What is
cryptography?
•
Definition :
Cryptography is the art and
science of achieving security by encoding
message to make them non

readable.
This is
presentation on
cryptography
Cryptographic System
R#5
%^&”m,:p0S89!@^
%$jhnlO0

#$
This process is
systematic and well

structured
Readable message
Unreadable message
Some more
terms need to be introduced
in this
presentation:
Cryptanalysis
:
It
is the technique of decoding messages from
a
non

readable
format back to readable format without knowing
how
they were initially converted from readable format to
non

readable
format
.
Cryptology:
It
is a combination of cryptography and
cryptanalysis
Substitution
technique:
In
this technique, the characters of
a
plaintext
message
are replaced
by other characters, numbers or
symbols. Caesar
cipher
is
use a substitution technique.
Transportation technique:
It
is different from
substitution
technique
; in this technique do
not
simply replace one alphabet
with another: they also perform some permutation over the plain
text alphabets.
Symmetrical and asymmetrical method:
•
Symmetric key cryptography:
In this method , the same key was
used for encryption and
decryption.Therefore
, both the sender and
the receiver had to know and agree about the key in advance.DES
was based on symmetric key cryptography.
A few well

known
examples are: DES
, Triple

DES (3DES), IDEA, CAST5, BLOWFISH,
and
TWOFISH
.
•
Asymmetric key cryptography:
In this
method, there
are two
pair
of
key, one
for encryption and
decryption. If
the message is encrypt
by
one
key, only
the other key in a pair can decrypt
it.the
key which
used
for
encryption
is known as private key and the key which used
for
decryption is
known as public key cryptography(PKC). Well

known
asymmetric
algorithms are RSA, DSA, and ELGAMAL
.
Algorithm type:
•
Stream cipher:
in this
method,the
plain text is encrypted one byte
at a
time.
•
Block cipher:
in this method a block of bytes is encrypted at a time.
Used of cryptography in World war I and II:
Cryptography was employed during world war I , two of the more
notable machines were employed during world war II : the German
enigma machine , developed Arthur Scherbius, and the Japanese
Purple machine, developed using techniques first discovered by
Herbert O Yardley.
Father of western cryptography:
Leon Battista Alberta is known as ‘ the father of western cryptography’
in part, because of his development of polyalphabetic substitution.
Father of American cryptography:
The father of American cryptography is James Lovell. He was loyal to
the colonies, and solved many British ciphers some of which led to the
revolutionary victories.
•
Historical used of cryptography:
Caesar cipher:
Julius Caesar used another method
called Caesar cipher. The Caesar cipher was reputedly
used by the Emperor Julius Caesar to communicate
with his generals.
Given a plain text message like ATTACKATDAWN
we encrypt by shifting each letter forward a certain
distance in the alphabet.
For example, if we shift back three letters we get the
cipher text XQQXZHXQAXTK.
Think of the letters of the alphabet as being Arranged
in a circle, so that shifting A back by 1 unit gives Z,
shifting back by 2 gives Y, etc. To decode, we just shift
forward by 3. The key for this code is the number
3.The Caesar code is easy to break even without the key.
Egyptian method:
Historical records available of this method date back
to 2000 B.C.in Egypt, where hieroglyphics were used to decorate the
tombs of dead rulers and kings. These hieroglyphics narrated the story
of the life of the king and talked
about the great acts of his life.
They were deliberately cryptic, but not intended to hide the text. As
time went by, these writings became more and more complicated and
therefore, difficult to write as well as understand.
Symmetrical key algorithm:
In the section; we study the symmetrical key algorithm by taking the example of data
encryption standard(DES).
Data encryption standard:
(In 1970 , Dr. Horst
Feistel
established the precursor to what we today call data encryption
standard(DES).Today Triple DES is security standard used by US financial institutions.)
The DES (Data Encryption Standard) algorithm is the most widely used encryption
algorithm in the world. For many years, and among many people, "secret code
making" and DES have been synonymous. And despite the recent coup by the
Electronic Frontier Foundation in creating a $220,000 machine to crack DES

