Tomáš Foltýnek
foltynek@pef.mendelu.cz
Faculty
of Business
and Economics
An Introduction to
Cryptology & Steganography
Mgr. Tomas
Foltynek
, Ph.D.
Department of Informatics
Faculty of Business and Economics
Mendel University in Brno
Czech republic
An Introduction to
Cryptology & Steganography
Introduction
•
Secure communication problem is as old as
mankind
–
people want privacy (=nobody reads their messages)
–
people are curious (=want to read others’ messages)
•
More communication => more need of security
•
We often hear about
–
Hackers, crackers, attackers,
–
Viruses, worms, Trojan horses
–
E

banking breakthroughs
–
Breaking ciphers and secret codes
–
Hidden messages, watermarks
•
How are these topics related?
An Introduction to
Cryptology & Steganography
Content
•
What is cryptology
•
Symmetric cryptology
–
Basic principles
•
Asymmetric cryptology
–
Digital signature
•
Steganography
An Introduction to
Cryptology & Steganography
What is cryptology
•
Science of cryptography and cryptanalysis
•
Cryptography
–
science of secret codes, enabling the confidentiality of
communication through an insecure channel
–
e.i. how to make a message uncomprehensible for unauthorised
persons
•
Cryptanalysis
–
theory of (in)security analysis of cryptographic systems
–
e.i. how to break ciphers and read secret messages
•
Also includes Steganography & Steganalysis
–
how to hide a message
–
how to find a hidden message
•
Word origin from Greek: crypto = hidden
An Introduction to
Cryptology & Steganography
The Paradigms of Cryptography
•
Confidentiality
–
the content of a message remains secret
–
information should’n leak to third party
•
Data integrity
–
to avoid any malicious data manipulation
•
insertion, deletion, substitution
•
Authentication
–
identification of the author
–
signature authentication, access control, etc.
An Introduction to
Cryptology & Steganography
Other Goals of Cryptography
•
Authorisation
–
confirmation about data origin
•
Non

repudiation
–
nobody can deny previous action
•
Practical notions
–
Anonymity, electronic payment, electronic
votes, zero

knowledge protocol,…
An Introduction to
Cryptology & Steganography
Cryptographic methods
•
Transposition
–
change the position of
characters
–
Characters remain
the same
•
Substitution
–
position of
characters remain
the same
–
characters in the message are changed
An Introduction to
Cryptology & Steganography
Transposition
•
The position of letters is changed
•
Example:
IWSAYNMNAERG
–
TAMNADAYYAAO
IAIGOBTEE
–
NKNDMYHSA
TAAADNHRLVDHMOMYNW
–
HTMIETEEIEWOYUAKO
BTEAEFNAELE
–
YHNMOANBLE
•
Solution:
It was many and many a year ago
In a kingdom by the sea
That a maiden there lived whom you may know
By the name of Annabel Lee
An Introduction to
Cryptology & Steganography
Scytale (Sparta)
•
First military cipher in history
•
Leather tape wound on a pole of given
thickness
An Introduction to
Cryptology & Steganography
Substitution
•
The letters are changed
•
Codes
–
binary code
–
Morse code
•
Ciphers
–
Alphabet shifting (Caesar cipher)
–
Polyalfabetic substitution (Vigen
ère
cipher)
An Introduction to
Cryptology & Steganography
Denotion
of
Communication
P
arties
•
A
–
Alice
–
sender of the message
•
B
–
Bob
–
recipient of the message
•
E
–
Eve
–
eavesdropper
–
tries to break the message
•
E
–
encoding/enciphering algorithm
•
D
–
decoding/deciphering algorithm
•
M
–
message (plaintext)
•
K
–
key
•
C
–
ciphertext
•
C = E(M, K); M = D(C, K)
An Introduction to
Cryptology & Steganography
General encryption process
•
Sender
applies
encryption algorithm
to a
plain
text
•
S/he gains a
cipher text
, sends it to the
recipient
•
Recipient
applies
decryption algorithm
to the
cipher text
•
S/he gains the
plain text
again
An Introduction to
Cryptology & Steganography
Division of Cryptography
•
Symmetric cryptography
–
both sender and recipient have the same
key
–
deciphering is an inversion of enciphering
•
Asymmetric cryptography
–
sender and recipient have different keys
–
mathematic relation
–
algorithms are generally different
–
useful for both encryption and digital
signature
An Introduction to
Cryptology & Steganography
Modular arithmetics
•
Arithmetics on a cyclic set
•
2 + 3 = 5 (mod 7)
•
5 + 4 = 2 (mod 7)
•
5
∙
4 = 6 (mod 7)
–
because 20/7 = 2, remainder 6
•
11
∙
9 = 1 (mod 7)
–
because 99/7 = 14, remainder 1
•
3
5
= 5 (mod7)
An Introduction to
Cryptology & Steganography
XOR operation
•
eXclusive OR
•
Logical OR, only one of two given expression can
be true
–
0
0 = 0
–
0
1 = 1
–
1
0 = 1
–
1
1 = 0
•
Sum modulo 2
•
Simple enciphering and deciphering
C = M
K, M = C
K
An Introduction to
Cryptology & Steganography
Kerckhoffs
’
princip
le
•
Basic cryptographic
princip
le
•
Dutch
lingvist Auguste Kerckhoffs von
Nieuwenhoff (1883)
“A cryptosystem is secure even if
everything about the system, except the
key, is public knowledge”
•
Security shouldn’t depend on the secrecy of
algorithm, but on the secrecy of the key
An Introduction to
Cryptology & Steganography
Caesar Cipher
•
Alphabet shifted by 3
abcdefghijklmnopqrstuvwxyz
DEFGHIJKLMNOPQRSTUVWXYZABC
•
Example
–
veni, vidi, vici
YHQL, YLGL, YLFL
•
Algorithm: alphabet shift
•
Key: by how many letters
–
25 possible keys (English)
An Introduction to
Cryptology & Steganography
Classical Ciphers
•
Monoalphabetic
substitution
cipher
abcdefghijklmnopqrstuvwxyz
JULISCAERTVWXYZBDFGHKMNOPQ
•
Kryptanalysis
via
frequency
analysis
–
found
by
arabic
theologists
•
Zero
letters
,
code
words
,
homomorfic
substitution
•
Vigen
ère
(polyalphabetic) cipher
–
Key length by
Kasiski
examination
–
Frequency analysis
•
Vernam
cipher (one

