SlideShare una empresa de Scribd logo

Cryptography

Descargar como PPT, PDF
Suhepi Saputri
Suhepi Saputri

Cryptography

EducaciónTecnología
1 de 31
Introduction to CryptographyIntroduction to Cryptography --- Foundations of information security ------ Foundations of information security --- Lecture 7Lecture 7
CSE2500 System Security and Privacy 2 OutlineOutline Why study cryptologyWhy study cryptology?? Basic terms, notations and structure ofBasic terms, notations and structure of cryptographycryptography Private & public key cryptography examplesPrivate & public key cryptography examples Modern secret key ciphers : usage andModern secret key ciphers : usage and methodologymethodology Encryption and possible attacksEncryption and possible attacks Secret key ciphers designSecret key ciphers design Slides 23 to 26 for additional informationSlides 23 to 26 for additional information (and reading)(and reading)
CSE2500 System Security and Privacy 3 Why Study cryptology(1)Why Study cryptology(1) A B Intruder Communications security
CSE2500 System Security and Privacy 4 Why Study cryptology(2)Why Study cryptology(2) Customer Merchant TTP Electronic Commerce Security
CSE2500 System Security and Privacy 5 Why Study cryptology(3)Why Study cryptology(3) A B LEA Law enforcement
CSE2500 System Security and Privacy 6 The Basic ProblemThe Basic Problem We consider theWe consider the confidentialityconfidentiality goal:goal: Alice and Bob are FriendsAlice and Bob are Friends Marvin is a rivalMarvin is a rival Alice wants to send secret messages (MAlice wants to send secret messages (M11,M,M22,…),…) to Bob over the Internetto Bob over the Internet Rival Marvin wants to read the messages (MRival Marvin wants to read the messages (M11,M,M22,, …) - Alice and Bob want to prevent this!…) - Alice and Bob want to prevent this! Assumption:Assumption: The network is OPEN: Marvin isThe network is OPEN: Marvin is able to eavesdrop and read all data sent fromable to eavesdrop and read all data sent from Alice to Bob.Alice to Bob. Consequence:Consequence: Alice must not send messagesAlice must not send messages (M(M11,M,M22,…) directly – they must be “scrambled” or,…) directly – they must be “scrambled” or encryptedencrypted using a ‘secret code’ unknown tousing a ‘secret code’ unknown to Marvin but known to Bob.Marvin but known to Bob.
CSE2500 System Security and Privacy 7 CryptographyCryptography plaintext (data file or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages)
CSE2500 System Security and Privacy 8 E D Message (cleartext, plaintext) Encrypted message (ciphertext) Encrypted message (ciphertext) Encryption Decryption key Alice Bob Private key cipherPrivate key cipher Message (cleartext,plaintext)
CSE2500 System Security and Privacy 9 Basic termsBasic terms Cryptology (to be very precise)Cryptology (to be very precise) Cryptography --- code designingCryptography --- code designing Cryptanalysis --- code breakingCryptanalysis --- code breaking Cryptologist:Cryptologist: Cryptographer & cryptanalystCryptographer & cryptanalyst Encryption/enciphermentEncryption/encipherment Scrambling data into unintelligible toScrambling data into unintelligible to unauthorised partiesunauthorised parties Decryption/deciphermentDecryption/decipherment Un-scramblingUn-scrambling
CSE2500 System Security and Privacy 10 Types of ciphersTypes of ciphers Private key cryptosystems/ciphersPrivate key cryptosystems/ciphers The secret key is shared between twoThe secret key is shared between two partiesparties Public key cryptosystems/ciphersPublic key cryptosystems/ciphers The secret key is not shared and twoThe secret key is not shared and two parties can still communicate using theirparties can still communicate using their public keyspublic keys
CSE2500 System Security and Privacy 11 Examples of “Messages”Examples of “Messages” Types of secret “Messages” AliceTypes of secret “Messages” Alice might want to send Bob (in increasingmight want to send Bob (in increasing length):length): Decision (yes/no),Decision (yes/no), eg. as answer to theeg. as answer to the question “Are we meeting tomorrow?”question “Are we meeting tomorrow?” Numerical ValueNumerical Value, eg. as answer to the, eg. as answer to the question “at what hour are we meeting?”question “at what hour are we meeting?” DocumentDocument SoftwareSoftware,, ImagesImages etc.etc.
CSE2500 System Security and Privacy 12 ConceptsConcepts A private key cipher is composed ofA private key cipher is composed of two algorithmstwo algorithms encryption algorithm Eencryption algorithm E decryption algorithm Ddecryption algorithm D The same key K is used for encryptionThe same key K is used for encryption & decryption& decryption K has to be distributed beforehandK has to be distributed beforehand
CSE2500 System Security and Privacy 13 NotationsNotations Encrypt a plaintext P using a key K &Encrypt a plaintext P using a key K & an encryption algorithm Ean encryption algorithm E C = E(K,P)C = E(K,P) Decrypt a ciphertext C using the sameDecrypt a ciphertext C using the same key K and the matching decryptionkey K and the matching decryption algorithm Dalgorithm D P = D(K,C)P = D(K,C) Note: P = D(K,C) = D(K, E(K,P))Note: P = D(K,C) = D(K, E(K,P))
CSE2500 System Security and Privacy 14 The Caesar cipher (e.g)The Caesar cipher (e.g) The Caesar cipher is a substitutionThe Caesar cipher is a substitution cipher, named after Julius Caesar.cipher, named after Julius Caesar. Operation principle:Operation principle: each letter is translated into the lettereach letter is translated into the letter a fixed number of positionsa fixed number of positions after itafter it in the alphabet table.in the alphabet table. The fixed number of positions is a keyThe fixed number of positions is a key both for encryption and decryption.both for encryption and decryption.
CSE2500 System Security and Privacy 15 The Caesar cipher (cnt’d)The Caesar cipher (cnt’d) K=3 Inner: ciphertext Outer: plaintext
