1 week 2 cryptography. 2 concepts 3 cryptography cryptsecret graphia writing latin concerned with...
Post on 20-Dec-2015
230 views
TRANSCRIPT
![Page 1: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/1.jpg)
1
Week 2Cryptography
![Page 2: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/2.jpg)
2
CryptographyConcepts
![Page 3: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/3.jpg)
3
Cryptography Crypt secret
Graphia writing
Latin
• Concerned with developing algorithms:- Conceal the context of some message from all except the sender and recipient (privacy or secrecy), and/or
Cryptography
Every night in my dreamI see you
I feel you thatIs how I know youGo on far away a
Cross the distance
in night Everydream
I you see myI you that feel
know you Is how I Go away a on far
distance Cross the
![Page 4: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/4.jpg)
4
Cryptography
• Concerned with developing algorithms:
- Verify the correctness of a message to the recipient (authentication)
- Form the basis of many technological solution to computer and communications security problems
cryptography - study of encryption principles/methods
![Page 5: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/5.jpg)
5
Goals & Setting
• To ensure security of communication across an insecure channel.
• The ideal channel:
Dedicated, untappable, impenetrable
Pipe/tube
Sender Receiver
![Page 6: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/6.jpg)
6
Secure Channel
ISP/Office
![Page 7: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/7.jpg)
7
Secure Channel
![Page 8: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/8.jpg)
8
Secure Channel
![Page 9: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/9.jpg)
9
Secure Channel
![Page 10: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/10.jpg)
10
Secure Channel
![Page 11: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/11.jpg)
11
Secure Channel
![Page 12: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/12.jpg)
12
Authenticated
Secure Channel
![Page 13: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/13.jpg)
13
Secure Channel
![Page 14: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/14.jpg)
14
Connected
Secure Channel
![Page 15: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/15.jpg)
15
Secure Channel
ISP/Office
Connection Established
![Page 16: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/16.jpg)
16
Goal & Setting
Sender Receiver
Adversary (Attacker) The source of allpossible threats
Not all aspect of an ideal channel can be emulated
![Page 17: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/17.jpg)
17
Basic Terminology
plaintext - the original message ciphertext - the coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext to plaintext
![Page 18: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/18.jpg)
18
Sender Receiver
Plaintext
The secret message is:You can get A-/A+ in SKR5200; (however depend onyou)
Encryption Decryption
The secret message is:You can get A-/A+ in SKR5200; (however depend onyou)
hjfjghkf@#@#$%^&jklll098GHJFD!@#$#$#$%
Plaintext
ciphertext
Simple Process
![Page 19: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/19.jpg)
19
Categories of cryptography
![Page 20: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/20.jpg)
20
Comparison between two categories of cryptography
![Page 21: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/21.jpg)
21
Symmetric Encryption Asymmetric Encryption
Cryptography
•conventional / private-key / single-key•sender and recipient share a common key•all classical encryption algorithms are private-key
•uses two keys – a public & a private key•asymmetric since parties are not equal •uses clever application of number theoretic concepts to function•complements rather than replaces private key crypto
Encryption Method
![Page 22: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/22.jpg)
22
Symmetric Encryption
![Page 23: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/23.jpg)
23
Symmetric Encryption
Classical Modern
Stream cipher Block cipher
Symmetric Encryption Technique
![Page 24: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/24.jpg)
24
Symmetric Encryption
• conventional / private-key / single-key• sender and recipient share a common key
• 2 Techniques: Classical & Modern
Classical Techniques: • Substitution:
Caesar Cipher Monalphabatic Cipher Playfair Cipher Hill Cipher Polyalphabetic Cipher One-Time Pad
• Transposition• Rotor Machines • Steganography
Modern Techniques: •DES, 3DES, AES
![Page 25: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/25.jpg)
25
Basic of Symmetric Cryptography
Basic of Symmetric Cryptography
Classical SubstitutionCipher
Classical SubstitutionCipher
Classical TranspositionsCipher
Classical TranspositionsCipher
SummarySummary
![Page 26: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/26.jpg)
26
Symmetric Encryption
or conventional / private-key / single-keysender and recipient share a common keyall classical encryption algorithms are private-keywas only type prior to invention of public-key in 1970’s
![Page 27: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/27.jpg)
27
Basic Terminology
plaintext - the original message ciphertext - the coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintextcryptography - study of encryption principles/methodscryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing keycryptology - the field of both cryptography and cryptanalysis
![Page 28: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/28.jpg)
28
Symmetric Cipher Model
![Page 29: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/29.jpg)
29
Requirementstwo requirements for secure use of symmetric encryption:
a strong encryption algorithma secret key known only to sender / receiver, have:
plaintext X ciphertext Y key K encryption algorithm Ek
decryption algorithm Dk
Ciphertext Y = EK(X) Plaintext X = DK(Y)
assume encryption algorithm is knownimplies a secure channel to distribute key
![Page 30: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/30.jpg)
30
Cryptography
can characterize by:type of encryption operations used
substitution / transposition / productnumber of keys used
single-key or private / two-key or publicway in which plaintext is processed
block / stream
![Page 31: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/31.jpg)
31
Types of Cryptanalytic Attacks
ciphertext only only know algorithm / ciphertext, statistical, can identify plaintext
known plaintext know/suspect plaintext & ciphertext to attack cipher
chosen plaintext select plaintext and obtain ciphertext to attack cipher
chosen ciphertext select ciphertext and obtain plaintext to attack cipher
chosen text select either plaintext or ciphertext to en/decrypt to attack cipher
![Page 32: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/32.jpg)
32
Simple Question
What are the essential ingredients of a symmetric cipher?
How many keys are required for two people to communicate via a cipher?
![Page 33: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/33.jpg)
33
Simple Question
What are the essential ingredients of a symmetric cipher?
Plaintext, encryption algorithm, secret key, ciphertext, decryption algorithm.
How many keys are required for two people to communicate via a cipher?
One secret key.
![Page 34: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/34.jpg)
34
Basic of Symmetric Cryptography
Basic of Symmetric Cryptography
Classical SubstitutionCipher
Classical SubstitutionCipher
Classical TranspositionsCipher
Classical TranspositionsCipher
SummarySummary
![Page 35: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/35.jpg)
35
Classical Substitution Ciphers
where letters of plaintext are replaced by other letters or by numbers or symbolsor if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns
![Page 36: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/36.jpg)
36
Caesar Cipher
earliest known substitution cipherby Julius Caesar first attested use in military affairsreplaces each letter by 3rd letter onexample:meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
![Page 37: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/37.jpg)
37
Caesar Cipher
can define transformation as:Plain: a b c d e f g h i j k l m n o p q r s t u v w x y zCipher:D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
mathematically give each letter a numbera b c d e f g h i j k l m0 1 2 3 4 5 6 7 8 9 10 11 12n o p q r s t u v w x y Z13 14 15 16 17 18 19 20 21 22 23 24 25
then have Caesar cipher as:C = E(p) = (p + k) mod (26)p = D(C) = (C – k) mod (26)
![Page 38: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/38.jpg)
38
Example 1
Caesar used a shift of 3
Using this encryption, the message:• treaty impossible
Would be encoded as :
t r e a t y i m p o s s i b l e WUHDWB LP S RVVLEOH
![Page 39: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/39.jpg)
39
Example 2
Caesar used a shift of 5
Using this encryption, the message:• treaty impossible
Would be encoded as :
t r e a t y i m p o s s i b l e
![Page 40: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/40.jpg)
40
To test your understanding
Ceasar wants to arrange a secret meeting with Marc Anthony, either at the Tiber (the river) or at the Colisuem (the arena). He sends the ciphertext EVIRE. However, Anthony doest not know the key, so he tries all possibilities. Where will he meet Caesar?
