Professional Documents
Culture Documents
Lecture4 Confidentiality
Lecture4 Confidentiality
Security
Lecture-4: Confidentiality
Today’s Content…
• Confidentiality
• Cryptographic Solution
• Symmetric Approach
• Asymmetric Approach
Basic Setup:
• Communication over an insecure channel
• Types of insecure channel
• Internet (unprotected network of computers)
• Wifi (not password protected)
• Air Waves (GSM connection) etc.
Confidentiality can be achieved using
encryption/decryption
Encryption Decryption
Secure Network
E ^d@#*^
D
&!h^*hi ^d@#*^
&!h^*hi
Message
(I love you) Message
(I love you)
E: Encryption- Charlie cannot see what is being sent over the channel
D: Decryption- Bob can successfully decrypt the message
Basic Definitions:
• Plaintext (P) – The original message
• Ciphertext (C) – The scrambled message
• E() – Encryption Function
• D() – Decryption Function
Why secrecy of algorithms is not a good idea ?
1. Maintaining secrecy of algorithms is very cumbersome
• Industrial espionage
• Insider Threat
• Reverse Engineering of the code
A cryptosystem should be secure even if the attacker knows all the details of
the system, with the exception of the secret key.
Depending upon the key, cryptosystems can be
divided into:
• Symmetric Cryptosystems
• Asymmetric Cryptosystems
Symmetric Encryption
• Both the parties use the same key to encrypt and decrypt
9
Asymmetric Encryption
• Communicating parties use two keys – public key (known to all) and private key
(known only to owner) to encrypt and decrypt
Asymmetric Encryption
• Communicating parties use two keys – public key (known to all) and private key
(known only to owner) to encrypt and decrypt
Plaintext Ciphertext
1. Bob gives Alice his 2. Alice uses the public key of Bob
public key to encrypt her message
Asymmetric Encryption
• Communicating parties use two keys – public key (known to all) and private
key (known only to owner) to encrypt and decrypt
Ciphertext Plaintext
• Can the reverse be used, i.e., private key is used for encryption and
public key is used for decryption ?
• Why or why not ?
How do we keep this key (symmetric) secret ?
• Either Alice and Bob meet in private
• Exchange the keys used for later communications
0 0 0 0 0 0
1 1 1 1 1 1
2 2 2 2 2 2
Facts about 𝑬𝑲 ()
• It is injective (one-to-one)
• i.e. EK(x1) = EK(x2) iff x1 = x2
Facts about 𝑬𝑲 ()
• It is injective (one-to-one)
• i.e. EK(x1) = EK(x2) iff x1 = x2
• Why?
• If not, then Bob does not know if the ciphertext came from x1 or x2
Some Traditional
Cryptosystems
Threat Model
Assumptions:
• Attacker has full knowledge of the encryption/decryption algorithm
• Attacker doesn’t know the secret key
Threat Model
Assumptions:
• Attacker has full knowledge of the encryption/decryption algorithm
• Attacker doesn’t know the secret key
Frequently occurring 2-letter words th, he, er, on, an, of, to, in, it, is, be, as, at,
so, we, he, by, or, do, if, me, my, up, an,
go, no, us, am
Frequently occurring 3-letter words the, and, for, are, but, not, you, all, any,
can, had, her, was, one, our, out, day, get,
has, him, his, how, man, new, now, old,
see, two, way, who, boy, did, its, let, put,
say, she, too, use
Frequently occurring 4-Letter Words that, with, have, this, will, your, from,
they, know, want, been, good, much,
some, time
Substitution Cipher
• Frequency Analysis Technique
• Correlate most frequently observed letter in ciphertext with most
frequent letter in english language , then second most frequent and
so on …
LIVITCSWPIYVEWHEVSRIQMXLEYVEOIEWHRXEXIPFE
MVEWHKVSTYLXZIXLIKIIXPIJVSZEYPERRGERIMWQL
MGLMXQERIWGPSRIHMXQEREKIETXMJTPRGEVEKEITR
EWHEXXLEXXMZITWAWSQWXSWEXTVEPMRXRSJGSTVRI
