# Cryptography Basics (ch 2)

Τεχνίτη Νοημοσύνη και Ρομποτική

21 Νοε 2013 (πριν από 4 χρόνια και 7 μήνες)

102 εμφανίσεις

Cryptography Basics (
ch

2)

IT443

Instructor: Bo Sheng

1

Outline

Basic concepts in cryptography system

Secret key cryptography

Public key cryptography

Hash functions

2

Encryption/Decryption

Plaintext: a message in its original form

Ciphertext
: a message in the transformed, unrecognized form

Encryption: the process that transforms a plaintext into a
ciphertext

Decryption: the process that transforms a
ciphertext

to the
corresponding plaintext

Key: the value used to control encryption/decryption.

3

plaintext

encryption

ciphertext

decryption

plaintext

key

key

Cryptanalysis

“code breaking”, “attacking the cipher”

Difficulty depends on

sophistication of the cipher

amount of information available to the code
breaker

Any cipher
can
be broken by exhaustive
trials, but rarely practical

4

Caesar Cipher

Replace each letter with the one
3
letters
later in the alphabet

ex.: plaintext CAT

ciphertext

FDW

5

A

B

C

D

E

F

G

H

I

J

K

A

B

C

D

E

F

G

H

I

J

K

plaintext

alphabet

ciphertext

alphabet

Trivial to break

Mono
-
Alphabetic Ciphers

Generalized substitution cipher: an arbitrary (but
fixed) mapping of one letter to another

26! (

4.0*10
26

2
88
) possibilities

6

A

B

C

D

E

F

G

H

I

J

K

A

B

C

D

E

F

G

H

I

J

K

plaintext

alphabet

ciphertext

alphabet

Attacking Mono
-
Alphabetic Ciphers

Broken by statistical analysis of letter, word, and phrase
frequencies of the language

Frequency of single letters in English language, taken
from a large corpus of text:

7

Ciphertext

Only Attacks

Ex.: attacker can intercept encrypted
communications, nothing else

Breaking the cipher: analyze patterns in
the
ciphertext

method/key

8

Known Plaintext Attacks

Ex.: attacker intercepts encrypted text, but
also
corresponding plaintext (definite

Makes some codes (e.g., mono
-
alphabetic
ciphers) very easy to break

9

Chosen Plaintext Attacks

Ex.: attacker can
choose any plaintext
desired, and intercept the corresponding
ciphertext

Allows targeted code breaking (choose
exactly the messages that will reveal the

10

Cryptography is
rarely

Implementation of cipher

Distribution or protection of keys

… …

11

Secret Keys
vs

Secret Algorithms

Security by obscurity

We can achieve better security if we keep the
algorithms secret

Hard to keep secret if used widely

Reverse engineering, social engineering

Publish the algorithms

Security of the algorithms depends on the secrecy of
the keys

Less unknown vulnerability if all the smart (good)
people in the world are examine the algorithms

12

Outline

Basic concepts in cryptography system

Secret key cryptography

Public key cryptography

Hash functions

13

Secret Key Cryptography

Same key is used for encryption and decryption

Also known as

Symmetric cryptography

Conventional cryptography

14

plaintext

encryption

ciphertext

decryption

plaintext

key

key

Same key

Secret Key Cryptography

Stream cipher

Block cipher

Converts one input plaintext
block of fixed size
k

bits

to
an output
ciphertext

block of
k

bits

DES, IDEA, AES, …

AES

Selected from an open competition, organized by NSA

Joan
Daemen

and Vincent
Rijmen

(Belgium)

Block size=128 bits, Key Size= 128/192/256 bits

15

Key Size

Keys should be selected from a large potential
set, to prevent brute force attacks

Secret key sizes

40

bits were considered adequate in 70’s

56

bits used by DES were adequate in the 80’s

128

If computers increase in power by 40% per year,
need roughly
5 more key bits per decade

to stay
“sufficiently” hard to break

16

Public Key Cryptography

A public/private key pair is used

Public key can be publicly known

Private key is kept secret by the owner of the key

Much slower than secret key cryptography

Also known as asymmetric cryptography

Another mode: digital signature

17

plaintext

encryption

ciphertext

decryption

plaintext

Public key

Private key

Public Key Cryptography

Digital signature

Only the party with the private key can create a digital signature.

