Scribd
Upload
51 views

Module 04-Cryptography and Encryption

Uploaded by

M ARSLAN
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
51 views

Module 04-Cryptography and Encryption

Uploaded by

M ARSLAN
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 49

CSC432 – INFORMATION

SECURITY

Dr. Adnan Ahmad


Module # 4

CRYPTOGRAPHY AND
ENCRYPTION
Cryptography
 The word Cryptography comes from the Greek words,
“Crypt” means (hidden or secret) and “Graphy” means
(writing)
 So, cryptography is the art of secret writing
 The basic service provided by cryptography is the
ability to send information between participants in a
way that prevents others from reading it
Secure Channel for message transfer
between Alice and Bob

Sender Receiver
Encryption
 Alternatively, Encryption is the actual process of
transforming information into an illegible format
 Encryption basically is some process or algorithm to
make information hidden or secret
 To make that process useful, you need some code to
make information accessible again
 Modern day encryption uses different types of
algorithms to achieve results that vary in complexity
Encryption
 A message in its original form is known as plaintext or
cleartext
 The mangled information is known as ciphertext
 Encryption is a process by which a message (called
plaintext) is transformed into another message (called
ciphertext) using a mathematical function and a special
encryption password (called a key)
 The reverse of encryption is called decryption
Cryptography
 Cryptographic systems tend to involve both an
algorithm and a secret value (means they use
encryption/decryption)

 While cryptographers invent clever secret codes,


cryptanalysts attempt to break these codes

 These two disciplines constantly try to keep ahead of


each other
Cryptography
 Cryptographic algorithms involve substituting one
thing for another, in many possible ways
 A cipher is an algorithm for performing encryption or
decryption — a series of well-defined steps that can be
followed as a procedure

 Example: Transposition cipher


 Rearranges the characters in the plaintext

 Example: Caesar cipher


 substitute each letter by the letter that appears k letters later in
the alphabet; while producing what looks like gibberish
 there are only 25 possible keys available
Example: Transposition cipher
 Plain text is HELLOWORLD
 HLOOL
 ELWRD
 And then combining it to form the cipher text HLOOLELWRD

 The attacker requires to rearrange the letters


 Called anagramming

http://crypto-flash.tripod.com/transpositionFlash.htm
Cryptography
Q: How hard is it to break these simple ciphers?
Objective is to recover key not just message

 Brute force attack (attempt all possibilities)


 Simple with the Caesar cipher, but gets quite difficult
with monoalphabetic or polyalphabetic ciphers

 Cryptanalytic attack
 Ciphertext-only attack: use statistics and other
information to decrypt intercepted ciphertext
 For example, simple statistics on letter placement and
occurrence in English makes further decryption simpler
Cryptography
 Known-plaintext attack: if some of the plaintext is
known, one could uncover some of the plaintext-
ciphertext mappings, making decryption easier
 For example, if we knew “Alice” was in the message, we get
some of the mappings right away without much difficulty

 Chosen-plaintext attack: the intruder can choose the


plaintext (to be encrypted) message and receive the
(corresponding) ciphertext form
Cryptography
 An encryption scheme is computationally secure if
 The cost of breaking the cipher exceeds the value of
information
 The time required to break the cipher exceeds the
lifetime of information

Unconditionally secure - Provably secure -


Computationally secure
Cryptography vs Steganography
 Cryptography is the practice of ‘scrambling’ messages
so that even if detected, they are very difficult to
decipher
 Steganography (means concealed writing) is to conceal
the message such that the very existence of the hidden
is ‘camouflaged’

 Steganography is data inside data


 It is mostly used to hide text inside pictures or sound
files (digital watermarking)
Steganography example
 An example of the message containing cipher text by a
German spy in WWII

 “Apparently neutral’s protest is thoroughly discounted


and ignored. Isman hard hit. Blockade issue affects
pretext for embargo on by products, ejecting suets and
vegetable oils.”

