Title: Cryptography

Instructor: Dr. Yanqing ZhangPresented by: Jiangling, Yin

Department of Computer Science

Georgia State University

CSC 8320 Advanced Operating Systems

Outline Introduction & Motivation

What is cryptography and why it is necessary?

Modern cryptography1. Private Key Cryptosystem2. Public Key Cryptosystem3. Comparison of Cryptographic Systems

Future work

A Simple Example

Suppose two lovers try to meet at a certain place. And the girl sends the information to the boy:

meet me at ###

A Simple Example

Instead of sending the intelligible message to the boy, the girl plays a trick and change the information.

phhw ph dw fv ghvduwphqw

meet me at ###

A Simple Example

The boy receives the girl’s message and thinking….

phhw ph dw fv ghvduwphqw

???

A Simple Example

If the boy happens to know Cryptography, and he may do following things…

phhw ph dw fv ghvduwphqw

meet me at CS department

!!!!!

A Simple Example

Finally….

Meet at CS department

VWXSLW

What is VWXSLW ?

????

So, What Is Cryptography

To make thing hard to understand if you don’t know the behind principles…

To convert intelligible information into unintelligible.

To hidden information.

9

Application Model of Cryptography

B and A (lovers!) want to communicate “securely”

C (intruder) may intercept, delete, add messages

securesender

securereceiver

channel data, control messages

data data

A B

C

10

Who Might B, A be?

Distributing OS authenticated principals

Web browser/server for electronic transactions (e.g., on-line purchases)

on-line banking client/server

DNS servers

routers exchanging routing table updates

11

The Language of Cryptography

m plaintext messageKA(m) ciphertext, encrypted with key KA

m = KB(KA(m))

plaintext plaintextciphertext

KA

encryptionalgorithm

decryption algorithm

A’s encryptionkey

B’s decryptionkey

KB

12

Mapping Language Into The Example

Encryption (decryption) algorithm : substitute one letter for another

Plaintext: meet me at CS department Ciphertext: phhw ph dw fv ghvduwphqw

Key: the mapping from the set of 26 letters to the set of 26 letters

Private & Public Key Cryptosystems

Symmetric key cryptography: && are identical.The keys must be kept secret. The encryption and decryption functions used can be the

same or different.Public key cryptography:

&& are different (one public, the other private).

plaintext plaintextciphertext

KA

encryptionalgorithm

decryption algorithm

A’s encryptionkey

B’s decryptionkey

KB

AK KB

AK KB

Symmetric Key Cryptography: Examples

Examples:ROT13: Very simple rotation algorithmCaesar cipher: Another (better) rotation algorithmcrypt: Original Unix encryption programDES: Data Encryption Standard [NIST 1993]AES: Advanced Encryption Standard Skipjack: U.S. National Security Agency developed

algorithm (classified)

DES: Data Encryption StandardIn 1997 DES was cracked in only 140 days by

a team In 1999 DES was cracked in little over 22

hours by a network of volunteers and special purpose computer.

Symmetric Key Cryptography: Key Issues

How do sender and receiver agree on key value?

How is the agreed upon key distributed to both sender and receiver in a secure fashion?

plaintextciphertext

KA-B

encryptionalgorithm

decryption algorithm

KA-B

plaintextmessage, m

K (m)A-B

K (m)A-Bm = K ( )

A-B

Public Key Encryption

Diffie-Hellman 1976: the first public key approach proposed.

Sender and receiver do not share secret key

Public key is available to every onePrivate key is known by only receiver

17

Public key cryptography

plaintextmessage, m

ciphertextencryptionalgorithm

decryption algorithm

B’s public key

plaintextmessage

K (m)B+

K B+

B’s privatekey

K B-

m = K (K (m))B+

B-

18

Public key encryption algorithms

need K ( ) and K ( ) such thatB B. .

given public key K , it should be impossible to compute private key K B

B

Requirements:

1

2

RSA: Rivest, Shamir, Adelson algorithm

+ -

K (K (m)) = m BB

- +

+

-

19

RSA: Creating public/private key pair

1. Choose two large prime numbers p, q. (e.g., 1024 bits each)

2. Compute n = pq, z = (p-1)(q-1)

3. Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”).

