Applied Cryptology

1
Applied Cryptology The Science of Secrecy

• Dr. Victor Ralevich
• Sheridan Institute
• Credit for some of the slides goes to Dr. Richard
  J.Spillman

2
Basic Terminology

• Encryption
• Encryption key
• Plaintext Ciphertext
• Decryption
• Decryption key
• Ciphertext Plaintext
• Cipher Encryption algorithm

3
Cryptology

• Cryptology is the science of building and
  analyzing encryption-decryption methods.
• CRYPTOLOGY
• CRYPTOGRAPHY CRYPTOANALYSIS

4
Secure Systems
5
A Good Cipher

• The strength of the system should not lie in the
  secrecy of the algorithms.
• The strength of the system should only depend the
  secrecy of the key.

6
Cipher Evaluation

• We can never be sure that a cipher is secure.
• The best way to gain some confidence in a new
  cipher is to allow the security community to test
  it.

7
Cipher Classification
Ciphers
8
Classical Ciphers

• Further subdivisions

9
Substitution Ciphers

• General substitution algorithm permits the cipher
  alphabet to be any rearrangement of the plain
  alphabet.
• That gives
• 26! 403,291,461,126,605,635,584,000,000
• possible keys from which to choose.

10
Frequency Analysis

• Every letter of a given language has
  characteristics of its own such as
• Frequency of occurrence
• Relation to the other letters
• Position within words
• These and other similar characteristics are used
  to break substitution monoalphabetic ciphers by
  letter frequency analysis

11
Letter Frequency in English Language

• In order ETAONIRSHDLUCMPFYWGBVJKQXZ
• Four vowels A, E, I, O and four consonants N, R,
  S, T form 2/3 of the normal English plain text.

12
Word of Advice

• Note The longer texts are more likely to follow
  the standard frequencies, but it is not always
  the case.
• In 1969, the French author George Perec wrote La
  Disparation, a 200-page novel that did not use
  words that contain letter E.
• Gilbert Adair translated the novel in English
  respecting the same restriction.
• See also similar book Gadsby a story of over
  50,000 words without using the letter E by
  Ernest Vincent Wright

13
Polyalphabetic Ciphers

• Vigenères cipher

14
Vigenère Cipher

• Vigenères most important work was his Traicté
  des Chiffres (A Treatise on Secret Writing)
  published in 1586.
• Vigenères cipher is resistant to letter
  frequency analysis.

15
Vigenère Operation

• A keyword is selected and it is repeatedly
  written above the plaintext
• EXAMPLE using the keyword hold

KEY
ciphertext
16
Breaking Vigenères Cipher

• In 1863, a Polish Infantry officer, Friedrich W.
  Kasiski, published a short book which changed the
  nature of cryptography. He noticed that

So, the size of the keyword can be determined by
the nature of repeated ciphertext character
strings.
17
Shannon Criteria

• Claude Shannon (in the late 1940s) defined
  additional design criteria for ciphers
• Confusion cipher should hide local patterns in
  language from an attacker.
• Diffusion cipher should mix around different
  parts of the plaintext, so that nothing is left
  in its original position.

18
Computer Based Ciphers
19
Security Requirements

• Confidentiality
• Protection from disclosure to unauthorised
  persons
• Integrity
• Maintaining data consistency
• Authentication
• Assurance of identity of person or originator of
  data
• Non-repudiation
• Originator of communications cant deny it later

20
Binary Numbers

• Data in computer systems is stored, processed,
  and transmitted in binary form (as 0s and 1s)
• All numerical values are represented and
  manipulated as binary numbers

21
Characters

• There is no natural way to express characters (as
  there is with numbers) so computer manufactures
  have developed standard codes such as ASCII and
  UNICODE.
• ASCII assigns 8 bits per character
  28 226 characters
• UNICODE assigns 16 bits per character 216
  65536 different characters

22
Symmetric Key Ciphers

• Stream Ciphers
• Block Ciphers

23
Symmetric Ciphers

• Encryption Transmission
  Decryption
• Symmetric Encryption Scheme
• The same key is used for both encryption and
  decryption.

24
Bit Level Ciphers

• Using computers, ciphers are implemented at the
  bit level. We can now substitute or transpose 0s
  and 1s
• The problem is, how can we seem to randomly
  change bits and yet still be able to recover the
  plaintext?
• To do this we use the exclusive-OR (XOR) binary
  function

25
XOR Function
26
Simple Stream Cipher
ciphertext
27
Some Stream Ciphers

• RC4
• Pike
• SOBER-128
• SEAL (Software-Optimized Encryption Algorithm)
• Turing
• A5/1 and A5/2

28
Block Ciphers
29
Block Cipher

• Todays most widely used ciphers
• Define a block of computer bits which represent
  several characters
• Encipher the complete block at one time

Algorithm
30
Electronic Code Book

• Simplest mode of operation
• each block is enciphered into a ciphertext block
  using one key

Problem if Mi Mj then Ci Cj
31
Cipher Block Chaining

• The input to each block stage is the current
  block XOR-ed with the previous stage cipher block

32
Some Block Ciphers

• AES
• DES (obsolete)
• IDEA
• Blowfish
• Skipjack
• RC5
• RC6
• Twofish

33
Asymmetric Key Ciphers
34
Cipher Classification
Ciphers
Asymmetric ciphers have twodifferent keys one
to encipherand one to decipher
35
Public Key Ciphers

• They are usually based on number theory rather
  than substitution or permutation operations
• There are two different keys
• one for encryption, and
• one for decryption
• Knowing one key cannot compromise the other

36
Public Key Transaction

• Asymmetric algorithms use matched public/private
  key pairs

37
RSA

• Named after researchers at MIT who developed the
  cipher
• Rivest Shamir Adleman Cipher(1978)

38
RSA Key Generation

• Select two 100 digit (or more) prime numbers, p
  and q
• Multiply them to obtain n pq
• Select another number d such that
  gcd(d, (p-1)(q-1)) 1 (relatively prime)
• Find integer e such that
  ed 1 mod ((p-1)(q-1))
• Par (e, n) is public key, and pair (d, n) is
  private key.

