Introduction to Cryptography - PowerPoint PPT Presentation

1 / 55
About This Presentation
Title:

Introduction to Cryptography

Description:

The process of turning ciphertext back into plaintext -- or recovering ... stream of bits, a text file, a bitmap, a stream of digitised voice, a digital video. ... – PowerPoint PPT presentation

Number of Views:88
Avg rating:3.0/5.0
Slides: 56
Provided by: suneepongp
Category:

less

Transcript and Presenter's Notes

Title: Introduction to Cryptography


1
  • Introduction to Cryptography

2
Structure of Presentation
  • Terminology
  • Properties of Messages (sent between the sender
    and receiver)
  • Cryptographic Algorithms
  • Restricted Cryptographic Algorithms
  • Modern Cryptographic Algorithms
  • Cryptanalysis

3
Structure of Presentation
  • Security of Algorithms
  • Complexity of An Attack
  • Steganography
  • Cipher (Algorithm) Types
  • Substitution Ciphers and
  • Transposition (Shuffling) Ciphers
  • Well-Known Cryptographic Algorithms

4
Terminology
  • Sender and Receiver
  • A sender who wants to send a message to a
    receiver.
  • Messages
  • A message plaintext (or cleartext).

5
Terminology
  • Encryption
  • The process of disguising a message to hide its
    substance (content).
  • Ciphertext
  • An encrypted message.

6
Terminology
  • Decryption
  • The process of turning ciphertext back into
    plaintext -- or recovering the plaintext.

Original Plaintext
Plaintext
Ciphertext
Encryption
Decryption
Encryption and Decryption Process
7
Terminology
  • Cryptography
  • The art and science of keeping messages secure.
  • Cryptographers
  • Persons who apply cryptography.

8
Terminology
  • Cryptanalysis
  • The art and science of breaking ciphertext.
  • Cryptanalysts
  • Persons who apply cryptanalysis.

9
Terminology
  • Cryptology
  • A branch of mathematics consisting of both
    cryptography and cryptanalysis.
  • Cryptologists
  • Persons who apply cryptology.

10
Notations
  • M plaintext,
  • Plaintext can be a stream of bits, a text file, a
    bitmap, a stream of digitised voice, a digital
    video.
  • C ciphertext.

11
Notations
  • E(M) C,
  • where E is the encryption function, operating on
    M to produce the ciphertext C.
  • D(C) M, (inversion function)
  • where D is the decryption function.

12
3 Properties of Messages
  • Authentication
  • The receiver is able to ascertain where the
    message really comes from.
  • Integrity
  • The receiver is able to verify that the message
    has not been modified or tampered.
  • Nonrepudiation
  • The sender should not be able to deny that s/he
    does not send this message.

13
Cryptographic Algorithms
  • Cryptographic algorithms (or ciphers)
  • The mathematical function for encryption and
    decryption.
  • One is for encryption and the other is for
    decryption.

14
Restricted Cryptographic Algorithms (old time)
  • Restricted cryptographic algorithms
  • Keep the specific way that algorithm works a
    secret. (old time algorithms)
  • Disadvantages of restricted algorithms
  • If used in a user group and one happens to reveal
    the secret of the algorithm, everyone else must
    change this algorithm.
  • No quality control or standardisation. Every
    group must have their own secret algorithm.

15
Modern Cryptographic Algorithms (single/symmetric
key)
  • Have a key K which can be one of the values in a
    keyspace so the functions are
  • E-k (M) C, D-k (C) M

Key K
Original Plaintext
Key K
Plaintext
Ciphertext
Encryption
Decryption
Encryption and Decryption with a Key
16
Modern Cryptographic Algorithms (asymmetric keys)
  • Have an encryption key K-1 and a decryption key
    K-2 in a keyspace so the functions become
  • E-k-1 (M) C, D-k-2 (C) M

Key K-2
Original Plaintext
Key K-1
Plaintext
Ciphertext
Encryption
Decryption
Encryption and Decryption with Two Keys
17
Features of Modern Cryptographic Algorithms
  • Modern algorithms are based on keys, not the
    confidential details of a specific algorithm.
  • The algorithm is thus publishable and analysable.
  • The algorithm can be used with mass-produced
    products. (safe enough)
  • The algorithm doesnt care whether eavesdroppers
    will know its details and implementation.

