Outline

1
Outline

• Brief review
• Mainstream crypto-algorithms
• Symmetric encryption algorithms
• DES
• Asymmetric encryption algorithms
• RSA
• Merkle-Hellman
• Other crypto-related techniques
• Digital signature
• Digital certificate

2
Acknowledgements

• Charles Pfleedger
• E. Spafford
• William A. Stein
• FOLDOC
• Sunit Chauhan
• Jim Xu, et al.
• Shawn Hillis

3
Brief Review

• Basic Concepts
• Encryption
• Crypto-system
• Symmetric / asymmetric encryption
• Cryptographer / crypto-analyst
• Crypto-analysis
• Breakability

4
Brief Review contd

• Stream ciphers
• Substitution-based ciphers
• Mono-alphabetic ciphers Caesar cipher
• Poly-alphabetic ciphers multiple alphabets
• Strengths
• Simple
• Fast
• Low error propagation rate
• Weaknesses
• Sustainable to frequency-based attacks
• Sustainable to pattern-based attacks

5
Brief Review contd

• Block ciphers
• Transposition
• Columnar transposition
• Double transposition
• Fractionated transposition
• Strengths
• Good diffusion, immune to pattern-based attacks
• Weaknesses
• Slow
• Error propagation rate

6
Secure Encryption Systems

• Weaknesses of stream and block ciphers
• Can be manually broken, although tedious
• We will introduce
• some hard encryption algorithms
• Review 3 key, important encryption algs
• DES, RSA, M-H
• Look at cryptography related techniques

7
Sym vs Asym Encryption Algorithms

• Symmetric encryption algorithm
• Encryption key decryption key
• DES
• Asymmetric algorithms
• Encryption key ! decryption key
• Basis of public-key encryption algorithms
• RSA, M-H,

8
Data Encryption Standard (DES)

• Based on Shannons theory of information secrecy
• Confusion info is changed so that output bits
  have no obvious relation to input bits
• Diffusion spread the effect of one plaintext
  bits to other cipher-text bits.
• History of DES
• Developed by US govt for general public use (by
  National Institute of Standards and Technologies)
• Milestones 1972(CFP) - 1975(IBM) 1976(NIST)
  2001(AES)
• Cracked in 1999
• 56-bit key, Cracked in 22 hours 15 min (1999)
• Extensions of DES
• Triple-DES, length of key extends to 563
• AES, 128, 192, or 256-bit key (2001)

9
DES contd

• Overview of DES
• Repeats 16 cycles of
• substitution, for confusion
• transposition, for diffusion
• Splits data block into 2 pieces
• Scrambles each half independently
• Combines key with one half
• (key is transformed during each cycle)
• Swap 2 halves
• Repeat 16 times.

10
DES contd

• Overview of DES contd

substitution
transposition
16x
function F
initial phase
Plaintext(64bits)
inverse initial phase
Cipher-text
Shawn Hillis
11
DES contd
NPS.Navy
12
One Cycle in DES
Permuted Data
New Left Half (Old Right Half)
Pfleeger97
13
DES contd

• Evaluation
• Strengths include
• fast
• simple
• standard
• Weaknesses include
• weak keys, length of key is only 56bit
• number of iterations, only 16
• NSA involvement, trapdoor?

14
Public Key Systems (PKS)

• Traditional key system (symmetric enc system)
• Need a key for every pair of users
• N(N-1)/2 keys, grows exponentially with users
• Each user has to keep track of many keys
• Public key systems (asymmetric enc system)
• Each user only has 2 keys public and private key
• MD(kPRIV,E(kPUB,M))
• Solid mathematical basis one way functions
• E M x Ke -gt C and DE-1 C x Kd -gt M
• Easy for Kd-holders to compute D, while difficult
  for others
• May publish the public key freely
• others can ally encrypt mesgs for A with As
  public key

15
Some Hard theories

• Computational complexity
• Is number of steps or arithmetic operations
  required to solve a computational problem
• Polynomial time
• NP, Non-deterministic polynomial time
• NP-hard
• NP-complete
• Satisfaction problem
• Hamiltons problem
• Cryptographers try to
• find encryption algorithms that would require
  NP-complete algorithms to decrypt

16
Some Hard theories contd

• Basic number theory
• Prime factorization
• Primes
• 1p, pp, no other factors
• Euclids algorithm
• The unsolved prime factorization problem problem
• Is there an algorithm which can factor any
  k-digit number n so quickly that its running
  time is bound by a polynomial function of k
• Modular Arithmetic
• a b mod N iff N(a-b)
• Inverses

William A. Stein
17
Example PKS

• Rivest-Shamir-Adelman (RSA)
• Based on number theory
• Suspected to be NP-complete, not proven
• Merkle-Hellman
• Based on knapsack problem
• Proven to be NP-complete

18
RSA

• The most widely used enc and auth algorithm
• In IE, Netscape, Notes, SSH Secure Shell,
  Quicken, etc.
• Proposed in 1977 by
• Ronald L. Rivest, MIT, now in MIT
• Adi Shamir, MIT, now in Weizmann Institute
• Leonard Adleman, MIT, now in USC
• Now owned by RSA Security

19
RSA contd

• Based on prime factorization problem
• How RSA works
• Create public/private keys
• Pick large prime numbers p and q, let npq
• Let
• all the numbers that is co-prime with n form a
  group, and the size of that group is (p-1)(q-1)
• Select e, s.t.
• Solve equation, get d,
• Public key is (n,e), private key is (n,d)

