Τεχνίτη Νοημοσύνη και Ρομποτική

21 Νοε 2013 (πριν από 4 χρόνια και 5 μήνες)

77 εμφανίσεις

What is
cryptography?

Definition :
Cryptography is the art and
science of achieving security by encoding
message to make them non
-

This is
presentation on
cryptography

Cryptographic System

R#5
%^&”m,:p0S89!@^
%\$jhnlO0
-
#\$

This process is
systematic and well
-
structured

Some more
terms need to be introduced
in this
presentation:

Cryptanalysis
:
It
is the technique of decoding messages from
a

non
-
format back to readable format without knowing

how
they were initially converted from readable format to

non
-
format
.

Cryptology:
It
is a combination of cryptography and
cryptanalysis

Substitution
technique:
In
this technique, the characters of
a

plaintext
message
are replaced
by other characters, numbers or

symbols. Caesar
cipher
is
use a substitution technique.

Transportation technique:
It
is different from
substitution

technique
; in this technique do
not
simply replace one alphabet

with another: they also perform some permutation over the plain

text alphabets.

Symmetrical and asymmetrical method:

Symmetric key cryptography:

In this method , the same key was

used for encryption and
decryption.Therefore

, both the sender and

was based on symmetric key cryptography.

A few well
-
known

examples are: DES
, Triple
-
DES (3DES), IDEA, CAST5, BLOWFISH,
and

TWOFISH
.

Asymmetric key cryptography:

In this
method, there
are two
pair

of
key, one
for encryption and
decryption. If
the message is encrypt
by

one
key, only
the other key in a pair can decrypt
it.the

key which
used

for
encryption
is known as private key and the key which used
for

decryption is
known as public key cryptography(PKC). Well
-
known

asymmetric
algorithms are RSA, DSA, and ELGAMAL
.

Algorithm type:

Stream cipher:

in this
method,the

plain text is encrypted one byte

at a
time.

Block cipher:
in this method a block of bytes is encrypted at a time.

Used of cryptography in World war I and II:

Cryptography was employed during world war I , two of the more
notable machines were employed during world war II : the German
enigma machine , developed Arthur Scherbius, and the Japanese
Purple machine, developed using techniques first discovered by
Herbert O Yardley.

Father of western cryptography:

Leon Battista Alberta is known as ‘ the father of western cryptography’
in part, because of his development of polyalphabetic substitution.

Father of American cryptography:

The father of American cryptography is James Lovell. He was loyal to
the colonies, and solved many British ciphers some of which led to the
revolutionary victories.

Historical used of cryptography:

Caesar cipher:

Julius Caesar used another method

called Caesar cipher. The Caesar cipher was reputedly

used by the Emperor Julius Caesar to communicate

with his generals.

Given a plain text message like ATTACKATDAWN

we encrypt by shifting each letter forward a certain

distance in the alphabet.

For example, if we shift back three letters we get the

cipher text XQQXZHXQAXTK.

Think of the letters of the alphabet as being Arranged

in a circle, so that shifting A back by 1 unit gives Z,

shifting back by 2 gives Y, etc. To decode, we just shift

forward by 3. The key for this code is the number

3.The Caesar code is easy to break even without the key.

Egyptian method:

Historical records available of this method date back

to 2000 B.C.in Egypt, where hieroglyphics were used to decorate the

tombs of dead rulers and kings. These hieroglyphics narrated the story

of the life of the king and talked

about the great acts of his life.

They were deliberately cryptic, but not intended to hide the text. As

time went by, these writings became more and more complicated and

therefore, difficult to write as well as understand.

Symmetrical key algorithm:

In the section; we study the symmetrical key algorithm by taking the example of data
encryption standard(DES).

Data encryption standard:

(In 1970 , Dr. Horst
Feistel

established the precursor to what we today call data encryption

standard(DES).Today Triple DES is security standard used by US financial institutions.)

The DES (Data Encryption Standard) algorithm is the most widely used encryption

algorithm in the world. For many years, and among many people, "secret code

making" and DES have been synonymous. And despite the recent coup by the

Electronic Frontier Foundation in creating a \$220,000 machine to crack DES
-

encrypted messages.
DES is generally used in the ECB,CBC or the CFB mode.
The

origins of DES go back to 1972,when in the
US,The

national bureau of standards(NBS)

,now known as the national institute of standards and technology(NIST) embarked

upon a project for protecting the data in computers and computer communication.

