crypto-101x - People Eecs Ku

shoulderslyricalAI and Robotics

Nov 21, 2013 (3 years and 6 months ago)

60 views

Cryptography 101

EECS710: Info Security and Assurance

Professor Hossein Saiedian


Resources: Terry Ritter’s
Learning About
Cryptography
, Network Associates’
An Introduction
to Cryptography,
course textbooks

2

What is cryptography


Cryptography: transforming (enciphering)
plaintext into a form where the original info is
present but hidden


P
laintext: data that can be read w/o any special
tool


Ciphertext: result of encryption; unreadable data


Given a plaintext, many transformations are
possible; to expose the info one may have to
try all (on average, half) of possible
transformations

3

An elementary
s
chool approach


O
n a sheet of paper, write the alphabets in
order in one column; write the same alphabets
randomly (but uniquely) in the second column

A



W

B



J

C



R








To encipher a plaintext,
substitute

each
letter with the associated letter from the
second column


4

An elementary school example


Suppose we have the following substitution


ABCDEFGHIJKLMNOPQRSTUVWXYZ


QAZWSXEDCRFVTGBYHNUJMIKOLP


Plaintext message:
MEET ME AT SIX


Enciphered message:
TSSJ TS QJ UCO


The Caesar cipher


E
n
(x) = (x + n) mod 26


D
n
(x) = (x
-

n) mod 26


For Caesar cipher: n = 3

5

A middle school approach


Singe (simple) substitution: the key is one
particular permutation (arrangement) of the
alphabet; once the sheet revealed, it is no
longer good


But one can create a notebook of different
permutations for the second column, each on a
page; the key will be the page number


If the notebook is exposed, one must try all (or
at least half) transformations

6

Weak vs. strong transformation


Simple substitution is weak: the more often a
particular letter is used, the more often the
ciphertext letter appears


Languages use some letters (or letter combinations)
more than others, and thus possible to guess


One solution: increase the size of the cipher
alphabet


Instead of single letters, use
pairs

of letters


For example, replace A with WK


At least
26
×

26 = 676
transformations



7

Weak vs. strong
t
ransformation [2]


How about expanding: instead of a pair of
letters, select triplets
, quadruples
, …


Soon a computer will be needed to do the
operations


A conventional (block) cipher: A much larger
alphabet


A 64
-
bit (eight character) block cipher: instead
of using 26 letters, views each 2^64 values as a
separate letter


18,000,000,000,000,000 “letters”!



8

Keyspace for an 8
-
bit
k
ey


A notebook with 256 pages: 256 different keys


Decimal 256 = Binary 100000000 = 2^8 = 8 bit


Thus an “8 bit” keyspace gives 256 unique key
values


If we choose one of the keys, one would have
to try 256 (or probably only 128) keys to break


Thus a low design strength

9

Keyspace for longer than 8
-
bit keys


A 65,536 page notebook offers a “16 bit”
keyspace


That is 256 times that of an “8 bit” while the
key has 8 bits more


A “56 bit” keyspace: 7
×

10^16 different keys


Broken via brute force in 56 hours!


A “128 bit” (16 characters): 3.40282367
×

10
38


Strong enough

10

What cryptography can and cannot do


It can hide to facilitate confidentiality and
authentication


It cannot hide contraband, a luxury lifestyle
with no visible means of support, informants, or
undercover spying


Keys can be lost, forgotten, stolen, or revealed
for payment or under duress


11

Encryption/decryption process


Encryption: the process of disguising plaintext


Decryption: the process of reverting ciphertext
to its original plaintext

12

Other related terms


Cryptanalysis: the science of analyzing and
breaking secure communications


Analytical reasoning/math


Pattern matching


Patience, determination, good luck


Cryptography: the
science of information
security


Cryptology: cryptography + cryptanalysis

13

Strong vs. weak cryptography


Strength is measured in the time and resources
required to recover a plaintext


Strong cryptography: very difficult to decipher


A billion computers
doing a billion checks a
second,
it
is not possible to decipher
the result
of strong
cryptography
in a billion year

