SlideShare a Scribd company logo

Cryptography

Download as PPT, PDF
Suhepi Saputri
Suhepi Saputri

This document provides an introduction to cryptography. It discusses the basic terms, notations, and structures of cryptography including private and public key cryptography examples. It also discusses modern secret key ciphers, encryption, attacks on ciphers, and the design of private key ciphers. The document contains examples of the Caesar cipher and a toy example of private and public key cryptography. It outlines principles of private key encryption and applications of modern cryptography.

EducationTechnology
1 of 31
Introduction to CryptographyIntroduction to Cryptography --- Foundations of information security ------ Foundations of information security --- Lecture 7Lecture 7
CSE2500 System Security and Privacy 2 OutlineOutline Why study cryptologyWhy study cryptology?? Basic terms, notations and structure ofBasic terms, notations and structure of cryptographycryptography Private & public key cryptography examplesPrivate & public key cryptography examples Modern secret key ciphers : usage andModern secret key ciphers : usage and methodologymethodology Encryption and possible attacksEncryption and possible attacks Secret key ciphers designSecret key ciphers design Slides 23 to 26 for additional informationSlides 23 to 26 for additional information (and reading)(and reading)
CSE2500 System Security and Privacy 3 Why Study cryptology(1)Why Study cryptology(1) A B Intruder Communications security
CSE2500 System Security and Privacy 4 Why Study cryptology(2)Why Study cryptology(2) Customer Merchant TTP Electronic Commerce Security
CSE2500 System Security and Privacy 5 Why Study cryptology(3)Why Study cryptology(3) A B LEA Law enforcement
CSE2500 System Security and Privacy 6 The Basic ProblemThe Basic Problem We consider theWe consider the confidentialityconfidentiality goal:goal: Alice and Bob are FriendsAlice and Bob are Friends Marvin is a rivalMarvin is a rival Alice wants to send secret messages (MAlice wants to send secret messages (M11,M,M22,…),…) to Bob over the Internetto Bob over the Internet Rival Marvin wants to read the messages (MRival Marvin wants to read the messages (M11,M,M22,, …) - Alice and Bob want to prevent this!…) - Alice and Bob want to prevent this! Assumption:Assumption: The network is OPEN: Marvin isThe network is OPEN: Marvin is able to eavesdrop and read all data sent fromable to eavesdrop and read all data sent from Alice to Bob.Alice to Bob. Consequence:Consequence: Alice must not send messagesAlice must not send messages (M(M11,M,M22,…) directly – they must be “scrambled” or,…) directly – they must be “scrambled” or encryptedencrypted using a ‘secret code’ unknown tousing a ‘secret code’ unknown to Marvin but known to Bob.Marvin but known to Bob.
CSE2500 System Security and Privacy 7 CryptographyCryptography plaintext (data file or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages)
CSE2500 System Security and Privacy 8 E D Message (cleartext, plaintext) Encrypted message (ciphertext) Encrypted message (ciphertext) Encryption Decryption key Alice Bob Private key cipherPrivate key cipher Message (cleartext,plaintext)
CSE2500 System Security and Privacy 9 Basic termsBasic terms Cryptology (to be very precise)Cryptology (to be very precise) Cryptography --- code designingCryptography --- code designing Cryptanalysis --- code breakingCryptanalysis --- code breaking Cryptologist:Cryptologist: Cryptographer & cryptanalystCryptographer & cryptanalyst Encryption/enciphermentEncryption/encipherment Scrambling data into unintelligible toScrambling data into unintelligible to unauthorised partiesunauthorised parties Decryption/deciphermentDecryption/decipherment Un-scramblingUn-scrambling
CSE2500 System Security and Privacy 10 Types of ciphersTypes of ciphers Private key cryptosystems/ciphersPrivate key cryptosystems/ciphers The secret key is shared between twoThe secret key is shared between two partiesparties Public key cryptosystems/ciphersPublic key cryptosystems/ciphers The secret key is not shared and twoThe secret key is not shared and two parties can still communicate using theirparties can still communicate using their public keyspublic keys
CSE2500 System Security and Privacy 11 Examples of “Messages”Examples of “Messages” Types of secret “Messages” AliceTypes of secret “Messages” Alice might want to send Bob (in increasingmight want to send Bob (in increasing length):length): Decision (yes/no),Decision (yes/no), eg. as answer to theeg. as answer to the question “Are we meeting tomorrow?”question “Are we meeting tomorrow?” Numerical ValueNumerical Value, eg. as answer to the, eg. as answer to the question “at what hour are we meeting?”question “at what hour are we meeting?” DocumentDocument SoftwareSoftware,, ImagesImages etc.etc.
CSE2500 System Security and Privacy 12 ConceptsConcepts A private key cipher is composed ofA private key cipher is composed of two algorithmstwo algorithms encryption algorithm Eencryption algorithm E decryption algorithm Ddecryption algorithm D The same key K is used for encryptionThe same key K is used for encryption & decryption& decryption K has to be distributed beforehandK has to be distributed beforehand
CSE2500 System Security and Privacy 13 NotationsNotations Encrypt a plaintext P using a key K &Encrypt a plaintext P using a key K & an encryption algorithm Ean encryption algorithm E C = E(K,P)C = E(K,P) Decrypt a ciphertext C using the sameDecrypt a ciphertext C using the same key K and the matching decryptionkey K and the matching decryption algorithm Dalgorithm D P = D(K,C)P = D(K,C) Note: P = D(K,C) = D(K, E(K,P))Note: P = D(K,C) = D(K, E(K,P))
CSE2500 System Security and Privacy 14 The Caesar cipher (e.g)The Caesar cipher (e.g) The Caesar cipher is a substitutionThe Caesar cipher is a substitution cipher, named after Julius Caesar.cipher, named after Julius Caesar. Operation principle:Operation principle: each letter is translated into the lettereach letter is translated into the letter a fixed number of positionsa fixed number of positions after itafter it in the alphabet table.in the alphabet table. The fixed number of positions is a keyThe fixed number of positions is a key both for encryption and decryption.both for encryption and decryption.