18
Symmetrical Algorithms
  • They are conventional algorithms
  • The decryption key is the same as the encryption
    key.
  • The symmetrical algorithms are also called
    secret-key, single-key, one-key algorithms.
  • The sender and receiver agree on an identical
    key. The key must remain secret.
  • E-k (M) C, D-k (C) M

19
Symmetrical Algorithms
  • There are 2 categories of these algorithms
  • Stream algorithms (ciphers)
  • Operate on the plaintext in a single bit (or
    byte) at a time - bit by bit.
  • Block algorithms (ciphers)
  • Operate on the plaintext in groups of bits at a
    time.
  • The typical block size is 64 bits.

20
Public-Key (PK) Algorithms
  • These algorithms are also called asymmetric
    algorithms.
  • The encryption and decryption keys are different.

21
Public-Key (PK) Algorithms
  • They are called so because the encryption key can
    be made public and given to peers and only a
    specific person with its decryption key can
    decrypt the message.
  • By these algorithms, the encryption key held by
    peers is often called public key and the
    decryption key is often called private/secret key.

22
Digital Signature Use withPK Algorithms
  • Sometimes, messages will be encrypted (signed)
    with the private key and decrypted (verified) by
    peers with its public key.

23
Cryptanalysis
  • The aim of cryptography is to keep the plaintext
    or the key, or both secret from
  • eavesdroppers, adversaries, attackers,
    interceptors, interlopers, intruders, opponents,
    or simply enemies.
  • Cryptanalysis the science of recovering the
    plaintext without access to (or knowing) the key.
  • Successful cryptanalysis may recover both the
    plaintext and key.

24
Cryptanalysis Assumption
  • Related terms
  • An attempted cryptanalysis is called an attack.
  • The loss of a key through noncryptanalytic means
    is called a compromise.
  • Assumption
  • Cryptanalysts have complete details of the
    cryptographic algorithm and its implementation.

25
Cryptanalytic Attacks
  • Ciphertext-only attack
  • Cryptanalysts have access to
  • the ciphertext of many messages which have been
    encrypted by the same encryption algorithm.
  • Their job is
  • to recover the plaintext of those encrypted
    messages and/or
  • even deduce the key(s) used to encrypt the
    messages.

26
Cryptanalytic Attacks
  • Known-plaintext attack (more knowledge)
  • Cryptanalysts have access to
  • the ciphertext of many messages and
  • the plaintext of those messages.
  • but dont know the pair of which ciphertext
    belongs to which plaintext.
  • Their job is to deduce
  • the key(s) used to encrypt those messages.
  • an algorithm to decrypt any new encrypted
    messages.

27
Cryptanalytic Attacks
  • Chosen-plaintext attack (even more knowledge)
  • Cryptanalysts have access to
  • the ciphertext of many messages and
  • the associated plaintext of those messages.
  • Thus they know the corresponding pairs of
    ciphertext and plaintext.
  • They also have ability/knowledge to select
    specific plaintext blocks to encrypt.
  • This is probably to make any fraudulent things on
    messages sent.

28
Cryptanalytic Attacks
  • Chosen-plaintext attack (even more knowledge)
  • Their job is to deduce
  • the key(s) used to encrypt those messages and
  • an algorithm to decrypt any new encrypted
    messages.