encrypted messages.
DES is generally used in the ECB,CBC or the CFB mode.
The
origins of DES go back to 1972,when in the
US,The
national bureau of standards(NBS)
,now known as the national institute of standards and technology(NIST) embarked
upon a project for protecting the data in computers and computer communication.
They wanted to develop a single cryptographic algorithm . After two years, NBS
realized that IBM’s Lucifer
could be considered as a serious candidate. when IBM
submitted a candidate
thatit
had developed internally under the name LUCIFER.
After evaluating the algorithm with the help of the National Security Agency (NSA),
the NBS adopted a modification of the LUCIFER algorithm as the new Data Encryption
Standard (DES) on July 15, 1977
Main features of DES:
It is used symmetric key algorithm.
It used same key for encryption and decryption
It is a block cipher.
It encrypt data in blocks of size 64 bits each.
The key length is 56 bits. Thus, there are 2⁵⁶ possible key.
Single requires 1000 year to crack this key if one DES encryption per
microsecond
Interestingly; the original proposal was to make use of 112 bit key.
Problem associated with 112 bit keys:
It required more computational power
It hard to transmit
Create huge amount of pairs of keys.
Variation of DES:
There are two main variation of DES have emerged, which are Double
DES and Triple DES
Double DES:
1.
It does twice what DES normally does once
2.
It used two keys K1 and K2.
3.
It is more secure than DES .
becuase
it encrypt the
the PT twice.
Encrypt
Original Plain Text
Encrypt
Cipher Text
Cipher Text
K1
K2
Triple
DES:
1.
It is more secure than Double DES
2.
It used three or two keys for encryption
3.
The plain text P encrypted using k1 then k2 and finally k3.
Original Plain
Text
Encrypt
Cipher
Text
Encrypt
Cipher
Text
Encrypt
Cipher Text
K3
K2
K1
Triple DES with Two Keys
:
1.
Three key has drawback that it required 56
X3=168 bits for the keys which can be slightly
difficult to have in practical situation.
2.
A workaround suggested by Tuchman uses just
two keys for Triple DES Here, the algorithm
works as follows:
I.
Encrypts the plain text with key K1,thus we
have E k1(p).
II.
Decrypt the output of step 1 above with key
k2. thus we have Dk2(Ek1(p)).
III.
Finally , encrypt the output of step2 again with
key k1. thus, we have Ek1(Dk2(Ek1(p))).
3.To decrypt the cipher text C and obtain the
original plain text P, we have to perform the
operation p =Dk1(Ek2(Dk1C)))
How DES works:
DES based on two fundamental attribute of
cryptography
Substitution (also called confusion)
Transportation (also called
deffusion
)
DES consist of 16 steps each of which called round.
DES used 56 bit
keys.Actually
,initial key consist of 64
bits.however
before the DES process even starts ,every
eighth bit of the key is
discared
to produce a 56 bit key.
Discard bit are used for parity checking to ensure that
the key does not contain any errors.
Original 64

bit key
Key discarding process
Resulting 56

bit key
Key Discarding Process
Les us now discuss the broad

level steps in DES:
1.
In the first step, the 64

bit plain text block is handed
over to an
Initial Permutation (IP)
function.
2.
The initial permutation is performed on Plain text.
3.
Next, the initial permutation (IP) produces two halves
of the permuted block; say Left plain text(LPT) and
Right plain text(RPT).
4.
Now ,each of LPT and RPT go through 16 rounds of
encryption process.
5.
In the end , LPT and RPT are rejoined and a
final
permutation (FP)
is performed on the combined
block.
6.
The result of this process produces 64

bit cipher text.
Plain text (64 bits)
Initial Permutation(IP)
LPT
RPT
16 rounds
16 rounds
Final Permutation(FP)
Cipher text (64 bits)
KEY
KEY
Brief steps in DES
Each of the 16 rounds , in turn consists of the broad level steps as follows:
Key Transformation
Expansion Permutation
S