![Page 41: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/41.jpg)
41
To test your understanding
Ceasar wants to arrange a secret meeting with Marc Anthony, either at the Tiber (the river) or at the Colisuem (the arena). He sends the ciphertext EVIRE. However, Anthony doest not know the key, so he tries all possibilities. Where will he meet Caesar?
Among the shifts of EVIRE, there are two words: arena and river. Therefore, Anthony cannot determine where to meet Caesar.
![Page 42: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/42.jpg)
42
Cryptanalysis of Caesar Cipher
only have 26 possible ciphers A maps to A,B,..Z
could simply try each in turn a brute force search given ciphertext, just try all shifts of lettersdo need to recognize when have plaintexteg. break ciphertext "GCUA VQ DTGCM"
![Page 43: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/43.jpg)
43
Summary of Substitutions
Substitutions are effective cryptographic devices. In fact, they werethe basis of many cryptographic algorithms used for diplomatic communication through the first half of the century.
But substitution is not only kind of encryption technique. Thegoal of substitution is confusion; the encryption method is an attempt to make it difficult for cryptanalyst or intruder to determinehow a message and key were transformed into ciphertext.
![Page 44: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/44.jpg)
44
Basic of Symmetric Cryptography
Basic of Symmetric Cryptography
Classical SubstitutionCipher
Classical SubstitutionCipher
Classical TranspositionsCipher
Classical TranspositionsCipher
SummarySummary
![Page 45: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/45.jpg)
45
A transposition is an encryption in which the letters of the messageare re arranged. With transposition is an encryption in which the letters of the message are rearranged. With transposition, thecryptography aims for diffusion, widely spreading the informationfrom the message or key across the ciphertext. Transpositions tryto break established patterns. Because a transposition is re arranged of the symbols of a message, it also known as a permutation.
Transpositions (permutations)
![Page 46: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/46.jpg)
46
Transposition Ciphers
now consider classical transposition or permutation ciphers these hide the message by rearranging the letter order without altering the actual letters usedcan recognise these since have the same frequency distribution as the original text
![Page 47: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/47.jpg)
47
Rail Fence cipher
write message letters out diagonally over a number of rows then read off cipher row by roweg. write message out as:
“meet me after the toga party”
giving ciphertext
MEMATRHTGPRYETEFETEOAATm
e
e
t
m
e
a
f
t
e
r
t
h
e
t
o
g
a
p
a
r
t
y
![Page 48: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/48.jpg)
48
Row Transposition Ciphers
a more complex scheme is to write the message in a rectangle, row by row, and read the message off, column by column, but permute the order of the columns. The order of the columns then becomes the key of the algorithm.
write letters of message out in rows over a specified number of columns
then reorder the columns according to some key before reading off the rows
Key: 4 3 1 2 5 6 7Plaintext: a t t a c k p o s t p o n e d u n t i l t w o a m x y zCiphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ
![Page 49: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/49.jpg)
49
Product Ciphers
ciphers using substitutions or transpositions are not secure because of language characteristicshence consider using several ciphers in succession to make harder, but:
two substitutions make a more complex substitution two transpositions make more complex transposition but a substitution followed by a transposition makes a new much harder cipher
this is bridge from classical to modern ciphers
![Page 50: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/50.jpg)
50
Basic of Symmetric Cryptography
Basic of Symmetric Cryptography
Classical SubstitutionCipher
Classical SubstitutionCipher
Classical TranspositionsCipher
Classical TranspositionsCipher
SummarySummary
![Page 51: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/51.jpg)
51
Summary
Stream cipher: that is, they convert one symbol of plaintextimmediately into a symbol of ciphertext. (The exception is the columnar transposition cipher). The transformation depends onlyon the symbol, the key, and the control information of the enciperment algorithm. A model of stream enciphering is shown:
Plain text
Encryption
Key (optional)
CiphertextISSOPMI wdhuw
![Page 52: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/52.jpg)
52
SummarySome kinds of errors, such as skipping a character in the key during encryption,affect the encryption of all future characters. However, such errors can sometimes be recognized during encryption because the plan text will be properly recovered up to a point, and then all following characters will be wrong.
Errors can sometimes be
recognized
#&^&*gjd!@#$%CID&%$ HJG
Erors can sometimes be
recognzed
Errors can sometimes be
recognized
If that is the case, the receiver may be able to recover from the error by droppinga character of the key on the receiving end. Once the receiver has successfully recalibrated the key with the ciphertext, there will be no further effects from this error.
To address this problem and make it harder for cryptanalyst to break the code, Therefore, a block chipper has been introduced.
#&^&*gjd!@#$%CID&%$ HJG recalibrate
![Page 53: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/53.jpg)
53
Summary – easy to break
The Caesar Cipher allows simple straightforward encoding and decoding. Therefore, it allows unauthorized message recipients to crack such encoded messages easily. If an eavesdropper manages to obtain the encoded message, he only has to test the 26 possible shifts in order to find the original message. This message-cracking attack is called “brute force” and is best performed withthe aid of computers. In our example, however, the pen and pencil approach is sufficient.
![Page 54: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/54.jpg)
54
Summary – easy to break
eulqjfvmrkgwnslhxotmiypunjzqvokarwplbsxqmctyrnduzsoevatpfwbuogxcv
rhydwsizextjafyukbgzvlchawmdibxnejcyofkdzpgleaqhmfarenacsjohdtkpi
![Page 55: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/55.jpg)
55
Substitution Technique
Transposition Technique
•where letters of plaintext are replaced by other letters or by numbers or symbols•or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns.
• transposition or permutation ciphers • these hide the message by rearranging the letter order • without altering the actual letters used• can recognise these since have the same frequency distribution as the original text
Classical Techniques
![Page 56: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/56.jpg)
56
• A typical stream cipher encrypts plaintext one byte at a time.
• Use a key as input to a pseudorandom bit generator that produces a stream of 8-bit numbers that are apparently random.
• Pseudorandom stream is one that is unpredictable without knowledge of the input key.
Stream Cipher Structure
Pseudorandom byte Generator
(key stream generator)
+Plaintext Byte stream
M
Ciphertext Byte stream
C
Key K
K
Pseudorandom byte Generator
(key stream generator)
+ PlaintextByte stream
M
Key K
K
Encryption Decryption
![Page 57: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/57.jpg)
57
• The output of the generator, called a keystream, is combined one byte at a time with the plaintext stream using the bitwise exclusive-OR (XOR) operation.
