Cryptography 1
CS432
Overview
What is cryptography and cryptology?
The main components of a crypto system.
Problems solved by cryptography.
Basic concepts: symmetric cryptography,
asymmetric cryptography, digital
signatures.
Types of algorithms and related concepts.
Cryptography and Cryptology
Encryption
: transformation of intelligible,
understandable information into unintelligible form to
disguise its meaning and intent from intruders.
Decryption:
The inverse transformation of encrypted
information into intelligible form
Both encryption and decryption are based on keys. It
should be difficult or impossible to decrypt a message
without knowing the key.
Cryptography
: encryption + decryption.
Cryptanalysis:
analyzing encrypted information with the
intent of recovering the original plain information, without
knowing the key.
Cryptology
: cryptography + cryptanalysis.
The Encryption and Decryption
Process
The encryption model
The major components of a crypto
system (the model)
Plain text:
the original message before encryption.
Encryption Algorithm
: the algorithm used to transform
the plaintext into unintelligible form (the cipher text).
The cipher text
: the encrypted text.
Encryption key
: the encryption process is always based
on a key.
Decryption Algorithm
: used to transforms cipher text
back to plaintext.
The Decryption key
: the key used in the decryption
process.
All algorithms must be public; only the keys are secret.
Intruders and Cryptanalysis
It is assumed that there is an
intruder
who listens to all communications and
he may copy or delete any message
An
active intruder
modifies some
messages and re

inserts them
A
passive intruder
just listens
To decrypt a message without having a
key, an intruder practices the art of
cryptanalysis
What Does Cryptography Solve?
Confidentiality
Ensure that nobody can get knowledge of what you transfer even if
listening to the whole conversation
Integrity
Ensure that message has not been modified during the
transmission
Authenticity
You can verify that you are talking to the entity you think you are
talking to
Identity
You can verify who is the specific individual behind that entity
Non

repudiation
The individual behind that asset cannot deny being associated with
it
Symmetric Encryption
“An introduction
to cryptography”
“AxCvGsmWe#4^,
sdgfMwir3:dkJeTs
Y8R
\
s@!q3%”
“An introduction
to cryptography”
Clear

text input
Clear

text output
Cipher

text
Same key
(shared secret)
Encryption
Decryption
DES
DES
Asymmetric Encryption
“An introduction
to cryptography”
“Py75c%bn&*)9f
De^bDzjF@g5=&
nmdFgegMs”
“An
introduction to
cryptography”
Clear

text Input
Clear

text Output
Cipher

text
Different keys
Encryption
Decryption
RSA
RSA
Asymmetric Encryption
Things to remember about asymmetric keys:
The relation between the two keys is unknown and from one
key you cannot gain knowledge of the other, even if you
have access to clear

text and cipher

text
The two keys are interchangeable. All algorithms make no
difference between public and private key. When a key pair
is generated, any of the two can be public or private
g$5knvMd’rk
vegMs”
Clear
text
?
Encryption
Example: Confidentiality
Different
keys
Recipient’s
public key
Recipient’s
private key
private
public
Encryption
Decryption
“An
introduction to
cryptography”
“Py75c%bn&*)9f
De^bDzjF@g5=&
nmdFgegMs”
“An
introduction to
cryptography”
Clear

text Input
Clear

text Output
Cipher

text
Example: Authenticity
Different
keys
Sender’s
public key
Sender’s
private key
private
public
Encryption
Decryption
“An introduction
to cryptography”
“Py75c%bn&*)9f
De^bDzjF@g5=&
nmdFgegMs”
“An introduction
to cryptography”
Clear

text Input
Clear

text Output
Cipher

text
Creating a Digital Signature
3kJfgf*£$&
Py75c%bn
This is the
document
created by
Gianni
Message or File
Digital Signature
Message Digest
Calculate a short message
digest from even a long input
using a one

way message
digest function (hash)
Signatory's
private key
priv
Generate
Hash
SHA, MD5
Asymmetric
Encryption
RSA
This is the
document
created by
Ahmed
3kJfgf*£$&
Signed
Document
(Typically 128 bits)
Verifying a Digital Signature
RSA
This is the
document
created by
Ahmed
3kJfgf*£$&
Signed
Document
Py75c%bn
Message Digest
Generate
Hash
Gianni's public key
(from certificate)
Asymmetric
Decryption
pub
Digital
Signature
Py75c%bn
? Compare ?
Classification of Ciphers
Substitution ciphers
Cesar’s cipher
Affine transformation ciphers
Transposition ciphers
One

time pad
Block ciphers
Exponentiation ciphers
RSA
Substitution Ciphers
Each symbol is replaced by another symbol (Example:
with Latin alphabet, in
monoalphabetic substitution
, the key
is a 26

letter string that represents the substituting
permutation of the alphabet, so 26! keys are available)
Case study
:
Caesar cipher (A

