Title: Cryptography (One Day Cryptography Tutorial)
1Cryptography(One Day Cryptography Tutorial)
2Definitions
3Definitions
- Plaintext easy to understand form(original
message) - Ciphertext difficult to understand form
- Encryption encoding (plaintext -gt ciphertext)
- Decryption decoding(ciphertext -gt plaintext)
- Cryptology study of encryption
- Cryptography use of encryption
- Cryptanalysis breaking encryption
4Definitions
Group of individuals
- AliceShe is an end user/computer without
malicious intentions, one of the main users of
cryptography. - BobHe is Alices friend and is also a main user
of cryptography, without malicious intentions. - CathyAnother user of cryptography she does not
usually have a large roll nor malicious
intentions. - EveA malicious user that does not interfere with
communications. She simply wants to eavesdrop on
the conversation between two other characters,
typically Alice and Bob, but does not actively
try to attack the communication. - MalloryThe malicious user. Always trying to
thwart attempts by other characters to
communicate securely. - TrentHe is a trusted third party. He only
communicates with Alice, Bob, or Cathy when they
ask for his help. He can always be trusted to do
what he says he will do.
5Group of individuals
- Hacker is a general term that has historically
been used to describe a computer programming
expert. More recently, this term is commonly used
in a negative way to describe an individual that
attempts to gain unauthorized access to network
resources with malicious intent. -
- Cracker is the term that is generally regarded
as the more accurate word that is used to
describe an individual that attempts to gain
unauthorized access to network resources with
malicious intent.
6Group of individuals
- Phreaker is an individual that manipulates the
phone network in order to cause it to perform a
function that is normally not allowed. A common
goal of phreaking is breaking into the phone
network, usually through a payphone, to make free
long distance calls. - Spammer is an individual that sends large
quantities of unsolicited email messages.
Spammers often use viruses to take control of
home computers in order to use these computers to
send out their bulk messages. - Fisher uses email or other means in an attempt
to trick others into providing sensitive
information, such as credit card numbers or
passwords. The Phisher will masquerade as a
trusted party that would have a legitimate need
for the sensitive information.
7Group of individuals
- White hat is a term used to describe
individuals that use their abilities to find
vulnerabilities in systems or networks, and then
report these vulnerabilities to the owners of the
system so that they can be fixed. -
- Black hat is another term for individuals that
use their knowledge of computer systems to break
into systems or networks that they are not
authorized to use.
8Definitions
- KeyA random piece of data used with encryption
and decryption. Encryption and decryption
algorithms require a key and plain text or cipher
text to produce cipher text or plain text,
respectively. - Security Association A set of information that
describes how the communicating entities will
utilize security.
9Modern Cryptography
10Types of Cryptographic Systems
- Symmetric-key cryptosystems
- Asymmetric-key or Public-key cryptosystems
- Hybrid (Symmetric-key and Asymmetric-key)
cryptosystems
11Symmetric Encryption
- Uses conventional / secret-key / single-key
- Sender and recipient share a common key
- All classical encryption algorithms are
private-key - The only type prior to invention of public-key in
1970s
12Symmetric Cipher Model
13Requirements
- Two requirements for secure use of symmetric
encryption - Strong encryption algorithm
- Secret key known only to sender / receiver
- Y EK(X)
- X DK(Y)
- Assume encryption algorithm is known
- Implies a secure channel to distribute key
14Block ciphers and Stream ciphers
- Each secret-key cryptography algorithm or cipher
typically works in two phases - key set-up phase
- ciphering or encrypt and decrypt phase.
- There are two major classes of these algorithms
block ciphers and stream ciphers. - Block ciphers encrypt plaintext in units of
blocks and likewise decrypt cipher text in units
of blocks. - Stream ciphers encrypt plaintext in one stream
and decrypt cipher text likewise.