EYVIEXCVMUIMWERGMIWXMJMGCSMWXSJOMIQXLIVIQ
IVIXQSVSTWHKPEGARCSXRWIEVSWIIBXVIZMXFSJXL
IKEGAEWHEPSWYSWIWIEVXLISXLIVXLIRGEPIRQIVI
IBGIIHMWYPFLEVHEWHYPSRRFQMXLEPPXLIECCIEVE
WGISJKTVWMRLIHYSPHXLIQIMYLXSJXLIMWRIGXQER
OIVFVIZEVAEKPIEWHXEAMWYEPPXLMWYRMWXSGSWRM
HIVEXMSWMGSTPHLEVHPFKPEZINTCMXIVJSVLMRSCM
WMSWVIRCIGXMWYMX
Substitution Cipher
• Frequency Analysis Technique
• Correlate most frequently observed letter in ciphertext with most
frequent letter in english language , then second most frequent and
so on …
LIVITCSWPIYVEWHEVSRIQMXLEYVEOIEWHRXEXIPFE Frequency Analysis of Ciphertext:
MVEWHKVSTYLXZIXLIKIIXPIJVSZEYPERRGERIMWQL
MGLMXQERIWGPSRIHMXQEREKIETXMJTPRGEVEKEITR I – Most common letter
EWHEXXLEXXMZITWAWSQWXSWEXTVEPMRXRSJGSTVRI XL – Most common bigram
EYVIEXCVMUIMWERGMIWXMJMGCSMWXSJOMIQXLIVIQ
IVIXQSVSTWHKPEGARCSXRWIEVSWIIBXVIZMXFSJXL XLI – Most common trigram
IKEGAEWHEPSWYSWIWIEVXLISXLIVXLIRGEPIRQIVI E – Third most common letter
IBGIIHMWYPFLEVHEWHYPSRRFQMXLEPPXLIECCIEVE
WGISJKTVWMRLIHYSPHXLIQIMYLXSJXLIMWRIGXQER
OIVFVIZEVAEKPIEWHXEAMWYEPPXLMWYRMWXSGSWRM
HIVEXMSWMGSTPHLEVHPFKPEZINTCMXIVJSVLMRSCM
WMSWVIRCIGXMWYMX
Substitution Cipher
• Frequency Analysis Technique
• Correlate most frequently observed letter in ciphertext with most
frequent letter in english language , then second most frequent and
so on …
LIVITCSWPIYVEWHEVSRIQMXLEYVEOIEWHRXEXIPFE Frequency Analysis of Ciphertext:
MVEWHKVSTYLXZIXLIKIIXPIJVSZEYPERRGERIMWQL
MGLMXQERIWGPSRIHMXQEREKIETXMJTPRGEVEKEITR I – Most common letter
EWHEXXLEXXMZITWAWSQWXSWEXTVEPMRXRSJGSTVRI XL – Most common bigram
EYVIEXCVMUIMWERGMIWXMJMGCSMWXSJOMIQXLIVIQ
IVIXQSVSTWHKPEGARCSXRWIEVSWIIBXVIZMXFSJXL XLI – Most common trigram
IKEGAEWHEPSWYSWIWIEVXLISXLIVXLIRGEPIRQIVI E – Third most common letter
IBGIIHMWYPFLEVHEWHYPSRRFQMXLEPPXLIECCIEVE
WGISJKTVWMRLIHYSPHXLIQIMYLXSJXLIMWRIGXQER
OIVFVIZEVAEKPIEWHXEAMWYEPPXLMWYRMWXSGSWRM By Frequency Mapping:
HIVEXMSWMGSTPHLEVHPFKPEZINTCMXIVJSVLMRSCM I→E
WMSWVIRCIGXMWYMX
XL → TH
XLI → THE
E→A
Substitution Cipher
• Frequency Analysis Technique
• Correlate most frequently observed letter in ciphertext with most
frequent letter in english language , then second most frequent and
so on …
heVeTCSWPeYVaWHaVSReQMthaYVaOeaWHRtatePF
aMVaWHKVSTYhtZetheKeetPeJVSZaYPaRRGaReM
WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaK
aeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ
GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMe
QtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV
eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVthe
RGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha
PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtS
JtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP
thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZe
NTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt
Substitution Cipher
• Frequency Analysis Technique
• Correlate most frequently observed letter in ciphertext with most
frequent letter in english language , then second most frequent and
so on …
heVeTCSWPeYVaWHaVSReQMthaYVaOeaWHRtatePF Other Possibilities:
aMVaWHKVSTYhtZetheKeetPeJVSZaYPaRRGaReM heVe → here
WQhMGhMtQaReWGPSReHMtQaRaKeaTtMJTPRGaVaK
aeTRaWHatthattMZeTWAWSQWtSWatTVaPMRtRSJ Rtate → State
GSTVReaYVeatCVMUeMWaRGMeWtMJMGCSMWtSJOMe atthattMZe → at that time
QtheVeQeVetQSVSTWHKPaGARCStRWeaVSWeeBtV
eZMtFSJtheKaGAaWHaPSWYSWeWeaVtheStheVthe
RGaPeRQeVeeBGeeHMWYPFhaVHaWHYPSRRFQMtha By Frequency Mapping:
PPtheaCCeaVaWGeSJKTVWMRheHYSPHtheQeMYhtS
JtheMWReGtQaROeVFVeZaVAaKPeaWHtaAMWYaPP I→E V -> R
thMWYRMWtSGSWRMHeVatMSWMGSTPHhaVHPFKPaZe XL → TH R -> S
NTCMteVJSVhMRSCMWMSWVeRCeGtMWYMt
XLI → THE M -> I
E→A Z -> M