CSE2500 System Security and Privacy 16 An exampleAn example For a key K=3,For a key K=3, plaintext letter:plaintext letter: ABCDEF...UVWXYZABCDEF...UVWXYZ ciphtertext letter:ciphtertext letter: DEF...UVWXYZABCDEF...UVWXYZABC HenceHence TREATY IMPOSSIBLETREATY IMPOSSIBLE is translated intois translated into WUHDWB LPSRVVLEOHWUHDWB LPSRVVLEOH
CSE2500 System Security and Privacy 17 Breaking classic ciphersBreaking classic ciphers With the help of fast computers,With the help of fast computers, 99.99% ciphers used before 1976 are99.99% ciphers used before 1976 are breakable by using one of the 4 typesbreakable by using one of the 4 types of attacks (described later).of attacks (described later). Modern cluster computers and futureModern cluster computers and future quantum computers can break severalquantum computers can break several existing ciphers due to the power ofexisting ciphers due to the power of such computers.such computers.
CSE2500 System Security and Privacy 18 Breaking the Caesar cipherBreaking the Caesar cipher By trial-and errorBy trial-and error By using statistics on lettersBy using statistics on letters frequency distributions of lettersfrequency distributions of letters letterletter percentpercent AA 7.49%7.49% BB 1.29%1.29% CC 3.54%3.54% DD 3.62%3.62% EE 14.00%14.00% ....................................................................
CSE2500 System Security and Privacy 19 Toy example of private keyToy example of private key cryptography (TPC)cryptography (TPC) Assume that a message is broken into 64-bit blocks and eachAssume that a message is broken into 64-bit blocks and each 64-bit block of plaintext is encrypted separately:64-bit block of plaintext is encrypted separately: Key space are combinations of numerical digits – max: 7Key space are combinations of numerical digits – max: 7 digits-digits- (eg: key = [1]; or key = [1,3], or key = [1,4,2]).(eg: key = [1]; or key = [1,3], or key = [1,4,2]). Assume that all 8 bits of a byte is used and key digits startAssume that all 8 bits of a byte is used and key digits start from left to right.from left to right. Encryption: Each plaintext block is first shifted by the numberEncryption: Each plaintext block is first shifted by the number of binary digits before the last non-zero digit of the key. It isof binary digits before the last non-zero digit of the key. It is then exclusive-ored with the key starting from the first byte ofthen exclusive-ored with the key starting from the first byte of the block, repeatedly to the end of the block (the key moves athe block, repeatedly to the end of the block (the key moves a distance of its size from left to right of the plaintext block).distance of its size from left to right of the plaintext block). Decryption: do the reverse of encryption: the cipher-text isDecryption: do the reverse of encryption: the cipher-text is exclusive-ored and then shifted.exclusive-ored and then shifted. 0 0 0= 1 1 0= 0 1 1= 1 0 1= : exclusive: exclusive oror
CSE2500 System Security and Privacy 20 Using TPCUsing TPC Use TPC to encrypt the plaintext “12345”, keyUse TPC to encrypt the plaintext “12345”, key = [1,4,2]= [1,4,2] Use TPC to encrypt the plaintext “TREATYUse TPC to encrypt the plaintext “TREATY IMPOSSIBLE”; key = [4];IMPOSSIBLE”; key = [4]; Use TPC to encrypt the plaintext “100Use TPC to encrypt the plaintext “100 dollars”, key = [2,4];dollars”, key = [2,4];
CSE2500 System Security and Privacy 21 Principles of Private Key EncryptionPrinciples of Private Key Encryption Devise cryptographic algorithms:Devise cryptographic algorithms: a set of fast functions (E1, E2, E3, ..En) that when in turna set of fast functions (E1, E2, E3, ..En) that when in turn applied to an input (initial or intermediate input) willapplied to an input (initial or intermediate input) will produce a more potentially scrambled output.produce a more potentially scrambled output. and a set of functions (D1,D2,D3, .. Dn) that when in turnand a set of functions (D1,D2,D3, .. Dn) that when in turn applied to the cipher text (final or intermediate) willapplied to the cipher text (final or intermediate) will produce the original input text.produce the original input text. Devise algorithms, tests and proofs to validateDevise algorithms, tests and proofs to validate your cryptographic algorithmsyour cryptographic algorithms Analysing algorithms.Analysing algorithms. Tests with powerful computers such as specialised,Tests with powerful computers such as specialised, parallel, cluster, or quantum computers.parallel, cluster, or quantum computers. Mathematical proofs.Mathematical proofs.
CSE2500 System Security and Privacy 22 Toy example of public keyToy example of public key cryptographycryptography Definition: The multiplicative inverse ofDefinition: The multiplicative inverse of xx with modulowith modulo nn isis yy such that (such that (xx**yy) mod) mod nn = 1= 1 E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1 The above multiplicative inverse can be used to create aThe above multiplicative inverse can be used to create a simple public key cipher: eithersimple public key cipher: either xx oror yy can be thought of as acan be thought of as a secret key and the other is the public key. Letsecret key and the other is the public key. Let xx = 3,= 3, yy = 7,= 7, nn == 10, and M be the message:10, and M be the message: M = 4 ;M = 4 ; 3*4 mod 10 = 2; (ciphertext) - encrypting3*4 mod 10 = 2; (ciphertext) - encrypting 2*7 mod 10 = 4 = M ; (message) - decrypting2*7 mod 10 = 4 = M ; (message) - decrypting M =6 ;M =6 ; 3*6 mod 10 = 8;3*6 mod 10 = 8; 8*7 mod 10 = 6 = M (message)8*7 mod 10 = 6 = M (message)
CSE2500 System Security and Privacy 23 What is PKE used for?What is PKE used for? Private Key Encryption (PKE) can bePrivate Key Encryption (PKE) can be used:used: Transmitting data over an insecureTransmitting data over an insecure channelchannel Secure stored data (encrypt & store)Secure stored data (encrypt & store) Provide integrity check:Provide integrity check: (Key + Mes.) -> MAC (message authentication(Key + Mes.) -> MAC (message authentication code)code)
