# Cryptography - Southern Oregon University

AI and Robotics

Nov 21, 2013 (3 years and 8 months ago)

80 views

Cryptography

Lynn Ackler

Southern Oregon University

Information Assurance

Keep information in a known and trusted
state that can be used appropriately.

NSA Information Security Model

Confidentiality

Integrity

Availability

Information States

Cryptography

Introduction

Chapter 1

Cryptography
-

Services

Confidentiality

Authentication

Integrity

Nonrepudiation

Encryption/Decryption

Plaintext

message to be scrambled

Encryption

scrambling the message

Ciphertext

scrambled message

Decryption

unscrambling the ciphertext

Cryptography

Cryptography

Art and science of encryption techniques

Cryptographers

Cryptanalysis

Art and science of braking encryption

Cryptanalysts

Cryptology

Branch of mathematics studing both
cryptography and cryptanalysis

Encryption/Decryption

Encryption

Decryption

Plaintext

Ciphertext

Original

Plaintext

M

E(M) = C

D(C) = M

C

M

D(E(M)) = M

Keys

(Magic decoder rings)

Secrecy by obscurity

Secret algorithm

Secrecy via a secret

Keys, usually a number kept secret

Algorithm is public and studied

Keyspace

Set of all possible keys

Should be big

Symmetric Key Cryptography

Key to encrypt is the same as to decrypt

Usually very fast

Problem is to distribute the key

Block ciphers/algorithms

Stream ciphers/algorithms

Encryption/Decryption

Encryption

Decryption

Plaintext

Ciphertext

Original

Plaintext

M

E
K
(M) = C

D
K
(C) = M

C

M

D
K
(E
K
(M)) = M

Key

Key

Asymmetric Key Cryptography

Key to encrypt is different from the key to
decrypt

Usually very slow

Distribution is not a problem

Block algorithm only

Encryption/Decryption

Encryption

Decryption

Plaintext

Ciphertext

Original

Plaintext

M

E
K1
(M) = C

D
K2
(C) = M

C

M

D
K2
(E
K1
(M)) = M

Encryption

Key

Decryption

Key

Public
-

Key Cryptography

Two keys:

Public key

Private key

If one is used to encrypt the other must be
used to decrypt.

Cryptanalysis

Break the encryption

Attack: a cryptanalysis attempt

Compromise: loss of a key

Standard Attacks

Cryptanalytic attacks

Ciphertext

only attack

Known

plaintext attack

Chosen

plaintetxt attack

chosen

plaintext attack

Chosen

ciphertext attacks

Rubber

hose attack

Ciphertext
-
only Attack

Ciphertext of several messages

Same key, hopefully

Same algorithm

Goals

Recover plaintext and/or key/keys

Example:

Encrypted hard drive

Known
-
plaintext Attack

Plaintext and Ciphertext of several messages are
known

Same key, hopefully

Same algorithm

Goals

Recover key/keys

At least recover the next messasge

Example

A collection of e
-
mails

Chosen
-
plaintext Attack

Plaintext and Ciphertext of several messages are
known

Can have ciphertext for any chosen plaintext

Same key and algorithm

Goals

Recover the key

At least recover the next message

Example

Encrypted bank deposits to your account

Chosen
-
ciphertext Attack

Any Ciphertext can be decrypted

Same key and algorithm

Goals

Recover the key

Example

Breaking a tamper proof crypto box

Rubber Hose Attack

Uncooperative person

Goals

Recover the key

Example

Any one with a secret

Technique

Sex, Money and Pain

Security of Algorithms

If the cost to break is greater than the value
of the data, you are probably safe.

Not always though.

Seti at home

Categories of Breaks

Total break

Algorithm and key is deduced

Global deduction

An alternative algorithm is found

Local deduction

The plaintext is found for a single intercepted
ciphertext

Information deduction

Format of plaintext, a few bits of the key, etc.

Security Levels

Unconditionally secure

Conditionally secure

Brute force attack

Computationally secure

Steganography

Data hiding in plain sight.

Often is not invariant under data
compression.

Substitution Ciphers

Alphabet substitution

Monoalphabetic

letter for letter

Homophonic

one or more for a letter

Polygram

block for block

Polyalphabetic

multiple simple substitutions

Substitution algorithms

Caeser Cipher

rotate
n

mod 26

Modulo arithmetic

Lookup tables

Transposition Cipher

Plaintext in rows

Ciphertext from the columns

t

h

e

q

u

i

c

k

b

r

o

w

n

f

o

x

j

u

m

e

d

o

v

e

r

t

h

e

l

a

z

y

d

o

g

Ciphertext:

t hfteoh xeq ujliuacmz key d b d rooovgwe nr

Simple XOR

XOR: '^' in C,

in mathematics

0

0 = 0

0

1 = 1

1

0 = 1

1

1 = 0

Note:

a

0 = a

a

a = 0

(
a

b
)

b = a

Simple XOR Encryption

Key: K

Messag: M

Ciphertext: C = M

K

Message: M = C

K = (M

K)

K

= M

(K

K) = M

One
-

The one time pad is a substitution cipher
with a very very long random substitution
key.

Statistically it is perfectly secure.

One
-

Problems

The key must be a
random

sequence of
characters.

The pad can be used only once.

Both parties must have the exact same pad.

If one character is dropped everything
afterward is lost.

One
-