SlideShare a Scribd company logo

Cryptography

Download as PPT, PDF
Suhepi Saputri
Suhepi Saputri

Cryptography

EducationTechnology
1 of 31
Introduction to CryptographyIntroduction to Cryptography --- Foundations of information security ------ Foundations of information security --- Lecture 7Lecture 7
CSE2500 System Security and Privacy 2 OutlineOutline Why study cryptologyWhy study cryptology?? Basic terms, notations and structure ofBasic terms, notations and structure of cryptographycryptography Private & public key cryptography examplesPrivate & public key cryptography examples Modern secret key ciphers : usage andModern secret key ciphers : usage and methodologymethodology Encryption and possible attacksEncryption and possible attacks Secret key ciphers designSecret key ciphers design Slides 23 to 26 for additional informationSlides 23 to 26 for additional information (and reading)(and reading)
CSE2500 System Security and Privacy 3 Why Study cryptology(1)Why Study cryptology(1) A B Intruder Communications security
CSE2500 System Security and Privacy 4 Why Study cryptology(2)Why Study cryptology(2) Customer Merchant TTP Electronic Commerce Security
CSE2500 System Security and Privacy 5 Why Study cryptology(3)Why Study cryptology(3) A B LEA Law enforcement
CSE2500 System Security and Privacy 6 The Basic ProblemThe Basic Problem We consider theWe consider the confidentialityconfidentiality goal:goal: Alice and Bob are FriendsAlice and Bob are Friends Marvin is a rivalMarvin is a rival Alice wants to send secret messages (MAlice wants to send secret messages (M11,M,M22,…),…) to Bob over the Internetto Bob over the Internet Rival Marvin wants to read the messages (MRival Marvin wants to read the messages (M11,M,M22,, …) - Alice and Bob want to prevent this!…) - Alice and Bob want to prevent this! Assumption:Assumption: The network is OPEN: Marvin isThe network is OPEN: Marvin is able to eavesdrop and read all data sent fromable to eavesdrop and read all data sent from Alice to Bob.Alice to Bob. Consequence:Consequence: Alice must not send messagesAlice must not send messages (M(M11,M,M22,…) directly – they must be “scrambled” or,…) directly – they must be “scrambled” or encryptedencrypted using a ‘secret code’ unknown tousing a ‘secret code’ unknown to Marvin but known to Bob.Marvin but known to Bob.
CSE2500 System Security and Privacy 7 CryptographyCryptography plaintext (data file or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages)
CSE2500 System Security and Privacy 8 E D Message (cleartext, plaintext) Encrypted message (ciphertext) Encrypted message (ciphertext) Encryption Decryption key Alice Bob Private key cipherPrivate key cipher Message (cleartext,plaintext)
CSE2500 System Security and Privacy 9 Basic termsBasic terms Cryptology (to be very precise)Cryptology (to be very precise) Cryptography --- code designingCryptography --- code designing Cryptanalysis --- code breakingCryptanalysis --- code breaking Cryptologist:Cryptologist: Cryptographer & cryptanalystCryptographer & cryptanalyst Encryption/enciphermentEncryption/encipherment Scrambling data into unintelligible toScrambling data into unintelligible to unauthorised partiesunauthorised parties Decryption/deciphermentDecryption/decipherment Un-scramblingUn-scrambling
CSE2500 System Security and Privacy 10 Types of ciphersTypes of ciphers Private key cryptosystems/ciphersPrivate key cryptosystems/ciphers The secret key is shared between twoThe secret key is shared between two partiesparties Public key cryptosystems/ciphersPublic key cryptosystems/ciphers The secret key is not shared and twoThe secret key is not shared and two parties can still communicate using theirparties can still communicate using their public keyspublic keys
CSE2500 System Security and Privacy 11 Examples of “Messages”Examples of “Messages” Types of secret “Messages” AliceTypes of secret “Messages” Alice might want to send Bob (in increasingmight want to send Bob (in increasing length):length): Decision (yes/no),Decision (yes/no), eg. as answer to theeg. as answer to the question “Are we meeting tomorrow?”question “Are we meeting tomorrow?” Numerical ValueNumerical Value, eg. as answer to the, eg. as answer to the question “at what hour are we meeting?”question “at what hour are we meeting?” DocumentDocument SoftwareSoftware,, ImagesImages etc.etc.
CSE2500 System Security and Privacy 12 ConceptsConcepts A private key cipher is composed ofA private key cipher is composed of two algorithmstwo algorithms encryption algorithm Eencryption algorithm E decryption algorithm Ddecryption algorithm D The same key K is used for encryptionThe same key K is used for encryption & decryption& decryption K has to be distributed beforehandK has to be distributed beforehand
CSE2500 System Security and Privacy 13 NotationsNotations Encrypt a plaintext P using a key K &Encrypt a plaintext P using a key K & an encryption algorithm Ean encryption algorithm E C = E(K,P)C = E(K,P) Decrypt a ciphertext C using the sameDecrypt a ciphertext C using the same key K and the matching decryptionkey K and the matching decryption algorithm Dalgorithm D P = D(K,C)P = D(K,C) Note: P = D(K,C) = D(K, E(K,P))Note: P = D(K,C) = D(K, E(K,P))
CSE2500 System Security and Privacy 14 The Caesar cipher (e.g)The Caesar cipher (e.g) The Caesar cipher is a substitutionThe Caesar cipher is a substitution cipher, named after Julius Caesar.cipher, named after Julius Caesar. Operation principle:Operation principle: each letter is translated into the lettereach letter is translated into the letter a fixed number of positionsa fixed number of positions after itafter it in the alphabet table.in the alphabet table. The fixed number of positions is a keyThe fixed number of positions is a key both for encryption and decryption.both for encryption and decryption.
CSE2500 System Security and Privacy 15 The Caesar cipher (cnt’d)The Caesar cipher (cnt’d) K=3 Inner: ciphertext Outer: plaintext
