# Cryptography (in MS Powerpoint format)

AI and Robotics

Nov 21, 2013 (4 years and 7 months ago)

96 views

Cryptography

What is cryptography?

The study of message secrecy

The art of writing or solving codes

Heavy mathematics

Information Theory

Statistics

Number Theory

Cryptographic Terms

Cryptology

Study of Cryptography and Cryptanalysis

Cryptanalysis

Code Breaking

Encryption

Decryption

Coverts cipher
-
text back into plain
-
text

Cipher

A pair of algorithms which are used to encrypt and decrypt

Cryptographic Terms

Key

A parameter that explains how to run the algorithm

Blocks

Input divided and each block is independent against the key

Symmetric

Single key for encryption and decryption

Asymmetric

A public key for encryption

A private key for decryption

Hash

One
-
way transformation of data

Two different messages should NEVER have the same hash

Cryptographic Terms

Perfect Secrecy

Occurs when knowledge of cipher gives no
knowledge of the original message

Steganography

Hides the fact that there even is a message

Picture example

When?

Ancient Cryptography

Julius Caesar
(49
-
44 BC)

Messages to Generals

Used a shift cipher (shift 3 right)

Vigen
ére (1553)

Keyword explained the shift

Modern Cryptography

Since Computers

Example

Letter to Number

Message: A P P L E

00 15 15 11 04

Key: S H A R E

18 07 00 17 04

Cipher: 18 22 15 02 08

S W P B I

Each message letter is added to

Each key letter

Components

Confidentiality

Integrity

Preventing modifications

Strength

Proving it is secure

Can only be done with years of testing

Availability

Preventing of a denial of access

Incorrect Data

Resource Exhaustion

Pre
-
Modern Crypto

Purpose

Message Confidentiality

Ciphers

Transposition

Rearrangement of Letters

Substitution

Replacing a group of letters with other letters

Stego

Pre
-
Modern Devices

Scytale (Skytale)

A strip of leather or paper wound around a cylinder

Transposition Cipher

Spartans this for military communication

Cipher Grille

Message contained inside of

a host

Pre
-
Modern Devices

Enigma

Used by Germans in WWII

Electromagnetic Rotor Machine

Each letter changed the rotors which

modified the key

Modern Crypto

Started with the birth of computers

Computers are magnitudes faster than humans

Mostly used by government until PCs

Huge role since the Internet

Authentication

Digital Signatures

E
-
Commerce

Banking

Proprietary vs Public
Algorithms

Proprietary

Algorithm is unknown and therefore doesn’t help in
cryptanalysis

DVDs

Not widely tested

Public

Tested for 5
-
8 years before trusted

Allows many to find mistakes or weaknesses

Algorithm knowledge should not help cracking the code

Symmetric Key Cryptography

Uses a shared key between all parties

Key that encrypts also decrypts

4000 times faster than asymmetric

Stronger than asymmetric

Key needs to be shared in a secure way

DES

Data Encryption Standard

Used by the government and banks since 1977

AES

First published in 1998

New Standard approved for use up to TOP SECRET

Modern Algorithms

Linear Mixing

Applying XOR operations on the plain
-
text with the key

Non
-
linear functions (Substitution boxes)

Bit
-
Shuffling (Permutations)

Rearrangement of the bits

Expansion

Permutates and adds some duplicate bits

Key Mixing

Uses multiple sub keys

Possible to have perfect secrecy

The key is the length of the document and has no pattern

Key is bitwise XOR with the document

Key can only be used once or else statistics can be gathered
from the cipher
-
text

Very easy to break when used more than once

Data Encryption Standard

64
-
bit key

56
-
bits used for algorithm

8
-
bits for parity checking

Parity bits are the least significant bit of each byte

64
-
bit blocks

Split into 32
-
bit chunks and crisscrossed through the algorithm

Feistel Network

16 Rounds

Weaknesses

Small key

Differential Cryptanalysis

Linear Cryptanalysis

Public Key Encryption

Relatively new

Based on the unproven idea that large numbers composed of
primes are hard to factor

Is always breakable given enough time and resources

It is always known whether the key tried was correct

Based on math functions rather than bit scrambling

Used in situations where a symmetric key cannot be passed
between parties

Used to keep the Internet secure

Diffie
-
Hellman

Whitfield Diffie and Martin Hellman (1976)

DH Key Exchange

Used to pass a key for symmetric crypto between two parties who
have no knowledge of each other

Primarily used over insecure channels

Diffie
-
Hellman Algorithm

Alice (A) wants to communicate securely to Bob (B)