box substitution
P

box substitution
XOR and SWAP
Initial permutation(IP):
in this IP replaces the first bit of the original plain text block
With the 58
th
bit of the original plain text block, the second bit with the 50
th
bit of the
Original plain text and so on.
58
50
42
34
26
18
10
2
60
52
44
36
28
20
12
4
62
54
46
38
30
22
14
6
64
56
48
40
32
24
16
8
57
49
41
33
25
17
9
1
59
51
43
35
27
19
11
3
61
53
45
37
29
21
13
5
63
55
47
39
31
23
15
7
Initial permutation (IP) table
Step 1.Key
transformation:From
the 56 bit key , a different 48 bit
subkey
is generated during
Each round using a process called as key
transformation.for
this, the 56 bit key is divided into
two
halves,each
of 28
bits.these
halves are circularly shifted left by one or two position.
Depanding
on the round. For example, if the round number is 1,2,9 or 16, the shift is done
by only position.
round
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Number
of key
bits
shifted
1
1
2
2
2
2
2
2
1
2
2
2
2
2
2
1
Number
of key bits shifted per round
We observe the table carefully we will realize that it contains only 48bit position.
Bit number 18 is discarded like 7 others, to reduce the 56 bit key to a 48 bit key .
Since the key transformation process involves permutation as well as selection of the
48 bit sub
–
key
iof
the original 56 bit key .it is called as compression permutation.
32
1
2
3
4
5
4
5
6
7
8
9
8
9
10
11
12
13
12
13
14
15
16
17
16
17
18
19
20
21
20
21
22
23
24
25
24
25
26
27
28
29
28
29
30
31
32
1
Compression permutation
Step2: Expansion
permutation:we
had two 32 bit plain text area called as left plain
text and right plain text .during expansion permutation the RPT is expanded form
32 bits to 48
bits.The
bits are permuted as well, hence the name expansion per


mutation .This
happpen
as follows:
1.
The 32 bit RPT is divided into 8 blocks, with each block consisted of 4
bits.This
is shown in following figure.
2.
Next,each
4 bit block of the previous step is then expanded to a corresponding
6 bit
block.that
is per 4 bit block,2 more bits are
added.What
are these two
bits? They are actually the repeated first and the fourth
bitos
of the 4 bit block.
Division of 32 bit RPT into eight 4 bit blocks
RPT expansion permutation process
Original right plain text of32 bits
Block 1 (4 BITS) block2(4BITS) so on
1
2
3
4
5
6
7
8
29
30
31
32
Original block 1(6bits) Original block2(6bits)
Orignial
block8(6bits)
32
1
2
3
4
5
4
5
6
7
8
9
8
9
10
11
12
13
12
13
14
15
16
17
16
17
18
19
20
21
20
21
22
23
24
25
24
25
26
27
28
29
28
29
30
31
32
1
RPT expansion permutation table
Now, the 48 bit key is
XORed
with 48 bit RPT and the resulting output is given to next step
which is the S

box substitution.
Step 3 S

box
substitution:it
is a process that accepts the 48 bit input from the XOR
Operation involving the compressed key and expanded RPT and produces a 32 bit
Output using the
substitution.the
sustitution
is performed by eight substitution
Boxes .each of the eight s
–
boxes has a 6 bit input and 4

bit output the 48 bit input
Block is divided into 8 sub blocks and each such sub block is give to s

box
Key transformation (compress
key from 56 bits to 48 bits)
Expansion permutation (expand
RPT from 32 bits to 48 bits)
48 bit key
48 bit RPT
XOR
S

box substitution
Fig. Way tot S

box substitution
48 bit input block
6 bit sub block
6 bit sub block
6 bit sub block
S

box 1
S

box 2
S

box 8
4 bit output
4 bit output
4 bit output
32 bit output block
S box substitution
The 6 bit input indicate which row and column and therefore which intersection is to be
Selected thus, determining the 4 bit output how is done?
Let us assume that the six bits of a s

box are indicated by b1,b2,b3,b4,b5, and b6.
Now ,bits b1 and b6 are combined to form a two bit number. two bit number store any decimal
Number between 0(binary 00) and 3( binary11). This specifies the row number . The store
Remaining four bits b2,b3,b4 and b5 make up a four
–
bit number.
b1
B2 b3 b4 b5
b6
4

bit column number
2 bit row number
Selecting an entry in a s

box based on the 6 bit input
Step 4:P box
substitution:there
output of s box consist 32 bits these 32 bit
Are permuted using p box.
1
6
7
2
0
2
1
2
9
1
2
2
8
1
7
0
1
5
2
3
2
6
5
1
8
3
1
1
0
2
8
2
4
1
4
3
2
2
7
3
9
1
9
1
3
3
0
6
2
2
1
1
4
2
5
P
–
box permutation
Step 5 XOR and swap:
Original 64

bit plain text block
32 bit LPT
32 bit RPT
Key transformation
Expansion permutation
S

