SYMPATRIC ENCRYPTION L.Tahani Al jehani

Introduction

Definition

Cryptography, a word with Greek origins, means “secret writing”.

It refers to the science of transferring messages to make them secure and hard to attacks.

Introduction Components

Plaintext : is the original message before being transformed.

Ciphertext: is the message after transformation.

Cipher : is the encryption and decryption algorithm.

Key: is an number (or set of numbers) that the cipher, as an algorithm, operates on.

Terminology

encipher (encrypt) - converting plaintext to ciphertext

decipher (decrypt) - recovering ciphertext from plaintext

cryptography - study of encryption principles/methods

cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key

cryptology - field of both cryptography and cryptanalysis

Cryptography Categories

Cryptography Categories

In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption).

The key is shared.

Requirements

two requirements for secure use of symmetric encryption: a strong encryption algorithm a secret key known only to sender /

receiver mathematically have:

Y = E(K, X)X = D(K, Y)

assume encryption algorithm is known implies a secure channel to distribute

key

Cryptography Categories

In asymmetric-key cryptography, one key is used by the sender (for encryption) and other key is used by receiver (for decryption).

The key are different.

Cryptography Categories

Comparison In the symmetric-key cryptography, both

sender and receiver use the same key for lock and unlock the message respectively.

In the asymmetric-key cryptography, the sender uses a key to lock the message and the receiver uses another key to unlock the message.

Symmetric Encryption

or conventional / private-key / single-key

sender and recipient share a common key

all classical encryption algorithms are private-key

was only type prior to invention of public-key in 1970’s

and by far most widely used

Cryptanalysis

objective to recover key not just message

general approaches: cryptanalytic attack brute-force attack

if either succeed all key use compromised

More Definitions

unconditional security no matter how much computer power or

time is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext

computationally secure

Mallory can try all possible key combinations until one works, and the resulting data or message is understandable.

You might be asking yourself, how many combinations would an attacker have to try? The answer to that question depends upon the

encryption algorithm or cipher used.

An algorithm is considered computationally secure if the amount of time needed to compute all possible combinations is so large that it cannot be done in any reasonable amount of time.

This definition, “in a reasonable amount of time,” is deliberately vague, because the meaning of computationally secure is ever-changing as the speed of a computer is everincreasing. Also, most data does not need to be protected forever.

Brute Force Search

always possible to simply try every key most basic attack, proportional to key size assume either know / recognise plaintext

Key Size (bits) Number of Alternative Keys

Time required at 1 decryption/µs

Time required at 106 decryptions/µs

32 232 = 4.3 109 231 µs = 35.8 minutes 2.15 milliseconds

56 256 = 7.2 1016 255 µs = 1142 years 10.01 hours

128 2128 = 3.4 1038 2127 µs = 5.4 1024 years 5.4 1018 years

168 2168 = 3.7 1050 2167 µs = 5.9 1036 years 5.9 1030 years

26 characters (permutation)

26! = 4 1026 2 1026 µs = 6.4 1012 years 6.4 106 years

Symmetric-Key Cryptography

There are two main categories of ciphers in Symmetric-key Cryptography : Traditional Cipher:

Substitution ciphers Monoalphabetic Polyalphabetic

Transposition ciphers Simple Modern Cipher:

XOR Cipher Rotation Cipher Substitution cipher: S-box Transposition cipher: P-box

Moder Round Ciphers: Data Encryption Standard (DES) Advanced Encryption Standard (AES)

Traditional Cipher

Substitution ciphers

Substitution ciphers replaces one symbol with another, it can be either: Monoalphabetic

Where a character (or symbol) in the plaintext is always changed to the same character (or symbol) in the ciphertext regardless of its position in the text.

1:1 Polyalphabetic

Where each occurrence of a character can have a different substitue.

1:N

Caesar Cipher

earliest known substitution cipher by Julius Caesar first attested use in military affairs replaces each letter by 3rd letter on example:meet me after the toga partyPHHW PH DIWHU WKH WRJD SDUWB

Caesar Cipher

can define transformation as:a b c d e f g h i j k l m n o p q r s t u v w x y z

D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

mathematically give each letter a numbera b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

then have Caesar cipher as:c = E(k, p) = (p + k) mod (26)p = D(k, c) = (c – k) mod (26)

Substitution ciphers

Example: Use the shift cipher with key=15 to

encrypt the message “HELLO” Is this Cipher Polyalphabetic?

Cryptanalysis of Caesar Cipher only have 26 possible ciphers

A maps to A,B,..Z could simply try each in turn a brute force search given ciphertext, just try all shifts of

letters do need to recognize when have

plaintext eg. break ciphertext "GCUA VQ DTGCM"

Substitution ciphers

Examples#1 : Plaintext: HELLO Ciphertext: KHOOR Is the cipher monoalphabetic?

