a keyword and repeats it until it matches the length of the plaintext 31
  • 32. 32 Vigenère Cipher  Basically multiple Caesar ciphers  key is multiple letters long ◦ K = k1 k2 ... kd ◦ ith letter specifies ith alphabet to use ◦ use each alphabet in turn, repeating from start after d letters in message  Plaintext: THISPROCESSCANALSOBEEXPRESSED Keyword: CIPHERCIPHERCIPHERCIPHERCIPHE Ciphertext: VPXZTIQKTZWTCVPSWFDMTETIGAHLH
  • 33. Vigenère Cipher  write the plaintext out  write the keyword repeated above it  use each key letter as a caesar cipher key  encrypt the corresponding plaintext letter
  • 34. Activity  Q: encrypt the given plaintext letter using Vigenère Cipher use keyword deceptive  plaintext: wearediscoveredsaveyourself  Key:  Ciphertext: 34 deceptivedeceptivedeceptive zicvtwqngrzgvtwavzhcqyglmgj
  • 35. Security of Vigenère Ciphers  have multiple cipher text letters for each plaintext letter ◦ hence letter frequencies are masked ◦ but not totally lost  start with letter frequencies ◦ see if look mono alphabetic or not  if not, then need to determine number of alphabets, since then can attach each
  • 36. Autokey Cipher  ideally want a key as long as the message  Vigenère proposed the autokey cipher  with keyword is prefixed to message as key  knowing keyword can recover the first few letters  use these in turn on the rest of the message  but still have frequency characteristics to attack  eg. given key deceptive key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA
  • 37. Vernam Cipher  ultimate defense is to use a key as long as the plaintext ◦ with no statistical relationship to it  invented by AT&T engineer Gilbert Vernam in 1918  Originally proposed using a very long but eventually repeating key  His system works on binary data (bits rather than letters)
  • 38. One-Time Pad  if a truly random key as long as the message is used, the cipher will be secure.  is unbreakable since ciphertext bears no statistical relationship to the plaintext  since for any plaintext & any ciphertext there exists a key mapping one to other  can only use the key once though  problems in generation & safe distribution of key
  • 39. One-time Pad: Encryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 h e i l h i t l e r 001 000 010 100 001 010 111 100 000 101 111 101 110 101 111 100 000 101 110 000 110 101 100 001 110 110 111 001 110 101 s r l h s s t h s r Encryption: Plaintext  Key = Ciphertext Plaintext: Key: Ciphertext:
  • 40. One-time Pad: Decryption e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 s r l h s s t h s r 110 101 100 001 110 110 111 001 110 101 111 101 110 101 111 100 000 101 110 000 001 000 010 100 001 010 111 100 000 101 h e i l h i t l e r Decryption: Ciphertext  Key = Plaintext Ciphertext: Key: Plaintext:
  • 41. One-time Pad e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 s r l h s s t h s r 110 101 100 001 110 110 111 001 110 101 101 111 000 101 111 100 000 101 110 000 011 010 100 100 001 010 111 100 000 101 k i l l h i t l e r Ciphertext: “key”: “Plaintext”: Double agent claims sender used following “key”
  • 42. One-time Pad e=000 h=001 i=010 k=011 l=100 r=101 s=110 t=111 s r l h s s t h s r 110 101 100 001 110 110 111 001 110 101 111 101 000 011 101 110 001 011 101 101 001 000 100 010 011 000 110 010 011 000 h e l i k e s i k e Ciphertext: “Key”: “Plaintext”: Or sender is captured and claims the key is…
  • 43. 43 One-time pad…  the only cryptosystem that exhibits what is referred to as perfect secrecy  Drawbacks ◦ it requires secure exchange of the one-time pad material, which must be as long as the message ◦ pad disposed of correctly and never reused  In practice ◦ Generate a large number of random keys, ◦ Exchange the key material securely between the users before sending an one-time enciphered message, ◦ Keep both copies of the key material for each message securely until they are used, and ◦ Securely dispose of the key material after use, thereby ensuring the key material is never
  • 44. 44  Strength ◦ Is unconditionally secure provided key is truly random
  • 45. 45 Key Management  Using secret channel  Encrypt the key  Third trusted party  The sender and the receiver generate key
