Cryptography
What is cryptography?
The study of message secrecy
The art of writing or solving codes
Heavy mathematics
Information Theory
Statistics
Number Theory
Cryptographic Terms
Cryptology
Study of Cryptography and Cryptanalysis
Cryptanalysis
Code Breaking
Encryption
Converts ordinary information to unreadable
Decryption
Coverts cipher

text back into plain

text
Cipher
A pair of algorithms which are used to encrypt and decrypt
Cryptographic Terms
Key
A parameter that explains how to run the algorithm
Blocks
Input divided and each block is independent against the key
Symmetric
Single key for encryption and decryption
Asymmetric
A public key for encryption
A private key for decryption
Hash
One

way transformation of data
Two different messages should NEVER have the same hash
Cryptographic Terms
Perfect Secrecy
Occurs when knowledge of cipher gives no
knowledge of the original message
Steganography
Hides the fact that there even is a message
Picture example
When?
Ancient Cryptography
Julius Caesar
(49

44 BC)
Messages to Generals
Used a shift cipher (shift 3 right)
Vigen
ére (1553)
Keyword explained the shift
Modern Cryptography
Since Computers
Example
Letter to Number
Message: A P P L E
00 15 15 11 04
Key: S H A R E
18 07 00 17 04
Cipher: 18 22 15 02 08
S W P B I
Each message letter is added to
Each key letter
Components
Confidentiality
Storing message unreadable
Integrity
Preventing modifications
Strength
Proving it is secure
Can only be done with years of testing
Availability
Preventing of a denial of access
Incorrect Data
Resource Exhaustion
Pre

Modern Crypto
Purpose
Message Confidentiality
Ciphers
Transposition
Rearrangement of Letters
Substitution
Replacing a group of letters with other letters
Stego
Head Tattoo
Pre

Modern Devices
Scytale (Skytale)
A strip of leather or paper wound around a cylinder
Transposition Cipher
Spartans this for military communication
Cipher Grille
Message contained inside of
a host
Pre

Modern Devices
Enigma
Used by Germans in WWII
Electromagnetic Rotor Machine
Each letter changed the rotors which
modified the key
Modern Crypto
Started with the birth of computers
Computers are magnitudes faster than humans
Mostly used by government until PCs
Huge role since the Internet
Authentication
Digital Signatures
E

Commerce
Banking
Proprietary vs Public
Algorithms
Proprietary
Algorithm is unknown and therefore doesn’t help in
cryptanalysis
DVDs
Not widely tested
Public
Tested for 5

8 years before trusted
Allows many to find mistakes or weaknesses
Algorithm knowledge should not help cracking the code
Symmetric Key Cryptography
Uses a shared key between all parties
Key that encrypts also decrypts
4000 times faster than asymmetric
Stronger than asymmetric
Key needs to be shared in a secure way
DES
Data Encryption Standard
Used by the government and banks since 1977
AES
Advanced Encryption Standard
First published in 1998
New Standard approved for use up to TOP SECRET
Modern Algorithms
Linear Mixing
Applying XOR operations on the plain

text with the key
Non

linear functions (Substitution boxes)
Adds confusion
Bit

Shuffling (Permutations)
Rearrangement of the bits
Expansion
Permutates and adds some duplicate bits
Key Mixing
Uses multiple sub keys
One Time Pad
Possible to have perfect secrecy
The key is the length of the document and has no pattern
Key is bitwise XOR with the document
Key can only be used once or else statistics can be gathered
from the cipher

text
Very easy to break when used more than once
Data Encryption Standard
64

bit key
56

bits used for algorithm
8

bits for parity checking
Parity bits are the least significant bit of each byte
64

bit blocks
Split into 32

bit chunks and crisscrossed through the algorithm
Feistel Network
16 Rounds
Weaknesses
Small key
Differential Cryptanalysis
Linear Cryptanalysis
Public Key Encryption
Relatively new
Based on the unproven idea that large numbers composed of
primes are hard to factor
Is always breakable given enough time and resources
It is always known whether the key tried was correct
Based on math functions rather than bit scrambling
Used in situations where a symmetric key cannot be passed
between parties
Used to keep the Internet secure
Diffie

Hellman
Whitfield Diffie and Martin Hellman (1976)
DH Key Exchange
Used to pass a key for symmetric crypto between two parties who
have no knowledge of each other
Primarily used over insecure channels
Diffie

Hellman Algorithm
Alice (A) wants to communicate securely to Bob (B)
A and B agree on P (a prime) and G (a generator)
For every number N between 1 and P