 Taking the second letter in each word, the following


message emerges

 Pershing sails from NY June 1.


 https://people.cs.umass.edu/~
verts/cmpsci145/SimpleSteganography/SimpleSteganogr
Types of Cryptography
 Symmetric key cryptography: encryption and
decryption keys are identical, so the key must be kept
secret
 This approach is also called secret/private key
cryptography

 Asymmetric key cryptography: different keys for


encryption and decryption (one public, the other
private)
 This approach is also called two key/public key
cryptography
Symmetric Key Cryptography
 Same key decrypts and encrypts information
 The encryption functions used need not be secret, but
the keys used must be secret

 Examples:
 ROT13: Very simple rotation algorithm
 Caesar cipher: Another (better) rotation algorithm
 Crypt: Original Unix encryption program
 DES: Data Encryption Standard
 AES: Advanced Encryption Standard
 IDEA: International Data Encryption Algorithm
 Skipjack: U.S. National Security Agency developed
algorithm
Symmetric Key Cryptography

K K
A-B A-B

encryption ciphertext decryption


plaintext
algorithm
plaintext
algorithm
message, m
K (m) m = K K( (m) )
A-B A-B A-B

 Bob and Alice share the same (symmetric) key: KA-B


 For example, the key is knowing substitution pattern in
a cipher
Symmetric Key Cryptography
Key Issues in Symmetric Key Cryptography

 Question: How do Bob and Alice agree on key value?


What if Bob and Alice have never “met” before?
 Even Better Question: How is the agreed upon key
distributed to both Bob and Alice in a secure fashion?
Asymmetric Key Cryptography
 Radically different approach (two different keys)
 Sender and receiver do not share secret key
 Public encryption key known to all
 Private decryption key known only by the owner

 Examples
 Diffie-Hellman: the first public key approach
proposed
 RSA: the best known public key system,
developed by Rivest, Shamir, and Adleman
 DSA: Digital Signature Algorithm, developed by the
U.S. National Security Agency (NSA)
Asymmetric Key Cryptography
Keys are generated in pairs
 Public key is publicly registered so everyone knows it,
and private one is kept secret by the owner
 Each key can decrypt what the other encrypts, but not
what it encrypts itself (that why asymmetric)

Important properties of key generation:


 There is a one-to-one correspondence in the generated
key pairs – if one key can decrypt a message, it must
have been encrypted by the other
 It must be extremely difficult, if not impossible, to
deduce the private key when given a public key
Asymmetric Key Cryptography

+ Bob’s public
K
B key

- Bob’s private
K
B key

plaintext encryption ciphertext decryption plaintext


message, m algorithm algorithm message
K+ (m)
B m = K - (K+ (m))
B B
Asymmetric Key Cryptography

- Alice’s private
K
A key

+ Alice’s public
K
A key

plaintext encryption decryption plaintext


ciphertext
message, m algorithm -
algorithm message
K (m) m = K + (K- (m))
A
A A
Asymmetric Key Cryptography
 This property will be very useful later:

K B− (K B+ (m)) = m = K A+ (K A − (m))

 use private key first, followed by public key


 use public key first, followed by private key

 Result is the same


Applications of Cryptography
 Transmitting over an insecure channel
 Secure storage on insecure media

 Everything that SKC does can be done by PKC and


Digital Signatures
Cryptography Terms Summary
 Plaintext - original message
 Ciphertext - coded message
 Cipher - algorithm for transforming plaintext to
ciphertext
 Key - info used in cipher known only to sender/receiver
 Encipher (encrypt) - converting plaintext to ciphertext
 Decipher (decrypt) - recovering plaintext from ciphertext
 Cryptography - study of encryption principles/methods
 Cryptanalysis (codebreaking) - study of principles/
methods of deciphering ciphertext without knowing key
 Cryptology - field of both cryptography and
cryptanalysis
Ciphers and Their Types
 Classical Ciphers
 Transposition Cipher
 Substitution Cipher
 Monoalphabetic
 Polyalphabetic