Examples#2 : Plaintext: HELLO Ciphertext: ABNZF Is the cipher monoalphabetic?

Transposition cipher

Transposition cipher, it reorders (permutes) symbols in a block of symbols.

Key is a mapping between the position of the symbols in the plaintext and cipher text.

Transposition cipher

Example : Encrypt the message “HELLO MY DEAR,” using the key

shown in the previous figure.

Solution First remove the spaces in the message. Then divide the text into blocks of four characters. Add a bogus character Z at the end of the third block. The result is HELL OMYD EARZ. Ciphertext will be ELHLMDOYAZER.

Transposition cipher

Using same Example decrypt the message “ELHLMDOYAZER”.

Solution The result is HELL OMYD EARZ. After removing the bogus

character and combining the characters, we get the original message “HELLO MY DEAR.”

Simple Modern Ciphers Vs Traditional Ciphers

The traditional ciphers are character-oriented; however, Simple Modern Ciphers are bit-oriented.

Bit-oriented ciphers are needed because: Information to be encrypted is not just text, it can

be graphics, audio, and video data. It is provide more security.

Modern ciphers is made up of simple ciphers.

Type of Cipher

Stream Cipher Block cipher Both do :Combination of input plaintext

and key to produce cipher text They differ in : How the plaintext and key

and combined

Stream cipher

Characterized by operating on one symbol at a time

The alphabetic substitutions we have seen so far have been stream ciphers

If the algorithm is XOR, this is a stream cipher

Stream cipher

It provides integrity. If any of the cipher text bits are changed, it will be obvious to Bob when he decrypts the message

There are some stream ciphers that do not propagate errors through the entire message. that means if an error occurs while the message is being sent from Alice to Bob, it will only prevent that section of the message from being decrypted properly.

It is very fast algorithm using in mobile encryption

Stream ciphers advantages

Stream ciphers: –They operate relatively fast since they

work on only one character at a time –Lower error propagation since each

symbol is affected only by itself

Block Ciphers

Characterized by operating on more than one symbol at a time

A block cipher takes a group of symbols as input, combines them without output, and outputs a block of cipher text

if the algorithm is XOR, this is a block cipher:

Block Ciphers

each block is processed independently, and there is no correlation between the encrypting of one message block and another.

repeated blocks (problem ) order of blocks ( problem ) Although the encryption method provides

confidentiality, integrity can be broken. Solution : block ciphers use different

encryption modes.

Encryption modes.

Electronic code book (ECB) Cipher-block chaining (CBC) Propagating cipher-block chaining

(PCBC) Cipher feedback (CFB) Output feedback (OFB)

XOR Cipher An XOR operation needs two data inputs: plaintext and a key.

The size of the plaintext, key, and ciphertext are the same.

Rotation Cipher In rotation cipher, the input bits are rotated to the left or right.

The rotation can be either keyed or keyless. In Keyed , the value of the key in = # of

rotations. In the keyless, the number of rotation is fixed.

NOTES in Rotation Cipher

If the length of the original stream is N, after N rotation, we get the original message.

The decryption algorithm for the rotation cipher uses the same key and the opposite rotation direction.

Substitution Cipher: S-box

The S-box is normally keyless. The function that matches the input to

the output is defined either mathematically or by a table.

Transposition Cipher: P-box

Sharing the keys: The key is shared before communication begins. If Alice wants to communicate with Bob, but she

has never met Bob before. How can Alice and Bob communicate securely?

They could create keys and encrypt them so no one knows the keys.

Solution 1: Use a trusted third party.

Sharing the keys

Sharing the keys: Alice create a key to be used to communicate with

Bob. She will encrypt this key using a pre-shared key that she has with Trent.

Trent will decrypt and encrypt again with a shared key with Bob.

Problem: what if Trent is not really Trent but another person?

Sharing the keys

Sharing the keys: Solution 2: key agreement protocol Alice and Bob agree to use a specific prime number (p) and

a base number (g). Alice and Bob each choose a secret integer. Suppose that the secrete integer choosen by Alice is a is the

secrete integer choosen by Bob is b. Alice sends : g a mod p Bob sends: g b mod p Alice calculates the key = (Message bob) a mod p Bob calculates the key = (Message Alice)

b mod p

Modern Round Ciphers

The ciphers of today are called round ciphers because they involve multiple rounds.

Each round is a complex cipher made up of simple ciphers.

They key used in each round is a subset or variation of the general key called the round key.

Modern Round Ciphers

There are three modern symmetric key ciphers:

Data Encryption Standard (DES).

Triple DES.

Advanced Encryption Standard (AES).