Outline - PowerPoint PPT Presentation

About This Presentation
Title:

Outline

Description:

Mono-alphabetic ciphers: Caesar cipher. Poly-alphabetic ciphers: multiple alphabets ... In IE, Netscape, Notes, SSH Secure Shell, Quicken, etc. Proposed in 1977 by ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 38
Provided by: DrBetty3
Learn more at: http://www.cse.msu.edu
Category:
Tags: outline | quicken

less

Transcript and Presenter's Notes

Title: Outline


1
Outline
  • Brief review
  • Mainstream crypto-algorithms
  • Symmetric encryption algorithms
  • DES
  • Asymmetric encryption algorithms
  • RSA
  • Merkle-Hellman
  • Other crypto-related techniques
  • Digital signature
  • Digital certificate

2
Acknowledgements
  • Charles Pfleedger
  • E. Spafford
  • William A. Stein
  • FOLDOC
  • Sunit Chauhan
  • Jim Xu, et al.
  • Shawn Hillis

3
Brief Review
  • Basic Concepts
  • Encryption
  • Crypto-system
  • Symmetric / asymmetric encryption
  • Cryptographer / crypto-analyst
  • Crypto-analysis
  • Breakability

4
Brief Review contd
  • Stream ciphers
  • Substitution-based ciphers
  • Mono-alphabetic ciphers Caesar cipher
  • Poly-alphabetic ciphers multiple alphabets
  • Strengths
  • Simple
  • Fast
  • Low error propagation rate
  • Weaknesses
  • Sustainable to frequency-based attacks
  • Sustainable to pattern-based attacks

5
Brief Review contd
  • Block ciphers
  • Transposition
  • Columnar transposition
  • Double transposition
  • Fractionated transposition
  • Strengths
  • Good diffusion, immune to pattern-based attacks
  • Weaknesses
  • Slow
  • Error propagation rate

6
Secure Encryption Systems
  • Weaknesses of stream and block ciphers
  • Can be manually broken, although tedious
  • We will introduce
  • some hard encryption algorithms
  • Review 3 key, important encryption algs
  • DES, RSA, M-H
  • Look at cryptography related techniques

7
Sym vs Asym Encryption Algorithms
  • Symmetric encryption algorithm
  • Encryption key decryption key
  • DES
  • Asymmetric algorithms
  • Encryption key ! decryption key
  • Basis of public-key encryption algorithms
  • RSA, M-H,

8
Data Encryption Standard (DES)
  • Based on Shannons theory of information secrecy
  • Confusion info is changed so that output bits
    have no obvious relation to input bits
  • Diffusion spread the effect of one plaintext
    bits to other cipher-text bits.
  • History of DES
  • Developed by US govt for general public use (by
    National Institute of Standards and Technologies)
  • Milestones 1972(CFP) - 1975(IBM) 1976(NIST)
    2001(AES)
  • Cracked in 1999
  • 56-bit key, Cracked in 22 hours 15 min (1999)
  • Extensions of DES
  • Triple-DES, length of key extends to 563
  • AES, 128, 192, or 256-bit key (2001)

9
DES contd
  • Overview of DES
  • Repeats 16 cycles of
  • substitution, for confusion
  • transposition, for diffusion
  • Splits data block into 2 pieces
  • Scrambles each half independently
  • Combines key with one half
  • (key is transformed during each cycle)
  • Swap 2 halves
  • Repeat 16 times.

10
DES contd
  • Overview of DES contd

substitution
transposition
16x
function F
initial phase
Plaintext(64bits)
inverse initial phase
Cipher-text
Shawn Hillis
11
DES contd
NPS.Navy
12
One Cycle in DES
Permuted Data
New Left Half (Old Right Half)
Pfleeger97
13
DES contd
  • Evaluation
  • Strengths include
  • fast
  • simple
  • standard
  • Weaknesses include
  • weak keys, length of key is only 56bit
  • number of iterations, only 16
  • NSA involvement, trapdoor?

