Cryptography Training Day I
Download
Report
Transcript Cryptography Training Day I
CRYPTOGRAPHY I
Hakan Tolgay
[email protected]
Introduction
Cryptography
Where security engineering meets mathematics.
A word from Greek κρυπτός kryptós, "hidden, secret"
The practice and study of techniques for securing information.
Modern form of cryptography aims
Confidentiality
Data integrity
Authentication
Non-repudiation
Introduction
Basic terminology
Plain text
Cipher Text
Cryptanalysis
Key
Encryption
Decryption
History – Caesar – Shift cipher
Julius Caesar enciphered his dispatches by writing D for A, E for B and so on
When Augustus Caesar ascended the throne, he changed the imperial cipher system so that C was now written for
A, D for B, and so on.
we would say that he changed the key from D to C.
Ceasar’s Alphabet
abcdefghijklmnopqrstuvwxtz
defghijklmnopqrstuvwxyzabc
Ceasar’s message
Plain text: defend the east wall of the castle
Cipher text: ghihqg wkh hdvw zdoo ri wkh fdvwoh
History - Monoalphabetic Substitution
The Arabs generalized this idea to the monoalphabetic substitution, in which a keyword is used to permute the
cipher alphabet.
Example MonoAlphabet
Plaintext alphabet: abcdefghijklmnopqrstuvwxyz
Ciphertext alphabet:SOMERDINGXHBVLTUJWKYZFACPQ
Secret message
Plain text: security
Cipher text: KRMZWGYP
History – Frequency Analysis
In cryptanalysis, frequency analysis is the study of the frequency of letters or groups of letters in a
ciphertext.
The method is used as an aid to breaking classical ciphers.
There is a characteristic distribution of letters that is roughly the same for almost all samples of that
language
For instance, given a section of English language,
E, T, A and O are the most common
Z, Q and X are rare
TH, ER, ON, and AN are the most common pairs of letters (termed bigrams or digraphs)
SS, EE, TT, and FF are the most common repeats.
History – Frequency Analysis
Common percentages in standard English are:
e
t
12.7 9.1
a
o
i
n
s
h
r
d
l
u
c
8.2
7.5
7.0
6.7
6.3
6.1
6.0
4.3
4.0
2.8
2.8
m
w
f
y
g
p
b
v
k
x
j
q
z
2.4
2.4
2.2
2.0
2.0
1.9
1.5
1.0
0.8
0.2
0.2
0.1
0.1
History – Frequency Analysis
Suppose Eve has intercepted the cryptogram below
LIVITCSWPIYVEWHEVSRIQMXLEYVEOIEWHRXEXIPFEMVEWHKVSTYLXZIXLIKIIXPIJVSZEYPERRGERIM
WQLMGLMXQERIWGPSRIHMXQEREKIETXMJTPRGEVEKEITREWHEXXLEXXMZITWAWSQWXSWEXTVEPMRXRSJ
GSTVRIEYVIEXCVMUIMWERGMIWXMJMGCSMWXSJOMIQXLIVIQIVIXQSVSTWHKPEGARCSXRWIEVSWIIBXV
IZMXFSJXLIKEGAEWHEPSWYSWIWIEVXLISXLIVXLIRGEPIRQIVIIBGIIHMWYPFLEVHEWHYPSRRFQMXLE
PPXLIECCIEVEWGISJKTVWMRLIHYSPHXLIQIMYLXSJXLIMWRIGXQEROIVFVIZEVAEKPIEWHXEAMWYEPP
XLMWYRMWXSGSWRMHIVEXMSWMGSTPHLEVHPFKPEZINTCMXIVJSVLMRSCMWMSWVIRCIGXMWYMX
Counts of the letters in the cryptogram show that:
I is the most common single letter
XL most common bigram, and XLI is the most common trigram
e is the most common letter in the English language
th is the most common bigram, and the the most common trigram.
This strongly suggests that
X~t, L~h and I~e.
The second most common letter in the cryptogram is E; since the first and second most frequent letters in the
English language, e and t are accounted for, Eve guesses that E~a, the third most frequent letter.
History – Frequency Analysis
Tentatively making these assumptions, the following partial decrypted message is obtained.
heVeTCSWPeYVaWHaVSReQMthaYVaOeaWHRtatePFaMVaWHKVSTYhtZetheKeetPeJVSZaYPaRRGaReM
WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaKaeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ
GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMeQtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV
eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVtheRGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha
PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtSJtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP
thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZeNTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt
Using these initial guesses, Eve can
spot patterns, such as "that".
suggest other patterns for further guesses.
"Rtate" might be "state", which would mean R~s.
"atthattMZe" could be guessed as "atthattime", yielding M~i and Z~m.
"heVe" might be "here", giving V~r.
Filling in these guesses, Eve gets:
hereuponlegrandarosewithagraveandstatelyairandbroughtmethebeetlefromaglasscasei
nwhichitwasencloseditwasabeautifulscarabaeusandatthattimeunknowntonaturalistsof
courseagreatprizeinascientificpointofviewthereweretworoundblackspotsnearoneextr
emityofthebackandalongoneneartheotherthescaleswereexceedinglyhardandglossywitha
lltheappearanceofburnishedgoldtheweightoftheinsectwasveryremarkableandtakingall
thingsintoconsiderationicouldhardlyblamejupiterforhisopinionrespectingit
History – Kerckhoffs’ Princible
A cryptosystem should be secure even if everything about the system, except the key, is public
knowledge.
Kerckhoffs’ Princible is counterintuitive.