 Modern Cipher
 Asymmetric
 Symmetric
 Block
 Stream
Ciphers and Their Types
 Transposition: rearrange bits or characters in the data
(permutation)
 Substitution: replace bits, characters, or blocks of
characters with substitutes
 Monoalphabetic: A single alphabet is used to
encrypt the entire plaintext message
 Polyalphabetic: A more complex substitution that
uses a different alphabet to encrypt each bit,
character, or character block of a plaintext message
 A block cipher is one that breaks a message up into
chunks and combines a key with each chunk
 A stream cipher is one that applies a key to each bit,
one at a time
Ciphers and Their Types
Caesar Cipher
 One of the simplest examples of a cipher is the Caesar
cipher
 It is a type of substitution cipher in which each letter in
the plaintext is replaced by a letter some fixed number
of positions down the alphabet
 For example, with a shift of 3, ‘A’ would be replaced by
‘D’, ‘B’ would become ‘E’, and so on
Plaintext: the quick brown fox jumps over the lazy dog
Ciphertext: WKH TXLFN EURZQ IRA MXPSV RYHU WKH
ODCB GRJ
 http://crypto-flash.tripod.com/caesarFlash.htm
Ciphers and Their Types
Vigenère Cipher

 The most common polyalphabetic cipher


 Vigenère cipher starts with a 26 x 26 matrix of
alphabets in sequence
 First row/column starts with ‘A’, second row/column
starts with ‘B’, etc
 It requires a keyword that the sender and receiver know
ahead of time
 Each character of the message is combined with the
characters of the keyword to find the ciphertext
character
Ciphers and Their Types
Vigenère Cipher Matrix

Message = SEE ME IN MALL


Keyword = INFOSEC
Encryption

SEEME INMALL
INFOS EC I NFO
-----------------------------
ARJAWMPUNQZ
Classwork
 Encrypt the plaintext
 "a simple example"
 using the keyword
 “battista.“
Ciphers and Their Types
Vigenère Cipher Matrix

0 1 2 3 4 5 6 7 8 9

A B C D E F G H I J

10 11 12 13 14 15 16 17 18 19

K L M N O P Q R S T

20 21 22 23 24 25

U V W X Y Z
Ciphers and Their Types
Vigenère Cipher Example

 Message = SEE ME IN MALL


 Keyword = INFOSEC
Encryption Decryption
SEEME INMALL A RJ AWMPUNQZ
INFOS EC I NFO I NFO S E C IN FO
----------------------------- ------------------------------
ARJAWMPUNQZ SEEM E I N MALL

 As its polyalphabetic, same plaintext character is


substituted by different ciphertext
 https://www.youtube.com/watch?v=LsewLHTAmsA
Ciphers and Their Types
Playfair Cipher

 The best known multiple-letter cipher (polyalphabetic),


which treats digrams in the plaintext as single units
 It is based on a 5x5 matrix of letters constructed using
a keyword
 Suppose we have a keyword “monarchy”
 The matrix is constructed by filling in the letter of the
keyword (minus duplicate) from left to right and from
top to bottom in alphabetic order
 The letter I and J count as one letter (as we have max
25 spaces available)
Ciphers and Their Types
Playfair Cipher Matrix

 Keyword = “monarchy”

m o n a r
c h y b d
e f g i/j k
l p q s t
u v w x z
Ciphers and Their Types
Playfair Cipher Matrix

 Plaintext is encrypted two letters at a time, according


to the following rules

 If in same column
 Move each letter down one
 If in same row
 Move each letter right one
 If form a rectangle
 Swap with the ends of the rectangle
Ciphers and Their Types
Playfair Cipher Example

 Repeating plaintext letters that would fall in the same


pair are separated with a filler letter, such as x, so that
‘balloon’ would be treated as ‘ba lx lo on’

 AR becomes RM
 CE becomes EL
 HS becomes BP
 EA becomes IM (or JM)
 Balloon becomes ?
Ciphers and Their Types
 Playfair Cipher Example