39
RSA Encryption

• Divide the message into blocks M all of the same
  size x. The bit string M can be viewed as an x
  digit binary number.
• Calculate ciphertext as
• C Me mod n
• Remember (e, n) is public key (so anyone can do
  this)

40
RSA Decryption

• To obtain plaintext form ciphertext calculate
• Cd (Me)d M1 mod n
• Remember d is private and remains private .
• To find d you must discover p and q but the only
  way to do that is to factor n

41
Aside Characters to Numbers

• Process to translate a collection of characters
  to a number
• convert the characters to ASCII
• treat the ASCII code like a binary number and
  convert it to decimal

it
26996
42
Aside Numbers to Characters

• Process to translate a number to a collection
  of characters
• convert the number to binary
• treat the binary number like an ASCII code

26995
43
RSA Example

• Select p and q to be two digit primes p 41, q
  53
• Then n pq 2173 and (p-1)(q-1) 4052
  2080
• Select any d between 54 and 2079 which does not
  share any factors with 2080, say d 623
• Now, compute e so that ed 1 mod 2080
• It turns out that e 207 works since 207623
  128961 which when divided by 2080 leaves a
  remainder of 1

44
Message

• Now we need to divide the message into blocks of
  bits
• RULE find the highest power of 2 less than n
• In our case, n 2173 and 211 2048 but 212
  4096
• So, divide the plaintext into blocks of 11 bits
• Encrypt the message JABBERWOCKY

01011010 01000001 01000010 01000010
01000101 01010010 01010111 01001111 01000011
01001011 01011001
45
Blocks

• The 11 bit blocks and their decimal equivalent
  are

binary decimal 01011010010
722 00001010000 80 10010000100
1156 10001010101 1109 00100101011
299 10100111101 1341 00001101001
105 01101011001 857
This represents the 8 message blocks, m1 through
m8 which will be transformed into 8 ciphertext
blocks c1 through c8
46
Ciphertext

• Public key is (e, n) (207, 2173) and the
  ciphertext is generated by

722207 1794 c1 mod 2173 80207 1963 c2
mod 2173 1156207 1150 c3 mod 2173 1109207
702 c4 mod 2173 299207 145 c5 mod
2173 1342207 593 c6 mod 2173 105207 2013
c7 mod 2173 857207 1861 c8 mod 2173
So the transmitted message is 1794 1963 1150
702 145 593 2013 1861
47
Decipher

• To decipher the message use private key
  (d, n) (623, 2173)

1794623 722 m1 mod 2173 1963623 80 m2
mod 2173 1150623 1156 m3 mod 2173 702623
1109 m4 mod 2173 145623 299 m5 mod 2173
593623 1341 m6 mod 2173 2013623 105 m7
mod 2173 1861623 857 m8 mod 2173
Convert these numbers back to binary, the binary
back to characters and the plaintext message
reappears
48
RSA Performance

• Key generation is slow
• Ciphertext generation is about 1000 times slower
  than AES (standard for symmetric block cipher)
• Often times, RSA is used to protect session keys
  which are used with AES

49
Symmetric Session Key

• Sender Recipient

50
Factoring Algorithm

• Strength of RSA is entirely based on difficulty
  of prime factoring of large integers.
• PROBLEM How to decompose a large integer into
  its prime factors? For example
• The largest known prime number today is 7,816,230
  digit Mersenne prime 225964951 1

7105593510097261
51
RSA Challenge

• In December 1977, the challenge was given to
  break RSA-129 where
• n (RSA-129) 1 1438 1625 7578 8886 7669 2357
  7997 6146 6120 1021 8296 7212 4236 2562 5618 4293
  5706 9352 4573 3897 8305 9712 3563 9587 0505 8989
  0751 4759 9290 0268 7954 3541
• e 9007
• The best known algorithm at the time would have
  required 40,000 trillion years if multiplications
  of 129 digit numbers could run as fast as 1 ns

52
Challenge Met

• It only took 17 years

Derek Atkins (April 1994) announced that
RSA-129 3490 5295 1084 7650 9491 4784 9619
9038 9813 3417 7646 3849 3387 8439 9082 0577 3
2769 1329 9326 6709 5499 6198 8190 8344 6141 3177
6429 6799 2942 5397 9828 8533
53
Process

• When August 1993 - 1 April 1994, 8 months
• Who D. Atkins, M. Graff, A. K. Lenstra, P.
  Leyland
• 600 volunteers from the entire world
• How 1600 computers
• from Cray C90, through 16 MHz PC, to fax machines

Now, RSA-155 has been broken as well, so the
newstandard for keys is 231 digits
54
Other Public Key Systems

• ElGamal Cipher It relies on the difficulty of
  solving the discrete logarithm problem
• b ax mod p,
• by finding integer x if p is prime, a and b
  are integers.
• Elliptic Curve Cipher

55
Further Readings

• Richard J. Spillman Classical and Contemporary
  Cryptology, Prentice Hall, 2005
• Richard J. Spillman Lecture notes for
  Cryptology course, Pacific Lutheran University
• Bruce Scheneier Applied Cryptography,
  J.WileySons, 1996
• Simon Singh Code Book, Anchor, 2000
• Prime Pages (http//www.utm.edu/research/primes/)
• And many more .

56
Thats All Thanks!

• Questions?