This document provides an overview of symmetric and asymmetric cryptography. Symmetric cryptography uses the same key for encryption and decryption, while asymmetric cryptography uses different keys. The Merkle-Hellman knapsack cryptosystem was one of the earliest public key systems, but it was broken. The RSA algorithm uses a public/private key pair to encrypt and decrypt messages securely. DES was developed as a standard for encrypting sensitive data.

1. CHAPTER 3CHAPTER 3
SECURE ENCRYPTION SYSTEMSSECURE ENCRYPTION SYSTEMS

2. IntroductionIntroduction
 There are two main types of cryptography:There are two main types of cryptography:
 symmetric (secret key) cryptographysymmetric (secret key) cryptography
 asymmetric (public key) cryptographyasymmetric (public key) cryptography

3. Symmetric (Secret Key)Symmetric (Secret Key)
CryptographyCryptography
Symmetric (secret key) cryptographySymmetric (secret key) cryptography
 Data is encrypted using a key.Data is encrypted using a key.
 The same key must be use to decrypt the data.The same key must be use to decrypt the data.
 The security of a symmetric cryptography rests in theThe security of a symmetric cryptography rests in the
key.key.
 Divulging the key - anyone could encrypt and decryptDivulging the key - anyone could encrypt and decrypt
the message.the message.
 Example : Data Encryption Standard (DES)Example : Data Encryption Standard (DES)

4. Symmetric (Secret Key)Symmetric (Secret Key)
CryptographyCryptography
Problem with Symmetric CryptographyProblem with Symmetric Cryptography
(Distribution of Keys)(Distribution of Keys)
 The main problem is getting the sender and receiverThe main problem is getting the sender and receiver
agree on the secret key without anyone else finding out.agree on the secret key without anyone else finding out.
 If they are in separate physical locations, they must trustIf they are in separate physical locations, they must trust
a courier or a phone system or some other transmissiona courier or a phone system or some other transmission
medium to prevent the disclosure of the secret key beingmedium to prevent the disclosure of the secret key being
communicated.communicated.
 Anyone who overhears or intercepts the key in transitAnyone who overhears or intercepts the key in transit
can later read, modify and forge all messages encryptedcan later read, modify and forge all messages encrypted
using that key.using that key.

5. Asymmetric (Public Key)Asymmetric (Public Key)
CryptographyCryptography
Asymmetric (public key) cryptographyAsymmetric (public key) cryptography
 Different keys used for encryption and decryptionDifferent keys used for encryption and decryption
 The ciphering algorithm are called the public keyThe ciphering algorithm are called the public key
algorithms becausealgorithms because one of the keys used can beone of the keys used can be
made publicmade public..
 Example : a complete stranger can use theExample : a complete stranger can use the publicpublic
encryption key to encryptencryption key to encrypt a message but only aa message but only a
specific person with the correspondingspecific person with the corresponding secretsecret
decryption key can decrypt the messagedecryption key can decrypt the message..
 In these systems, the encryption key is often calledIn these systems, the encryption key is often called
the public key and the decryption key is often calledthe public key and the decryption key is often called
the private key.the private key.
 Example : RSAExample : RSA

6. Asymmetric (Public Key)Asymmetric (Public Key)
CryptographyCryptography
Concern about public key algorithm:Concern about public key algorithm:
 The concern covers three categories:The concern covers three categories:
 Fortitude in providing unbreakable securityFortitude in providing unbreakable security
 PracticalityPracticality
 ApplicabilityApplicability
 Many of the algorithms are insecureMany of the algorithms are insecure
 Among secure algorithm, many are impractical –Among secure algorithm, many are impractical –
key size too large or ciphertext is much larger thankey size too large or ciphertext is much larger than
plaintextplaintext
 Only few algorithms are both secure and practical :Only few algorithms are both secure and practical :
 Some are only suitable for key distributionSome are only suitable for key distribution
 Some are only suitable for encryptionSome are only suitable for encryption

7. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
 One of the earliest public key cryptosystem invented byOne of the earliest public key cryptosystem invented by
Ralph Merkle and Martin Hellman in 1978.Ralph Merkle and Martin Hellman in 1978.
 Is based on theIs based on the subset sum problemsubset sum problem (a special case of the(a special case of the
knapsack problemknapsack problem): given a list of numbers and a third): given a list of numbers and a third
number, which is the sum of a subset of these numbers,number, which is the sum of a subset of these numbers,
determine the subset.determine the subset.
 In general, this problem is known to beIn general, this problem is known to be NP-completeNP-complete;;
however, there are some 'easy' instances which can behowever, there are some 'easy' instances which can be
solved efficiently.solved efficiently.
 However, the scheme was broken by Adi Shamir, not byHowever, the scheme was broken by Adi Shamir, not by
attacking the knapsack problem, but rather by breaking theattacking the knapsack problem, but rather by breaking the
conversion from an easy knapsack to a hard one.conversion from an easy knapsack to a hard one.

8. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
 What is a knapsack problem?What is a knapsack problem?
 Given N = {17, 38, 73, 4, 11, 1}
 Find a subset of N whose elements adds up to 53.
 Is it 73? No!
 How about 17? If 17, the balance would be 36 and therefore it
cannot be 17.
 38? 53 - 38 = 15 = 4 + 11.
 Therefore {38, 11, 4} is the solution
 Generally to solve it, what it needs is an NP-Complete
complexity, exponential time behavior in term off the size
of the problem, in this case the number of integers.
 needs to backtrack, discard etc….

9. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
 The scheme is to encode a binary message as a
solution to a knapsack problem, reducing the
ciphertext to the target sum obtained by adding terms
corresponding to 1s in the plaintext.
PlaintextPlaintext 11 00 11 00 00 11 00 11 11 00 11 00
KnapsackKnapsack 11 22 55 99 2020 4343 11 22 55 99 2020 4343
 Target Sum = 1 + 5 + 43 2 + 5 + 20
= 49 = 27

10. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Superincreasing Knapsack
 When the elements of the set are arranged strictly such
that
ak > Σ aj from j = 1 to k-1
the knapsack problem becomes simpler This kind of
arrangement are called superincreasing.
 Example: Set of {1, 4, 11, 17, 38, 73}
 Because the elements are ordered, and an element ai is
always > sum of all the lower elements, it is easy to
decide whether to discard or to include.

11. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Encryption Technique
 It is a public-key cryptosystem:
 public key : is the set of integers of a knapsack problem
(non-superincreasing knapsack – NSI)
 private key : is the corresponding superincreasing
knapsack - SI
 Genius of Merkle Hellman was to discover a means
to transform an SI knapsack to NSI knapsack.
 The transformation is not obvious but reversible.

12. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Transforming SI (Superincreasing) to NSI (Non – Superincreasing)
 Let s = {s1, s2, s3, ……sM}. Choose a multiplier w and a
modulus n such that
n > sM
(w, n) is relatively prime (no common factor)
 Then h = {h1, h2, h3, ……hM} such that
h1 = w * s1 mod n, h2 = w * s2 mod n, and so on.

13. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Example of transforming SI to NSIExample of transforming SI to NSI
Suppose s = {1, 2, 4, 9} and suppose w = 15
and n = 17
1 * 15 mod 17 = 15
2 * 15 mod 17 = 13
4 * 15 mod 17 = 9
9 * 15 mod 17 = 16
So H = {15, 13, 9, 16} and this is NSI.

14. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Example (Encrypt Process)
 Given S = {1, 2, 4, 9} (private key) and H = {15,
13, 9, 16} (public key) with w = 15, n = 17 and m
= 4 (divide the block into m bits). Message is
0100 1011 1010 0101.
 With H = {15, 13, 9, 16} the message is encoded
as follows:
[0 1 0 0] * [15, 13, 9, 16] = 13
[1 0 1 1] * [15, 13, 9, 16] = 40
[1 0 1 0] * [15, 13, 9, 16] = 24
[0 1 0 1] * [15, 13, 9, 16] = 29

15. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Example Decryption Process
 To decrypt, we first need to find the inverse of
15 mod 17 and this is equal to 8. Multiply all the
encrypted message C with 8 mod 17 to get the
sum si.
 Note :
S = {1, 2, 4, 9} (private key)
13 * 8 mod 17 = 2 = [0100]
40 * 8 mod 17 = 14 = [1011]
24 * 8 mod 17 = 5 = [1010]
29 * 8 mod 17 = 11 = [0101]
 The recovered message is 0100101110100101

16. Merkle-Hellman KnapsackMerkle-Hellman Knapsack
Inverse 15 mod 17Inverse 15 mod 17
15 * y mod 17 = 115 * y mod 17 = 1
15 * 1 mod 17 = 15 mod 17 = 1515 * 1 mod 17 = 15 mod 17 = 15
15 * 2 mod 17 = 30 mod 17 = 1315 * 2 mod 17 = 30 mod 17 = 13
15 * 3 mod 17 = 45 mod 17 = 1115 * 3 mod 17 = 45 mod 17 = 11
15 * 4mod 17 = 60 mod 17 = 915 * 4mod 17 = 60 mod 17 = 9
15 * 5 mod 17 = 75 mod 17 = 715 * 5 mod 17 = 75 mod 17 = 7
15 * 6 mod 17 = 80 mod 17 = 515 * 6 mod 17 = 80 mod 17 = 5
15 * 7 mod 17 = 105 mod 17 = 315 * 7 mod 17 = 105 mod 17 = 3
15 * 8 mod 17 = 120 mod 17 = 115 * 8 mod 17 = 120 mod 17 = 1

17. RSA AlgorithmRSA Algorithm
The RSA algorithm is named after Ron
Rivest, Adi Shamir and Leonard Adleman
who invented it in 1977.
The RSA algorithm can be used for both
public key encryption and digital
signatures (authentication).

