Begins with
C..
By Andrew Trainor
and Abira Das
Ends with
ryptography!
Sorry hopefully we’re the last ones guys I think at this point I hate cryptography
What is cryptography?
Overview
•
Cryptography
–
the conversion of plaintext into cipher text via
an encryption algorithm
•
Common Encryption algorithms
•
Advanced Encryption Standard (AES), used by U.S. National
Sceurity Agency
•
RSA (Rivest, Shamir, Adleman), for public key cryptography
•
Secure Sockets Layer (SSL)
–
used in in web browsers, websites
with http
s
Cryptanalysis
•
The science of analyzing information systems in order to
find faults in a system.
•
Used to gain access to encrypted messages, even when
the key is unknown.
•
Primary focus on cryptographic algorithms and the
possible weakness in implementation.
One Time Pad
•
Most accredited discoverer: Claude Shannon
•
Where OTP is used
•
Super encryption
•
Quantum key distribution
•
Mimicked by stream ciphers
•
Requirements
•
Perfect secrecy
•
True randomness
Random Number Generator
•
CAN’T USE
•
Random number generation functions in programming language
libraries
•
/dev/random
•
hardware random number generator
•
Can’t be used twice
H E L L O message
7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message
+ 23 (X) 12 (M) 2 (C) 10 (K) 11 (L) key
= 30 16 13 21 25 message + key
= 4 (E) 16 (Q) 13 (N) 21 (V) 25 (Z) message + key (mod 26)
E Q
N V Z → ciphertext
E Q N V Z
ciphertext
4 (E) 16 (Q) 13 (N) 21 (V) 25 (Z)
ciphertext

23 (X) 12 (M) 2 (C) 10 (K) 11 (L) key
=

19 4 11 11 14
ciphertext
—
key
= 7 (H) 4 (E) 11 (L) 11 (L) 14 (O)
ciphertext
—
key (mod 26)
H E L
L
O → message
Cryptanalysis of the ciphertext
(attempt)
4 (E) 16 (Q) 13 (N) 21 (V) 25 (Z) ciphertext
− 19 (T) 16 (Q) 20 (U) 17 (R) 8 (I) possible key
= −15 0 −7 4 17 ciphertext

key
= 11 (L) 0 (A) 19 (T) 4 (E) 17 (R) ciphertext

key (mod 26)
Elliptic curve cryptography
•
Based on discrete algorithm
•
Primary benefit: smaller key size
•
EX: 256

bit ECC public key is comparable to 3072

bit RSA
public key
Elliptical curve consists of the points
satisfying the equation y
2
=x
3
+ax +b
Elliptic curve cryptography
•
TO DATE: Hardest ECC scheme broken had 112

bit key
prime field and 109

bit key for the binary field case.
Broken in July 2009 (Prime) and 2004 (Binary).
•
Vulnerability:
•
Pollard's Rho attack
O(√n)
.
•
Side Channel attacks
Side Channel Attacks
•
Side channel attack
: an attack on a cryptosystem based on the
physical implementation leakages of the microprocessor
•
Leakages
•
Timing
•
Power consumed
•
Electromagnetic Radiation
•
Sound produced
Timing Attacks
•
Work backwards based on encryption algorithm
•
Easier if foe knows what crypto system hardware is being used
•
Useful against RSA, ElGamal, and Digital Signature Algorithm
•
Ex. Square and Multiply algorithm
•
Execution time O(k)
•
Where k is number of 1 bits in the key
x
=
C
for
j
= 1 to
n
x
= mod(
x
2
,
N
)
if
d
j
== 1
then
x
= mod(
xC
,
N
)
end if
next
j
return
x
C
d
mod
N
Side Channel Attacks
•
Power consumed
•
SPA
–
simple power analysis
http://www.cryptography.com/technology/dpa/dpa

video.html
•
DPA
–
differential power analysis
•
Electromagnetic radiation
•
Radio waves created by changes in electric current
•
Sound produced
•
Temperature changes in machines cause overheating and low level
noise emissions
Prevention of Side Channel Attacks
•
How do we make sure hackers don’t get this info?
•
Sound
Add extra noise
•
Timing
Make software run in constant time
•
Power
•
Make program PC secure (SPA)
•
Hardware modification, changing
encryption algorithm, blinding
(DPA)
Traffic Analysis
•
Traffic Analysis: examining message patterns to deduce
information
•
Who is signaling whom and the frequency
•
Greater the number of messages, more can be inferred
•
Used in military intelligence
•
ex.) rapid, short communications = negotiations
•
Chain of command
Prevention of Traffic Analysis
•
Traffic flow security = hides messages from adversaries
•
“dummy traffic”
–
fake sending messages
•
Continuous signal
•
Change callsigns (radio initials)
•
Encrypt address
Fake signal
THE END
(and hopefully the last we’ll ever have to hear of
cryptography)
Any Questions?
Comments 0
Log in to post a comment