chapter 1 introduction cryptography-principles and practice harbin institute of technology school of...
TRANSCRIPT
Chapter 1 Introduction
Cryptography-Principles and PracticeHarbin Institute of TechnologySchool of Computer Science and Technology
Zhijun Lihttp://cst.hit.edu.cn/~lizhijun
Zhijun Li S1034040/Autumn08/HIT 2
Outline
• Cryptography Overview
• Basic Terminology
• Goals of Cryptography
• Historical Review of Cryptology
Zhijun Li S1034040/Autumn08/HIT 3
Cryptography Overview
• Greek: “krypto” = hide
• Cryptology – science of hiding = cryptography + cryptanalysis
• Cryptography – design to hide
• Cryptanalysis – analyzing (breaking) secrets– Cryptanalysis is what attacker does– Decryption is what legitimate receiver does
Zhijun Li S1034040/Autumn08/HIT 4
Outline
• Cryptography Overview
• Basic Terminology
• Goals of Cryptography
• Historical Review of Cryptology
Zhijun Li S1034040/Autumn08/HIT 5
Basic Terminology
• Cryptology
• Cryptography
• Cryptanalysis
• Ciphers (Cryptosystems, Cryptoalgorithms)
• Encryption and Decryption
• Plaintext(Cleartext)
• Ciphertext(Cryptogram)
Zhijun Li S1034040/Autumn08/HIT 6
Cryptography
• Cryptography deals with the design of algorithms, protocol, or service using some basic tools to achieve the security goals
• Tools cover encryption algorithms, one-way functions, pseudorandom functions, hashing functions, signature schemas, etc
Zhijun Li S1034040/Autumn08/HIT 7
Cryptanalysis
• Description: Cryptanalysis is an (usually vulnerability) analysis of a cryptosystem– Using mathematical methods to prove that the design
does (or does not) achieve a security goal under some (new) attacks
• Description: Attack is an attempt to cryptanalysis
• Note: a part of cryptography
Zhijun Li S1034040/Autumn08/HIT 8
Ciphers
Alice Encryption Decryption Bob
Secure Channel
Oscar
M C M
K
Encipher Decipher
C=EK(M); M=DK(C)
• M is plaintext (cleartext)• C is ciphertext (cryptogram)• K is key
Zhijun Li S1034040/Autumn08/HIT 9
Formal Description
• A cryptosystems is (M,C,K,E,D)– M set of all plaintext – C set of all ciphertext – K set of all keys (keyspace)
– E set of encryption rules, ek: M C
– D set of decryption rules dk : C M
– For any kK, there exists a ek E and corresponding dk D such that
mM, dk(ek(m))=m
Zhijun Li S1034040/Autumn08/HIT 10
Mappings or Algorithms
• Mappings – ek and dk are functions– ek is an injection and normally an one-to-one function– If M=C, ek is a permutation– The theory aspect
• Algorithms– ek and dk should be implemented and analyzed via co
mputer– The practice aspect
• Mappings and Algorithms
Zhijun Li S1034040/Autumn08/HIT 11
• Cryptography Overview
• Basic Terminology
• Goals of Cryptography
• Historical Review of Cryptology
Outline
Zhijun Li S1034040/Autumn08/HIT 12
• The most basic problem:
Ensure security of communication over insecure medium
• In the architecture of information security
Goals of Cryptography
Zhijun Li S1034040/Autumn08/HIT 13
• Confidentiality(privacy,secrecy)– Ensures that information flow between the sender and
the receiver is unintelligible to outsiders (against eavesdropping)
Goal Confidentiality
Zhijun Li S1034040/Autumn08/HIT 14
• Message integrity– Enables the receiver to verify whether the message h
as been tampered with by outsiders
Goal Message Integrity
Zhijun Li S1034040/Autumn08/HIT 15
Goal Message Authentication
• Message authentication– Allows the receiver of messages to determine the true
identity of the sender (against impersonation)
Zhijun Li S1034040/Autumn08/HIT 16
Goal Non-repudiation
• Non-repudiation– Prevents the sender of a message from claiming that t
hey have not sent the message
Zhijun Li S1034040/Autumn08/HIT 17
• Security Service is something that enhances the security – Make use of one or more security mechanisms
• Security Mechanism is designed to detect, prevent, or recover from a security attack– One particular element is: cryptographic techniques
• Attacks are any action that compromises the security of information
Security Infrastructure
Zhijun Li S1034040/Autumn08/HIT 18
Kerckhoff’s Principle
The type of Attacks
Attacks of Cryptography
• Known something– The algorithm– Cleartext or Ciphertext or others
• Want to know (Purpose)– The key– Cleartexts for some Ciphertexts– Others
Zhijun Li S1034040/Autumn08/HIT 19
Types of Attacks
• Ciphertext-only attack (COA)– Only know some ciphertexts
• Known-plaintext attack (KPA)– Know some pairs of message and corresponding cryptogram
• Chosen-plaintext attack (CPA)– Can choose messages and read the corresponding cryptogram– Can interact the encipher
• Chosen-ciphertext attack (CCA)– Can choose cryptograms and observe the corresponding messa
ges– Can interact the decipher
Zhijun Li S1034040/Autumn08/HIT 21
Brute Force Attack
Key size(bits) Time (1us/test) Time(1us/106test)
32 35.8mins 2.15 msec
40 6.4days 550 msec
56 1140yeas 10.0 hours
64 ~500000yeas 107 days
128 5 1024 yeas 5 1018 years
• Key space enumeration– Ciphertext-only attacks
• Suppose the correct plaintexts can be identified
– Know one pair of message and cryptogram
Zhijun Li S1034040/Autumn08/HIT 22
Outline
• Cryptography Overview
• Basic Terminology
• Goals of Cryptography
• Historical Review of Cryptology
Zhijun Li S1034040/Autumn08/HIT 23
Cryptanalysts
3000BC
monoalphabetics
900
al-Kindi - frequency analysis
Alberti – first polyalphabetic cipher
1460
Vigenère
1854
Babbage breaks Vigenère;Kasiski (1863) publishes
Cryptographers
Brief History-First 4000 Years
Zhijun Li S1034040/Autumn08/HIT 24
Cryptographers
Cryptanalysts
1854 1918
Mauborgne – one-time pad
Mechanical ciphers - Enigma
1939
Rejewski repeated message-key attack
Turing’s loop attacks, Colossus
Enigma adds rotors, stops repeated key
1945
Feistel block cipher, DES
Linear, Differential Cryptanalysis
?
1973
Public-Key
Quantum Crypto
1978
Brief History-Last 100 Years