The document discusses the history and concepts of cryptography. It covers: 1) Cryptography is the science of secret codes and involves both encrypting messages and trying to break codes. 2) Modern cryptography uses both symmetric encryption, which uses the same key to encrypt and decrypt, and asymmetric encryption, which uses different public and private keys. 3) Key challenges include securely distributing keys and making encryption algorithms that are easy to use but difficult to break without the key.

1. THE INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA SUBMITTED BY: PARUL MEHRA NRO0192077 INFORMATION TECHNOLOGY TRAINING SUBMITTED TO: MR. ROHIT SHARMA MR. SATISH KUMAR ITT CENTRE AMRITSAR

2. A PROJECT REPORT ON CRYPTOGRAPHY

3. Cryptography

4. What is Cryptography? “ hidden writing” Until recently: military tool Like any military technology: methods change over time Two sides: designing codes breaking codes (cryptanalysis) Computers have changed both

5. Brief History of Cryptography What is Cryptography? Science of writing secret code The first use of cryptography in 1900 B.C. Used by Egyptian scribe Some experts say it appeared right after writing was invented

6. Crypto Terms Cryptography – art/science relating to encrypting, decrypting information Cryptanalysis – art/science relating to converting cipher text to plaintext without the (secret) key Link encryption – the individual application of encryption to data on each link of network End to end encryption – the encryption of data from source system to end system

7. Cryptography Broken Down Two kinds of cryptosystems: Symmetric Uses the same key (the secret key) to encrypt and decrypt a message. Asymmetric Uses one key (the public key) to encrypt a message and a different key (the private key) to decrypt the message.

8. Symmetric Cryptosystem The message: The sender and receiver know and use the same secret key. The sender uses the secret key to encrypt the message. The receiver uses the same secret key to decrypt the message.

9. Symmetric Cryptosystem

10. Symmetric Challenge Main challenge: Agreeing on the key while maintaining secrecy. Trusting a phone system or some transmission medium. The interceptor can read, modify, and forge all messages

11. Key Management The generation, transmission, and storage of a key. All cryptosystems must deal with key management issues Because all keys must remain secret there is often difficulty providing secure key management.

12. Introduction of the Public Key Created to solve key management problems. Created by Whitfield Diffie and Martin Hellman in 1976. Also called asymmetric system. Encryption key: public key Decryption key: private key

13. Public Key Infrastructure

14. Idea behind Public Key B publishes design specs for a padlock A wants to send B a box A builds a B padlock, locks the box B unlocks box using his key E intercepts box, knows design specs Goal: E still can’t build a key Padlock = trapdoor one-way function

15. Public Key Cryptography A wants to talk to B: computes key X A sends B f B ( X ) (B’s function) B computes f B -1 ( f B ( X )) = X Both A and B know X , use as key for symmetric encryption E knows f B ( X ); can’t compute X Asymmetric encryption Whitfield Diffie, 1975

16. Cryptanalysis Terms Clipertext – only attack – attacter-attempts to decrypt cliphertext. Known-plaintext attack – attacter-attempts to decrypt cliphertext knowledge of some plaintext. Chosen-plaintext attack – attacter-attempts obtains cliphertext corresponding to selected plaintext .

17. Crypto System Properties Encryption/decryption transformations must be efficient for all keys. System must be easy to use. The security of the system should depend ONLY on the secrecy of the keys and not on the secrecy of the encryption/decryption transformation.

18. Secrecy Requirements If cipher text and plaintext are known, it should be computationally infeasible to determine the deciphering algorithm. It should be computationally infeasible to systematically determine plaintext from intercepted cipher text.

19. Authenticity Requirements If cipher text and plaintext are known, it should be computationally infeasible to determine the deciphering algorithm. It should be computationally infeasible to find valid cipher text .

20. Digital Encryption Standard(DES) Developed by IBM in 1972. Never approved for national security applications 64-bit plain & cipher text block size. 56-bit true key plus 8 parity bits. Single chip implementation. 16 rounds transpositions & substitutions. Symmetric , private key.

21. Applications of DES Double DES Effective key length of 112 bits. Work factor about the same as single DES. Triple DES encrypt with first key. decrypt with second key. encrypt with first key. very secure.