CSE2500 System Security and Privacy 15 The Caesar cipher (cnt’d)The Caesar cipher (cnt’d) K=3 Inner: ciphertext Outer: plaintext
CSE2500 System Security and Privacy 16 An exampleAn example For a key K=3,For a key K=3, plaintext letter:plaintext letter: ABCDEF...UVWXYZABCDEF...UVWXYZ ciphtertext letter:ciphtertext letter: DEF...UVWXYZABCDEF...UVWXYZABC HenceHence TREATY IMPOSSIBLETREATY IMPOSSIBLE is translated intois translated into WUHDWB LPSRVVLEOHWUHDWB LPSRVVLEOH
CSE2500 System Security and Privacy 17 Breaking classic ciphersBreaking classic ciphers With the help of fast computers,With the help of fast computers, 99.99% ciphers used before 1976 are99.99% ciphers used before 1976 are breakable by using one of the 4 typesbreakable by using one of the 4 types of attacks (described later).of attacks (described later). Modern cluster computers and futureModern cluster computers and future quantum computers can break severalquantum computers can break several existing ciphers due to the power ofexisting ciphers due to the power of such computers.such computers.
CSE2500 System Security and Privacy 18 Breaking the Caesar cipherBreaking the Caesar cipher By trial-and errorBy trial-and error By using statistics on lettersBy using statistics on letters frequency distributions of lettersfrequency distributions of letters letterletter percentpercent AA 7.49%7.49% BB 1.29%1.29% CC 3.54%3.54% DD 3.62%3.62% EE 14.00%14.00% ....................................................................
CSE2500 System Security and Privacy 19 Toy example of private keyToy example of private key cryptography (TPC)cryptography (TPC) Assume that a message is broken into 64-bit blocks and eachAssume that a message is broken into 64-bit blocks and each 64-bit block of plaintext is encrypted separately:64-bit block of plaintext is encrypted separately: Key space are combinations of numerical digits – max: 7Key space are combinations of numerical digits – max: 7 digits-digits- (eg: key = [1]; or key = [1,3], or key = [1,4,2]).(eg: key = [1]; or key = [1,3], or key = [1,4,2]). Assume that all 8 bits of a byte is used and key digits startAssume that all 8 bits of a byte is used and key digits start from left to right.from left to right. Encryption: Each plaintext block is first shifted by the numberEncryption: Each plaintext block is first shifted by the number of binary digits before the last non-zero digit of the key. It isof binary digits before the last non-zero digit of the key. It is then exclusive-ored with the key starting from the first byte ofthen exclusive-ored with the key starting from the first byte of the block, repeatedly to the end of the block (the key moves athe block, repeatedly to the end of the block (the key moves a distance of its size from left to right of the plaintext block).distance of its size from left to right of the plaintext block). Decryption: do the reverse of encryption: the cipher-text isDecryption: do the reverse of encryption: the cipher-text is exclusive-ored and then shifted.exclusive-ored and then shifted. 0 0 0= 1 1 0= 0 1 1= 1 0 1= : exclusive: exclusive oror
CSE2500 System Security and Privacy 20 Using TPCUsing TPC Use TPC to encrypt the plaintext “12345”, keyUse TPC to encrypt the plaintext “12345”, key = [1,4,2]= [1,4,2] Use TPC to encrypt the plaintext “TREATYUse TPC to encrypt the plaintext “TREATY IMPOSSIBLE”; key = [4];IMPOSSIBLE”; key = [4]; Use TPC to encrypt the plaintext “100Use TPC to encrypt the plaintext “100 dollars”, key = [2,4];dollars”, key = [2,4];
CSE2500 System Security and Privacy 21 Principles of Private Key EncryptionPrinciples of Private Key Encryption Devise cryptographic algorithms:Devise cryptographic algorithms: a set of fast functions (E1, E2, E3, ..En) that when in turna set of fast functions (E1, E2, E3, ..En) that when in turn applied to an input (initial or intermediate input) willapplied to an input (initial or intermediate input) will produce a more potentially scrambled output.produce a more potentially scrambled output. and a set of functions (D1,D2,D3, .. Dn) that when in turnand a set of functions (D1,D2,D3, .. Dn) that when in turn applied to the cipher text (final or intermediate) willapplied to the cipher text (final or intermediate) will produce the original input text.produce the original input text. Devise algorithms, tests and proofs to validateDevise algorithms, tests and proofs to validate your cryptographic algorithmsyour cryptographic algorithms Analysing algorithms.Analysing algorithms. Tests with powerful computers such as specialised,Tests with powerful computers such as specialised, parallel, cluster, or quantum computers.parallel, cluster, or quantum computers. Mathematical proofs.Mathematical proofs.
CSE2500 System Security and Privacy 22 Toy example of public keyToy example of public key cryptographycryptography Definition: The multiplicative inverse ofDefinition: The multiplicative inverse of xx with modulowith modulo nn isis yy such that (such that (xx**yy) mod) mod nn = 1= 1 E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1 The above multiplicative inverse can be used to create aThe above multiplicative inverse can be used to create a simple public key cipher: eithersimple public key cipher: either xx oror yy can be thought of as acan be thought of as a secret key and the other is the public key. Letsecret key and the other is the public key. Let xx = 3,= 3, yy = 7,= 7, nn == 10, and M be the message:10, and M be the message: M = 4 ;M = 4 ; 3*4 mod 10 = 2; (ciphertext) - encrypting3*4 mod 10 = 2; (ciphertext) - encrypting 2*7 mod 10 = 4 = M ; (message) - decrypting2*7 mod 10 = 4 = M ; (message) - decrypting M =6 ;M =6 ; 3*6 mod 10 = 8;3*6 mod 10 = 8; 8*7 mod 10 = 6 = M (message)8*7 mod 10 = 6 = M (message)
