Fundamentals of Computer Security

1
Fundamentals of Computer Security

• Elementary Cryptology

2
Cryptography in Context

• The good news
• Cryptography is powerful.
• Cryptography is the easy part.
• The bad news
• Cryptography is not enough.
• Cryptography is very hard.

Our goal in this class is not to become experts
in cryptography, but to become well-informed
users of this technology.
3
The Role of Cryptographyin Communications

• Confidentiality Only authorized parties can read
  the message.
• Authentication The identity of the sender of a
  message can always be ascertained.
• Integrity The receiver can easily determine that
  the message has or hasnt been tampered with.
• Nonrepudiation The sender cannot deny having
  sent a message.

4
Cryptology
encryption key
decryption key
Cryptography
encryption algorithm
decryption algorithm
ciphertext
Cryptanalysis
plaintext
plaintext
plaintext
5
Algorithms or Ciphers

• Concealment Hide a message in another piece of
  data.
• Substitution Change the symbols used to write
  the message.
• Transposition Scramble the symbols used to write
  the message.

6
Concealment CiphersorSteganography
Steganograpy (covered writing), null cipher,
open-letter cipher, conventional writing,
dissimulated writing, etc.
7
Concealment Ciphers

• A message is embedded (hidden) within a seemingly
  inocuous piece of information

A treatise to analyze campus knowledge of
undergraduate tenants portrays outright sympathy
totally aimed toward negligent idiots
notwithstanding elegant amoral mentalities.
8
Concealment Ciphers

• A message is embedded (hidden) within a seemingly
  inocuous piece of information

A treatise to analyze campus knowledge of
undergraduate tenants portrays outright sympathy
totally aimed toward negligent idiots
notwithstanding elegant amoral mentalities.
attack outpost at nine am
9
Lord Bacons Cipher

• Hold OFf uNtIl you hEar frOm mE agAin. wE May
  cOMpROmIse.

HoldO FfuNt Ilyou hEarf rOmmE agAin wEMay cOMpR
OmIse
baaab baaba baaaa abaaa abaab aabaa abbaa abbab
babaa
The message could be concealed in markings on a
piece of candy, on the palings of a picket fence,
on the arrangement of a deck of cards, on
published text with slightly different fonts,
etc.
Bacons Bi-literal Alphabet
strike now
10
A Steganographic Paradigm
secret
embedding algorithm
extraction algorithm
open message with embedded secret
secret
open message
11
Embedding Messages in Images
Steganogram 47K bytes Message 6.46K bytes
Original image 47K bytes

• Detecting that an image has an embedded message
  visually is nearly impossible.
• Checking the size of the image doesnt help.
• The only hope seems to lie in deep, thorough
  mathematical analysis.

Source Model Based Steganography, Phil Salee, UC
Davis.
12
Breaking Concealment Ciphers

• These ciphers depend on the belief that they
  wont be identified in a steganogram. One looks
  for embedded messages in data depending on the
  level of caution that is warranted.
• At times, the steganogram may be enciphered using
  transposition or substitution to further confuse
  the reader. In the event the reader can break the
  first cipher and read the steganogram, s/he may
  think that the secret has been solved.

13
Substitution Ciphers
14
The Additive Cipher(Caesar Cipher Shift Cipher
with key3)
The key value determines a shift in the cipher
text alphabet. Example
PLAINTEXT
ciphertext (key3)
PLAINTEXT HERE BE DRAGONS.
ciphertext khuh eh gudjrqs.
POSSIBLE KEY VALUES 26. WEAK KEY key0.
15
The Additive Cipher(Caesar Cipher Shift Cipher
with key3)
The key value determines a shift in the cipher
text alphabet.
Algorithm for each letter P in the plaintext,
compute a corresponding letter C of the
ciphertext using the equation below.
16
The Multiplicative Cipher
Algorithm for each letter P in the plaintext,
compute a corresponding letter C of the
ciphertext using the equation below.
Caution we have to be careful with the choice of
k!
PLAINTEXT
ciphertext (key13)
PLAINTEXT
ciphertext (key2)
17
The Affine Cipher
Algorithm for each letter P in the plaintext,
compute a corresponding letter C of the
ciphertext using the equation below.
Caution we still have to be careful with the
choice of k!
PLAINTEXT
ciphertext (key m5, a8)
18
Hardening Text Ciphers

• Consider the occurrence of space in the
  plaintext. One can eliminate all occurrences of
  space compressing the plaintext before
  encipherment. The text can then be divided into
  fixed-length groups of letters (the use of
  nulls may be necessary).
• Another possibility is to treat space as just
  another symbol extending the plaintext and
  ciphertext alphabets.

ORIGINAL PLAINTEXT HERE BE DRAGONS
MODIFIED PLAINTEXT HEREB EDRAG ONSXX (Xnull)
ciphertext KHUKE HGUDJ RQSAA
ORIGINAL PLAINTEXT HERE BE DRAGONS
ciphertext IFSFACFAESBHPOT
19
References

• In print
• Fundamentals of Secure Computer Systems, Brett
  Tjaden. Franklin, Beedle Associates, 2003.
• Applied Cryptography, Bruce Schneier. Wiley,
  1996.
• Practical Cryptography, Bruce Schneier and Neils
  Ferguson. Wiley, 2002.
• Cryptanalysis, Helen Fouché Gaines. Dover
  Publications, Inc., 1939.
• The Code Book, Simon Singh.
• Security Engineering, Ross Anderson.
• Online
• http//www.wiretapp.net