22. How do We Encrypt? Protocol, or scheme: method of encryption Cryptovariable, or key: secret information Symmetric encryption: decryption is the same cryptovariable ciphertext plaintext protocol

23. How could we break this? Case I: we don’t know the protocol Hard problem in cryptanalysis “ Clark Kent” effect Case II: we know the protocol Need to guess the cryptovariable Only 26 possibilities

24. Substitution Cipher Allow any permutation of the alphabet Key = permutation; 26! possibilities 26! = 403,291,461,126,605,635,584,000,000 Roughly 2 88 : checking 1 billion per second, would take 12 billion years Is there a better way? Al-Kindi, ninth century: frequency analysis

25. The Perfect Cryptosystem One-time pad: encrypt each letter with its own key -Example: Caesar shift each letter separately C i = P i + K i (mod 26) To encrypt n bits, use n bits of key This uses up lots of key bits; need to prearrange How do you generate key bits?

26. Enigma Machine German cryptosystem in World War II Same idea: modify letters Scrambler disks implement permutation Rotate after each letter, so many different permutations used Additional permutation provided by plugboard

27. Enigma Key Key changed daily 3 scramblers in one of 6 orders -In 1938: 3 of 5, so 60 arrangements 26 3 = 17,576 settings for scramblers Billions of plug board settings Alan Turing: bypassed plug board Used known plaintext, exhausted over space British were able to read traffic

28. Modern Symmetric Cryptography Assume the protocol is known to the enemy Only the key is secret Encryption, cryptanalysis use computers Operate on bits, rather than letters DES, AES Open standards; let everyone try to break it Closed design often fails (cell phones)

29. Key Distribution Secure communication requires a key How do you exchange keys securely? Military: codebooks in field could fall into enemy hands Commerce: might not meet face-to-face Seems to be a Catch-22

30. Paradigm Shift A wants to mail B a letter securely If they share a “key”, A locks, B unlocks If not: A puts on padlock, sends box to B B adds his padlock, sends box back to A A removes her padlock, sends box to B B unlocks box, reads letter Problem: how to translate this to mathematics

31. A, B agree on information Y A computes A(Y) Mails it to B B computes B(Y) Mails it to A Alcomputes A(B(Y)) B computes B(A(Y)) A(B(Y)) = B(A(Y)) = secret key “ E” knows Y, A(Y), B(Y), but can’t compute key Problem: how do you make A(B(Y)) = B(A(Y))?

32. Diffie-Hellman-Merkle (1976) Modular Arithmetic Choose Y , modulus p A’s function is Y A (mod p ) B’s function is Y B (mod p ) Key is Y AB  Y BA (mod p ) E can’t compute Y AB from Y , Y A , Y B We think (no one can prove it) One problem: must communicate to get key

33. One-way Functions Easy to compute, hard to reverse Example: f ( A ) = Y A (mod p ) f -1 ( Y A ) is called “discrete log” Hard to compute (we think) Could always do exhaustive search Here, there are p -1 choices

34. Cryptographic Primitives Building blocks for algorithms -Example: one-way functions Protocols built out of primitives -Example: Diffie-Hellman-Merkle Protocols built out of other protocols -Example: Use Diffie-Hellman to exchange key

35. Trapdoor One-Way Functions Another useful primitive f ( X ) is easy to compute f -1 ( Y ) is hard for most people to compute But: easy to compute if you know a secret There are trapdoor one-way functions Found by Rivest-Shamir-Adleman, 1977 Rely on difficulty of factoring large integers

36. Digital Signature Scheme A wants to send B a message, sign it A sends B X and S = f A -1 ( X ) B checks that f A ( S ) = X Therefore B knows that S = f A -1 ( X ) Only A can compute f A -1 ( X ) easily, so A must have sent the message Same primitive, new protocol

37. Digital Signature Process

38. Revolution New ideas made cryptography an option for commerce PCs gave everyone computing power Zimmerman’s PGP: gave everyone access SSL in web browsers

39. Quantum Computation Computers revolutionized cryptographic design and cryptanalysis Quantum computers may one day do the same Quantum key exchange: guaranteed secure A quantum computer could factor large integers in polynomial time

40. THANK YOU