CSE2500 System Security and Privacy 16 An exampleAn example For a key K=3,For a key K=3, plaintext letter:plaintext letter: ABCDEF...UVWXYZABCDEF...UVWXYZ ciphtertext letter:ciphtertext letter: DEF...UVWXYZABCDEF...UVWXYZABC HenceHence TREATY IMPOSSIBLETREATY IMPOSSIBLE is translated intois translated into WUHDWB LPSRVVLEOHWUHDWB LPSRVVLEOH
CSE2500 System Security and Privacy 17 Breaking classic ciphersBreaking classic ciphers With the help of fast computers,With the help of fast computers, 99.99% ciphers used before 1976 are99.99% ciphers used before 1976 are breakable by using one of the 4 typesbreakable by using one of the 4 types of attacks (described later).of attacks (described later). Modern cluster computers and futureModern cluster computers and future quantum computers can break severalquantum computers can break several existing ciphers due to the power ofexisting ciphers due to the power of such computers.such computers.
CSE2500 System Security and Privacy 18 Breaking the Caesar cipherBreaking the Caesar cipher By trial-and errorBy trial-and error By using statistics on lettersBy using statistics on letters frequency distributions of lettersfrequency distributions of letters letterletter percentpercent AA 7.49%7.49% BB 1.29%1.29% CC 3.54%3.54% DD 3.62%3.62% EE 14.00%14.00% ....................................................................
CSE2500 System Security and Privacy 19 Toy example of private keyToy example of private key cryptography (TPC)cryptography (TPC) Assume that a message is broken into 64-bit blocks and eachAssume that a message is broken into 64-bit blocks and each 64-bit block of plaintext is encrypted separately:64-bit block of plaintext is encrypted separately: Key space are combinations of numerical digits – max: 7Key space are combinations of numerical digits – max: 7 digits-digits- (eg: key = [1]; or key = [1,3], or key = [1,4,2]).(eg: key = [1]; or key = [1,3], or key = [1,4,2]). Assume that all 8 bits of a byte is used and key digits startAssume that all 8 bits of a byte is used and key digits start from left to right.from left to right. Encryption: Each plaintext block is first shifted by the numberEncryption: Each plaintext block is first shifted by the number of binary digits before the last non-zero digit of the key. It isof binary digits before the last non-zero digit of the key. It is then exclusive-ored with the key starting from the first byte ofthen exclusive-ored with the key starting from the first byte of the block, repeatedly to the end of the block (the key moves athe block, repeatedly to the end of the block (the key moves a distance of its size from left to right of the plaintext block).distance of its size from left to right of the plaintext block). Decryption: do the reverse of encryption: the cipher-text isDecryption: do the reverse of encryption: the cipher-text is exclusive-ored and then shifted.exclusive-ored and then shifted. 0 0 0= 1 1 0= 0 1 1= 1 0 1= : exclusive: exclusive oror
CSE2500 System Security and Privacy 20 Using TPCUsing TPC Use TPC to encrypt the plaintext “12345”, keyUse TPC to encrypt the plaintext “12345”, key = [1,4,2]= [1,4,2] Use TPC to encrypt the plaintext “TREATYUse TPC to encrypt the plaintext “TREATY IMPOSSIBLE”; key = [4];IMPOSSIBLE”; key = [4]; Use TPC to encrypt the plaintext “100Use TPC to encrypt the plaintext “100 dollars”, key = [2,4];dollars”, key = [2,4];
CSE2500 System Security and Privacy 21 Principles of Private Key EncryptionPrinciples of Private Key Encryption Devise cryptographic algorithms:Devise cryptographic algorithms: a set of fast functions (E1, E2, E3, ..En) that when in turna set of fast functions (E1, E2, E3, ..En) that when in turn applied to an input (initial or intermediate input) willapplied to an input (initial or intermediate input) will produce a more potentially scrambled output.produce a more potentially scrambled output. and a set of functions (D1,D2,D3, .. Dn) that when in turnand a set of functions (D1,D2,D3, .. Dn) that when in turn applied to the cipher text (final or intermediate) willapplied to the cipher text (final or intermediate) will produce the original input text.produce the original input text. Devise algorithms, tests and proofs to validateDevise algorithms, tests and proofs to validate your cryptographic algorithmsyour cryptographic algorithms Analysing algorithms.Analysing algorithms. Tests with powerful computers such as specialised,Tests with powerful computers such as specialised, parallel, cluster, or quantum computers.parallel, cluster, or quantum computers. Mathematical proofs.Mathematical proofs.
CSE2500 System Security and Privacy 22 Toy example of public keyToy example of public key cryptographycryptography Definition: The multiplicative inverse ofDefinition: The multiplicative inverse of xx with modulowith modulo nn isis yy such that (such that (xx**yy) mod) mod nn = 1= 1 E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1 The above multiplicative inverse can be used to create aThe above multiplicative inverse can be used to create a simple public key cipher: eithersimple public key cipher: either xx oror yy can be thought of as acan be thought of as a secret key and the other is the public key. Letsecret key and the other is the public key. Let xx = 3,= 3, yy = 7,= 7, nn == 10, and M be the message:10, and M be the message: M = 4 ;M = 4 ; 3*4 mod 10 = 2; (ciphertext) - encrypting3*4 mod 10 = 2; (ciphertext) - encrypting 2*7 mod 10 = 4 = M ; (message) - decrypting2*7 mod 10 = 4 = M ; (message) - decrypting M =6 ;M =6 ; 3*6 mod 10 = 8;3*6 mod 10 = 8; 8*7 mod 10 = 6 = M (message)8*7 mod 10 = 6 = M (message)
CSE2500 System Security and Privacy 23 What is PKE used for?What is PKE used for? Private Key Encryption (PKE) can bePrivate Key Encryption (PKE) can be used:used: Transmitting data over an insecureTransmitting data over an insecure channelchannel Secure stored data (encrypt & store)Secure stored data (encrypt & store) Provide integrity check:Provide integrity check: (Key + Mes.) -> MAC (message authentication(Key + Mes.) -> MAC (message authentication code)code)
