Uploaded byindupps
54 views

Cryptography Introduction

This document provides an overview of cryptography and network security concepts. It discusses computer security, network security, and internet security. It then covers security attacks like passive attacks which obtain transmitted information and active attacks which modify data. Security services like authentication, access control, and data confidentiality are explained. Security mechanisms like encipherment, digital signatures, and traffic padding are also introduced. Symmetric ciphers like the Caesar cipher, monoalphabetic cipher, Playfair cipher, polyalphabetic ciphers, and the one-time pad are described. Block ciphers principles involving confusion and diffusion are covered. The Data Encryption Standard (DES) cipher is explained in detail regarding its history, structure using Feistel networks, key size,

Embed presentation

P.INDURANI ASSISTANT PROFESSOR & HEAD DEPARTMENT OF COMPUTER SCIENCE PARVATHY’S ARTS AND SCIENCE COLLEGE DINDIGUL 11 CRYPTOGRAPHY AND NETWORK SECURITY
UNIT I • Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers • Network Security - measures to protect data during their transmission • Internet Security - measures to protect data during their transmission over a collection of interconnected networks 2
Security Architecture • Security Attack • Security Mechanism • Security Service 3
Security Attack • compromises the security of information owned by an organization • information security is about how to prevent attacks, or failing that, to detect attacks on information- based systems • Generic types of attacks – Passive: To obtain information that is being transmitted. – Active: Involves some modification of the data stream. 4
Security Attack Passive Attack • Release of message contents: tansferred file that contain confidential information • Traffic analysis: masking the contents of message Active Attack • Masquerade: captured and replayed after a valid authentication sequence • Replay: retransmission to produce an unauthorized effect • Modification of messages: altered, delayed, reordered to produce an unauthorized effect • Denial of service: to specific target 5
Security Services Service provided by a protocol layer of communicating open systems • Authentication – assuring communication is authentic • Peer entity: times duration the data transfer phase of a connection • Data origin: protection against the duplication or modification of data unit • Access control – ability to limit and control the access • Data confidentiality – protection of transmitted data from passive attacks • Data integrity – stream of message 6
Security Mechanisms • Specific security mechanisms: Encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization • Pervasive security mechanisms: Trusted functionality, security labels, event detection, security audit trails, security recovery 7
Model for Network Security 1. Design a suitable algorithm for the security transformation 2. Generate the secret information (keys) used by the algorithm 3. Develop methods to distribute and share the secret information 4. Specify a protocol enabling the principals to use the transformation and secret information for a security service 8
Some Basic Terminology • plaintext - original message • ciphertext - coded message • cipher - algorithm for transforming plaintext to ciphertext • key - info used in cipher known only to sender/receiver • encipher (encrypt) - converting plaintext to ciphertext • decipher (decrypt) - recovering ciphertext from plaintext • cryptography - study of encryption principles/methods • cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key • cryptology - field of both cryptography and cryptanalysis
Symmetric Cipher Model
Requirements • two requirements for secure use of symmetric encryption: – a strong encryption algorithm – a secret key known only to sender / receiver • mathematically have: Y = EK(X) X = DK(Y) • assume encryption algorithm is known • implies a secure channel to distribute key
Classical Substitution Ciphers • where letters of plaintext are replaced by other letters or by numbers or symbols • or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns
Caesar Cipher • earliest known substitution cipher • by Julius Caesar • first attested use in military affairs • replaces each letter by 3rd letter on • example: meet me after the toga party PHHW PH DIWHU WKH WRJD SDUWB
Caesar Cipher • can define transformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C • mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 • then have Caesar cipher as: c = E(p) = (p + k) mod (26) p = D(c) = (c – k) mod (26)
Monoalphabetic Cipher • rather than just shifting the alphabet • could shuffle (jumble) the letters arbitrarily • each plaintext letter maps to a different random ciphertext letter • hence key is 26 letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