CSE2500 System Security and Privacy 23 What is PKE used for?What is PKE used for? Private Key Encryption (PKE) can bePrivate Key Encryption (PKE) can be used:used: Transmitting data over an insecureTransmitting data over an insecure channelchannel Secure stored data (encrypt & store)Secure stored data (encrypt & store) Provide integrity check:Provide integrity check: (Key + Mes.) -> MAC (message authentication(Key + Mes.) -> MAC (message authentication code)code)
CSE2500 System Security and Privacy 24 Morden Cryptography applicationsMorden Cryptography applications Not just about confidentiality!Not just about confidentiality! IntegrityIntegrity Digital signaturesDigital signatures Hash functionsHash functions Fair exchangeFair exchange Contract signingContract signing AnonymityAnonymity Electronic cashElectronic cash Electronic votingElectronic voting Etc.Etc.
CSE2500 System Security and Privacy 25 Modern private key ciphersModern private key ciphers DES (US, 1977) (3DES)DES (US, 1977) (3DES) key -- 56 bits, plaintext/ciphertext -- 64 bitskey -- 56 bits, plaintext/ciphertext -- 64 bits LOKI (ADFA, Australia, 1989)LOKI (ADFA, Australia, 1989) key, plaintext/ciphertext -- 64 bitskey, plaintext/ciphertext -- 64 bits FEAL (NTT, Japan, 1990)FEAL (NTT, Japan, 1990) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits IDEA (Lai & Massey, Swiss, 1991)IDEA (Lai & Massey, Swiss, 1991) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits SPEED (Y Zheng in 1996)SPEED (Y Zheng in 1996) Key/(plaintext/ciphertext) -- 48,64,80,…,256 bitsKey/(plaintext/ciphertext) -- 48,64,80,…,256 bits AES (Joan Daemen & Vincent Rijmen 2000)AES (Joan Daemen & Vincent Rijmen 2000) Key/(plaintext/ciphertext) -- 128, 192 and 256 bitsKey/(plaintext/ciphertext) -- 128, 192 and 256 bits
CSE2500 System Security and Privacy 26 General approaches to CryptographyGeneral approaches to Cryptography There are two general encryption methods:There are two general encryption methods: Block ciphers &Block ciphers & Stream ciphersStream ciphers Block ciphersBlock ciphers Slice message M into (fixed size blocks)Slice message M into (fixed size blocks) mm11, …,, …, mmnn Add padding to last blockAdd padding to last block Use EUse Ekk to produce (ciphertext blocks)to produce (ciphertext blocks) xx11, …,, …, xxnn Use DUse Dkk to recover M fromto recover M from mm11, …,, …, mmnn E.g: DES, etc.E.g: DES, etc. Stream ciphersStream ciphers Generate a long random string (or pseudo random)Generate a long random string (or pseudo random) calledcalled one-time padone-time pad.. MessageMessage one-time padone-time pad (exclusive or)(exclusive or) E.g: EC4E.g: EC4
CSE2500 System Security and Privacy 27 Design of Private Key Ciphers(1)Design of Private Key Ciphers(1) A Cryptographic algorithm should be efficient forA Cryptographic algorithm should be efficient for good usegood use It should be fast and key length should be of the rightIt should be fast and key length should be of the right length – e.g.; not too shortlength – e.g.; not too short Cryptographic algorithms are not impossible toCryptographic algorithms are not impossible to break without a keybreak without a key If we try all the combinations, we can get the originalIf we try all the combinations, we can get the original messagemessage The security of a cryptographic algorithm dependsThe security of a cryptographic algorithm depends on how much work it takes for someone to break iton how much work it takes for someone to break it E.g If it takes 10 mil. years to break a cryptographicE.g If it takes 10 mil. years to break a cryptographic algorithm X using all the computers of a state, X can bealgorithm X using all the computers of a state, X can be thought of as a secure one – reason: cluster computersthought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crackand quantum computers are powerful enough to crack many current cryptographic algorithms.many current cryptographic algorithms.
CSE2500 System Security and Privacy 28 Design of Private Key Ciphers(2)Design of Private Key Ciphers(2) Encryption Algorithm DesignEncryption Algorithm Design Should the strength of the algorithm beShould the strength of the algorithm be included in the implementation of theincluded in the implementation of the algorithm? Should we hide the algorithm?algorithm? Should we hide the algorithm? Should the block size be small or large?Should the block size be small or large? Should the keyspace be large?Should the keyspace be large? Should we consider other search ratherShould we consider other search rather than brute-force search?than brute-force search? Should we consider the hardwareShould we consider the hardware technology?technology?
CSE2500 System Security and Privacy 29 4 types of cryptanalysis4 types of cryptanalysis Depending on what a cryptanalyst hasDepending on what a cryptanalyst has to work with, attacks can be classifiedto work with, attacks can be classified intointo ciphertext only attackciphertext only attack known plaintext attackknown plaintext attack chosen plaintext attackchosen plaintext attack chosen ciphertext attack (most severe)chosen ciphertext attack (most severe)
CSE2500 System Security and Privacy 30 4 types of attacks4 types of attacks Ciphertext only attackCiphertext only attack the only data available is a targetthe only data available is a target ciphertextciphertext Known plaintext attackKnown plaintext attack a target ciphertexta target ciphertext pairs of other ciphertext and plaintextpairs of other ciphertext and plaintext (say, previously broken or guessing)(say, previously broken or guessing)
CSE2500 System Security and Privacy 31 4 types of attacks4 types of attacks Chosen plaintext attacksChosen plaintext attacks a target ciphertexta target ciphertext can feed encryption algorithm withcan feed encryption algorithm with plaintexts and obtain the matchingplaintexts and obtain the matching ciphertextsciphertexts Chosen ciphertext attackChosen ciphertext attack a target ciphertexta target ciphertext can feed decryption algorithm withcan feed decryption algorithm with ciphertexts and obtain the matchingciphertexts and obtain the matching plaintextsplaintexts

