Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prof. Jk LEE/security1 암호학 (Cryptology) Bob Alice 공격자 암호문 평문.

Similar presentations


Presentation on theme: "Prof. Jk LEE/security1 암호학 (Cryptology) Bob Alice 공격자 암호문 평문."— Presentation transcript:

1 Prof. Jk LEE/security1 암호학 (Cryptology) Bob Alice 공격자 암호문 평문

2 Prof. Jk LEE/security2 비자카드 번호 확인 st 16th Select odd numbers Select even numbers After * 2, if  9 then = 70 *10

3 Prof. Jk LEE/security3 암호학 (Cryptology) 이란 ?  암호화 기법과 암호분석기법에 관한 원리, 수단, 방법 을 연구하는 학문  평문의 해독 불가하도록 하는 방법과 해독 불가능한 메시지를 해독 가능하도록 형태를 바꾸는 방법으로 구성

4 Prof. Jk LEE/security4 Basic Encryption and Decryption  S R sender message receiver  S T R sender transmission medium receiver  S R sender access receiver O interceptor/intruder

5 Prof. Jk LEE/security5  S T R sender access receiver O interceptor/intruder - block - intercept - modify - fabricate

6 Prof. Jk LEE/security6 Terminology  Encryption  Decryption  Cryptosystem: system for encryption and decryption  Plaintext  Ciphertext

7 Prof. Jk LEE/security7 Encryption Algorithms Encryption encryption decryption plaintextciphertext Original plaintext

8 Prof. Jk LEE/security8 encryption decryption plaintextciphertext Original plaintext key Symmetric cryptosystem encryption decryption plaintextciphertext Original plaintext Encryption Key:K E Decryption Key:K D Asymmetric cryptosystem

9 Prof. Jk LEE/security9 Cryptanalysis  Cryptography: hidden writing  cryptanalyst: studies encryption,encryption message  cryptology: research of encryption and decryption

10 Prof. Jk LEE/security10 - attempt to break a single message - attempt to recognize patterns in encrypted message - attempt to find general weaknesses in an encryption algorithm Cryptanalyst’s chore: break an encryption !

11 Prof. Jk LEE/security11 암호시스템의 설계요건  난이도가 클 것  키의 크기가 작을 것  암. 복호화 여건의 간결성과 처리속도의 효율성  에러 전파율이 적을 것

12 Prof. Jk LEE/security12 암호시스템의 분류  시대별 분류 :  고전 암호시스템 :19 세기이전  근대 암호시스템 :1,2 차 대전  현대암호화 시스템 :1950 년이후  평문의 암호화 단위분류 :  블록 암호시스템  스트림 암호시스템  암호화 형식에 의한 분류 :  비밀키 ( 대칭형 ) 암호시스템 : 비밀키  공개키 ( 비대칭형 ) 암호시스템 : 공개키와 비공개키

13 Prof. Jk LEE/security13 스트림 암호 : stream cipher encryption decryption plaintextciphertext Original plaintext 키 생성 알고리즘 비밀키 기밀성과 무결성이 보장되는 채널 암호화의 속도가 빠르다 오류의 영향이 적다 비트가 독립적인 관계로 각각의 비트를 암호의 개별적인 개체로 취급이 가능 암호키에 대한 엄격한 동기화 요구 Synchronization! 키 생성 알고리즘이 중요 ! 평문 길이 최소 단위 : 한 개 단위의 비트나 문자

14 Prof. Jk LEE/security14 블록 암호 :Block cipher encryption decryption plaintext Bolck ciphertext Original plaintext 비밀키 기밀성과 무결성이 보장되는 채널 평문의 길이가 한개이상 DES,RSA 등 암호화, 블럭화에 대한 처리 시간이 요구 오류시 다른 비트등에 영향 스트림 암호와 대칭성

15 Prof. Jk LEE/security15 관용암호시스템 :conventional cryptosystem 대칭형암호시스템 :symmetric cryptosystem Ex) DES 송수신자간에 대칭키 ( 비밀 키 ) 공유 or 암호화, 복호 화 키가 동 일

16 Prof. Jk LEE/security16 공개키암호시스템 :Public-key cryptosystem 비대칭형암호시스템 :Asymmetric cryptosystem Ex) 디지털 서명, 개인신분확인등에 활용 송신자 : 공개키, 수신자 : 개인키 or 암호화, 복호 화 키가 다 를 경우

17 Prof. Jk LEE/security17 Representation of Characters  Letter/code A 0 B 1 C 2 D 3 E 4 F 5 G 6 H 7 I 8 J 9 K 10 L11 M12 N13 O14 P15 Q16 R17 S18 T19 U20 V21 W22 X23 Y24 Z25  A + 3 =D or K -1 = J : modular arithmetic