  • 46. More Transposition Ciphers  these hide the message by rearranging the letter order  without altering the actual letters used  can recognise these since have the same frequency distribution as the original text
  • 47. Rail Fence cipher  write message letters out diagonally over a number of rows  then read off cipher row by row  eg. write message out as: depth 2 m e m a t r h t g p r y e t e f e t e o a a t  giving ciphertext MEMATRHTGPRYETEFETEOAAT  Plain msg : "meet me after the toga party"
  • 48. Product Ciphers  ciphers using substitutions or transpositions are not secure because of language characteristics  hence consider using several ciphers in succession to make harder, but: ◦ two substitutions make a more complex substitution ◦ two transpositions make more complex transposition ◦ but a substitution followed by a transposition makes a new much harder cipher  this is bridge from classical to modern ciphers
  • 49. Taxonomy of Cryptography Modern world….  Symmetric key ◦ Same key for encryption and decryption ◦ Two types : Stream Cipher, Block Cipher  Public key (or asymmetric crypto) ◦ Two keys, one for encryption (public), and one for decryption (private) ◦ Also, digital signatures…not possible before  Hash algorithms (Crypto hash function)
  • 50. Symmetric Key Crypto  Stream cipher  like a one-time pad ◦ Except that key is relatively short ◦ Key is stretched into a long keystream ◦ Keystream is used just like a one-time pad. ◦ Employs “substitution” only  Block cipher  based on codebook concept ◦ Block cipher key determines a codebook ◦ Each key yields a different codebook ◦ Employs both “substitution” and “transposition”
  • 51. Block vs. Stream Ciphers…
  • 52. Summary  Stream cipher  like a one-time pad ◦ Key is stretched into a long keystream then XOR ◦ Psudorandom key stream generator ◦ Confusion only just like a one-time pad ◦ Efficient for hardware implementation (low powered device)  Block cipher  based on codebook concept ◦ Block cipher key determines a codebook ◦ Employs both “confusion” and “diffusion” ◦ Faster, Good for Software implementation
  • 53.  Data encryption standard (DES)
  • 54. Data Encryption Standard  Most widely used block cipher in world  DES developed in 1970’s  Based on IBM revised Lucifer cipher  U.S. government standard  DES development was controversial ◦ NSA secretly involved ◦ Design process was secret ◦ Key length reduced from 128 to 56 bits ◦ clever changes to Lucifer algorithm
  • 55. DES Design Controversy  although DES standard is public  was considerable controversy over design ◦ in choice of 56-bit key (vs Lucifer 128-bit) ◦ and because design criteria were classified  subsequent events and public analysis show in fact design was appropriate.  use of DES has flourished ◦ especially in financial applications ◦ still standardised for legacy application use
  • 56. DES  DES is a Feistel cipher with… ◦ 64 bit block length ◦ 56 bit key length ◦ 16 rounds ◦ 48 bits of key used each round (subkey)  Each round is simple (for a block cipher)  Security depends heavily on “S-boxes” ◦ Each S-boxes maps 6 bits to 4 bits
  • 58. Initial Permutation IP  IP: the first step of the encryption.  It reorders the input data bits.  The last step of encryption is the inverse of IP.  IP and IP-1 are specified by tables
  • 59. L R expand shift shift key key S-boxes compress L R 28 28 28 28 28 28 48 32 48 32 32 32 32 One Roun d of DES 48 32 Ki P box  
  • 62. DES review  The left side shows the basic process for enciphering a 64-bit data block which consists of: ◦ - an initial permutation (IP) which shuffles the 64-bit input block ◦ - 16 rounds of a complex key dependent round function involving substitutions & permutations ◦ - a final permutation, being the inverse of IP  The right side shows the handling of the 56-bit key and consists of: ◦ - an initial permutation of the key (PC1) which selects 56-bits out of the 64-bits input, in two 28-bit halves ◦ - 16 stages to generate the 48-bit subkeys using a
  • 63. Strength of DES – Key Size  56-bit keys have 256 = 7.2 x 1016 values  brute force search looks hard  recent advances have shown is possible ◦ in 1997 on Internet in a few months ◦ in 1998 on dedicated h/w (EFF) in a few days ◦ in 1999 above combined in 22hrs!  still must be able to recognize