Recommended

Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
Arun ACE
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
sarhadisoftengg
 
Cryptography
CryptographyCryptography
Cryptography
EmaSushan
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
Adam Reagan
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
Cryptography
CryptographyCryptography
Cryptography
Rutuja Solkar
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
 

Recommended

Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
Arun ACE
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
sarhadisoftengg
 
Cryptography
CryptographyCryptography
Cryptography
EmaSushan
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
Adam Reagan
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
Cryptography
CryptographyCryptography
Cryptography
Rutuja Solkar
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
Hossain Md Shakhawat
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Popescu Petre
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
Dr Naim R Kidwai
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
n|u - The Open Security Community
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Md. Afif Al Mamun
 
Steganography
Steganography Steganography
Steganography
Uttam Jain
 
Substitution cipher and Its Cryptanalysis
Substitution cipher and Its CryptanalysisSubstitution cipher and Its Cryptanalysis
Substitution cipher and Its Cryptanalysis
Sunil Meena
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
chauhankapil
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Seema Goel
 
cryptography
cryptographycryptography
cryptography
Abhijeet Singh
 
Kerberos
KerberosKerberos
Kerberos
Rahul Pundir
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
ssuserec53e73
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
Information Technology
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
Naveen Kumar
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4
Kabul Education University
 
Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptx
ssuserd24233
 
Ch02 classic nemo
Ch02 classic nemoCh02 classic nemo
Ch02 classic nemo
Samia Elsayed
 
Iss lecture 2
Iss lecture 2Iss lecture 2
Iss lecture 2
Ali Habeeb
 

More Related Content

What's hot

Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
Hossain Md Shakhawat
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Popescu Petre
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
Dr Naim R Kidwai
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
n|u - The Open Security Community
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Md. Afif Al Mamun
 
Steganography
Steganography Steganography
Steganography
Uttam Jain
 
Substitution cipher and Its Cryptanalysis
Substitution cipher and Its CryptanalysisSubstitution cipher and Its Cryptanalysis
Substitution cipher and Its Cryptanalysis
Sunil Meena
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
chauhankapil
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Seema Goel
 
cryptography
cryptographycryptography
cryptography
Abhijeet Singh
 
Kerberos
KerberosKerberos
Kerberos
Rahul Pundir
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
ssuserec53e73
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
Information Technology
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
Naveen Kumar
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4
Kabul Education University
 
Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptx
ssuserd24233
 

What's hot (20)

Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Steganography
Steganography Steganography
Steganography
 
Substitution cipher and Its Cryptanalysis
Substitution cipher and Its CryptanalysisSubstitution cipher and Its Cryptanalysis
Substitution cipher and Its Cryptanalysis
 
Cryptography
CryptographyCryptography
Cryptography
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
cryptography
cryptographycryptography
cryptography
 
Kerberos
KerberosKerberos
Kerberos
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4Cryptography and Network security # Lecture 4
Cryptography and Network security # Lecture 4
 
Cryptography
CryptographyCryptography
Cryptography
 
Network security model.pptx
Network security model.pptxNetwork security model.pptx
Network security model.pptx
 

Similar to Cryptography

Ch02 classic nemo
Ch02 classic nemoCh02 classic nemo
Ch02 classic nemo
Samia Elsayed
 
Iss lecture 2
Iss lecture 2Iss lecture 2
Iss lecture 2
Ali Habeeb
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Bharat Kumar Katur
 
network security
network securitynetwork security
network security
Srinivasa Rao
 
IS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key Cryptography
Sarthak Patel
 
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
Amazon Web Services
 
Encryption
EncryptionEncryption
Encryption
keith dias
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
Saif Kassim
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
KaushikRamabhotla
 
Introduction to Public Key Cryptography
Introduction to Public Key CryptographyIntroduction to Public Key Cryptography
Introduction to Public Key Cryptography
Kelley Robinson
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical Cryptography
Kelley Robinson
 
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
Hamed Moghaddam
 
Information System Security.pptx
Information System Security.pptxInformation System Security.pptx
Information System Security.pptx
GIT
 