11001100 Plaintext
Decryption requires the use of the same pseudorandom sequence:
Stream Cipher Structure
01101100 key stream
10100000 Ciphertext+
10100000 Ciphertext
01101100 key stream
11001100 Plaintext+
![Page 58: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/58.jpg)
58
Symmetric Encryption
Classical Modern
Stream cipher Block cipher
Focus
Symmetric Encryption Technique
![Page 59: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/59.jpg)
59
Block Ciphers / Feistel Cipher
Block Ciphers / Feistel Cipher
![Page 60: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/60.jpg)
60
Block Ciphers
• A block cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length.
• Typically, a block size of 64 or 128 bits is used. • Block cipher algorithms can operate in many Modes. A block cipher algorithm can be a :
• Electronic Codebook Mode• Cipher block Chaining Mode• Cipher Feedback Mode• Output Feedback Mode • Counter Mode
• provide secrecy and/or authentication services
![Page 61: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/61.jpg)
61
Feistel Cipher Design Principles
block size increasing size improves security, but slows cipher
key size increasing size improves security, makes exhaustive key searching harder, but may slow cipher
number of rounds increasing number improves security, but slows cipher
subkey generation greater complexity can make analysis harder, but slows cipher
round function greater complexity can make analysis harder, but slows cipher
fast software en/decryption & ease of analysisare more recent concerns for practical use and testing
![Page 62: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/62.jpg)
62
Block Cipher Design
• Divide input bit stream into n-bit sections, encrypt only that section, no dependency/history between sections
• In a good block cipher, each output bit is a function of all n input bits and all k key bits
![Page 63: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/63.jpg)
63
Plaintext
F
Ln+1 Rn+1
RnLn
Kn+1
Substitution
Permutation+XOR
Fiestel Cipher Encryption
Encryption Process: Rn +1 = Ln F(Rn, Kn+1)Ln + 1 = Rn
![Page 64: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/64.jpg)
64
Fiestel Cipher Encryption
Plaintext
F
Ln+1 Rn+1
RnLn
K1
+
F
Ln+1 Rn+1
Ki
+
F
Ln+1 Rn+1
Kn
+
Ciphertext
Round 1
Round i
Round n
![Page 65: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/65.jpg)
65
Ln+1 Rn+1
Plaintext
Ln Rn
F
Kn-1
+XOR
Fiestel Cipher Decryption
Decryption Process:
Ln = Rn+1 F(Ln-1, Kn-1) Rn = Ln - 1
![Page 66: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/66.jpg)
66
Fiestel Cipher Decryption
Rn
Plaintext
Ln
Ln+1 Rn+1
F
K1
+
Ln+1 Rn+1
F
Ki
+
Ln+1 Rn+1
F
Kn
+
Ciphertext
Round n
Round i
Round 1
![Page 67: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/67.jpg)
67
Fiestel Cipher Decryption
Rn
Plaintext
Ln
Ln+1 Rn+1
F
K1
+
Ln+1 Rn+1
F
Ki
+
Ln+1 Rn+1
F
Kn
+
Ciphertext
Round n
Round i
Round 1
Plaintext
F
Ln+1 Rn+1
RnLn
K1
+
F
Ln+1 Rn+1
Ki
+
F
Ln+1 Rn+1
Kn
+
Ciphertext
Round 1
Round i
Round n
![Page 68: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/68.jpg)
68
Fiestel Cipher Algorithm
Input: T: 2t bits of clear text k1, k2, ..., kr: r round keys f: a block cipher with bock size of t
Output: C: 2t bits of cipher text
Algorithm: (L0, R0) = T, dividing T in two t-bit parts (L1, R1) = (R0, L0 ^ f(R0, k1)) (L2, R2) = (R1, L1 ^ f(R1, k2)) ...... C = (Rr, Lr), swapping the two parts
^ is the XOR operation.
![Page 69: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/69.jpg)
69
One of Security Implementations
ATM PIN SECURITY
![Page 70: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/70.jpg)
70
ATM Introduction
Automated Teller Machines (ATM) have become ubiquitous and let you withdraw money fromyour bank account 24 hrs a day and 7 days a week with your ATM card. The ATM cardconstitutes of two things:
the Card number and the Personal Identification Number or PIN.
Each bank issues a card number that is unique to each customer. If it is a debit card, the cardnumber will also be unique worldwide.
• The PIN is like a password to verify a customer’s authenticity. • Cash dispensers in the ATM verify both the card number and the PIN.
![Page 71: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/71.jpg)
71
Working Principle of ATM
• The ATM systems have three main components: Cash dispenser, ATM Server and PIN machine. • The Cash dispenser reads the Card number and the PIN entered by a customer and sends them to a central ATM Server. • The ATM Server has a database which stores ATM card no. and PIN details. • The third component, the PIN machine is used to authenticate the customer ‘s ATM PIN. It is directly connected to the ATM Server and is a tamper proof device that stores a single secret key.
Cash Dispenser ATM Server
Customer AccountHolding Server
PIN Machine
Leased Line
BANK
![Page 72: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/72.jpg)
72
Working Principle of ATM
ATM Server
Leased Line
Customer AccountHolding Server
PIN Machine
Cash Dispenser ATM Server
Customer AccountHolding Server
PIN Machine
Leased Line
BANK
![Page 73: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/73.jpg)
73
Working Principle of ATM
ATM Server
Leased Line
Customer AccountHolding Server
PIN Machine
After the customer enters an ATM counter, he inserts his ATM card into the machine and types his PIN on a numeric keypad.
The Cash dispenser reads the card number from the magnetic strip and the PIN that he has typed and sends them to the ATM Server.
The ATM Server verifies the PIN against the card number with the help of the PIN machine and sends a positive or negative acknowledgement to the Cash dispenser.
At this point, the customer is authenticated and can use his account.
![Page 74: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/74.jpg)
74
ATM PIN Security
• The security of the ATM PIN is a critical element in the entire process.
• There are two ways that an attacker could try to get the ATM PIN: He could either sniff the network when the Cash dispenser is transmitting the PIN to ATM Server or he could compromise the ATM Server and PIN machine to extract the PIN of a user.
• How these threats have been addressed in today’s ATM systems? how.
![Page 75: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/75.jpg)
75
•To prevent the sniffing of the PIN during the transmission, PIN is encrypted using DES or 3DES encryption algorithm and then transmitted from Cash dispenser to ATM Server.
• The shared secret key is stored in Cash dispenser as well as in ATM Server. This application stores the shared DES key in encrypted form using vendor’s proprietary algorithm (e.g. ACI ATM software).
• The solution for the second problem is interesting. The system splits each customer’s PIN into two parts and stores them in two different machines. So even if one of the machines is compromised, the PIN is still secure. Now the problem is of course how to split the PIN securely into two parts. Here we also have to keep in mind that customer can always change his PIN.
ATM PIN Security
![Page 76: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/76.jpg)
76
ATM PIN Security
• An algorithm has been designed that allows the customer’s PIN to be split and also allows the customer to change his PIN.
