Computer System Security CSE 5339/7339 Lecture 4 August 31, 2004

Download Report

Transcript Computer System Security CSE 5339/7339 Lecture 4 August 31, 2004 

Computer System Security
CSE 5339/7339
Lecture 4
August 31, 2004
Computer Science and Engineering
Contents
 Encryption
 Substitution and Transposition Ciphers
 Symmetric and Asymmetric Enciption
 Merkle-Hellman Knapsacks
 Murtaza’s Presentation
Computer Science and Engineering
Exercise (Group work)
Decrypt the following encrypted quotation:
fqjcb rwjwj vnjax bnkhj whxcq nawjv
nfxdu mbvnu ujbbf nnc
Computer Science and Engineering
Non-Repeating Series of Numbers
Non-repeating series of numbers
plaintext
Encryption ciphertext Decryption
Original
plaintext
Computer Science and Engineering
One-Time Pads
 Name  set of sheets of paper with keys, glued into a
pad
 The sender would tear off enough number of pages
 The receiver needs a pad identical to the one used by
the sender
Computer Science and Engineering
One-Time Pads (cont.)
 The sender would write the keys one at a time above the letters of
the plaintext.
K1 k2 k3 k4 ... Kn
p1 p2 p3 p4 ... pn
 The plaintext is enciphered using a pre-arranged chart (Vignere
Tableau) – all 26 letters in each column in some scrambled order
 select the substitution in row pi, column Ki
 Problems:
 Unlimited number of keys & Absolute synchronization between
sender and receiver
Computer Science and Engineering
Vernam Cipher
Plaintext
 V
E
R
N
 21 4
17 13
Random numbers
 76 48 16 82
Sum
 97 52 33 95
Sum mod 26
 19 0
7
17
Ciphertext
 t
a
h
r
A
0
M
12
C
2
I
8
P
15
H
7
E
4
R
17
44
3
58
11
60
5
48
88
44
15
60
19
75
12
52
105
18
15
8
19
23
12
0
1
s
p
i
t
x
m
a
b
Computer Science and Engineering
Book Ciphers
 Both sender and receiver need access to identical objects
 Example: telephone book – xxx-xxx-xxxx (use xx mod 26 as a key)
 Problem – High frequency letters
 A, E, O, T  40% of all letters used in Standard English text
 A, E, O, T, N, I  50% of all letters used in Standard English text
 The probability that the key letter and plain text letter is in these 6 letters is
0.25
Computer Science and Engineering
Transposition (Diffusion)
 The letters of the message are rearranged
 Columnar transposition
 Example:
THIS IS A MESSAGE TO SHOW HOW A COLMUNAR TRANSPOSITION
WORKS
Computer Science and Engineering
T H I S I
S A M E S
S A G E T
O S H O W
H O W A C
O L M U N
A R T R A
N S P O S
I T I O N
W O R K S
tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc
nasna
Computer Science and Engineering
Stream and Block Ciphers
 Stream  converts one symbol of plaintext into a symbol of ciphertex
 Block  encrypts a group of plaintext symbols as one block.
Computer Science and Engineering
Symmetric Encryption Systems (Secret
Key)
 Both sender and receiver share one key
 Encryption and decryptions algorithms are closely related
 N * (N-1) /2 keys are needed for N users to communicate in pairs
 Key must be kept secret
Computer Science and Engineering
Asymmetric Encryption Systems (public
Key)
 One key must be kept secret, the other can be freely
exposed – private key and public key
 Only the corresponding private key can decrypt what has
been encrypted using the private key
Computer Science and Engineering
Merkle-Hellman Knapsacks (Chapter 10)
 Algorithms is based on the knapsack problem
 What is the knapsack problem?
 General Knapsacks
 Superincreasing knapsacks
Computer Science and Engineering
General Knapsacks (Hard)
Given a sequence of integers a1, a2, …, an and a target sum T,
