Date post: | 21-Dec-2015 |
Category: |
Documents |
Upload: | arron-mcbride |
View: | 213 times |
Download: | 0 times |
Computer-Based System• Hardware• Software• Data
• Vulnerability– Weakness (to be exploited)
• Threat– Circumstances (Potential to cause harm)
• Attack– Exploits vulnerabilities
CS 450/650 Fundamentals of Integrated Computer Security 2
Threats
• Interception– Unauthorized party has gained access to an asset
• Interruption– An asset becomes lost, unavailable, or unusable
• Modification– Unauthorized party tampers with an asset
• Fabrication– Unauthorized party may create objects
CS 450/650 Fundamentals of Integrated Computer Security 3
Security Goals
CS 450/650 Fundamentals of Integrated Computer Security 4
AvailabilityAvailability
ConfidentialityConfidentiality
IntegrityIntegrity
Assets are accessed
only by authorized people
Assets can be modified
only by authorized people
Assets are accessible to
authorized people
Lecture 2
Elementary Cryptography
CS 450/650
Fundamentals of Integrated Computer Security
Slides are modified from Hesham El-Rewini
Objectives
• Learn how cryptography works
• Learn how encryption systems are broken
• Understand basic ciphers: – substitution and transposition codes
CS 450/650 Fundamentals of Integrated Computer Security 6
Goal of Cryptography
• Ensure security of communication over insecure medium– Privacy (secrecy, confidentiality)– Integrity
• Communicate even with possibility of adversaries
CS 450/650 Fundamentals of Integrated Computer Security 7
Main Components in Sending Messages
CS 450/650 Fundamentals of Integrated Computer Security 8
sender receiverMedium
Intruder
• Interrupt
• Intercept
• Modify
• Fabricate
•Availability
•Confidentiality
•Integrity
Approaches to Secure Communication
• Steganography– Hide message existence
●Cryptography Hide message meaning
CS 450/650 Fundamentals of Integrated Computer Security 9
Cryptography• Secret writing
– Disguised data cannot be read, modified, or fabricated easily
• Encryption : encoding (encipher)plaintext cipher textP = <p1, p2, p3, .., pn> C = <c1, c2, c3, .., cm> C = E(c) (E = encryption rule)
• Decryption : decoding (decipher)Cipher text plaintextC = <c1, c2, c3, .., cm> P = <p1, p2, p3, .., pn> P = D(c) (D = decryption rule)
CS 450/650 Fundamentals of Integrated Computer Security 10
Cryptosystem
• How does this help us accomplish our goals?– Privacy– Integrity
CS 450/650 Fundamentals of Integrated Computer Security 11
Encryption
CS 450/650 Fundamentals of Integrated Computer Security 12
Encryption Decryptionplaintext
Original
plaintextciphertextKeylessKeyless
Encryption Decryptionplaintext
Original
plaintextciphertext
Symmetric keySymmetric key
Encryption Decryptionplaintext
Original
plaintextciphertext
Asymmetric keyAsymmetric key
Cryptanalysis
• How to break an encryption!
• Cryptanalyst– Deduce the original meaning of the ciphertext– Determine the decryption algorithm that matches
the encryption one used
Breakable Encryption!
CS 450/650 Fundamentals of Integrated Computer Security 13
Exercise
wklv phvvdjh lv qrw wrr kdug wr euhdn
CS 450/650 Fundamentals of Integrated Computer Security 14
Ciphers
• Substitution Ciphers– Substitute a character or a symbol for each
character of the original message
• Transposition Ciphers– The order of letters is rearranged
• Notation– UPPERCASE PLAINTEXT– lowercase ciphertext
CS 450/650 Fundamentals of Integrated Computer Security 15
The Caesar Cipher -- Substitution
Ci = pi + 3
A dB eC f…X aY bZ c
CS 450/650 Fundamentals of Integrated Computer Security 16
Cryptanalysis of the Caesar Cipher
• TREATY IMPOSSIBLE wuhdwb lpsrvvleoh
–Break is preserved–Double letters are preserved–Repeated letters
CS 450/650 Fundamentals of Integrated Computer Security 17
Other Substitutions: Permutation
• Alphabet is scrambled, each plaintext letter maps to a unique ciphertext letter
• For example 1, 2, 3, 4, 5, 6, 7, 8, 9
p1 = 1, 3, 5, 7, 9, 8, 6, 4, 2p1(1) = 1, p1(2) = 3, p1(3) = 5, p1(4) = 7, etc.
