Cryptography

1
Cryptography
2
What is cryptography?

• kryptos hidden
• grafo write
• Keeping messages secret
• Usually by making the message unintelligible to
  anyone that intercepts it

3
The Problem
Private Message
Bob
Alice
Eavesdropping
Eve
4
The Solution
Private Message
Private Message
Encryption
Decryption
Scrambled Message
Bob
Alice
Eavesdropping
Eve
5
What do we need?

• Bob and Alice want to be able to encrypt/decrypt
  easily
• But no one else should be able to decrypt
• How do we do this?
• Keys!

6
Using Keys
Nonsense
Decryption
Encryption
Ciphertext
Plaintext
Plaintext
7
The Shift Cipher

• We shift each letter over by a certain amount

Plaintext
five red balloons
f 3 I i 3 L v 3 Y
Key 3
Encryption
Ciphertext
ILYH UHG EDOORRQV
8
The Shift Cipher cont.

• To decrypt, we just subtract the key

Ciphertext
ILYH UHG EDOORRQV
I - 3 f L - 3 i Y - 3 v
Key 3
Decryption
five red balloons
Plaintext
9
Whats wrong with the shift cipher?

• Not enough keys!
• If we shift a letter 26 times, we get the same
  letter back
• A shift of 27 is the same as a shift of 1, etc.
• So we only have 25 keys (1 to 25)
• Eve just tries every key until she finds the
  right one

10
The Substitution Cipher
Plaintext
Ciphertext

• Rather than having a fixed shift, change every
  plaintext letter to an arbitrary ciphertext
  letter

11
The Substitution Cipher cont.
Plaintext
five red balloons
Key
f A i L v R
Encryption
ALRD HDS XGOOYYBW
Ciphertext
12
The Substitution Cipher cont.

• To decrypt we just look up the ciphertext letter
  in the table and then write down the matching
  plaintext letter
• How many keys do we have now?
• A key is just a permutation of the letters of the
  alphabet
• There are 26! permutations
• 403291461126605635584000000

13
Frequency Analysis

• In English (or any language) certain letters are
  used more often than others
• If we look at a ciphertext, certain ciphertext
  letters are going to appear more often than
  others
• It would be a good guess that the letters that
  occur most often in the ciphertext are actually
  the most common English letters

14
Letter Frequency

• This is the letter frequency for English
• The most common letter is e by a large margin,
  followed by t, a, and o
• J, q, x, and z hardly occur at all

15
Frequency Analysis in Practice

• Suppose this is our ciphertext
• dq lqwurgxfwlrq wr frpsxwlqj surylglqj d eurdg
  vxuyhb ri wkh glvflsolqh dqg dq lqwurgxfwlrq wr
  surjudpplqj. vxuyhb wrslfv zloo eh fkrvhq iurp
  ruljlqv ri frpsxwhuv, gdwd uhsuhvhqwdwlrq dqg
  vwrudjh, errohdq dojheud, gljlwdo orjlf jdwhv,
  frpsxwhu dufklwhfwxuh, dvvhpeohuv dqg frpslohuv,
  rshudwlqj vbvwhpv, qhwzrunv dqg wkh lqwhuqhw,
  wkhrulhv ri frpsxwdwlrq, dqg duwlilfldo
  lqwhooljhqfh.

16
Ciphertext distribution
English distribution
In our ciphertext we have one letter that occurs
more often than any other (h), and 6 that occur a
good deal more than any others (d, l, q, r, u,
and w) There is a good chance that h corresponds
to e, and d, l, q, r, u, and w correspond to the
6 next most common English letters
17
Frequency Analysis cont.

• If we replace e with h and the 6 next most
  common letters with their matches, the ciphertext
  becomes
• an intro???tion to ?o?p?tin? pro?i?in? a ?roa?
  ??r?e? o? t?e ?i??ip?ine an? an intro???tion to
  pro?ra??in?. ??r?e? topi?? ?i?? ?e ??o?en ?ro?
  ori?in? o? ?o?p?ter?, ?ata repre?entation an?
  ?tora?e, ?oo?ean a??e?ra, ?i?ita? ?o?i? ?ate?,
  ?o?p?ter ar??ite?t?re, a??e???er? an? ?o?pi?er?,
  operatin? ???te??, net?or?? an? t?e internet,
  t?eorie? o? ?o?p?tation, an? arti?i?ia?
  inte??i?en?e.

