ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Similar documents
CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

1-7 Attacks on Cryptosystems

Traditional Symmetric-Key Ciphers. A Biswas, IT, BESU Shibpur

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

CHAPTER 1 INTRODUCTION TO CRYPTOGRAPHY. Badran Awad Computer Department Palestine Technical college

Cryptographic Concepts

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

CS669 Network Security

Classical Encryption Techniques. CSS 322 Security and Cryptography

CS61A Lecture #39: Cryptography

Substitution Ciphers, continued. 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet.

CPSC 467b: Cryptography and Computer Security

L2. An Introduction to Classical Cryptosystems. Rocky K. C. Chang, 23 January 2015

Public Key Cryptography

Public Key Cryptography and the RSA Cryptosystem

Cryptography BITS F463 S.K. Sahay

2/7/2013. CS 472 Network and System Security. Mohammad Almalag Lecture 2 January 22, Introduction To Cryptography

Cryptosystems. Truong Tuan Anh CSE-HCMUT

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

ENCRYPTION USING LESTER HILL CIPHER ALGORITHM

CSC 580 Cryptography and Computer Security

2.1 Basic Cryptography Concepts

Cryptography and Network Security 2. Symmetric Ciphers. Lectured by Nguyễn Đức Thái

Overview of Conventional Encryption Techniques

CSC 474/574 Information Systems Security

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

Cryptography Introduction to Computer Security. Chapter 8

Cryptography. Intercepting Information Scenario 1. Tuesday, December 9, December 9, Wireless broadcasts information using radio signals

Public-key Cryptography: Theory and Practice

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Channel Coding and Cryptography Part II: Introduction to Cryptography

Introduction to Cryptography. Vasil Slavov William Jewell College

Classical Encryption Techniques

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

Overview. Public Key Algorithms I

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Module 13 Network Security. Version 1 ECE, IIT Kharagpur

Introduction to Cryptography CS 136 Computer Security Peter Reiher October 9, 2014

Ref:

Public Key Cryptography and RSA

What did we talk about last time? Public key cryptography A little number theory

Cryptanalysis. Ed Crowley

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Module 1: Classical Symmetric Ciphers

Cryptography ThreeB. Ed Crowley. Fall 08

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Introduction to Cryptography

Tuesday, January 17, 17. Crypto - mini lecture 1

Lecture IV : Cryptography, Fundamentals

PROTECTING CONVERSATIONS

Chapter 3. Cryptography. Information Security/System Security p. 33/617

CS 161 Computer Security

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Classical Cryptography

Public-key encipherment concept

A Tour of Classical and Modern Cryptography

OVE EDFORS ELECTRICAL AND INFORMATION TECHNOLOGY

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

Security: Cryptography

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

Security in Distributed Systems. Network Security

Cryptography Worksheet

Making and Breaking Ciphers

Uzzah and the Ark of the Covenant

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Classical Cryptography. Thierry Sans

Chapter 2: Classical Encryption Techniques

Admin ENCRYPTION. Admin. Encryption 10/29/15. Assignment 6. 4 more assignments: Midterm next Thursday. What is it and why do we need it?

EE 595 (PMP) Introduction to Security and Privacy Homework 1 Solutions

Behrang Noohi. 22 July Behrang Noohi (QMUL) 1 / 18

Lecture 2 Applied Cryptography (Part 2)

Lecture 1 Applied Cryptography (Part 1)

CPSC 467b: Cryptography and Computer Security

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

UNIT - IV Cryptographic Hash Function 31.1

Some Stuff About Crypto

APNIC elearning: Cryptography Basics

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

STUDY AND IMPLEMENTATION OF CRYPTOGRAPHIC ALGORITHMS

CPSC 467: Cryptography and Computer Security

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Algorithmic number theory Cryptographic hardness assumptions. Table of contents

Outline Basics of Data Encryption CS 239 Computer Security January 24, 2005

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

EEC-484/584 Computer Networks

SECURITY IN NETWORKS

Cryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

JNTU World JNTU World. JNTU World. Cryptography and Network Security. Downloaded From JNTU World ( )( )JNTU World

CS 161 Computer Security

0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken

Cryptography Introduction

CPSC 467b: Cryptography and Computer Security

10.1 Introduction 10.2 Asymmetric-Key Cryptography Asymmetric-Key Cryptography 10.3 RSA Cryptosystem

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

KALASALINGAM UNIVERSITY

CS 161 Computer Security

Cryptography and Network Security

Transcription:

ICT 6541 Applied Cryptography Hossen Asiful Mustafa

Basic Communication Alice talking to Bob Alice Bob 2

Eavesdropping Eve listening the conversation Alice Bob 3

Secure Communication Eve listening the conversation Plaintext Encryption Ciphertext Decryption Original Plaintext Alice Bob 4

Cryptography Generate ciphertext from a plaintext to keep the plaintext secret from the attacker Assumes that: The attacker has complete access to the communication channel The attacker knows the algorithm that generates ciphertext 5

