Introduction to Cryptography

1
Introduction to Cryptography
2
Cryptography

• Cryptography
• Original meaning the art of secret writing
• Send information in a way that prevents others
  from reading it
• Other services
• Integrity checking
• Authentication
• Process data into unintelligible form,
  reversible, without data loss

3
Encryption/Decryption
encryption
decryption

• plaintext

ciphertext
plaintext

• Plaintext a message in its original form
• Ciphertext a message in the transformed,
  unrecognized form
• Encryption the process for producing ciphertext
  from plaintext
• Decryption the reverse of encryption
• Key a secret value used to control
  encryption/decryption

4
Computationally Difficult

• Cryptographic algorithms need to be reasonably
  efficient
• Cryptographic algorithms are not impossible to
  break with the key
• e.g. try all the keys brute-force cryptanalysis
• Time can be saved by spending money on more
  computers.
• A scheme can be made more secure by making the
  key longer
• Increase the length of the key by one bit
• The good guys job just a little bit harder
• The bad guys job up to twice as hard.

5
To Publish or Not to Publish

• Not to publish the algorithms
• We can achieve better security if we keep the
  algorithm secret
• Hard to keep secret if widely used
• Reverse Engineering
• Publish the algorithms
• Security of the algorithms depend on the secrecy
  of the keys
• Less unknown vulnerabilities if all the smart
  (good) people examine the algorithm
• Common practice
• Commercial published
• Military kept secret

6
Some Trivial Cipher

• Caesar cipher
• Substitution cipher
• Replace each letter with the one 3 letters later
• A -gt D, O -gt R
• Caption Midnight Secret Decoder rings
• Pick a secret n between 1 and 25
• Shift variable by n HAL -gt IBM if n is 1
• Monoalphabetic cipher
• Arbitrary mapping of one letter to another
• 26!, approximately 4 x 1026
• Statistical analysis of letter frequencies

7
Cryptanalysis Break an Encryption Scheme

• Ciphertext only
• Analyze only with the ciphertext
• Exhaustive search until recognizable plaintext
• Need enough ciphertext
• Known Plaintext
• ltplaintext, ciphertextgt is obtained
• Great for monoalphabetic cipher
• Chosen Plaintext
• Choose plaintext, get the ciphertext
• Useful if limited set of messages

8
Types of Cryptographic functions

• Secret Key Cryptography
• One key
• Public Key Cryptography
• Two keys public, private
• Hash function
• No key

9
Secret Key Cryptography
encryption
decryption

• plaintext

ciphertext
plaintext
key
key
same key

• Same key is used for both encryption and
  decryption
• Symmetric cryptography
• Conventional cryptography
• Ciphertext is about the same length as the
  plaintext
• Examples DES, IDEA, AES

10
Secret Key Cryptography contd

• Transmitting over an insecure channel
• Challenge how to share the key?
• Secure storage on insecure media
• Strong Authentication prove knowledge of a
  secret without revealing it
• Send challenge r, and verify the returned
  encryptedr
• Challenge should be chosen from a large pool
• Integrity Check a fixed-length cryptographic
  checksum for a message
• Send MIC (Message Integrity Code) along with the
  message

11
Public Key Cryptography
encryption
decryption

• plaintext

ciphertext
plaintext
public key
private key

• Invented/published in 1975
• Each individual has two keys
• Private key is kept secret
• Public key is publicly known
• Much slower than secret key cryptography
• Also known as
• Asymmetric cryptography

12
Public Key Cryptography contd
signing
verification
Signed message

• plaintext

plaintext
private key
public key

• Digital Signature
• Only the party with the private key can generate
  a digital signature
• Verification of the signature only requires the
  knowledge of the public key
• The signer cannot deny he/she has done so.

13
Applications of Public Key Cryptography

• Security uses of public key cryptography
• Known public key cryptography is orders of
  magnitude slower than the best known secret key
  cryptographic algo.
• Transmitting over an Insecure Channel

Alice
Bob
Encrypt mA using eB
Decrypt to mA using dB
Encrypt mB using eA
Decrypt to mB using dA

• Secure Storage on Insecure Media
• Because of performance issues, you can randomly
  generate a secret key, encrypt the data with that
  secret key, and encrypt the secret key with the
  public key
• Using public key of a trusted person

14
Applications of Public Key Cryptography

• Authentication
• No need to store secrets, only public keys.
• Alice wants to verify Bobs identity

Alice
Bob
Encrypt r using eb
Decrypt to r using db
r

• Secret key cryptography need to share secret key
  for every person to communicate with

15
Case Study Applications of Public Key
Cryptography in SSH2

• Assume that bsun_at_galaxy1.cs.lamar.edu tries to
  log into mensa.cs.lamar.edu as bsun
• Run ssh-keygen at galaxy1.cs.lamar.edu
• Copy the generated public key in id_rsa.pub to
  ./ssh/authorized_keys in mensa.cs.lamar.edu
• id_rsa (at galaxy1.cs.lamar.edu) holds the
  generated private key

16
Applications of Public Key Cryptography

• Digital Signatures
• Authorship Prove who generate the information
• Integrity the information has not been modified
• Non-repudiation cannot do with secret key
  cryptography

17
Hash Algorithms

• Message digests, one-way transformations

Message of arbitrary length
A fixed-length short message
Hash h

• Easy to compute h(m)
• Given h(m), no easy way to find m
• Computationally infeasible to find m1 and m2, so
  that h(m1) h(m2)

18
Applications of Hash Algorithms

• Password hashing
• Store the hash of the password
• Message integrity
• Keyed Hash
• Alice and Bob agree on a secret key k
• Alice computes h(mk) and sends it with m
• Does not require encryption
• Message Fingerprint
• For a large data structure save the message
  digest of the data on the tamper-proof backing
  store.
• Digital Signature Efficiency
• Compute a message digest and sign it
• Public key algorithms are processor-intensive