15Block cipher operation
16Stream cipher operation
17Mode of Operation
- There are three important block cipher modes
- Electronic Code Book (ECB)
- Cipher Block Chaining (CBC)
- Cipher Feedback Mode (CFB)
18Electronic Codebook Book (ECB)
19Cipher Block Chaining (CBC)
20Cipher FeedBack (CFB)
21Output FeedBack (OFB)
22Symmetric-key cryptosystems
- Examples of symmetric key algorithms are as
follows - Data Encryption Standard (DES) (56bits)
- Triple DES (3DES) (168 bits)
- Advanced Encryption Standard (AES)
- International Data Encryption Algorithm (IDEA)
(128 bits) - Rivets Cipher 4 (RC4) (variable length key)
23DES Encryption
24Initial Permutation IP
- first step of the data computation
- IP reorders the input data bits
- even bits to LH half, odd bits to RH half
- quite regular in structure (easy in h/w)
25DES Round Structure
- uses two 32-bit L R halves
- as for any Feistel cipher can describe as
- Li Ri1
- Ri Li1 xor F(Ri1, Ki)
- takes 32-bit R half and 48-bit subkey and
- expands R to 48-bits using perm E
- adds to subkey
- passes through 8 S-boxes to get 32-bit result
- finally permutes this using 32-bit perm P
26DES Round Structure
27Substitution Boxes S
- have eight S-boxes which map 6 to 4 bits
- each S-box is actually 4 little 4 bit boxes
- outer bits 1 6 (row bits) select one rows
- inner bits 2-5 (col bits) are substituted
- result is 8 lots of 4 bits, or 32 bits
- row selection depends on both data key
- feature known as autokeying
28Triple DES
- clear a replacement for DES was needed
- theoretical attacks that can break it
- demonstrated exhaustive key search attacks
- AES is a new cipher alternative
- prior to this alternative was to use multiple
encryption with DES implementations - Triple-DES is the chosen form
29Triple-DES with Two-Keys
- hence must use 3 encryptions
- would seem to need 3 distinct keys
- but can use 2 keys with E-D-E sequence
- C EK1DK2EK1P
- if K1K2 then can work with single DES
- standardized in ANSI X9.17 ISO8732
- no current known practical attacks
30Triple-DES with Three-Keys
- although are no practical attacks on two-key
Triple-DES have some indications - can use Triple-DES with Three-Keys to avoid even
these - C EK3DK2EK1P
- has been adopted by some Internet applications,
eg PGP, S/MIME
31Triple DES (3DES)
- The technique used by 3DES is known as EDE
(Encrypt-Decrypt-Encrypt). - The plaintext message is encrypted using the
first 8 bytes of the 3DES. - Then the message is decrypted using the middle 8
bytes of the key. - Finally, the message is encrypted using the last
8 bytes of the key to produce an 8-byte block.