29
Cryptanalytic Attacks
  • Chosen-ciphertext attack
  • Cryptanalysts have access to their decrypted
    plaintexts.
  • Thus they know the corresponding pairs of
    ciphertext and plaintext.
  • E.g., they have access to the tamperproof box
    that does automatic decryption.
  • They can choose different ciphertexts to be
    decrypted (I dont know the rationale in doing
    this).

30
Cryptanalytic Attacks
  • Chosen-ciphertext attack
  • Their job is to deduce
  • the keys used to encrypt those messages.

31
Cryptanalytic Attacks
  • Chosen-key attack
  • Cryptanalysts have some knowledge about the
    relationship between different keys.
  • This approach is obscure in reason and not very
    practical.

32
Cryptanalytic Attacks
  • Rubber-hose attack
  • Cryptanalysts threaten, blackmail, or torture
    someone until they give him the key.
  • Purchase-key attack
  • E.g., bribe authorised people to get the key.
  • The two are very powerful attacks and often the
    best way to break an algorithm.

33
Security of Algorithms
  • Different algorithms have different degrees of
    security.
  • You are probably safe when
  • the cost required to break an algorithm is higher
    than the value of the encrypted data.
  • the time required to break an algorithm is longer
    than the time the encrypted data must remain
    secret.
  • the amount of data encrypted with a key is less
    than the amount of data necessary to break the
    algorithm.

34
Security of Algorithms (ease in breaking an
algorithm)
  • Degrees of ease in breaking an algorithm in
    decreasing order.
  • 1. Total break (easiest)
  • A cryptanalyst finds the key to decrypt the
    message.
  • 2. Global deduction (harder to achieve)
  • A cryptanalyst finds an alternate algorithm
    equivalent to D-k (C) without knowing the key K.

35
Security of Algorithms
  • 3. Instance (or local) deduction
  • A cryptanalyst finds the plaintext of an
    intercepted ciphertext.
  • 4. Information deduction (hardest to achieve)
  • A cryptanalyst gains some information about the
    key or plaintext.
  • This gained information could be
  • a few bits of the key, or
  • some information about the form of the plaintext.

36
Security of Algorithms
  • An algorithm is unconditionally secure.
  • If no matter how much ciphertext a cryptanalyst
    has, there is not enough information to recover
    the plaintext.
  • Breaking an algorithm may employ a brute-force
    attack
  • Try every possible key one by one, and
  • Check whether the resulting plaintext is
    meaningful.

37
Security of Algorithms
  • An algorithm is computationally secure or strong.
  • It is computationally infeasible to break it.
  • That is, it cant be broken with any available
    resources either now or in the future.

38
Complexity of An Attack
  • Data complexity
  • the amount of data needed as input to an attack.
  • Processing (work factor) complexity
  • the time needed to perform an attack.
  • Storage requirements
  • the amount of memory needed to perform an attack.
  • Rule of thumb
  • the complexity of an attack is taken to be the
    minimum of those three factors.

39
Steganography
  • This is to hide secret messages in something
    else, e.g., other messages.
  • Traditional ways of steganography
  • invisible ink,
  • a message hidden in a specific page of a book.

40
Steganography
  • More recent ways (which appear in public domain
    software)
  • Hide secret messages in graphic images by
    replacing the least significant bit of each byte
    of the image with the bits of the message.
  • Strip those bits out and combine them to form the
    message at the destination.
  • The blended image wont change appreciably.

41
Cipher Types
  • In old times, cryptography is character-based.
  • Its fundamental technique to scramble messages is
    either
  • substitute characters for one another,
  • transpose (shuffle) them with one another, or
  • do both. (Many times do either of the two above.)

42
Cipher Types
  • Cryptography nowadays works on bits, instead of
    characters but still use substitution and
    transposition to scramble messages.
  • However, substitution is far more common than
    transposition.

43
Substitution Ciphers
  • Each character in the plaintext is substituted
    with another.
  • The receiver then inverts the substitution on the
    ciphertext to recover the plaintext.
  • There are 4 types of substitution ciphers
  • Simple substitution (monoalphabetic) ciphers,
  • Homophonic substitution ciphers,
  • Polygram substitution ciphers, and
  • Polyalphabetic substitution ciphers.

