Lecture 02 Introduction Cryptography PDF

Introduction to
C
Cryptography
h
Dr. Nguyen Tuan Nam
songuku99@yahoo.com
What Is Cryptography?
 Cryptography comes from the Greek words
 κρυπτός = hidden or secret
 γράφω = writing
 The art of secret writing
 Basic service
 The ability to send information between participants in a way that
prevents others from reading it
 Th scope off thi
The this class:
l kind
ki d off cryptography
t h where
h
 Representing information as numbers
 Manipulating those numbers mathematically
 P id other
Provides th services
i such
h as
 Integrity checking
 Authentication
Nguyen Tuan Nam/NetSec/Win2010 2

Plaintext and Ciphertext
 Plaintext or cleartext
 Message in its original form
 Ciphertext
 Th mangled
The l d information
i f ti
 Encryption
 The p
process for p
producingg ciphertext
p from p
plaintext
 Decryption
 The reverse of encryption
encryption decryption
plaintext cyphertext plaintext

Fundamental Tenet of Cryptography
 Cryptographers
yp g p
 Invent clever secret codes
 Cryptanalysts
 Attempt to break these codes
 These 2 disciplines constantly try to keep ahead of each
other
th r
 The success of the cryptographers rests on the
Fundamental Tenet of Cryptography
 If lots of smart people have failed to solve a problem 
it probably won’t be solved (soon)

Cryptographic System
 Involve both
 An algorithm
 A secret value,
value, known as a keyy
 Why do we need a key?
 A ggood cryptographic
yp g p scheme
 Perfectly OK to have everyone (including the bad guys and
cryptanalysts) know the algorithm
 Because knowledge of the algorithm without the key does not
help un-
un-mangle the information easily
H good
How d should
h ld iit b
be?? C
Computational
i l diffi
difficulty
l
Computational Difficulty
 Important for cryptographic algorithms to be reasonably efficient for the
good
d guy to
t compute t
 Good guys are the ones with knowledge of the keys
 Cryptographic algorithms are not impossible to break without the key.
key. Why?
 The security of a cryptographic scheme depends on how much work it is for
the bad guys to break it
 10 million years to break using all of the computers in the world  considered
reasonably secure
 Example:
 Combination lock consists of 3 numbers
 Takes 10 seconds to dial in a combination  reasonably convenient for the good
guy
 How much work is it for the bad guy? (worst case, average)
 A scheme can be made more secure by making the key longer
 Combination lock example?

Key Lengths
 Computer can be used to exhaustively try keys
 Faster than people
 Don’t get tired
 Thousands or millions of keys can be tried per second
 More keysy can be tried in parallel
p if you
y have multiple
p computers
p
 Variable--length key
Variable
 Can be made more secure by increasing the length of the key
 Increasing the length of the key by 1 bits
 G d guy’s
Good ’ job
j b just
j a bit
bi h
harder
d
 Bad guy’s job, how much harder?
 Fixed--length key
Fixed
 Similar algorithm
g with a longer
g keyy can be devised
 Quiz
 If the computers get 1000 times faster, how much longer should the key length
be?

A Bolt Cutter
 Breaking the cryptographic scheme is only one
way
 A bolt cutter works no matter how many digits are
in the combination
Good guys: A kind word is a key to get what you want

Bad guys: However,
However you can get further with a kind word
and a gun than you can with a kind word alone

To Publish or Not to Publish
Vi 1
View View 2
Keeping a cryptographic algorithm as Publishingg the algorithm,
g so that it is
secret as possible widely known
Common practice today

Commercial cryptosystems to be published.
published Some in
the US may be unpublished. Why?
Military cryptosystems to be kept secret.
secret Why?

Secret Codes
 Secret code or cipher
 Any method of encrypting data
 Caesar cipher
 Substitute for each letter of the message, the letter which is 3 letters later
i the
in h alphabet
l h b ((wrap around) d)
 Captain Midnight Secret Decoder rings
 Pick a number n between 1 and 25
 S b i
Substitute ffor each
h lletter off the
h message, the
h lletter which
hi h iis n hi
higher
h
(wrap around)
 Mono--alphabetic cipher
Mono
 Arbitrary mapping of one letter to another letter
 How many possible parings of letters?
 If took 1 microsecond to try each one  take about 10 trillion years
 However?