Slide cipher based encryption
Slide cipher based encryptionSlide cipher based encryption
Slide cipher based encryption
Mizi Mohamad
 
Computer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptxComputer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptx
magoigamtatiro1
 
Day5
Day5Day5
Day5
Jai4uk
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
phanleson
 
Cns 1
Cns 1Cns 1
Cns 1
Aboudi Sabbah
 
Unit 1
Unit 1Unit 1
Unit 1
Trupti Kodinariya
 
Cryptography 101 for Java developers
Cryptography 101 for Java developersCryptography 101 for Java developers
Cryptography 101 for Java developers
Michel Schudel
 

Similar to Cryptography (20)

Ch02 classic nemo
Ch02 classic nemoCh02 classic nemo
Ch02 classic nemo
 
Iss lecture 2
Iss lecture 2Iss lecture 2
Iss lecture 2
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
network security
network securitynetwork security
network security
 
IS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key Cryptography
 
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
 
Encryption
EncryptionEncryption
Encryption
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
 
Introduction to Public Key Cryptography
Introduction to Public Key CryptographyIntroduction to Public Key Cryptography
Introduction to Public Key Cryptography
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical Cryptography
 
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
 
Information System Security.pptx
Information System Security.pptxInformation System Security.pptx
Information System Security.pptx
 
Slide cipher based encryption
Slide cipher based encryptionSlide cipher based encryption
Slide cipher based encryption
 
Computer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptxComputer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptx
 
Day5
Day5Day5
Day5
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
 
Cns 1
Cns 1Cns 1
Cns 1
 
Unit 1
Unit 1Unit 1
Unit 1
 
Cryptography 101 for Java developers
Cryptography 101 for Java developersCryptography 101 for Java developers
Cryptography 101 for Java developers
 

Recently uploaded

RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
IreneSebastianRueco1
 
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
Academy of Science of South Africa
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Dr. Vinod Kumar Kanvaria
 
PIMS Job Advertisement 2024.pdf Islamabad
PIMS Job Advertisement 2024.pdf IslamabadPIMS Job Advertisement 2024.pdf Islamabad
PIMS Job Advertisement 2024.pdf Islamabad
AyyanKhan40
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
thanhdowork
 
S1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptxS1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptx
tarandeep35
 
The History of Stoke Newington Street Names
The History of Stoke Newington Street NamesThe History of Stoke Newington Street Names
The History of Stoke Newington Street Names
History of Stoke Newington
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Excellence Foundation for South Sudan
 
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionExecutive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
TechSoup
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
National Information Standards Organization (NISO)
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
Life upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for studentLife upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for student
NgcHiNguyn25
 
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptxC1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
mulvey2
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
taiba qazi
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
PECB
 
Assessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptxAssessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptx
Kavitha Krishnan
 
The basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptxThe basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptx
heathfieldcps1
 
Top five deadliest dog breeds in America
Top five deadliest dog breeds in AmericaTop five deadliest dog breeds in America
Top five deadliest dog breeds in America
Bisnar Chase Personal Injury Attorneys
 

Recently uploaded (20)

RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
RPMS TEMPLATE FOR SCHOOL YEAR 2023-2024 FOR TEACHER 1 TO TEACHER 3
 
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
 
PIMS Job Advertisement 2024.pdf Islamabad
PIMS Job Advertisement 2024.pdf IslamabadPIMS Job Advertisement 2024.pdf Islamabad
PIMS Job Advertisement 2024.pdf Islamabad
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
 
S1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptxS1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptx
 
The History of Stoke Newington Street Names
The History of Stoke Newington Street NamesThe History of Stoke Newington Street Names
The History of Stoke Newington Street Names
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
 
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionExecutive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
Life upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for studentLife upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for student
 
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptxC1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
 
Assessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptxAssessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptx
 
The basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptxThe basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptx
 
Top five deadliest dog breeds in America
Top five deadliest dog breeds in AmericaTop five deadliest dog breeds in America
Top five deadliest dog breeds in America
 