CSE2500 System Security and Privacy 24 Morden Cryptography applicationsMorden Cryptography applications Not just about confidentiality!Not just about confidentiality! IntegrityIntegrity Digital signaturesDigital signatures Hash functionsHash functions Fair exchangeFair exchange Contract signingContract signing AnonymityAnonymity Electronic cashElectronic cash Electronic votingElectronic voting Etc.Etc.
CSE2500 System Security and Privacy 25 Modern private key ciphersModern private key ciphers DES (US, 1977) (3DES)DES (US, 1977) (3DES) key -- 56 bits, plaintext/ciphertext -- 64 bitskey -- 56 bits, plaintext/ciphertext -- 64 bits LOKI (ADFA, Australia, 1989)LOKI (ADFA, Australia, 1989) key, plaintext/ciphertext -- 64 bitskey, plaintext/ciphertext -- 64 bits FEAL (NTT, Japan, 1990)FEAL (NTT, Japan, 1990) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits IDEA (Lai & Massey, Swiss, 1991)IDEA (Lai & Massey, Swiss, 1991) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits SPEED (Y Zheng in 1996)SPEED (Y Zheng in 1996) Key/(plaintext/ciphertext) -- 48,64,80,…,256 bitsKey/(plaintext/ciphertext) -- 48,64,80,…,256 bits AES (Joan Daemen & Vincent Rijmen 2000)AES (Joan Daemen & Vincent Rijmen 2000) Key/(plaintext/ciphertext) -- 128, 192 and 256 bitsKey/(plaintext/ciphertext) -- 128, 192 and 256 bits
CSE2500 System Security and Privacy 26 General approaches to CryptographyGeneral approaches to Cryptography There are two general encryption methods:There are two general encryption methods: Block ciphers &Block ciphers & Stream ciphersStream ciphers Block ciphersBlock ciphers Slice message M into (fixed size blocks)Slice message M into (fixed size blocks) mm11, …,, …, mmnn Add padding to last blockAdd padding to last block Use EUse Ekk to produce (ciphertext blocks)to produce (ciphertext blocks) xx11, …,, …, xxnn Use DUse Dkk to recover M fromto recover M from mm11, …,, …, mmnn E.g: DES, etc.E.g: DES, etc. Stream ciphersStream ciphers Generate a long random string (or pseudo random)Generate a long random string (or pseudo random) calledcalled one-time padone-time pad.. MessageMessage one-time padone-time pad (exclusive or)(exclusive or) E.g: EC4E.g: EC4
CSE2500 System Security and Privacy 27 Design of Private Key Ciphers(1)Design of Private Key Ciphers(1) A Cryptographic algorithm should be efficient forA Cryptographic algorithm should be efficient for good usegood use It should be fast and key length should be of the rightIt should be fast and key length should be of the right length – e.g.; not too shortlength – e.g.; not too short Cryptographic algorithms are not impossible toCryptographic algorithms are not impossible to break without a keybreak without a key If we try all the combinations, we can get the originalIf we try all the combinations, we can get the original messagemessage The security of a cryptographic algorithm dependsThe security of a cryptographic algorithm depends on how much work it takes for someone to break iton how much work it takes for someone to break it E.g If it takes 10 mil. years to break a cryptographicE.g If it takes 10 mil. years to break a cryptographic algorithm X using all the computers of a state, X can bealgorithm X using all the computers of a state, X can be thought of as a secure one – reason: cluster computersthought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crackand quantum computers are powerful enough to crack many current cryptographic algorithms.many current cryptographic algorithms.
CSE2500 System Security and Privacy 28 Design of Private Key Ciphers(2)Design of Private Key Ciphers(2) Encryption Algorithm DesignEncryption Algorithm Design Should the strength of the algorithm beShould the strength of the algorithm be included in the implementation of theincluded in the implementation of the algorithm? Should we hide the algorithm?algorithm? Should we hide the algorithm? Should the block size be small or large?Should the block size be small or large? Should the keyspace be large?Should the keyspace be large? Should we consider other search ratherShould we consider other search rather than brute-force search?than brute-force search? Should we consider the hardwareShould we consider the hardware technology?technology?
CSE2500 System Security and Privacy 29 4 types of cryptanalysis4 types of cryptanalysis Depending on what a cryptanalyst hasDepending on what a cryptanalyst has to work with, attacks can be classifiedto work with, attacks can be classified intointo ciphertext only attackciphertext only attack known plaintext attackknown plaintext attack chosen plaintext attackchosen plaintext attack chosen ciphertext attack (most severe)chosen ciphertext attack (most severe)
CSE2500 System Security and Privacy 30 4 types of attacks4 types of attacks Ciphertext only attackCiphertext only attack the only data available is a targetthe only data available is a target ciphertextciphertext Known plaintext attackKnown plaintext attack a target ciphertexta target ciphertext pairs of other ciphertext and plaintextpairs of other ciphertext and plaintext (say, previously broken or guessing)(say, previously broken or guessing)
CSE2500 System Security and Privacy 31 4 types of attacks4 types of attacks Chosen plaintext attacksChosen plaintext attacks a target ciphertexta target ciphertext can feed encryption algorithm withcan feed encryption algorithm with plaintexts and obtain the matchingplaintexts and obtain the matching ciphertextsciphertexts Chosen ciphertext attackChosen ciphertext attack a target ciphertexta target ciphertext can feed decryption algorithm withcan feed decryption algorithm with ciphertexts and obtain the matchingciphertexts and obtain the matching plaintextsplaintexts