box substitution
P

box permutation
XOR
32 bit LPT
32 bit RPT
Next round
Final
permutaion
:
At the end of the 36 round , final permutation is performed once this is a
simple transposition base on following table
4
0
8
4
8
1
6
5
6
2
4
6
4
3
2
3
9
7
4
7
1
5
5
5
2
3
6
3
3
1
3
8
7
6
4
6
1
4
5
4
2
6
2
3
0
3
7
5
4
5
1
3
5
3
2
1
6
1
2
9
3
6
4
4
4
1
2
5
2
2
0
6
0
2
8
3
5
3
4
3
1
1
5
1
1
9
5
9
2
7
3
4
2
4
2
1
0
5
0
1
9
5
8
2
6
3
3
1
4
1
9
1
7
5
7
4
5
2
5
DES decryption:
the same algorithm used for encryption in DES also
Works for decryption! The only difference between the encryption
And the decryption process is the reversal of key
protions.If
the original key K
Was divided into k1,k2….k16 for the encryption rounds, then for decryption
The key should be used as k16…..k2,k1
The output of the Final permutation is the 64 bit encrypted block.
40
8
48
16
56
24
64
32
39
7
47
15
55
23
63
31
38
6
46
14
54
22
62
30
37
5
45
13
53
21
61
29
36
4
44
12
52
20
60
28
35
3
43
11
51
19
59
27
34
2
42
10
50
18
58
26
33
1
41
9
49
17
57
25
Final permutation
Asymmetrical key algorithm:
In the section; we study the asymmetrical key algorithm by taking the example of one of
famous asymmetrical method known as RSA.
Before studying an RSA; the fundamental concept of asymmetrical key
alogrithm
should
know .
In asymmetrical key
Cryptography,also
called as public key
cryptography,two
different keys
(which form a key pair) are
used.One
key is used for encryption and only the other
corresponding key must be used for decryption.
One of the two keys is called as public key and other is the private key
Lets us assume that you want to communicate over a computer network such as the
internet in a secure manner. You need to obtain a public key and private
key.the
private
key remains with you as a secret . You must not disclose your private key to anybody.
However ,the public key is for the general public. It is disclosed to all parties that you want
to communicate with.
In this schema ,in fact each party or node publishes its public key .using this , a directory
can be constructed where the various parties or nodes (
ie
their ids) and the corresponding
public key are maintained.
Suppose A wants to send a message to B without having to worry about its
security.then
A and B should each have a private key and a public key.
•
A should keep her private key secret.
•
B should keep his private key secret.
•
A should inform B about her public key.
•
B should inform A about his public key.
Thus , we have a matrix as shown in Table
Key
details
A should know
B should know
A’s private key
yes
No
A’s public
key
Y敳
Y敳
B’s private key
乯
Y敳
B’s public key
Yes
yes
RSA
:
The most famous asymmetric key cryptographic algorithm is RSA.RSA
designed by
Rivest
, Shamir and
Adleman
. They posed
a challenge and declared a reward of $100 for anyone who would
decrypt the message, which they had encrypted. This
was published in 1997 by Martin Gardner in Scientific American in a
widely read column, Mathematical Games , which he
edited .It was estimated that even using the most powerful computers
available at that time ,it would take about 40
quadrillion years to decrypt this message!! Later in 1978, RSA formally
introduced the PKC system
How RSA Works:
The
RSA algorithm is based on the mathematical fact that it is easy to
find and multiply large prime number
together.but
it is extremely
difficult to factor their
product.The
private and public keys in RSA are
based on very large (made up of 100 or more digits) prime numbers.
The algorithm itself is quite simple .However the real challenge in the
case of RSA is the selection and generation of the public and private
keys.
Let us now understand how the public and private key are
generated,how
we can perform encryption and decryption in
RSA.Whole
process is shown in following figure
1.choose two large prime numbers P and Q.
2.calculate N=P X Q.
3.Select the public key(i.e. the encryption key) E such that
it is not a factor of (P

1) and (Q

1).
4.Select the private key (i.e. the decryption key) D such that
the following equation is true
:
(D X E) mod (P

1) X (Q

1)=1
5.for
encryption,calculate
the cipher text CT from the
plain text PT as follows:
CT=P
mod N
6. send CT as the cipher text to the receiver
7.For decryption, calculate the plain text PT from the cipher
text CT as follows:
mod N
PT=C
Example of RSA:
Let us take an example of this process to understand
concepts.For
ease
of
reading,we
shall write the example values along
with the algorithm steps.
1.choose two large prime numbers P and Q.
Let p=7 ,Q=17
2.Calculate N=PXQ.
We have N=47 X 17=119
•
Select the public key (i.e. the encryption key) E such that it is not a
factor of (P

