Modern Cryptography

1
Modern Cryptography
2
The Enigma Machine

• German encryption and decryption machine used in
  WWII
• Essentially a complex, automated substitution
  cipher

3
How did Enigma work?

• Rotors have different wiring connecting input to
  output
• Rotors move after each keypress
• The key is the initial position of the three
  rotors

4
Simplified Enigma
A c
B a
C c
D d
A b
B a
C d
D c
A d
B c
C a
D b
A a B b C c D d
A a B b C c D d
A a B b C c D d



A b
B c
C d
D a
A a B b C c D d
A a B b C c D d
A a B b C c D d
Every time a key is pressed the rotors spin, so
the overall substitution table changes

5
Breaking the Enigma

• Britain set up its cryptanalysis team in
  Bletchley Park
• They consistently broke German codes throughout
  the war
• Provided the intelligence codenamed ULTRA
• Important location in the history of computing
• Alan Turing
• COLOSSUS

6
Cryptography in the Computer Age

• Working with binary instead of letters
• We can do things many, many times
• Think of an Enigma machine that has 2128 pairs of
  symbols on each rotor, and 20 rotors
• Other than that, the basic principles are the
  same as classical cryptography

7
The XOR Operation

• eXclusive OR
• should we go left or right?
• Can do one or the other, but not both
• Useful in cryptography for mixing two binary
  strings together

a
b
a
b
0 0
0 1
1 0
1 1
0
1
1
0
8
Modern Ciphers

• We design one relatively simple scrambling method
  (called a round) and repeat it many times
• Think of each round as a rotor on the Enigma
• One round may be easy to break, but when you put
  them all together it becomes very hard
• Almost all ciphers follow one of two structures
• SPN (Substitution Permutation Network)
• Feistel Network
• These describe the basic structure of a round

9
One SPN Round
Input to the round
First, the input is XORed with the round subkey
Second, the input is split into pieces (usually
of one byte) and put through a substitution
Finally, the pieces are swapped around
Output from the round
And the output from this round becomes the input
to the next round
10
A Simple SPN Cipher
Plaintext Block
The overall plaintext is broken into blocks and
each block is encrypted with the cipher Typical
SPN ciphers will have 10-14 rounds Alice and Bob
only need one key, and the cipher will transform
that key into subkeys for each round To decrypt,
Alice just does everything in the reverse order
Roundkey 1
Round 1
Roundkey 2
Round 2
Roundkey 3
Round 3
Ciphertext Block
11
One Feistel Round
Input Left Half
Input Right Half
The input to the round is divided in half
Roundkey
The right half is put into a round function with
the roundkey
Round Function
The output of the round function is XORed with
the left half
The two halves switch sides to become the input
to the next round
Only the left half of the input has been modified
Output Left Half
Output Right Half
12
A Simple Feistel Cipher
Plaintext Block
Feistel ciphers need twice as many rounds as SPN
ciphers because only half of the input is being
encrypted each round
Roundkey 1
Round 1
Works the same as SPN ciphers in terms of
transforming one key into subkeys and splitting
the plaintext into blocks
Roundkey 2
Round 2
To decrypt, the ciphertext is sent through the
same cipher and the roundkeys are used in reverse
order
Roundkey 3
Round 3
Ciphertext Block
13
Modern Ciphers in Practice

• Follow SPN/Feistel structure in general, but with
  added twists for security
• There are two important ciphers in the history of
  modern cryptography
• DES (Data Encryption Standard)
• AES (Advanced Encryption Standard)

14
DES

• U.S. Government recognized the need to have a
  standardized cipher for secret documents
• DES was developed by IBM in 1976
• Feistel structure
• Key length of 56 bits, block size of 64 bits
• 16 rounds
• Analysis of DES was the beginning of modern
  cryptographic research

15
Controversy Surrounding DES

• Development process was hidden from public
• Suspicions that the government had put in a
  backdoor
• Government attempted to shut down research in
  cryptography