Recomendados

Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
block ciphers
block ciphersblock ciphers
block ciphers
Asad Ali
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
n|u - The Open Security Community
 
Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
kusum sharma
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 

Recomendados

Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
block ciphers
block ciphersblock ciphers
block ciphers
Asad Ali
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
n|u - The Open Security Community
 
Cryptography
CryptographyCryptography
Cryptography
Kalyani Government Engineering College
 
Cryptography
CryptographyCryptography
Cryptography
Darshini Parikh
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
kusum sharma
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
Uday Meena
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptography
zahid-mian
 
Cryptography
CryptographyCryptography
Cryptography
subodh pawar
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Md. Afif Al Mamun
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
Triad Square InfoSec
 
Transposition cipher
Transposition cipherTransposition cipher
Transposition cipher
Antony Alex
 
Cryptography
CryptographyCryptography
Cryptography
EmaSushan
 
Cryptography
CryptographyCryptography
Cryptography
Rutuja Solkar
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
Hossain Md Shakhawat
 
cryptography
cryptographycryptography
cryptography
Abhijeet Singh
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
Rashmi Burugupalli
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptography
drewz lin
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptography
Perfect Training Center
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701
Amit Pathak
 
Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
Email security
Email securityEmail security
Email security
Ahmed EL-KOSAIRY
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
Haris Ahmed
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
Duy Do Phan
 
Ch02 classic nemo
Ch02 classic nemoCh02 classic nemo
Ch02 classic nemo
Samia Elsayed
 
Iss lecture 2
Iss lecture 2Iss lecture 2
Iss lecture 2
Ali Habeeb
 

Más contenido relacionado

La actualidad más candente

13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptography
drewz lin
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
Duy Do Phan
 

La actualidad más candente (20)

Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
 
Transposition cipher
Transposition cipherTransposition cipher
Transposition cipher
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
cryptography
cryptographycryptography
cryptography
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptography
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptography
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701
 
Cryptography
CryptographyCryptography
Cryptography
 
Email security
Email securityEmail security
Email security
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
 

Similar a Cryptography

IS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key Cryptography
Sarthak Patel
 
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
Amazon Web Services
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
phanleson
 
Cryptography 101 for Java developers
Cryptography 101 for Java developersCryptography 101 for Java developers
Cryptography 101 for Java developers
Michel Schudel
 

Similar a Cryptography (20)

Ch02 classic nemo
Ch02 classic nemoCh02 classic nemo
Ch02 classic nemo
 
Iss lecture 2
Iss lecture 2Iss lecture 2
Iss lecture 2
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
network security
network securitynetwork security
network security
 
IS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key Cryptography
 
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
AWS re:Invent 2016: Encryption: It Was the Best of Controls, It Was the Worst...
 