What Is This?
 Cf lqr’xs
lqr xs xsnyctm n eqxxqgsy iqul qf wdcp eqqh,
eqqh
erl lqrx qgt iqul!

Breaking an Encryption Scheme
 The three basic attacks
 Ciphertext only
 Known plaintext
 Chosen plaintext

Ciphertext Only
 Assumption: Fred, the bad guy
 Seen some ciphertext (not difficult to obtain)
 Can analyze at leisure
 How
 Searches all the keys
 Essential for this attack:
 Recognize when he has succeeded
 Combination lock
 Recognizable plaintext attack
 Enough ciphertext
 XYZ
 S
Sometimes,
i not necessary to search
h through
h h a llot off kkeys
 Statistical analysis (common English words)
 A cryptographic algorithm MUST be secure against a ciphertext
only attack.
attack Why?

Known Plaintext
 Fred somehow obtained some
<plaintext, ciphertext> pairs. How?
 With a mono-
mono-alphabetic cipher
 A small amount of known plaintext would be bonanza for
Fred
 Some cryptographic schemes
 Good enough to be secure against ciphertext only attacks
 Not good enough against known plaintext attacks
 Important to design the systems to minimize the possibility
that a bad guy will ever be able to obtain <plaintext,
p
ciphertext> p
pairs

Chosen Plaintext
 Fred
 Can choose any plaintext he wants
 Get the system to tell him what the corresponding
ciphertext is
 How could it happen?

Types of Cryptographic Functions
 Three kinds of cryptographic functions
 Public key functions: two keys
 Secret key functions: one key
 Hash functions: … zero key

Secret Key Cryptography
 Involves the use of a single
g keyy
 Given a message (plaintext) and a key
 Encryption produces
 Unintelligible data
data, which is about the same length as the plaintext
was
 Decryption is the reverse
 Usingg the same keyy as encryption
yp
 Also called
 Conventional cryptography
 S mm tri cryptography
Symmetric r pt r ph
 Example?

Security Uses of Secret Key
Cryptography
 Transmitting over an insecure channel
 Secure storage on insecure media
 A h i i
Authentication
 Integrity check

Authentication Using Secret Key
Cryptography
 Strongg authentication
 Someone can prove knowledge of a secret without revealing
it
 P ibl with
Possible ith cryptography
t h
 Particularly useful when 2 computers trying to communicate
over an insecure network
Alice Bob
rA
rA encrypted with KAB
rB
Problem?
rB encrypted with KAB

Integrity Check
 What is a checksum?
 Original derivation of checksum
 CRC
 Only protect against faulty hardware, but not an intelligent attacker
 CRC algorithms are published  attacker can re-re-compute CRC after altering the
message  needs secret checksum algorithms
 Cryptographic checksum
 Common (known) algorithm
 Secret key
 MAC (message authentication code) or MIC (message integrity code)
 At least 48 bits long  chance is only one in 280 trillion to guess the MAC
 Example
 Inter-bank electronic funds transfers
Inter-
 Messages are not kept secret, but their integrity is insured

Public Key Cryptography
 Relatively new field, invented in 1975
 Involves the use of 2 key
 A private key that is not revealed to anyone
 A public key that is preferably known to the entire
world
 No shared key between the 2 communicating parties

Public Key Cryptography –
Encryption and Digital Signature
encr ption
encryption decr ption
decryption
plaintext ciphertext plaintext
public key private key
signing verification
plaintext signed plaintext
message
private key public key

Quiz
 What are the differences between a checksum
and a digital signature?
 What are the differences between a MAC and a
digital signature?

Security Uses of Public Key
Cryptography
 Public key cryptography can do anything secret
key cryptography can do
 Might be used in the beginning of
communication to
 Authenticate
 Establish a temporary shared secret key
 The secret keyy is used to encrypt
yp the remainder of
the conversation using secret key technology
 Why?