Playfair Cipher • not even the large number of keys in a monoalphabetic cipher provides security • one approach to improving security was to encrypt multiple letters • the Playfair Cipher is an example • invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair
Playfair Key Matrix • a 5X5 matrix of letters based on a keyword • fill in letters of keyword (sans duplicates) • fill rest of matrix with other letters • eg. using the keyword MONARCHY M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z
Encrypting and Decrypting • plaintext is encrypted two letters at a time 1. if a pair is a repeated letter, insert filler like 'X’ 2. if both letters fall in the same row, replace each with letter to right (wrapping back to start from end) 3. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom) 4. otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair
Polyalphabetic Ciphers • polyalphabetic substitution ciphers • improve security using multiple cipher alphabets • make cryptanalysis harder with more alphabets to guess and flatter frequency distribution • use a key to select which alphabet is used for each letter of the message • use each alphabet in turn • repeat from start after end of key is reached
One-Time Pad • if a truly random key as long as the message is used, the cipher will be secure • called a One-Time pad • is unbreakable since ciphertext bears no statistical relationship to the plaintext • since for any plaintext & any ciphertext there exists a key mapping one to other • can only use the key once though • problems in generation & safe distribution of key
Transposition Ciphers • now consider classical transposition or permutation ciphers • these hide the message by rearranging the letter order • without altering the actual letters used • can recognise these since have the same frequency distribution as the original text
Rail Fence cipher • write message letters out diagonally over a number of rows • then read off cipher row by row • eg. write message out as: m e m a t r h t g p r y e t e f e t e o a a t • giving ciphertext MEMATRHTGPRYETEFETEOAAT
Row Transposition Ciphers • a more complex transposition • write letters of message out in rows over a specified number of columns • then reorder the columns according to some key before reading off the rows Key: 3 4 2 1 5 6 7 Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
Block Cipher Principles • most symmetric block ciphers are based on a Feistel Cipher Structure • needed since must be able to decrypt ciphertext to recover messages efficiently • block ciphers look like an extremely large substitution • would need table of 264 entries for a 64-bit block • instead create from smaller building blocks • using idea of a product cipher
Confusion and Diffusion • diffusion – dissipates statistical structure of plaintext over bulk of ciphertext • confusion – makes relationship between ciphertext and key as complex as possible
Feistel Cipher Structure • Horst Feistel devised the feistel cipher – based on concept of invertible product cipher • partitions input block into two halves – process through multiple rounds which – perform a substitution on left data half – based on round function of right half & subkey – then have permutation swapping halves • implements Shannon’s S-P net concept
Feistel Cipher Design Elements • block size • key size • number of rounds • subkey generation algorithm • round function • fast software en/decryption • ease of analysis
Data Encryption Standard (DES) • most widely used block cipher in world • adopted in 1977 by NBS (now NIST) – as FIPS PUB 46 • encrypts 64-bit data using 56-bit key • has widespread use • has been considerable controversy over its security
DES History • IBM developed Lucifer cipher – by team led by Feistel in late 60’s – used 64-bit data blocks with 128-bit key • then redeveloped as a commercial cipher with input from NSA and others • in 1973 NBS issued request for proposals for a national cipher standard • IBM submitted their revised Lucifer which was eventually accepted as the DES
DES Round Structure • uses two 32-bit L & R halves • as for any Feistel cipher can describe as: Li = Ri–1 Ri = Li–1  F(Ri–1, Ki) • F takes 32-bit R half and 48-bit subkey: – expands R to 48-bits using perm E – adds to subkey using XOR – passes through 8 S-boxes to get 32-bit result – finally permutes using 32-bit perm P
DES Round Structure
Strength of DES Key Size • 56-bit keys have 256 = 7.2 x 1016 values • brute force search looks hard Analytic Attacks • differential cryptanalysis • linear cryptanalysis • related key attacks Timing Attacks • specifically use fact that calculations can take varying times depending on the value of the inputs to it
Block Cipher Design • basic principles still like Feistel’s in 1970’s • number of rounds – more is better, exhaustive search best attack • function f: – provides “confusion”, is nonlinear, avalanche – have issues of how S-boxes are selected • key schedule – complex subkey creation, key avalanche