Encryption
EncryptionEncryption
Encryption
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
Cryptography using python
Cryptography using pythonCryptography using python
Cryptography using python
 
Introduction to Public Key Cryptography
Introduction to Public Key CryptographyIntroduction to Public Key Cryptography
Introduction to Public Key Cryptography
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical Cryptography
 
CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2CISSP Certification Security Engineering-Part2
CISSP Certification Security Engineering-Part2
 
Information System Security.pptx
Information System Security.pptxInformation System Security.pptx
Information System Security.pptx
 
Slide cipher based encryption
Slide cipher based encryptionSlide cipher based encryption
Slide cipher based encryption
 
Computer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptxComputer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptx
 
Day5
Day5Day5
Day5
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
 
Cns 1
Cns 1Cns 1
Cns 1
 
Unit 1
Unit 1Unit 1
Unit 1
 
Cryptography 101 for Java developers
Cryptography 101 for Java developersCryptography 101 for Java developers
Cryptography 101 for Java developers
 

Último

Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 

Último (20)

Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 

Cryptography

  • 1. Introduction to CryptographyIntroduction to Cryptography --- Foundations of information security ------ Foundations of information security --- Lecture 7Lecture 7
  • 2. CSE2500 System Security and Privacy 2 OutlineOutline Why study cryptologyWhy study cryptology?? Basic terms, notations and structure ofBasic terms, notations and structure of cryptographycryptography Private & public key cryptography examplesPrivate & public key cryptography examples Modern secret key ciphers : usage andModern secret key ciphers : usage and methodologymethodology Encryption and possible attacksEncryption and possible attacks Secret key ciphers designSecret key ciphers design Slides 23 to 26 for additional informationSlides 23 to 26 for additional information (and reading)(and reading)
  • 3. CSE2500 System Security and Privacy 3 Why Study cryptology(1)Why Study cryptology(1) A B Intruder Communications security
  • 4. CSE2500 System Security and Privacy 4 Why Study cryptology(2)Why Study cryptology(2) Customer Merchant TTP Electronic Commerce Security
  • 5. CSE2500 System Security and Privacy 5 Why Study cryptology(3)Why Study cryptology(3) A B LEA Law enforcement
  • 6. CSE2500 System Security and Privacy 6 The Basic ProblemThe Basic Problem We consider theWe consider the confidentialityconfidentiality goal:goal: Alice and Bob are FriendsAlice and Bob are Friends Marvin is a rivalMarvin is a rival Alice wants to send secret messages (MAlice wants to send secret messages (M11,M,M22,…),…) to Bob over the Internetto Bob over the Internet Rival Marvin wants to read the messages (MRival Marvin wants to read the messages (M11,M,M22,, …) - Alice and Bob want to prevent this!…) - Alice and Bob want to prevent this! Assumption:Assumption: The network is OPEN: Marvin isThe network is OPEN: Marvin is able to eavesdrop and read all data sent fromable to eavesdrop and read all data sent from Alice to Bob.Alice to Bob. Consequence:Consequence: Alice must not send messagesAlice must not send messages (M(M11,M,M22,…) directly – they must be “scrambled” or,…) directly – they must be “scrambled” or encryptedencrypted using a ‘secret code’ unknown tousing a ‘secret code’ unknown to Marvin but known to Bob.Marvin but known to Bob.
  • 7. CSE2500 System Security and Privacy 7 CryptographyCryptography plaintext (data file or messages) encryption ciphertext (stored or transmitted safely) decryption plaintext (original data or messages)
  • 8. CSE2500 System Security and Privacy 8 E D Message (cleartext, plaintext) Encrypted message (ciphertext) Encrypted message (ciphertext) Encryption Decryption key Alice Bob Private key cipherPrivate key cipher Message (cleartext,plaintext)
  • 9. CSE2500 System Security and Privacy 9 Basic termsBasic terms Cryptology (to be very precise)Cryptology (to be very precise) Cryptography --- code designingCryptography --- code designing Cryptanalysis --- code breakingCryptanalysis --- code breaking Cryptologist:Cryptologist: Cryptographer & cryptanalystCryptographer & cryptanalyst Encryption/enciphermentEncryption/encipherment Scrambling data into unintelligible toScrambling data into unintelligible to unauthorised partiesunauthorised parties Decryption/deciphermentDecryption/decipherment Un-scramblingUn-scrambling