14

How does it work


A mathematical function









Strength: (1) algorithm, (2) secrecy of the key


15

Conventional cryptography


AKA symmetric key


One key is used for encryption/decryption


Example: the Data Encryption Std (DES) used by
the fed government

16

Conventional cryptography approaches


Substitution: changes (substitutes) characters
in plaintext to produce ciphertext


Example: Caesar cipher where the letters are offset
by 3 (or in general
n
) positions


SECRET


VHFUHW


Transposition: rearranges the characters in the
plaintext to produce ciphertext


Example: the “rail fence” cipher where plaintext is
written in two rows preceding down, then across


SECRET


SCE


SCEERT



ERT


17

A longer example of transposition
encipher


The number of rows is explicitly defined; pad with
dummy characters to fill


An example of 3
-
row fence


MTSPNRIE



EAIMDBD
X



ETXUERG
Y


Read off/send :
MTSPNRIEEAIMDBD
X
ETXUERG
Y


May send in 4
-
char groups to avoid errors (also for
better management and to confuse intruders)


MTSP NRIE EAIM DBD
X
ETXU ERG
Y


18

A longer example of transposition
encipher [2]


To decipher

MTSP NRIE EAIM DBD
X
ETXU ERG
Y

1.
Run the letters into a long string
MTSPNRIEEAIMDBD
X
ETXUERG
Y

2.
Since there are 3 rails, divide into 3 groups of 8
MTSPNRIE EAIMDBD
X
ETXUERG
Y

3.
Write the first letter of group 1, group 2, and group
3 followed by the second letter of group 1, etc.



MEETATSIXPMUNDERBRIDGE
XY


MEET AT SIX PM UNDER BRIDGE
XY

19

Benefits of conventional encryption


Very fast


Useful for encrypting local data that is not
going anywhere


Expensive for data transmission


How to distribute the key

20

Public key encryption


Addresses key distribution


Asymmetric scheme


Uses a pair of keys


Public key: used to encrypt data


Private key: used to decrypt data


Public key is public and publically advertised


Private key is kept secret


Computationally infeasible to deduce the private
key from the public key


An example: PGP

21

Public key encryption illustrated


22

Benefits of the public key approach


No need for sender and receiver to share a key


All communications involve public keys; private
keys are never transmitted


Examples of public key cryptosystems


Elgamal (named for its inventor, Taher
Elgamal)


RSA
(named for
its inventors
, Ron Rivest, Adi Shamir,
and Leonard
Adleman)


Diffie
-
Hellman

(named
for its inventors),
and


DSA
, the Digital
Signature Algorithm
(invented by
David Kravitz
)

23

How PGP works


Combines the best features of conventional and
public cryptography

1.
PGP compresses the plaintext: saves modem
transmission and disk space and strengthens
security (complicates patterns)

2.
PGP creates a session key: a one
-
time
-
only
secret key (generated from the random
movement of the mouse/keyboard strokes)

3.
The plaintext is encrypted via a fast algorithm
and the session
key


24

How PGP works [2]

4.
The session key is encrypted using the
recipient's public key and transmitted

25

How PGP works [3]

4.
Decryption works in reverse: the session key is
recovered (by the recipient's private key) and
is used to decrypt the ciphertext


26

The benefits of the PGP


A combination of two methods


Convenience of the public key: no key
-
distribution
concerns


Speed of conventional encryption: about 1,000
faster than the public key encryption



27

The
key

issues


A value that works with encryption algorithms
to produce a ciphertext


Big, big numbers: measures in bits: 1,024 bits


T
he bigger the key, the more secure ciphertext


Public key size and conventional cryptography
secret key sizes are unrelated


A conventional 80
-
bit key has the same strengths of
a 1,024
-
bit public key


The bigger the key, the more secure but the
algorithms used for each is different (a comparison
is like comparing apple and oranges)

28

The
key

issues [2]


Public and private keys are mathematically
related but difficult to derive a private key
from its public key