CSE2500 System Security and Privacy 24 Morden Cryptography applicationsMorden Cryptography applications Not just about confidentiality!Not just about confidentiality! IntegrityIntegrity Digital signaturesDigital signatures Hash functionsHash functions Fair exchangeFair exchange Contract signingContract signing AnonymityAnonymity Electronic cashElectronic cash Electronic votingElectronic voting Etc.Etc.
CSE2500 System Security and Privacy 25 Modern private key ciphersModern private key ciphers DES (US, 1977) (3DES)DES (US, 1977) (3DES) key -- 56 bits, plaintext/ciphertext -- 64 bitskey -- 56 bits, plaintext/ciphertext -- 64 bits LOKI (ADFA, Australia, 1989)LOKI (ADFA, Australia, 1989) key, plaintext/ciphertext -- 64 bitskey, plaintext/ciphertext -- 64 bits FEAL (NTT, Japan, 1990)FEAL (NTT, Japan, 1990) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits IDEA (Lai & Massey, Swiss, 1991)IDEA (Lai & Massey, Swiss, 1991) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits SPEED (Y Zheng in 1996)SPEED (Y Zheng in 1996) Key/(plaintext/ciphertext) -- 48,64,80,…,256 bitsKey/(plaintext/ciphertext) -- 48,64,80,…,256 bits AES (Joan Daemen & Vincent Rijmen 2000)AES (Joan Daemen & Vincent Rijmen 2000) Key/(plaintext/ciphertext) -- 128, 192 and 256 bitsKey/(plaintext/ciphertext) -- 128, 192 and 256 bits
CSE2500 System Security and Privacy 26 General approaches to CryptographyGeneral approaches to Cryptography There are two general encryption methods:There are two general encryption methods: Block ciphers &Block ciphers & Stream ciphersStream ciphers Block ciphersBlock ciphers Slice message M into (fixed size blocks)Slice message M into (fixed size blocks) mm11, …,, …, mmnn Add padding to last blockAdd padding to last block Use EUse Ekk to produce (ciphertext blocks)to produce (ciphertext blocks) xx11, …,, …, xxnn Use DUse Dkk to recover M fromto recover M from mm11, …,, …, mmnn E.g: DES, etc.E.g: DES, etc. Stream ciphersStream ciphers Generate a long random string (or pseudo random)Generate a long random string (or pseudo random) calledcalled one-time padone-time pad.. MessageMessage one-time padone-time pad (exclusive or)(exclusive or) E.g: EC4E.g: EC4
CSE2500 System Security and Privacy 27 Design of Private Key Ciphers(1)Design of Private Key Ciphers(1) A Cryptographic algorithm should be efficient forA Cryptographic algorithm should be efficient for good usegood use It should be fast and key length should be of the rightIt should be fast and key length should be of the right length – e.g.; not too shortlength – e.g.; not too short Cryptographic algorithms are not impossible toCryptographic algorithms are not impossible to break without a keybreak without a key If we try all the combinations, we can get the originalIf we try all the combinations, we can get the original messagemessage The security of a cryptographic algorithm dependsThe security of a cryptographic algorithm depends on how much work it takes for someone to break iton how much work it takes for someone to break it E.g If it takes 10 mil. years to break a cryptographicE.g If it takes 10 mil. years to break a cryptographic algorithm X using all the computers of a state, X can bealgorithm X using all the computers of a state, X can be thought of as a secure one – reason: cluster computersthought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crackand quantum computers are powerful enough to crack many current cryptographic algorithms.many current cryptographic algorithms.
CSE2500 System Security and Privacy 28 Design of Private Key Ciphers(2)Design of Private Key Ciphers(2) Encryption Algorithm DesignEncryption Algorithm Design Should the strength of the algorithm beShould the strength of the algorithm be included in the implementation of theincluded in the implementation of the algorithm? Should we hide the algorithm?algorithm? Should we hide the algorithm? Should the block size be small or large?Should the block size be small or large? Should the keyspace be large?Should the keyspace be large? Should we consider other search ratherShould we consider other search rather than brute-force search?than brute-force search? Should we consider the hardwareShould we consider the hardware technology?technology?
CSE2500 System Security and Privacy 29 4 types of cryptanalysis4 types of cryptanalysis Depending on what a cryptanalyst hasDepending on what a cryptanalyst has to work with, attacks can be classifiedto work with, attacks can be classified intointo ciphertext only attackciphertext only attack known plaintext attackknown plaintext attack chosen plaintext attackchosen plaintext attack chosen ciphertext attack (most severe)chosen ciphertext attack (most severe)
CSE2500 System Security and Privacy 30 4 types of attacks4 types of attacks Ciphertext only attackCiphertext only attack the only data available is a targetthe only data available is a target ciphertextciphertext Known plaintext attackKnown plaintext attack a target ciphertexta target ciphertext pairs of other ciphertext and plaintextpairs of other ciphertext and plaintext (say, previously broken or guessing)(say, previously broken or guessing)
CSE2500 System Security and Privacy 31 4 types of attacks4 types of attacks Chosen plaintext attacksChosen plaintext attacks a target ciphertexta target ciphertext can feed encryption algorithm withcan feed encryption algorithm with plaintexts and obtain the matchingplaintexts and obtain the matching ciphertextsciphertexts Chosen ciphertext attackChosen ciphertext attack a target ciphertexta target ciphertext can feed decryption algorithm withcan feed decryption algorithm with ciphertexts and obtain the matchingciphertexts and obtain the matching plaintextsplaintexts