Example:
Plaintext: see me tomorrow
se em et om or ro wx
Ciphertext: li lc kl no nm mn xz

 Decryption is just the reverse of encryption

 https://www.youtube.com/watch?v=quKhvu2tPy8
Ciphers and Their Types
Affine Cipher

 The affine cipher is a monoalphabetic substitution


cipher
 The encryption/decryption process is substantially
mathematical

 Step one: Substitute each letter in your plaintext


message with a number (range 0 to m-1)
Ciphers and Their Types
Affine Cipher Example

 Create a permutation of the alphabet by replacing each


a with the result of a simple equation:
 E(x) = (ax + b) mod m

 m is 26 in this case as total number of alphabets in


English language
 a is relatively prime to 26 (or the length of whatever
alphabet you're using), and b is an arbitrary integer of
your choice
 a and b need to be known to decrypt
Ciphers and Their Types
Affine Cipher Example

 lets encrypt the plaintext "affine cipher", using the key


a = 5, b = 8

Plaintext a f f i n e c i p h e r
x 0 5 5 8 13 4 2 8 15 7 4 17
5x+8 8 33 33 48 73 28 18 48 83 43 28 93
(5x+8) mod 8 7 7 22 21 2 18 22 5 17 2 15
26
Ciphertext I H H W V C S W F R C P
Ciphers and Their Types
Affine Cipher Example

 In decryption, we must perform the opposite (or inverse)


functions on the ciphertext to retrieve the plaintext,
using the following equation;
 D(x) = c(x - b) mod m

 c is the modular multiplicative inverse of a i.e., a*c = 1


mod m
 We know that, a = 5, b = 8
 The first step here is to find the inverse of a, which in this
case is 21
 (since 21 x 5 = 105 = 1 mod 26, as 26 x 4 = 104, and 105
- 104 = 1)
Ciphers and Their Types
Affine Cipher Example

 lets do decryption of the ciphertext

Ciphertext I H H W V C S W F R C P
y 8 7 7 22 21 2 18 22 5 17 2 15
21(y-8) 0 (-1+ 525 294 273 (-6+ 210 29 (-3+ 189 420 147
26)* 26)* 4 26)*
21= 21= 21=
525 420 483
21(y-8) mod 26 0 5 5 8 13 4 2 8 15 7 4 17
Plaintext A F F I N E C I P H E R
Ciphers and Their Types
Affine Cipher Example

 Encrypt ‘network security’ with a=5, b=6


 taxmyne saqcnuxw
Ciphers and Their Types
Rail Fence Cipher

 A transposition cipher that gets its name from the way


in which it is encoded
 Plaintext is written downwards on successive "rails" of
an imaginary fence, then moving up when we get to
the bottom
 Encrypted message (cipertext) is then read off in rows
Ciphers and Their Types
Rail Fence Cipher Example

 Using three "rails" and a plaintext 'WE ARE


DISCOVERED. FLEE AT ONCE‘
W. . . E . . . C . . . R . . . L . . . T . . . E
. E . R . D . S . O. E . E . F . E . A . O. C .
. . A . . . I . . . V . . . D . . . E . . . N. .

 Ciphertext = WECRL TEERD SOEEF EAOCA IVDEN

 Decryption is just the reverse of encryption


Ciphers and Their Types
One-time Pad

 Use a random key that is as long as the message so


that the key need not be repeated
 The key is used to encrypt and decrypt a single
message, and then is discarded
 Perfectly secure, unbreakable (if used correctly)
because it produces random output (from the random
key) that bears no statistical relationship to the
plaintext

 Drawbacks: large quantities of random keys needed,


key distribution and protection (both sender and
receiver)
Ciphers and Their Types
One-time Pad Example

plaintext: SECRETMESSAGE
one-time pad: CIJTHUUHMLFRU
ciphertext: UMLKLNGLEDFXY
Module # 4

THANKS

You might also like