  • 10. CSE2500 System Security and Privacy 10 Types of ciphersTypes of ciphers Private key cryptosystems/ciphersPrivate key cryptosystems/ciphers The secret key is shared between twoThe secret key is shared between two partiesparties Public key cryptosystems/ciphersPublic key cryptosystems/ciphers The secret key is not shared and twoThe secret key is not shared and two parties can still communicate using theirparties can still communicate using their public keyspublic keys
  • 11. CSE2500 System Security and Privacy 11 Examples of “Messages”Examples of “Messages” Types of secret “Messages” AliceTypes of secret “Messages” Alice might want to send Bob (in increasingmight want to send Bob (in increasing length):length): Decision (yes/no),Decision (yes/no), eg. as answer to theeg. as answer to the question “Are we meeting tomorrow?”question “Are we meeting tomorrow?” Numerical ValueNumerical Value, eg. as answer to the, eg. as answer to the question “at what hour are we meeting?”question “at what hour are we meeting?” DocumentDocument SoftwareSoftware,, ImagesImages etc.etc.
  • 12. CSE2500 System Security and Privacy 12 ConceptsConcepts A private key cipher is composed ofA private key cipher is composed of two algorithmstwo algorithms encryption algorithm Eencryption algorithm E decryption algorithm Ddecryption algorithm D The same key K is used for encryptionThe same key K is used for encryption & decryption& decryption K has to be distributed beforehandK has to be distributed beforehand
  • 13. CSE2500 System Security and Privacy 13 NotationsNotations Encrypt a plaintext P using a key K &Encrypt a plaintext P using a key K & an encryption algorithm Ean encryption algorithm E C = E(K,P)C = E(K,P) Decrypt a ciphertext C using the sameDecrypt a ciphertext C using the same key K and the matching decryptionkey K and the matching decryption algorithm Dalgorithm D P = D(K,C)P = D(K,C) Note: P = D(K,C) = D(K, E(K,P))Note: P = D(K,C) = D(K, E(K,P))
  • 14. CSE2500 System Security and Privacy 14 The Caesar cipher (e.g)The Caesar cipher (e.g) The Caesar cipher is a substitutionThe Caesar cipher is a substitution cipher, named after Julius Caesar.cipher, named after Julius Caesar. Operation principle:Operation principle: each letter is translated into the lettereach letter is translated into the letter a fixed number of positionsa fixed number of positions after itafter it in the alphabet table.in the alphabet table. The fixed number of positions is a keyThe fixed number of positions is a key both for encryption and decryption.both for encryption and decryption.
  • 15. CSE2500 System Security and Privacy 15 The Caesar cipher (cnt’d)The Caesar cipher (cnt’d) K=3 Inner: ciphertext Outer: plaintext
  • 16. CSE2500 System Security and Privacy 16 An exampleAn example For a key K=3,For a key K=3, plaintext letter:plaintext letter: ABCDEF...UVWXYZABCDEF...UVWXYZ ciphtertext letter:ciphtertext letter: DEF...UVWXYZABCDEF...UVWXYZABC HenceHence TREATY IMPOSSIBLETREATY IMPOSSIBLE is translated intois translated into WUHDWB LPSRVVLEOHWUHDWB LPSRVVLEOH
  • 17. CSE2500 System Security and Privacy 17 Breaking classic ciphersBreaking classic ciphers With the help of fast computers,With the help of fast computers, 99.99% ciphers used before 1976 are99.99% ciphers used before 1976 are breakable by using one of the 4 typesbreakable by using one of the 4 types of attacks (described later).of attacks (described later). Modern cluster computers and futureModern cluster computers and future quantum computers can break severalquantum computers can break several existing ciphers due to the power ofexisting ciphers due to the power of such computers.such computers.
  • 18. CSE2500 System Security and Privacy 18 Breaking the Caesar cipherBreaking the Caesar cipher By trial-and errorBy trial-and error By using statistics on lettersBy using statistics on letters frequency distributions of lettersfrequency distributions of letters letterletter percentpercent AA 7.49%7.49% BB 1.29%1.29% CC 3.54%3.54% DD 3.62%3.62% EE 14.00%14.00% ....................................................................
  • 19. CSE2500 System Security and Privacy 19 Toy example of private keyToy example of private key cryptography (TPC)cryptography (TPC) Assume that a message is broken into 64-bit blocks and eachAssume that a message is broken into 64-bit blocks and each 64-bit block of plaintext is encrypted separately:64-bit block of plaintext is encrypted separately: Key space are combinations of numerical digits – max: 7Key space are combinations of numerical digits – max: 7 digits-digits- (eg: key = [1]; or key = [1,3], or key = [1,4,2]).(eg: key = [1]; or key = [1,3], or key = [1,4,2]). Assume that all 8 bits of a byte is used and key digits startAssume that all 8 bits of a byte is used and key digits start from left to right.from left to right. Encryption: Each plaintext block is first shifted by the numberEncryption: Each plaintext block is first shifted by the number of binary digits before the last non-zero digit of the key. It isof binary digits before the last non-zero digit of the key. It is then exclusive-ored with the key starting from the first byte ofthen exclusive-ored with the key starting from the first byte of the block, repeatedly to the end of the block (the key moves athe block, repeatedly to the end of the block (the key moves a distance of its size from left to right of the plaintext block).distance of its size from left to right of the plaintext block). Decryption: do the reverse of encryption: the cipher-text isDecryption: do the reverse of encryption: the cipher-text is exclusive-ored and then shifted.exclusive-ored and then shifted. 0 0 0= 1 1 0= 0 1 1= 1 0 1= : exclusive: exclusive oror