The digital signature is verifiable by anyone who knows the public key.

The signer cannot deny that he/she has done so.

18

plaintext

Sign

ciphertext

Verify

plaintext

Private key

Public key

Public Key Cryptography

It must be computationally

easy

to generate a public / private key pair

hard

to determine the private key, given the public key

It must be computationally

easy

to encrypt using the public key

easy

to decrypt using the private key

hard

to recover the plaintext message from just the
ciphertext

and the public key

19

Symmetric
vs

Asymmetric

Symmetric algorithms are much faster

In the order of a 1000 times faster

Symmetric algorithms require a shared secret

Impractical if the communicating entities don’t have another
secure channel

Both algorithms are combined to provide practical and
efficient secure communication

E.g., establish a secret session key using asymmetric crypto and
use symmetric crypto for encrypting the traffic

20

Outline

Basic concepts in cryptography system

Secret key cryptography

Public key cryptography

Hash functions

21

Hash Function

Also known as

Message digest

One
-
way transformation

One
-
way function

Hash

Length of
H
(
m
) much shorter then length of
m

Usually fixed lengths: 128 or 160
bits

22

Message of

arbitrary length

Hash

A fixed
-
length

short message

Properties of Hash

Consider a hash function H

Performance
: Easy to compute H(
m
)

One
-
way
property
: Given H(
m
) but not
m
, it’s computationally
infeasible to find
m

Weak
collision resistance (free)
: Given H(
m
), it’s computationally
infeasible to find
m’

such that H(
m’
) = H(
m
).

Strong
collision resistance (free)
: Computationally infeasible to find
m
1
,
m
2

such that H(
m
1
) = H(
m
2
)

23

Hash Applications

File /

Message

integrity

Detect if a file has been changed by someone
after it was stored

Compute a hash H(F) of file F

openssl

dgst

-
md5
filename

24

Hash Applications

Password cannot be stored in plaintext

In a hashed format

Linux:
/etc/
passwd

25

Hash Applications

User authentication

Alice wants to authenticate herself to Bob

share a secret key K

26

Alice

Bob

time

computes

Y=H(R|K)

verifies that

Y=H(R|K)

Modern Hash Functions

MD5 (128 bits)

Previous versions (i.e., MD2, MD4) have weaknesses.

Broken; collisions published in August 2004

Too weak to be used for serious applications

SHA (Secure Hash Algorithm)

Weaknesses were found

SHA
-
1 (160 bits)

Broken, but not yet cracked

Collisions in 2
69

hash operations, much less than the brute
-
force attack
of 2
80

operations

Results were circulated in February 2005, and published in CRYPTO
’05 in August 2005

SHA
-
256
, SHA
-
384,

27

Birthday Attack

What is the smallest group size
k

such that

The probability that at least two people in the group
have the same birthday is greater than 0.5?

23

Implication for hash function H of length m

With probability at least 0.5

m/2

random inputs,

Two messages will have the same hash image

m=64, 1ns per hash

Brute force (2
64
): 10
13

seconds over 300 thousand years

Birthday attack (
2
32
): 4 seconds

28

Lab 1

Sample codes

eecs.mit.edu’s

IP is 18.62.1.6

Assume their
subnetwork

use 28
-
bit prefix

18. 62. 1. 0000
0110

Scan 18.62.1.0 ~ 18.62.1.15

dig
-
x 18.62.1.0 +short

/home/shengbo/it443/scanip.sh

/
home/shengbo/it443/scanip.pl

29