32Triple DES (3DES)
33AES Requirements
- private key symmetric block cipher
- 128-bit data, 128/192/256-bit keys
- stronger faster than Triple-DES
- active life of 20-30 years ( archival use)
- provide full specification design details
- both C Java implementations
34Rijndael
- data block of 4 columns of 4 bytes is state
- key is expanded to array of words
- has 9/11/13 rounds in which state undergoes
- byte substitution (1 S-box used on every byte)
- shift rows (permute bytes between groups/columns)
- mix columns (subs using matrix multipy of groups)
- add round key (XOR state with key material)
- view as alternating XOR key scramble data bytes
- initial XOR key material incomplete last round
- with fast XOR table lookup implementation
35Rijndael
36Byte Substitution
37Shift Rows
38Mix Columns
39Add Round Key
40AES Decryption
41Asymmetric-key or Public Key Encryption
- Based on mathematical algorithms
- Asymmetric
- Use two separate keys
- Public Key issues
- Plain text
- Encryption algorithm
- Public and private key
- Cipher text
- Decryption algorithm
42Public Key Encryption Encryption
43Public Key Encryption Authentication
44Public Key Encryption - Operation
- One key made public
- Used for encryption
- Other kept private
- Used for decryption
- Infeasible to determine decryption key given
encryption key and algorithm - Either key can be used for encryption, the other
for decryption
45Steps
- User generates pair of keys
- User places one key in public domain
- To send a message to this user, encrypt using
public key - User decrypts using private key
46Digital Signature
- Sender encrypts message with their private key
- Receiver can decrypt using senders public key
- This authenticates sender, who is only person who
has the matching key - Does not give privacy of data
- Decrypt key is public
47Asymmetric-key or Public-key Cryptosystems
- There are many examples of commonly used
public-key systems including - Diffie-Hellman
- Rivest, Shamir, Adleman (RSA)
- Digital Signature Algorithm (DSA) /
- Al Gamal
- Elliptic Curve Cryptosystem (ECC)
48Diffie-Hellman Key Exchange
- first public-key type scheme proposed
- by Diffie Hellman in 1976 along with the
exposition of public key concepts - note now know that James Ellis (UK CESG)
secretly proposed the concept in 1970 - is a practical method for public exchange of a
secret key
49Diffie-Hellman Key Exchange
50RSA Algorithm
- Were using Big Integers here
- Choose large secret prime numbers p and q
- Calculate N p q
- Choose exponent e such that
- gcd(e, (p-1)(q-1)) 1
- Normally choose 3, 17 or 65537
- Public key is pair N and e
- Choose d so that
- e d 1 (mod (p-1)(q-1))
- Private key is d (for efficiency d, p, q)
- Encryption c me (mod N)
- Decryption m cd (mod N)
- Baby example
- p7, q11
- N77
- 37
- gcd (37,(7-1)(11-1)) 1
- 77, 37
- 13
- 37134811(mod 60)
- 13
- 237 mod 77 51
- 5113 mod 77 2
51Public Key Certificate Use
52Digital certificates
53Digital certificates
- Digital certificates include
- A public key
- An individual or organisations details
- A digital signature from a certifying authority
(CA) - This states that the CA has seen proof of
identity - Common certifying authorities
- VeriSign, Thawte, Equifax Secure, British Telecom
- CAs are themselves certified by other CAs
- A few root CAs are usually trusted
54Message Authentication
55Message Authentication Code
- Generate authentication code based on shared key
and message - Common key shared between A and B
- If only sender and receiver know key and code
matches - Receiver assured message has not altered
- Receiver assured message is from alleged sender
- If message has sequence number, receiver assured
of proper sequence
56 Hash Functions vs. MAC
57Hash Functions
Message M
- Hash Function
- Generate a fixed length Fingerprint for an
arbitrary length message - No Key involved
- Must be at least One-way to be useful
- Constructions
- Iterated hash functions (MD4-family hash
functions) MD5, SHA1, - Hash functions based on block ciphers
MDC(Manipulation Detection Code)
H
Message Digest D D H(M)
58Message Authentication Codes (MACs)
- MAC
- Generate a fixed length MAC for an arbitrary
length message - A keyed hash function
- Message origin authentication
- Message integrity
- Entity authentication
- Transaction authentication
Shared Secret Key
MAC
MAC
SEND
MAC
59Comparison of Hash Function MAC
Arbitrary length
Arbitrary length
message
message
Hash function
MAC function
Secret key
Hash
MAC
fixed length
fixed length
- Easy to compute
- Compression arbitrary length input to fixed
length output - Unkeyed function vs. Keyed function
60Symmetric Authentication (MAC)
Bob
Alice
Message
Message
MAC
MAC
transmit
Secret key algorithm
Secret key algorithm
KAB
KAB
Shared Secret key between Alice and Bob
Shared Secret key between Alice and Bob
MAC?
no
yes
61Digital Signature
Bob
Alice
Message
Signature
Message
Signature
transmit
Hash function
Hash function
Hash value
Hash value 1
Alices Public key
Public key algorithm
no
yes
Hash value 2
Alices Private key
Public key algorithm
62Hashing
- A hashing algorithm refers to a mathematical
function that takes a variable- size string as
input and transforms (hashes) it into a
fixed-size string, which is called the hash
value. - One of the most common uses of hashing in network
security is to produce condensed representations
of messages or fingerprints, often known as
message digests, by applying a hashing
algorithm to an arbitrary amount of data the
message. - The two most commonly used hashing algorithms are
MD5 and SHA1 (part of the secure hash standard
SHS).
