Cryptography Introduction
What Is Cryptography? We generally think of it as encrypting and decrypting.
What Is Cryptography? We generally think of it as encrypting and decrypting. I have a secret and I only want you to hear, so I am going to encode it and only you know how to decrypt it.
What Is Cryptography? We generally think of it as encrypting and decrypting. I have a secret and I only want you to hear, so I am going to encode it and only you know how to decrypt it. This lends itself to referencing an adversary with the point being that even if they steal the message or eavesdrop, they will be unable to understand it. But, the intended receiver will figure it out with relative ease.
Other Uses of Cryptography Another common use is authentification, whether or the message was a secret.
Other Uses of Cryptography Another common use is authentification, whether or the message was a secret. This is where the receiver wants to make sure the sender is the true sender and that the message has not been altered.
Other Uses of Cryptography Another common use is authentification, whether or the message was a secret. This is where the receiver wants to make sure the sender is the true sender and that the message has not been altered. When we are not concerned about the sender but only that the message has not been altered, we are looking at maintaining data integrity.
Where We See These Credit card numbers sent/received electronically
Where We See These Credit card numbers sent/received electronically Online orders - we want to be sure the person on the order actually placed the order
Where We See These Credit card numbers sent/received electronically Online orders - we want to be sure the person on the order actually placed the order Employee ID # s - only one # number is given to each employee and the number given is unique
Where We See These Credit card numbers sent/received electronically Online orders - we want to be sure the person on the order actually placed the order Employee ID # s - only one # number is given to each employee and the number given is unique When data is to be input as, say, an integer from 1-5, and no other values will be accepted
Digital Signatures This deals with the use of cryptography for issues of non-repudation.
Digital Signatures This deals with the use of cryptography for issues of non-repudation. This means that it must be impossible for the signer to later deny the signing.
Digital Signatures This deals with the use of cryptography for issues of non-repudation. This means that it must be impossible for the signer to later deny the signing. This beings up the difference between making cheating detectable v. impossible.
Terminology Definition A cryptosystem or cipher is a procedure to render messages unintelligible, except by the authorized recipient.
Terminology Definition A cryptosystem or cipher is a procedure to render messages unintelligible, except by the authorized recipient. Definition The encryption process, performed by the sender, is intended to make the message unintelligible to an eavesdropper or interceptor.
Terminology Definition A cryptosystem or cipher is a procedure to render messages unintelligible, except by the authorized recipient. Definition The encryption process, performed by the sender, is intended to make the message unintelligible to an eavesdropper or interceptor. Definition The decryption process is conducted by a legitimate receiver to recover the original message (plaintext) from the obscured version (ciphertext).
Terminology Definition A cryptosystem or cipher is a procedure to render messages unintelligible, except by the authorized recipient. Definition The encryption process, performed by the sender, is intended to make the message unintelligible to an eavesdropper or interceptor. Definition The decryption process is conducted by a legitimate receiver to recover the original message (plaintext) from the obscured version (ciphertext). This is accomplished by the recipient and sender sharing a key.
Kerchkoff s Principle Kerckhoff s Principle is named after Auguste Kerckhoff It was first stated in the 19 th century
Kerchkoff s Principle Kerckhoff s Principle is named after Auguste Kerckhoff It was first stated in the 19 th century Kerchkoff s Principle A cryptosystem should be secure even if everything about the system (besides the key) is public knowledge.
Kerchkoff s Principle Kerckhoff s Principle is named after Auguste Kerckhoff It was first stated in the 19 th century Kerchkoff s Principle A cryptosystem should be secure even if everything about the system (besides the key) is public knowledge. Most civilian cryptography follows this principle
Kerchkoff s Principle Kerckhoff s Principle is named after Auguste Kerckhoff It was first stated in the 19 th century Kerchkoff s Principle A cryptosystem should be secure even if everything about the system (besides the key) is public knowledge. Most civilian cryptography follows this principle military ciphers are kept entirely secretive
The Main Issue The main part of this that is of the most interest to us is that the system must be practically, if not mathematically, indecipherable.