Notation Plaintext/Message = P/M Ciphertext = C Encryption = E Decryption = D Keys = K E K1 (M) = C D K2 (C) = M D K1 (E K2 (M)) = M 6

Security Principles Authentication: It should be possible for the receiver of a message to ascertain its origin; an intruder should not be able to masquerade as someone else. Integrity: It should be possible for the receiver of a message to verify that it has not been modified in transit; an intruder should not be able to substitute a false message for a legitimate one. Nonrepudiation: A sender should not be able to falsely deny later that he sent a message. Secrecy: A transferred message can only be read by the receiver. 7

Symmetric Algorithms The encryption key can be calculated from the decryption key and vice versa. In most symmetric algorithms, the encryption key and the decryption key are the same. It requires that the sender and receiver agree on a key before they can communicate securely. The security of a symmetric algorithm rests in the key; divulging the key means that anyone could encrypt and decrypt messages. 8

Asymmetric Algorithms Also known as public-key algorithms Are designed so that the key used for encryption is different from the key used for decryption. Furthermore, the decryption key cannot be calculated from the encryption key. The algorithms are called public-key because the encryption key can be made public The encryption key is often called the public key, and the decryption key is often called the private key 9

Cryptanalysis Cryptanalysis is the science of recovering the plaintext of a message without access to the key. Successful cryptanalysis may recover the plaintext or the key. It also may find weaknesses in a cryptosystem that eventually lead to the previous results. The loss of a key through non-cryptanalytic means is called a compromise. An attempted cryptanalysis is called an attack 10

Cryptanalytic Attacks Ciphertext-only attack: The cryptanalyst has the ciphertext of several messages, all of which have been encrypted using the same encryption algorithm. The cryptanalyst s job is to recover the plaintext of as many messages as possible, or better yet to deduce the key (or keys) used to encrypt the messages, in order to decrypt other messages encrypted with the same keys. Given: C 1 = E k (P 1 ), C 2 = E k (P 2 ),...C i = E k (P i ) Deduce: Either P 1, P 2,...P i ; k; or an algorithm to infer P i+1 from C i+1 = E k (P i+1) 11

Cryptanalytic Attacks Known-plaintext attack. The cryptanalyst has access not only to the ciphertext of several messages, but also to the plaintext of those messages. His job is to deduce the key (or keys) used to encrypt the messages or an algorithm to decrypt any new messages encrypted with the same key (or keys). Given: P 1, C 1 = E k (P 1 ), P 2, C 2 = E k (P 2 ),...P i, C i = E k (P i ) Deduce: Either k, or an algorithm to infer P i+1 from C i+1 = E k (P i+1 ) 12

Cryptanalytic Attacks Chosen-plaintext attack: The cryptanalyst not only has access to the ciphertext and associated plaintext for several messages, but he also chooses the plaintext that gets encrypted. This is more powerful than a knownplaintext attack, because the cryptanalyst can choose specific plaintext blocks to encrypt, ones that might yield more information about the key. His job is to deduce the key (or keys) used to encrypt the messages or an algorithm to decrypt any new messages encrypted with the same key (or keys). Given: P 1, C 1 = E k (P 1 ), P 2, C 2 = E k (P 2 ),...P i, C i = E k (P i ), where the cryptanalyst gets to choose P 1, P 2,...P i Deduce: Either k, or an algorithm to infer P i+1 from C i+1 = E k (P i+1 ) 13

Cryptanalytic Attacks Adaptive-chosen-plaintext attack: This is a special case of a chosen-plaintext attack. Not only can the cryptanalyst choose the plaintext that is encrypted, but he can also modify his choice based on the results of previous encryption. In a chosen-plaintext attack, a cryptanalyst might just be able to choose one large block of plaintext to be encrypted; in an adaptive-chosen-plaintext attack he can choose a smaller block of plaintext and then choose another based on the results of the first, and so forth. 14

Cryptanalytic Attacks Chosen-ciphertext attack. The cryptanalyst can choose different ciphertexts to be decrypted and has access to the decrypted plaintext. For example, the cryptanalyst has access to a tamperproof box that does automatic decryption. His job is to deduce the key. Given: C 1, P 1 = D k (C 1 ), C 2, P 2 = D k (C 2 ),...C i, P i = D k (C i ) Deduce: k 15

Cryptanalytic Attacks Chosen-key attack: This attack doesn t mean that the cryptanalyst can choose the key; it means that he has some knowledge about the relationship between different keys. It s obscure, and not very practical Rubber-hose cryptanalysis: The cryptanalyst threatens, blackmails, or tortures someone until they give him the key. Bribery is sometimes referred to as a purchase-key attack. These are all very powerful attacks and often the best way to break an algorithm. 16