A and B agree on P (a prime) and G (a generator)

For every number N between 1 and P
-
1, pick G that works for the following
equation:

N = G
K

mod P

A and B independently choose their secret integer (a and b respectively)

Alice’s public value U = G
a

mod p

Bob’s public value V = G
b

mod p

Alice computes K = V
a

mod p

Bob Computes K =
U
b

mod p

Alice and bob have both computed K which happens to be the same number

Diffie
-
Hellman In Action

A and B agree on P = 23 and G = 5

A chooses a = 6 and B chooses b = 15 (independently)

A computes U = 5
6

mod 23 U = 8

B computes V = 5
15

mod 23 V = 19

Alice and Bob exchange their U and V

Alice computes K
1
= 19
6

mod 23 K
1

= 2

Bob computes K
2

= 8
15

mod 23 K
2

= 2

Since K
1

= K
2
, both Alice and Bob have the same key value

RSA Algorithm

Compute two large prime numbers p,q

n = p * q (n is public knowledge)

r = (p
-
1)(q
-
1)

Choose e>1 and relatively prime to r

Find d such that d = 1 + (i * r) / e where i is an integer counting up from
one until a solution is found

Public Key (e, n)

Private Key (d, n) or (d, n, p, q)

Using p and q can speed up the algorithm

Encryption

c = m
e

mod n

Decryption

m = c
d

mod n

d, p, and q should all be kept private

RSA Algorithm in Action

Bob chooses p = 863 and q = 937 giving N = 863*937 = 808631

(p
-
1)(q
-
1) = 806832

Bob chooses e = 7, which satisfies gcd(806832, 7) = 1

Bob’s public key: [N, e] or [808631, 7]

Bob finds d = 461047 where d = 1 + ( i * 806832 ) / e works for some
integer i

Bob’s private key: [p, q, d] or [863, 937, 461047]

Say Alice wants to send bob a message M = 205632

Alice computes C = M
e

mod N

C = 205632
7

mod 808631 = 256779

Alice transmits C in the public

Bob computes M = C
d

mod N

M = 256779
461047

mod 808631 = 205632

Cryptanalysis

Study of breaking code

Uses knowledge of letter frequency

English Letter Frequency

E
-

12.7%

H
-

6.1%

W
-

2.3%

K
-

0.8%

T
-

9.1%

R
-

6.0%

F
-

2.2%

J
-

0.2%

A
-

8.2%

D
-

4.3%

G
-

2.0%

X
-

0.1%

O
-

7.5%

L
-

4.0

Y
-

2.0%

Q
-

0.1%

I
-

7.0%

C
-

2.8%

P
-

1.9%

Z
-

0.1%

N
-

6.7%

U
-

2.8%

B
-

1.5%

S
-

6.3%

M
-

2.4%

V
-

1.0%

Digrams and Trigrams

th, he, in, en, nt, re, er, an, ti, es, on, at,
se, nd, or, ar, al, te, co, de, to, ra, et, ed,
it, sa, em, ro

the, and, tha, ent, ing, ion, tio, for, nde,
has, nce, edt, tis, oft, sth, men

Differential
Cryptanalysis

Studies the difference between each input and
their corresponding outputs

Looks for non
-
random behavior

Discovered in the late 1980s

DES was resilient to this because the of the
NSA

s S
-
box contribution

A secret method the US government used to
attack ciphertext from other countries

PGP and GPG

PGP
-

Pretty Good Privacy

Proprietary

GPG
-

Gnu Privacy Guard

Open source using public cryptographic algorithms

Essentially the same as PGP

Used for encryption and digital signatures

Public key and private generated locally

Public key is often uploaded to a key server

Thawte Certificate

Company owned by Verisign

Provides free personal email certificates

Can sign and encrypt emails

Certificate is signed by a normally trusted CA

Most email clients automatically handle the signatures
without extensions

Can only be used for email

Usually doesn

t get verified by webmail clients

How a Digital Signature
Works

Public and private keys are created

Public key is attached to a certificate

Certificate contains identification information

Certificates are signed by certificate authorities

The document is hashed

Hash is encrypted with private key

Result is appended to the document

Receiving Party does the following:

Hashes the message

Takes the signature and decrypts it with the public key

The decrypted signature is compared to the message hash

If equal, message has a valid signature

Email Encryption

To send an encrypted email, you must have the

s public key

Message can only be decrypted by the receiver

s
private key

Steganography

Concealing a message in a host

Example, embedding a message in a bitmap file

Changing least significant bits of the file

File is different but undetectable by the human eye