More Related Content

PPTX
Symmetric Encryption Techniques
byDr. Kapil Gupta
 
PPT
Cns Chapter 2
byRam Dutt Shukla
 
PPTX
Overview on Cryptography and Network Security
byDr. Rupa Ch
 
PDF
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
byJAINAM KAPADIYA
 
PPT
Ch03
byssusere796b3
 
PPT
Classical Encryption Techniques in Network Security
bybabak danyal
 
PPT
Ch02
byssusere796b3
 
PDF
Classical encryption techniques
byDr.Florence Dayana
 
Symmetric Encryption Techniques
byDr. Kapil Gupta
 
Cns Chapter 2
byRam Dutt Shukla
 
Overview on Cryptography and Network Security
byDr. Rupa Ch
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
byJAINAM KAPADIYA
 
Ch03
byssusere796b3
 
Classical Encryption Techniques in Network Security
bybabak danyal
 
Ch02
byssusere796b3
 
Classical encryption techniques
byDr.Florence Dayana
 

What's hot

PDF
IS Unit 1_Conventional Encryption_Classical Encryption Techniques
bySarthak Patel
 
PPT
Cryptography and Network Security William Stallings Lawrie Brown
byInformation Security Awareness Group
 
PDF
A Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
byInformation Security Awareness Group
 
PPTX
Symmetric ciphermodel
bypriyapavi96
 
PPTX
Network security Encryption
byJoel Briza
 
PPT
Cryptography and Network Security
byRamki M
 
PPT
Classical Encryption
byShafaan Khaliq Bhatti
 
PPT
block ciphers
byAsad Ali
 
PDF
Block Ciphers and the Data Encryption Standard
byDr.Florence Dayana
 
PPTX
Classical encryption techniques
byJanani S
 
PPT
Ch03
byJoe Christensen
 
PPT
Ch03 block-cipher-and-data-encryption-standard
bytarekiceiuk
 
PPTX
Unit 2
byKRAMANJANEYULU1
 
PPTX
Secret key cryptography
byPrabhat Goel
 
PPT
Class3
byankitasinghbsc
 
PPT
Day5
byJai4uk
 
PPTX
Information and data security block cipher and the data encryption standard (...
byMazin Alwaaly
 
PPT
Chapter 3: Block Ciphers and the Data Encryption Standard
byShafaan Khaliq Bhatti
 
PPTX
Symmetric encryption
byDR RICHMOND ADEBIAYE
 
PPTX
Classical encryption techniques
byramya marichamy
 
IS Unit 1_Conventional Encryption_Classical Encryption Techniques
bySarthak Patel
 
Cryptography and Network Security William Stallings Lawrie Brown
byInformation Security Awareness Group
 
A Tutorial on Linear and Differential Cryptanalysis by Howard M. Heys
byInformation Security Awareness Group
 
Symmetric ciphermodel
bypriyapavi96
 
Network security Encryption
byJoel Briza
 
Cryptography and Network Security
byRamki M
 
Classical Encryption
byShafaan Khaliq Bhatti
 
block ciphers
byAsad Ali
 
Block Ciphers and the Data Encryption Standard
byDr.Florence Dayana
 
Classical encryption techniques
byJanani S
 
Ch03
byJoe Christensen
 
Ch03 block-cipher-and-data-encryption-standard
bytarekiceiuk
 
Unit 2
byKRAMANJANEYULU1
 
Secret key cryptography
byPrabhat Goel
 
Class3
byankitasinghbsc
 
Day5
byJai4uk
 
Information and data security block cipher and the data encryption standard (...
byMazin Alwaaly
 
Chapter 3: Block Ciphers and the Data Encryption Standard
byShafaan Khaliq Bhatti
 
