Introduction to Cryptographic Systems. Asst. Prof. Mihai Chiroiu

Similar documents
Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Computer Security 3/23/18

Cryptography MIS

1-7 Attacks on Cryptosystems

Jaap van Ginkel Security of Systems and Networks

Stream Ciphers and Block Ciphers

Symmetric Encryption. Thierry Sans

EEC-484/584 Computer Networks

Computer Security CS 526

CSE 127: Computer Security Cryptography. Kirill Levchenko

CIS 6930/4930 Computer and Network Security. Topic 3.1 Secret Key Cryptography (Cont d)

EEC-682/782 Computer Networks I

Network Security Essentials Chapter 2

Introduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers

Block Ciphers. Advanced Encryption Standard (AES)

Symmetric-Key Cryptography

CHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))

Information Security CS526

COMPLEXITY ACROSS DISCIPLINES

Crypto: Symmetric-Key Cryptography

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

Computer Security: Principles and Practice

Block Cipher Operation. CS 6313 Fall ASU

Scanned by CamScanner

Lecture IV : Cryptography, Fundamentals

More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017

page 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas

Stream Ciphers and Block Ciphers

Chapter 3 Block Ciphers and the Data Encryption Standard

ECE 646 Lecture 8. Modes of operation of block ciphers

Winter 2011 Josh Benaloh Brian LaMacchia

Goals of Modern Cryptography

CS Network Security. Module 6 Private Key Cryptography

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography

ECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

APNIC elearning: Cryptography Basics

Presented by: Kevin Hieb May 2, 2005

n-bit Output Feedback

Advanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

CS 392/681 Computer Security. Module 1 Private Key Cryptography

Public Key Cryptography

Symmetric Encryption Algorithms

Introduction to Cryptography. Lecture 3

CSC574: Computer & Network Security

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Symmetric Cryptography. CS4264 Fall 2016

Cryptography (Overview)

Encryption Details COMP620

Jaap van Ginkel Security of Systems and Networks

CPSC 467: Cryptography and Computer Security

Cryptography and Network Security

CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES

Introduction to Cryptography. Lecture 3

Some Stuff About Crypto

ECE 646 Fall 2009 Final Exam December 15, Multiple-choice test

Introduction to Symmetric Cryptography

Key Exchange. Secure Software Systems

Cryptography Introduction to Computer Security. Chapter 8

Chapter 6 Contemporary Symmetric Ciphers

Part VI. Public-key cryptography

Conventional Encryption: Modern Technologies

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Double-DES, Triple-DES & Modes of Operation

7. Symmetric encryption. symmetric cryptography 1

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl

Computational Security, Stream and Block Cipher Functions

Data Encryption Standard (DES)

Lecture 6: Symmetric Cryptography. CS 5430 February 21, 2018

Symmetric key cryptography

Lecture 4: Symmetric Key Encryption

Basics of Cryptography

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Cryptographic methods

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Introduction to Cryptography. Steven M. Bellovin September 27,

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

Cryptography III: Symmetric Ciphers

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Advanced Crypto. 2. Public key, private key and key exchange. Author: Prof Bill Buchanan

Symmetric, Asymmetric, and One Way Technologies

Content of this part

Lecture 3: Symmetric Key Encryption

Cryptography and Network Security. Sixth Edition by William Stallings

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

NIST Cryptographic Toolkit

Secret Key Cryptography

Block cipher modes. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 75

CPSC 467b: Cryptography and Computer Security

UNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE

Part XII. From theory to practice in cryptography

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice

Private-Key Encryption

Encryption. INST 346, Section 0201 April 3, 2018

Transcription:

Introduction to Cryptographic Systems Asst. Prof. Mihai Chiroiu

Vocabulary In cryptography, cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Decryption is the process of turning ciphertext into readable plaintext. This lecture is not about steganography: the practice of concealing a file/message/image/video within another file/message/image/video. Mihai Chiroiu 2

1500 BCE - clay tablets from Mesopotamia Mihai Chiroiu 3

Fast forward on crypto history Caesar cipher (100 BCE 44 BCE) Most of Caesar's enemies would have been illiterate => secure The shift cipher Vigenère cipher (1553 CE) improves on Caesar s cipher 1 st & 2 nd WW led to cipher machines, both for encryption, decryption and for cracking Mihai Chiroiu 4

Modern cryptography Claude Shannon (1949) What does an ideal cipher look like? One-time Pad protects against infinitely powerful adversaries Bad news: If you want to encrypt N bits of data, you need a N-bit secret key Mihai Chiroiu 5

From military to business Mihai Chiroiu 6

Encryption Schemes Public Algorithms All the details of the algorithm are in the public domain, known to everyone. Kerckhoffs' principle (Dutch cryptographer): A cryptosystem should be secure even if everything aboutthe system, except the key, is public knowledge. Reformulated as Shannon's maxim (American mathematician ): "the enemy knows the system", i.e., "one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them". Proprietary algorithms The details of the algorithm are only known by the system designers and users. security through obscurity. Mihai Chiroiu 7

DES (and 3DES) Developed by International Business Machines (IBM) as LUCIFER and modified by the National Security Agency (NSA). LUCIFER used a key size of 128 bits however this was reduced to 56 bits for DES. Adopted in 1977 as the Data Encryption Standard - DES Mihai Chiroiu 8

Problem description Can two parties agree on a shared secret without private communication? [Ralph Merkle] Mihai Chiroiu 9

Diffie - Hellman Take Merkle s idea and improves it such that the attacker requires exponential computations Mihai Chiroiu 10

