Chapter 2: Cryptography Technique - PowerPoint PPT Presentation

About This Presentation
Title:

Chapter 2: Cryptography Technique

Description:

Chapter 2: Cryptography Technique – PowerPoint PPT presentation

Number of Views:245
Avg rating:3.0/5.0
Slides: 62
Provided by: Shann47
Category:

less

Transcript and Presenter's Notes

Title: Chapter 2: Cryptography Technique


1
Chapter 2 Cryptography Technique
  • "You can have everything in life you want if
    you'll just help enough other people to get what
    they want!" -- Zig Ziglar
  • Prepared by
  • SITI ZAINAH ADNAN
  • If you do have any feedback or comment,
  • please feel free to email me at
  • sitizai_at_hotmail.com
  • Your cooperation is very much appreciated !

2
Chapter 2 Cryptography Technique
  • TOPICS
  • Introduction
  • Terminology Basic Encryption Methods
  • Secret Code
  • Monoalphabetic Ciphers
  • Cryptanalysis of a Monoalphabetic Cipher
  • Polyalphabetic Substitution Cipher
  • Transpositions
  • Stream and Block Ciphers

3
References
  • Book (available at the Informatics library)
  • CHAPTER 2, 3 and 4 Security In Computing,
    Charles P.Pfleeger, Prentice Hall International
  • Notes (available at IVC)

4
Encryption
  • Transforms data so that it is unintelligible to
    the outside observer
  • To maintain secure data in an insecure
    environment

5
Encryption
6
Encryption With One Key
  • Symmetric encryption (Single-key encryption OR
    Private Key encryption)

7
Encryption with Two Keys
  • Asymmetric encryption (Two-key encryption OR
    Public-Key encryption)

8
Terminology
  • Encryption
  • A process of encoding a message so that its
    meaning is not obvious. Also known as
    encode/encipher
  • Decryption
  • Is the reverse process of encryption.Also known
    as decode/decipher
  • Cryptosystem
  • A system for encryption and decryption.
  • Plaintext
  • The original form of a message.

9
Terminology
  • Ciphertext
  • The encrypted form of an original message.
  • Secret Code
  • Use of simple secret code to represent the
    original message.
  • Example, apple means go ahead.

10
Terminology
  • Cryptography
  • The science of using mathematics to encrypt and
    decrypt data
  • Enables user to store sensitive information or
    transmit it across insecure networks so that it
    cannot be read by anyone except the intended
    recipient
  • Cryptanalysis
  • The science of analyzing and breaking secure
    communication
  • Done by cryptanalyst (attackers)
  • Cryptology
  • The research into and study of encryption and
    decryption include cryptography and cryptanalyst

11
Terminology
  • Key
  • A value that is used together with the plaintext
    as input into encryption algorithms to produce
    ciphertext
  • Allows different encryption of a plaintext
  • Provide additional security
  • If the encryption algorithm is revealed, future
    message can still be kept secret because the
    interceptor will not know the key value
  • Basically really big numbers, measured in bits
    e.g. 1024 bit key

12
Cryptosystem model
13
  • An opponent, observing Y but not having access to
    K or X, may attempt to recover X or K or both X
    and K - assume that opponent knows the encryption
    E and decryption D algorithms
  • To recover X and K, plaintext estimate X and
    estimate K are recovered

14
  • Input are message X and the encryption key K,
    the encryption algorithm forms the chipertext as
  • Y Y1, Y2....Yn OR Y Ek (X)
  • Y is produced by encryption algorithm E as a
    function of plaintext X, which determined by key
    K value
  • The intended receiver, in possession of the key,
    is able to invert the transformation
  • X Dk (Y)

15
Encryption algorithms
  • Two basic methods
  • Substitution
  • Monoalphabetic ciphers
  • Polyalphabetic ciphers
  • Transposition (permutation)

16
Monoalphabetic Ciphers
  • Each letter is translated or substituted by a
    fixed letter after it in the alphabet.
  • E.g. Caesar Cipher uses a shift 3.
  • The plaintext letter pi is encipher as ciphered
    letter ci by the rule.
  • ci E(pi) pi 3
  • A translation chart of the Caesar cipher is as
    shown below.
  • Plain text ABCD E FG H IJKLMNOPQRSTUVWXYZCipher
    text defg h ij k lmnopqrstuvwxyzabc
  • E.g. Happy New Year would be kdssb qhz bhdu