Recommended

Cryptography
CryptographyCryptography
CryptographyEmaSushan
 
Cryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherCryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherNiloy Biswas
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
DES
DESDES
DESNaga Srimanyu Timmaraju
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail securityDr.Florence Dayana
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniquesSHUBHA CHATURVEDI
 

Recommended

Cryptography
CryptographyCryptography
CryptographyEmaSushan
 
Cryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherCryptography - Block cipher & stream cipher
Cryptography - Block cipher & stream cipherNiloy Biswas
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
DES
DESDES
DESNaga Srimanyu Timmaraju
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail securityDr.Florence Dayana
 
Transposition cipher techniques
Transposition cipher techniquesTransposition cipher techniques
Transposition cipher techniquesSHUBHA CHATURVEDI
 
Transport layer security (tls)
Transport layer security (tls)Transport layer security (tls)
Transport layer security (tls)Kalpesh Kalekar
 
Cryptography
CryptographyCryptography
CryptographyKARNAN L S
 
secure file storage on cloud using hybrid Cryptography ppt.pptx
secure file storage on cloud using hybrid Cryptography ppt.pptxsecure file storage on cloud using hybrid Cryptography ppt.pptx
secure file storage on cloud using hybrid Cryptography ppt.pptxNishmithaHc
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101n|u - The Open Security Community
 
Domain 5 - Identity and Access Management
Domain 5 - Identity and Access Management Domain 5 - Identity and Access Management
Domain 5 - Identity and Access Management Maganathin Veeraragaloo
 
Transposition Cipher
Transposition CipherTransposition Cipher
Transposition Cipherdaniyalqureshi712
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information SecurityDr Naim R Kidwai
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Elgamal Digital Signature
Elgamal Digital SignatureElgamal Digital Signature
Elgamal Digital SignatureSou Jana
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design PrinciplesSHUBHA CHATURVEDI
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesramya marichamy
 
Cryptography
CryptographyCryptography
CryptographyDarshini Parikh
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptographyzahid-mian
 
Ch14
Ch14Ch14
Ch14Francis Alamina
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)SAurabh PRajapati
 
SSL intro
SSL introSSL intro
SSL introThree Lee
 
Ch02 classic nemo
Ch02 classic nemoCh02 classic nemo
Ch02 classic nemoSamia Elsayed
 
Iss lecture 2
Iss lecture 2Iss lecture 2
Iss lecture 2Ali Habeeb
 

More Related Content

What's hot

Transport layer security (tls)
Transport layer security (tls)Transport layer security (tls)
Transport layer security (tls)Kalpesh Kalekar
 
secure file storage on cloud using hybrid Cryptography ppt.pptx
secure file storage on cloud using hybrid Cryptography ppt.pptxsecure file storage on cloud using hybrid Cryptography ppt.pptx
secure file storage on cloud using hybrid Cryptography ppt.pptxNishmithaHc
 
Domain 5 - Identity and Access Management
Domain 5 - Identity and Access Management Domain 5 - Identity and Access Management
Domain 5 - Identity and Access Management Maganathin Veeraragaloo
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information SecurityDr Naim R Kidwai
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Elgamal Digital Signature
Elgamal Digital SignatureElgamal Digital Signature
Elgamal Digital SignatureSou Jana
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design PrinciplesSHUBHA CHATURVEDI
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesramya marichamy
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptographyzahid-mian
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)SAurabh PRajapati
 

What's hot (20)