• Let the customer PIN be a and let’s say it is split into two parts b and c . a = b + c
b is a variable part of the PIN and is called PIN Offset. The PIN Offset is stored in the ATM Server
c is the constant part of the PIN and is called Natural PIN. The Natural PIN is generated in the PIN machine each time.
How does the PIN Machine generate the constant c for each customer and yet keep it a secret? Remember that the ATM card number of a customer is unique. So, the constant part c can be a cryptographic function of the card number.
c = f (card#)
There are different methods to derive a constant number from a card number and a popularmethod is to derive it using the DES algorithm. The PIN machine stores a DES key in itsElectrically Erasable Programmable Read Only Memory (EEPROM). This key is used toencrypt the card number and generate DES encrypted value.
![Page 77: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/77.jpg)
77
ATM PIN Security
There are different methods to derive a constant number from a card number and a popularmethod is to derive it using the DES algorithm. The PIN machine* stores a DES key in itsElectrically Erasable Programmable Read Only Memory (EEPROM). This key is used toencrypt the card number and generate DES encrypted value.
* The DES key is stored in the EEPROM of the machine. EEPROM is chip which is fixed on machine’s circuit board. To retrieve the key, one has to open the box case, remove the circuit board from the box, connect the EEPROM to a EEPROM reader to get the key. So physical security is very important for ATM Server room.
![Page 78: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/78.jpg)
78
ATM PIN Security
Card # + DES key = DES encrypted value
This DES encrypted value is then converted into decimalized form and the first four digits ofthe value are taken. That is the Natural PIN, c . Once again, to summarize, the path is:
DES encrypted value → Decimalized value → First 4 digits of the value = c
The Natural PIN, the constant part, c is not stored anywhere in the entire process. Nobodycan get the PIN by compromising the PIN machine*. The PIN Offset or b is the variable part.When a customer changes his/her PIN only this part is changed. So even if the ATM Server iscompromised only b will be revealed and it is useless without c to get actual Customer PIN a .
* The DES key is stored in the EEPROM of the machine. EEPROM is chip which is fixed on machine’s circuit board. To retrieve the key, one has to open the box case, remove the circuit board from the box, connect the EEPROM to a EEPROM reader to get the key. So physical security is very important for ATM Server room.
![Page 79: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/79.jpg)
79
ATM PIN Authentication Process
• The mechanism for authenticating the ATM PIN is quite simple. When a customer inserts his ATM card and type the PIN, the card number and PIN are sent to the ATM Server encrypted.
• The ATM Server decrypts the card number and the PIN; it first validates the card number against its database.
• The valid card number, the PIN Offset b of that card and the PIN typed by the customer are sent to the PIN machine.
• Now the PIN machine generates the Natural PIN c from the card no., adds it with PIN Offset b and generates the true Customer PIN a .
• Then it compares the actual Customer PIN a with the customer supplied PIN. If the two of them matched then it sends positive acknowledgement to ATM Server indicating that the customer is authenticated.
• Note that in this process, the Natural PIN never leaves the tamper proof PIN Machine, and the PIN machine does not have to store individual PINs of all the users. Instead, it securely stores the DES key for generating the Natural PIN from each user’s card number.
![Page 80: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/80.jpg)
80
Generation & Distribution of ATM PIN
• The ATM system deals with critical customer information and is more secure by design.
• But there can still be security risks during the generation and distribution of a new card and PIN .
• The Card number is generated by the ATM Server and the PIN is generated by the PIN machine from the card number as mentioned above.
• But for the first time, the PIN Offset of the new PIN is randomly generated by the PIN machine.
• There are two ways to print the PIN mailer.
In the first method, the operator will generate a new PIN using the PIN machine, get the PIN and generate the printout of the PIN mailer.
In the second method, the operator requests the PIN machine to generate a new PIN. The PIN machine generates the PIN and directly prints it to a connected printer and seals the print mailer before giving it to the operator.
• The second method is clearly more secure than first one as the operator never comes to know the secret PIN.
![Page 81: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/81.jpg)
81
Modern Techniques (Block Ciphers)&
Asymmetric Cipher
![Page 82: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/82.jpg)
82
Using Key in Cryptography
![Page 83: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/83.jpg)
83
A sequence of symbols that controls the operation of a cryptographic transformation (e.g. encipherment, decipherment).
In practice a key is normally a string of bits used by a cryptographic algorithm to transform plain text into cipher text or vice versa. The key should be the only part of the algorithm that it is necessary to keep secret.
Definition of Key
![Page 84: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/84.jpg)
84
The key length is usually expressed in bits, 8 bits to one byte. Bytes are a more convenient form for storing and representing keys because most computer systems use a byte as the smallest unit of storage (the strict term for an 8-bit byte is octet).
Just remember that most encryption algorithms work with bit strings. It's up to the user to pass them in the required format to the encryption function they are using. That format is generally as an array of bytes, but could be in hexadecimal or base64 format.
In theory, the longer the key, the harder it is to crack encrypted data. The longer the key, however, the longer it takes to carry out encryption and decryption operations.
Key Length
![Page 85: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/85.jpg)
85
Analogy - Strength
![Page 86: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/86.jpg)
86
Analogy - Breaking
![Page 87: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/87.jpg)
87
Block cipher encryption algorithms like AES and Blowfish work by taking a fixed-length block of plaintext bits and transforming it into the same length of ciphertext bits using a key.
Most other block cipher encryption methods have a fixed length key. For example, DES has a 64-bit key (but only uses 56 of them) and Triple DES has a 192-bit key (but only uses 168 of them).
IDEA uses a 128-bit key.
The Advanced Encryption Algorithm (AES) has a choice of three key lengths: 128, 192 or 256 bits.
Public key encryption algorithms like RSA typically have key lengths in the order of 1000-2000 bits. Be careful with the difference in key lengths for block cipher algorithms and public key algorithms.
192-bit Triple DES key is equivalent in security terms to a 2048-bit RSA key, and an AES-128 key is equivalent to a 3072-bit RSA key
Key Length
![Page 88: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/88.jpg)
88
To crack some ciphertext encrypted with a 64-bit key by the brute-force method of trying every combination of keys possible means you have 2^64 possible combinations or 1.8 x 10^19 (that's 18 followed by 18 naughts).
We can expect, on the average, to find a correct answer in half this number of tries. If we have a computer that can carry out one encryption operation every millisecond, it will take about 292 million years to find the correct value. Speed up your computer by a million times and it will still take about 3 centuries to solve.
The equivalent brute force technique for a 128-bit key will, in theory, take a "long time", probably past the expected life of the universe. But, in practice, a set of supercomputers operating in parallel can crack a 64-bit key in a relatively short time.
If an attacker has access to a large selection of messages all encrypted with the same key, there are other techniques that can be used to reduce the time to derive the key.
Relevant of Key Length
![Page 89: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/89.jpg)
89
Most encryption schemes are cracked not by brute force trying of all possible combinations of key bits, but by using other knowledge about how the sender derived the key.