Pick large keys to be secure; small enough to
be applied quickly


Large keys are good for a longer periods of time


Keys are stored in encrypted form; PGP stores
on the hard
-
drive as
keyrings


one for public and one for private uses


If the private key is lost, one will be unable to
recover decrypted data

29

Digital signatures


A benefit of public key


E
nable
the recipient
to verify
the authenticity
of the information’s origin, and
also verify
that
the information is
intact


Provides

for
authentication

and data
integrity


Also provides
non
-
repudiation
: prevents
the
sender
from claiming
that
he/she
did not
send
the information

30

Digital signatures [2]


Authentication


S
imilar to a
handwritten
signature but superior in
that it is nearly impossible
to counterfeit


You may
not care if anyone
learns that you just
deposited
$500 in an account
, but you do want to be
sure
it was the bank teller you
were communicating
with


Integrity


To verify and ensure that the information was not
altered

31

How digital signature works


32

How digital signature works [2]


Problem with the above approach?
SLOW


Data size to communicate too large (at least
double the original)


Alternative to expedite?


Use hash functions


“A
hash function is any well
-
defined procedure or
mathematical function that converts a large,
possibly variable
-
sized amount of data into a small
datum, usually a single
integer”


Create a
message digest
to sign the message

33

Message digests


Objective: to verify that the message received
is the same as the message sent


How: hash function (checksum function)

--

h: A


B

--

A:
a message of any length (millions of bits)

--

B:
A fixed length output, e.g., 160 bit

--

h:
ensures that if A is changed in anyway (even one
bit), an entirely different output is produced


PGP calls
B

a message digest (used for creating
signatures); one cannot alter the signature or
attach to another document

34

Hash function (
h
:
A



B
)
properties


Easy to compute


For any
y
in
B
, infeasible to find
x
in
A
such
that
h(x) = y


For any
x, x’
in
A
,
x ≠ x’,
infeasible to have


h(x) = h(x’)


Given any x in A, infeasible to find x’ in A and
x ≠ x’ and h(x’) = h(x)

35

Side note: pigeonhole principle


If there are
n

containers and
n+1

objects, at
least one container will have to hold two
objects


So what? If a hash function produces 3
-
bit
hashes and we have a set of 5
-
bit messages, it
implies:


a^3 = 8 hashes


2^5 = 32 messages


Thus large hash sizes are better

36

How a hash function is used


37

Digital envelopes


Creating a digital envelop (an encrypted
message; no digital signature attached)

38

Digital envelopes [2]


Opening a digital envelop

39

Diffie
-
Hellam public key agreement


A relatively fast public key agreement


Relies on two functions,
p

(prime) and
g

(generator), and two random numbers
x

and
y


Everything exchanged in clear text


Six step process


Works like magic!


40

Diffie
-
Hellam public key agreement [2]


Party X and Party Y agree on Diffie
-
Hellman
p

and
g
; exchange these in clear


Party X generates random number
x



Party Y generates random number
y


Party X computes
x’ = g^x mod p



Party Y computes
y’ = g^y mod p


The two parties exchange
x’

and
y’

in clear


Party X computes
k
x

= y’^x mod p


Party Y computes
k
y

= x’^y mod p



k
x

=
y’^x mod
p = g^(xy) mod p = x’^y

mod p = k
y


Subsequent encryption with
k
x

or
k
y



41

Diffie
-
Hellam public key agreement [3]



42

Digital certificates


One concern with the public key approach:
must ensure that you are encrypting to the
correct person’s public key


Otherwise, you can only encrypt/decrypt to those
key handed to you


A solution: digital certificates (or certs)


A form of credentials (like a physical passport)


Included with a person’s public key to verify
that a key is valid

43

Components of a digital certificate


A digital certificate


A public key


Certificate info (identifying information such as
name, ID)


One (or more) digital signatures


A stamp of approval from a trusted entity


Certificates are used when it is necessary to
exchange public keys with
someone (when you
cannot manually exchange via a diskette or USB
drive)

44

Components of a digital certificate [2]


45

Digital certificate distribution


Digital servers: a networked database that
allows users to submit and receive digital certs


Example: PGP
Keyserver


Public Key Infrastructures (PKIs)


