# Trainor - Cryptography

AI and Robotics

Nov 21, 2013 (4 years and 7 months ago)

95 views

Begins with

C..

By Andrew Trainor
and Abira Das

Ends with

ryptography!

Sorry hopefully we’re the last ones guys I think at this point I hate cryptography

What is cryptography?

Overview

Cryptography

the conversion of plaintext into cipher text via
an encryption algorithm

Common Encryption algorithms

Advanced Encryption Standard (AES), used by U.S. National
Sceurity Agency

RSA (Rivest, Shamir, Adleman), for public key cryptography

Secure Sockets Layer (SSL)

used in in web browsers, websites
with http
s

Cryptanalysis

The science of analyzing information systems in order to
find faults in a system.

the key is unknown.

Primary focus on cryptographic algorithms and the
possible weakness in implementation.

Most accredited discoverer: Claude Shannon

Where OTP is used

Super encryption

Quantum key distribution

Mimicked by stream ciphers

Requirements

Perfect secrecy

True randomness

Random Number Generator

CAN’T USE

Random number generation functions in programming language
libraries

/dev/random

hardware random number generator

Can’t be used twice

H E L L O message

7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message

+ 23 (X) 12 (M) 2 (C) 10 (K) 11 (L) key

= 30 16 13 21 25 message + key

= 4 (E) 16 (Q) 13 (N) 21 (V) 25 (Z) message + key (mod 26)

E Q

N V Z → ciphertext

E Q N V Z
ciphertext

4 (E) 16 (Q) 13 (N) 21 (V) 25 (Z)
ciphertext

-

23 (X) 12 (M) 2 (C) 10 (K) 11 (L) key

=
-
19 4 11 11 14
ciphertext

key

= 7 (H) 4 (E) 11 (L) 11 (L) 14 (O)
ciphertext

key (mod 26)

H E L
L

O → message

Cryptanalysis of the ciphertext
(attempt)

4 (E) 16 (Q) 13 (N) 21 (V) 25 (Z) ciphertext

− 19 (T) 16 (Q) 20 (U) 17 (R) 8 (I) possible key

= −15 0 −7 4 17 ciphertext
-
key

= 11 (L) 0 (A) 19 (T) 4 (E) 17 (R) ciphertext
-
key (mod 26)

Elliptic curve cryptography

Based on discrete algorithm

Primary benefit: smaller key size

EX: 256
-
bit ECC public key is comparable to 3072
-
bit RSA
public key

Elliptical curve consists of the points
satisfying the equation y
2
=x
3
+ax +b

Elliptic curve cryptography

TO DATE: Hardest ECC scheme broken had 112
-
bit key
prime field and 109
-
bit key for the binary field case.
Broken in July 2009 (Prime) and 2004 (Binary).

Vulnerability:

Pollard's Rho attack
O(√n)
.

Side Channel attacks

Side Channel Attacks

Side channel attack
: an attack on a cryptosystem based on the
physical implementation leakages of the microprocessor

Leakages

Timing

Power consumed

Sound produced

Timing Attacks

Work backwards based on encryption algorithm

Easier if foe knows what crypto system hardware is being used

Useful against RSA, ElGamal, and Digital Signature Algorithm

Ex. Square and Multiply algorithm

Execution time O(k)

Where k is number of 1 bits in the key

x

=
C

for

j

= 1 to
n

x

= mod(
x
2
,
N
)

if

d
j

== 1

then

x

= mod(
xC
,
N
)

end if

next

j

return

x

C
d

mod

N

Side Channel Attacks

Power consumed

SPA

simple power analysis
http://www.cryptography.com/technology/dpa/dpa
-
video.html

DPA

differential power analysis

Radio waves created by changes in electric current

Sound produced

Temperature changes in machines cause overheating and low level
noise emissions

Prevention of Side Channel Attacks

How do we make sure hackers don’t get this info?

Sound

Timing

Make software run in constant time

Power

Make program PC secure (SPA)

Hardware modification, changing

encryption algorithm, blinding

(DPA)

Traffic Analysis

Traffic Analysis: examining message patterns to deduce
information

Who is signaling whom and the frequency

Greater the number of messages, more can be inferred

Used in military intelligence

ex.) rapid, short communications = negotiations

Chain of command

Prevention of Traffic Analysis

Traffic flow security = hides messages from adversaries

“dummy traffic”

fake sending messages

Continuous signal