Remember! Security by obscurity doesn t work! Cannot assume that the attacker doesn t know algorithms inner working Cannot assume that the attacker cannot disassemble your code or reverse-engineer your algorithm The best algorithms we have are the ones that have been made public, have been attacked by the world s best cryptographers for years, and are still unbreakable. 17

Algorithm Security Total break: A cryptanalyst finds the key, K, such that D K (C) = P. Global deduction: A cryptanalyst finds an alternate algorithm, A, equivalent to D K (C), without knowing K. Instance (or local) deduction: A cryptanalyst finds the plaintext of an intercepted ciphertext. Information deduction: A cryptanalyst gains some information about the key or plaintext. This information could be a few bits of the key, some information about the form of the plaintext, and so forth. Unbreakable: An algorithm is unconditionally secure if, no matter how much ciphertext a cryptanalyst has, there is not enough information to recover the plaintext. In point of fact, only a onetime pad is unbreakable given infinite resource 18

Brute Force Attack Try all possible combinations to break an algorithm Is not feasible in most cases; example below: If an algorithm has a processing complexity of 2 128, then 2 128 operations are required to break the algorithm. Assume that you have enough computing speed to perform a million operations every second, and A million parallel processors are set against the task It will still take over 10 19 years to recover the key. That s a billion times the age of the universe. 19

Examples Ciphertext APWNRM FUBSWR 51127182217 What is the plaintext? 20

Substitution Ciphers Each character in the plaintext is substituted for another character in the ciphertext. The receiver inverts the substitution on the ciphertext to recover the plaintext. 4 Types: A simple substitution cipher A homophonic substitution cipher A polygram substitution cipher A polyalphabetic substitution cipher 21

More on Ciphers Transposition Ciphers The plaintext remains the same, but the order of characters is shuffled around. Example: rtocpy Rotor Machine Multiple rotors Each rotor performs a simple substitution cipher It is the combination of several rotors and the gears moving them that makes the machine secure. Because the rotors all move at different rates, the period for an n-rotor machine is 26 n. The best-known rotor device is the Enigma 22

Modular Arithmetic Z mod N is the integer remainder when Z is divided by N. Example: 10 mod 3 = 1 10 mod 2 = 0 10 mod 7 = 3 10 mod 11 = 10 23

Modular Arithmetic Z mod N is the integer remainder when Z is divided by N. The Division Theorem For all integers Z and N>0, there exist unique integers Q and R such that Z = Q N + R and 0 R N. 24

Modular Arithmetic Z mod N is the integer remainder when Z is divided by N. The Division Theorem For all integers Z and N>0, there exist unique integers Q and R such that Z = Q N + R and 0 R N. By definition, this unique R = Z mod N. 25

Modular Arithmetic To compute (A+B) mod N, compute (A+B) and take the result mod N. To compute (A-B) mod N, compute (A-B) and take the result mod N. To compute (A B) mod N, compute (A B) and take the result mod N. Computing (A B) mod N is complex! 26

Modular Division What is the value of (1 2) mod 7? We need a solution to 2x mod 7 = 1. What is the value of (7 5) mod 11? We need a solution to 5x mod 11 = 1. 27

Modular Division What is the value of (1 2) mod 7? We need a solution to 1/2 mod 7 = 1. Try x = 4. (1 2) mod 7 = 4 mod 7 = 4 What is the value of (7 5) mod 11? We need a solution to 5x mod 11 = 1. Try x = 9 (7 5) mod 11 = 7*(1 5) mod 11 = 7*9 mod 11 = 8 28

Modular Division Is modular division always well-defined? (1 3) mod 6 =? 3x mod 6 = 1 has no solution! 29

Modular Division Fact 1 (A B) mod N always has a solution when gcd(b,n) = 1. Fact 2 (A B) mod N never has a solution when gcd(a,b) = 1 and gcd(b,n) 1. 30

Greatest Common Divisors gcd(a, B) = gcd(b, A B) since any common factor of A and B is also a factor of A B and since any common factor of B and A B is also a factor of A. 31

Greatest Common Divisors gcd(a, B) = gcd(b, A B) gcd(21,12) = gcd(12,9) = gcd(9,3) = gcd(3,6) = gcd(6,3) = gcd(3,3) = gcd(3,0) = 3 32

Greatest Common Divisors gcd(a, B) = gcd(b, A B) 33

Greatest Common Divisors gcd(a, B) = gcd(b, A B) gcd(a, B) = gcd(b, A kb) for any integer k. 34

Greatest Common Divisors gcd(a, B) = gcd(b, A B) gcd(a, B) = gcd(b, A kb) for any integer k. gcd(a, B) = gcd(b, A mod B) 35

Greatest Common Divisors gcd(a, B) = gcd(b, A B) gcd(a, B) = gcd(b, A kb) for any integer k. gcd(a, B) = gcd(b, A mod B) gcd(21,12) = gcd(12,9) = gcd(9,3) = gcd(3,0) = 3 36

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback