![Page 1: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/1.jpg)
CSE484/CSEM584
ComputerSecuritySec4onWeek4:Cryptography
TA:ThomasCrosleytcrosley@cs
ThankstoFranziRoesnerandAdrianShamforpreviousslides
[Examples/ImagesthankstoWikipedia.]
![Page 2: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/2.jpg)
Administrivia
• Lab1Finalduenextweek(Friday4/29,8pm)• Today– FunHistoricalCiphers– CryptoReview– CryptoPrac4ce– CBC-MACIssue
![Page 3: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/3.jpg)
FunHistoricalCiphers
![Page 4: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/4.jpg)
CaesarCipher(ShiYCipher)
• PlaintextleZersare replacedwithleZers afixedshiYawayin thealphabet.
• Example:– Plaintext:The quick brown fox jumps over the lazy dog.– Key:ShiY3
ABCDEFGHIJKLMNOPQRSTUVWXYZDEFGHIJKLMNOPQRSTUVWXYZABC
– Ciphertext:WKHTX LFNEU RZQIR AMXPS VRYHU WKHOD CBGRJ
![Page 5: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/5.jpg)
CaesarCipher(ShiYCipher)
• ROT13:shiY13(encryp4onanddecryp4onaresymmetric)
• Whatisthekeyspace?– 26possibleshiYs.
• HowtoaZackshiYciphers?– Bruteforce.
![Page 6: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/6.jpg)
Subs4tu4onCipher
• SupersetofshiYciphers:eachleZerissubs4tutedforanotherone.
• Monoalphabe4csubs4tu4oncipher:fixedsubs4tu4onovertheen4remessage.
• Example:– Plaintext:ABCDEFGHIJKLMNOPQRSTUVWXYZ– Cipher:ZEBRASCDFGHIJKLMNOPQTUVWXY
![Page 7: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/7.jpg)
Subs4tu4onCipher
• Whatisthekeyspace?• HowtoaZack?– Frequencyanalysis.
Trigrams:1. the2. and3. tha4. ent5. ing
Bigrams:th 1.52% en 0.55% ng 0.18% he 1.28% ed 0.53% of 0.16% in 0.94% to 0.52% al 0.09% er 0.94% it 0.50% de 0.09% an 0.82% ou 0.50% se 0.08% re 0.68% ea 0.47% le 0.08% nd 0.63% hi 0.46% sa 0.06% at 0.59% is 0.46% si 0.05% on 0.57% or 0.43% ar 0.04% nt 0.56% ti 0.34% ve 0.04%ha 0.56% as 0.33% ra 0.04% es 0.56% te 0.27% ld 0.02% st 0.55% et 0.19% ur 0.02%
6. ion7. tio8. for 9. nde10. has
11. nce12. edt13. tis 14. oft15. sth
26!~=2^88
![Page 8: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/8.jpg)
Transposi4onCipher
• Ciphertextispermuta4onofplaintext.• Example:Routecipher– Plaintext:WE ARE DISCOVERED, FLEE AT ONCE– Arrangement:
W R I O R F E O EE E S V E L A N JA D C E D E T C X
– Key:“spiral inwards, clockwise, starting from top right”– Ciphertext:EJXCTEDECDAEWRIORFEONALEVSE
![Page 9: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/9.jpg)
Whatisthis?Scytale(usedbyancientGreeks/Spartans)
Howisitusedtodotransposi4on?1. Wrap2. Writehorizontally3. Encrypt=unwrap4. Decrypt=rewrap
![Page 10: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/10.jpg)
Transposi4on/Subs4tu4on
• Howtotellifciphertextwasencryptedusingsubs4tu4onortransposi4oncipher?– IfleZerfrequenciesarenormal,it’stransposi4on.
• Whathappensifyoucombinesubs4tu4onandtransposi4on?– Subs4tu4onpreventsanagramfinding,transposi4onpreventsdigram/trigramanalysis.
![Page 11: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/11.jpg)
VigenèreCipher(~1467)
• Polyalphabe4csubs4tu4oncipher:usemul4plesubs4tu4onalphabets.
• Example:– Plaintext: ATTACKATDAWN– Key: LEMONLEMONLE– Ciphertext: LXFOPVEFRNHR
• Encrypt:– (Key-Row,Msg-Col)– Orjustaddi4onmod26
![Page 12: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/12.jpg)
VigenèreCipher(~1467)
• Doesthisdefeatfrequencyanalysis?– Notifyouknowthelengthofthe(repea4ng)key(e.g.,ifkeylength=5,dofrequencyanalysisonsetofevery5thleZer).
– Evenifyoudon’tknowthekeylength,justiteratewithlength=1…nun4ldecryp4onlookssensible.
• Whatifthekeydoesn’trepeat(i.e.,lengthofkey>=lengthofplaintext)?– One-4mepad.(Samecaveats:fullyrandomkey,useonlyonce…)
![Page 13: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/13.jpg)
EnigmaMachineUsesrotors(subs4tu4oncipher)thatchangeposi4onaYereachkey.
Key=ini4alseqngofrotors
Keyspace?26^nfornrotors
![Page 14: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/14.jpg)
Steganography
• Hiddenmessages(securitythroughobscurity)
[Figurefrom“HideandSeek:AnIntroduc4ontoSteganography”byNielsProvosandPeterHoneyman]
![Page 15: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/15.jpg)
SecretMessagesinVideoGames
• Castle:programthatencodessecretmessagesinvideogamecommunica4ons– StonyBrookUniversity– AvoidingsurveillanceandfirewallsinChina– S4lllookslikeanormalgamefromtheoutside
• Encode:message->playermovements• Decode:playermovements->message
Source:hZp://www.wired.com/2015/04/app-hides-secret-messages-starcraY-style-games/
![Page 16: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/16.jpg)
CryptoReview
![Page 17: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/17.jpg)
FlavorsofCryptography
• Symmetriccryptography– Bothcommunica4ngpar4eshaveaccesstoasharedrandomstringK,calledthekey.
• Asymmetriccryptography– Eachpartycreatesapublickeypkandasecretkeysk.
![Page 18: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/18.jpg)
AchievingPrivacy(Symmetric)
![Page 19: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/19.jpg)
AchievingPrivacy(Asymmetric)
![Page 20: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/20.jpg)
Keyexchange
• Diffie-HellmanKeyAgreementalgorithm• RSAkeyexchangeprocess(Nextweek!)
hZps://technet.microsoY.com/en-us/library/cc962035.aspx
![Page 21: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/21.jpg)
AchievingIntegrity(Symmetric)
• Messageauthen4ca4onschemes:Atoolforprotec4ngintegrity.(Alsocalledmessageauthen4ca4oncodesorMACs)
![Page 22: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/22.jpg)
AchievingIntegrity(Asymmetric)
Digitalsignatureschemes:Atoolforprotec4ngintegrityandauthen4city.
![Page 23: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/23.jpg)
PseudoRandomNumberGenerator(PRNG)
• Algorithmforgenera4ngasequenceofnumberswhoseproper4esapproximatetheproper4esofsequencesofrandomnumbers.
• Inotherword,sortofrandom,butnotREALLY…
![Page 24: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/24.jpg)
CryptoPrac4ce
![Page 25: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/25.jpg)
Diffie-HelmanProtocol
• AliceandBobnevermeetandsharenosecret• Publicinfo:pandg– Pisalargeprime(publicinfo)– Gisagenerator(publicinfo)
• Alicesends->Bobgxmodp• Bobsends->Alicegymodp
• k=(gx)y=(gy)x=gxymodp(sharedsecret)
![Page 26: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/26.jpg)
DiffieHelmanPrac4ceProblem
• P=11• G=7• Alice’sPrivateKey(x=4)• Bob’sPrivateKey(y=8)
• Whatistheirsharedkey?
![Page 27: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/27.jpg)
Prac4ceProblemSolu4on
• Alicecomputes74mod11=3• Bobcomputes78mod11=9• Sharedsecretis38=94mod11=5
![Page 28: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/28.jpg)
CBC-MACProblem
Integritydoesnotworkherewithvariablelengthmessages
![Page 29: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/29.jpg)
![Page 30: Computer Security Secon Week 4: Cryptography · Secon Week 4: Cryptography TA: Thomas Crosley tcrosley@cs Thanks to Franzi Roesner and Adrian Sham for previous slides [Examples/Images](https://reader034.vdocuments.us/reader034/viewer/2022051604/5ffe76b3732c2b51e81bbee5/html5/thumbnails/30.jpg)
CBC-MACProblem
BC(MxorO)=T
BC(BC(MxorO)xor(MxorT))=BC(TxorMxorT)=B(M)=T