18
Classical to Modern Cryptography

• Classical cryptography
• Everything up until around WWII
• Encryption/decryption done by hand
• Modern cryptography
• Computers to encrypt and decrypt
• Same principles, but automation allows ciphers to
  become much more complex

19
The Enigma Machine

• German encryption and decryption machine used in
  WWII
• Essentially a complex, automated substitution
  cipher

20
How did Enigma work?

• Rotors have different wiring connecting input to
  output
• Rotors move after each keypress
• The key is the initial position of the three
  rotors

21
Breaking the Enigma

• Britain set up its cryptanalysis team in
  Bletchley Park
• They consistently broke German codes throughout
  the war
• Provided the intelligence codenamed ULTRA
• Important location in the history of computing
• Alan Turing
• COLOSSUS

22
Cryptography in the Computer Age

• Working with binary instead of letters
• We can do things many, many times
• Think of an Enigma machine that has 2128 pairs of
  symbols on each rotor, and 20 rotors
• Other than that, the basic principles are the
  same as classical cryptography

23
Modern Ciphers

• We design one relatively simple scrambling method
  (called a round) and repeat it many times
• Think of each round as a rotor on the Enigma
• One round may be easy to break, but when you put
  them all together it becomes very hard
• Almost all ciphers follow one of two structures
• SPN (Substitution Permutation Network)
• Feistel Network
• These describe the basic structure of a round

24
Modern Ciphers in Practice

• Follow SPN/Feistel structure in general, but with
  added twists for security
• There are two important ciphers in the history of
  modern cryptography
• DES (Data Encryption Standard)
• AES (Advanced Encryption Standard)

25
DES

• U.S. Government recognized the need to have a
  standardized cipher for secret documents
• DES was developed by IBM in 1976
• Analysis of DES was the beginning of modern
  cryptographic research

26
Controversy Surrounding DES

• Development process was hidden from public
• Suspicions that the government had put in a
  backdoor
• Government attempted to shut down research in
  cryptography

27
Breaking DES

• The key length of DES was too short
• If a key is 56 bits long, that means there are
  256 possible keys
• DES Cracker machines were designed to simply
  try all possible keys

28
Breaking DES cont.

• DES was further weakened by the discovery of
  differential cryptanalysis
• Biham and Shamir in 1990
• The most significant advance in cryptanalysis
  since frequency analysis
• Ideally a ciphertext should be completely random,
  there should be no connection to its matching
  plaintext
• Differential analysis exploits the fact that this
  is never actually the case
• Uses patterns between plaintext and ciphertext to
  discover the key
• There is evidence that IBM knew about
  differential cryptanalysis back when they were
  designing DES in 1976

29
Developing the AES

• With DES effectively broken, a new standard was
  needed
• U.S. Government made it an open
  application/review process this time, and
  received many submissions
• In 2001, after five years, the Rijndael cipher
  was selected to become the Advanced Encryption
  Standard

30
The Problem of Symmetric Key Cryptography

• Up until now weve been talking about symmetric
  key cryptography
• Alice and Bob are using the same key to
  encrypt/decrypt
• Problem How does Bob get the key to Alice when
  Eve is eavesdropping?
• Up until 1976 the only solution was to physically
  give Alice the key in a secure environment

31
Public Key Cryptography

• Diffie and Hellman published a paper in 1976
  providing a solution
• We use one key for encryption (the public key),
  and a different key for decryption (the private
  key)
• Everyone knows Alices public key, so they can
  encrypt messages and send them to her
• But only Alice has the key to decrypt those
  messages
• No one can figure out Alices private key even if
  they know her public key

32
Using Public Keys
Nonsense
Decryption
Encryption
Ciphertext
Plaintext
Plaintext
33
Public Key Cryptography in Practice

• The problem is that public key algorithms are too
  slow to encrypt large messages
• Instead Bob uses a public key algorithm to send
  Alice the symmetric key, and then uses a
  symmetric key algorithm to send the message
• The best of both worlds!
• Security of public key cryptography
• Speed of symmetric key cryptography

34
Sending a Message
Whats your public key?
Bob picks a symmetric key and encrypts it using
Alices public key
Alice decrypts the symmetric key using her
private key
Then sends the key to Alice
Bob encrypts his message using the symmetric key
Alice decrypts the message using the symmetric key
hi
Then sends the message to Alice
35
The RSA Public Key Cipher

• The most popular public key cipher is RSA,
  developed in 1977
• Named after its creators Rivest, Shamir, and
  Adleman
• Uses the idea that it is really hard to factor
  large numbers
• Create public and private keys using two large
  prime numbers
• Then forget about the prime numbers and just tell
  people their product
• Anyone can encrypt using the product, but they
  cant decrypt unless they know the factors
• If Eve could factor the large number efficiently
  she could get the private key, but there is no
  known way to do this

36
Are we all secure now?

• Unfortunately not, there are still many problems
  that need to be dealt with
• How does Bob know that hes really talking to
  Alice?
• How does Alice know that the message she receives
  hasnt been tampered with?
• How does Alice know the message was sent by Bob?
• These are questions addressed by other areas of
  cryptography

37
The End