Cryptography Basics (
ch
2)
IT443
–
Network Security Administration
Instructor: Bo Sheng
1
Outline
•
Basic concepts in cryptography system
•
Secret key cryptography
•
Public key cryptography
•
Hash functions
2
Encryption/Decryption
•
Plaintext: a message in its original form
•
Ciphertext
: a message in the transformed, unrecognized form
•
Encryption: the process that transforms a plaintext into a
ciphertext
•
Decryption: the process that transforms a
ciphertext
to the
corresponding plaintext
•
Key: the value used to control encryption/decryption.
3
plaintext
encryption
ciphertext
decryption
plaintext
key
key
Cryptanalysis
•
“code breaking”, “attacking the cipher”
•
Difficulty depends on
–
sophistication of the cipher
–
amount of information available to the code
breaker
•
Any cipher
can
be broken by exhaustive
trials, but rarely practical
4
Caesar Cipher
•
Replace each letter with the one
3
letters
later in the alphabet
–
ex.: plaintext CAT
ciphertext
FDW
5
A
B
C
D
E
F
G
H
I
J
K
…
A
B
C
D
E
F
G
H
I
J
K
…
plaintext
alphabet
ciphertext
alphabet
Trivial to break
Mono

Alphabetic Ciphers
•
Generalized substitution cipher: an arbitrary (but
fixed) mapping of one letter to another
–
26! (
4.0*10
26
2
88
) possibilities
6
A
B
C
D
E
F
G
H
I
J
K
…
A
B
C
D
E
F
G
H
I
J
K
…
plaintext
alphabet
ciphertext
alphabet
Attacking Mono

Alphabetic Ciphers
•
Broken by statistical analysis of letter, word, and phrase
frequencies of the language
•
Frequency of single letters in English language, taken
from a large corpus of text:
7
Ciphertext
Only Attacks
•
Ex.: attacker can intercept encrypted
communications, nothing else
•
Breaking the cipher: analyze patterns in
the
ciphertext
–
provides clues about the encryption
method/key
8
Known Plaintext Attacks
•
Ex.: attacker intercepts encrypted text, but
also
has access to some of the
corresponding plaintext (definite
advantage)
•
Makes some codes (e.g., mono

alphabetic
ciphers) very easy to break
9
Chosen Plaintext Attacks
•
Ex.: attacker can
choose any plaintext
desired, and intercept the corresponding
ciphertext
•
Allows targeted code breaking (choose
exactly the messages that will reveal the
most about the cipher)
10
The “Weakest Link” in Security
•
Cryptography is
rarely
the weakest link
•
Weaker links
–
Implementation of cipher
–
Distribution or protection of keys
–
… …
11
Secret Keys
vs
Secret Algorithms
•
Security by obscurity
–
We can achieve better security if we keep the
algorithms secret
–
Hard to keep secret if used widely
–
Reverse engineering, social engineering
•
Publish the algorithms
–
Security of the algorithms depends on the secrecy of
the keys
–
Less unknown vulnerability if all the smart (good)
people in the world are examine the algorithms
12
Outline
•
Basic concepts in cryptography system
•
Secret key cryptography
•
Public key cryptography
•
Hash functions
13
Secret Key Cryptography
•
Same key is used for encryption and decryption
•
Also known as
–
Symmetric cryptography
–
Conventional cryptography
14
plaintext
encryption
ciphertext
decryption
plaintext
key
key
Same key
Secret Key Cryptography
•
Stream cipher
•
Block cipher
–
Converts one input plaintext
block of fixed size
k
bits
to
an output
ciphertext
block of
k
bits
–
DES, IDEA, AES, …
–
AES
•
Selected from an open competition, organized by NSA
•
Joan
Daemen
and Vincent
Rijmen
(Belgium)
•
Block size=128 bits, Key Size= 128/192/256 bits
15
Key Size
•
Keys should be selected from a large potential
set, to prevent brute force attacks
•
Secret key sizes
–
40
bits were considered adequate in 70’s
–
56
bits used by DES were adequate in the 80’s
–
128
bits are adequate for now
•
If computers increase in power by 40% per year,
need roughly
5 more key bits per decade
to stay
“sufficiently” hard to break
16
Public Key Cryptography
•
A public/private key pair is used
–
Public key can be publicly known
–
Private key is kept secret by the owner of the key
•
Much slower than secret key cryptography
•
Also known as asymmetric cryptography
•
Another mode: digital signature
17
plaintext
encryption
ciphertext
decryption
plaintext
Public key
Private key
Public Key Cryptography
•
Digital signature
–
Only the party with the private key can create a digital signature.
–
The digital signature is verifiable by anyone who knows the public key.
–
The signer cannot deny that he/she has done so.
18
plaintext
Sign
ciphertext
Verify
plaintext
Private key
Public key
Public Key Cryptography
•
It must be computationally
–
easy
to generate a public / private key pair
–
hard
to determine the private key, given the public key
•
It must be computationally
–
easy
to encrypt using the public key
–
easy
to decrypt using the private key
–
hard
to recover the plaintext message from just the
ciphertext
and the public key
19
Symmetric
vs
Asymmetric
•
Symmetric algorithms are much faster
–
In the order of a 1000 times faster
•
Symmetric algorithms require a shared secret
–
Impractical if the communicating entities don’t have another
secure channel
•
Both algorithms are combined to provide practical and
efficient secure communication
–
E.g., establish a secret session key using asymmetric crypto and
use symmetric crypto for encrypting the traffic
20
Outline
•
Basic concepts in cryptography system
•
Secret key cryptography
•
Public key cryptography
•
Hash functions
21
Hash Function
•
Also known as
–
Message digest
–
One