17
Monoalphabetic Cipher Cryptanalysis
  • Some letters are used more often than others.
  • Example of the clues
  • The letter E, T and A occur more than J, Q and Z
  • The break between the two words, the SS can be
    translated to VV
  • Therefore cryptanalysis uses such occurrence
    patterns to decipher the cipher text easily
  • Count do help to narrow the possibilities
  • The frequent occurring letters in the ciphertext
    are likely to be among the more frequently
    occurring letters in English

18
Monoalphabetic Cipher Cryptanalysis
19
Polyalphabetic Cipher
  • The weakness of monoalphabetic cipher is that
    their frequency distribution reflects the
    distribution of the underlaying alphabet.
  • A cipher that is more cryptographically secure
    would display flat distribution.
  • One way to flatten the distribution is to combine
    distribution that are high with that are low.
  • Uses multiple mappings between plaintext and
    ciphertext and it is not just a single mapping

20
Polyalphabetic Cipher
  • Example of mapping
  • Odd position mapping
  • ABCDEFGHIJKLMNOPQR S T UVWXYZ..
  • Adgjmpsvybehknqtwz c f ilorux
  • Even position mapping
  • ABCDEFGHIJKLMN O PQR S TUVWXYZ..
  • Nsxchmrwbglqva f kpu z ejotydi
  • Example of text
  • TREAT YIMPO SSIBL E ? fumnf dyvtf czysh h

21
Polyalphabetic Cipher
  • As compared with monoalphabetic cipher
  • E.g. encryption using Odd position mapping
  • TREATY IMPOSSIBLE ? fzmafu yktq cc ydhm

22
Transposition
  • Rearrange the order of bits, characters or blocks
    of characters that are being encrypted or
    decrypted.
  • The original letters of the plaintext are
    preserved only their positions change.
  • E.g. Columnar Transposition
  • The rearrangement of the characters of the
    plaintext into columns
  • The resulting ciphertext is formed by traversing
    the columns

23
Columnar Transposition
24
Columnar Transposition
  • The plaintext is
  • THIS IS A MESSAGE TO SHOW HOW A COLUMNAR
    TRANSPOSITION IS WORKING
  • The ciphertext is
  • TAGO CASIR HMEW ORPOK IETH LTONS SSOO URSS
    ISSW MAIW SAHA NNTO

25
Stream Ciphers
  • ISSOPMI wdhuw
  • Plaintext cihertext
  • Encryption
  • It converts one symbol of plaintext immediately
    into a symbol of ciphertext
  • The transformation depends only on the symbol,
    the key, and control information of the
    encipherment algorithm
  • E.g. substitution encryption

26
Stream Ciphers - Advantages
  • Speed of transformation
  • Each symbol is encrypted without regard for any
    other plaintext symbols, each symbol can be
    encrypted as soon as it is read
  • Low error propagation
  • Each symbol is separately encoded, an error in
    the encryption process affects only that character

27
Stream Ciphers - Disadvantages
  • Low diffusion
  • Each symbol is separately enciphered
  • Susceptible to malicious insertions and
    modifications
  • Since, each symbol is separately enciphered, an
    active interceptor who has broken the code can
    splice together pieces of previous messages and
    transmit a spurious message that may look
    authentic

28
Block Ciphers
  • OITPYR
  • Encryption ba
  • qc
  • kd
  • em
  • It encrypts a group of plaintext symbols as one
    block , e.g. 64 bits or more
  • It works on blocks of plaintext and produce
    blocks of ciphertext
  • E.g. transposition encryption

29
Block Ciphers - Advantages
  • Diffusion
  • Information from plaintext is diffused into
    several ciphertext symbols
  • One ciphertext block may be depend on several
    plaintext letters
  • Immunity of insertions
  • Since blocks of symbols are enciphered, it is
    impossible to insert a single symbol into one
    block
  • The length of the block would then be incorrect,
    and decipherment would reveal the insertion

30
Block Ciphers - Disadvantages
  • Slowness of encryption
  • Block ciphers must wait until an entire block of
    plaintext symbols has been received before
    sorting the encryption process
  • Error propagation
  • An error will affect the transformation of all
    other characters in the same block

31
Key Management Protocols
  • Attack to Remote communications
  • When two remote systems transfer messages along
    communication medium, several potential attack
    scenarios arise. There are three main types of
    attacks
  • Disclosure to an unauthorised listener.
  • Receipt of a message from a masquerading sender.
  • Corruption or blocking of sent messages.

