chapter 1 introduction to cryptography

8/10/2019 Chapter 1 Introduction to Cryptography

1/44

Chapter 1

Introduction to Cryptography

Dalilah AbdullahInformation Systems SectionMalaysian Institute of Information TechnologyUniversiti Kuala [email protected]

Owned by : Dr Shamsul Anuar Mokhtar
mailto:[email protected]:[email protected]


2/44

Slide no. 2

Introduction

Cryptography(or cryptology; derived from Greek krypts "hidden," and the verb grfo"write" or legein "to speak") is the study ofmessage secrecy.

In modern times, cryptography is considered to be abranch of both mathematicsand computerscience, and is affiliated closely with informationtheory, computer security, and engineering.

Cryptography is used in applications present intechnologically advanced societies; examples includethe security of ATM cards, computer passwords, andelectronic commerce, which all depend oncryptography.


3/44

Slide no. 3

Basic Concept

Encryptionis the process of converting ordinaryinformation (plaintext) into unintelligible gibberish(i.e, ciphertext).

Decryptionis the reverse, moving from

unintelligible ciphertext to plaintext.

P = D(E(P))


4/44

Dr. Shamsul Anuar Mokhtar Slide no. 4

Introduction

Before the modern era, cryptography was concernedsolely with message confidentiality.

In recent decades, the field has expanded beyondconfidentiality concerns to include techniques formessage integrity checking, sender/receiver identityauthentication, digital signatures, interactive proofs,and secure computation, amongst others.

The earliest forms of secret writing required littlemore than local pen and paper analogs, as mostpeople could not read.


5/44

Dr. Shamsul Anuar Mokhtar Cryptography Slide no. 5

Introduction

Cryptography has a long and fascinating history.

Cryptography can be traced from its initial and limiteduse by the Egyptians some 4000 years ago, to thetwentieth century where it played a crucial role in the

outcome of both world wars. Before the 1960s, the predominant practitioners of the

art were those associated with the military, thediplomatic service and government in general.

Cryptography was used as a tool to protect nationalsecrets and strategies.


6/44


Introduction

The proliferation of computers and communicationssystems in the 1960s brought with it a demand from theprivate sector for means to protect information in digitalform and to provide security services.

Beginning with the work of Feistel at IBM in the early1970s and culminating in 1977 with the adoption as aU.S. Federal Information Processing Standard forencrypting unclassified information, DES, the DataEncryption Standard, is the most well-known

cryptographic mechanism in history. It remains the standard means for securing electronic

commerce for many financial institutions around theworld.


7/44Dr. Shamsul Anuar Mokhtar Cryptography Slide no. 7

Introduction

The most striking development in the history ofcryptography came in 1976 when Diffie and Hellmanpublished New Directions in Cryptography (exchangekey).

This paper introduced the revolutionary concept ofpublic-key cryptography and also provided a new andingenious method for key exchange, the security ofwhich is based on the intractability of the discretelogarithm problem.

Although the authors had no practical realisation of apublic-key encryption scheme at the time, the idea wasclear and it generated extensive interest and activity inthe cryptographic community.



Introduction

In 1978 Rivest, Shamir, and Adleman discovered thefirst practical public-key encryption and signaturescheme, now referred to as RSA.

The RSA scheme is based on another hard mathematical

problem, the intractability of factoring large integers.This application of a hard mathematical problem tocryptography revitalised efforts to find more efficientmethods to factor.

The 1980s saw major advances in this area but nonewhich rendered the RSA system insecure.

Another class of powerful and practical public-keyschemes was found by El Gamal in 1985. These are alsobased on the discrete logarithm problem.



Introduction

One of the most significant contributions provided bypublic-key cryptography is the digital signature.

In 1991 the first international standard for digitalsignatures (ISO/IEC 9796) was adopted. It is based on

the RSA public-key scheme. In 1994 the U.S.Government adopted the Digital Signature Standard, amechanism based on the El Gamal public key scheme.

The search for new public-key schemes, improvementsto existing cryptographic mechanisms, and proofs ofsecurity continues at a rapid pace. Various standardsand infrastructures involving cryptography are being putin place. Security products are being developed toaddress the security needs of an information intensive

society.


10/44Dr. Shamsul Anuar Mokhtar Slide no. 10

The main classical cipher types are:

Transposition/permutation ciphers, whichrearrange the order of letters in a message (e.g.'help me' becomes 'ehpl em' in a trivially simplerearrangement scheme)

Substitution ciphers, which systematically replaceletters or groups of letters with other letters orgroups of letters (e.g., 'fly at once' becomes 'gmz bupodf' by replacing each letter with the one followingit in the alphabet).

Classical ciphers



Classical ciphers (contd.)

A scytale(rhymes with Italy) is a tool used toperform a transposition cipher, consisting of acylinder with a strip of leather wound around it onwhich is written a message.

The ancient Greeks, and the Spartans in particular,are said to have used this cipher to communicateduring military campaigns.
http://upload.wikimedia.org/wikipedia/commons/5/51/Skytale.png




In a columnar transposition, the message iswritten out in rows of a fixed length, and then readout again column by column, and the columns arechosen in some scrambled order.