This could be a faulty random number generator known to used by the system, or knowledge that the user derived the key solely from a password of only the letters a to z, or just used simple English words. Or perhaps by finding out the keystrokes typed on the keyboard by the user with a keystroke logger, or by bribing (or torturing) someone to give them the key, or by reading the post-it note the user has conveniently left on the side of the computer with the password written on it. The traps are many and subtle and even the experts get it wrong.
Why spend hours trying to pick the expensive security lock when the owner of the house has left a window open?
How do encryption schemes fail?
![Page 90: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/90.jpg)
90
Strictly, it's not the length of the key, but the "entropy" in the method used to derive the key. There is approximately one bit of entropy in an normal ASCII character.
If you derive a 128-bit key from a password or pass phrase, you will need a very long pass phrase to get enough theoretical entropy in the key to match the security of the underlying key length: Bruce Schneier estimates that you need a 98-character English pass phrase for a 128-bit key. Most people can't be bothered with such a cumbersome pass phrase.
How do encryption schemes fail?
![Page 91: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/91.jpg)
91
Using AES with a 128-bit key should provide adequate security for most purposes. The longer you intend to keep the encrypted data secret, the longer the key you should use, on the principle that cracking techniques will continue to improve over time. Bruce Schneier recommends a 256-bit key for data you intend to keep for 20-30 years.
No one is going to criticise you for using a key that is too long provided your software still performs adequately. However, the biggest danger in using a key that is too large is the false sense of security it provides to the implementers and users. "Oh, we have n-million-bit security in our system" may sound impressive in a marketing blurb, but the fact that your private key is not adequately protected or your random number generator is not random or you have used an insecure algorithm may mean that the total security is next to useless.
Remember it is the security of the total system that counts, including procedures followed by users.
How do encryption schemes fail?
![Page 92: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/92.jpg)
92
Whatever you use, use an accepted algorithm: DES, Triple DES, RSA, AES, Blowfish, IDEA, etc.
Don't try making up your own algorithm; we (learners) aren't that good. The only secret should be in the value of the key.
Choice of Algorithm
![Page 93: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/93.jpg)
93
People often get confused between "password" and "key". A password is typically a series of ASCII characters typed at a keyboard, e.g. "hello123" or "my secret pass phrase". This makes it easier for users to remember. They are, of course, much easier to crack because there are significantly fewer combinations to choose from. A pass phrase is simply a password that consists of several words in a string, e.g. "she sells sea shells", so the terms "password" and "pass phrase" are equivalent for our purposes. In principle, a pass phrase makes it easier for a user to remember a long combination of characters. In practice, this adds to security only if the pass phrase is something known only to the user. Don't use quotes from famous literature - hackers read them, too.
Password, Pass Phrase & Key
![Page 94: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/94.jpg)
94
A password is typically a series of ASCII characters typed at a keyboard, e.g. "hello123" or "my secret pass phrase". This makes it easier for users to remember. They are, of course, much easier to crack because there are significantly fewer combinations to choose from.
A pass phrase is simply a password that consists of several words in a string, e.g. "she sells sea shells", so the terms "password" and "pass phrase" are equivalent for our purposes. In principle, a pass phrase makes it easier for a user to remember a long combination of characters. In practice, this adds to security only if the pass phrase is something known only to the user.
A key used by an encryption algorithm is a bit string. A 128-bit key will have exactly 128 bits in it, i.e. 16 bytes. You will often see keys written in hexadecimal format where each character represents 4 bits, e.g. "FEDCBA98765432100123456789ABCDEF" represents 16 bytes or 128 bits. The actual bits in this example are :
1111 1110 1101 1100 1011 1010 1001 1000 0111 0110 0101 0100 0011 0010 0001 0000 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111
Password, Pass Phrase & Key
![Page 95: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/95.jpg)
95
In a university, a student needs to encrypt her password (with a unique symmetric key) before sending it when she logs in. Does encryption protect the university or the student? Explain your answer.
Just to test 1
![Page 96: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/96.jpg)
96
In a university, a student needs to encrypt her password (with a unique symmetric key) before sending it when she logs in. Does encryption protect the university or the student? Explain your answer.
The encryption protects the student and the university for the first time. However, the intruder can intercept the encrypted password and replay the process some other times. The intruder does not have to know the password in plaintext; the encrypted password suffices for replaying. The university system cannot determine if the student has encrypted the message again or the intruder is replaying it.
Answer for the “Just to test 1”
![Page 97: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/97.jpg)
97
How should I derive the key?
![Page 98: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/98.jpg)
98
a. What are two basic functions used in encryption algorithm? Explain how each of these methods works and
please include the example.
Just to test 2
![Page 99: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/99.jpg)
99
a. What are two basic functions used in encryption algorithm? Explain how each of these methods works and please include the
example.
Substitution and Transposition/Permutation
Substitutionwhere letters of plaintext are replaced by other letters or by numbers or symbols. Or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns.
Transposition/PermutationA transposition is an encryption in which the letters of the message are re arranged. With transposition is an encryption in which the letters of the message are rearranged. With transposition, the cryptography aims for diffusion, widely spreading the information from the message or key across the ciphertext. Transpositions try to break established patterns. Because a transposition is re arranged of the symbols of a message, it also known as a permutation.
Answer for the “Just to test 2”
![Page 100: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/100.jpg)
100
A block cipher is a function E: {0,1}k x {0,1}n {0,1}n . This notation means that E takes two inputs, one being a k-bit string and the other an n-bit string, and returns an n-bit string. The first input is the key. The second might be called the plaintext, and the output might be called a ciphertext. The key-length k and the block-length n are parameters associated to the block cipher. They vary from block cipher to block cipher.
Block Cipher
Plaintext
F
Ln+1 Rn+1
RnLn
Kn+1
Substitution
Permutation+XOR
Encryption Process: Rn +1 = Ln F(Rn, Kn+1)Ln + 1 = Rn
![Page 101: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/101.jpg)
101
Block Cipher
For each key K {0,1}k we let Ek: {0,1}n {0,1}n be the function defined by EK(M) = E(K,M). For any block cipher, and any key K, it is required that the function EK be a permutation on {0,1}n. This means that it is a bijection (ie., a one-to-one and onto function) of {0,1}n to {0,1}n . (For every C {0,1}n there is exactly one M {0,1}n such that EK(M) = C.) Accordingly EK has an inverse, and we denote it (EK)-1.
Plaintext
F
Ln+1 Rn+1
RnLn
Kn+1
Substitution
Permutation+XOR
Encryption Process: Rn +1 = Ln F(Rn, Kn+1)Ln + 1 = Rn
![Page 102: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/102.jpg)
102
Block Cipher
This function also maps {0,1}n {0,1}n , and of course we have (EK)-1(EK(M)) = M and EK ((EK)-1(C)) = C
for all M, C {0,1}n . We let
E-1: {0,1}k x {0,1}n {0,1}n be defined by E-1(K,C) = (EK)-1(C). This is the inverse block cipher to E.