18. RSA AlgorithmRSA Algorithm
 In RSA algorithm, there are 3 importantIn RSA algorithm, there are 3 important
steps:steps:
Key generation algorithmKey generation algorithm
EncryptionEncryption
DecryptionDecryption

19. RSA AlgorithmRSA Algorithm
Key Generation AlgorithmKey Generation Algorithm
 Generate two large random primes, p and q ofGenerate two large random primes, p and q of
approximately equal size such that their product n = pq isapproximately equal size such that their product n = pq is
of the required bit length (e.g: 1024 bits)of the required bit length (e.g: 1024 bits)
 Compute n = pq andCompute n = pq and phiphi ((ΦΦ) = (p-1) (q-1)) = (p-1) (q-1)
 Choose an integer e, 1< e < phi, such that gcd (e, phi) = 1Choose an integer e, 1< e < phi, such that gcd (e, phi) = 1
 Compute the secret exponent d, 1 < d < phi, such thatCompute the secret exponent d, 1 < d < phi, such that
ed = 1 (mod phi)ed = 1 (mod phi)
The public key is (n, e) and the private key is (n, d)The public key is (n, e) and the private key is (n, d)

20. RSA AlgorithmRSA Algorithm
Encryption processEncryption process
 Obtains the recipient B’s public key (n, e)Obtains the recipient B’s public key (n, e)
 Represent the plaintext message asRepresent the plaintext message as
positive integer m.positive integer m.
 Compute the ciphertext c = mCompute the ciphertext c = mee
mod nmod n
 Sends the ciphertext c to B (recipient)Sends the ciphertext c to B (recipient)

21. RSA AlgorithmRSA Algorithm
Decryption processDecryption process
Recipient B does the following:
Uses his private key (n, d) to compute
m = cd
mod n
Extracts the plaintext from the integer
representative m.

22. RSA AlgorithmRSA Algorithm
Example :
Key Generation:
 Let p = 11, q = 13, so
n = p*q = 143
(ΦΦ) = (p-1)(q-1) = 10 * 12 = 120
 Choose e relatively prime to (ΦΦ), say e = 11
e * d mod ΦΦ = 1
11 * d mod 120 = 1
Therefore d = 11
 Now we know : Public key ( e = 11, n = 143)
: Private key (d = 11)
p & q – prime number
n = p * q
(ΦΦ) = (p-1) (q-1)
e, n public key
d private key

23. RSA AlgorithmRSA Algorithm
Example :
Encryption process:
 If plaintext m = 7,
C = me
mod n
711 mod 143 = 106
Decryption process:
 To decrypt, since c = 106
 m = cd
mod n = 10611
mod 143 = 7

24. RSA AlgorithmRSA Algorithm
How do you calculate 711
mod 143 = 106??
711
mod 143 =
74
mod 143 * 74
mod 143 * 72
mod 143 * 71
mod 143
= 113 * 113 * 49 * 7 (mod 143)
= 12769 * 343 (mod 143)
= 42 * 57 (mod 143)
= 2394 mod 143
= 106

25. DES (Data Encryption Standard)DES (Data Encryption Standard)
 Invented by a team (led by Walter Tuchman)
based on a concept originated by Horst Feistel
of IBM and known as Lucifer
 Its proper name is DEA (Data Encryption
Algorithm) in US and DEA1 in other countries.
 Mandated for encryption by all federal agencies
for sensitive data.
 When used for communication, both sender and
receiver must know the same secret key, which
can be used to encrypt and decrypt the message

26. DES (Data Encryption Standard)DES (Data Encryption Standard)
DES CharacteristicsDES Characteristics
 Symmetric Encryption
 Combination of substitution technique and transposition
technique.
 Provide confusion by systematically substituting some
bit patterns for others.
 Provide diffusion by reordering bits.
 Uses only standard arithmetic and logical operations.
 Plaintext is encrypted in blocks of 64 bits
 56-bit key - Choosing 56 bits also allowed DES to be
implemented on a single chip
 64-bit key-block (8 parity bits embedded)

27. DES (Data Encryption Standard)DES (Data Encryption Standard)
 Refer to your extra notes !Refer to your extra notes !

28. DES (Data Encryption Standard)DES (Data Encryption Standard)
Decryption
One advantage of DES is that decryption
is essentially the same as encryption.
The key schedule is reversed.
This is due to the fact that DES is based
on a Feistel network.