44
Simple Substitution
  • Simple substitution (monoalphabetic) ciphers
  • They are one-to-one and thus easy to break.
  • Each character in the plaintext is replaced with
    a character that appears in the ciphertext.

45
Homophonic Substitution
  • Homophonic substitution ciphers
  • They are one-to-many and thus harder to break
    than simple substitution.
  • A single character can map to a number of
    characters, e.g.
  • A gt 5, 13, 25, 56
  • B gt 7, 19, 31, 42

46
Polygram Substitution
  • Polygram substitution ciphers
  • They are harder to break than simple
    substitution.
  • Characters are encrypted in groups (blocks),
    e.g.,
  • ABA gt RTQ,
  • ABB gt SLL.

47
Polyalphabetic Substitution
  • Polyalphabetic substitution ciphers
  • They are harder to break than simple
    substitution.
  • They combine a number of simple substitution
    ciphers to produce the ciphertext.

48
Simple Substitution Ciphers
  • Caesar cipher
  • Each character is replaced by
  • (the char shifted to the right three positions)
    mod 26.
  • A gt D, B gt E, , W gt Z,
  • X gt A, Y gt B, Z gt C.
  • ROT13
  • It is commonly used on UNIX systems.
  • Every letter is rotated (shifted) 13 positions.
  • A gt N, B gt O, and so on.

49
A Polyalphabetic Cypher (One Time Pads)
  • A perfect encryption scheme (unbreakable) called
    one-time pad is polyalphabetic.
  • A set of truly random key letters, written on a
    pad is created.
  • The sender uses each key letter in the pad to
    encrypt exactly one character in the plaintext.
  • The pad is used only one time. Any new message
    needed to send implies that a new pad is required.

50
One-Time Pads
  • The sender and receiver must have the same pad
    (key) and both destroy it when things are done.
    (a symmetric algorithm)
  • Example A message
  • O N E T I lt plaintext
  • Suppose that the key from a pad is
  • T B F R G lt pad
  • I P K L P lt ciphertext
  • This is done by applying (O T) mod 26 I, (N
    B) mod 26 P, (E F) mod 26 K, so on.

51
A Polyalphabetic Cypher (XOR)
  • Bit XOR operations are
  • 0 0 0
  • 0 1 1
  • 1 0 1
  • 1 1 0
  • The plaintext is XORed with a keyword (key) to
    generate the ciphertext.
  • XORing the ciphertext with the same keyword
    produces the original plaintext.
  • This is a symmetric algorithm, i.e., share the
    same key for encryption and decryption.

52
Transposition (Shuffling) Ciphers
  • The content of the plaintext remains the same but
    the order of characters in the plaintext is
    shuffled around, e.g.,
  • cdef gt dfed,
  • artg gt trga.

53
Transposition (Shuffling) Ciphers
  • Usually these cyphers require more memory than
    substitution to encrypt and decrypt messages.
  • A simple columnar transposition cipher is one of
    the kind.
  • Example Cleartext computergraphic
  • columnar text ciphertext
  • c o m p u
  • t e r g r gt ctaoepmrhpgiurc
  • a p h i c

54
Well-Known Cryptographic Algorithms
  • DES (Data Encryption Standard) is the most
    popular symmetric algorithm.
  • DES is a U.S. and international standard.

55
Well-Known Cryptographic Algorithms
  • RSA (named for its creator--Rivest, Shamir, and
    Adleman) is the most popular public-key (PK)
    algorithm.
  • It is asymmetric and used for both encryption and
    digital signatures.
  • DSA (Digital Signature Algorithm, used as part of
    the Digital Signature Standard) is another PK
    algorithm.
  • It is asymmetric and used only for digital
    signatures.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Introduction to Cryptography" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!