Transport layer security (tls)
Transport layer security (tls)Transport layer security (tls)
Transport layer security (tls)
 
Cryptography
CryptographyCryptography
Cryptography
 
secure file storage on cloud using hybrid Cryptography ppt.pptx
secure file storage on cloud using hybrid Cryptography ppt.pptxsecure file storage on cloud using hybrid Cryptography ppt.pptx
secure file storage on cloud using hybrid Cryptography ppt.pptx
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
 
Domain 5 - Identity and Access Management
Domain 5 - Identity and Access Management Domain 5 - Identity and Access Management
Domain 5 - Identity and Access Management
 
Transposition Cipher
Transposition CipherTransposition Cipher
Transposition Cipher
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
 
Elgamal Digital Signature
Elgamal Digital SignatureElgamal Digital Signature
Elgamal Digital Signature
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIME
 
Block Cipher and its Design Principles
Block Cipher and its Design PrinciplesBlock Cipher and its Design Principles
Block Cipher and its Design Principles
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Cryptography
CryptographyCryptography
Cryptography
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptography
 
Ch14
Ch14Ch14
Ch14
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)
 
SSL intro
SSL introSSL intro
SSL intro
 

Similar to Cryptography

IS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographySarthak Patel
 
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...Amazon Web Services
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Introduction to Public Key Cryptography
Introduction to Public Key CryptographyIntroduction to Public Key Cryptography
Introduction to Public Key CryptographyKelley Robinson
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical CryptographyKelley Robinson
 
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2Hamed Moghaddam
 
Information System Security.pptx
Information System Security.pptxInformation System Security.pptx
Information System Security.pptxGIT
 
Slide cipher based encryption
Slide cipher based encryptionSlide cipher based encryption
Slide cipher based encryptionMizi Mohamad
 
Computer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptxComputer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptxmagoigamtatiro1
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryptionphanleson
 
Cryptography 101 for Java developers
Cryptography 101 for Java developersCryptography 101 for Java developers
Cryptography 101 for Java developersMichel Schudel
 

Similar to Cryptography (20)

Ch02 classic nemo
Ch02 classic nemoCh02 classic nemo
Ch02 classic nemo
 
Iss lecture 2
Iss lecture 2Iss lecture 2
Iss lecture 2
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
network security
network securitynetwork security
network security
 
IS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key Cryptography
 
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
 
Encryption
EncryptionEncryption
Encryption
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
 
Introduction to Public Key Cryptography
Introduction to Public Key CryptographyIntroduction to Public Key Cryptography
Introduction to Public Key Cryptography
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical Cryptography
 
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
 
Information System Security.pptx
Information System Security.pptxInformation System Security.pptx
Information System Security.pptx
 
Slide cipher based encryption
Slide cipher based encryptionSlide cipher based encryption
Slide cipher based encryption
 
Computer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptxComputer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptx
 
Day5
Day5Day5
Day5
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
 
Cns 1
Cns 1Cns 1
Cns 1
 
Unit 1
Unit 1Unit 1
Unit 1
 
Cryptography 101 for Java developers
Cryptography 101 for Java developersCryptography 101 for Java developers
Cryptography 101 for Java developers
 

Recently uploaded

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 

Recently uploaded (20)