way transformation
–
One

way function
–
Hash
•
Length of
H
(
m
) much shorter then length of
m
•
Usually fixed lengths: 128 or 160
bits
22
Message of
arbitrary length
Hash
A fixed

length
short message
Properties of Hash
•
Consider a hash function H
–
Performance
: Easy to compute H(
m
)
–
One

way
property
: Given H(
m
) but not
m
, it’s computationally
infeasible to find
m
–
Weak
collision resistance (free)
: Given H(
m
), it’s computationally
infeasible to find
m’
such that H(
m’
) = H(
m
).
–
Strong
collision resistance (free)
: Computationally infeasible to find
m
1
,
m
2
such that H(
m
1
) = H(
m
2
)
23
Hash Applications
•
File /
Message
integrity
–
Check if a downloaded file is corrupted
–
Detect if a file has been changed by someone
after it was stored
–
Compute a hash H(F) of file F
–
openssl
dgst

md5
filename
24
Hash Applications
•
Password verification
–
Password cannot be stored in plaintext
–
In a hashed format
–
Linux:
/etc/
passwd
, /etc/shadow
–
cat /etc/shadow
25
Hash Applications
•
User authentication
–
Alice wants to authenticate herself to Bob
–
Assuming they already
share a secret key K
26
Alice
Bob
time
computes
Y=H(RK)
verifies that
Y=H(RK)
Modern Hash Functions
•
MD5 (128 bits)
–
Previous versions (i.e., MD2, MD4) have weaknesses.
–
Broken; collisions published in August 2004
–
Too weak to be used for serious applications
•
SHA (Secure Hash Algorithm)
–
Weaknesses were found
•
SHA

1 (160 bits)
–
Broken, but not yet cracked
–
Collisions in 2
69
hash operations, much less than the brute

force attack
of 2
80
operations
–
Results were circulated in February 2005, and published in CRYPTO
’05 in August 2005
•
SHA

256
, SHA

384,
…
27
Birthday Attack
•
What is the smallest group size
k
such that
–
The probability that at least two people in the group
have the same birthday is greater than 0.5?
–
23
•
Implication for hash function H of length m
–
With probability at least 0.5
–
If we hash about 2
m/2
random inputs,
–
Two messages will have the same hash image
–
m=64, 1ns per hash
•
Brute force (2
64
): 10
13
seconds over 300 thousand years
•
Birthday attack (
2
32
): 4 seconds
28
Lab 1
•
Sample codes
–
eecs.mit.edu’s
IP is 18.62.1.6
–
Assume their
subnetwork
use 28

bit prefix
18. 62. 1. 0000
0110
–
Scan 18.62.1.0 ~ 18.62.1.15
–
dig

x 18.62.1.0 +short
–
/home/shengbo/it443/scanip.sh
–
/
home/shengbo/it443/scanip.pl
29
Comments 0
Log in to post a comment