An Introduction to Cryptology & Steganography

furiouserectAI and Robotics

Nov 21, 2013 (3 years and 9 months ago)

93 views

Tomáš Foltýnek

foltynek@pef.mendelu.cz

Faculty

of Business

and Economics

An Introduction to

Cryptology & Steganography

Mgr. Tomas
Foltynek
, Ph.D.

Department of Informatics

Faculty of Business and Economics

Mendel University in Brno

Czech republic

An Introduction to
Cryptology & Steganography


Introduction


Secure communication problem is as old as
mankind


people want privacy (=nobody reads their messages)


people are curious (=want to read others’ messages)


More communication => more need of security


We often hear about


Hackers, crackers, attackers,


Viruses, worms, Trojan horses


E
-
banking breakthroughs


Breaking ciphers and secret codes


Hidden messages, watermarks


How are these topics related?

An Introduction to
Cryptology & Steganography


Content


What is cryptology


Symmetric cryptology


Basic principles


Asymmetric cryptology


Digital signature


Steganography

An Introduction to
Cryptology & Steganography


What is cryptology


Science of cryptography and cryptanalysis


Cryptography


science of secret codes, enabling the confidentiality of
communication through an insecure channel


e.i. how to make a message uncomprehensible for unauthorised
persons


Cryptanalysis


theory of (in)security analysis of cryptographic systems


e.i. how to break ciphers and read secret messages



Also includes Steganography & Steganalysis


how to hide a message


how to find a hidden message


Word origin from Greek: crypto = hidden

An Introduction to
Cryptology & Steganography


The Paradigms of Cryptography


Confidentiality


the content of a message remains secret


information should’n leak to third party


Data integrity


to avoid any malicious data manipulation


insertion, deletion, substitution


Authentication


identification of the author


signature authentication, access control, etc.

An Introduction to
Cryptology & Steganography


Other Goals of Cryptography


Authorisation


confirmation about data origin


Non
-
repudiation


nobody can deny previous action



Practical notions


Anonymity, electronic payment, electronic
votes, zero
-
knowledge protocol,…


An Introduction to
Cryptology & Steganography


Cryptographic methods


Transposition


change the position of
characters


Characters remain
the same


Substitution


position of
characters remain
the same


characters in the message are changed

An Introduction to
Cryptology & Steganography


Transposition


The position of letters is changed


Example:

IWSAYNMNAERG


TAMNADAYYAAO

IAIGOBTEE


NKNDMYHSA

TAAADNHRLVDHMOMYNW


HTMIETEEIEWOYUAKO

BTEAEFNAELE


YHNMOANBLE


Solution:

It was many and many a year ago

In a kingdom by the sea

That a maiden there lived whom you may know

By the name of Annabel Lee

An Introduction to
Cryptology & Steganography


Scytale (Sparta)


First military cipher in history


Leather tape wound on a pole of given
thickness

An Introduction to
Cryptology & Steganography


Substitution


The letters are changed


Codes


binary code


Morse code


Ciphers


Alphabet shifting (Caesar cipher)


Polyalfabetic substitution (Vigen
ère
cipher)

An Introduction to
Cryptology & Steganography


Denotion

of
Communication
P
arties


A


Alice


sender of the message


B


Bob


recipient of the message


E


Eve


eavesdropper


tries to break the message



E


encoding/enciphering algorithm


D


decoding/deciphering algorithm



M


message (plaintext)


K


key


C


ciphertext



C = E(M, K); M = D(C, K)

An Introduction to
Cryptology & Steganography


General encryption process


Sender
applies
encryption algorithm
to a
plain
text


S/he gains a
cipher text
, sends it to the
recipient


Recipient
applies
decryption algorithm
to the
cipher text


S/he gains the
plain text

again


An Introduction to
Cryptology & Steganography


Division of Cryptography


Symmetric cryptography


both sender and recipient have the same
key


deciphering is an inversion of enciphering


Asymmetric cryptography


sender and recipient have different keys


mathematic relation


algorithms are generally different


useful for both encryption and digital
signature


An Introduction to
Cryptology & Steganography


Modular arithmetics


Arithmetics on a cyclic set



2 + 3 = 5 (mod 7)


5 + 4 = 2 (mod 7)


5


4 = 6 (mod 7)


because 20/7 = 2, remainder 6


11


9 = 1 (mod 7)


because 99/7 = 14, remainder 1


3
5

= 5 (mod7)

