CRYPTOGRAPHY - PowerPoint PPT Presentation

About This Presentation
Title:

CRYPTOGRAPHY

Description:

Title: PowerPoint Presentation Last modified by: Mihir Created Date: 1/1/1601 12:00:00 AM Document presentation format: On-screen Show Other titles – PowerPoint PPT presentation

Number of Views:53
Avg rating:3.0/5.0
Slides: 46
Provided by: 123semina
Category:

less

Transcript and Presenter's Notes

Title: CRYPTOGRAPHY


1
CRYPTOGRAPHY
  • Presented by
  • Debi Prasad Mishra
  • Institute of Technical Education Reaserch
  • Electronics Telecommunication Engineering
  • Section - A
  • 7th Semester
  • Regd. No. - 0301212148

2
Talk Flow
  • Terminology
  • Secret-key cryptographic system
  • Block cipher
  • Stream cipher
  • Requirement of secrecy
  • Information theoretic approach
  • Perfect security
  • Diffusion and confusion
  • Practicability of cipher
  • Substitution cipher
  • Transposition cipher
  • Data Encryption Standard (DES) algorithm
  • Public-key cryptographic system
  • Diffie-Hellman key distribution
  • Rivest-Shamir-Adleman (RSA) algorithm
  • Digital Signature A hybrid approach

3
  • Cryptology is the term used to describe the
    science of secret communication.
  • Derived from Greek words kryptos (hidden) logos
    (word).
  • Divided into two parts.
  • Cryptography- transforms message into coded
    form and recovers the original signal.
  • Cryptanalysis- deals in how to undo
    cryptographic communication by breaking coded
    signals tht may be accepted as genuine.

4
Terminology
  • Plaintext- The original message to be encoded
  • Enciphering or Encryption- The process of
    encoding
  • Ciphertext or Cryptogram- The result produced
    by encryption
  • Cipher- The set of data transmission used to do
    encryption
  • Key- parameters of transformation

5
Services offered by Cryptography
  • Secrecy, which refers to the denial of access to
    information by unauthorised users
  • Authenticity, which refers to the validation of
    the source of message
  • Integrity, which refers to the assurance that a
    message was not modified by accidental or
    deliberate means in transit

6
  • A conventional Cryptographic system relies on use
    of a single piece of private and necessarily
    secret key.
  • Key is known to sender receiver, but to no
    others.
  • Each user is provided with key material of ones
    own with a private component a public
    component
  • The private component must be kept secret for
    secure communication.

7
Secret-key Cryptography
Let X -gt Plaintext message Y -gt Cryptogram
Z -gt Key F -gtInvertible transformation
producing the cryptogram Y F (X, Z) FZ (X) Let
F-1 -gtInverse transform of F to recover original
message F-1 (Y, Z) Fz-1 (Y) FZ-1 (FZ (X))
X
8
Secret-key Cryptographycontinued
Here Y -gtfraudulent message modified by an
interceptor or eavesdropper
9
Block Ciphers
  • Block ciphers are normally designed in such a way
    that a small change in an input block of
    plaintext produces a major change in the
    resulting output.
  • This error propagation property of block ciphers
    is valuable in authentication in that it makes it
    improbable for an enemy cryptanalyst to modify
    encrypted data, unless knowledge of key is
    available.

10
Stream ciphers
  • Whereas block ciphers operate on large data on a
    block-by-block basis, stream ciphers operate on
    individual bits.

Let xn -gt Plaintext bit y -gtciphertext bit z
-gtkeystream bit at nth instant For encryption
yn xn zn, n1, 2, , N For decryption
xn yn zn, n1, 2, , N
11
Stream ciphers
continued
  • A binary additive stream cipher has no error
    propagation the decryption of a distorted bit in
    the ciphertext affects only the corresponding
    bits of the resulting output.
  • Stream ciphers are generally better suited for
    secure transmission of data over error prone
    communication channels they are used in
    application where high data rates are a
    requirement (as in secure video) or when a
    minimal transmission delay is essential.