32
Key Management Protocols
  • a. Disclosure to an unauthorised listener
  • Involves a malicious entity or an intruder
    gaining access to the message by simply observing
    and interpreting the data travelling along the
    communication medium.
  • b. Receipt of a message from a masquerading
    sender
  • This attack involves an unauthorised masquerading
    entity claiming to be some authorised entity.
  • The result is that a bad message might be sent
    from an intruder.

33
Key Management Protocols
  • c. Corruption or blocking of sent messages
  • Refers to messages sent by a sender being
    corrupted or blocked by an unauthorised intruder.
  • Intruders corrupt the good message and replace
    it with a bad message.

34
Key Management Protocols
  • Encryption systems provide an important tool in
    computer security, it gives a user the ability to
    transmit information in a concealed form.
  • It is very useful to transmit documents and data
    over a channel that may be intercepted.
  • Protocol is established to orderly sequence the
    steps of the encryption by two or more parties
    in their communication
  • Three type of encryption protocols
  • Private key protocol
  • Public key protocol
  • Arbitrated protocol

35
Private Key Protocol
  • A protocol that may be used between communicating
    entities to authenticate systems and hide
    messages.
  • Assumed that communicating entities have access
    to encryption routines M that encrypts and
    decrypts using some key K.
  • Both sender and receiver knows K.
  • Sender Receiver
  • message Mk Mkk message
  • encrypt decrypt

36
Encryption With Private Key
37
Private Key Protocol - Advantages
  • Fast
  • Useful for encrypting data for a short distance

38
Private Key Protocol - Disadvantages
  • If the key is revealed (stolen etc.), the
    interceptors can decrypt all the information in
    both direction.
  • Distribution of keys becomes a problem, as keys
    must be transmitted with utmost security.
  • The number of keys increases with the square of
    the number of users exchanging secret
    information.

39
Public Key Protocol
  • Deviced by Whitfield Diffie and Martin Hellman in
    1996.
  • This scheme overcomes the exchange of private key
    problem.
  • Makes use of two encryption keys, public key and
    private key.
  • Allows remote entities to advertise part of the
    encryption key, that is public key.
  • Requires both public key and private key to
    encrypt and decrypt a message.
  • Addresses several problems of key distribution
    and key loss issues.

40
Encryption with Public Keys
41
Public Key Protocol
  • Based on mathematical functions rather than on
    substitution and permutation
  • Asymmetric involving the use of two separate
    keys, in contrast to symmetric conventional
    encryption, which uses only one key
  • Has profound consequences in the area of
    confidentiality, key distribution, and
    authentication

42
Public Key Cryptosystem
  • Each end system in a network generates a pair of
    keys to be used for encryption and decryption of
    messages that it will receive
  • Each system publishes its encryption key by
    placing it in a public register or file. This is
    the public key. The companion key is kept private
    (eg. Verisign provide security service for
    international e-commerce, DigiCert mainly for
    local e-commerce)
  • If A wishes to send a message to B, it encrypts
    the message using Bs public key
  • When B receives the message, B decrypts it using
    Bs private key. No other recipient can decrypt
    the message because only B knows Bs private key.

43
Public Key - Advantages
  • All participants have access to public keys and
    private keys are generated locally by each
    participant and therefore need never be
    distributed
  • As long as system controls its private key, its
    incoming communication is secure
  • At any time,a system can change its private key
    and publish the companion public key to replace
    its old public key
  • It is computationally infeasible to deduce the
    private key from the public key
  • Anyone who has a public key can encrypt
    information but cannot decrypt it
  • Only the person who has the corresponding private
    key can decrypt the information

44
Public Key Examples
  • Elgamal (named for its investor, Taher Elgamal)
  • RSA (named for its investors Ron Rivest, Adi
    Shamir and Leonard Adleman)
  • Diffie-Hellman (named for its investors)
  • DSA Digital Signature Algorithm (invented by
    David Kravitz)