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 

Cryptography

  • 1. Introduction to CryptographyIntroduction to Cryptography --- Foundations of information security ------ Foundations of information security --- Lecture 7Lecture 7
  • 2. CSE2500 System Security and Privacy 2 OutlineOutline Why study cryptologyWhy study cryptology?? Basic terms, notations and structure ofBasic terms, notations and structure of cryptographycryptography Private & public key cryptography examplesPrivate & public key cryptography examples Modern secret key ciphers : usage andModern secret key ciphers : usage and methodologymethodology Encryption and possible attacksEncryption and possible attacks Secret key ciphers designSecret key ciphers design Slides 23 to 26 for additional informationSlides 23 to 26 for additional information (and reading)(and reading)
  • 3. CSE2500 System Security and Privacy 3 Why Study cryptology(1)Why Study cryptology(1) A B Intruder Communications security
  • 4. CSE2500 System Security and Privacy 4 Why Study cryptology(2)Why Study cryptology(2) Customer Merchant TTP Electronic Commerce Security
  • 5. CSE2500 System Security and Privacy 5 Why Study cryptology(3)Why Study cryptology(3) A B LEA Law enforcement
  • 6. CSE2500 System Security and Privacy 6 The Basic ProblemThe Basic Problem We consider theWe consider the confidentialityconfidentiality goal:goal: Alice and Bob are FriendsAlice and Bob are Friends Marvin is a rivalMarvin is a rival Alice wants to send secret messages (MAlice wants to send secret messages (M11,M,M22,…),…) to Bob over the Internetto Bob over the Internet Rival Marvin wants to read the messages (MRival Marvin wants to read the messages (M11,M,M22,, …) - Alice and Bob want to prevent this!…) - Alice and Bob want to prevent this! Assumption:Assumption: The network is OPEN: Marvin isThe network is OPEN: Marvin is able to eavesdrop and read all data sent fromable to eavesdrop and read all data sent from Alice to Bob.Alice to Bob. Consequence:Consequence: Alice must not send messagesAlice must not send messages (M(M11,M,M22,…) directly – they must be “scrambled” or,…) directly – they must be “scrambled” or encryptedencrypted using a ‘secret code’ unknown tousing a ‘secret code’ unknown to Marvin but known to Bob.Marvin but known to Bob.
  • 7. CSE2500 System Security and Privacy 7 CryptographyCryptography plaintext (data file or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages)
  • 8. CSE2500 System Security and Privacy 8 E D Message (cleartext, plaintext) Encrypted message (ciphertext) Encrypted message (ciphertext) Encryption Decryption key Alice Bob Private key cipherPrivate key cipher Message (cleartext,plaintext)
  • 9. CSE2500 System Security and Privacy 9 Basic termsBasic terms Cryptology (to be very precise)Cryptology (to be very precise) Cryptography --- code designingCryptography --- code designing Cryptanalysis --- code breakingCryptanalysis --- code breaking Cryptologist:Cryptologist: Cryptographer & cryptanalystCryptographer & cryptanalyst Encryption/enciphermentEncryption/encipherment Scrambling data into unintelligible toScrambling data into unintelligible to unauthorised partiesunauthorised parties Decryption/deciphermentDecryption/decipherment Un-scramblingUn-scrambling
  • 10. CSE2500 System Security and Privacy 10 Types of ciphersTypes of ciphers Private key cryptosystems/ciphersPrivate key cryptosystems/ciphers The secret key is shared between twoThe secret key is shared between two partiesparties Public key cryptosystems/ciphersPublic key cryptosystems/ciphers The secret key is not shared and twoThe secret key is not shared and two parties can still communicate using theirparties can still communicate using their public keyspublic keys
  • 11. CSE2500 System Security and Privacy 11 Examples of “Messages”Examples of “Messages” Types of secret “Messages” AliceTypes of secret “Messages” Alice might want to send Bob (in increasingmight want to send Bob (in increasing length):length): Decision (yes/no),Decision (yes/no), eg. as answer to theeg. as answer to the question “Are we meeting tomorrow?”question “Are we meeting tomorrow?” Numerical ValueNumerical Value, eg. as answer to the, eg. as answer to the question “at what hour are we meeting?”question “at what hour are we meeting?” DocumentDocument SoftwareSoftware,, ImagesImages etc.etc.
  • 12. CSE2500 System Security and Privacy 12 ConceptsConcepts A private key cipher is composed ofA private key cipher is composed of two algorithmstwo algorithms encryption algorithm Eencryption algorithm E decryption algorithm Ddecryption algorithm D The same key K is used for encryptionThe same key K is used for encryption & decryption& decryption K has to be distributed beforehandK has to be distributed beforehand
  • 13. CSE2500 System Security and Privacy 13 NotationsNotations Encrypt a plaintext P using a key K &Encrypt a plaintext P using a key K & an encryption algorithm Ean encryption algorithm E C = E(K,P)C = E(K,P) Decrypt a ciphertext C using the sameDecrypt a ciphertext C using the same key K and the matching decryptionkey K and the matching decryption algorithm Dalgorithm D P = D(K,C)P = D(K,C) Note: P = D(K,C) = D(K, E(K,P))Note: P = D(K,C) = D(K, E(K,P))
  • 14. CSE2500 System Security and Privacy 14 The Caesar cipher (e.g)The Caesar cipher (e.g) The Caesar cipher is a substitutionThe Caesar cipher is a substitution cipher, named after Julius Caesar.cipher, named after Julius Caesar. Operation principle:Operation principle: each letter is translated into the lettereach letter is translated into the letter a fixed number of positionsa fixed number of positions after itafter it in the alphabet table.in the alphabet table. The fixed number of positions is a keyThe fixed number of positions is a key both for encryption and decryption.both for encryption and decryption.
  • 15. CSE2500 System Security and Privacy 15 The Caesar cipher (cnt’d)The Caesar cipher (cnt’d) K=3 Inner: ciphertext Outer: plaintext