Storage facilities like the certificate servers


More structured


Provide additional key management services


Issue revoke, store, and trust certificates


Certificate authority: a group of human beings
authorized to issue certs (like a passport office)


46

Common certificate format


The certificate holder’s public
key
: the
public
portion of
key pair and key algorithm, e.g., RSA


The
certificate holder’s
information
:

identity
information about
the
user (e.g., name
, user ID,
email
address,
photograph, and so
on)


The
digital signature of the certificate
owner:
the signature
using the corresponding private key
of the public
key of the certificate


The
certificate’s validity
period
: the
certificate’s
start date/time and
expiration date/time
;
The
preferred symmetric encryption algorithm for
the
key
: e.g., AES, Triple
-
DES
,
Twofish

47

Common certificate format [2]


48

Other substitution techniques


Choose a keyword, e.g.,
Jayhawk
, drop
repeated letters, thus
j
ayhwk


The keyword defines the permutation of English
letters:


ABCDEFGHIJKLMNOPQRSTUVWXYZ


jayhwkbcdefgilmnopqrstuvxz



Another keyword:
Professional


ABCDEFGHIJKLMNOPQRSTUVWXYZ



profesinalbcdghjkmqtuvwxyz

49

Other substitution techniques [2]


Use every third letter (apply mod 26)


adgjmpsvybehknqtwzcfilorux


Consider any possible permutation of the
English letters


How many? 26!


Even applying decryption at 1 microsecond, still
takes over 1,000 years


The primary issue: the knowledge of letter patterns
in a text


Solution: Avoid using the same substitution for a
letter

50

One
-
time pads (using Vigenere tableau)


Assume a set of large, non
-
repeating keys written
on sheets of paper, glued into a pad


Assume keys are 20 characters


Assume a text that is 300 characters


Sender tears off 15 pages from the pad


Sender writes the keys one at a time above the
text letters and enciphers in
a prearranged chart


Receiver must have the same pad


Concerns: (1) key distribution, (2) sender/receiver
must synchronize (3) need
unlimited

keys


51

One
-
time pads [2]


A toy example


Assume keys are 5 letters each; assume these
two keys
XYSWD

and
C
HJTU


Assume you have a text that is eight
characters, e.g., “fly today”


Need two keys



XYSWDCHJTU



flytoday


Ciphertext:
XYSWDDHJ


52

One
-
time pads [3]


Using computers,
random

numbers can be
generated for the keys


To send a 300
-
letter message


G
enerate the next 300 random numbers


S
cale to be between 1
-
26


Use a number to decipher each letter

53

One
-
time pads
[4]


Pictorially


54

The
Vernam

cipher (a one
-
time pad)


Devised by Gilbert
Vernam

for AT&T


Non
-
repeating random numbers


How? Consider plaintext
Vernam

Cipher



V E R N A M C I P H E R

ord
#
21 4 17 13 0 12 2 8 15 7 4 17

+
rnd

76 48 16 82 44 3 58 11 60 5 48 88

= 97 52 33 95 44 15 60 19 75 12 52 105

%26
19 0 7 17 18 15 8 19 23 12 0 1

cipher

T A H R S P I T X M A B


55

An example of combining substitution
and transposition


The Soviet encryption during the WWII


Handout

56

How is a key used?


Suppose we have a key,
computer


How is it used to encrypt a plaintext?


A toy approach


The key,
computer
, in ASCII is


Dec: 097 111 109 112 117 116 101 114


Binary: 01100011 01101111 01101101 …


A plaintext, “secretly” in binary:


01110011 01100101 01100011 …


XOR the two!

57

How is a key used
? [2]


Much more complex in real
algorithms


F is a round function


K
i
, for
i

in 2..16, are new
keys generated from the
original key by a complex
algorithm




is the
xor

operation

58

The key application in DES

59

The key application in AES


60

Key distribution revisited


Five persons need to communicate securely


How many keys should the system maintain?


How many lines of communication?
n * (n
-
1)/2


Two people: 1 line of communication


Three people: 3 lines of communication


Four people: 6 lines of communication


Five people: 10 lines of communication


Concerns: Maintaining the distributed the keys