Introduction to Cryptography Techniques

How secure is that banking network traffic?

Social and Computing Implications of Cryptography



CSCI 365 Information Security is about creating good doors. But what if a door lock gets picked and someone can see your encrypted data, or your data is intercepted traveling between two doors?



The internet is a collection of networks designed to deliver data packets.



Packets are easy to sniff.



The internet is not secure, but is used to connect banks, the power grid, pipelines, transportation systems, etc.

Terms

 Plaintext – the readable message  Ciphertext – the coded message key key Decryption

Types of Attacks

 Ciphertext Only – ciphertext to gain either the key or the plaintext (really bad encryption) adversary uses just the  Known Plaintext – adversary gets the key using some ciphertext and its plaintext  Chosen Plaintext – adversary introduces some plaintext to generate some ciphertext

Symmetric Key Encryption

 Both parties share a single secret key  The key is used for both encryption and decryption  Encryption and decryption are equal efforts

Shift Ciphers

key = amount to shift each character Example: Rotate13

‘A’ + 13 = 1 + 13 = 14 = ‘N’ So, the message “aardvark” becomes “nneqinex”.

Shift Ciphers

Advantage of Rot13:

Easy to implement. Rot13('A') = 'N' (1 + 13)%26 = 14 Rot13('N') = 'A' (14 + 13)%26 = 1 So, one function does both encoding and decoding.

Disadvantage of Any Rotation:

Very easy to break – just try all 26 possibilities.

aka -

Brute Force

attack.

Substitution Cipher

Key = list of character substitutions Example: Key = “Chair” A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Y Z

c h a i r

B D E F G J K L M N O P Q S T U V W X Disadvantage: Susceptible to Character Frequency Analysis

Character Frequencies

g h i j k l m Letter Frequency Letter Frequency a 0.08167 n 0.06749 b c 0.01492 0.02782 o p 0.07507 0.01929 d e f 0.04253 0.12702 0.02228 q r s 0.00095 0.05987 0.06327 0.02015 0.06094 0.06966 0.00153 0.00772 0.04025 0.02406 t u v w x y z 0.09056 0.02758 0.00978 0.02360 0.00150 0.01974 0.00074

Character Frequencies

Letter t a

Start of Word Letter Frequencies

i s o c m f p w Freq 0.1594 0.155 0.0823 0.0775 0.0712 0.0597 0.0426 0.0408 0.040 0.0382 Letter e s

End of Word Letter Frequencies

d t n y r o l f Freq 0.1917 0.1435 0.0923 0.0864 0.0786 0.0730 0.0693 0.0467 0.0456 0.0408

Polyalphbetic Ciphers

Key is repeated and used to shift characters.

Example plaintext + key Ciphertext now is the time for all aar dv ark aard var kaa opo mo uzp ujei bpj lmm

Polyalphbetic Ciphers

Advantage: Thwarts character frequency analysis. For example, an “e” will encrypt to several different letters.

Disadvantage: Statistics can still be used to break the code.

Polyalphbetic Ciphers

How to Break Them:

1 - Look for repeated strings.

For example, if the characters “thi” appear together frequently, then it could be because the key is hitting a common word.

Text = and we need to test and retest Key = ste ve stev es teve ste vestev Sum =

thi

sj gyjz yh njoy

thi

njmyxp

Polyalphbetic Ciphers

How to Break Them:

2 – Determine Probable Key Length The start of strings “thi” are frequently separated by distances that are multiples of 5. So, key length is probably five.

3A – Try keys of that length.

3B – Use CharFreqAnal on characters separated by that length.

One-Time Pad

   Key is used to shift the plaintext.

Key is used only once.

Key has same length as the message.

  Advantage: Unbreakable!

Disadvantage: Requires lots of keys.

DES History



D

ata

E

ncryption

S

tandard  Solicited in 1973 by the National Bureau of Standards (National Institute of Standards and Technology)  Developed by IBM and the NSA  Adopted in 1977

DES Design Principles

 Confusion – complicate the relationship between key and ciphertext  Diffusion – spread structure of plaintext around the ciphertext

DES Design Overview

 http://www.itl.nist.gov/fipspubs/fip46-2.htm

    Key = 56 bits plus 8 parity bits 70,000,000,000,000,000 possible keys of 56 bits Key generates 16 subkeys 16 rounds of functions

Breaking DES

    1993 – design of $1M machine to search entire key space in one day 1997 – design of $1M machine to search entire key space in one hour 1999 - “DES Challenge” prize claimed in 22 hours by distributed.net

2006 - University of Bochum and Kiel, Germany, uses $10,000 hardware cost to get average time of 6.4 days.

 triple DES is much less breakable

Unix Crypt

“man 3 crypt”

#include char *crypt(const char *key, const char *salt); crypt is the password encryption function. It is based on the Data Encryption Standard algorithm with variations intended (among other things) to discourage use of hardware implementations of a key search.

Password Salt

    Based on time when password created First two letters in the passwd field Used to discourage a brute force attack Encrypting every dictionary word then comparing that list to passwd entries will not work since every dictionary word can yield 4096 different possibilities.

Even if my password is the same for two systems, they have different salts so they look different

Public Key Encryption

 Two Keys : encryption and decryption  Encryption key is public  Decryption key is private  Once sender encrypts a message, even they can’t decrypt it

Public Key Encryption

1.

2.

3.

4.

Receiver sends their public key to the sender Sender encrypts message using that public key Sender sends encrypted message Receiver decrypts message using their private key

Summary Nothing on a public network is completely safe.