T U T U N J U H A N A

T E L E C O M M U N I C A T I O N E N G I N E E R I N G

S C H O O L O F E L E C T R I C A L E N G I N E E R I N G & I N F O R M A T I C S

I N S T I T U T T E K N O L O G I B A N D U N G

ET4045Telecommunication Network Security

CryptographyPart I

V E R Y B ASIC

2

Cryptography

3

Definition

Came from Greek cryptography krupto (hidden or secret) and grafh(written)Art of secret writing

Services Provided by Cryptography4

User Authentication

5

Data Authentication

Data integrity

Data Integrity

6

Data origin authentication

A B

He can claim that he is A

7

Non-repudiation of origin

8

Data confidentiality

?

Friends and enemies: Alice, Bob, Trudy9

well-known in network security world

Bob, Alice (lovers!) want to communicate “securely”

Trudy (intruder) may intercept, delete, add messages

Who might Bob, Alice be?10

Real-life Bobs and Alices!

Web browser/server for electronic transactions (e.g., on-line purchases)

on-line banking client/server

DNS servers

routers exchanging routing table updates

etc.

The language of cryptography11

m plaintext message KA(m) ciphertext, encrypted with key KA m = KB(KA(m)) symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret (private)

12

Old School Cryptography

Some materials borrowed from Rachel Greenstadt, Drexel University

Caesar cipher13

A monoalphabetic cipher uses the same substitution across the entire message

Caesar cipher - shift cipher (each letter replaced by one a fixed length down) “Veni, vidi, vici” -> “Yhql, ylgl, ylel”

14

Monoalphabetic substitution : substitute one letter for another S-box - bit level substitution

Vigenère Cipher15

It is a polyalphabetic cipher that the substitution may change throughout the message

In other words, the letter A may be encoded as the letter K for part of the message, but latter on it might be encoded as the letter W

16

Example Suppose that the plaintext to be

encrypted is: ATTACKATDAWN

The person sending the message chooses a keyword and repeats it until it matches the length of the plaintext, for example, the keyword "LEMON": LEMONLEMONLE

Plaintext: ATTACKATDAWN

Key: LEMONLEMONLE

Ciphertext: LXFOPVEFRNHR

17

Transposition - Permute the order of the message P-box - bit level transposition

Multiple Round Ciphers18

Multiple rounds of complex ciphers made up of permutations, substitutions, xor, etc

• C i p h e r - t e x t o n l y a t t a c k

• K n o w n - p l a i n t e x t a t t a c k

• C h o s e n - p l a i n t e x t a t t a c k

19

Deciphering techniques (attacks on a cryptosystem)

20

Cipher-text only attack: no clue about contents of message: statistical analysis

Known-plaintext attack: trudy has some plaintext for some ciphertext eg, in monoalphabetic cipher, trudy determines pairings for

a,l,i,c,e,b,o

Chosen-plaintext attack: trudy can get the cyphertext for some chosen plaintext Eg, Trudy masquerades as Alice

Statistical analysis21

A typical distribution of letters in English language text

22

Chosen-Plaintext Attack example

22

Penjahat #1 merubahPIN yang dimilikinya (chosen plaintext)

cipher(key,PIN)

PIN di-enkripsi laludikirimkan ke bank

Penjahat #2 melakukanpenyadapan kemudianMempelajari ciphertext dari PIN baru tersebut

… diulangi untuk beberapa nilai PIN