Title: Fundamentals of Computer Security
1Fundamentals of Computer Security
2 Cryptography in Context
- The good news
- Cryptography is powerful.
- Cryptography is the easy part.
- The bad news
- Cryptography is not enough.
- Cryptography is very hard.
Our goal in this class is not to become experts
in cryptography, but to become well-informed
users of this technology.
3The Role of Cryptographyin Communications
- Confidentiality Only authorized parties can read
the message. - Authentication The identity of the sender of a
message can always be ascertained. - Integrity The receiver can easily determine that
the message has or hasnt been tampered with. - Nonrepudiation The sender cannot deny having
sent a message.
4Cryptology
encryption key
decryption key
Cryptography
encryption algorithm
decryption algorithm
ciphertext
Cryptanalysis
plaintext
plaintext
plaintext
5Algorithms or Ciphers
- Concealment Hide a message in another piece of
data. - Substitution Change the symbols used to write
the message. - Transposition Scramble the symbols used to write
the message.
6Concealment CiphersorSteganography
Steganograpy (covered writing), null cipher,
open-letter cipher, conventional writing,
dissimulated writing, etc.
7Concealment Ciphers
- A message is embedded (hidden) within a seemingly
inocuous piece of information
A treatise to analyze campus knowledge of
undergraduate tenants portrays outright sympathy
totally aimed toward negligent idiots
notwithstanding elegant amoral mentalities.
8Concealment Ciphers
- A message is embedded (hidden) within a seemingly
inocuous piece of information
A treatise to analyze campus knowledge of
undergraduate tenants portrays outright sympathy
totally aimed toward negligent idiots
notwithstanding elegant amoral mentalities.
attack outpost at nine am
9Lord Bacons Cipher
- Hold OFf uNtIl you hEar frOm mE agAin. wE May
cOMpROmIse.
HoldO FfuNt Ilyou hEarf rOmmE agAin wEMay cOMpR
OmIse
baaab baaba baaaa abaaa abaab aabaa abbaa abbab
babaa
The message could be concealed in markings on a
piece of candy, on the palings of a picket fence,
on the arrangement of a deck of cards, on
published text with slightly different fonts,
etc.
Bacons Bi-literal Alphabet
strike now
10A Steganographic Paradigm
secret
embedding algorithm
extraction algorithm
open message with embedded secret
secret
open message
11Embedding Messages in Images
Steganogram 47K bytes Message 6.46K bytes
Original image 47K bytes
- Detecting that an image has an embedded message
visually is nearly impossible. - Checking the size of the image doesnt help.
- The only hope seems to lie in deep, thorough
mathematical analysis.
Source Model Based Steganography, Phil Salee, UC
Davis.
12Breaking Concealment Ciphers
- These ciphers depend on the belief that they
wont be identified in a steganogram. One looks
for embedded messages in data depending on the
level of caution that is warranted. - At times, the steganogram may be enciphered using
transposition or substitution to further confuse
the reader. In the event the reader can break the
first cipher and read the steganogram, s/he may
think that the secret has been solved.
13Substitution Ciphers
14The Additive Cipher(Caesar Cipher Shift Cipher
with key3)
The key value determines a shift in the cipher
text alphabet. Example
PLAINTEXT
ciphertext (key3)
PLAINTEXT HERE BE DRAGONS.
ciphertext khuh eh gudjrqs.
POSSIBLE KEY VALUES 26. WEAK KEY key0.
15The Additive Cipher(Caesar Cipher Shift Cipher
with key3)
The key value determines a shift in the cipher
text alphabet.
Algorithm for each letter P in the plaintext,
compute a corresponding letter C of the
ciphertext using the equation below.
16The Multiplicative Cipher
Algorithm for each letter P in the plaintext,
compute a corresponding letter C of the
ciphertext using the equation below.
Caution we have to be careful with the choice of
k!
PLAINTEXT
ciphertext (key13)
PLAINTEXT
ciphertext (key2)
17The Affine Cipher
Algorithm for each letter P in the plaintext,
compute a corresponding letter C of the
ciphertext using the equation below.
Caution we still have to be careful with the
choice of k!
PLAINTEXT
ciphertext (key m5, a8)
18Hardening Text Ciphers
- Consider the occurrence of space in the
plaintext. One can eliminate all occurrences of
space compressing the plaintext before
encipherment. The text can then be divided into
fixed-length groups of letters (the use of
nulls may be necessary). - Another possibility is to treat space as just
another symbol extending the plaintext and
ciphertext alphabets.
ORIGINAL PLAINTEXT HERE BE DRAGONS
MODIFIED PLAINTEXT HEREB EDRAG ONSXX (Xnull)
ciphertext KHUKE HGUDJ RQSAA
ORIGINAL PLAINTEXT HERE BE DRAGONS
ciphertext IFSFACFAESBHPOT
19References
- In print
- Fundamentals of Secure Computer Systems, Brett
Tjaden. Franklin, Beedle Associates, 2003. - Applied Cryptography, Bruce Schneier. Wiley,
1996. - Practical Cryptography, Bruce Schneier and Neils
Ferguson. Wiley, 2002. - Cryptanalysis, Helen Fouché Gaines. Dover
Publications, Inc., 1939. - The Code Book, Simon Singh.
- Security Engineering, Ross Anderson.
- Online
- http//www.wiretapp.net