RSA Noticing the inability of the Diffie-Hellman Key Exchange to transmit a secret message, Ron Rivest, Adi Shamir, and Leonard Adleman developed a system similar to the Diffie-Hellman protocol except that a message could be embedded and transmitted. Mihai Chiroiu 11

Elliptic Curve Cryptography ECC is an approach to encryption that utilizes the complex nature of elliptic curves in finite fields. ECC typically uses the same types of algorithms as that of Diffie-Hellman Key Exchange and RSA Encryption. The difference is that the numbers used are chosen from a finite field defined within an elliptic curve expression. Mihai Chiroiu 12

AES In January 1997, NIST announced a competition for the successor to DES. NIST selected the winner, the Rijndael (pronounced "Rhine doll") algorithm of Belgian cryptographers Joan Daemen and Vincent Rijmen in October 2000. AES was approved for use with Secret and Top Secret classified information of the U.S. government in 2003. Mihai Chiroiu 13

Block ciphers mode of operation Partition into n-bit blocks Electronic Codebook (ECB) Each block encrypted independently Identical plaintexts encrypted similarly No chaining, no error propagation Does not hide data patterns, unsuitable for long messages Mihai Chiroiu 14

Block ciphers mode of operation Cipher-Block Chaining (CBC) Allows random access to ciphertext Decryption is parallelizable Identical messages: changing IV or the first plaintext block results in different ciphertext Chaining: Ciphertext block cj depends on xj and all preceding plaintext blocks (dependency contained in cj-1) Error propagation: Single bit error on cj may flip the corresponding bit on xj+1, but changes xj significantly. IV need not be secret, but its integrity should be protected Mihai Chiroiu 15

Block ciphers mode of operation Cipher Feedback (CFB), Allows random access to ciphertext Decryption is parallelizable Identical messages: as in CBC Chaining: Similar to CBC Error propagation: Single bit error on cj may flip the corresponding bit on xj, but changes xj+1 significantly. IV need not be secret (XORed with x1) Mihai Chiroiu 16

Block ciphers mode of operation Output Feedback (OFB) Preprocessing possible (keep enc/decrypting previous output block) No random access, not parallelizable Identical messages: same as CBC No chaining dependencies Error propagation: Single bit error on cj may only affect the corresponding bit of xj IV need not be secret, but should be changed if a previously used key is to be used again Mihai Chiroiu 17

Block ciphers mode of operation Counter (CTR) Preprocessing possible (inc/decrement and enc/decrypt counter) Allows random access Both encryption & decryption are parallelizable Identical messages: changing nonce results in different ciphertext No chaining dependencies No error propagation Nonce should be random, and should be changed if a previously used key is to be used again Mihai Chiroiu 18

Which Mode for What Task? General file or packet encryption: CBC. Input must be padded to multiple of cipher block size Risk of byte or bit deletion: CFB Bit stream; noisy line and error propagation is undesirable: OFB Very high-speed data: CTR Integrity check is required Mihai Chiroiu 19

HASH Mihai Chiroiu 20

Attacks On Cryptosystems Passive Attacks No communication with victim Stealing of private data without the know of the victim Active Attacks Involves changing data with victim Unauthorized data access in order to modify/delete/alter it Mihai Chiroiu 21

Types of attacks Ciphertext Only Attacks (COA) The attacker has access to a set of ciphertext(s), and not to the corresponding plaintext. Successful when the corresponding plaintext can be determined from a given set of ciphertext. Known Plaintext Attack (KPA) The attacker knows the plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext using this information. Typically, this may be done by determining the key. Chosen Plaintext Attack (CPA) The attacker has the text of his choice encrypted. This simplifies his task of determining the encryption key. A chosen-ciphertext attack (CCA) The attacker can gather information by obtaining the decryptions of chosen ciphertexts. The adversary can attempt to recover the key used for decryption. Mihai Chiroiu 22

Types of attacks Dictionary Attack The attacker builds a dictionary of ciphertexts and corresponding plaintexts that he has learnt over a period of time. In future, when an attacker gets the ciphertext, he refers the dictionary to find the corresponding plaintext. Brute Force Attack (BFA) In this method, the attacker tries to determine the key by attempting all possible keys. Man in Middle Attack (MIM) The targets of this attack are mostly public key cryptosystems where key exchange is involved before communication takes place. Side Channel Attack (SCA) This type of attack is launched to exploit the weakness in physical implementation of the cryptosystem. Timing/Power Analysis Attacks They exploit the fact that different computations take different times to compute on processor. Mihai Chiroiu 23

Practicality of Attacks Highly academic Unrealistic assumptions In chosen-ciphertext attack, the attacker requires an impractical number of deliberately chosen plaintext-ciphertext pairs. Mihai Chiroiu 24

Post-quantum cryptography Equation 1 shows the time it takes to run the fastest known algorithm (GNFS) to compute a prime factorization on a binary formatted processor. Equation 2 shows the algorithm discovered by Peter Shor that computes a prime factorization on a quantum computer. In both cases, "b" is the number of bits in the number. Mihai Chiroiu 25

Resources https://en.wikipedia.org/wiki/history_of_cryptography https://www.tutorialspoint.com/cryptography/attacks_on_cryptosyst ems.htm https://en.wikipedia.org/wiki/caesar_cipher http://www.umsl.edu/~siegelj/information_theory/projects/des.neta u.net/des%20history.html http://www.utdallas.edu/~muratk/courses/crypto07_files/modes.pdf Mihai Chiroiu 26

Resources http://www.crypto-it.net/eng/theory/modes-of-block-ciphers.html https://www.sans.org/reading-room/whitepapers/vpns/historyencryption-730 http://www.eng.utah.edu/~nmcdonal/tutorials/encryptionresearchr eview.pdf Mihai Chiroiu 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback