Post on 05-Jan-2016
transcript
Cryptography
History of Crypto
Based on Slides byAlfred C. Weaver
References
Easy to read Computer Networks, by Andrew Tanenbaum
Authoritative (1652 references) Applied Cryptography, by Bruce Schneier
Historical Crypto, Stephen Levy The Code Book, Simon Singh
AES (FIPS approved May 26, 2002) Info: http://csrc.nist.gov/encryption/aes/ Code: http://csrc.nist.gov/encryption/aes/
round2/r2algs-code.html
Privacy and Security
What are they? When do we need them? Cryptography
Symmetric key crypto (e.g., DES, IDEA, AES) Public key crypto (e.g., RSA, PGP, GPG)
How powerful are they? Digital signatures Leads to SSL and SET
Privacy and Security
Privacy data is available only to authorized users imagine the complexity of a medical
record, with different parts visible to doctor, patient, hospital, insurance company, social agencies, courts, government
Security data is meaningless to an unauthorized
user security is achieved via cryptography
Security
There are two kinds of security: one kind stops your kid brother from
reading your mail the other kind stops major government
agencies from reading your files We are talking about the latter
Security
Locking a document in a safe is not security.
Locking a document in a safe, giving the safe to the best safecrackers in the world, plus the design specs for the safe, plus as many safes as they want, keyed to the combinations they specify, and as much time as they want...
If then they can’t open the safe, that’s security!
Privacy and Security
Some information is public and never needs protection stock ticker Mars Pathfinder images airlines schedules telephone books university course offerings vacation offerings restaurant menus electronic product catalogs
Privacy and Security
Most e-commerce transactions need serious security invoices transactions payments medical records
Privacy and Security
Weaver’s First Law states that electronic commerce requires security algorithms that are: easy to use (low hassle factor) provably correct (low risk) convenient (handle multiple data types) universal (world-wide acceptance) used only when needed (because they
are computationally expensive)
Cryptography
Cryptography provides confidentiality authentication integrity non-repudiation
Security achieved by intelligent storage on computer encrypted transmission over the Internet proper choice of encryption algorithm secure management of encryption keys
Encryption
The big picture
EncryptionAlgorithmC=E(P)
DecryptionAlgorithmP=D(C)
PlaintextP
CiphertextC
PlaintextP
D( E (P) ) = P
Cryptography
The goal of cryptography is to protect the data in such a way that one could freely distribute encrypted data to everyone on the planet, knowing that only authorized users could reveal the plaintext
You would not intentionally do this, but you could without fear of compromise
Caesar Cipher
Shift the alphabet by three letters a becomes d b becomes e c becomes f, etc.
attack transmitted as dwwdfn Suitable for Green Hornet decoder
rings in Cracker Jack boxes Works for children, but that’s all
Substitution Cipher
Circularly shift the alphabet by k characters
Still no power because k < 26 Using N brute force trials,
1<=N<=25, is guaranteed to reveal the plaintext P: a b c d e f g h i j k l N=1: b c d e f g h i j k l m N=2: c d e f g h i j k l m n N=3: d e f g h i j k l m n o N=25:z a b c d e f g h i j k
Monoalphabetic Substitution
Make an arbitrary mapping between plaintext and ciphertext
For simplicity, use just the English alphabet a b c d e f g h i j k l m ... q w e r t y u i o p a s d ...
Looks pretty hard to reverse
Monoalphabetic Substitution
There are 26 ways to pick the first substitution (although a=a may not be a good one), 25 ways to pick the second, 24 ways to pick the third...
So 26! ~= 4 x 1026 possible mappings
Testing 106/sec would take 1013 years Is it secure?
Substitution Cipher
All natural languages have statistical properties—in English: most common letters most common digrams most common trigrams most common word endings most common doubled letters most common words
Letter Frequency
E 13.0 A 7.3
T 9.3 S 6.3
N 7.8 D 4.4
R 7.7 H 3.5
I 7.4 L 3.5
O 7.4 C 3.0
Letter % Letter %
Frequency of Usage
•th •he •at •st •an •in •ea •nd •er •en •re •nt •to •es •on •ed •ti
•the •and •tha •hat •ent •ion •for •tio •has •edt •tis •ers •res •ter •con •ing •men
•ll •tt •ss •ee •pp •oo •rr •ff •cc •dd •nn
Digrams Trigrams Doubles
•e •t •s •d •n •r •y
Endings Words
•the •of •are •I •and •you •a •can •to •he •her •that •in •was •is •has •it •him •his
Decrypting a Substitution Cipher
Count relative frequency of letters, digrams, trigrams, endings, doubles, and words in the ciphertext
If you have enough encrypted text, it can be analyzed and broken by high-speed computers
But must have a body of encrypted text of sufficient size to permit analysis
Substitution Ciphers
Suppose we have a block of ciphertext ctbmn byctc btjds qxbns gstjc btswx ctqtz cqvuj qjsgs tjqzz
and the text comes from an accounting firm where we would expect the word financial in communications
Look for pattern: _ x y _ y _ x _ _
Transposition Ciphers
Need to break the relationship between repeated letters in the plaintext resulting in repeated letters in the ciphertext
Try a transposition cipher
Transposition Cipher
Pick a word with no repeated letters Write it horizontally Number the columns in alphabetic
order Write the plaintext beneath it in
word-wrapped rows Read out the ciphertext in columns,
starting with column 1, then 2, ...