63Using One Way Hash
64Secure Hash Functions
- Hash function must have following properties
- Can be applied to any size data block
- Produce fixed length output
- Easy to compute
- Not feasible to reverse
- Not feasible to find two message that give the
same hash
65SHA-1
- Secure Hash Algorithm 1
- Input message less than 264 bits
- Processed in 512 bit blocks
- Output 160 bit digest
66Message Digest GenerationUsing SHA-1
67 Key Management
68ISAKMP
- The Internet Security Association and Key
Management Protocol (ISAKMP) is defined
primarily as a very comprehensive framework for
key management offering maximum flexibility - OAKLEY is defined based on the DiffieHellman
key-exchange algorithm. - IKE, on the other hand, is defined primarily to
be the key management for the IPSec Architecture
and makes use of parts of the ISAKMP and OAKLEY
definitions.
69ISAKMP
- ISAKMP defines procedures and packet formats to
establish, negotiate, modify, and delete SAs. - ISAKMP only describes the procedures, i.e., how
something is done. - ISAKMP is independent of the security protocols,
cryptographic algorithms, and key-generation and
key-exchange techniques that are actually used.
70ISAKMP phases
- ISAKMP offers two phases of negotiation.
- In the first phase, the two entities agree on how
to protect further negotiation traffic between
themselves, establishing an ISAKMP SA. - The second phase of negotiation is used to
establish security associations for other
security protocols. The security associations
established by ISAKMP during this phase can be
used by a security protocol to protect many
message or data exchanges.
71ISAKMP and TCP/IP
72OAKLEY
- The OAKLEY protocol allows two authenticated
entities to exchange and establish secret keying
material. - It is designed to be a compatible component of
ISAKMP. - The two communicating entities negotiate methods
for encryption, key derivation, and
authentication. - The basic mechanism of OAKLEY is the
DiffieHellman key-exchange algorithm, which
establishes a shared key without transmitting
this key.
73OAKLEY Key Exchange
- An OAKLEY key exchange is made up of a sequence
of message exchanges. - The goal of key-exchange processing is the secure
establishment of a common keying information
state in the two communicating entities. - This state information consists of a key name,
secret keying material, the identities of the two
parties, and three algorithms for use during
authentication - encryption
- hashing, and
- authentication
74IKE
- IKE is the protocol that performs mutual
authentication and establishes SAs between two
parties for IPSec. - IKE uses parts of ISAKMP, OAKLEY, and SKEME to
provide management of keys and security
associations.
75Key ISAKMP, OAKLEY, AND SKEME concept in IKE
76Digital CertificatesDigital Signatures (Data
Origin Authentication, Data Integrity, and
Non-repudiation)
Digital Signature
77Digital Signature with Hash Function
78Pretty good privacy (PGP)
- PGP Encryption (Pretty Good Privacy) is a
computer program that provides cryptographic
privacy and authentication. - Public key cryptography, also known as asymmetric
cryptography, is a form of cryptography in which
a user has a pair of cryptographic keys - a
public key and a private key - It was originally created by Philip Zimmermann in
1991.
79Pretty Good Privacy
PGP encryption
80Pretty Good Privacy
PGP decryption
81Applications of Cryptosystems
- Automatic Teller Machines
- Phone Cards
- Cellular Phone Networks
- Remote System Access
- Credit Cards
- Electronic Cash
- Medical Records