They wanted to develop a single cryptographic algorithm . After two years, NBS

realized that IBM’s Lucifer

could be considered as a serious candidate. when IBM

submitted a candidate
thatit

had developed internally under the name LUCIFER.

After evaluating the algorithm with the help of the National Security Agency (NSA),

the NBS adopted a modification of the LUCIFER algorithm as the new Data Encryption

Standard (DES) on July 15, 1977

Main features of DES:

It is used symmetric key algorithm.

It used same key for encryption and decryption

It is a block cipher.

It encrypt data in blocks of size 64 bits each.

The key length is 56 bits. Thus, there are 2⁵⁶ possible key.

Single requires 1000 year to crack this key if one DES encryption per

microsecond

Interestingly; the original proposal was to make use of 112 bit key.

Problem associated with 112 bit keys:

It required more computational power

It hard to transmit

Create huge amount of pairs of keys.

Variation of DES:

There are two main variation of DES have emerged, which are Double

DES and Triple DES

Double DES:

1.
It does twice what DES normally does once

2.
It used two keys K1 and K2.

3.
It is more secure than DES .
becuase

it encrypt the

the PT twice.

Encrypt

Original Plain Text

Encrypt

Cipher Text

Cipher Text

K1

K2

Triple

DES:

1.
It is more secure than Double DES

2.
It used three or two keys for encryption

3.
The plain text P encrypted using k1 then k2 and finally k3.

Original Plain
Text

Encrypt

Cipher
Text

Encrypt

Cipher
Text

Encrypt

Cipher Text

K3

K2

K1

Triple DES with Two Keys
:

1.
Three key has drawback that it required 56
X3=168 bits for the keys which can be slightly
difficult to have in practical situation.

2.
A workaround suggested by Tuchman uses just
two keys for Triple DES Here, the algorithm
works as follows:

I.
Encrypts the plain text with key K1,thus we
have E k1(p).

II.
Decrypt the output of step 1 above with key
k2. thus we have Dk2(Ek1(p)).

III.
Finally , encrypt the output of step2 again with
key k1. thus, we have Ek1(Dk2(Ek1(p))).

3.To decrypt the cipher text C and obtain the
original plain text P, we have to perform the
operation p =Dk1(Ek2(Dk1C)))

How DES works:

DES based on two fundamental attribute of
cryptography

Substitution (also called confusion)

Transportation (also called
deffusion
)

DES consist of 16 steps each of which called round.

DES used 56 bit
keys.Actually

,initial key consist of 64
bits.however

before the DES process even starts ,every
eighth bit of the key is
discared

to produce a 56 bit key.

Discard bit are used for parity checking to ensure that
the key does not contain any errors.

Original 64
-
bit key

Resulting 56
-
bit key

Les us now discuss the broad
-
level steps in DES:

1.
In the first step, the 64
-
bit plain text block is handed
over to an
Initial Permutation (IP)

function.

2.
The initial permutation is performed on Plain text.

3.
Next, the initial permutation (IP) produces two halves
of the permuted block; say Left plain text(LPT) and
Right plain text(RPT).

4.
Now ,each of LPT and RPT go through 16 rounds of
encryption process.

5.
In the end , LPT and RPT are rejoined and a
final
permutation (FP)
is performed on the combined
block.

6.
The result of this process produces 64
-
bit cipher text.

Plain text (64 bits)

Initial Permutation(IP)

LPT

RPT

16 rounds

16 rounds

Final Permutation(FP)

Cipher text (64 bits)

KEY

KEY

Brief steps in DES

Each of the 16 rounds , in turn consists of the broad level steps as follows:

Key Transformation

Expansion Permutation

S
-
box substitution

P
-
box substitution

XOR and SWAP

Initial permutation(IP):
in this IP replaces the first bit of the original plain text block

With the 58
th

bit of the original plain text block, the second bit with the 50
th

bit of the

Original plain text and so on.

58

50

42

34

26

18

10

2

60

52

44

36

28

20

12

4

62

54

46

38

30

22

14

6

64

56

48

40

32

24

16

8

57

49

41

33

25

17

9

1

59

51

43

35

27

19

11

3

61

53

45

37

29

21

13

5

63

55

47

39

31

23

15

7

Initial permutation (IP) table

Step 1.Key
transformation:From

the 56 bit key , a different 48 bit
subkey

is generated during

Each round using a process called as key
transformation.for

this, the 56 bit key is divided into

two
halves,each

of 28
bits.these

halves are circularly shifted left by one or two position.

