Modern Cryptography

sunflowerplateAI and Robotics

Nov 21, 2013 (3 years and 10 months ago)

60 views

Modern
Cryptography

The Enigma Machine


German
encryption and
decryption
machine used in
WWII


Essentially a
complex,
automated
substitution cipher



How did Enigma work?


Rotors have different
wiring connecting input
to output



Rotors move after each
keypress



The key is the initial
position of the three
rotors

Simplified Enigma

A a

B b

C c

D d

=

A

c

B

a

C

c

D

d

A a

B b

C c

D d

A a

B b

C c

D d

=

A

b

B

a

C

d

D

c

=

A

d

B

c

C

a

D

b

Every time a key is pressed the
rotors spin, so the overall
substitution table changes

A a

B b

C c

D d

A a

B b

C c

D d

A a

B b

C c

D d

=

A

b

B

c

C

d

D

a

Breaking the Enigma


Britain set up its cryptanalysis team in
Bletchley Park


They consistently broke German codes
throughout the war


Provided the intelligence codenamed ULTRA


Important location in the history of computing


Alan Turing


COLOSSUS

Cryptography in the Computer Age


Working with binary instead of letters



We can do things many, many times


Think of an Enigma machine that has 2
128

pairs of
symbols on each rotor, and 20 rotors



Other than that, the basic principles are the
same as classical cryptography


The XOR Operation


eXclusive OR


“should we go left or
right?”


Can do one or the other, but
not both


Useful in cryptography for
mixing two binary strings
together


0

0

0

1

1

0

1

1

0

1

1

0

a

b

a

b

Modern Ciphers


We design one relatively simple scrambling method
(called a round) and repeat it many times


Think of each round as a rotor on the Enigma


One round may be easy to break, but when you put them all
together it becomes very hard



Almost all ciphers follow one of two structures


SPN (Substitution Permutation Network)


Feistel Network


These describe the basic structure of a round


One SPN Round

Input to the round

Output from the round

First, the input is XORed with
the round subkey

Second, the input is split into
pieces (usually of one byte)
and put through a
substitution

Finally, the pieces are
swapped around

And the output from this
round becomes the input to
the next round

A Simple SPN Cipher

Round 1

Round 2

Round 3

Plaintext Block

Ciphertext Block

Roundkey 1

Roundkey 2

Roundkey 3

The overall plaintext is broken
into blocks and each block is
encrypted with the cipher


Typical SPN ciphers will have 10
-
14 rounds


Alice and Bob only need one key,
and the cipher will transform that
key into subkeys for each round


To decrypt, Alice just does
everything in the reverse order



One Feistel Round

Input Left Half

Input Right Half

Round

Function

Output Left Half

Output Right Half

The input to the round is
divided in half

The right half is put into a
round function with the
roundkey

The output of the round
function is XORed with the
left half

The two halves switch
sides to become the input
to the next round

Only the left half of the
input has been modified

Roundkey

A Simple Feistel Cipher

Plaintext Block

Ciphertext Block

Round 1

Round 2

Round 3

Feistel ciphers need twice as many
rounds as SPN ciphers because only
half of the input is being encrypted
each round

Works the same as SPN ciphers in
terms of transforming one key into
subkeys and splitting the plaintext
into blocks

To decrypt, the ciphertext is sent
through the same cipher and the
roundkeys are used in reverse order

Roundkey 1

Roundkey 2

Roundkey 3

Modern Ciphers in Practice


Follow SPN/Feistel structure in general,
but with added twists for security



There are two important ciphers in the
history of modern cryptography


DES (Data Encryption Standard)


AES (Advanced Encryption Standard)

DES


U.S. Government recognized the need to have a
standardized cipher for secret documents



DES was developed by IBM in 1976


Feistel structure


Key length of 56 bits, block size of 64 bits


16 rounds



Analysis of DES was the beginning of modern
cryptographic research

Controversy Surrounding DES


Development process was hidden from
public


Suspicions that the government had put in a
“backdoor”



Government attempted to shut down
research in cryptography


Breaking DES


The key length of DES was too short


If a key is 56 bits long, that means there are 2
56

possible keys


“DES Cracker” machines were designed to simply
brute force all possible keys



People began encrypting the plaintext multiple
times with different keys in order to increase the
number of keys that need to be checked


Breaking DES cont.


DES was further weakened by the discovery of differential
cryptanalysis


Biham and Shamir in 1990


The most significant advance in cryptanalysis since frequency analysis



Ideally a ciphertext should be completely random, there should be
no connection to its matching plaintext


Differential analysis exploits the fact that this is never actually the case


Uses patterns between plaintext and ciphertext to discover the key



There is evidence that IBM knew about differential cryptanalysis
back when they were designing DES in 1976


Developing the AES


With DES effectively broken, a new standard
was needed



U.S. Government made it an open
application/review process this time, and
received many submissions



In 2001, after five years, the Rijndael cipher was
selected to become the Advanced Encryption
Standard

AES (Rijndael)


Developed by Vincent Rijmen and Joan
Daemen


SPN structure


Block size of 128 bits


Key size of 128, 192, or 256 bits


10, 12, or 14 rounds depending on the key
size

Current attacks against AES


On AES with 128
-
bit keys, a brute force attack
would require 2
128

work


Any technique that can decrypt a ciphertext with less
than 2
128

work is considered an attack



Currently the best attacks on AES use variations
of differential cryptanalysis


None of them could actually be completed before the
sun burns out


None of them work on the full number of rounds

The Problem of Symmetric Key
Cryptography


Up until now we’ve been talking about symmetric
key cryptography


Alice and Bob are using the same key to
encrypt/decrypt



Problem: How does Bob get the key to Alice
when Eve is eavesdropping?



Up until 1976 the only solution was to physically
give Alice the key in a secure environment

Public Key Cryptography


Diffie and Hellman published a paper in 1976
providing a solution


We use one key for encryption (the public key),
and a different key for decryption (the private
key)


Everyone knows Alice’s public key, so they can
encrypt messages and send them to her


But only Alice has the key to decrypt those messages


No one can figure out Alice’s private key even if
they know her public key

Using Public Keys

Plaintext

Ciphertext

Decryption

Encryption

Plaintext

Nonsense

Public Key Cryptography in
Practice


The problem is that public key algorithms are too
slow to encrypt large messages


Instead Bob uses public key algorithms to send Alice
the symmetric key, and then uses symmetric key
algorithms to send the message



Bob and Alice have to be careful when sending
these communications back and forth that Eve
can’t overhear anything that would allow her to
decrypt the message

Sending a Message

What’s your public key?

Bob picks a
symmetric key and
encrypts it using
Alice’s public key

Alice decrypts the
symmetric key using her
private key

Bob encrypts his
message using
the symmetric
key

Then sends the
key to Alice

Then sends the
message to
Alice

Alice decrypts the
message using the
symmetric key

hi

The RSA Public Key Cipher


The most popular algorithm is RSA, developed in 1977


Named after its creators: Rivest, Shamir, and Adleman



Alice picks two large primes and finds their product


She then uses this product to create the public and private keys


She sends the product and the public key to Bob, who can use them
to encrypt messages


Even if Eve knows the product and the public key, she can’t figure
out the private key unless she can factor the product


There is no known way to do this efficiently

Are we all secure now?


Unfortunately not, there are still many problems
that need to be dealt with


How does Bob know that he’s really talking to Alice?


How does Alice know that the message she receives
hasn’t been tampered with?


How does Alice know the message was sent by Bob?



These are questions addressed by other areas
of cryptography

The End