Cryptography

  • 1. Introduction to CryptographyIntroduction to Cryptography --- Foundations of information security ------ Foundations of information security --- Lecture 7Lecture 7
  • 2. CSE2500 System Security and Privacy 2 OutlineOutline Why study cryptologyWhy study cryptology?? Basic terms, notations and structure ofBasic terms, notations and structure of cryptographycryptography Private & public key cryptography examplesPrivate & public key cryptography examples Modern secret key ciphers : usage andModern secret key ciphers : usage and methodologymethodology Encryption and possible attacksEncryption and possible attacks Secret key ciphers designSecret key ciphers design Slides 23 to 26 for additional informationSlides 23 to 26 for additional information (and reading)(and reading)
  • 3. CSE2500 System Security and Privacy 3 Why Study cryptology(1)Why Study cryptology(1) A B Intruder Communications security
  • 4. CSE2500 System Security and Privacy 4 Why Study cryptology(2)Why Study cryptology(2) Customer Merchant TTP Electronic Commerce Security
  • 5. CSE2500 System Security and Privacy 5 Why Study cryptology(3)Why Study cryptology(3) A B LEA Law enforcement
  • 6. CSE2500 System Security and Privacy 6 The Basic ProblemThe Basic Problem We consider theWe consider the confidentialityconfidentiality goal:goal: Alice and Bob are FriendsAlice and Bob are Friends Marvin is a rivalMarvin is a rival Alice wants to send secret messages (MAlice wants to send secret messages (M11,M,M22,…),…) to Bob over the Internetto Bob over the Internet Rival Marvin wants to read the messages (MRival Marvin wants to read the messages (M11,M,M22,, …) - Alice and Bob want to prevent this!…) - Alice and Bob want to prevent this! Assumption:Assumption: The network is OPEN: Marvin isThe network is OPEN: Marvin is able to eavesdrop and read all data sent fromable to eavesdrop and read all data sent from Alice to Bob.Alice to Bob. Consequence:Consequence: Alice must not send messagesAlice must not send messages (M(M11,M,M22,…) directly – they must be “scrambled” or,…) directly – they must be “scrambled” or encryptedencrypted using a ‘secret code’ unknown tousing a ‘secret code’ unknown to Marvin but known to Bob.Marvin but known to Bob.
  • 7. CSE2500 System Security and Privacy 7 CryptographyCryptography plaintext (data file or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages)
  • 8. CSE2500 System Security and Privacy 8 E D Message (cleartext, plaintext) Encrypted message (ciphertext) Encrypted message (ciphertext) Encryption Decryption key Alice Bob Private key cipherPrivate key cipher Message (cleartext,plaintext)
  • 9. CSE2500 System Security and Privacy 9 Basic termsBasic terms Cryptology (to be very precise)Cryptology (to be very precise) Cryptography --- code designingCryptography --- code designing Cryptanalysis --- code breakingCryptanalysis --- code breaking Cryptologist:Cryptologist: Cryptographer & cryptanalystCryptographer & cryptanalyst Encryption/enciphermentEncryption/encipherment Scrambling data into unintelligible toScrambling data into unintelligible to unauthorised partiesunauthorised parties Decryption/deciphermentDecryption/decipherment Un-scramblingUn-scrambling
  • 10. CSE2500 System Security and Privacy 10 Types of ciphersTypes of ciphers Private key cryptosystems/ciphersPrivate key cryptosystems/ciphers The secret key is shared between twoThe secret key is shared between two partiesparties Public key cryptosystems/ciphersPublic key cryptosystems/ciphers The secret key is not shared and twoThe secret key is not shared and two parties can still communicate using theirparties can still communicate using their public keyspublic keys
  • 11. CSE2500 System Security and Privacy 11 Examples of “Messages”Examples of “Messages” Types of secret “Messages” AliceTypes of secret “Messages” Alice might want to send Bob (in increasingmight want to send Bob (in increasing length):length): Decision (yes/no),Decision (yes/no), eg. as answer to theeg. as answer to the question “Are we meeting tomorrow?”question “Are we meeting tomorrow?” Numerical ValueNumerical Value, eg. as answer to the, eg. as answer to the question “at what hour are we meeting?”question “at what hour are we meeting?” DocumentDocument SoftwareSoftware,, ImagesImages etc.etc.
  • 12. CSE2500 System Security and Privacy 12 ConceptsConcepts A private key cipher is composed ofA private key cipher is composed of two algorithmstwo algorithms encryption algorithm Eencryption algorithm E decryption algorithm Ddecryption algorithm D The same key K is used for encryptionThe same key K is used for encryption & decryption& decryption K has to be distributed beforehandK has to be distributed beforehand
  • 13. CSE2500 System Security and Privacy 13 NotationsNotations Encrypt a plaintext P using a key K &Encrypt a plaintext P using a key K & an encryption algorithm Ean encryption algorithm E C = E(K,P)C = E(K,P) Decrypt a ciphertext C using the sameDecrypt a ciphertext C using the same key K and the matching decryptionkey K and the matching decryption algorithm Dalgorithm D P = D(K,C)P = D(K,C) Note: P = D(K,C) = D(K, E(K,P))Note: P = D(K,C) = D(K, E(K,P))
  • 14. CSE2500 System Security and Privacy 14 The Caesar cipher (e.g)The Caesar cipher (e.g) The Caesar cipher is a substitutionThe Caesar cipher is a substitution cipher, named after Julius Caesar.cipher, named after Julius Caesar. Operation principle:Operation principle: each letter is translated into the lettereach letter is translated into the letter a fixed number of positionsa fixed number of positions after itafter it in the alphabet table.in the alphabet table. The fixed number of positions is a keyThe fixed number of positions is a key both for encryption and decryption.both for encryption and decryption.
  • 15. CSE2500 System Security and Privacy 15 The Caesar cipher (cnt’d)The Caesar cipher (cnt’d) K=3 Inner: ciphertext Outer: plaintext