  • 20. CSE2500 System Security and Privacy 20 Using TPCUsing TPC Use TPC to encrypt the plaintext “12345”, keyUse TPC to encrypt the plaintext “12345”, key = [1,4,2]= [1,4,2] Use TPC to encrypt the plaintext “TREATYUse TPC to encrypt the plaintext “TREATY IMPOSSIBLE”; key = [4];IMPOSSIBLE”; key = [4]; Use TPC to encrypt the plaintext “100Use TPC to encrypt the plaintext “100 dollars”, key = [2,4];dollars”, key = [2,4];
  • 21. CSE2500 System Security and Privacy 21 Principles of Private Key EncryptionPrinciples of Private Key Encryption Devise cryptographic algorithms:Devise cryptographic algorithms: a set of fast functions (E1, E2, E3, ..En) that when in turna set of fast functions (E1, E2, E3, ..En) that when in turn applied to an input (initial or intermediate input) willapplied to an input (initial or intermediate input) will produce a more potentially scrambled output.produce a more potentially scrambled output. and a set of functions (D1,D2,D3, .. Dn) that when in turnand a set of functions (D1,D2,D3, .. Dn) that when in turn applied to the cipher text (final or intermediate) willapplied to the cipher text (final or intermediate) will produce the original input text.produce the original input text. Devise algorithms, tests and proofs to validateDevise algorithms, tests and proofs to validate your cryptographic algorithmsyour cryptographic algorithms Analysing algorithms.Analysing algorithms. Tests with powerful computers such as specialised,Tests with powerful computers such as specialised, parallel, cluster, or quantum computers.parallel, cluster, or quantum computers. Mathematical proofs.Mathematical proofs.
  • 22. CSE2500 System Security and Privacy 22 Toy example of public keyToy example of public key cryptographycryptography Definition: The multiplicative inverse ofDefinition: The multiplicative inverse of xx with modulowith modulo nn isis yy such that (such that (xx**yy) mod) mod nn = 1= 1 E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1E.g:x=3; n=10, => y=7; since (3*7) mod 10 = 1 The above multiplicative inverse can be used to create aThe above multiplicative inverse can be used to create a simple public key cipher: eithersimple public key cipher: either xx oror yy can be thought of as acan be thought of as a secret key and the other is the public key. Letsecret key and the other is the public key. Let xx = 3,= 3, yy = 7,= 7, nn == 10, and M be the message:10, and M be the message: M = 4 ;M = 4 ; 3*4 mod 10 = 2; (ciphertext) - encrypting3*4 mod 10 = 2; (ciphertext) - encrypting 2*7 mod 10 = 4 = M ; (message) - decrypting2*7 mod 10 = 4 = M ; (message) - decrypting M =6 ;M =6 ; 3*6 mod 10 = 8;3*6 mod 10 = 8; 8*7 mod 10 = 6 = M (message)8*7 mod 10 = 6 = M (message)
  • 23. CSE2500 System Security and Privacy 23 What is PKE used for?What is PKE used for? Private Key Encryption (PKE) can bePrivate Key Encryption (PKE) can be used:used: Transmitting data over an insecureTransmitting data over an insecure channelchannel Secure stored data (encrypt & store)Secure stored data (encrypt & store) Provide integrity check:Provide integrity check: (Key + Mes.) -> MAC (message authentication(Key + Mes.) -> MAC (message authentication code)code)
  • 24. CSE2500 System Security and Privacy 24 Morden Cryptography applicationsMorden Cryptography applications Not just about confidentiality!Not just about confidentiality! IntegrityIntegrity Digital signaturesDigital signatures Hash functionsHash functions Fair exchangeFair exchange Contract signingContract signing AnonymityAnonymity Electronic cashElectronic cash Electronic votingElectronic voting Etc.Etc.
  • 25. CSE2500 System Security and Privacy 25 Modern private key ciphersModern private key ciphers DES (US, 1977) (3DES)DES (US, 1977) (3DES) key -- 56 bits, plaintext/ciphertext -- 64 bitskey -- 56 bits, plaintext/ciphertext -- 64 bits LOKI (ADFA, Australia, 1989)LOKI (ADFA, Australia, 1989) key, plaintext/ciphertext -- 64 bitskey, plaintext/ciphertext -- 64 bits FEAL (NTT, Japan, 1990)FEAL (NTT, Japan, 1990) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits IDEA (Lai & Massey, Swiss, 1991)IDEA (Lai & Massey, Swiss, 1991) key -- 128 bits, plaintext/ciphertext -- 64 bitskey -- 128 bits, plaintext/ciphertext -- 64 bits SPEED (Y Zheng in 1996)SPEED (Y Zheng in 1996) Key/(plaintext/ciphertext) -- 48,64,80,…,256 bitsKey/(plaintext/ciphertext) -- 48,64,80,…,256 bits AES (Joan Daemen & Vincent Rijmen 2000)AES (Joan Daemen & Vincent Rijmen 2000) Key/(plaintext/ciphertext) -- 128, 192 and 256 bitsKey/(plaintext/ciphertext) -- 128, 192 and 256 bits