Depanding

on the round. For example, if the round number is 1,2,9 or 16, the shift is done

by only position.

round

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

Number

of key
bits
shifted

1

1

2

2

2

2

2

2

1

2

2

2

2

2

2

1

Number

of key bits shifted per round

We observe the table carefully we will realize that it contains only 48bit position.

Bit number 18 is discarded like 7 others, to reduce the 56 bit key to a 48 bit key .

Since the key transformation process involves permutation as well as selection of the

48 bit sub

key
iof

the original 56 bit key .it is called as compression permutation.

32

1

2

3

4

5

4

5

6

7

8

9

8

9

10

11

12

13

12

13

14

15

16

17

16

17

18

19

20

21

20

21

22

23

24

25

24

25

26

27

28

29

28

29

30

31

32

1

Compression permutation

Step2: Expansion
permutation:we

had two 32 bit plain text area called as left plain

text and right plain text .during expansion permutation the RPT is expanded form

32 bits to 48
bits.The

bits are permuted as well, hence the name expansion per
-

-
mutation .This
happpen

as follows:

1.
The 32 bit RPT is divided into 8 blocks, with each block consisted of 4
bits.This

is shown in following figure.

2.
Next,each

4 bit block of the previous step is then expanded to a corresponding
6 bit
block.that

is per 4 bit block,2 more bits are

are these two
bits? They are actually the repeated first and the fourth
bitos

of the 4 bit block.

Division of 32 bit RPT into eight 4 bit blocks

RPT expansion permutation process

Original right plain text of32 bits

Block 1 (4 BITS) block2(4BITS) so on

1

2

3

4

5

6

7

8

29

30

31

32

Original block 1(6bits) Original block2(6bits)
Orignial

block8(6bits)

32

1

2

3

4

5

4

5

6

7

8

9

8

9

10

11

12

13

12

13

14

15

16

17

16

17

18

19

20

21

20

21

22

23

24

25

24

25

26

27

28

29

28

29

30

31

32

1

RPT expansion permutation table

Now, the 48 bit key is
XORed

with 48 bit RPT and the resulting output is given to next step
which is the S
-
box substitution.

Step 3 S
-
box
substitution:it

is a process that accepts the 48 bit input from the XOR

Operation involving the compressed key and expanded RPT and produces a 32 bit

Output using the
substitution.the

sustitution

is performed by eight substitution

Boxes .each of the eight s

boxes has a 6 bit input and 4
-
bit output the 48 bit input

Block is divided into 8 sub blocks and each such sub block is give to s
-
box

Key transformation (compress
key from 56 bits to 48 bits)

Expansion permutation (expand
RPT from 32 bits to 48 bits)

48 bit key

48 bit RPT

XOR

S
-
box substitution

Fig. Way tot S
-
box substitution

48 bit input block

6 bit sub block

6 bit sub block

6 bit sub block

S
-
box 1

S
-
box 2

S
-
box 8

4 bit output

4 bit output

4 bit output

32 bit output block

S box substitution

The 6 bit input indicate which row and column and therefore which intersection is to be

Selected thus, determining the 4 bit output how is done?

Let us assume that the six bits of a s
-
box are indicated by b1,b2,b3,b4,b5, and b6.

Now ,bits b1 and b6 are combined to form a two bit number. two bit number store any decimal

Number between 0(binary 00) and 3( binary11). This specifies the row number . The store

Remaining four bits b2,b3,b4 and b5 make up a four

bit number.

b1

B2 b3 b4 b5

b6

4
-
bit column number

2 bit row number

Selecting an entry in a s
-
box based on the 6 bit input

Step 4:P box
substitution:there

output of s box consist 32 bits these 32 bit

Are permuted using p box.