16
Breaking DES

• The key length of DES was too short
• If a key is 56 bits long, that means there are
  256 possible keys
• DES Cracker machines were designed to simply
  brute force all possible keys
• People began encrypting the plaintext multiple
  times with different keys in order to increase
  the number of keys that need to be checked

17
Breaking DES cont.

• DES was further weakened by the discovery of
  differential cryptanalysis
• Biham and Shamir in 1990
• The most significant advance in cryptanalysis
  since frequency analysis
• Ideally a ciphertext should be completely random,
  there should be no connection to its matching
  plaintext
• Differential analysis exploits the fact that this
  is never actually the case
• Uses patterns between plaintext and ciphertext to
  discover the key
• There is evidence that IBM knew about
  differential cryptanalysis back when they were
  designing DES in 1976

18
Developing the AES

• With DES effectively broken, a new standard was
  needed
• U.S. Government made it an open
  application/review process this time, and
  received many submissions
• In 2001, after five years, the Rijndael cipher
  was selected to become the Advanced Encryption
  Standard

19
AES (Rijndael)

• Developed by Vincent Rijmen and Joan Daemen
• SPN structure
• Block size of 128 bits
• Key size of 128, 192, or 256 bits
• 10, 12, or 14 rounds depending on the key size

20
Current attacks against AES

• On AES with 128-bit keys, a brute force attack
  would require 2128 work
• Any technique that can decrypt a ciphertext with
  less than 2128 work is considered an attack
• Currently the best attacks on AES use variations
  of differential cryptanalysis
• None of them could actually be completed before
  the sun burns out
• None of them work on the full number of rounds

21
The Problem of Symmetric Key Cryptography

• Up until now weve been talking about symmetric
  key cryptography
• Alice and Bob are using the same key to
  encrypt/decrypt
• Problem How does Bob get the key to Alice when
  Eve is eavesdropping?
• Up until 1976 the only solution was to physically
  give Alice the key in a secure environment

22
Public Key Cryptography

• Diffie and Hellman published a paper in 1976
  providing a solution
• We use one key for encryption (the public key),
  and a different key for decryption (the private
  key)
• Everyone knows Alices public key, so they can
  encrypt messages and send them to her
• But only Alice has the key to decrypt those
  messages
• No one can figure out Alices private key even if
  they know her public key

23
Using Public Keys
Nonsense
Decryption
Encryption
Ciphertext
Plaintext
Plaintext
24
Public Key Cryptography in Practice

• The problem is that public key algorithms are too
  slow to encrypt large messages
• Instead Bob uses public key algorithms to send
  Alice the symmetric key, and then uses symmetric
  key algorithms to send the message
• Bob and Alice have to be careful when sending
  these communications back and forth that Eve
  cant overhear anything that would allow her to
  decrypt the message

25
Sending a Message
Whats your public key?
Bob picks a symmetric key and encrypts it using
Alices public key
Alice decrypts the symmetric key using her
private key
Then sends the key to Alice
Bob encrypts his message using the symmetric key
Alice decrypts the message using the symmetric key
hi
Then sends the message to Alice
26
The RSA Public Key Cipher

• The most popular algorithm is RSA, developed in
  1977
• Named after its creators Rivest, Shamir, and
  Adleman
• Alice picks two large primes and finds their
  product
• She then uses this product to create the public
  and private keys
• She sends the product and the public key to Bob,
  who can use them to encrypt messages
• Even if Eve knows the product and the public key,
  she cant figure out the private key unless she
  can factor the product
• There is no known way to do this efficiently

27
Are we all secure now?

• Unfortunately not, there are still many problems
  that need to be dealt with
• How does Bob know that hes really talking to
  Alice?
• How does Alice know that the message she receives
  hasnt been tampered with?
• How does Alice know the message was sent by Bob?
• These are questions addressed by other areas of
  cryptography

28
The End