William A. Stein
20
RSA contd

• How RSA works contd
• Encrypt/decrypt messages
• Encode a phrase into a number
• state 19 2027 1272 20273 5274
• E(x) xe (mod n)
• D(x) xd (mod n)
• Preposition n,d,e are integers, n is
  square-free, for each pn, p-1de-1, then, for
  all a, ade a mod n
• D(E(m)) (me mod n)d mod n med mod n
• m mod n m

William A. Stein
21
RSA contd

• Example
• Let p17, q19, n 323
• Let e 95
• Solve 95x1 mod 288, d191
• E(m) m95 mod n
• D(c) c191 mod n
• Suppose we have string x, which is 24
• E(x) E(24) 2495 mod 323 294
• D(294) 294191 mod 323 24 x

William A. Stein
22
RSA contd

• Why is it hard to break RSA?
• Keep secret, if you wanna get d, you have
  to factorized n into p and q
• RSA challenge
• http//www.rsasecurity.com/rsalabs/challenges/fact
  oring/numbers.html
• 8 challenges
• Problem 576 2048 digits
• Prizes 10k to 200k dollars

William A. Stein
23
RSA contd

• Evaluation
• Strengths
• Algorithm is simple and easy to implement
• Supported by RSA Security
• Weaknesses
• Problem not yet proved to be NP-Complete
• Slower than DES

24
Merkle-Hellman

• Knapsack problem
• Set of positive integers
• Target sum
• Find subset of integers that equal the target
• Proven to be NP-complete.
• Encode binary mesg as soln to knapsack problem
• Plaintext 0s and 1s
• By adding terms corresponding to 1s in plaintext,
  we can reduce cipher-text to target sum

25
Merkle-Hellman contd

• Super-increasing sequence
• Each integer is greater than sum of all preceding
  integers
• ak gt Sj1k-1 aj
• Solution of super-increasing knapsack (e.g.,
  simple knapsack) is easy to find, and unique
• Convert simple knapsack into Hard knapsack
• Pick super-increasing sequence S of m integers
• S s1, s2,.., sm
• Choose multiplier w and modulus n, n gt Sj1m-1 si
• Choose n to be prime
• Replace every sj in simple knapsack with term
• hi w si mod n
• Hard knapsack H h1, h2,.., hm

26
Merkle-Hellman - contd

• Merkle-Hellman is Public key cryptosystem
• Each user has public key
• Set of integers of a knapsack problem
• Each user has private key
• Set of integers for corresponding superincreasing
  knapsack
• Contribution design of technique to convert
  super-increasing knapsack into a regular one.
• Change numbers in non-obvious, reversible way.

27
Merkle-Hellman - contd

• Encryption alg starts with binary message
• P p1, p2,.., pk
• Divide message into blocks of m bits,
• P0 p1, p2,.., pm, P1 p1, p2,.., p2m,
• Value of m is number of terms in simple or hard
  knapsack
• Encipherment of message P is sequence of targets
• Each target is sum of some of the terms of the
  hard knapsack H
• Terms selected correspond to 1 bits in Pi,
• Pi serves as selection vector for elts of H
• Each term of ciphertext is Pi H

28
Merkle-Hellman - contd

• Decryption
• Legitimate recipient knows simple knapsack and
  values of w and n
• H w S mod n
• C H P w S P mod n
• To decipher, multiply C by w-1
• w-1 C w-1 H P w-1 w S P S P
  mod n
• Weaknesses
• How easy is it to determine w or n from H?

29
Merkle-Hellman contd

• Example
• S 1,2,4,9 H 15,13,9,16,
• w 15, n 17, m 4 hi w si mod n
• P 0100101110100101
• Encode with H as follows
• P 0100 1011 1010 0101
• 0,1,0,0 15,13,9,16 13
• 1,0,1,1 15,13,9,16 40
• 1,0,1,0 15,13,9,16 24
• 0,1,0,1 15,13,9,16 29
• Encrypted message as integers 13,40,24,29,
• Public knapsack H 15,13,9,16

30
Evaluation of PKS

• Strengths
• Harder to break
• Easier to manage keys
• Weaknesses
• Slower
• Dependent upon NP-computational theory

31
Crypto-related Techniques

• Digital signatures
• Digital certificates

32
Digital Signatures

• Digital signature proves integrity of message
• by signing the message using PK techniques
• How digital signatures work?
• The sender
• sends M, SE(hash(M), private)
• Message digest functions
• MD2, MD4, and MD5 from RSA Security
• SHA and SHA-1 from US government
• The receiver
• compares E(S, public) with hash(M)
• M is considered genuine if they match

Jim Xu, et al.
33
Digital Signatures contd

• Assumption
• it is very rare that two different messages have
  the same digest

34
Digital Certificates

• Digital certificates are
• frameworks for identification information, and
  bind identities with public keys
• Digital certificates provide foundation for
• identification
• authentication
• non-repudiation

Sunit Chauhan
35
Digital Certificates contd

• How digital certificates work?
• Let a third party, trusted by both sender and
  receiver, prove the binding of sender and its
  public key.
• Need a hierarchy of trusted certificate
  authorities (CAs)
• Everybody trust root CA
• Root CA prove the trustworthiness of a hierarchy
  of other CAs

36
Digital Certificates contd

• Example digital certificate
• X509 v3 certificate format
• Version
• Certificate Serial Number
• Signature Algorithm Identifier
• Issuer Name
• Validity Period
• Subject Name
• Subject Public Key Information
• Optional Fields
• Chauhan

37
Summary

• Symmetric-key encryption algorithms
• DES
• Public-key encryption algorithms
• RSA, Merkel-Hellman
• PKS based techniques
• Digital signature
• Digital certificate