Note: implies ; ∈ set membershipA B means if A is true then B is also true; if A is false then nothing is said about B. a ∈ S means a is an element of the set S
Rn
Plaintext
Ln
Ln+1 Rn+1
F
K1
+
Ln+1 Rn+1
F
Ki
+
Ln+1 Rn+1
F
Kn
+
Ciphertext
Round n
Round i
Round 1
![Page 103: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/103.jpg)
103
Block Cipher
The block cipher E is a public and fully specified algorithm. Both the cipher E and its inverse E-1 should be easily computable, meaning given K,M we can readily compute E(K,M), and given K,C we can readily compute E-1(K,C). By “readily compute" we mean that there are public and relatively efficient programs available for these tasks.
![Page 104: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/104.jpg)
104
Before Start, Just Review BackBefore Start, Just Review Back
Block Ciphers / Feistel Cipher
Block Ciphers / Feistel Cipher
DESDES
DES of Modes OperationDES of Modes Operation
![Page 105: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/105.jpg)
105
DES – Data Encryption Standard
A Block cipherData encrypted in 64-bit blocks using a 56-bit key (effective key); Ciphertext is of 64-bit longEncrypts by series of substitution and transpositions (or permutations)
![Page 106: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/106.jpg)
106
DES - Basics
DES uses the two basic techniques of cryptography - confusion and diffusion. At the simplest level, diffusion is achieved through numerous permutations and confusions is achieved through the XOR operation and the S-Boxes.This is also called an S-P network.
![Page 107: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/107.jpg)
107
DES - Basics
Fundamentally DES performs only two operations on its input, bit shifting (permutation), and bit substitution. The key controls exactly how this process works.By doing these operations repeatedly and in a non-linear manner you end up with a result which can not be used to retrieve the original without the key.
![Page 108: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/108.jpg)
108
Input of DES
Data: need to be broken into 64-bit blocks; add pad at the last message if necessary.
e.g. X=(3 5 0 7 7 F 1 0 A B 1 2 F C 6 5)HEX
Secret key: Any string of 64 bits long including 8 parity bits.1 parity bit in each 8-bit byte of the key may be utilized for error detection in key generation, distribution, and storage;K=(k1…k7k8… k15k16k17…k24…k32… k40… k48… k56… k64)
The parity bits k8,k16,k24,k32,k40,k48,k56,k64 help ensure that each byte is of odd parity
![Page 109: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/109.jpg)
109
DES Block cipher
![Page 110: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/110.jpg)
110
DES Encryption
![Page 111: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/111.jpg)
111
DES Encryption Diagram
Initial permutation
64-bit plaintext
Iteration 1
Iteration 2
K1
Iteration 16
32-bit Swap
Inverse permutation
64-bit ciphertext
K2
K16
16 subkeys of each 48-bits
![Page 112: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/112.jpg)
112
How to use DES?
Four modes of operations were defined for DES in ANSI standard ANSI X3.106-1983 Modes of Usesubsequently now have 5 for DES and AEShave block and stream modes
![Page 113: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/113.jpg)
113
Handle long messages
Block ciphers encrypt fixed size blockseg. DES encrypts 64-bit blocks, with 56-bit key How to encrypt arbitrary amount of information ?
Message is broken into blocks of 64 bitsAt end of message, handle possible last short block
by padding either with known non-data value (eg nulls)or pad last block with count of pad size
– eg. [ b1 b2 b3 0 0 0 0 5] <- 3 data bytes, then 5 bytes pad+count
Then they are encrypted and decrypted in various combinations of keys and texts.
![Page 114: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/114.jpg)
Details for DES, Please refer and read:
Stallings, W. (2006). Cryptography and Network Security. New Jersey: Prentice-Hall. Page 63 - 90
114
![Page 115: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/115.jpg)
115
Chapter 3Public-Key Cryptography
![Page 116: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/116.jpg)
116
OverviewOverview
Symmetric Cryptography Summary
Symmetric Cryptography Summary
Public-Key CryptographyPublic-Key Cryptography
Example: RSAExample: RSA
DiscussionDiscussion
![Page 117: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/117.jpg)
117
Categories of cryptography
![Page 118: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/118.jpg)
118
ASYMMETRIC-KEY CRYPTOGRAPHYASYMMETRIC-KEY CRYPTOGRAPHY
An asymmetric-key (or public-key) cipher uses two An asymmetric-key (or public-key) cipher uses two keys: one private and one public. We discuss one keys: one private and one public. We discuss one algorithms: RSAalgorithms: RSA
RSATopics discussed in this section:Topics discussed in this section:
![Page 119: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/119.jpg)
119
Asymmetric Cryptography
![Page 120: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/120.jpg)
120
Comparison between two categories of cryptography
![Page 121: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/121.jpg)
121
Symmetric Cryptography Summary
Symmetric Cryptography Summary
Public-Key CryptographyPublic-Key Cryptography
Example: RSAExample: RSA
DiscussionDiscussion
![Page 122: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/122.jpg)
122
Message is encrypted
EAB
E
Message is decrypted
D
EAB
Confidentiality – Alice and Bob share the key/
Authentication – only from Alice, therefore is cannot be altered in transit
Man needs Woman, Woman NeedsMoney for shopping
123456696096785403657849302610395867567484509121212347
Man needs Woman, Woman NeedsMoney for shopping
Symmetric Concept
No signature - Bob could forge the message - Sender could deny the message
![Page 123: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/123.jpg)
123
Symmetric Cryptography Summary
Symmetric Cryptography Summary
Public-Key CryptographyPublic-Key Cryptography
Example: RSAExample: RSA
DiscussionDiscussion
![Page 124: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/124.jpg)
124
public-key/two-key/asymmetric cryptography involves the use of two keys:
a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures
is asymmetric becausethose who encrypt messages or verify signatures cannot decrypt messages or create signatures
Private-Key Cryptography Definition
![Page 125: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/125.jpg)
125
allows users to communicate securely without having prior access to a shared secret key,
by using a pair of cryptographic keys, designated as public key and private key, which are related mathematically.
the private key is generally kept secret, while the public key may be widely distributed.
In a sense, one key "locks" a lock; while the other is required to unlock it. It should not be possible to deduce the private key of a pair given the public key.
Private-Key Cryptography - Concept
![Page 126: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/126.jpg)
126
Message is encrypted
EB
Message is decrypted
DB
Public-Key Basic Concept
Man needs Woman, Woman NeedsMoney for shopping
123456696096785403657849302610395867567484509121212347
Man needsWoman, Woman NeedsMoney for shopping
Alice Bob
Message (M)Plaintext Ciphertext
Message (M)Plaintext
Bob’s Public Key (EB) Bob’s Private Key (DB)
![Page 127: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/127.jpg)
127
• This model provides no authentication because any party could also use Bob’s “public key” to encrypt Message (M)
Message is encrypted
EB
Message is decrypted
DB
Public-Key Basic Concept
Man needs Woman, Woman NeedsMoney for shopping
123456696096785403657849302610395867567484509121212347
Man needsWoman, Woman NeedsMoney for shopping
Alice Bob
Message (M)Plaintext Ciphertext
Message (M)Plaintext
Confidentiality
![Page 128: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/128.jpg)
128
Private-Key Cryptography
![Page 129: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/129.jpg)
129
There are many forms of public-key cryptography, including:public key encryption — keeping a message secret from anyone that does not possess a specific private key.
public key digital signature — allowing anyone to verify that a message was created with a specific private key.
key agreement — generally, allowing two parties that may not initially share a secret key to agree on one.