Both the length of the rows and the permutation ofthe columns are usually defined by a keyword.



For example, the word ZEBRAS is of length 6 (so therows are of length 6), and the permutation is definedby the alphabetical order of the letters in thekeyword. In this case, the order would be "6 3 2 4 1

5". Suppose we use the keyword ZEBRAS and the

message WE ARE DISCOVERED. FLEE AT ONCE.

6 3 2 4 1 5

W E A R E DI S C O V E

R E D F L E

E A T O N C

E Q K J E U

EVLNE ACDTK ESEAQ ROFOJ DEECU WIREE




Classical ciphersCaesar cipher

A Caesar cipher is a type of substitution cipherinwhich each letter in the plaintext is replaced by aletter some fixed number of positions further downthe alphabet. For example, with a shift of 3, A would

be replaced by D, B would become E, and so on. Themethod is named after Julius Caesar, who used it tocommunicate with his generals.
http://upload.wikimedia.org/wikipedia/commons/2/2b/Caesar3.svg



Classical ciphersVignere cipher

TheVigenre cipheris a method of encryption thatuses a series of different Caesar ciphers based on theletters of a keyword. It is a simple form ofpolyalphabetic substitution.

The Vigenre cipher consists of several Caesarciphers in sequence with different shift values.

To encipher, a table of alphabets can be used,termed a tabula recta, Vigenre square, or Vigenretable. At different points in the encryption process,the cipher uses a different alphabet from one of therows. The alphabet used at each point depends on arepeating keyword.



Plaintext:ATTACKATDAWN

Key:

LEMONLEMONLE

Ciphertext:LXFOPVEFRNHR
http://upload.wikimedia.org/wikipedia/commons/c/c7/Vigenere-square.png



Classical ciphersone-time pad

The one-time pad (OTP)is an encryption algorithmwhere the plaintext is combined with a random keyor "pad" that is as long as the plaintext and used onlyonce.

If the key is truly random, never reused, and keptsecret, the one-time pad provides perfect secrecy.

The "pad" part of the name comes from earlyimplementations where the key material was

distributed as a pad of paper, so the top sheet couldbe easily torn off and destroyed after use.

The key is used with the Vigenre table.



Classical ciphersone-time pad
http://upload.wikimedia.org/wikipedia/commons/a/a9/OneTimePadExcerpt.agr.jpg



Classical ciphersVernam cipher

AVernam cipheris a stream cipher in which theplaintext is XORed with a random or pseudorandomstream of data the same length to generate theciphertext.

If the stream of data is truly random and used onlyonce, this is the one-time pad.



V E R N A M C I P H E R

21 4 17 13 0 12 2 8 15 7 4 17

76 48 16 82 44 03 58 11 60 05 48 88

97 52 33 95 44 15 60 19 75 12 52 105

19 0 7 17 18 15 8 19 23 12 0 1

T A H R S P I T X M A B

Plaintext

Numeric Eq.

+ Random Num.

= Sum

= mod 26

Ciphertext

VERNAM CIPHER TAHRSP ITXMAB

Example: Encode VERNAM CIPHER



Cryptanalysis

Cryptanalysis(from the Greek krypts, "hidden",and analein, "to loosen" or "to untie") is the study ofmethods for obtaining the meaning of encryptedinformation, without access to the secret information

which is normally required to do so. Typically, this involves finding the secret key. In non-

technical language, this is the practice ofcodebreaking or cracking the code, although these

phrases also have a specialised technical meaning.



Cryptanalysis (contd.)

The first known recordedexplanation ofcryptanalysis was given by9th century Muslim

polymath Abu Yusuf Yaqubibn Ishaq al-SabbahAl-KindiinA Manuscript onDeciphering CryptographicMessages.

This treatise includes adescription of the methodof frequency analysis.
http://upload.wikimedia.org/wikipedia/en/6/65/Al-kindi-cryptanalysis.png


23/44



A cryptanalysis can do any or all of six different things:

attempt to break a single message

attempt to recognise patterns in encrypted

messages, to be able to break subsequent ones byapplying a straightforward decryption algorithm

attempt to infer some meaning without evenbreaking the encryption, such as noticing an unusual

frequency of communication or determiningsomething by whether the communication was shortor long


24/44



attempt to deduce the key, in order to breaksubsequent messages easily

attempt to find weaknesses in the implementation orenvironment of use of encryption

attempt to find general weaknesses in an encryptionalgorithm, without necessarily having intercepted anymessages


25/44


Properties of Trustworthy Encryption Systems

It is based on sound mathematics.

It has been analysed by competent experts andfound to be sound.

It has stood the test of time.


26/44


Modern cryptographic basics

A cipher (or cypher) is a pair of algorithms whichperform this encryption and the reversing decryption.

The detailed operation of a cipher is controlled bothby the algorithm and, in each instance, by a key.