> D, B

> E, C

>F, …Z

>C )
,
or
ord (s) = [ord(s) + 3] mod 26.
Letters
are packed in equal blocks to prevent cryptanalysis
based on the word length
Case Study: Cesar’s Cipher
Plaintext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Ciphertext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
THIS MESSAGE IS TOP SECRET
THISM ESSAG EISTO PSECR ET
19 7 8 18 12  4 18 18 0 6  4 8 18 19 14 
15 18 4 2 17  4 19
22 10 11 21 15  7 21 21 3 9  7 11 21 22
17  18 21 7 5 20  7 22
WKLVP HVVDJ HLVWR SVHFU HW
Substitution Ciphers
Substitution ciphers are easy to break with a
relatively small amount of ciphertext, using
statistical properties of the language
(frequency of letters, b
igrams
,
trigrams
, etc.)
A Cryptanalysis Example
Letter
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Frequency 7 1 3 4 13 3 2 3 8 <1 <1 4 3 8 7 3 <1 8 6 9 3 1 1 <1 2 <1
The frequencies of occurrence of letters in English text:
Letter
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Frequency 1 0 4 5 1 3 0 0 0 1 0 1 1 1 0 7 2 2 2 3 0 0 1 2 3 2
Analysis of the frequencies of occurrence of letters in the ciphertext:
Ciphertext:
YFXMP CESPZ CJTDF DPQFW QZCPY NTASP CTYRX PDDLR PD
(Suppose, we know that shift transformation cipher was used)
Guess: P(7) = E(13) =>
15 = 4 + k (mod 26) => k = 11.
Plaintext: NUMBE RTHEO RYISU SEFUL FOREN CIPHE RINGM ESSAG ES
(NUMBER THEORY IS USEFUL FOR ENCIPHERING MESSAGES)
Transposition Cipher
All symbols are reordered according to a
permutation specified by the key
Example:
WISPER
the key
—
must have no repeated symbols
6253 14
the relative order of each symbol in the key
“CIS IS THE BEST COLLEGE IN TOWN”
C I S I S T
H E B E S T
C O L L E G
E I N T O W
plaintext
is written in
rows
of the key’s
size
N x x x x x
the last row is
padded
1 2 3 4 5 6
SOXLEIEEGTTHUTTMNY
(ciphertext is written in columns
permuted in the order of key’s symbols)
Transposition ciphers can also be broken by guessing the key
size and using statistical analysis when the cryptanalyst knows
that it is a transposition cipher.
Transposition Ciphers
C I S I S T
H E B E S T
C O L L E G
E I N T O W
plaintext
is written in
rows
of the key’s
size
N x x x x x
the last row is
padded
WISPER
6253 14
SIITSC
SEETBH
EOLGLC
OITWNE
XXXXXN
Cipher Text: SSEOX IEOIX IELTX TTGWX SBLNX CHCEN
Any bit sequence the size of plaintext can be a key. Each bit of
plaintext is XOR

ed with the corresponding bit of the key to
produce a bit of the ciphertext
One

Time Pad Ciphers
0
1
1
1
0
0
1
0
(XOR)
+
E
K
D
K
=
)
(
)
(
x
y
y
x
y
x
Plaintext: 001110011010010110
Key: 100100100111110110
Ciphertext: 101010111101100000
Example:
One

time Pad is unbreakable;
however key distribution is a big
problem…
Block Ciphers (Affine Transformation)
Key:
A
is a square integer matrix of order
n
such that (
A
, 26) = 1
B
is an
n

vector of integers
The ciphertext is split into blocks of
length
n;
the last block is padded
For each block
P
,
compute
C = (AP + B) (mod 26)
Exponentiation Ciphers
Given:
p
is a prime
The
key,
e
> 0
satisfies:
(e, p

1) = 1
Plaintext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
1.
Group the resulting numbers into blocks of
2m
decimal digits, where
m
is
the largest even integer such that the decimal value of each block is less
than
p
2.
For each plaintext block,
P,
compute a ciphertext block
C = P
e
(mod p)
3.
To decipher, find
d
such that
de
≡ 1 (mod p

1)
and compute
P = C
d
(mod p)
C
d
≡ P
ed
P ≡ P
k(p

1)+1
≡ [P
(p

1)
]
k
P ≡ P (mod p)
(By Fermat’s Little Theorem)
Exponentiation Ciphers: An Example
p = 2633;
the key
e = 29; (e, p

1) = (29, 2632) =
1;
Block length is 4 (
m=2)
Plaintext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
THIS IS AN EXAMPLE OF AN EXPONENTIATION CIPHER
1907 0818 0818 0013 0423 0012 1511 0414 0500 1304 2315 1413 0413 1908 0019
0814 1302 0815 0704 17
23
1907
29
≡
2199 (mod 2633)
2199 1745 1745 1206 2437 2425 1729 1619 0935 0960 1072 1541 1701 1553 0735
2064 1351 1794 1841 1459
d
=
2269
2269*2622
≡ 1 (mod 2622)
2199
2269
≡
1907 (mod 2633)
One Immediate Application:
The Diffie