14
Public Key Systems (PKS)
  • Traditional key system (symmetric enc system)
  • Need a key for every pair of users
  • N(N-1)/2 keys, grows exponentially with users
  • Each user has to keep track of many keys
  • Public key systems (asymmetric enc system)
  • Each user only has 2 keys public and private key
  • MD(kPRIV,E(kPUB,M))
  • Solid mathematical basis one way functions
  • E M x Ke -gt C and DE-1 C x Kd -gt M
  • Easy for Kd-holders to compute D, while difficult
    for others
  • May publish the public key freely
  • others can ally encrypt mesgs for A with As
    public key

15
Some Hard theories
  • Computational complexity
  • Is number of steps or arithmetic operations
    required to solve a computational problem
  • Polynomial time
  • NP, Non-deterministic polynomial time
  • NP-hard
  • NP-complete
  • Satisfaction problem
  • Hamiltons problem
  • Cryptographers try to
  • find encryption algorithms that would require
    NP-complete algorithms to decrypt

16
Some Hard theories contd
  • Basic number theory
  • Prime factorization
  • Primes
  • 1p, pp, no other factors
  • Euclids algorithm
  • The unsolved prime factorization problem problem
  • Is there an algorithm which can factor any
    k-digit number n so quickly that its running
    time is bound by a polynomial function of k
  • Modular Arithmetic
  • a b mod N iff N(a-b)
  • Inverses

William A. Stein
17
Example PKS
  • Rivest-Shamir-Adelman (RSA)
  • Based on number theory
  • Suspected to be NP-complete, not proven
  • Merkle-Hellman
  • Based on knapsack problem
  • Proven to be NP-complete

18
RSA
  • The most widely used enc and auth algorithm
  • In IE, Netscape, Notes, SSH Secure Shell,
    Quicken, etc.
  • Proposed in 1977 by
  • Ronald L. Rivest, MIT, now in MIT
  • Adi Shamir, MIT, now in Weizmann Institute
  • Leonard Adleman, MIT, now in USC
  • Now owned by RSA Security

19
RSA contd
  • Based on prime factorization problem
  • How RSA works
  • Create public/private keys
  • Pick large prime numbers p and q, let npq
  • Let
  • all the numbers that is co-prime with n form a
    group, and the size of that group is (p-1)(q-1)
  • Select e, s.t.
  • Solve equation, get d,
  • Public key is (n,e), private key is (n,d)

William A. Stein
20
RSA contd
  • How RSA works contd
  • Encrypt/decrypt messages
  • Encode a phrase into a number
  • state 19 2027 1272 20273 5274
  • E(x) xe (mod n)
  • D(x) xd (mod n)
  • Preposition n,d,e are integers, n is
    square-free, for each pn, p-1de-1, then, for
    all a, ade a mod n
  • D(E(m)) (me mod n)d mod n med mod n
  • m mod n m

William A. Stein
21
RSA contd
  • Example
  • Let p17, q19, n 323
  • Let e 95
  • Solve 95x1 mod 288, d191
  • E(m) m95 mod n
  • D(c) c191 mod n
  • Suppose we have string x, which is 24
  • E(x) E(24) 2495 mod 323 294
  • D(294) 294191 mod 323 24 x

William A. Stein
22
RSA contd
  • Why is it hard to break RSA?
  • Keep secret, if you wanna get d, you have
    to factorized n into p and q
  • RSA challenge
  • http//www.rsasecurity.com/rsalabs/challenges/fact
    oring/numbers.html
  • 8 challenges
  • Problem 576 2048 digits
  • Prizes 10k to 200k dollars

William A. Stein
23
RSA contd
  • Evaluation
  • Strengths
  • Algorithm is simple and easy to implement
  • Supported by RSA Security
  • Weaknesses
  • Problem not yet proved to be NP-Complete
  • Slower than DES

24
Merkle-Hellman
  • Knapsack problem
  • Set of positive integers
  • Target sum
  • Find subset of integers that equal the target
  • Proven to be NP-complete.
  • Encode binary mesg as soln to knapsack problem
  • Plaintext 0s and 1s
  • By adding terms corresponding to 1s in plaintext,
    we can reduce cipher-text to target sum