1, pick G that works for the following
equation:
N = G
K
mod P
A and B independently choose their secret integer (a and b respectively)
Alice’s public value U = G
a
mod p
Bob’s public value V = G
b
mod p
Alice computes K = V
a
mod p
Bob Computes K =
U
b
mod p
Alice and bob have both computed K which happens to be the same number
Diffie

Hellman In Action
A and B agree on P = 23 and G = 5
A chooses a = 6 and B chooses b = 15 (independently)
A computes U = 5
6
mod 23 U = 8
B computes V = 5
15
mod 23 V = 19
Alice and Bob exchange their U and V
Alice computes K
1
= 19
6
mod 23 K
1
= 2
Bob computes K
2
= 8
15
mod 23 K
2
= 2
Since K
1
= K
2
, both Alice and Bob have the same key value
RSA Algorithm
Compute two large prime numbers p,q
n = p * q (n is public knowledge)
r = (p

1)(q

1)
Choose e>1 and relatively prime to r
Find d such that d = 1 + (i * r) / e where i is an integer counting up from
one until a solution is found
Public Key (e, n)
Private Key (d, n) or (d, n, p, q)
Using p and q can speed up the algorithm
Encryption
c = m
e
mod n
Decryption
m = c
d
mod n
d, p, and q should all be kept private
RSA Algorithm in Action
Bob chooses p = 863 and q = 937 giving N = 863*937 = 808631
(p

1)(q

1) = 806832
Bob chooses e = 7, which satisfies gcd(806832, 7) = 1
Bob’s public key: [N, e] or [808631, 7]
Bob finds d = 461047 where d = 1 + ( i * 806832 ) / e works for some
integer i
Bob’s private key: [p, q, d] or [863, 937, 461047]
Say Alice wants to send bob a message M = 205632
Alice computes C = M
e
mod N
C = 205632
7
mod 808631 = 256779
Alice transmits C in the public
Bob computes M = C
d
mod N
M = 256779
461047
mod 808631 = 205632
Cryptanalysis
Study of breaking code
Uses knowledge of letter frequency
English Letter Frequency
E

12.7%
H

6.1%
W

2.3%
K

0.8%
T

9.1%
R

6.0%
F

2.2%
J

0.2%
A

8.2%
D

4.3%
G

2.0%
X

0.1%
O

7.5%
L

4.0
Y

2.0%
Q

0.1%
I

7.0%
C

2.8%
P

1.9%
Z

0.1%
N

6.7%
U

2.8%
B

1.5%
S

6.3%
M

2.4%
V

1.0%
Digrams and Trigrams
th, he, in, en, nt, re, er, an, ti, es, on, at,
se, nd, or, ar, al, te, co, de, to, ra, et, ed,
it, sa, em, ro
the, and, tha, ent, ing, ion, tio, for, nde,
has, nce, edt, tis, oft, sth, men
Differential
Cryptanalysis
Studies the difference between each input and
their corresponding outputs
Looks for non

random behavior
Discovered in the late 1980s
DES was resilient to this because the of the
NSA
’
s S

box contribution
A secret method the US government used to
attack ciphertext from other countries
PGP and GPG
PGP

Pretty Good Privacy
Proprietary
GPG

Gnu Privacy Guard
Open source using public cryptographic algorithms
Essentially the same as PGP
Used for encryption and digital signatures
Public key and private generated locally
Public key is often uploaded to a key server
Thawte Certificate
Company owned by Verisign
Provides free personal email certificates
Can sign and encrypt emails
Advantages over PGP/GPG
Certificate is signed by a normally trusted CA
Most email clients automatically handle the signatures
without extensions
Can only be used for email
Usually doesn
’
t get verified by webmail clients
How a Digital Signature
Works
Public and private keys are created
Public key is attached to a certificate
Certificate contains identification information
Certificates are signed by certificate authorities
The document is hashed
Hash is encrypted with private key
Result is appended to the document
Receiving Party does the following:
Hashes the message
Takes the signature and decrypts it with the public key
The decrypted signature is compared to the message hash
If equal, message has a valid signature
Email Encryption
To send an encrypted email, you must have the
receiver
’
s public key
Message can only be decrypted by the receiver
’
s
private key
Steganography
Concealing a message in a host
Example, embedding a message in a bitmap file
Changing least significant bits of the file
File is different but undetectable by the human eye
Comments 0
Log in to post a comment