12
Requirement of Secrecy
  • ASSUMPTION-
  • An enemy cryptanalyst has
    knowledge of the entire mechanism used
    to perform encryption, except for the secret key.

13
Requirement of Secrecy
continued
  • Attacks employed by enemy cryptanalyst
  • Ciphertext-only attack
  • Access to part or all of the ciphertext
  • Known-plaintext attack
  • Knowledge of some ciphertext-plaintext pairs
    formed with the actual secret key
  • Chosen-plaintext attack
  • Submit any chosen plaintext message and receive
    in return the correct ciphertext for the actual
    secret key.
  • Chosen-ciphertext attack
  • Choose an arbitrary ciphertext and find the
    correct result for its decryption.

14
Information theoretic approach
  • In Shannon model of cryptography (published in
    Shannons 1949 landmark paper on
    information-theoretic approach to secrecy
    systems)
  • ASSUMPTION-
  • Enemy cryptanalyst has unlimited time computing
    power.
  • But the enemy is presumably restricted to
    ciphertext-only attack.
  • The secrecy of the system is said to be broken
    when decryption is performed successfully,
    obtaining a unique solution to the cryptogram

15
Information theoretic approach
(continued)
  • Let X X1, X2, , XN -gtN-bit plaintext
    message,
  • Y Y1, Y2, ,YN -gtN-bit cryptogram
  • Secret key Z is assumed to be determined by
    some probability distribution
  • Let H (X) -gtuncertainty about x
  • H (X Y) -gtuncertainty about X given
    knowledge of Y
  • Now, mutual information between X Y,

I (XY) H (X) H(X Y)
represents a basic measure of security in the
Shannon model.
16
Perfect Security
  • Assuming that an enemy cryptanalyst can observe
    only the cryptogram Y, for perfect security X Y
    should be statistically independent.
  • I (XY)0 gtH (X) H (XY)
    .......(1)
  • Given the secret key Z H (XY) H (X ZY)

  • H (ZY) H (XY,Z) (2)
  • H(XY,Z)0 iff Y Z together uniquely
    determine X
  • Equation 2 can be rewritten as H(XY)
    H(ZY)

  • H(Z) (3)
  • With equation 3 equation 1 becomes
  • H(Z) H(X)
    ..(4)
  • Is called Shannons fundamental bound for perfect
    security.

Result The key must be at least as long as the
plaintext.
17
Diffusion Confusion
  • In diffusion, statistical nature of the plaintext
    is hidden by spreading out the influence of
    single bit in plaintext over large number of bits
    in ciphertext.
  • In confusion, the data transformations are
    designed to complicate the determination of the
    way in which the statistics of ciphertext depend
    on that of the plaintext.

Practicability of Cipher
  • For a cipher to be of practical value
  • It must be difficult to be broken by enemy
    cryptanalyst.
  • It must be easy to encrypt decrypt with
    knowledge of secret key.

18
Substitution cipher
Each letter of plaintext is replaced by a fixed
substitute. For plaintext X x1,x2,x3,x4,)
ciphertext Y y1,y2,y3,y4,,)
f(x1),f(x2),f(x3),f(x4),.
19
Transposition cipher
  • The plaintext is divided into groups of fixed
    period d the same permutation is applied to
    each group.
  • The particular permutation rule being determined
    by the secret key.

20
Data Encryption Standard(DES)
  • It is the most widely used secret-key
    cryptalgorithm.
  • It operates on 64-bit plaintext and uses 56-bit
    key.
  • The overall procedure can be given as
  • P-1FP(X)
  • where, X-gtplaintext
  • P-gtcertain permutation
  • F-gtcertain transposition
    substitution
  • F is obtained by cascading a certain function
    f, with each stage of cascade referred as around.
  • There are 16 rounds employed here.