  • 16. CSE2500 System Security and Privacy 16 An exampleAn example For a key K=3,For a key K=3, plaintext letter:plaintext letter: ABCDEF...UVWXYZABCDEF...UVWXYZ ciphtertext letter:ciphtertext letter: DEF...UVWXYZABCDEF...UVWXYZABC HenceHence TREATY IMPOSSIBLETREATY IMPOSSIBLE is translated intois translated into WUHDWB LPSRVVLEOHWUHDWB LPSRVVLEOH
  • 17. CSE2500 System Security and Privacy 17 Breaking classic ciphersBreaking classic ciphers With the help of fast computers,With the help of fast computers, 99.99% ciphers used before 1976 are99.99% ciphers used before 1976 are breakable by using one of the 4 typesbreakable by using one of the 4 types of attacks (described later).of attacks (described later). Modern cluster computers and futureModern cluster computers and future quantum computers can break severalquantum computers can break several existing ciphers due to the power ofexisting ciphers due to the power of such computers.such computers.
  • 18. CSE2500 System Security and Privacy 18 Breaking the Caesar cipherBreaking the Caesar cipher By trial-and errorBy trial-and error By using statistics on lettersBy using statistics on letters frequency distributions of lettersfrequency distributions of letters letterletter percentpercent AA 7.49%7.49% BB 1.29%1.29% CC 3.54%3.54% DD 3.62%3.62% EE 14.00%14.00% ....................................................................
  • 19. CSE2500 System Security and Privacy 19 Toy example of private keyToy example of private key cryptography (TPC)cryptography (TPC) Assume that a message is broken into 64-bit blocks and eachAssume that a message is broken into 64-bit blocks and each 64-bit block of plaintext is encrypted separately:64-bit block of plaintext is encrypted separately: Key space are combinations of numerical digits – max: 7Key space are combinations of numerical digits – max: 7 digits-digits- (eg: key = [1]; or key = [1,3], or key = [1,4,2]).(eg: key = [1]; or key = [1,3], or key = [1,4,2]). Assume that all 8 bits of a byte is used and key digits startAssume that all 8 bits of a byte is used and key digits start from left to right.from left to right. Encryption: Each plaintext block is first shifted by the numberEncryption: Each plaintext block is first shifted by the number of binary digits before the last non-zero digit of the key. It isof binary digits before the last non-zero digit of the key. It is then exclusive-ored with the key starting from the first byte ofthen exclusive-ored with the key starting from the first byte of the block, repeatedly to the end of the block (the key moves athe block, repeatedly to the end of the block (the key moves a distance of its size from left to right of the plaintext block).distance of its size from left to right of the plaintext block). Decryption: do the reverse of encryption: the cipher-text isDecryption: do the reverse of encryption: the cipher-text is exclusive-ored and then shifted.exclusive-ored and then shifted. 0 0 0= 1 1 0= 0 1 1= 1 0 1= : exclusive: exclusive oror
  • 20. CSE2500 System Security and Privacy 20 Using TPCUsing TPC Use TPC to encrypt the plaintext “12345”, keyUse TPC to encrypt the plaintext “12345”, key = [1,4,2]= [1,4,2] Use TPC to encrypt the plaintext “TREATYUse TPC to encrypt the plaintext “TREATY IMPOSSIBLE”; key = [4];IMPOSSIBLE”; key = [4]; Use TPC to encrypt the plaintext “100Use TPC to encrypt the plaintext “100 dollars”, key = [2,4];dollars”, key = [2,4];
  • 21. CSE2500 System Security and Privacy 21 Principles of Private Key EncryptionPrinciples of Private Key Encryption Devise cryptographic algorithms:Devise cryptographic algorithms: a set of fast functions (E1, E2, E3, ..En) that when in turna set of fast functions (E1, E2, E3, ..En) that when in turn applied to an input (initial or intermediate input) willapplied to an input (initial or intermediate input) will produce a more potentially scrambled output.produce a more potentially scrambled output. and a set of functions (D1,D2,D3, .. Dn) that when in turnand a set of functions (D1,D2,D3, .. Dn) that when in turn applied to the cipher text (final or intermediate) willapplied to the cipher text (final or intermediate) will produce the original input text.produce the original input text. Devise algorithms, tests and proofs to validateDevise algorithms, tests and proofs to validate your cryptographic algorithmsyour cryptographic algorithms Analysing algorithms.Analysing algorithms. Tests with powerful computers such as specialised,Tests with powerful computers such as specialised, parallel, cluster, or quantum computers.parallel, cluster, or quantum computers. Mathematical proofs.Mathematical proofs.
  • 22. CSE2500 System Security and Privacy 22 Toy example of public keyToy example of public key cryptographycryptography Definition: The multiplicative inverse ofDefinition: The multiplicative inverse of xx with modulowith modulo nn isis yy such that (such that (xx**yy) mod) mod nn = 1= 1 E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1 The above multiplicative inverse can be used to create aThe above multiplicative inverse can be used to create a simple public key cipher: eithersimple public key cipher: either xx oror yy can be thought of as acan be thought of as a secret key and the other is the public key. Letsecret key and the other is the public key. Let xx = 3,= 3, yy = 7,= 7, nn == 10, and M be the message:10, and M be the message: M = 4 ;M = 4 ; 3*4 mod 10 = 2; (ciphertext) - encrypting3*4 mod 10 = 2; (ciphertext) - encrypting 2*7 mod 10 = 4 = M ; (message) - decrypting2*7 mod 10 = 4 = M ; (message) - decrypting M =6 ;M =6 ; 3*6 mod 10 = 8;3*6 mod 10 = 8; 8*7 mod 10 = 6 = M (message)8*7 mod 10 = 6 = M (message)
  • 23. CSE2500 System Security and Privacy 23 What is PKE used for?What is PKE used for? Private Key Encryption (PKE) can bePrivate Key Encryption (PKE) can be used:used: Transmitting data over an insecureTransmitting data over an insecure channelchannel Secure stored data (encrypt & store)Secure stored data (encrypt & store) Provide integrity check:Provide integrity check: (Key + Mes.) -> MAC (message authentication(Key + Mes.) -> MAC (message authentication code)code)