18 Prof. Jk LEE/security18 Monoalphabetic ciphers  The Caesar cipher: C i =E(p i ) =p i +3 Plaintext: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphert.: D E F G H I J K L M N O P Q R s T U V W X Y Z A B C Ex) TREATY IMPOSSIBLE WUHDWB LPSRVVLEOH

19 Prof. Jk LEE/security19 Example L FDPH L VDZ L FRQTXHUHG I  I+3 L  I ?? I CAME I SAW I CONQUERED

20 Prof. Jk LEE/security20 P: I DO NOT LIKE BRUTUS C: L GR QRW OLNH BUXWXV F(m) = (m+?) mod 26

21 Prof. Jk LEE/security21 Advantage/disadvantage of the Caesar cipher  Quite simple cipher  obvious pattern is major weakness 암호화 : C = E k (m) = (m + k) mode 26 복호화 : m = D k (c) = (c - k) mode 26

22 Prof. Jk LEE/security22 Ex) UZQSOVUOHXMOPVGPOPEVSGZWSZOPFPESXUDBMETSX AIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWTMXUZUHSX EPTEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ Frequency distributions

23 Prof. Jk LEE/security23 Frequency distributions  Cipher’s frequency : P Z S 8.33 U 8.33 O 7.50 M 6.67 H 5.83 D 5.00 E 5.00 V 4.17 X 4.17 F 3.33 W 3.33 Q 2.50 T 2.50 A 1.67 B 1.67 G 1.67 Y 1.67 I 0.83 J 0.83 C 0 K 0 L 0 N 0 R 0

24 Prof. Jk LEE/security24 E T 9.25 R 8.50 N 7.75 I 7.75 O 7.50 A 7.25 S 6.00 D 4.25 L 3.75 H 3.50 C 3.50 F 3.00 U 3.00 M 2.75 P 2.75 Y 2.25 G 2.00 W 1.50 V1.50 B 1.25 K 0.50 X 0.50 Q 0.50 J 0.25 Z 0.25 Frequencies of English letters

25 Prof. Jk LEE/security25  P:e, Z:t  {S,U,O,M,H} {r,n,I,o,a,s}  {A,B,G,Y,I,J} {w,v,b,k,x,q,j,z}  digraph:2 문자 빈도 : “th”  ZW 3times occurs: Z:t,W:h  “ZWP” the : trigraph

26 Prof. Jk LEE/security26 UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ t a e e t e a t h a t e e a a VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWTMXUZUHSX e t t a t h a e e e a e t h t a EPTEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ e e e t a t e t h e et

27 Prof. Jk LEE/security27 “ it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow”

28 Prof. Jk LEE/security28 Other monoalphabetic substitutions  Permutation: number of 1 to 10   1 = 1,3,5,7,9,10,8,6,4,2   2 = 10,9,8,7,6,5,4,3,2,1  ex)  1 (3) = 5 or  2 (7) = 4

29 Prof. Jk LEE/security29  Let a 1,a 2,…,a k be a set of the plaintext alphabet,  is a permutation of 1,2,..,k in a monoalphabetic substitution each c i is a  (pi). Ex)  ( ) = 25 - then A : z, B:y and Z: a  ABCDEFGHIJKLMNOPQRSTUVWXYZ  ke y  a bc d fg hi j l m no pq r s t u v wxz

30 Prof. Jk LEE/security30  ABCDEFGHIJKLMNOPQRSTUVWXYZ  sp ec t a u l r  bd f g h i j kmn oq v wxyz  :spectacular  ex) ABCDEFGHIJKLMNOPQRSTUVWXYZ  a dg j  permutation:  ( ) = (3* ) mod 26   (K) = (3* 10) mod 26 =30-26=4=e

31 Prof. Jk LEE/security31 Cryptanalysis of monoalphabetic ciphers  Brute-force: 가능한 모든 키를 시도  Probable-word attack : 추정단어공격  ex) 계좌 화일의 전송 --> 파일 머릿부분에 키 워드의 존재 원시코드 --> 표준화 된 위치에 키 문장  암호알고리즘의 특성 :  절대 안정성  계산상 안정성 : 정보가치초과, 유효기간초과

32 Prof. Jk LEE/security32 steganography  문자 마킹 (character marking)  보이지 않는 잉크 (invisible ink)  핀 구멍 (Pin punctures)  타자수정리본 (tpewriter correction ribbon)

33 Prof. Jk LEE/security33 Polyalphabetic substitution ciphers  If T --> a, or T --> b and X --> a or X --> b:  T:high frequency X:low frequency E 1 (T) = a, E 2 (T) = b while E 1 (X)= b and E 2 (X)= a  combine two distributions:  odd positions  even positions

34 Prof. Jk LEE/security34 Two encryption algorithms  Odd positions: A B C D E F G H I J K L M N O P Q R a d g j m o s v y b e h k n q t w z S T U V W X Y Z c f i l o r u x :  ( ) = (3* ) mod 26

35 Prof. Jk LEE/security35  Even positions: A B C D E F G H I J K L M N O P Q R n s x c h m r w bg l q v a f k p u S T U V W X Y Z z e j o t y d i :  ( ) = ((5* )+ 13) mod 26

36 Prof. Jk LEE/security36 example  TREATY IMPOSSIBLE encryption  fumnf dyvtv czysh h

37 Prof. Jk LEE/security37 Vigenere tableaux  “but soft what light through yonder window breaks” juliet : key words  julie tjuli etjul ietju lietj uliet julie tjuli  BUTSO FTWHA TLIGH TTHRO UGHYO NDERW INDOW BREAK En  KOEAS YCQSI …..