21
How DES works?
  • DES operates on 64-bit of data. Each block of 64
    bits is divided into two blocks of 32 bits each,
    a left half block L and a right half R.
  • M 0123456789ABCDEF
  • M 0000 0001 0010 0011 0100 0101 0110 0111
    1000 1001 1010 1011 1100
    1101 1110 1111
  • L 0000 0001 0010 0011 0100 0101 0110 0111
  • R 1000 1001 1010 1011 1100 1101 1110 1111

22
Key Computation
  • The 64-bit key is permuted according to the
    following table 56-bit key is calculated from
    it.


LET K 00010011 00110100 01010111 01111001
10011011 10111100 11011111 11110001 The 56-bit
permutation K 1111000 0110011 0010101
0101111 0101010 1011001 1001111
0001111 From the permuted key K, we get C0
1111000 0110011 0010101 0101111 D0 0101010
1011001 1001111 0001111
57 49 41 33 25 17 9
1 58 50 42 34 26 18
10 2 59 51 43 25 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4
23
Key Computation continued
  • With C0 and D0 defined, we now create sixteen
    blocks Cn and Dn, 1ltnlt16. Each pair of blocks
    Cn and Dn is formed from the previous pair Cn-1
    and Dn-1, respectively, for n 1, 2, ..., 16,
    using the following schedule of "left shifts" of
    the previous block.

Iteration Number 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Number of Left Shifts 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
C0 1111000011001100101010101111D0
0101010101100110011110001111 C1
1110000110011001010101011111D1
1010101011001100111100011110 C2
1100001100110010101010111111D2
0101010110011001111000111101 and so on
upto C16 D16.
24
Key Computation continued
  • We now form the keys Kn, for 1ltnlt16, by
    applying the following permutation table to each
    of the concatenated pairs CnDn.

C1D1 1110000 1100110 0101010 1011111
1010101 0110011 0011110 0011110 K1 000110
110000 001011 101111 111111 000111 000001
110010 Similarly, K2 011110 011010 111011
011001 110110 111100 100111 100101 K3
010101 011111 110010 001010 010000 101100
111110 011001 and so on upto K16.
14 17 11 24 1 5
3 28 15 6 21 10
23 19 12 4 26 8
16 7 27 20 13 2
41 52 31 37 47 55
30 40 51 45 33 48
44 49 39 56 34 53
46 42 50 36 29 32
Thus the 16, 48-bit subkeys are obtained.
25
Encoding Data
  • There is an initial permutation, IP of the 64
    bits of the message data, M. This rearranges the
    bits according to the following table.

58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7
M 0000 0001 0010 0011 0100 0101 0110 0111
1000 1001 1010 1011 1100 1101 1110 1111 IP
1100 1100 0000 0000 1100 1100 1111 1111
1111 0000 1010 1010 1111 0000 1010 1010
  • Next divide the permuted block IP into a left
    half L0 of 32 bits, and a
  • right half R0 of 32bits.
  • L0 1100 1100 0000 0000 1100 1100 1111 1111
  • R0 1111 0000 1010 1010 1111 0000 1010 1010

26
Encoding Data
continued
  • We now proceed through 16 iterations, for
    1ltnlt16, using a function, f which operates on
    two blocks - a data block of 32 bits and a key Kn
    of 48 bits - to produce a block of 32 bits.

Ln Rn-1 Rn Ln-1 f(Rn-1, Kn)
For n 1, we have K1 000110
110000 001011 101111 111111 000111 000001 110010
L1 R0 1111 0000 1010 1010 1111
0000 1010 1010 R1 L0 f(R0, K1)
  • It remains to explain how the function f works.

27
Encoding Data
continued
  • To calculate f, we first expand each block Rn-1
    from 32 bits to 48 bits.
  • This is done by using a selection table called
    E-table that repeats some of the bits in Rn-1 .