Transposition Cipher
PLAINTEXT:please transfer one million dollars to my swiss bank account six two two
CIPHERTEXT:
afllsksoselawaia
toossctclnmomant
esilyntwrnntsowd
paedobuoeriricxb
M E G A B U C K 7 4 5 1 2 8 3 6 p l e a s e t r a n s f e r o n e m i l l i o n d o l l a r s t o m y s w i s s b a n k a c c o u n t s i x t w o t w o a b c d
Transposition Cipher
To break it: must know it is a transposition cipher look at frequency of letters if normal frequency, code is probably
transposition cipher since each letter represents itself
guess the code word length guess the order of columns try all combinations of number of columns and
order of columns complicated and difficult, but that’s what
computers are for
Transposition Cipher
PLAINTEXT:move army acrossdelaware at midnight
I N T E R C O M
m o v e a r m ya c r o s s d el a w a r e a t m i d n i g h t
CIPHERTEXT:rsegeoanmalmyettocaimdahasrivrwd
3 5 8 2 7 1 6 4
Jefferson Cipher Wheel
Thomas Jefferson designed an ingenious way to encode and decode messages while serving as Sec. State in 1790-93
This is a reproduction at Monticello
Jefferson Wheel Cipher
Twenty-six cylindrical wooden pieces threaded onto an iron bar
Each wheel had all 26 characters in random order around the circumference
Wheels are numbered 1-26 and can be assembled in any order
Jefferson Wheel Cipher
Assemble the 26 wheels in some order (and remember it)
Spin wheels to align a message (up to 26 characters) on one line THOMASJEFFERSONWASAGOODMAN
Look at any other line (say the one above or below) and read what is there JRPNFJTIAHREIDBRPFDKEJSBGJTHDKS
Transmit the encoded message The wheel ordering must be known to the
receiver via some other method
Jefferson Wheel Cipher
Receiver assembles wheels in proper order
Set wheel to display the encoded message
Look at the other 25 rows—one will make sense and that’s the message
Double Encryption
Obviously, you can encrypt with one scheme, then encrypt the ciphertext with another scheme
Adds to complexity May or may not add to security
(depends upon your choices) Using two successive monoalphabetic
substitution ciphers is more complex, but not more secure
One-Time Pad
One-time pad is mathematically unbreakable!
Choose a random bit string as a key Convert plaintext into bitstring Compute exclusive-or of the two
strings Ciphertext contains no redundancy
information because every combination is equally likely
One-Time Pad
K=10101010 10101010 10101010 P= C=
‘c’=9910=011000112
‘a’=9710=011000012
‘t’=11610=011101002
Decrypt: exclusive-or of the ciphertext with the key reveals the plaintext
01100001 01110100
110111101100101111001001
01100011
One-Time Pad
Key must be at least as long as message
Key can not be memorized (too long), so has to be written down and shared between transmitted and receiver
Anything written down is dangerous Key could be a few gigabits of random
data embedded in a music CD prefixed by a few songs to avoid suspicion
One-Time Pad
Generating, remembering, storing, transferring, recalling, and using the key are all potential vulnerabilities of the overall end-to-end system (not the algorithm itself)
Physical one-time pads used in WW II
One-Time Pad
key=‘cat’= 01100011 01100001 01110100
P=‘dog’=
‘d’=10010=011001002
‘o’=11110=011011112
‘g’=10310=011001112
C=
01100100 01100100 01100111
00000111 00000101 00010011
Fundamental Realization
Anything based upon a secret (hardware design, software details, algorithm, techniques, locations) has a fundamental vulnerability
Secrets don’t keep Can bribe or torture designers and/or
users to reveal secrets Design has to be open (public) Thus, must minimize reliance on
secrets or sharing of secrets
Modern Cryptography
Uses encryption with a key sender and receiver share the same
algorithm algorithm is public assume eavesdropper knows the
algorithm assume eavesdropper can see all the
ciphertext All the security is in the key, none in the
algorithm Key is a secret, and thus a vulnerability
Two Main Classes
Symmetric key encryption sender and receiver share the same key key must remain a secret for the lifetime of
the encrypted message Public key encryption
uses a two-part key, one part public and one part private
private key is never shared encrypt with public key decrypt with private key private key must remain secret forever
The Big Difference Symmetric key is fast
sharing the key is its vulnerability Public key is arbitrarily powerful and
there is no key to share slow to compute keys require management
So today we use both generate a random symmetric key and
use that to encode data use PKC to encrypt and transmit the
symmetric key