the problem is to find a vector of 0s and 1s such that the sum
of the integers associated with 1s equals T
S = [17, 38, 73, 4, 11, 1] T = 53
Solution: (0,1,0,1,1,0)
Computer Science and Engineering
Superincreasing Knapsacks (Easy)
We place an additional restriction on the problem:
The integers of S must form an superincresaing
Sequence. (I.e. each integer is greater than the sum of all
preceding integers)
S = [1, 4, 11, 17, 38, 73]
Algorithm? (Students participation)
Computer Science and Engineering
Group Work
S = [1, 4, 11, 17, 38, 73]
Algorithm? Try it with T = 96 & T = 95
Computer Science and Engineering
Knapsack Problem as a Public Key
Algorithm
Public Key: Set of integers of a knapsack problem
Private Key: Corresponding superincreasing knapsack
Computer Science and Engineering
Math Background
Identity
i is identity for op if i op x = x op i = x
Inverse
b is inverse of a if a op b = b op a = i
Prime Number
Any number greater than 1 that is divisible only by itself and 1
2 divides 10
10 is divisible by 2
Composite vs. prime
Computer Science and Engineering
Math Background (cont.)
Greatest Common Divisor – gcd(a,b)
The largest integer that divides both a and b
gcd(15,10) = 5
If p is a prime number gcd(p.q) = 1 for any q < p
If x divides a and b  x also divides a – (k*b)
Computer Science and Engineering
Modular Arithmetic
 Reminder after division
a mod n = b  a = c*n + b (11 mod 3 = 2, 5 mod 3 = 2)
Confine results to a particular range [0 – n-1]
Operations +, -, * can be applied before or after mod is taken
 x and y are equivalent under mod n iff x mod n = y mod n
x and y are equivalent under mod n iff x – y = k*n
Computer Science and Engineering
Modular Arithmetic (cont)
 Multiplicative inverse of a  a-1
*
0
1
2
3
4
0
1
2
3
4
0
0
0
0
0
0
1
2
3
4
0
2
4
1
3
0
3
1
4
2
0
4
3
2
1
Product – mod 5
a = 2, a-1 = 3
Computer Science and Engineering
Fermat’s Theorem
For any prime p and any element a < p
ap mod p = a
Or
ap-1 mod p = 1
The inverse of a is x such that
a*x mod p = 1 = ap-1 mod p
x = ap-2 mod p
Computer Science and Engineering
Example
Compute the inverse of 3 mod 5
x = 35-2 mod 5
x = 27 mod 5 = 2
Computer Science and Engineering
Merkle- Hellman Knapsack (again)
Idea  is to encode a binary message as a solution to a knapsack
problem, reducing the ciphertext to the target sum obtained by
adding terms corresponding to 1s in the plain text.
Public Key: Set of integers of a knapsack problem
Private Key: Corresponding superincreasing knapsack
Technique for converting a superincreasing knapsack into regular
one!
Computer Science and Engineering
Merkle- Hellman Knapsack (cont)
 Normal arithmetic  + or * preserve superincreasing sets
Modular arithmetic  may destroy superincreasing sets
Modular arithmetic  sensitive to common factors
Consider w * x mod n
If w and n share common factors  not all values [0-n-1]
Otherwise (relatively prime)  all values
(If w and n are relatively prime, w has multiplicative inverse
mod n)
Computer Science and Engineering
Example
x
3 * x mod 5
3 * x mod 6
1
3
3
2
1
0
3
4
3
4
2
0
5
0
3
Computer Science and Engineering
Breaking the superincreasing nature
of integer
 Multiple by w and take mod n
n and w are relatively prime.
1)
2)
3)
Select S
Select w and n, n > summation of si
Obtain H (hi = w * si mod n)
Computer Science and Engineering
Example (Encryption)
S = [1, 2, 4, 9]
w = 15, n = 17
H = [15, 13, 9, 16]
P  0100 1011 1010 0101
C  13
40
24
29
Computer Science and Engineering