An Introduction to
Cryptology & Steganography


XOR operation


eXclusive OR


Logical OR, only one of two given expression can
be true


0


0 = 0


0


1 = 1


1


0 = 1


1


1 = 0


Sum modulo 2


Simple enciphering and deciphering

C = M


K, M = C


K

An Introduction to
Cryptology & Steganography


Kerckhoffs


princip
le


Basic cryptographic

princip
le


Dutch
lingvist Auguste Kerckhoffs von
Nieuwenhoff (1883)


“A cryptosystem is secure even if
everything about the system, except the
key, is public knowledge”



Security shouldn’t depend on the secrecy of
algorithm, but on the secrecy of the key



An Introduction to
Cryptology & Steganography


Caesar Cipher


Alphabet shifted by 3

abcdefghijklmnopqrstuvwxyz

DEFGHIJKLMNOPQRSTUVWXYZABC


Example


veni, vidi, vici


YHQL, YLGL, YLFL


Algorithm: alphabet shift


Key: by how many letters


25 possible keys (English)

An Introduction to
Cryptology & Steganography


Classical Ciphers


Monoalphabetic

substitution

cipher

abcdefghijklmnopqrstuvwxyz

JULISCAERTVWXYZBDFGHKMNOPQ


Kryptanalysis

via
frequency

analysis


found

by
arabic

theologists


Zero

letters
,
code

words
,
homomorfic

substitution


Vigen
ère

(polyalphabetic) cipher


Key length by
Kasiski

examination


Frequency analysis


Vernam

cipher (one
-
time pad)


Theoretically unbreakable


An Introduction to
Cryptology & Steganography


Why
Was
a
Computer
I
nvented
?


New inventions mostly come of


human laziness


wars


First computer


1943 Colossus


Great Britain, Bletchley Park


Breaking German ENIGMA code

An Introduction to
Cryptology & Steganography



An Introduction to
Cryptology & Steganography


An Introduction to
Cryptology & Steganography


Breaking the Enigma


Poland


Marian Rejewski


codebooks for day key inference

from repeated message key


mechanical decipherer


“bomb”


Alan Turing (1912


1954)


Inventor of Turing machine,

founder of the theory of computation


Analysed plenty of messages


given structure (weather info)


New type of “bomb” guessing the key from
ciphertext and supposed plaintext

An Introduction to
Cryptology & Steganography



An Introduction to
Cryptology & Steganography


Computers in Cryptology


Breaking ciphers = trying huge amount of
possibilities


computer does this in quite short time


the end of “classical” ciphers


One
-
way functions


computation of every input

in polynomial time


computation of inverse in

exponential time


P != NP problem

An Introduction to
Cryptology & Steganography


Symmetric encryption algorithms


DES, 3DES, AES, IDEA


Block ciphers


Many rounds consisting of transpositions, permutations,
substitutions, XOR with key, etc.


Security depends on the key length


Let’s consider 128 bit key


2
128

possible values


1GHz processor: 2
30

operations per second


Breaking time: 2
98

seconds


The age of the Universe: 2
60

seconds


1 more bit => breaking time doubles


Problem: How to distribute the key?


An Introduction to
Cryptology & Steganography


Data Encryption Standard


Block symmetric cipher


1973


1974 Horst Fiestel


16 rounds, Fiestel funciton


expansion, XOR, substitution,
permutation


Better methods

than brute force

attack are known


3DES


good for the

present

An Introduction to
Cryptology & Steganography


Asymmetric
Cryptography
: RSA


A pair of keys is
needed


Public key


Private key


Try
to


count 13*37


factorize
527


Security relies on infeasible
factorization of p*q (
p,q

are primes)


The secret key is derived from a product

An Introduction to
Cryptology & Steganography


Using RSA for Encryption and Digital
Signature


Using RSA for encryption


Sender encrypts the message with receiver’s public key
(everyone can do this)


Only receiver is able to decrypt the message (s/he is the
only one having private key)


Using RSA for digital signature


Author encrypts the message (hash) with his own private
key (only he can do this)


Anybody can examine his/her authorship by decrypting
the message by author’s public key


Combination (encryption and signature)


Sender encrypts the message both with receiver’s public
key and his own private key