45
Public Key Cryptosystem Encryption
46
Public Key Cryptosystem Authentication
47
Public Key Cryptosystem Applications
48
Public Key Protocol
  • Sender (B)
    Receiver (A)
  • Message MSBPA
    MSBPASAPB Message Encrypt
    Decrypt
  • Legend
  • SBSecret key of B PBPublic key of B
  • SASecret key of A PAPublic key of A

49
Arbitration Protocols with Third Party
  • An alternative to the point key management
    protocols between senders and receivers.
  • Protocol that uses third party to ensure
    authentication between communicating entities.
  • Two types of arbitrated key management protocols
    might be envisioned.

50
Arbitration Protocols with Third Party
  • 1) All data communication is performed through a
    third party, so that A might communicate with C
    through arbiter B. This requires that A and B
    agree on some key management protocol and that B
    and C agree on a protocol as well.
  • A B C
  • Arbitrator

51
Arbitration Protocols with Third Party
  • 2) The third party arbiter establishing
    authentication between the sender and receiver
    e.g. visiting prisoner at prison, have to go thru
    the prison warden

52
Reasons why an arbiter is not desirable
  • Difficult to find a trusted arbitrator e.g.
    recognize and valid authority
  • Cause delay in communication e.g. have to go thru
    arbiter for any communication
  • Costly in maintaining an arbiter e.g. fees
    payment, service charges
  • Bottleneck happens if many users access to same
    arbiter e.g. delay in communication
  • Not secure since arbiter has access to sensitive
    information e.g. no 100 confidentiality

53
Key Distribution
  • This scheme involves distribution of public and
    secret keys by transmission over a secure
    channel.
  • Uses private key management protocol between
    remote systems and the KDC - Key Distribution
    Centre.
  • This approach allows two entities to receive keys
    from KDC for their communication.
  • Secrecy of their transmission to the KDC is
    assured by the distribution process.

54
Pretty Good Privacy (PGP)
  • It is a hybrid cryptosystem by Philip Zimmerman
  • Fast ,easy and free ported to most popular
    computer platforms, PCs and Macs as well to
    protect messages on the Internet
  • Used in email e.g. Netscape Messager, MS Outlook
    Express and Qualcomm Eudora Pro

55
PGP Encryption
  • PGP compresses the plaintext to save transmission
    time and disk space and to strengthen
    cryptographic security
  • Compression reduces plaintext pattern and
    enhances resistance to cryptanalysis
  • PGP creates session key, one-time-only secret
    key from the random movement of users mouse and
    keystrokes type
  • Using the IDEA algorithm with the session key,
    the message is encrypted.
  • The session key is encrypted with the RSA
    algorithm and the recipients public key
  • The encrypted message and session key is then
    bundled together and ready to be mailed or stored

56
PGP Encryption
57
PGP Decryption
  • The recipients copy of PGP uses his/her the
    private key to recover the temporary session key
  • Then, PGP uses it to decrypt the ciphertext

58
PGP Decryption
59
Secure Socket Layer (SSL)
  • Developed by Netscape in 1994
  • Provides two functions
  • Encrypting the information flow between client
    and server
  • Client/server authentication
  • Latest version is SSL 3.0 (1996)
  • Supported by
  • Client applications (Netscape Navigator,
    Microsoft Internet Explorer)
  • Server applications (Netscape, Microsoft, Apache,
    Oracle, NSCA etc.)
  • Certification Authorities (VeriSign)

60
Secure Socket Layer (SSL)
  • Comes with two strength 40-bit and 128-bit which
    refer to the length of the session key
    generated by every encrypted transaction
  • HTTPS - Hypertext Transfer Protocol Secure
  • https// represent secure site using SSL services
    (HTTP SSL)

61
Secure Socket Layer (SSL)
  • Fundamental concerns about communication over
    the Internet and other TCP/IP networks
  • SSL server authentication allows a user to
    confirm a server's identity
  • SSL client authentication allows a server to
    confirm a user's identity
  • An encrypted SSL connection requires all
    information sent between a client and a server to
    be encrypted by the sending software and
    decrypted by the receiving software, thus
    providing a high degree of confidentiality
Write a Comment
User Comments (0)
About PowerShow.com