25
Merkle-Hellman contd
  • Super-increasing sequence
  • Each integer is greater than sum of all preceding
    integers
  • ak gt Sj1k-1 aj
  • Solution of super-increasing knapsack (e.g.,
    simple knapsack) is easy to find, and unique
  • Convert simple knapsack into Hard knapsack
  • Pick super-increasing sequence S of m integers
  • S s1, s2,.., sm
  • Choose multiplier w and modulus n, n gt Sj1m-1 si
  • Choose n to be prime
  • Replace every sj in simple knapsack with term
  • hi w si mod n
  • Hard knapsack H h1, h2,.., hm

26
Merkle-Hellman - contd
  • Merkle-Hellman is Public key cryptosystem
  • Each user has public key
  • Set of integers of a knapsack problem
  • Each user has private key
  • Set of integers for corresponding superincreasing
    knapsack
  • Contribution design of technique to convert
    super-increasing knapsack into a regular one.
  • Change numbers in non-obvious, reversible way.

27
Merkle-Hellman - contd
  • Encryption alg starts with binary message
  • P p1, p2,.., pk
  • Divide message into blocks of m bits,
  • P0 p1, p2,.., pm, P1 p1, p2,.., p2m,
  • Value of m is number of terms in simple or hard
    knapsack
  • Encipherment of message P is sequence of targets
  • Each target is sum of some of the terms of the
    hard knapsack H
  • Terms selected correspond to 1 bits in Pi,
  • Pi serves as selection vector for elts of H
  • Each term of ciphertext is Pi H

28
Merkle-Hellman - contd
  • Decryption
  • Legitimate recipient knows simple knapsack and
    values of w and n
  • H w S mod n
  • C H P w S P mod n
  • To decipher, multiply C by w-1
  • w-1 C w-1 H P w-1 w S P S P
    mod n
  • Weaknesses
  • How easy is it to determine w or n from H?

29
Merkle-Hellman contd
  • Example
  • S 1,2,4,9 H 15,13,9,16,
  • w 15, n 17, m 4 hi w si mod n
  • P 0100101110100101
  • Encode with H as follows
  • P 0100 1011 1010 0101
  • 0,1,0,0 15,13,9,16 13
  • 1,0,1,1 15,13,9,16 40
  • 1,0,1,0 15,13,9,16 24
  • 0,1,0,1 15,13,9,16 29
  • Encrypted message as integers 13,40,24,29,
  • Public knapsack H 15,13,9,16

30
Evaluation of PKS
  • Strengths
  • Harder to break
  • Easier to manage keys
  • Weaknesses
  • Slower
  • Dependent upon NP-computational theory

31
Crypto-related Techniques
  • Digital signatures
  • Digital certificates

32
Digital Signatures
  • Digital signature proves integrity of message
  • by signing the message using PK techniques
  • How digital signatures work?
  • The sender
  • sends M, SE(hash(M), private)
  • Message digest functions
  • MD2, MD4, and MD5 from RSA Security
  • SHA and SHA-1 from US government
  • The receiver
  • compares E(S, public) with hash(M)
  • M is considered genuine if they match

Jim Xu, et al.
33
Digital Signatures contd
  • Assumption
  • it is very rare that two different messages have
    the same digest

34
Digital Certificates
  • Digital certificates are
  • frameworks for identification information, and
    bind identities with public keys
  • Digital certificates provide foundation for
  • identification
  • authentication
  • non-repudiation

Sunit Chauhan
35
Digital Certificates contd
  • How digital certificates work?
  • Let a third party, trusted by both sender and
    receiver, prove the binding of sender and its
    public key.
  • Need a hierarchy of trusted certificate
    authorities (CAs)
  • Everybody trust root CA
  • Root CA prove the trustworthiness of a hierarchy
    of other CAs

36
Digital Certificates contd
  • Example digital certificate
  • X509 v3 certificate format
  • Version
  • Certificate Serial Number
  • Signature Algorithm Identifier
  • Issuer Name
  • Validity Period
  • Subject Name
  • Subject Public Key Information
  • Optional Fields
  • Chauhan

37
Summary
  • Symmetric-key encryption algorithms
  • DES
  • Public-key encryption algorithms
  • RSA, Merkel-Hellman
  • PKS based techniques
  • Digital signature
  • Digital certificate
Write a Comment
User Comments (0)
About PowerShow.com