1
6

7

2
0

2
1

2
9

1
2

2
8

1
7

0

1
5

2
3

2
6

5

1
8

3
1

1
0

2

8

2
4

1
4

3
2

2
7

3

9

1
9

1
3

3
0

6

2
2

1
1

4

2
5

P

box permutation

Step 5 XOR and swap:

Original 64
-
bit plain text block

32 bit LPT

32 bit RPT

Key transformation

Expansion permutation

S
-
box substitution

P
-
box permutation

XOR

32 bit LPT

32 bit RPT

Next round

Final
permutaion
:

At the end of the 36 round , final permutation is performed once this is a
simple transposition base on following table

4
0

8

4
8

1
6

5
6

2
4

6
4

3
2

3
9

7

4
7

1
5

5
5

2
3

6
3

3
1

3
8
7

6

4
6

1
4

5
4

2

6
2

3
0

3
7

5

4
5

1
3

5
3

2
1

6
1

2
9

3
6

4

4
4

1
2

5
2

2
0

6
0

2
8

3
5

3

4
3

1
1

5
1

1
9

5
9

2
7

3
4

2

4
2

1
0

5
0

1
9

5
8

2
6

3
3

1

4
1

9

1
7

5
7

4
5

2
5

DES decryption:
the same algorithm used for encryption in DES also

Works for decryption! The only difference between the encryption

And the decryption process is the reversal of key
protions.If

the original key K

Was divided into k1,k2….k16 for the encryption rounds, then for decryption

The key should be used as k16…..k2,k1

The output of the Final permutation is the 64 bit encrypted block.

40

8

48

16

56

24

64

32

39

7

47

15

55

23

63

31

38

6

46

14

54

22

62

30

37

5

45

13

53

21

61

29

36

4

44

12

52

20

60

28

35

3

43

11

51

19

59

27

34

2

42

10

50

18

58

26

33

1

41

9

49

17

57

25

Final permutation

Asymmetrical key algorithm:

In the section; we study the asymmetrical key algorithm by taking the example of one of
famous asymmetrical method known as RSA.

Before studying an RSA; the fundamental concept of asymmetrical key
alogrithm

should
know .

In asymmetrical key
Cryptography,also

called as public key
cryptography,two

different keys
(which form a key pair) are
used.One

key is used for encryption and only the other
corresponding key must be used for decryption.

One of the two keys is called as public key and other is the private key

Lets us assume that you want to communicate over a computer network such as the
internet in a secure manner. You need to obtain a public key and private
key.the

private
key remains with you as a secret . You must not disclose your private key to anybody.

However ,the public key is for the general public. It is disclosed to all parties that you want
to communicate with.

In this schema ,in fact each party or node publishes its public key .using this , a directory
can be constructed where the various parties or nodes (
ie

their ids) and the corresponding
public key are maintained.

Suppose A wants to send a message to B without having to worry about its
security.then

A and B should each have a private key and a public key.

A should keep her private key secret.

B should keep his private key secret.

A should inform B about her public key.

B should inform A about his public key.

Thus , we have a matrix as shown in Table

Key

details

A should know

B should know

A’s private key

yes

No

A’s public

key

Y敳

Y敳

B’s private key

Y敳

B’s public key

Yes

yes

RSA
:

The most famous asymmetric key cryptographic algorithm is RSA.RSA
designed by
Rivest
, Shamir and
. They posed

a challenge and declared a reward of \$100 for anyone who would
decrypt the message, which they had encrypted. This

was published in 1997 by Martin Gardner in Scientific American in a
widely read column, Mathematical Games , which he

edited .It was estimated that even using the most powerful computers
available at that time ,it would take about 40

quadrillion years to decrypt this message!! Later in 1978, RSA formally
introduced the PKC system

How RSA Works:

The

RSA algorithm is based on the mathematical fact that it is easy to
find and multiply large prime number
together.but

it is extremely
difficult to factor their
product.The

private and public keys in RSA are
based on very large (made up of 100 or more digits) prime numbers.
The algorithm itself is quite simple .However the real challenge in the
case of RSA is the selection and generation of the public and private
keys.

Let us now understand how the public and private key are
generated,how

we can perform encryption and decryption in
RSA.Whole

process is shown in following figure

1.choose two large prime numbers P and Q.

2.calculate N=P X Q.

3.Select the public key(i.e. the encryption key) E such that

it is not a factor of (P
-
1) and (Q
-
1).

4.Select the private key (i.e. the decryption key) D such that

the following equation is true
:

(D X E) mod (P
-
1) X (Q
-
1)=1

5.for
encryption,calculate

the cipher text CT from the
plain text PT as follows:

CT=P

mod N

6. send CT as the cipher text to the receiver

7.For decryption, calculate the plain text PT from the cipher

text CT as follows:

mod N

PT=C

Example of RSA:

Let us take an example of this process to understand
concepts.For

ease

of

shall write the example values along

with the algorithm steps.