time pad)
–
Theoretically unbreakable
An Introduction to
Cryptology & Steganography
Why
Was
a
Computer
I
nvented
?
•
New inventions mostly come of
–
human laziness
–
wars
•
First computer
–
1943 Colossus
–
Great Britain, Bletchley Park
–
Breaking German ENIGMA code
An Introduction to
Cryptology & Steganography
An Introduction to
Cryptology & Steganography
An Introduction to
Cryptology & Steganography
Breaking the Enigma
•
Poland
–
Marian Rejewski
–
codebooks for day key inference
from repeated message key
–
mechanical decipherer
–
“bomb”
•
Alan Turing (1912
–
1954)
–
Inventor of Turing machine,
founder of the theory of computation
–
Analysed plenty of messages
•
given structure (weather info)
–
New type of “bomb” guessing the key from
ciphertext and supposed plaintext
An Introduction to
Cryptology & Steganography
An Introduction to
Cryptology & Steganography
Computers in Cryptology
•
Breaking ciphers = trying huge amount of
possibilities
–
computer does this in quite short time
–
the end of “classical” ciphers
•
One

way functions
–
computation of every input
in polynomial time
–
computation of inverse in
exponential time
–
P != NP problem
An Introduction to
Cryptology & Steganography
Symmetric encryption algorithms
•
DES, 3DES, AES, IDEA
–
Block ciphers
–
Many rounds consisting of transpositions, permutations,
substitutions, XOR with key, etc.
•
Security depends on the key length
–
Let’s consider 128 bit key
–
2
128
possible values
–
1GHz processor: 2
30
operations per second
–
Breaking time: 2
98
seconds
–
The age of the Universe: 2
60
seconds
–
1 more bit => breaking time doubles
•
Problem: How to distribute the key?
An Introduction to
Cryptology & Steganography
Data Encryption Standard
•
Block symmetric cipher
•
1973
–
1974 Horst Fiestel
•
16 rounds, Fiestel funciton
–
expansion, XOR, substitution,
permutation
•
Better methods
than brute force
attack are known
•
3DES
–
good for the
present
An Introduction to
Cryptology & Steganography
Asymmetric
Cryptography
: RSA
•
A pair of keys is
needed
–
Public key
–
Private key
•
Try
to
–
count 13*37
–
factorize
527
•
Security relies on infeasible
factorization of p*q (
p,q
are primes)
–
The secret key is derived from a product
An Introduction to
Cryptology & Steganography
Using RSA for Encryption and Digital
Signature
•
Using RSA for encryption
–
Sender encrypts the message with receiver’s public key
(everyone can do this)
–
Only receiver is able to decrypt the message (s/he is the
only one having private key)
•
Using RSA for digital signature
–
Author encrypts the message (hash) with his own private
key (only he can do this)
–
Anybody can examine his/her authorship by decrypting
the message by author’s public key
•
Combination (encryption and signature)
–
Sender encrypts the message both with receiver’s public
key and his own private key
–
Only receiver can decrypt the message and examine
authorship
An Introduction to
Cryptology & Steganography
Digital signature scheme
An Introduction to
Cryptology & Steganography
Verification of the Digital Signature
An Introduction to
Cryptology & Steganography
Bypassing cryptography
•
Cryptanalysis stands behind
cryptography
•
“Unbreakable” ciphers are known
–
Meant unbreakable in reasonable time
•
Electromagnetic tapping
–
Messages are captured before encryption
–
Tapping can be shielded; In USA special
permission from FBI is required
•
Viruses, Trojan horses
An Introduction to
Cryptology & Steganography
Steganography
•
Hiding the existence of the message
•
Hiding messages to almost all file types is possible
–
Images, Music, Video, Executables, Text, …
Source: Wikipedia
An Introduction to
Cryptology & Steganography
Why to use Steganography
•
Cryptography may be illegal in some
countries
•
We want to hide a message itself
–
Security by obscurity
•
Enciphered message arouse suspicion
•
Protection of communication parties
–
Not only of a message
An Introduction to
Cryptology & Steganography
Steganography in Antiquity
and in the Middle Ages
•
The
battle of Salamis (480 BC)
–
message hidden under wax on empty tables
•
The revolt against Persians
–
The message tattooed to the shaved head of a
slave, hidden by regrown hair
•
China
–
message
written
on silk in a wax bullet,
messenger swallowed the bullet
…
•
Italy
–
Secret inks
An Introduction to
Cryptology & Steganography
Steganography in the WW2
•
Hiding messages into toys, dolls,
flowers…
–
Sending these things was later banned in
UK and USA
•
Microdots
–
Text reduced onto size of 1mm
–
Pasted instead of period
•
Text covered by post stamp
An Introduction to
Cryptology & Steganography
Second letters
•
„
A
p
parently
n
e
utral's
p
r
otest
i
s
t
h
oroughly
d
i
scounted
a
n
d
i
g
nored
.
I
s
man
h
a
rd h
i
t.
B
l
ockade
i
s
sue
a
f
fects
p
r
etext
f
o
r
e
m
bargo o
n
b
y