E-table
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1
We calculate E(R0) from R0 as follows R0
1111 0000 1010 1010
1111 0000 1010 1010 E(R0) 011110
100001 010101 010101 011110 100001
010101 010101
28
Encoding Data
continued
  • Next in the f calculation, we XOR the output
    E(Rn-1) with the key Kn
  • For K1 , E(R0), we have
  • K1 000110 110000 001011 101111
    111111 000111 000001 110010
  • E(R0) 011110 100001 010101 010101
    011110 100001 010101 010101
  • K1E(R0) 011000 010001 011110 111010 100001
    100110 010100 100111
  • We now use each group of six bits as addresses in
    tables called "S boxes".
  • Each group of six bits will give us an address in
    a different S box. Located at that address will
    be a 4 bit number.
  • This 4 bit number will replace the original 6
    bits.
  • The net result is that the eight groups of 6 bits
    are transformed into eight groups of 4 bits (the
    4-bit outputs from the S boxes) for 32 bits
    total.

Kn E(Rn-1)
29
Encoding Data
continued
S1 Box
Column number
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
0 14 4 13 1 3 15 11 8 3 10 6 12 5 9 0 7
1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
R o w n u m b e r
Here S1(011011) 0101 Similarly, there exists
S1, S2,, S8
For the first round, we obtain as the output of
the eight S boxes K1 E(R0) 011000 010001
011110 111010 100001 100110 010100 100111.
S 0101 1100 1000 0010
1011 0101 1001 0111
30
Encoding Data
continued
  • The final stage in the calculation of f is to do
    a permutation P of the S-box output to obtain the
    final value of f
  • The permutation P is defined in the following
    table. P yields a 32-bit output from a 32-bit
    input by permuting the bits of the input block.

f P(S)
P
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
From S 0101 1100 1000 0010 1011 0101 1001
0111 f 0010 0011 0100 1010 1010 1001 1011 1011

31
Encoding Data
continued
  • R1 L0 f(R0, K1)
  • Proceeding like this we obtain L1R1, L2R2,,
    L16R16.
  • At the end of the sixteenth round we have the
    blocks L16 and R16. We then reverse the order of
    the two blocks into the 64-bit block R16L16 and
    apply a permutation IP-1.

1100 1100 0000 0000 1100 1100 1111 1111
0010 0011 0100 1010 1010 1001 1011 1011 1110
1111 0100 1010 0110 0101 0100 0100

32
Encoding Data
continued
IP-1
LET R16L16 00001010 01001100 11011001 10010101
01000011 01000010 00110010 00110100 IP-1
10000101 11101000 00010011 01010100 00001111
00001010 10110100 00000101 which in hexadecimal
format is 85E813540F0AB405.
40 8 48 16 56 24 64 32
39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30
37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28
35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26
33 1 41 9 49 17 57 25
Thus the encrypted form of M 0123456789ABCDEF
namely, C 85E813540F0AB405
33
Decryption
  • Decryption is simply the inverse of
    encryption, following the same steps as above,
    but reversing the order in which the subkeys are
    applied.

34
Disadvantages ofSecret-key Cryptography
  • Use of physical secure channel
  • Courier service or registered mail for key
    distribution is costly, inconvenient slow
  • Requirement of large network
  • For n user channels required n(n-1)/2
  • This large network leads to use of insecure
    channel for key distribution secure message
    transmission.

35
Public-key Cryptography
  • It contains two components.
  • Private component, known to the authorised user
    only
  • Public component, visible to everybody
  • Each pair of keys must have two basic properties.
  • Whatever message encrypted with one of the keys
    can be decrypted by the other key.
  • Given knowledge of the public key, it is
    computationally infeasible to compute the private
    key.
  • The key management here helps in development of
    large network.

36
Diffie-Hellman Public-key Distribution
  • It uses the concept that, it is easy to calculate
    the discrete exponential but difficult to
    calculate discrete logarithm.
  • Discrete exponential Y aX mod p, for 1 X
    p-1
  • Discrete logarithm X logaY mod p, for
    1 Yp-1
  • All users are assumed to know both a, p.
  • A user i, selects an independent random number
    Xi, uniformly from the set of integers 1, 2,,
    p that is kept private.
  • But the discrete exponential Yi aXi mod p is
    made public.

37
Diffie-Hellman Public-key Distribution
continued
  • Now, user I j want to communicate.
  • To proceed, user i fetches Yj from public
    directory uses the private Xi to compute
  • Kji (Yj)Xi mod p
  • (aXj)Xi mod p
  • aXjXi mod p
  • In a similar way, user j computes Kij. But we
    have
  • Kij Kji
  • For an eavesdropper must compute Kji from Yi
    Yj applying the formula
  • Kji (Yj)log Yi mod p
  • Since it involves discrete logarithm not easy to
    calculate.

38
Rivest-Shamir-Adleman(RSA) System
  • It is a block cipher based upon the
    fact that finding a random prime number of large
    size (e.g., 100 digit) is computationally easy,
    but factoring the product of two such numbers is
    considered computationally infeasible.

39
RSA algorithm
Encryption C Pe n Decryption P Cd n x
y means the remainder of x divided by y
  • Key Generation
  • Generate two large prime numbers, p and q
  • Let n pq
  • Let m (p-1)(q-1)
  • Choose a small number e, coprime to m
  • Find d, such that de m 1

To be secure, very large numbers must be
used for p and q - 100 decimal digits at the very
least.
Publish e and n as the public key. Keep d and n
as the secret key.
40
RSA An Illustration
  • Generate two large prime numbers, p and q
  • To make the example easy to follow I am going to
    use small numbers, but this is not secure.
  • Lets have p 7q19
  • Let n pq 7 19 133
  • Let m (p - 1)(q - 1) (7 - 1)(19 - 1) 6
    18 108
  • 4) Choose a small number, e coprime to m
  • e 2 gt gcd(e, 108) 2 (no) e 3
    gt gcd(e, 108) 3 (no)e 4 gt gcd(e, 108) 4
    (no) e 5 gt gcd(e, 108) 1 (yes!)
  • Find d, such that de m 1
  • n 0 gt d 1 / 5 (no) n 1 gt
    d 109 / 5 (no)n 2 gt d 217 / 5 (no)
    n 3 gt d 325 / 5  65 (yes!)

41
RSA An Illustration
continued
  • Public Key n 133 e 5
  • Secret Key n 133 d 65
  • Encryption
  • lets use the message "6" .
  • C Pe n 65 133 7776 133 62
  • Decryption
  • P Cd n 6265 133 6

42
Digital Signature A hybrid
approach
  • The most useful requirements for a digital
    signature is authenticity and secrecy.
  • RSA provide an effective method for key
    management, but they are inefficient for bulk
    encryption of data.
  • DES provide better throughput, but require key
    management.
  • So, a combinational approach can be considered
    for practical usability, e.g., RSA may be used
    for authentication and DES used for encryption.

43
Reference
  • Simon Haykin, Communication Systems, 4th ed. (New
    York John
  • Wiley Sons, 2004)
  • Martin A. Hellman, An overview of public key
    cryptography, IEEE
  • communications magazine, vol.
    16, no. 6, November 1978.
  • C. E. Shannon, A mathematical theory of
    communication, Bell
  • system technical journal, p.
    623, July 1948.
  • Gary C. Kessler, An overview of cryptography,
    May 1998
  • edited version of Handbook on Local
    Area Networks
  • (Auerbach, September 1998)
  • http//orlingrabbe.com/
  • www.rsasecurity.com
  • www.wikipedia.com
  • www.bambooweb.com

44
QUERIES???
45
THANK YOU
Write a Comment
User Comments (0)
About PowerShow.com