  • 16. CSE2500 System Security and Privacy 16 An exampleAn example For a key K=3,For a key K=3, plaintext letter:plaintext letter: ABCDEF...UVWXYZABCDEF...UVWXYZ ciphtertext letter:ciphtertext letter: DEF...UVWXYZABCDEF...UVWXYZABC HenceHence TREATY IMPOSSIBLETREATY IMPOSSIBLE is translated intois translated into WUHDWB LPSRVVLEOHWUHDWB LPSRVVLEOH
  • 17. CSE2500 System Security and Privacy 17 Breaking classic ciphersBreaking classic ciphers With the help of fast computers,With the help of fast computers, 99.99% ciphers used before 1976 are99.99% ciphers used before 1976 are breakable by using one of the 4 typesbreakable by using one of the 4 types of attacks (described later).of attacks (described later). Modern cluster computers and futureModern cluster computers and future quantum computers can break severalquantum computers can break several existing ciphers due to the power ofexisting ciphers due to the power of such computers.such computers.
  • 18. CSE2500 System Security and Privacy 18 Breaking the Caesar cipherBreaking the Caesar cipher By trial-and errorBy trial-and error By using statistics on lettersBy using statistics on letters frequency distributions of lettersfrequency distributions of letters letterletter percentpercent AA 7.49%7.49% BB 1.29%1.29% CC 3.54%3.54% DD 3.62%3.62% EE 14.00%14.00% ....................................................................
  • 19. CSE2500 System Security and Privacy 19 Toy example of private keyToy example of private key cryptography (TPC)cryptography (TPC) Assume that a message is broken into 64-bit blocks and eachAssume that a message is broken into 64-bit blocks and each 64-bit block of plaintext is encrypted separately:64-bit block of plaintext is encrypted separately: Key space are combinations of numerical digits – max: 7Key space are combinations of numerical digits – max: 7 digits-digits- (eg: key = [1]; or key = [1,3], or key = [1,4,2]).(eg: key = [1]; or key = [1,3], or key = [1,4,2]). Assume that all 8 bits of a byte is used and key digits startAssume that all 8 bits of a byte is used and key digits start from left to right.from left to right. Encryption: Each plaintext block is first shifted by the numberEncryption: Each plaintext block is first shifted by the number of binary digits before the last non-zero digit of the key. It isof binary digits before the last non-zero digit of the key. It is then exclusive-ored with the key starting from the first byte ofthen exclusive-ored with the key starting from the first byte of the block, repeatedly to the end of the block (the key moves athe block, repeatedly to the end of the block (the key moves a distance of its size from left to right of the plaintext block).distance of its size from left to right of the plaintext block). Decryption: do the reverse of encryption: the cipher-text isDecryption: do the reverse of encryption: the cipher-text is exclusive-ored and then shifted.exclusive-ored and then shifted. 0 0 0= 1 1 0= 0 1 1= 1 0 1= : exclusive: exclusive oror
  • 20. CSE2500 System Security and Privacy 20 Using TPCUsing TPC Use TPC to encrypt the plaintext “12345”, keyUse TPC to encrypt the plaintext “12345”, key = [1,4,2]= [1,4,2] Use TPC to encrypt the plaintext “TREATYUse TPC to encrypt the plaintext “TREATY IMPOSSIBLE”; key = [4];IMPOSSIBLE”; key = [4]; Use TPC to encrypt the plaintext “100Use TPC to encrypt the plaintext “100 dollars”, key = [2,4];dollars”, key = [2,4];
  • 21. CSE2500 System Security and Privacy 21 Principles of Private Key EncryptionPrinciples of Private Key Encryption Devise cryptographic algorithms:Devise cryptographic algorithms: a set of fast functions (E1, E2, E3, ..En) that when in turna set of fast functions (E1, E2, E3, ..En) that when in turn applied to an input (initial or intermediate input) willapplied to an input (initial or intermediate input) will produce a more potentially scrambled output.produce a more potentially scrambled output. and a set of functions (D1,D2,D3, .. Dn) that when in turnand a set of functions (D1,D2,D3, .. Dn) that when in turn applied to the cipher text (final or intermediate) willapplied to the cipher text (final or intermediate) will produce the original input text.produce the original input text. Devise algorithms, tests and proofs to validateDevise algorithms, tests and proofs to validate your cryptographic algorithmsyour cryptographic algorithms Analysing algorithms.Analysing algorithms. Tests with powerful computers such as specialised,Tests with powerful computers such as specialised, parallel, cluster, or quantum computers.parallel, cluster, or quantum computers. Mathematical proofs.Mathematical proofs.
  • 22. CSE2500 System Security and Privacy 22 Toy example of public keyToy example of public key cryptographycryptography Definition: The multiplicative inverse ofDefinition: The multiplicative inverse of xx with modulowith modulo nn isis yy such that (such that (xx**yy) mod) mod nn = 1= 1 E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1 The above multiplicative inverse can be used to create aThe above multiplicative inverse can be used to create a simple public key cipher: eithersimple public key cipher: either xx oror yy can be thought of as acan be thought of as a secret key and the other is the public key. Letsecret key and the other is the public key. Let xx = 3,= 3, yy = 7,= 7, nn == 10, and M be the message:10, and M be the message: M = 4 ;M = 4 ; 3*4 mod 10 = 2; (ciphertext) - encrypting3*4 mod 10 = 2; (ciphertext) - encrypting 2*7 mod 10 = 4 = M ; (message) - decrypting2*7 mod 10 = 4 = M ; (message) - decrypting M =6 ;M =6 ; 3*6 mod 10 = 8;3*6 mod 10 = 8; 8*7 mod 10 = 6 = M (message)8*7 mod 10 = 6 = M (message)
  • 23. CSE2500 System Security and Privacy 23 What is PKE used for?What is PKE used for? Private Key Encryption (PKE) can bePrivate Key Encryption (PKE) can be used:used: Transmitting data over an insecureTransmitting data over an insecure channelchannel Secure stored data (encrypt & store)Secure stored data (encrypt & store) Provide integrity check:Provide integrity check: (Key + Mes.) -> MAC (message authentication(Key + Mes.) -> MAC (message authentication code)code)