Symmetric encryption
byDR RICHMOND ADEBIAYE
 
Classical encryption techniques
byramya marichamy
 

Similar to Cryptography Introduction

PPT
overview of cryptographic techniques
byShubham Jain
 
PPT
UNIT 2.ppt
byManoj
 
PDF
Cipher techniques
bysaqib1611
 
PPT
Cyptography and network security
byPriyanka Karancy
 
PPT
unit 2.ppt
byHetaDesai13
 
PDF
CNIT 125 Ch 4. Security Engineering (Part 2)
bySam Bowne
 
PPT
ICSE6104 Lecture bbbbbbbbbbbbbbbbbbbb 2.ppt
byDavid622220
 
PPTX
Cryptography, Cryptology, Encryption and types
bysowaibakhan3
 
PPT
EncryptionTechChap2.ppt
byrajirajesh8
 
PPT
classicalencryptiontechniques.ppt
byutsavkakkad1
 
PDF
CISSP Prep: Ch 4. Security Engineering (Part 2)
bySam Bowne
 
PDF
Network security CS2
byInfinity Tech Solutions
 
PPTX
Cns 1
byBhumikaPal1
 
PDF
Bt0088 cryptography and network security1
byTechglyphs
 
PPTX
Cryptography and Network security # Lecture 4
byKabul Education University
 
PPTX
Unit i
bytamil arasan
 
PDF
Classical Encryption Techniques in Cryptography
bygokona3855
 
PPTX
CISSP - Chapter 3 - Cryptography
byKarthikeyan Dhayalan
 
PPTX
MODULE1_CLASSICALENCRYPTIONTECHNIQUES.pptx
byShivakumar M
 
PPTX
NS UNIT 1 Advanced Encryption Standard& RSA
byAntonySuresh13
 
overview of cryptographic techniques
byShubham Jain
 
UNIT 2.ppt
byManoj
 
Cipher techniques
bysaqib1611
 
Cyptography and network security
byPriyanka Karancy
 
unit 2.ppt
byHetaDesai13
 
CNIT 125 Ch 4. Security Engineering (Part 2)
bySam Bowne
 
ICSE6104 Lecture bbbbbbbbbbbbbbbbbbbb 2.ppt
byDavid622220
 
Cryptography, Cryptology, Encryption and types
bysowaibakhan3
 
EncryptionTechChap2.ppt
byrajirajesh8
 
classicalencryptiontechniques.ppt
byutsavkakkad1
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
bySam Bowne
 
Network security CS2
byInfinity Tech Solutions
 
Cns 1
byBhumikaPal1
 
Bt0088 cryptography and network security1
byTechglyphs
 
Cryptography and Network security # Lecture 4
byKabul Education University
 
Unit i
bytamil arasan
 
Classical Encryption Techniques in Cryptography
bygokona3855
 
CISSP - Chapter 3 - Cryptography
byKarthikeyan Dhayalan
 
MODULE1_CLASSICALENCRYPTIONTECHNIQUES.pptx
byShivakumar M
 
NS UNIT 1 Advanced Encryption Standard& RSA
byAntonySuresh13
 

Recently uploaded

PDF
Beak Modifications by Dr. Ramzan Virani pptx.pdf
byDr. Ramzan Virani
 
PPTX
That long silence - Novel by Shashi Deshapande
bysanjanavaghela65
 
PDF
West Hatch High School - GCSE Media Specification
byWestHatch
 
PPTX
Day 2 ppt english.powerpoint presentation ppt
byJeahMaeMedez
 
PPTX
Definition of communication skills and it's process.
bypurvrajsinhsarvaiya0
 
PPTX
West Hatch High School -- GCSE Geography
byWestHatch
 
PPTX
Payment Follow-Up via WhatsApp in Odoo 18.1 Accounting
byCeline George
 
PDF
Risks and opportunities of artificial intelligence in education: A critical view
byYannis
 
PPTX
West Hatch High School - GCSE Media Studies
byWestHatch
 
PDF
Bishan_Singh_Presentation - Toba tek Singh
bygopalsinhchauhan9313
 
PDF
Darwinism: Theory of Natural Selection and Origin of Species
byIPGDCWA,NAMPALLY
 
PPTX
Exploring Higher education and its pathways
byEVAMAEBONGHANOY5
 
PDF
West Hatch High School - GCSE French Specification
byWestHatch
 
PPTX
Appreciations - Jan 26 01.pptxkjkjkkjkjkjkj
bypreetheshparmar
 
PDF
Information about Presentation strategies
bymansivaja18126
 
PPTX
Drugs modulating serotonergic system.pptx
byNorman Arockiaraj G
 
PPTX
Master of Punjabi Short Story "kartar singh duggal
bybhautikbharwad4
 
PPTX
Toba Tek Singh - Visualising Partition through Manto's Lens
bymiraljoshi48
 
PPTX
Reimagining Academic Library Services through Artificial Intelligence: A Case...
byDon Bosco College, Itanagar
 
PPTX
PREVENTIVE PEDIATRICS.pptx
byBANDITA PATRA
 
Beak Modifications by Dr. Ramzan Virani pptx.pdf
byDr. Ramzan Virani
 
That long silence - Novel by Shashi Deshapande
bysanjanavaghela65
 
West Hatch High School - GCSE Media Specification
byWestHatch
 
Day 2 ppt english.powerpoint presentation ppt
byJeahMaeMedez
 
Definition of communication skills and it's process.
bypurvrajsinhsarvaiya0
 
West Hatch High School -- GCSE Geography
byWestHatch
 
Payment Follow-Up via WhatsApp in Odoo 18.1 Accounting
byCeline George
 
Risks and opportunities of artificial intelligence in education: A critical view
byYannis
 