Hellman Algorithm
Problem:
Establish
common
keys (for symmetric cryptography) to be used by two
individuals so that
intruders
cannot discover them in a feasible amount of computer time.
Let
•
p
be a large prime
•
a
be an integer relatively prime to
p
These are known to all!
Pick
k
1
relatively prime
to
p

1
p
y
p
a
y
k
1
1
0
),
(mod
1
Pick
k
2
relatively prime
to
p

1
p
y
p
a
y
k
2
2
0
),
(mod
2
p
K
p
a
p
y
K
k
k
k
0
),
(mod
)
(mod
2
1
2
1
p
K
p
a
p
y
K
k
k
k
0
),
(mod
)
(mod
1
2
1
2
=
A Simple Example of a DH
Exchange
p
=17
a
= 2
k
1
= 3
8
)
17
(mod
8
)
(mod
1
1
p
a
y
k
k
2
= 5
15
)
17
(mod
32
)
(mod
2
2
p
a
y
k
9
)
17
(mod
32768
)
(mod
2
1
p
y
K
k
9
)
17
(mod
3375
)
(mod
1
2
p
y
K
k
=
Modern
Symmetric

Key Algorithms
Combine transpositions and
substitutions and cascade them to
make the algorithms very complex (to
prevent cryptanalysis even when large
amounts of ciphertext are available)
Often use
block
ciphers
E
D
K
K
4

bit transposition (T)
S
S
S
S
S
S
T
S
T
S
T
Cascading into a
product
4 to 2 encoder
2

bit substitution (S)
T
2 to 4 decoder
Some Common Symmetric

Key
Cryptographic Algorithms
(after A. Tanenbaum)
Cipher
Key size (bits)
Characteristics
Rijndael
128

256
Best
Triple DES
168
Second best
Serpent, Twofish
128

256
Very strong
IDEA
128
Good (but patented)
RC5
128

256
Good (but patented)
RC4
1

2048
Some keys are weak
DES
56
Weak
Public

Key Cryptography
A (public key, private key) pair
Publish the public key (= encryption key)
Keep the private key (= decryption key) secret
Two essential requirements:
1)
2) It is
very hard (
i.e,
computationally infeasible)
to obtain from
To send a message
M
to you, I send
You decrypt it, obtaining:
E
K
D
K
.
))
(
(
M
M
K
K
E
D
I
K
K
E
D
D
K
E
K
);
(
M
K
E
RSA (Rivest, Shamir, Adleman)
Parameters:
p, q, n, z, d, e
Choose, large (1024 bits)
primes
:
p, q
Compute
n = pq, z = φ(n) = (p

1)(q

1)
Choose the
exponent
e
relatively prime to
z
Find
d:
ed
≡
1(mod z)
Keys:
public
,
(
e
, n)
;
private
,
(
d
, n)
;
Encryption and decryption:
Brake the plaintext into
largest equal even

digit blocks
(
P
)
shorter
than
n
bits
Encrypt each block
P
by computing
C = E(P)
≡
P
e
(mod n)
Decrypt
C
by computing
D(C)
≡
C
d
(mod n)
≡
P
ed
(mod n)
≡
P
k
φ(n)+1
(mod n)
≡
P
k
φ(n)
P(mod n)
≡
P(mod n)
Euler’s Theorem:
If
n > 0
and
e
and
d
are integers, such that
(a, m) = 1
, then
a
φ(m)
≡
1 (mod m).
The probability that P and
n are not relatively prime
is extremely low!
RSA: An Example
p = 43, q=59; n = 43*59 = 2357;
φ(n) = 42*58 =2436
Exponent e = 13; (e,
φ(n)
) = (13, 42*58) = 1;
Block length is 4
Plaintext:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
PUBLIC KEY CRYPTOGRAPHY
1520 0111 0802 1004 2402 1724 1519 1406 1700 1507 24
23
1520
13
≡
95 (mod 2537)
0095 1648 1410 1299 0811 2333 2132 0370 1185 1457 1084
937* 13
≡ 1 (mod 2436)
0095
937
≡
1520 (mod 2537)
d
=
937
E(P)
≡ P
e
(mod n)
P
≡ C
d
(mod n)
Public key: (13, 2357)
Private key: (937, 2357)
Properties of RSA
The algorithm is secure because of the difficulty of
factoring
N.
Factoring a 500

digit number should
take 10
25
years using a CPU with 1 microsecond
instruction time
Encryption and decryption are inverse and
commutative (an important property for
digital
signatures
)
The algorithm is slow (compared to DES and other
symmetric algorithms with much shorter keys)
RSA may be prohibitively slow when dealing with large blocks
of data. It is typically used for one

time session key distribution
for a symmetric

key algorithm (such as triple

DES)
Enter the password to open this PDF file:
File name:

File size:

Title:

Author:

Subject:

Keywords:

Creation Date:

Modification Date:

Creator:

PDF Producer:

PDF Version:

Page Count:

Preparing document for printing…
0%
Comments 0
Log in to post a comment