In modern cryptography, there are 3 types ofalgorithms commonly used today:

Symmetric encryption algorithms

Asymmetric encryption algorithms

Hashing algorithms


27/44


Confusion and diffusion

Confusionrefers to making the relationshipbetween the key and the ciphertext as complex andinvolved as possible. Substitution(a plaintextsymbol is replaced by another) has been identified as

a mechanism for primarily confusion. Diffusionrefers to the property that redundancy in

the statistics of the plaintext is "dissipated" in thestatistics of the ciphertext. Transposition

(rearranging the order of symbols) is a technique fordiffusion, although other mechanisms are also usedin modern practice, such as linear transformations(e.g. in Rijndael).


28/44


Confusion and diffusion (contd.)

Product ciphersuse alternating substitution andtransposition phases to achieve both confusion anddiffusion respectively.


29/44

Stream and block ciphers

Stream Cipher:

Converting one symbol of plaintext immediatelyinto a symbol of ciphertext

The transformation depends only on the symbol,the key and the control information of theencipherment algorithm

Example: All substitution cipher algorithms

Block Cipher: Encrypts a group of plaintext symbols as one block

In columnar transposition, the entire message istranslated as one block

Cryptography Slide no. 29


30/44


Stream and block ciphers

Stream ciphers convert one symbol of plaintextimmediately into a symbol of ciphertext.E.g.: Caesar cipher, Vernam cipher, Vigenere cipher


31/44


Stream and block ciphers (contd.)

Stream ciphers are often used in applications whereplaintext comes in quantities of unknowable lengthfor example, a secure wireless connection.

E.g. RC4, A5/1, A5/2, Chameleon, FISH, Helix,

ISAAC, MUGI, Panama, Phelix, Pike, SEAL, SOBER,SOBER-128 and WAKE.

A5/1 is a stream cipher used to provide over-the-aircommunication privacy in the GSM cellular telephonestandard. It was initially kept secret, but becamepublic knowledge through leaks and reverseengineering. A number of serious weaknesses in thecipher have been identified.


32/44



Block ciphers encrypts a group of plaintext symbolsas one block.E.g. Columnar transposition and other transpositions,many commercial ciphers, such as DES, AES, RSA,

etc.


33/44



Block ciphers


34/44

Comparison: Stream and Block Ciphers

Slide no. 34


35/44



Stream EncryptionAlgorithms

Block EncryptionAlgorithms

Advantages Speed oftransformation

Low errorpropagation

High diffusion

Immunity toinsertion ofsymbols

Disadvantages Low diffusion

Susceptibility tomalicious insertionsand modifications

Slowness of

encryption Error

propagation


36/44


Symmetric key algorithms

Symmetric encryption: uses same secret key toencipher and decipher message.

Encryption methods can be extremely efficient,requiring minimal processing.

The same key on both ends of the communication isused to encrypt and decrypt messages.

Both sender and receiver must possess encryption

key. If either copy of key is compromised, an intermediate

can decrypt and read messages.


37/44



38/44



39/44


Information Security and Cryptography

To introduce cryptography, an understanding of issuesrelated to information security in general is necessary.

Information security manifests itself in many waysaccording to the situation and requirement.

Regardless of who is involved, to one degree oranother, all parties to a transaction must haveconfidence that certain objectives associated withinformation security have been met.

Some of these objectives of cryptography are listed asfollows:


40/44



Privacy or confidentiality: keeping information secretfrom all but those who are authorised to see it.

Data integrity: ensuring information has not beenaltered by unauthorised or unknown means.

Entity authentication or identification: entityauthentication or identification (e.g., a person, acomputer terminal, a credit card, etc.).

Message authentication: corroborating the source of

information; also known as data origin authentication. Signature: a means to bind information to an entity.

Authorisation: conveyance, to another entity, ofofficial sanction to do or be something.


41/44



Validation: a means to provide timeliness ofauthorisation to use or manipulate information orresources.

Access control: restricting access to resources to

privileged entities. Certification: endorsement of information by a trusted

entity.

Timestamping: recording the time of creation or

existence of information. Witnessing: verifying the creation or existence of

information by an entity other than the creator.


42/44



Receipt: acknowledgement that information has beenreceived.

Confirmation: acknowledgement that services havebeen provided.

Ownership: a means to provide an entity with thelegal right to use or transfer a resource to others.

Anonymity:concealing the identity of an entityinvolved in some process.

Non-repudiation: preventing the denial of previouscommitments or actions.

Revocation: retraction of certification or authorisation.


43/44



Cryptography is not the only means of providinginformation security, but rather one set of techniques.

Over the centuries, an elaborate set of protocols andmechanisms has been created to deal with information

security issues when the information is conveyed byphysical documents.

Often the objectives of information security cannotsolely be achieved through mathematical algorithms andprotocols alone, but require procedural techniques and

abidance of laws to achieve the desired result.


44/44

Next chapter

Symmetric-Key Cryptography

Dr. Shamsul Anuar MokhtarInformation Systems SectionMalaysian Institute of Information TechnologyUniversiti Kuala Lumpur

chapter 1 introduction to cryptography

Documents