Public-Key Cryptography Options
![Page 130: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/130.jpg)
130
The most obvious application of a public key encryption system is confidentiality;a message which a sender encrypts using the recipient's public key can only be decrypted by the recipient's paired private key.
Public-key digital signature algorithms can be used for sender authentication. For instance, a user can encrypt a message with his own private key and send it. If another user can successfully decrypt it using the corresponding public key, this provides assurance that the first user (and no other) sent it.
Private-Key Cryptography
![Page 131: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/131.jpg)
131
• This model does provide authentication and digital signature
To Provide Authentication & Signature
Man needs Woman, Woman NeedsMoney for shopping
123456696096785403657849302610395867567484509121212347
Man needs Woman, Woman NeedsMoney for shopping
Alice Bob
Message (M)Plaintext Ciphertext
Message (M)Plaintext
• But, this scheme not provide confidentiality, because anyone has Alice’s public key can decrypt the ciphertext.
Alice has “signed” the message
Message is encrypted
EA
Alice use her private key
E
Message is decrypted
DA
Bob user Alice’s public key
D
![Page 132: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/132.jpg)
132
To Provide Confidentiality, Authentication and Signature
Man needs Woman, Woman NeedsMoney for shopping
123456696096785403657849302610395867567484509121212347
Man needs Woman, Woman NeedsMoney for shopping
Alice BobMessage (M)
Plaintext CiphertextMessage (M)
Plaintext123456696096785403657849302610395867567484509121212347
123456696096785403657849302610395867567484509121212347
Message is encrypted
EA
Alice use her private key
E
Message is encrypted
EB
Alice use Bob’s public key
E
Message is decrypted
DB
Bob use his private key
D
Message is decrypted
DA
Bob use Alice’s public key
D
•Bottleneck: The public-key algorithm is complex and must be exercised four times rather than two in each communication
Digital Signature&
Authentication
Confidentiality
![Page 133: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/133.jpg)
133
Why Public-Key Cryptography?
developed to address two key issues:key distribution – how to have secure communications in general without having to trust a KDC with your keydigital signatures – how to verify a message comes intact from the claimed sender
Need to read page:
![Page 134: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/134.jpg)
134
Public-Key Applications
can classify uses into 3 categories:encryption/decryption (provide secrecy)digital signatures (provide authentication)key exchange (of session keys)
some algorithms are suitable for all uses, others are specific to one
![Page 135: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/135.jpg)
135
Security of Public Key Schemes
like private key schemes brute force exhaustive search attack is always theoretically possible but keys used are too large (>512bits) security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalyse) problemsmore generally the hard problem is known, its just made too hard to do in practise requires the use of very large numbershence is slow compared to private key schemes
![Page 136: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/136.jpg)
136
1) Well-regarded public-key techniques include:• Diffie-Hellman• RSA encryption algorithm• ElGamal• DSS (Digital Signature Standard), which incorporates the Digital Signature Algorithm.• Various Elliptic Curve techniques• Various Password-authenticated key agreement techniques• Paillier cryptosystem
2) Protocols using asymmetric key algorithms include:• PGP – Pretty Good Privacy• GNU Privacy Guard (GPG) an implementation of OpenPGP• Secure Shell (SSH)• SSL now implemented as an IETF standard; Trasnsport Layer Security (TLS)
Example of Public-Key Cryptographic Techniques
![Page 137: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/137.jpg)
137
Course Work: PresentationCourse Work: Presentation
Symmetric Cryptography Summary
Symmetric Cryptography Summary
Public-Key CryptographyPublic-Key Cryptography
Example: RSAExample: RSA
DiscussionDiscussion
![Page 138: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/138.jpg)
138
As previously mentioned, this algorithm was created by Ron Rivest, Adi Shamir, and Len Adleman of MIT.
Dr. Ron Rivest received his Bachelors Degree in Mathematics from Yale University in 1969, while obtaining his Doctorate Degree in Computer Science from Stanford University in 1974. He is most famously known for his work in the RSA algorithm, along with his creation of the symmetric key encryption algorithms (RC2, RC4, RC5, and RC6).
Dr. Rivest is currently working as a senior Professor of Computer Science in the Department of Electrical Engineering and Computer Science at MIT.
Cryptographers
![Page 139: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/139.jpg)
139
Dr. Adi Shamir received his Bachelors Degree in Mathematics from Tel-Aviv University in 1973, and received his MSc and PhD Degrees in Computer Science from the Weizmann Institute of Israel in 1975 and 1977, respectively. During the latter half of the 1970’s Dr. Shamir participated in research at the facilities of MIT, where he took part in inventing the RSA algorithm. Apart from the RSA algorithm, Dr. Shamir is well known for breaking the Merkle-Hellman cryptosystem and for his creation of the Shamir secret sharing scheme (cryptography).
Presently, Dr. Shamir is a faculty member of the Weizmann Institute in the Department of Mathematics and Computer Science.
Cryptographers
![Page 140: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/140.jpg)
140
Dr. Len Adleman received his Bachelors Degree in Mathematics in 1968 and his Doctorate Degree in Computer Science in 1976 from the University of California, Berkeley. In addition to his involvement in designing the RSA algorithm, Dr. Adleman is widely known for creating the initial field of DNA Computing at the University of Southern California (USC).
At the present time Dr. Adleman is working as a Professor of Computer Science and Molecular Biology at USC.
In 2002 Dr. Rivest, Dr. Shamir, and Dr. Adleman received the ACM Turing Award, awarded on behalf of the Association of Computing Machinery in recognition of their discovery of the RSA encryption algorithm. (This award is commonly referred to as the Nobel Prize of Computer Science.)
Cryptographers
![Page 141: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/141.jpg)
141
RSA
![Page 142: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/142.jpg)
142
Selecting Keys
Bob use the following steps to select the private and public keys:
1. Bob chooses two very large prime numbers p and q. Remember that a prime number is one that can be divided evenly only by 1 and itself.
2. Bob multiplies the above two primes to find n, the modulus for encryption and decryption. In other words, n = p x q.
3. Bob calculate another number = (p-1) x (q-1).
4. Bob chooses a random integer e. He then calculates d so that d x e = 1 mod .
5. Bob announces e and n to the public; he keeps and d secret.
![Page 143: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/143.jpg)
143
Need To Know
In RSA, e and n are announced to the public; d and are kept secret.
Note
![Page 144: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/144.jpg)
144
Encryption
Anyone who needs to send a message to Bob can use n and e. For example, if Alice needs to send a message to Bob, she can change the message, usually a short one, to an integer. This is the plaintext. She then calculates the ciphertext, using e and n.
Alice sends C, the ciphertext, to Bob.
C = Pe (mod n)
![Page 145: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/145.jpg)
145
Decryption
Bob keeps and d private. When he receives the ciphertext, he uses his private key d to decrypt the message.