The Main Issue The main part of this that is of the most interest to us is that the system must be practically, if not mathematically, indecipherable. An argument in favor of Kerckhoff s Principle is that the standardization of algorithms makes large-scale communication easier.
The Main Issue The main part of this that is of the most interest to us is that the system must be practically, if not mathematically, indecipherable. An argument in favor of Kerckhoff s Principle is that the standardization of algorithms makes large-scale communication easier. We assume that the mechanics of the cryptosystem in use is publicly known (this does not mean that the cipher used does not matter) but the key is secret. This makes the key distribution and management the main issue.
Clarification Code and cipher essentially mean the same thing in English but not in mathematics.
Clarification Code and cipher essentially mean the same thing in English but not in mathematics. Definition A code is a method for concealing the content of a message by exchanging words or phrases for different ones. The transformation depends to some extent on the meaning or grammar of the message.
Clarification Code and cipher essentially mean the same thing in English but not in mathematics. Definition A code is a method for concealing the content of a message by exchanging words or phrases for different ones. The transformation depends to some extent on the meaning or grammar of the message. Definition A cipher treats messages as streams of characters without reference to possible meaning.
More Terms Definition A classic cipher refers to one from before the advent of electronic computing machinery.
More Terms Definition A classic cipher refers to one from before the advent of electronic computing machinery. Definition A symmetric cipher is one in which knowledge of the encryption key is equivalent to knowing the decryption key. All classical ciphers are of this form.
More Terms Definition A classic cipher refers to one from before the advent of electronic computing machinery. Definition A symmetric cipher is one in which knowledge of the encryption key is equivalent to knowing the decryption key. All classical ciphers are of this form. Although they existed before the mid-1970 s, Merkle and Hellman conceived the first example of asymmetric ciphers, where knowledge of the encryption key gives little or no knowledge of the decryption key. The latter are of more interest mathematically.
Attacks on Cryptosystems 1 Ciphertext only: In this case, the person possesses a fragment of the encrypted message but has no knowledge of the plaintext or the key. The goal is either to decrypt using a particular method or to obtain the key.
Attacks on Cryptosystems 1 Ciphertext only: In this case, the person possesses a fragment of the encrypted message but has no knowledge of the plaintext or the key. The goal is either to decrypt using a particular method or to obtain the key. 2 Known plaintext: Here, the person has part of a plaintext and a corresponding ciphertext with a goal of deducing the key. Most classical ciphers are vulnerable to this type of attack.
Attacks on Cryptosystems 1 Ciphertext only: In this case, the person possesses a fragment of the encrypted message but has no knowledge of the plaintext or the key. The goal is either to decrypt using a particular method or to obtain the key. 2 Known plaintext: Here, the person has part of a plaintext and a corresponding ciphertext with a goal of deducing the key. Most classical ciphers are vulnerable to this type of attack. 3 Chosen plaintext: A person as some number of plaintexts that they can choose to see along with the corresponding encryptions. Classical ciphers are even more vulnerable to this type of attack.
Attacks on Cryptosystems 1 Ciphertext only: In this case, the person possesses a fragment of the encrypted message but has no knowledge of the plaintext or the key. The goal is either to decrypt using a particular method or to obtain the key. 2 Known plaintext: Here, the person has part of a plaintext and a corresponding ciphertext with a goal of deducing the key. Most classical ciphers are vulnerable to this type of attack. 3 Chosen plaintext: A person as some number of plaintexts that they can choose to see along with the corresponding encryptions. Classical ciphers are even more vulnerable to this type of attack. 4 Encryption key (relevant to asymmetric systems): Having the key does not give knowledge of the decryption key per se, but the goal is to obtain the decryption key prior to intercepting any ciphertext.