Cryptography - homepages.gold.ac.uk

innocentsickΤεχνίτη Νοημοσύνη και Ρομποτική

21 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

84 εμφανίσεις

1

Cryptography


encryption


authentication


digital signatures


one
-
way functions


hash algorithms


key generation, exchange and management


2

Encryption


Transforming a message
-

the
plaintext
,
into an unrecognisable (encrypted) form,
called the
ciphertext
.



To the layman this is known as coding and
decoding messages. The proper terms are
encrypting

and
decrypting
.

3


The intention is that if an encrypted
message is intercepted, then the interceptor
will not be able to interpret the ciphertext.



Messages have been encrypted for many
years using letter substitution for example.



These days mathematical algorithms are
used to encrypt and decrypt messages using
computers.

4

Caesar’s Cipher


To encrypt a message written using the
English alphabet A..Z


Each letter in the plaintext message is
replaced by the letter k places along in the
alphabet (where
k

is between 0 and 25
inclusive) wrapping around to the beginning
of the alphabet if necessary.


To decrypt the message, each letter is
replaced by the letter
26
-
k

places along.

5

Caesar’s cipher with k=5

Message:
A B C D E F G H I J K L M
Ciphertext:
F G H I J K L M N O P Q R
Message:
N O P Q R S T U V W X Y Z
Ciphertext:
S T U V W X Y Z A B C D E
6

Substitution cipher

Message:
A B C D E F G H I J K L M
Ciphertext:
J P I O T M F W Q C D Y B
Message:
N O P Q R S T U V W X Y Z
Ciphertext:
Z A E S H V R L G N K U X
7

Substitution cipher 2 (using Brighton Rock)

Message:
A B C D E F G H I J K L M
Ciphertext:
H A L E K N W B F O R D I
Message:
N O P Q R S T U V W X Y Z
Ciphertext:
G T U S Y M C V Q P Z J X
8

The Key


Ciphertext
:

A B C D E F G H I J K L M

Plaintext
:

G A O U X C N D R B W

Ciphertext
:

N O P Q R S T U V W X Y Z

Plaintext
:

Y M I S F P T K L V E H



One of the reasons for enciphering this text is
to show the reader how easily this type of
cipher can be broken…...

9

Definitions


The sender
A

(Alice) wants to send a
message
m

(the plaintext) to a receiver
B

(Bob).


Alice encrypts the message using an
encryption key
e

and an encryption
algorithm
f

to produce a ciphertext
c=f(m,e)


To decrypt the ciphertext
c
, Bob uses his
decryption key
d

and a decryption algorithm
g

to obtain the original message
m=g(c,d)

10


A property of the encryption process must
be that Bob retrieves the original message.
Thus for a particular pair of keys
e,d
, it
must be true that for every
m

in
M
, if
m

encrypts to
c
, then
c

decrypts to
m
. Hence
for every
m

in
M
:


if c=f(m,e) then m=g(c,d)


or



g(f(m,e),d)=m

11


Alice keeps the encryption key
e

secret and
Bob keeps the decryption key
d

secret.



Alice and Bob may know each others keys
(this is true for symmetric key algorithms)
or they might not (in public key
cryptosystems).


If the message is very long it might be
broken up into shorter
blocks.
Each block
is then encrypted and decrypted separately.


12


The characters of the message come from a
message alphabet M

and the ciphertext will
be characters of the
ciphertext alphabet C


The two alphabets
M

and
C

may be the
same but they could be different.


A
cryptosystem

refers to all the aspects of a
particular encryption system, so includes
the information about the message and
ciphertext alphabets, the encryption and
decryption algorithms, the method of
blocking and the allowable keys.


13


The
keyspace K

is the set of all possible
encryption keys. We usually include the
trivial keys in the key space even though
they will not be used.


The enemy in the cryptosystem is the
person who intercepts the message and tries
to gain unauthorised information. Such a
person is called a
cryptanalyst

and is
usually given the name Charles.


A
cryptographer

is someone who studies all
aspects of cryptosystems.

14

What Charles might try to do:


Determine the message without determining
either key


Determine the decryption key so that he can
decrypt the message (and other messages
encrypted using the same encryption key)


Determine the encryption key so that he can
determine the decryption key


Determine the encryption key so that he can
masquerade as Alice

15


When considering the security of an
encryption algorithm, it is best to assume
that Charles, the enemy, has knowledge of
the encryption and decryption algorithms,
the key space and the methods of blocking.


In fact assume that Charles knows
everything except the keys used.


Also assume that Charles has adequate
computing power, finance and expertise on
his side.

16

Attacks on a cryptosystem


We always assume that Charles has all the
information on a particular cryptosystem
except for the keys used. What sort of attack
he can launch depends on what other
information he has.



Types of attack are called:

17

Types of attack:


ciphertext only


known message


probable known message


chosen message


chosen ciphertext


chosen message and ciphertext

18

Methods of Attack


The cryptanalyst has various strategies that
he can use. Following are brief
explanations of three of them:

19

1. Try all possible decryption keys


The success of this will depend on


the size of the keyspace


the redundancy in the message



How long it takes to recover the key
depends on


the number of keys


how long it takes to investigate each key



20

2. Analyse the ciphertext statistically


For example, if the cryptosystem uses a
substitution cipher on an English text
message, a frequency count on the letters of
the ciphertext will give an indication of the
substitutions used for the most commonly
used letters.


Redundancy in the English language will
give away the rest of the key.

21


Blocking the message into groups of say 8
characters makes this kind of attack much
harder.


For example, the ciphertext


G QT Q TQZ


can be decrypted quite easily


However, a similar message (encrypted
with a different key and blocked together) is


SRYSRSP


which isn’t quite so easy to decrypt.



22

3. Differential Cryptanalysis


This method requires Charles to generate a
large number of messages which only differ
by a small amount, persuading Alice to
encrypt them, and then analysing the
corresponding ciphertexts.

23

Properties of a good cryptosystem


A large alphabet M to make it hard to do
statistical analysis


A large keyspace to make it hard to do
exhaustive keyspace search


Speed of execution (for high message
throughput)


The same algorithm for encryption and
decryption (to reduce costs)