slides

furiouserectAI and Robotics

Nov 21, 2013 (3 years and 11 months ago)

113 views

Cryptography

Dan Fleck

CS 469: Security Engineering

These slides are modified with permission from Bill Young (
Univ

of Texas)

Coming up: Cryptography

1

Cryptography

Apply your cryptanalytic skills.

How
do you get started?

What questions
should you ask?



What is the likely
underlying


language of the plaintext
?



What
characteristics of the probable source text are relevant?


What
characteristics of the source language are relevant?


What
is the likely nature/complexity of the
encryption
algorithm
?


Have
any transformations/compressions been applied prior
to
encryption
?


What
else?

CIA
Kryptos

Sculpture

Coming up: Encryption / Decryption

2

Encryption / Decryption

The purpose of encryption is to render the message less useful
/
meaningful
to any eavesdropper. Conceptually, the process
of
encryption
is quite simple
:




As is the process of decryption:

Encrypt

ciphertext

plaintext

Key
e

(optional)

Decrypt

plaintext

ciphertext

Key
d

(optional)

Coming up: Information Theory and Cryptography

3

Information Theory and
Cryptography

Information theory informs cryptography in several ways:



What effect does encrypting a message have on
the
information
content of the file?


An
attempt to decrypt a message is really an attempt
to
recover
a message from a (systematically) noisy channel.


How
can redundancy in the source give clues to the
decoding
process
?


Is
a perfect encryption possible (i.e., one that is
theoretically
unbreakable
)?

Coming up: Some Terminology

4

Some
Terminology

Encryption and decryption are functions which transform one
text into
another. In functional notation:


C = E(P) and P = D(C)


where C denotes
ciphertext
, E is the encryption rule, D is
the
decryption
rule, P is the plaintext. In this case, we also have:


P = D(E(P))


It is obviously important to be able to recover the original
message from
the
ciphertext
.

Coming up: Keyed Algorithms

5

Keyed
Algorithms

Often the encryption and decryption algorithms use a key K.
The key
selects a specific algorithm from the family of
algorithms defined
by E.


We write this dependence as:


C
= E(P,K
E

) and P = D(C,K
D
)


If K
E

= K
D
, then the algorithm is called
symmetric
. If not, then
it is
called
asymmetric
. In general,


P = D(E(P,K
E

),K
D
)


An algorithm that does not use a key is called a
keyless cipher
.

Coming up: Some Notation

6

Some
Notation

Often the notation E(P,K) and D(C,K) becomes cumbersome
. An
alternative notation is often used, particularly in
cryptographic
protocols
.


We’ll often
use
to denote E(P,K),
and sometimes
to
denote D
(P,K). For example
,



This
is usually appropriate since, in many important
commercial
cryptosystems
, the same algorithm is used for both encryption
and decryption
(i.e., the algorithm is its own inverse).

P

D
(
E
(
P
,
K
E
)
,
K
D
)

{
{
P
}
K
E
}
K
D
Coming up: Cryptanalysis Tools

7

{
P
}
K
E
{
P
}
K
D
Cryptanalysis
Tools

The analyst works with:



encrypted messages,


known
encryption algorithms,


intercepted
plaintext,


data
items known or suspected to be in a
ciphertext

message,


mathematical
and statistical tools and techniques,


properties
of languages,


computers
,


ingenuity
and luck.

Really!

CIA
revealed that their analyst David Stein had
also solved the same sections in 1998, using pencil and
paper techniques, though at the time of his solution the
information was only disseminated within the
intelligence community, and no public announcement
was made.
-
Wikipedia

Coming up: Lessons

8

Lessons


Encryption
is designed to obscure the meaning of text.


Redundancy
is the enemy of secure encryption because
it
provides
leverage to the attacker.

End of presentation

9