Date post: | 19-Jan-2016 |
Category: |
Documents |
Upload: | baldwin-pitts |
View: | 212 times |
Download: | 0 times |
Information SecurityIBK3IBV01 College 4
Paul J. Cornelisse
Cryptology
Through the centuries, the need for information protection persistsCombat has evolved from hand-to-hand to modern warfare, or cyber warfareProtecting sensitive data is critical to preserving trade secrets, government communications, or military strategies
Cryptology
Protection is achieved in part through the use of cryptology—more specifically, encryptionvital for everyday use in today’s cyber society;
online shopping and bankingATM usagedigital media
require encryption protection to avoid abuse
Cryptology
Unfortunately, many of today’s systems lack appropriate protectionPasswords and authentication requirements are not protected themselvesEither through encryption or encrypted databasesThis leaves sensitive information vulnerable to unauthorized, prying eyes
Cryptology
Cryptology is not a new conceptIt is “the science of keeping secrets secret” (Delfs and Knebl 2007)It is the study of encrypting algorithms and the art of creating and solving such algorithms, and is composed of bothCryptographyCryptanalysis
Cryptology
Cryptography is the art or science of cipher systems used for protection informationThe term originates from the GreekKryptos, meaning “hidden” Graphia, meaning “writing”
Cryptology
CryptographyProtect sensitive informationPrevent corruptionKeep secret from unauthorized access/useTries to compromise between expense and time consumption
Cryptology
Cryptography has four basic purposes:ConfidentialityAuthenticationIntegrityNonrepudiation
Cryptology
Confidentiality:keeps information secret from unauthorized use
Cryptology
Authentication:Corroboration of an entity’s identity, achieved through initial identification between communicators.
“prove that you are who you claim to be”
Cryptology
Integrity:assures that the message was not illegitimately altered during transmission or during storage and retrieval
Cryptology
Nonrepudiation:guarantees that the sender will not deny previous commitments or actions unless they admit the cryptographic signing key has been compromised
Cryptology
Cryptanalysis:the practice of breaking ciphers,or decrypting messages without the key,to discover the original message
Cryptology
Someone wishes to send a message, which begins as plaintextPlaintext is the original, humanly readable form of a message, which is then encryptedThis could be text, numerical data, a program, or any other message form (Delfs and Knebl 2007)
Cryptology
When plaintext is encrypted, or enciphered, the original message is obscured using an algorithm or pattern only known to the sender and authorized recipient(s).
Cryptology
Encryption must be reversibleThe algorithm is known as the cipher
Cryptology
Once encrypted, the message is referred to as ciphertext, and is only readable when the cipherkey is used in conjunction with the decrypting algorithm
Cryptology
Protecting the key, and to whom it is known, is crucial for ensuring the
AuthenticityIntegrityConfidentiality
of the transmitted message
Cryptology
The work factor, often forgotten, does not describe whether the algorithm can be broken, but how long it takes until it is broken
Cryptology
Two ancient ciphers are the Spartan scytale and the Caesar cipherIn the Spartan scytale, a segment of parchment is wrapped around a cylinder of certain radius and the message is written lengthwise. The recipient must have a cylinder of equal radius to decryptThe Caesar cipher is a “classical” cipher, using a simple shift of the plaintext alphabet.
Cryptology
Cryptology
In the early twentieth century, cryptography broadened its horizons
Cryptology
One of the first among the more complicated cryptosystems used an electronic machine The Enigma rotor machineEnigma, used by the Germans in World War II, applied a substitution cipher multiple times per message.
Cryptology
Cryptology
As more users access the Internet, the need for digital information security increasesThis has led to the “standardization” of cryptography in a scientific senseCurrently, many systems are secure, but rely on plausible assumptions that may one day be “discovered”
Cryptology
So basically the standardization and mathematical focus of modern cryptosystems share the same issue suffered by earlier ciphers
Cryptology
When explaining applied cryptography, universally, plaintext is written in lowercaseCiphertext is written in all capitalsKeys or keywords are also always written in capitals
Cryptology
When referring to those who use cryptosystems, certain names typically are used as the placeholdersRather than referring to the sender as “Party A” and the recipient as “Party B,” Party A would be Alice and Party B would be Bob.
Cryptology
Alice and Bob are always trying to communicate. Each associate communicating continues alphabetically, for example, Charlie and David want to speak with Alice and Bob. Eve is an eavesdropper, who does not have authorized access to the message. Eve is a passive listener; she does not modify the messageMallory is a malicious attacker and modifies, sends her own, or repeats previous messages Victor is a verifying agent who demonstrates that the intended transaction was successfully executed.
Cryptology
Introhttp://www.youtube.com/watch?v=Kf9KjCKmDcU
Cryptology
Kerckhoff’s Six Principles1. The system must be practically or mathematically
undecipherable2. The system is not required to be secret and should be able
to fall in enemy hands3. The key must be communicable and retained without
effort, and changeable at the will of the correspondents4. The system must be compatible with the communication
channel5. The system must be portable and not require functioning
by multiple people6. The system must be easy, requiring minimal knowledge of
the system rules
Cryptology
There are two generations of encrypting methods: ClassicalModern
Cryptology
Classical ciphers are those that were historically used, like the scytale and Caesar’s, but became impractical either resulting from popular use or advances in technologyModern ciphers consist of substitution or transposition ciphers
Cryptology
Classical ciphers use an alphabet of letters, implemented using simple mathClassical ciphers can be broken using brute force attacks or frequency analysisBrute force is a standard attack, running all possible keys with a decrypting algorithm until the plaintext is exposed
Cryptology
Modern ciphers are typically divided into two criteria:the key type used the data input type
When referring to key types, modern ciphers branch intosymmetric (private key cryptography) asymmetric (public key cryptography)
Substitution CiphersMonoalphabetic substitutions include the Caesar, Atbash, and Keyword ciphers
Example of a substitution cipher is the Caesar shift cipher, which is typically a three-character shift
This shift would change the plaintext “purple” into the ciphertext “MROMIB.”
Cryptology
If the shift was a three-character subtraction, the plaintext message “purple” would then become ciphertext “SXUSOH.”
Cryptology
The Atbash cipher flips the entire alphabet back on itself; the plaintext alphabet is “A–Z” and the ciphertext alphabet is “Z–A,” shown in the next slide. The Atbash cipher would obscure the plaintext “purple” as “KFIKOV.”
Another cipher, the Keyword cipher establishes a keyword such as “HEADY.” This begins the ciphertext alphabet, and the rest is completed using the remaining letters in alphabetic orderUsing “HEADY” as the keyword, the Keyword cipher changes the plaintext “purple” to “OTQOKY.”
Polyalphabetic substitutions are ciphers using multiple substitution alphabets. The Vigenère cipher is the most famous of this genre, introduced in the sixteenth century by Blaise de Vigenère.
It encrypts plaintext by using a series of Caesar ciphers, based on the keywordThe keyword is written as many times as necessary above the plaintext message
Using the Vigenère square, one will use a letter from the plaintext and its associated keyword letterPlaintext letters are listed on the top, creating columns, which intersect with the keyword alphabet along the left side of the square, creating rows
The letter found at the intersection of these two letters is the cipher letter used to encrypt the messageThe beginning of the plaintext “O” and keyword letter “K” intersect at ciphertext letter “Y.” Therefore, “once upon a time” would become “YVPKM ZWAGL SUR.”
The 25 variations of the Caesar cipher (shifts 0–25) are contained in the square. Each row is a single shift to the right from the row or letter preceding. Therefore, the first row, labeled “A,” is a shift of one. Row “X” is a shift of 23