History – Attack vectors
Cryptoanalysis
Classical cryptoanalysis
Brute-force
Analytic atacks
Social Engineering
Implementation atacks
Cryptography
Symmetric
Stream Ciphers
Block Ciphers
Asymmetric
Protocols
Symmetric Encryption
Symmetric encryption means same key is used to encrypt and decrypt
Many varieties (algorithms):
Means both parties need access to the same keys
DES, TDES, AES, Twofish, RC4, CAST5, IDEA, Blowfish…
Can be strong and also fairly high-performance
“Strength” determined by key length in bits as well as algorithmic integrity
Symmetric Encryption
Symmetric encryption comes in two flavors:
Stream ciphers transform the key as they progress, processing one chunk (bit, byte, whatever) at a time
Block ciphers use fixed keys every block (blocksize=keysize)
Difference matters little in practice
Stream generally faster, but requires more key complexity
Many block ciphers have modes that effectively operate like stream ciphers
Most data protection products use block ciphers
Stream Ciphers
A stream cipher encrypts bits individually
Both encryptrion and decryption is very simple
Encryption
Decryption
Yi = e(Xi) = Xi + Si mod2
Xi = d(Yi) = Yi + Si mod2
Which is actually XOR
00
0
01
1
10
1
11
0
How do we generate key stream bits?
Stream Ciphers - Random numbers
3 types of random number generators
True Random Number Generators (TRNG)
Pseudo Random Number Generators (PRNG)
PRNGs are computed i.e they are deterministic
True random numbers stem from random physical processes. E.g coin flipping, key stroke timing, mouse move
Ex: rand () in C
Cryptographically Secure PRNG (CPRNG)
CPRNGs are PRNG with in additional property, numbers are unpredictable.
Stream Ciphers - One Time Pad (OTP)
Goal is to build a perfect cipher
A cipher is unconditionally secure that it can not be broken even with infinite computing resources
The One Time Pad (OTP) is a stream cipher where
The key strem bits from TRNG
Each key streams is used only once
Key size is equal to plain text
A Key can only be used once
Stream Ciphers - Linear Congruential Generator (LCG)
K
PRNG
K
Si
Xi
S0 = seed
Si+1 = A . S1 + B mod m
Key K = (A, B)
2 minuets to break
PRNG
Si
Yi
Xi
Stream Ciphers - LCG attack
Eve knows X1, X2, X3
Eve computes
S1, S2, S3
S2 = A . S1 + B mod m
S3 = A . S2 + B mod m
Stream Ciphers - Linear Feedback Shift Register (LFSR)
Goal is less and/or low power hardware
Block Ciphers – Data Encryption Standard (DES)
Proposed by IBM at 1974
With input from NSA
From 1977 to 1998 it is used as US standard
Insecure today (key too short)
3DES is secure
X
64 bits
DES
56 bits
K
64 bits
Y
DES – Inside DES
X
64 bits
T
T
56 bits
K
Transposition shuffles the input (permutation)
64 bits
Y
DES – Inside DES
Have X16 round
Advanced Encryption Standard (AES)
1997 call for AES by NIST
Aug 1998 15 algorithms submissions
Aug 1999 5 finalist are selected
October 2000 Algorithm called Rijndael choosen as AES
Is now most important symmetric algorith in the world
Number of rounds depends on the key
Key
Rounds
128
10
192
12
256
14
X
128bits
AES
128bits
128/192/256 bits
K
Y
Modes of Operation for Block Ciphers
Deterministic
ECB (Electronic Code Book)
Probabilistic
Block cipher - CBC
Stream cipher
OFB (Output Feedback Block)
CFB (Cipher Feedback Block)
Counter mode
Electronic Code Book (ECB)
simply repeats the AES encryption process
for each 128-bit block of data
For decryption, the process is reversed.
Electronic Code Book (ECB)
identical blocks of unencrypted data, referred to as plain text, are encrypted the same way and
will yield identical blocks of encrypted data
Cipher Block Chaining (CBC)
Invented by IBM at 1976
Goal is to achieve an encryption method that encrypts
each block using the same encryption key, while resulting
in different cipher text
Cipher feedback (CFB)
A close relative of CBC, makes a block cipher into a self-synchronizing stream cipher.
Output feedback (OFB)
The output feedback (OFB) mode makes a block cipher into a synchronous stream cipher.
Counter (CTR)
counter mode turns a block cipher into a
stream cipher.
It generates the next keystream block by
encrypting successive values of a
"counter".
The counter can be any function which
produces a sequence which is
guaranteed not to repeat for a long
time,
An actual increment-by-one counter is
the simplest and most popular.
Asymmetric Cryptography
Also know as Public-key cryptography
How could to people never met share a key?
Diffie–Hellman (DH)
is a specific method of securely exchanging cryptographic keys over a public channel
allows two parties that have no prior knowledge of each other to jointly establish a shared secret
key over an insecure communication channel
The scheme was first published by Whitfield Diffie and Martin Hellman in 1976
Bases on discrete logaritm problem
Easy to perform
Hard to reverse
DH Key exchange
Eve
Alice
Bob
DH Key exchange
p: prime modules
g: generator (should be prime)
x: private number
r: result
g^x mod p = r
Let g=3 and p=17 and x=4
3^4 mod 17 = 9
3 ^ x mod 17 = 9
DH Key exchange
Eve
Alice
g=3 p=17
Select random private number: x=15
3^15 mod 17 = 6
g=3 p=17
6 12
Bob
g=3 p=17
6
Select random private number: x=13
12
12^15 mod 17 = 10
3^13 mod 17 = 12
6^13 mod 17 = 10
Thank you