Only receiver can decrypt the message and examine
authorship

An Introduction to
Cryptology & Steganography


Digital signature scheme


An Introduction to
Cryptology & Steganography


Verification of the Digital Signature


An Introduction to
Cryptology & Steganography


Bypassing cryptography


Cryptanalysis stands behind
cryptography


“Unbreakable” ciphers are known


Meant unbreakable in reasonable time


Electromagnetic tapping


Messages are captured before encryption


Tapping can be shielded; In USA special
permission from FBI is required


Viruses, Trojan horses

An Introduction to
Cryptology & Steganography


Steganography


Hiding the existence of the message


Hiding messages to almost all file types is possible


Images, Music, Video, Executables, Text, …


Source: Wikipedia

An Introduction to
Cryptology & Steganography


Why to use Steganography


Cryptography may be illegal in some
countries


We want to hide a message itself


Security by obscurity


Enciphered message arouse suspicion


Protection of communication parties


Not only of a message

An Introduction to
Cryptology & Steganography


Steganography in Antiquity

and in the Middle Ages


The
battle of Salamis (480 BC)


message hidden under wax on empty tables


The revolt against Persians


The message tattooed to the shaved head of a
slave, hidden by regrown hair


China


message
written
on silk in a wax bullet,
messenger swallowed the bullet



Italy


Secret inks


An Introduction to
Cryptology & Steganography


Steganography in the WW2


Hiding messages into toys, dolls,
flowers…


Sending these things was later banned in
UK and USA


Microdots


Text reduced onto size of 1mm


Pasted instead of period


Text covered by post stamp



An Introduction to
Cryptology & Steganography


Second letters



A
p
parently

n
e
utral's

p
r
otest
i
s

t
h
oroughly

d
i
scounted

a
n
d
i
g
nored
.
I
s
man

h
a
rd h
i
t.
B
l
ockade

i
s
sue

a
f
fects

p
r
etext
f
o
r

e
m
bargo o
n

b
y
-
products
,
e
j
ecting

s
u
ets

a
n
d
v
e
getable

o
i
ls
.



Used

by
German

spy


PERSHING SAILS FROM NY JUNE 1


An Introduction to
Cryptology & Steganography


Digital Steganography


Hiding messages into data files


Terminology:


Plaintext


message to be hid


Text or a file


Enciphered plaintext (
ciphertext
)


Covertext



carrier of a message


file we hide in


Stegotext



carrier containing a message

An Introduction to
Cryptology & Steganography


Usage of Steganography


WTC attacks on Sep 11 2001


Al
Quaeda



maps and instruction hidden in
images on sport chats and porn sites


Software watermarks


Microsoft’s patent


information about license is
hidden into executable


Printer steganography


Yellow tracking dots


Intelligence services


Communication with illegal agents

An Introduction to
Cryptology & Steganography


Steganographic

methods for text


Any message is a sequence of 0 and 1


We need to encode 2 different
symbols/states


Plain text


White characters at the end of line


Similar characters (I
-
1, O
-
0, etc.)


Formatted text


Similar fonts


Move of lines (by 1/300 inch)

An Introduction to
Cryptology & Steganography


Steganographic

methods for images


The most often transferred multimedia


Attracts less attention


LSB = Least Significant Bit


Serves for carrying the information


Image data is changed slightly


Human eye cannot recognize any change


Color palette


Order of colors encodes message


JPEG matrix


Less significant positions in hue matrix

An Introduction to
Cryptology & Steganography


Steganographic

methods for audio


LSB (same as images)


Parity coding


Uses parity bit as a carrier


Phase movement (WAV)


DCT decomposes signal to (co)
sines


Phase movement encodes message


Composition of
sines

to “original” sound


Totally different data


Encoding to noise


Echo coding

An Introduction to
Cryptology & Steganography


Steganography in
executables


Executable = sequence of instructions


Interchangable

instructions


A := 3; B := 5; S := A + B;


Positive / negative conditions


Content of unused variables


Jump over part with message

An Introduction to
Cryptology & Steganography


Steganalysis


Trying known methods


Comparing with known originals


Statistical analysis


Data from the same source


Noise analysis



Data may be changed before hiding


Compression, adding prefixes/suffixes

An Introduction to
Cryptology & Steganography


Steganographic

software


www.stegoarchive.com


www
.spammimic
.
com


JPHS (JPEG Hide and Seek)

An Introduction to
Cryptology & Steganography


S
ources


Literature


Simon
Singh
:
The Code Book


David Kahn:
The
Codebreakers


Serge
Vaudenay
:
A Classical Introduction to
Cryptography: Applications for
Communications Security


Internet


computer.howstuffworks.com
/computer
-
internet
-
security
-
channel.htm


en.wikipedia.org
/wiki/
Category:Computer_securi
ty


www.stegoarchive.
com

An Introduction to
Cryptology & Steganography


The end


Thank you for your attention


Questions?