Scenario
 Alice wants to talk to Bob securely
 What should happen?

Transmitting Over an Insecure
Channel
 Using public key cryptography to encrypt
message before transmitting
 How?

Secure Storage on Insecure Media
 Same as secret key cryptography
 For performance reasons
 U together
Use h with
i h secret kkey cryptography
h

Authentication
 If Bob wants to prove his identity to lots of
entities
 Secret key technology:
 Remember lots of secret keys
 Public key technology:
 Remember only his private keys
 Know ((be able to obtain)) others’ public
p keyy
 Does not need to keep any secret in order to
verify others
Digital Signatures

Hash Algorithms
 Also known as message g digests
g or one
one--wayy
transformations
 Mathematical transformation that takes a message of
arbitrary
b length and
d computes from it a fixed-
fixed
d-length
(short) number
 h(m) is the hash of a message m,
m with the following
properties
 For anyy message
g m, relativelyy easyy to compute
p h(m) ( )
 Given h(m), no way to find an m that hashes to h(m)
 It is computationally infeasible to find 2 values that hash to
the same thing

Password Hashing
 /etc/passwd
 Used to be publicly readable
 Shadow file

Message Integrity
 Cryptographic hash function can be used to
generate a MAC to protect the integrity
 Method 1:
 Sent the message
 Use
U theh hhash
h off the
h message as a MAC
 Method 2?

Message Fingerprint
 Want to know whether some large data structure
has been modified
 Method 1: keep another copy
 Method 2: use a hash function (save storage)
 Watch
W h out
 Bad guy may changes both the data and the hash
program

Digital Signature Efficiency
 Public key algorithms are sufficiently processor
processor--
intensive
 Compute a message digest of the message
 Digitally sign the hash result, instead of the
whole
h l message

Lecture 02 Introduction Cryptography PDF

Uploaded by

Copyright:

Available Formats

You might also like

Lecture 02 Introduction Cryptography PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lecture 02 Introduction Cryptography PDF

Uploaded by

Copyright:

Available Formats

Introduction to

Nguyen Tuan Nam/NetSec/Win2010 2

Nguyen Tuan Nam/NetSec/Win2010 3

Nguyen Tuan Nam/NetSec/Win2010 4

Nguyen Tuan Nam/NetSec/Win2010 6

Nguyen Tuan Nam/NetSec/Win2010 7

Good guys: A kind word is a key to get what you want

Nguyen Tuan Nam/NetSec/Win2010 8

Common practice today

Nguyen Tuan Nam/NetSec/Win2010 9

Nguyen Tuan Nam/NetSec/Win2010 10

Nguyen Tuan Nam/NetSec/Win2010 11

Nguyen Tuan Nam/NetSec/Win2010 12

Nguyen Tuan Nam/NetSec/Win2010 13

Nguyen Tuan Nam/NetSec/Win2010 14

Nguyen Tuan Nam/NetSec/Win2010 15

 Hash functions: … zero key

Nguyen Tuan Nam/NetSec/Win2010 16

Nguyen Tuan Nam/NetSec/Win2010 17

Nguyen Tuan Nam/NetSec/Win2010 18

rA encrypted with KAB

Nguyen Tuan Nam/NetSec/Win2010 19

Nguyen Tuan Nam/NetSec/Win2010 20

Nguyen Tuan Nam/NetSec/Win2010 21

public key private key

Nguyen Tuan Nam/NetSec/Win2010 22

Nguyen Tuan Nam/NetSec/Win2010 23

Nguyen Tuan Nam/NetSec/Win2010 24

Nguyen Tuan Nam/NetSec/Win2010 25

Nguyen Tuan Nam/NetSec/Win2010 26

Nguyen Tuan Nam/NetSec/Win2010 27

Nguyen Tuan Nam/NetSec/Win2010 29

Nguyen Tuan Nam/NetSec/Win2010 30

Nguyen Tuan Nam/NetSec/Win2010 31

Nguyen Tuan Nam/NetSec/Win2010 32

Nguyen Tuan Nam/NetSec/Win2010 33

Nguyen Tuan Nam/NetSec/Win2010 34

You might also like