29. DES Weak Keys
• Because of the way the key is modified at each round to get the
sub-key, certain keys are weak keys.
• Weak keys are those which are unmodified at each round, because
they contain all 1’s or all 0’s in each half of the key.
Weak Key 64-bit value Actual subkey values after
(with parity) initial permutation (2x28)
0101 0101 0101 0101 00000000 00000000
1F1F 1F1F 1F1F 1F1F 00000000 FFFFFFFF
E0E0 E0E0 E0E0 E0E0 FFFFFFFF 00000000
FEFE FEFE FEFE FEFE FFFFFFFF FFFFFFFF

30. DES Semi-Weak Keys
• Some pairs of keys will encrypt a given plaintext to the same
ciphertext.
• This is because they yeild only two different subkeys, each of
which is used 8 times in the algorithm.
• These pairs are known as semi-weak keys
01FE 01FE 01FE 01FE FE01 FE01 FE01 FE01
1FE0 1FE0 1FE0 1FE0 E01F E01F E01F E01F
01E0 01E0 01E0 01E0 E001 E001 E001 E001

31. Security of DES
• There have been two major points of criticism about DES :
– key size is too small,
– the S-boxes contained secret design criteria.
• With advances in the field of cryptanalysis and the huge
increase in available computing power, DES is no longer
considered to be very secure.

32. Triple-DES Algorithm
• Triple-DES is a secure variation of the Data Encryption Standard
first developed by IBM, and later in 1977 adopted by the
U.S.government.
• Triple-DES is a 192 bit (24 characters) cipher that uses three
separate 64 bit keys and encrypts data using the DES algorithm
three times. ABI- CODER uses a variation that takes a single 192
bit (24 characters) key and then;
– encrypts data using first 64 bits (8 characters)
– decrypts same data using second 64 bits (8 characters)
– encrypts same data using the last 64 bits (8 characters)

33. Triple DES

34. 3 or 2 Keys?

35. Security of DESSecurity of DES
 1997 – 3500 machines parallel infer a1997 – 3500 machines parallel infer a
DES key in four month.DES key in four month.
 1998 - $100,000; researchers built ‘DES1998 - $100,000; researchers built ‘DES
cracker’ – DES key in four days.cracker’ – DES key in four days.
 DES secure? – great deal of cooperationDES secure? – great deal of cooperation
& money. 3 DES still beyond the power of& money. 3 DES still beyond the power of
these attacks.these attacks.

36. New algorithmNew algorithm
 Increasing power of computer, USIncreasing power of computer, US
National Institute of Standards andNational Institute of Standards and
Technology began the search for new,Technology began the search for new,
strong algorithm in 1995.strong algorithm in 1995.
 Many participated (15 -> 5).Many participated (15 -> 5).
 Based on not just security but also costBased on not just security but also cost
(efficiency) & ease of implementation.(efficiency) & ease of implementation.
 Winner – Rijndael a.k.a AdvancedWinner – Rijndael a.k.a Advanced
Encryption Standard (AES).Encryption Standard (AES).

37. DesignDesign
 UnclassifiedUnclassified
 Publicly disclosedPublicly disclosed
 Available royalty-fee worldwideAvailable royalty-fee worldwide
 Symmetric block cipher algorithms (128Symmetric block cipher algorithms (128
bits)bits)
 Usable with key size 128, 192, and 256Usable with key size 128, 192, and 256
bitsbits

38. AES (Rijndael)AES (Rijndael)
 Created by Vincent Rijmen & JoanCreated by Vincent Rijmen & Joan
Daemen (Dutch cryptographers).Daemen (Dutch cryptographers).
 Adopted for use by US government in DecAdopted for use by US government in Dec
2001.2001.
 Fast on simple processors.Fast on simple processors.
 Repeat cycles.Repeat cycles.
 10, 12, 14 cycles for keys of 128, 192 and10, 12, 14 cycles for keys of 128, 192 and
256 bits.256 bits.

39. AES cycle (round)AES cycle (round)
 Byte substitution – S-box substituting 128-Byte substitution – S-box substituting 128-
bit block.bit block.
 Shift row – Transposition.Shift row – Transposition.
 Mix column – left shift & XOR.Mix column – left shift & XOR.
 Add Subkey – subkey XORed with cycle.Add Subkey – subkey XORed with cycle.

40. -THE END-THE END-
Summary / Discussion time!Summary / Discussion time!