  • 24. CSE2500 System Security and Privacy 24 Morden Cryptography applicationsMorden Cryptography applications Not just about confidentiality!Not just about confidentiality! IntegrityIntegrity Digital signaturesDigital signatures Hash functionsHash functions Fair exchangeFair exchange Contract signingContract signing AnonymityAnonymity Electronic cashElectronic cash Electronic votingElectronic voting Etc.Etc.
  • 25. CSE2500 System Security and Privacy 25 Modern private key ciphersModern private key ciphers DES (US, 1977) (3DES)DES (US, 1977) (3DES) key -- 56 bits, plaintext/ciphertext -- 64 bitskey -- 56 bits, plaintext/ciphertext -- 64 bits LOKI (ADFA, Australia, 1989)LOKI (ADFA, Australia, 1989) key, plaintext/ciphertext -- 64 bitskey, plaintext/ciphertext -- 64 bits FEAL (NTT, Japan, 1990)FEAL (NTT, Japan, 1990) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits IDEA (Lai & Massey, Swiss, 1991)IDEA (Lai & Massey, Swiss, 1991) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits SPEED (Y Zheng in 1996)SPEED (Y Zheng in 1996) Key/(plaintext/ciphertext) -- 48,64,80,…,256 bitsKey/(plaintext/ciphertext) -- 48,64,80,…,256 bits AES (Joan Daemen & Vincent Rijmen 2000)AES (Joan Daemen & Vincent Rijmen 2000) Key/(plaintext/ciphertext) -- 128, 192 and 256 bitsKey/(plaintext/ciphertext) -- 128, 192 and 256 bits
  • 26. CSE2500 System Security and Privacy 26 General approaches to CryptographyGeneral approaches to Cryptography There are two general encryption methods:There are two general encryption methods: Block ciphers &Block ciphers & Stream ciphersStream ciphers Block ciphersBlock ciphers Slice message M into (fixed size blocks)Slice message M into (fixed size blocks) mm11, …,, …, mmnn Add padding to last blockAdd padding to last block Use EUse Ekk to produce (ciphertext blocks)to produce (ciphertext blocks) xx11, …,, …, xxnn Use DUse Dkk to recover M fromto recover M from mm11, …,, …, mmnn E.g: DES, etc.E.g: DES, etc. Stream ciphersStream ciphers Generate a long random string (or pseudo random)Generate a long random string (or pseudo random) calledcalled one-time padone-time pad.. MessageMessage one-time padone-time pad (exclusive or)(exclusive or) E.g: EC4E.g: EC4
  • 27. CSE2500 System Security and Privacy 27 Design of Private Key Ciphers(1)Design of Private Key Ciphers(1) A Cryptographic algorithm should be efficient forA Cryptographic algorithm should be efficient for good usegood use It should be fast and key length should be of the rightIt should be fast and key length should be of the right length – e.g.; not too shortlength – e.g.; not too short Cryptographic algorithms are not impossible toCryptographic algorithms are not impossible to break without a keybreak without a key If we try all the combinations, we can get the originalIf we try all the combinations, we can get the original messagemessage The security of a cryptographic algorithm dependsThe security of a cryptographic algorithm depends on how much work it takes for someone to break iton how much work it takes for someone to break it E.g If it takes 10 mil. years to break a cryptographicE.g If it takes 10 mil. years to break a cryptographic algorithm X using all the computers of a state, X can bealgorithm X using all the computers of a state, X can be thought of as a secure one – reason: cluster computersthought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crackand quantum computers are powerful enough to crack many current cryptographic algorithms.many current cryptographic algorithms.
  • 28. CSE2500 System Security and Privacy 28 Design of Private Key Ciphers(2)Design of Private Key Ciphers(2) Encryption Algorithm DesignEncryption Algorithm Design Should the strength of the algorithm beShould the strength of the algorithm be included in the implementation of theincluded in the implementation of the algorithm? Should we hide the algorithm?algorithm? Should we hide the algorithm? Should the block size be small or large?Should the block size be small or large? Should the keyspace be large?Should the keyspace be large? Should we consider other search ratherShould we consider other search rather than brute-force search?than brute-force search? Should we consider the hardwareShould we consider the hardware technology?technology?
  • 29. CSE2500 System Security and Privacy 29 4 types of cryptanalysis4 types of cryptanalysis Depending on what a cryptanalyst hasDepending on what a cryptanalyst has to work with, attacks can be classifiedto work with, attacks can be classified intointo ciphertext only attackciphertext only attack known plaintext attackknown plaintext attack chosen plaintext attackchosen plaintext attack chosen ciphertext attack (most severe)chosen ciphertext attack (most severe)
  • 30. CSE2500 System Security and Privacy 30 4 types of attacks4 types of attacks Ciphertext only attackCiphertext only attack the only data available is a targetthe only data available is a target ciphertextciphertext Known plaintext attackKnown plaintext attack a target ciphertexta target ciphertext pairs of other ciphertext and plaintextpairs of other ciphertext and plaintext (say, previously broken or guessing)(say, previously broken or guessing)
  • 31. CSE2500 System Security and Privacy 31 4 types of attacks4 types of attacks Chosen plaintext attacksChosen plaintext attacks a target ciphertexta target ciphertext can feed encryption algorithm withcan feed encryption algorithm with plaintexts and obtain the matchingplaintexts and obtain the matching ciphertextsciphertexts Chosen ciphertext attackChosen ciphertext attack a target ciphertexta target ciphertext can feed decryption algorithm withcan feed decryption algorithm with ciphertexts and obtain the matchingciphertexts and obtain the matching plaintextsplaintexts