• Key can be used to control the permutation used to
CS 450/650 Fundamentals of Integrated Computer Security 18
Substitution Cipher Example
• ABCDEFGHIJKLMNOPQRSTUVWXYZ• wordabcefghijklmnpqstuvxyz
• ABCDEFGHIJKLMNOPQRSTUVWXYZ• profesinalbcdghjkmqtuvwxyz
CS 450/650 Fundamentals of Integrated Computer Security 19
Cryptanalysis of substitution ciphers
• Brute force attack– 26! possibilities
• Clues– Short words,– Words with repeated patterns,– Common initial and final letters, …
• Knowledge of language may simplify it– English E, T, O, A occur far more than J, Q, X, Z– Context
CS 450/650 Fundamentals of Integrated Computer Security 20
Cryptanalysis
• Example:wklv phvvdjh lv qrw wrr kdug wr euhdn
wrr --> see, too, add, odd, off...wr --> to, of
Best guess: w = T, r = O
CS 450/650 Fundamentals of Integrated Computer Security 21
Cryptanalysiswklv phvvdjh lv qrw wrr kdug wr euhdn
wrr --> see, too, add, odd, off...wr --> to, ofBest guess: w = T, r = O
lv --> so, is, in, ...
T_SO very unlikely...T_IS likelyBest guess: l = I, v = S
CS 450/650 Fundamentals of Integrated Computer Security 22
Cryptanalysiswklv phvvdjh lv qrw wrr kdug wr euhdn
wrr --> see, too, add, odd, off...wr --> to, ofBest guess: w = T, r = O
lv --> so, is, in, ...Best guess: l = I, v = S
wklv phvvdjh lv qrw wrr kdug wr euhdnT-IS --SS--- IS -OT TOO ---- TO -----
CS 450/650 Fundamentals of Integrated Computer Security 23
Avoid Regularity
Encryption Decryptionplaintext Original
plaintext
ciphertext
Non-repeating series of numbers
CS 450/650 Fundamentals of Integrated Computer Security 24
One-Time Pads
• Name set of sheets of paper with keys, glued into a pad
• The sender would tear off enough number of pages
• The receiver needs a pad identical to the one used by the sender
CS 450/650 Fundamentals of Integrated Computer Security 25
One-Time Pads (cont.)• The sender would write the keys one at a time above
the letters of the plaintext.K1 k2 k3 k4 ... Kn
p1 p2 p3 p4 ... pn
• The plaintext is enciphered using a pre-arranged chart– Vignere Tableau– all 26 letters in each column in some scrambled order– select the substitution in row pi, column Ki
• Problems:– Unlimited number of keys & Absolute
synchronization between sender and receiverCS 450/650 Fundamentals of Integrated Computer Security 26
Vernam Cipher ExamplePlaintextV E R N A M C I P H E R21 4 17 13 0 12 2 8 15 7 4 17
Random numbers76 48 16 82 44 3 58 11 60 5 48 88
Sum97 52 33 95 44 15 60 19 75 12 52 105
Sum mod 2619 0 7 17 18 15 8 19 23 12 0 1
Ciphertextt a h r s p i t x m a b
CS 450/650 Fundamentals of Integrated Computer Security 27
Book Ciphers• Both sender and receiver need access to identical
objects• Example: telephone book – xxx-xxx-xxxx– use xx mod 26 as a key
• Problem – High frequency letters– A, E, O, T 40% of all letters used in Standard English text– A, E, O, T, N, I 50% of all letters used in Standard English
text– The probability that the key letter and plain text letter is in
these 6 letters is 0.25
CS 450/650 Fundamentals of Integrated Computer Security 28
Transposition
• The letters of the message are rearranged
• Columnar transposition
• Example:THIS IS A MESSAGE TO SHOW HOW A
COLMUNAR TRANSPOSITION WORKS
CS 450/650 Fundamentals of Integrated Computer Security 29
Transposition Example T H I S I S A M E S S A G E T O S H O W H O W A C O L M U N A R T R A N S P O S I T I O N W O R K S
tssoh oaniw haaso lrsto imghw utpir seeoa mrook istwc nasna
CS 450/650 Fundamentals of Integrated Computer Security 30
Summary
• Maintain privacy and integrity despite adversaries
• Cryptanalysis
• Cryptosystems– Substitution– Transposition
CS 450/650 Fundamentals of Integrated Computer Security 31
Review Questions
• What is the process for going from plaintext to ciphertext back to plaintext?
• What is a substitution code? • Why are there 26! possible substitution codes
for simple English messages? • What is a frequency distribution analysis? • What is a transposition code? • How do secret key and public key
cryptography differ? CS 450/650 Fundamentals of Integrated Computer Security 32