  • 64. Multiple Encryption & DES  clear a replacement for DES was needed ◦ theoretical attacks that can break it ◦ demonstrated exhaustive key search attacks  AES is a new cipher alternative  prior to this alternative was to use multiple encryption with DES implementations  Triple-DES is the chosen form
  • 65. Triple DES  Today, 56 bit DES key is too small ◦ Exhaustive key search is feasible  But DES is everywhere, so what to do?  Triple DES or 3DES (112 bit key) ◦ C = E(D(E(P,K1),K2),K1) ◦ P = D(E(D(C,K1),K2),K1)  Why Encrypt-Decrypt-Encrypt with 2 keys? ◦ Backward compatible: E(D(E(P,K),K),K) = E(P,K) ◦ And 112 bits is enough
  • 66. Reading assignments  Differential and linear cryptanalysis attack  Different block cipher modes  Deniable encryption
  • 67.  Advanced Encryption Standard (AES)
  • 68. Origins  clear a replacement for DES was needed ◦ have theoretical attacks that can break it. ◦ have demonstrated exhaustive key search attacks.  can use Triple-DES – but slow, has small blocks ◦ US NIST issued call for ciphers in 1997 ◦ 15 candidates accepted in Jun 98 ◦ 5 were shortlisted in Aug-99  Rijndael was selected as the AES in Oct- 2000 ◦ designed by Rijmen-Daemen in Belgium
  • 69. The AES Cipher - Rijndael  Iterated block cipher (like DES)  Not a Feistel cipher (unlike DES) ◦ operates on entire data block in every round.  Block size:128 bits (192 or 256)  Key length: 128, 192 or 256 bits (independent of block size)  10 to 14 rounds (depends on key length)  Each round uses 4 functions (3 “layers”) ◦ ByteSub (nonlinear layer) ◦ ShiftRow (linear mixing layer) ◦ MixColumn (nonlinear layer) ◦ AddRoundKey (key addition layer)
  • 71. AES Structure  data block of 4 columns of 4 bytes is state(16 byte)  key is expanded to array of words  has 9/11/13 rounds in which state undergoes: ◦ byte substitution (1 S-box used on every byte) ◦ shift rows (permute bytes between groups/columns) ◦ mix columns (subs using matrix multiply of groups) ◦ add round key (XOR state with key material) ◦ view as alternating XOR key & scramble data bytes  initial XOR key material & incomplete last round
  • 73. Substitute Bytes  AES treat 128 bit block as 4x4 byte array  a simple byte-by-byte substitution of the block!  uses one table of 16x16 bytes containing a permutation of all 256 8-bit values.  each byte of state is replaced by byte indexed by row (left 4-bits) & column (right 4- bits) ◦ eg. byte {95} is replaced by byte in row 9 column 5 ◦ which has value {2A}
  • 76. AES ByteSub  ByteSub is AES’s “S-box”  Treat 128 bit block as 4x4 byte array
  • 77. Shift Rows  a circular byte shift in each ◦ 1st row is unchanged ◦ 2nd row does 1 byte circular shift to left ◦ 3rd row does 2 byte circular shift to left ◦ 4th row does 3 byte circular shift to left  decrypt inverts using shifts to right  since state is processed by columns, this step permutes bytes between the columns
  • 79. AES MixColumn  Implemented as a (big) lookup table  Nonlinear, invertible operation applied to each column
  • 80. Mix Columns  each column is processed separately  each byte is replaced by a value dependent on all 4 bytes in the column  effectively a matrix multiplication in GF(28) using prime poly m(x) =x8+x4+x3+x+1
  • 83. Mix Columns  can express each col as 4 equations ◦ to derive each new byte in col  decryption requires use of inverse matrix ◦ with larger coefficients, hence a little harder  have an alternate characterisation ◦ each column a 4-term polynomial ◦ with coefficients in GF(28) ◦ and polynomials multiplied modulo (x4+1)  coefficients based on linear code with maximal distance between codewords
  • 85. AES Decryption  To decrypt, process must be invertible  Inverse of MixAddRoundKey is easy, ◦ since “”is its own inverse  MixColumn is invertible ◦ (inverse is also implemented as a lookup table)  Inverse of ShiftRow is easy ◦ (cyclic shift the other direction)  ByteSub is invertible ◦ (inverse is also implemented as a lookup table)
  • 87. Some Comments on AES 1. an iterative rather than feistel cipher 2. key expanded into array of 32-bit words 1. four words form round key in each round 3. 4 different stages are used as shown 4. has a simple structure 5. only AddRoundKey uses key 6. AddRoundKey a form of Vernam cipher 7. each stage is easily reversible 8. decryption uses keys in reverse order 9. decryption does recover plaintext 10. final round has only 3 stages