West Hatch High School - GCSE Media Studies
byWestHatch
 
Bishan_Singh_Presentation - Toba tek Singh
bygopalsinhchauhan9313
 
Darwinism: Theory of Natural Selection and Origin of Species
byIPGDCWA,NAMPALLY
 
Exploring Higher education and its pathways
byEVAMAEBONGHANOY5
 
West Hatch High School - GCSE French Specification
byWestHatch
 
Appreciations - Jan 26 01.pptxkjkjkkjkjkjkj
bypreetheshparmar
 
Information about Presentation strategies
bymansivaja18126
 
Drugs modulating serotonergic system.pptx
byNorman Arockiaraj G
 
Master of Punjabi Short Story "kartar singh duggal
bybhautikbharwad4
 
Toba Tek Singh - Visualising Partition through Manto's Lens
bymiraljoshi48
 
Reimagining Academic Library Services through Artificial Intelligence: A Case...
byDon Bosco College, Itanagar
 
PREVENTIVE PEDIATRICS.pptx
byBANDITA PATRA
 

Cryptography Introduction

  • 1.
    P.INDURANI ASSISTANT PROFESSOR &HEAD DEPARTMENT OF COMPUTER SCIENCE PARVATHY’S ARTS AND SCIENCE COLLEGE DINDIGUL 11 CRYPTOGRAPHY AND NETWORK SECURITY
  • 2.
    UNIT I • ComputerSecurity - generic name for the collection of tools designed to protect data and to thwart hackers • Network Security - measures to protect data during their transmission • Internet Security - measures to protect data during their transmission over a collection of interconnected networks 2
  • 3.
    Security Architecture • SecurityAttack • Security Mechanism • Security Service 3
  • 4.
    Security Attack • compromisesthe security of information owned by an organization • information security is about how to prevent attacks, or failing that, to detect attacks on information- based systems • Generic types of attacks – Passive: To obtain information that is being transmitted. – Active: Involves some modification of the data stream. 4
  • 5.
    Security Attack Passive Attack •Release of message contents: tansferred file that contain confidential information • Traffic analysis: masking the contents of message Active Attack • Masquerade: captured and replayed after a valid authentication sequence • Replay: retransmission to produce an unauthorized effect • Modification of messages: altered, delayed, reordered to produce an unauthorized effect • Denial of service: to specific target 5
  • 6.
    Security Services Service providedby a protocol layer of communicating open systems • Authentication – assuring communication is authentic • Peer entity: times duration the data transfer phase of a connection • Data origin: protection against the duplication or modification of data unit • Access control – ability to limit and control the access • Data confidentiality – protection of transmitted data from passive attacks • Data integrity – stream of message 6
  • 7.
    Security Mechanisms • Specificsecurity mechanisms: Encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization • Pervasive security mechanisms: Trusted functionality, security labels, event detection, security audit trails, security recovery 7
  • 8.
    Model for NetworkSecurity 1. Design a suitable algorithm for the security transformation 2. Generate the secret information (keys) used by the algorithm 3. Develop methods to distribute and share the secret information 4. Specify a protocol enabling the principals to use the transformation and secret information for a security service 8
  • 9.
    Some Basic Terminology •plaintext - original message • ciphertext - coded message • cipher - algorithm for transforming plaintext to ciphertext • key - info used in cipher known only to sender/receiver • encipher (encrypt) - converting plaintext to ciphertext • decipher (decrypt) - recovering ciphertext from plaintext • cryptography - study of encryption principles/methods • cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key • cryptology - field of both cryptography and cryptanalysis
  • 10.
  • 11.
    Requirements • two requirementsfor secure use of symmetric encryption: – a strong encryption algorithm – a secret key known only to sender / receiver • mathematically have: Y = EK(X) X = DK(Y) • assume encryption algorithm is known • implies a secure channel to distribute key
  • 12.
    Classical Substitution Ciphers •where letters of plaintext are replaced by other letters or by numbers or symbols • or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns
  • 13.
    Caesar Cipher • earliestknown substitution cipher • by Julius Caesar • first attested use in military affairs • replaces each letter by 3rd letter on • example: meet me after the toga party PHHW PH DIWHU WKH WRJD SDUWB
  • 14.
    Caesar Cipher • candefine transformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C • mathematically give each letter a number a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 • then have Caesar cipher as: c = E(p) = (p + k) mod (26) p = D(c) = (c – k) mod (26)
  • 15.
    Monoalphabetic Cipher • ratherthan just shifting the alphabet • could shuffle (jumble) the letters arbitrarily • each plaintext letter maps to a different random ciphertext letter • hence key is 26 letters long Plain: abcdefghijklmnopqrstuvwxyz Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
  • 16.