1.choose two large prime numbers P and Q.

Let p=7 ,Q=17

2.Calculate N=PXQ.

We have N=47 X 17=119

Select the public key (i.e. the encryption key) E such that it is not a

factor of (P
-
1) X (Q
-
1).

Let us find (7
-
1) X (17
-
1) = 6 X 16=96

Factor of 96 are 2,2,2,2,2 and 3 (because 96=2X2X2X2X2X3).

Thus, we have to choose E such that none of the factors of E is 2 and 3.

As a few
examples.We

can not choose E as 4

.

(because it has 2 as a factor),15(because , it has 3 as a factor),

6(because it has 2 and 3 both as factors).Let us choose E as 5

(it could have been any other number

that does not its factors as 2 and 3).

4.select the private key (i.e. the decryption key D such that

the following equation is true:

(DXE) mod (P
-
1)X(Q
-
1)=1

Thus,

(DX 5) mod (7
-
1)(17
-
1)=1

Hence D=77.

5.For encryption ,calculate the cipher text CT from the plain

text PT as follows
:

CT=

Let us assume that we want to encrypt plain text 10.

Then we have CT=

mod

119=100000 mod 119=40

6.send CT as the cipher text to the receiver.

Send 40 as the cipher text to the receiver.

7. for decryption calculate the plain text PT from the cipher
text CT as follows:

PT=

mod N

Thus,

PT=

mod 119=10 , which was the original Plain text of

step 5.

characteristic

Symmetric key
cryptography

Asymmetric key
cryptography

Key used for
encryption/decryption

Same key is used for
encryption and decryption

One key used for encryption
and another ,different key is
used for decryption

Speed of encryption/decryption

Very fast

slower

Size of resulting encrypted text

Usually same as or less than
the original clear text size

More than the original clear
text size

Key agreement/exchange

A big problem

No problem at all

Number of keys required as
compared to the number of
participants in the message

the number of participants
,so scalability is an issue

Same as the number of
participants , so scales up
quite well

Usage

Mainly for encryption and
decryption (confidentiality),
cannot be used for digital
signatures (integrity and non
repudiation checks)

Can be used for encryption
and decryption (
confidentiality) as well as for
digital signatures( integrity
and non repudiation checks)

Future Work
:

There are a couple of
algorithms

which are considered safe by mathematicians
. Safe
means, that there is no known weak point in the algorithm, resulting in the fact,
that the
only possible attack is brute force
3
. Brute force means that every possible key is tried, until
the right one has been found. A brute force attack against a 56 bit DES key took a little more
than a year to crack by thousands of computers spending their idle time to crack it in
1997/1998 in the
distributed.net

effort.
In 1999, specialized hardware built by the
EFF

was
able to crack it within less than a day. So 56 bit DES can no longer be considered to be safe
.
[3]

As every single bit in the length of the key doubles the number of possible keys,
reasonably long keys are safe, unless some mathematician finds a weak point in the
algorithm
. The 168 bits of Triple DES won't be found by brute force attacks
within the next hundred years. If computer power increased by a factor of two
every year, you'd need one more bit every year for the same level of safety
.[3]

So possible way to secure system is to
to

keep abreast of new updates in computer
world.
Also change the key once within the week.

RSA is find more secure than Des but it is slow in speed and generate huge cipher
text as compared to plain text .RSA patent expired in 2000 so we can used it as
free for our system.

Conclusion

However, asymmetric algorithms are much slower than symmetric ones.

More specifically we need to ensure that the following objectives are
meet:

1.the solution should be completely secure.

2.the encryption and decryption processes must not take a long time.

3.the generated cipher text should be compact in size

4.the solution should scale to a large number of user easily, without

5.the key distribution problem must be solved by the solution

Therefore, in many applications, a combination of both is being used.
The asymmetric keys are used for authentication and after this have been
successfully done; one or more symmetric keys are generated and
exchanged using the asymmetric encryption.

References:

Cryptography and network security
-
Atul

Kahate

http://www.suse.de/~garloff/Writings/mutt_gpg/node3.html

http://orlingrabbe.com/des.htm

http://www.suse.de/~garloff/Writings/mutt_gpg/node2.html