4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ).

5. Public key is (n,e). Private key is (n,d).

K B+ K B

-

20

RSA: Encryption, decryption

0. Given (n,e) and (n,d) as computed above

1. To encrypt message m (<n), compute

c = m mod n

e

2. To decrypt received bit pattern, c, compute

m = c mod n

d

m = (m mod n)

e mod n

dMagichappens!

c

21

RSA example:

Bob chooses p=5, q=7. Then n=35, z=24.e=5 (so e, z relatively prime).d=29 (so ed-1 exactly divisible by z).

bit pattern m me c = m mod ne

00001100 12 24832 17

c m = c mod nd

17 481968572106750915091411825223071697 12

cd

encrypt:

decrypt:

Encrypting 8-bit messages.

22

Why does RSA work?

Must show that cd mod n = m where c = me mod n

Fact: for any x and y: xy mod n = x(y mod z) mod n where n= pq and z = (p-1)(q-1)

Thus, cd mod n = (me mod n)d mod n

= med mod n = m(ed mod z) mod n = m1 mod n = m

Comparison of Cryptographic Systems

With suitable keys and algorithms, both methods can be secure enough for most purposes.

To use symmetric cryptography, both parties must know the secret key, which can be quite inconvenient.

To use public key cryptography, one only needs to find the public key to communicate with someone else, which can be a lot more convenient.

Encrypting and decrypting a lot of information with public key cryptography can be painfully slow in comparison to symmetric cryptography.

1. KEY security is very important.2. Cryptography based on Image or

watermarking 3. Application in wireless environment.

Ongoing / Future Work --- key security

Quantum Cryptography

Apply the phenomena of quantum physics

Relies onThe Heisenberg Uncertainty principle The principle of photon polarization

Mehrdad S. Sharbaf,” Quantum Cryptography: A New Generation of Information Technology Sec urity System”, 2009 IEEE[2]. Mehrdad S. Sharbaf,” Quantum Cryptography: A New Generation of Information Technology Sec urity System”, 2009 IEEE

Quantum Cryptography (contd.)Why Quantum Cryptography is secure?

when measuring the polarization of a photon, the choice of what direction to measure affects all subsequences measurements.

photons can be easily polarized (by photon polarization principle)

intruder can not copy unknown qubits (no-cloning theorem).presence of the intruder can be determined

Harvard, and Boston University built the DARPA quantum network, the world’s first network that delivers end-to-end network security via highspeed quantum key distribution, and tested that network against sophisticated eavesdropping attacks.

Cryptography Based on Watermarking

International Journal of Computer Science and Security (IJCSS), Volume (1) : Issue (3), 2011

Sonal Chugh & Mr. Rajesh Malik, Quality Improvement of Grey Scale and Color Images Using Cryptography and Robust Watermarking, International Journal of Computer Science and Security (IJCSS), Volume (1) : Issue (3), 2011

Application in wireless environmentUser authentication is a crucial service in

wireless sensor networks (WSNs) wireless sensor nodes are typically deployed

in an unattended environment, leaving them open to possible hostile network attack.

However, wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment.Yeh, H.-L.; Chen, T.-H.; Liu, P.-C.; Kim, T.-H.; Wei, H.-W. A Secured

Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography. Sensors 2011, 11, 4767-4779.

Cryptography toolkithttp://nsfsecurity.pr.erau.edu/crypto/generich

ash.htmlhttp://ats.oka.nu/titaniumcore/js/crypto/Ciphe

r.sample.htmlhttp://www.privacycrypt.com/https://www.dlitz.net/software/pycrypto/

TRY…