  • 24. CSE2500 System Security and Privacy 24 Morden Cryptography applicationsMorden Cryptography applications Not just about confidentiality!Not just about confidentiality! IntegrityIntegrity Digital signaturesDigital signatures Hash functionsHash functions Fair exchangeFair exchange Contract signingContract signing AnonymityAnonymity Electronic cashElectronic cash Electronic votingElectronic voting Etc.Etc.
  • 25. CSE2500 System Security and Privacy 25 Modern private key ciphersModern private key ciphers DES (US, 1977) (3DES)DES (US, 1977) (3DES) key -- 56 bits, plaintext/ciphertext -- 64 bitskey -- 56 bits, plaintext/ciphertext -- 64 bits LOKI (ADFA, Australia, 1989)LOKI (ADFA, Australia, 1989) key, plaintext/ciphertext -- 64 bitskey, plaintext/ciphertext -- 64 bits FEAL (NTT, Japan, 1990)FEAL (NTT, Japan, 1990) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits IDEA (Lai & Massey, Swiss, 1991)IDEA (Lai & Massey, Swiss, 1991) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits SPEED (Y Zheng in 1996)SPEED (Y Zheng in 1996) Key/(plaintext/ciphertext) -- 48,64,80,…,256 bitsKey/(plaintext/ciphertext) -- 48,64,80,…,256 bits AES (Joan Daemen & Vincent Rijmen 2000)AES (Joan Daemen & Vincent Rijmen 2000) Key/(plaintext/ciphertext) -- 128, 192 and 256 bitsKey/(plaintext/ciphertext) -- 128, 192 and 256 bits
  • 26. CSE2500 System Security and Privacy 26 General approaches to CryptographyGeneral approaches to Cryptography There are two general encryption methods:There are two general encryption methods: Block ciphers &Block ciphers & Stream ciphersStream ciphers Block ciphersBlock ciphers Slice message M into (fixed size blocks)Slice message M into (fixed size blocks) mm11, …,, …, mmnn Add padding to last blockAdd padding to last block Use EUse Ekk to produce (ciphertext blocks)to produce (ciphertext blocks) xx11, …,, …, xxnn Use DUse Dkk to recover M fromto recover M from mm11, …,, …, mmnn E.g: DES, etc.E.g: DES, etc. Stream ciphersStream ciphers Generate a long random string (or pseudo random)Generate a long random string (or pseudo random) calledcalled one-time padone-time pad.. MessageMessage one-time padone-time pad (exclusive or)(exclusive or) E.g: EC4E.g: EC4
  • 27. CSE2500 System Security and Privacy 27 Design of Private Key Ciphers(1)Design of Private Key Ciphers(1) A Cryptographic algorithm should be efficient forA Cryptographic algorithm should be efficient for good usegood use It should be fast and key length should be of the rightIt should be fast and key length should be of the right length – e.g.; not too shortlength – e.g.; not too short Cryptographic algorithms are not impossible toCryptographic algorithms are not impossible to break without a keybreak without a key If we try all the combinations, we can get the originalIf we try all the combinations, we can get the original messagemessage The security of a cryptographic algorithm dependsThe security of a cryptographic algorithm depends on how much work it takes for someone to break iton how much work it takes for someone to break it E.g If it takes 10 mil. years to break a cryptographicE.g If it takes 10 mil. years to break a cryptographic algorithm X using all the computers of a state, X can bealgorithm X using all the computers of a state, X can be thought of as a secure one – reason: cluster computersthought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crackand quantum computers are powerful enough to crack many current cryptographic algorithms.many current cryptographic algorithms.
  • 28. CSE2500 System Security and Privacy 28 Design of Private Key Ciphers(2)Design of Private Key Ciphers(2) Encryption Algorithm DesignEncryption Algorithm Design Should the strength of the algorithm beShould the strength of the algorithm be included in the implementation of theincluded in the implementation of the algorithm? Should we hide the algorithm?algorithm? Should we hide the algorithm? Should the block size be small or large?Should the block size be small or large? Should the keyspace be large?Should the keyspace be large? Should we consider other search ratherShould we consider other search rather than brute-force search?than brute-force search? Should we consider the hardwareShould we consider the hardware technology?technology?
  • 29. CSE2500 System Security and Privacy 29 4 types of cryptanalysis4 types of cryptanalysis Depending on what a cryptanalyst hasDepending on what a cryptanalyst has to work with, attacks can be classifiedto work with, attacks can be classified intointo ciphertext only attackciphertext only attack known plaintext attackknown plaintext attack chosen plaintext attackchosen plaintext attack chosen ciphertext attack (most severe)chosen ciphertext attack (most severe)
  • 30. CSE2500 System Security and Privacy 30 4 types of attacks4 types of attacks Ciphertext only attackCiphertext only attack the only data available is a targetthe only data available is a target ciphertextciphertext Known plaintext attackKnown plaintext attack a target ciphertexta target ciphertext pairs of other ciphertext and plaintextpairs of other ciphertext and plaintext (say, previously broken or guessing)(say, previously broken or guessing)
  • 31. CSE2500 System Security and Privacy 31 4 types of attacks4 types of attacks Chosen plaintext attacksChosen plaintext attacks a target ciphertexta target ciphertext can feed encryption algorithm withcan feed encryption algorithm with plaintexts and obtain the matchingplaintexts and obtain the matching ciphertextsciphertexts Chosen ciphertext attackChosen ciphertext attack a target ciphertexta target ciphertext can feed decryption algorithm withcan feed decryption algorithm with ciphertexts and obtain the matchingciphertexts and obtain the matching plaintextsplaintexts