P = Cd (mod n)
![Page 146: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/146.jpg)
146
Bob chooses 7 and 11 as p and q and calculates n = 7- 11 = 77. The value of Ø=(7-1) or 60. Now he chooses two keys, e and d. if he chooses e to be 13, then d is 37. Now Alice sends the plaintext 5 to Bob. She uses the public key 13 to encrypt 5.
Example 2 - Question
![Page 147: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/147.jpg)
147
Bob chooses 7 and 11 as p and q and calculates n = 7* 11 = 77. The value of Ø=(7-1) or 60. Now he chooses two keys, e and d. if he chooses e to be 13, then d is 37. Now Alice sends the plaintext 5 to Bob. She uses the public key 13 to encrypt 5.
Example 2 - Answer
Plaintext: 5 C = 513 =26 mod 77 Ciphertext: 26
Ciphertext 26 P 2637= 5 mod 77 Plaintext: 5 Intended message sent by Alice
Bob receives the ciphertext 26 and uses the private key 37 to decipher the ciphertext:
The plaintext 5 sent by Alice is received as plaintext 5 by Bob.
![Page 148: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/148.jpg)
148
Example 3
Let me give a realistic example. We choose a 512-bit p and q. We calculate n and . We then choose e and test for relative primeness with (n). We calculate d. Finally, we show the results of encryption and decryption. A program written in Java/C/C++ to do so; this type of calculation cannot be done by a calculator.
The integer q is a 160-digit number.
![Page 149: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/149.jpg)
149
Example 3
We calculate n. It has 309 digits:
We calculate . It has 309 digits:
![Page 150: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/150.jpg)
150
Example 3
We choose e = 35,535. We then find d.
Alice wants to send the message “THIS IS A TEST” which can be changed to a numeric value by using the 00–26 encoding scheme (26 is the space character).
![Page 151: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/151.jpg)
151
Example 3
The ciphertext calculated by Alice is C = Pe, which is.
Bob can recover the plaintext from the ciphertext by using P = Cd, which is
The recovered plaintext is THIS IS A TEST after decoding.
![Page 152: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/152.jpg)
152
Example 4
Bob chooses 7 and 11 as p and q and calculates n = 7 · 11 = 77. The value of = (7 − 1) (11 − 1) or 60. Now he chooses two keys, e and d. If he chooses e to be 13, then d is 37. Now imagine Alice sends the plaintext 5 to Bob. She uses the public key 13 to encrypt 5.
![Page 153: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/153.jpg)
153
Example 4
Bob receives the ciphertext 26 and uses the private key 37 to decipher the ciphertext:
The plaintext 5 sent by Alice is received as plaintext 5 by Bob.
![Page 154: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/154.jpg)
154
Example 5
Jennifer creates a pair of keys for herself. She chooses p = 397 and q = 401. She calculates n = 159,197 and = 396 · 400 = 158,400. She then chooses e = 343 and d = 12,007. Show how Ted can send a message to Jennifer if he knows e and n.
![Page 155: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/155.jpg)
155
Example 5
SolutionSuppose Ted wants to send the message “NO” to Jennifer. He changes each character to a number (from 00 to 25) with each character coded as two digits. He then concatenates the two coded characters and gets a four-digit number. The plaintext is 1314. Ted then uses e and n to encrypt the message. The ciphertext is 1314343 = 33,677 mod 159,197. Jennifer receives the message 33,677 and uses the decryption key d to decipher it as 33,67712,007 = 1314 mod 159,197. Jennifer then decodes 1314 as the message “NO”. Figure 30.25 shows the process.
![Page 156: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/156.jpg)
156
Example 5
![Page 157: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/157.jpg)
157
1. Alice wants to send a cellphone text message to Bob securely, over an insecure communication network. Alice's cellphone has a RSA public key KA and
matching private key VA; likewise, Bob's cellphone has KB and VB. Let's design a cryptographic protocol for doing this, assuming both know each other's public
keys. Here is what Alice's cellphone will do to send the text message m:(i) Alice's phone randomly picks a new AES session key k and computes c = RSA-
Encrypt(KB, k), c’ = AES-CBC-Encrypt(k, m), and t = RSA-Sign(VA, (c, c’)).
(ii) Alice's phone sends (c, c’, t) to Bob's phone.
And here is what Bob's cellphone will do, upon receiving (c, c’, t):
(i) Bob's phone checks that t is a valid RSA signature on (c, c’) under public key KA. If not, abort.
(ii) Bob's phone computes k’ = RSA-Decrypt(VB, c) and m’ = AES-CBC-Decrypt(k’, c’).
(iii) Bob's phone informs Bob that Alice sent message m’.
Example 6 - Question
![Page 158: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/158.jpg)
158
Does this protocol ensure the confidentiality of Alice's messages? Why or why not?
Does this protocol ensure authentication and data integrity for every text message Bob receives? Why or why not?
Suppose that Bob is Alice's stockbroker. Bob hooks up the output of this protocol to an automatic stock trading service, so if Alice sends a text message “Sell 100 shares MSFT” using the above protocol, then this trade will be immediately and automatically executed from Alice's account. Suggest one reason why this might be a bad idea from a security point of view.
Example 6 - Question
![Page 159: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/159.jpg)
159
Does this protocol ensure the confidentiality of Alice's messages? Why or why not?
Yes. Since AES-CBC-Encrypt is secure, no one can recover m from c’ without knowledge of k. Also, since RSA-Encrypt is secure, only someone who knows KB—namely, Bob—can recover k.
Does this protocol ensure authentication and data integrity for every text message Bob receives? Why or why not?
Yes. Since RSA-Sign is secure, if (c, c’) passes step 1, then only someone who knew vA—namely, Alice—could have sent (c, c’). Now (c, c’) uniquely determines m, the message that Alice wanted to send.Conclusion: If Bob accepts m in step 3, then Alice sent m.
Example 6 - Answer
![Page 160: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/160.jpg)
160
Suppose that Bob is Alice's stockbroker. Bob hooks up the output of this protocol to an automatic stock trading service, so if Alice sends a text message “Sell 100 shares MSFT” using the above protocol, then this trade will be immediately and automatically executed from Alice's account. Suggest one reason why this might be a bad idea from a security point of view.
No protection against replays. An active attacker could replay a valid ciphertext from Alice 10 times, causing 1000 shares to be sold—even though Alice only wanted 100 sold. Denial-of-service. An active attacker could prevent Alice’s ciphertext from reaching Bob. Since Alice doesn’t receive any acknowledgement, she will think her trade was executed, when it actually wasn’t. If Alice’s cellphone is lost or stolen, then its new owner can cause trades to be executed from Alice’s account without Alice’s authorization. [It suffices for you to mention any one of these problems.]
Example 6 - Answer
![Page 161: 1 Week 2 Cryptography. 2 Concepts 3 Cryptography Cryptsecret Graphia writing Latin Concerned with developing algorithms: - Conceal the context of some](https://reader036.vdocuments.us/reader036/viewer/2022062320/56649d425503460f94a1e35e/html5/thumbnails/161.jpg)
161
How Do You Want Protect Your Network System
Thank YouSee You Next Week
Have A Nice Weekend