    Playfair Cipher • noteven the large number of keys in a monoalphabetic cipher provides security • one approach to improving security was to encrypt multiple letters • the Playfair Cipher is an example • invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair
  • 17.
    Playfair Key Matrix •a 5X5 matrix of letters based on a keyword • fill in letters of keyword (sans duplicates) • fill rest of matrix with other letters • eg. using the keyword MONARCHY M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z
  • 18.
    Encrypting and Decrypting •plaintext is encrypted two letters at a time 1. if a pair is a repeated letter, insert filler like 'X’ 2. if both letters fall in the same row, replace each with letter to right (wrapping back to start from end) 3. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom) 4. otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair
  • 19.
    Polyalphabetic Ciphers • polyalphabeticsubstitution ciphers • improve security using multiple cipher alphabets • make cryptanalysis harder with more alphabets to guess and flatter frequency distribution • use a key to select which alphabet is used for each letter of the message • use each alphabet in turn • repeat from start after end of key is reached
  • 20.
    One-Time Pad • ifa truly random key as long as the message is used, the cipher will be secure • called a One-Time pad • is unbreakable since ciphertext bears no statistical relationship to the plaintext • since for any plaintext & any ciphertext there exists a key mapping one to other • can only use the key once though • problems in generation & safe distribution of key
  • 21.
    Transposition Ciphers • nowconsider classical transposition or permutation ciphers • these hide the message by rearranging the letter order • without altering the actual letters used • can recognise these since have the same frequency distribution as the original text
  • 22.
    Rail Fence cipher •write message letters out diagonally over a number of rows • then read off cipher row by row • eg. write message out as: m e m a t r h t g p r y e t e f e t e o a a t • giving ciphertext MEMATRHTGPRYETEFETEOAAT
  • 23.
    Row Transposition Ciphers •a more complex transposition • write letters of message out in rows over a specified number of columns • then reorder the columns according to some key before reading off the rows Key: 3 4 2 1 5 6 7 Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
  • 24.
    Block Cipher Principles •most symmetric block ciphers are based on a Feistel Cipher Structure • needed since must be able to decrypt ciphertext to recover messages efficiently • block ciphers look like an extremely large substitution • would need table of 264 entries for a 64-bit block • instead create from smaller building blocks • using idea of a product cipher
  • 25.
    Confusion and Diffusion •diffusion – dissipates statistical structure of plaintext over bulk of ciphertext • confusion – makes relationship between ciphertext and key as complex as possible
  • 26.
    Feistel Cipher Structure •Horst Feistel devised the feistel cipher – based on concept of invertible product cipher • partitions input block into two halves – process through multiple rounds which – perform a substitution on left data half – based on round function of right half & subkey – then have permutation swapping halves • implements Shannon’s S-P net concept
  • 27.
    Feistel Cipher DesignElements • block size • key size • number of rounds • subkey generation algorithm • round function • fast software en/decryption • ease of analysis
  • 28.
    Data Encryption Standard(DES) • most widely used block cipher in world • adopted in 1977 by NBS (now NIST) – as FIPS PUB 46 • encrypts 64-bit data using 56-bit key • has widespread use • has been considerable controversy over its security
  • 29.
    DES History • IBMdeveloped Lucifer cipher – by team led by Feistel in late 60’s – used 64-bit data blocks with 128-bit key • then redeveloped as a commercial cipher with input from NSA and others • in 1973 NBS issued request for proposals for a national cipher standard • IBM submitted their revised Lucifer which was eventually accepted as the DES
  • 30.
    DES Round Structure •uses two 32-bit L & R halves • as for any Feistel cipher can describe as: Li = Ri–1 Ri = Li–1  F(Ri–1, Ki) • F takes 32-bit R half and 48-bit subkey: – expands R to 48-bits using perm E – adds to subkey using XOR – passes through 8 S-boxes to get 32-bit result – finally permutes using 32-bit perm P
  • 31.
  • 32.
    Strength of DES KeySize • 56-bit keys have 256 = 7.2 x 1016 values • brute force search looks hard Analytic Attacks • differential cryptanalysis • linear cryptanalysis • related key attacks Timing Attacks • specifically use fact that calculations can take varying times depending on the value of the inputs to it
  • 33.
    Block Cipher Design •basic principles still like Feistel’s in 1970’s • number of rounds – more is better, exhaustive search best attack • function f: – provides “confusion”, is nonlinear, avalanche – have issues of how S-boxes are selected • key schedule – complex subkey creation, key avalanche