1) X (Q

1).
•
Let us find (7

1) X (17

1) = 6 X 16=96
Factor of 96 are 2,2,2,2,2 and 3 (because 96=2X2X2X2X2X3).
•
Thus, we have to choose E such that none of the factors of E is 2 and 3.
As a few
examples.We
can not choose E as 4
.
(because it has 2 as a factor),15(because , it has 3 as a factor),
6(because it has 2 and 3 both as factors).Let us choose E as 5
(it could have been any other number
•
that does not its factors as 2 and 3).
4.select the private key (i.e. the decryption key D such that
the following equation is true:
(DXE) mod (P

1)X(Q

1)=1
Thus,
(DX 5) mod (7

1)(17

1)=1
Hence D=77.
5.For encryption ,calculate the cipher text CT from the plain
text PT as follows
:
CT=
Let us assume that we want to encrypt plain text 10.
Then we have CT=
mod
119=100000 mod 119=40
6.send CT as the cipher text to the receiver.
Send 40 as the cipher text to the receiver.
7. for decryption calculate the plain text PT from the cipher
text CT as follows:
PT=
mod N
Thus,
PT=
mod 119=10 , which was the original Plain text of
step 5.
characteristic
Symmetric key
cryptography
Asymmetric key
cryptography
Key used for
encryption/decryption
Same key is used for
encryption and decryption
One key used for encryption
and another ,different key is
used for decryption
Speed of encryption/decryption
Very fast
slower
Size of resulting encrypted text
Usually same as or less than
the original clear text size
More than the original clear
text size
Key agreement/exchange
A big problem
No problem at all
Number of keys required as
compared to the number of
participants in the message
Equals about the square of
the number of participants
,so scalability is an issue
Same as the number of
participants , so scales up
quite well
Usage
Mainly for encryption and
decryption (confidentiality),
cannot be used for digital
signatures (integrity and non
repudiation checks)
Can be used for encryption
and decryption (
confidentiality) as well as for
digital signatures( integrity
and non repudiation checks)
Future Work
:
There are a couple of
algorithms
which are considered safe by mathematicians
. Safe
means, that there is no known weak point in the algorithm, resulting in the fact,
that the
only possible attack is brute force
3
. Brute force means that every possible key is tried, until
the right one has been found. A brute force attack against a 56 bit DES key took a little more
than a year to crack by thousands of computers spending their idle time to crack it in
1997/1998 in the
distributed.net
effort.
In 1999, specialized hardware built by the
EFF
was
able to crack it within less than a day. So 56 bit DES can no longer be considered to be safe
.
[3]
As every single bit in the length of the key doubles the number of possible keys,
reasonably long keys are safe, unless some mathematician finds a weak point in the
algorithm
. The 168 bits of Triple DES won't be found by brute force attacks
within the next hundred years. If computer power increased by a factor of two
every year, you'd need one more bit every year for the same level of safety
.[3]
So possible way to secure system is to
to
keep abreast of new updates in computer
world.
Also change the key once within the week.
RSA is find more secure than Des but it is slow in speed and generate huge cipher
text as compared to plain text .RSA patent expired in 2000 so we can used it as
free for our system.
Conclusion
However, asymmetric algorithms are much slower than symmetric ones.
More specifically we need to ensure that the following objectives are
meet:
1.the solution should be completely secure.
2.the encryption and decryption processes must not take a long time.
3.the generated cipher text should be compact in size
4.the solution should scale to a large number of user easily, without
introducing any additional complications
5.the key distribution problem must be solved by the solution
Therefore, in many applications, a combination of both is being used.
The asymmetric keys are used for authentication and after this have been
successfully done; one or more symmetric keys are generated and
exchanged using the asymmetric encryption.
References:
Cryptography and network security

Atul
Kahate
http://www.suse.de/~garloff/Writings/mutt_gpg/node3.html
http://orlingrabbe.com/des.htm
http://www.suse.de/~garloff/Writings/mutt_gpg/node2.html
Σχόλια 0
Συνδεθείτε για να κοινοποιήσετε σχόλιο