products
,
e
j
ecting
s
u
ets
a
n
d
v
e
getable
o
i
ls
.
“
•
Used
by
German
spy
•
PERSHING SAILS FROM NY JUNE 1
An Introduction to
Cryptology & Steganography
Digital Steganography
•
Hiding messages into data files
•
Terminology:
–
Plaintext
–
message to be hid
•
Text or a file
•
Enciphered plaintext (
ciphertext
)
–
Covertext
–
carrier of a message
–
file we hide in
–
Stegotext
–
carrier containing a message
An Introduction to
Cryptology & Steganography
Usage of Steganography
•
WTC attacks on Sep 11 2001
–
Al
Quaeda
–
maps and instruction hidden in
images on sport chats and porn sites
•
Software watermarks
–
Microsoft’s patent
–
information about license is
hidden into executable
•
Printer steganography
–
Yellow tracking dots
•
Intelligence services
–
Communication with illegal agents
An Introduction to
Cryptology & Steganography
Steganographic
methods for text
•
Any message is a sequence of 0 and 1
–
We need to encode 2 different
symbols/states
•
Plain text
–
White characters at the end of line
–
Similar characters (I

1, O

0, etc.)
•
Formatted text
–
Similar fonts
–
Move of lines (by 1/300 inch)
An Introduction to
Cryptology & Steganography
Steganographic
methods for images
•
The most often transferred multimedia
–
Attracts less attention
•
LSB = Least Significant Bit
–
Serves for carrying the information
–
Image data is changed slightly
–
Human eye cannot recognize any change
•
Color palette
–
Order of colors encodes message
•
JPEG matrix
–
Less significant positions in hue matrix
An Introduction to
Cryptology & Steganography
Steganographic
methods for audio
•
LSB (same as images)
•
Parity coding
–
Uses parity bit as a carrier
•
Phase movement (WAV)
–
DCT decomposes signal to (co)
sines
–
Phase movement encodes message
–
Composition of
sines
to “original” sound
–
Totally different data
•
Encoding to noise
•
Echo coding
An Introduction to
Cryptology & Steganography
Steganography in
executables
•
Executable = sequence of instructions
•
Interchangable
instructions
–
A := 3; B := 5; S := A + B;
•
Positive / negative conditions
•
Content of unused variables
•
Jump over part with message
An Introduction to
Cryptology & Steganography
Steganalysis
•
Trying known methods
•
Comparing with known originals
•
Statistical analysis
–
Data from the same source
•
Noise analysis
•
Data may be changed before hiding
–
Compression, adding prefixes/suffixes
An Introduction to
Cryptology & Steganography
Steganographic
software
•
www.stegoarchive.com
•
www
.spammimic
.
com
•
JPHS (JPEG Hide and Seek)
An Introduction to
Cryptology & Steganography
S
ources
•
Literature
–
Simon
Singh
:
The Code Book
–
David Kahn:
The
Codebreakers
–
Serge
Vaudenay
:
A Classical Introduction to
Cryptography: Applications for
Communications Security
•
Internet
–
computer.howstuffworks.com
/computer

internet

security

channel.htm
–
en.wikipedia.org
/wiki/
Category:Computer_securi
ty
–
www.stegoarchive.
com
An Introduction to
Cryptology & Steganography
The end
•
Thank you for your attention
•
Questions?
Comments 0
Log in to post a comment