  • 26. CSE2500 System Security and Privacy 26 General approaches to CryptographyGeneral approaches to Cryptography There are two general encryption methods:There are two general encryption methods: Block ciphers &Block ciphers & Stream ciphersStream ciphers Block ciphersBlock ciphers Slice message M into (fixed size blocks)Slice message M into (fixed size blocks) mm11, …,, …, mmnn Add padding to last blockAdd padding to last block Use EUse Ekk to produce (ciphertext blocks)to produce (ciphertext blocks) xx11, …,, …, xxnn Use DUse Dkk to recover M fromto recover M from mm11, …,, …, mmnn E.g: DES, etc.E.g: DES, etc. Stream ciphersStream ciphers Generate a long random string (or pseudo random)Generate a long random string (or pseudo random) calledcalled one-time padone-time pad.. MessageMessage one-time padone-time pad (exclusive or)(exclusive or) E.g: EC4E.g: EC4
  • 27. CSE2500 System Security and Privacy 27 Design of Private Key Ciphers(1)Design of Private Key Ciphers(1) A Cryptographic algorithm should be efficient forA Cryptographic algorithm should be efficient for good usegood use It should be fast and key length should be of the rightIt should be fast and key length should be of the right length – e.g.; not too shortlength – e.g.; not too short Cryptographic algorithms are not impossible toCryptographic algorithms are not impossible to break without a keybreak without a key If we try all the combinations, we can get the originalIf we try all the combinations, we can get the original messagemessage The security of a cryptographic algorithm dependsThe security of a cryptographic algorithm depends on how much work it takes for someone to break iton how much work it takes for someone to break it E.g If it takes 10 mil. years to break a cryptographicE.g If it takes 10 mil. years to break a cryptographic algorithm X using all the computers of a state, X can bealgorithm X using all the computers of a state, X can be thought of as a secure one – reason: cluster computersthought of as a secure one – reason: cluster computers and quantum computers are powerful enough to crackand quantum computers are powerful enough to crack many current cryptographic algorithms.many current cryptographic algorithms.
  • 28. CSE2500 System Security and Privacy 28 Design of Private Key Ciphers(2)Design of Private Key Ciphers(2) Encryption Algorithm DesignEncryption Algorithm Design Should the strength of the algorithm beShould the strength of the algorithm be included in the implementation of theincluded in the implementation of the algorithm? Should we hide the algorithm?algorithm? Should we hide the algorithm? Should the block size be small or large?Should the block size be small or large? Should the keyspace be large?Should the keyspace be large? Should we consider other search ratherShould we consider other search rather than brute-force search?than brute-force search? Should we consider the hardwareShould we consider the hardware technology?technology?
  • 29. CSE2500 System Security and Privacy 29 4 types of cryptanalysis4 types of cryptanalysis Depending on what a cryptanalyst hasDepending on what a cryptanalyst has to work with, attacks can be classifiedto work with, attacks can be classified intointo ciphertext only attackciphertext only attack known plaintext attackknown plaintext attack chosen plaintext attackchosen plaintext attack chosen ciphertext attack (most severe)chosen ciphertext attack (most severe)
  • 30. CSE2500 System Security and Privacy 30 4 types of attacks4 types of attacks Ciphertext only attackCiphertext only attack the only data available is a targetthe only data available is a target ciphertextciphertext Known plaintext attackKnown plaintext attack a target ciphertexta target ciphertext pairs of other ciphertext and plaintextpairs of other ciphertext and plaintext (say, previously broken or guessing)(say, previously broken or guessing)
  • 31. CSE2500 System Security and Privacy 31 4 types of attacks4 types of attacks Chosen plaintext attacksChosen plaintext attacks a target ciphertexta target ciphertext can feed encryption algorithm withcan feed encryption algorithm with plaintexts and obtain the matchingplaintexts and obtain the matching ciphertextsciphertexts Chosen ciphertext attackChosen ciphertext attack a target ciphertexta target ciphertext can feed decryption algorithm withcan feed decryption algorithm with ciphertexts and obtain the matchingciphertexts and obtain the matching plaintextsplaintexts