38 Prof. Jk LEE/security38 Cryptanalysis of polyalphabetic substitution  Kasiski method for repeated patterns: use repetions in the ciphertext to give cluses to the dryptanalyst of the period P : TOBEO RNOTT OBE K: NOWNO WNOWN OWN C: GCXRC NACPG CXR

39 Prof. Jk LEE/security39  Index of coincidence(IC): introduced in 1920 by W. Friedman measures the variation in the frequencies of the letters in a cipheretext

40 Prof. Jk LEE/security40 example  Dcrypt using vigenere ciper: TSMVM MPPCW CZUGX HPECP RFAUE IOBQW PPIMS FXIPC TSQPK SZNUL OPACR DDPKT SLVFW ELTKR GHIZS FNIDF ARMUE NOSKR GDIPH WSGVL EDMCM SMWKP IYOJS TLVFA HPBJI RAQIW HLDGA IYOU

41 Prof. Jk LEE/security41  Ic = : (  P(a i ))  split the ciper text into 5 ection gettings: a->6 g->5 I->6 q->3 v->4 b->2 h->5 m->8 r->6 w->6 c->6 I->10 n->3 s->10 x->2 d->6 j->2 o->5 t->5 y->2 e->5 k->5 p->l3 u->5 z->3 f->6

42 Prof. Jk LEE/security42  We split the cipher text into five sections getting:  TMCHRIPFTSODSEGFANGWESITHRHI from text positions 51, l = 0, I,...,27.  SPZPFOPXSZPDLLHNRODSDMYLPALY from text positions 51+1, l " 0,1,...,27.  MPHEABIIQNAPVTIIMSIGMWOVBQDO from text positions 51+2, l = 0,1,...,27.  VCGCUQMPPUCKFKZDUKPVCKJFJIGU from text positions 51+3, l = 0,1,..., 27.  MWXPEWSCKLRTWRSFERHLMPSAIWA from text positions 51+4, l = 0,1,..., 27.  5i= i+1= i+2=  5I+3= I+4=

43 Prof. Jk LEE/security43  The second section is: SPZPFOPXSZPDLLHNRODSDMYLPALY P-> E, Q-> F: HEOEUDEMHOESAAWCGDSHSBNAEPAN  The fourth section is: VCGCUQMPPUCKFKZDUKPVCKJFJIGU U->A,V-> B: BIMIAWSVVAIQLQFJAQVBIQPLFOMA

44 Prof. Jk LEE/security44  C-> A or K-> A. Trying these gives respectively: TAEASOKNNSAIDIXBSINTAIHDHGES CGCEGCFFECAFAJDEAFFCADFDCGE  Of these two the first looks the most promising so we look at what we have for our five sections as rows:  ………………………………………………... HEOEUDEMHOESAAWCGDSHSBNAEPAN ………………………………………………... TAEASOKNNSAIDIXBSINTAIHDHGES ………………………………………………...

45 Prof. Jk LEE/security45  M -> E, N-> F,... in the third row giving: TMCHRIPFTSODSEGFANGWES ITHRHI HEOEUDEMHOESAAWCGDSHSBNAEPAN E H M WSTAAIFSHN L A AE K A YEOGN T IVG TAEASOKNNSAIDIXBS INTAIHDHGES  Hence we decide that the plaintext is: THE TIME HAS COME THE WALRUS SAID TO SPEAK OF MANY THINGS OF SHOES AND SHIPS AND SEALING WAX OF CABBAGES AND KINGS AND WHY THE SEA IS BOLLING HOT AND WHETHER PIGS HAVE WINGS

46 Prof. Jk LEE/security46 EXAMPLE  “STAR WARS” I KNOW ONLY THAT I KNOW NOTHING H UINF NIAP OCSO H UINF INOCHIT

47 Prof. Jk LEE/security47 VERNAM CIPHER  VERNAMCIPHER   II  Plaintext VERNAMCIPHE R Numeric Equivalent Random Number II =Sum = mod Ciphertext : tahrsp itxma

48 Prof. Jk LEE/security48 LONG SEQUENCE FROM BOOKS  “What of thinking? I am,Iexist,that is certain”  Machine cannot think iamie xistt hatis cert MACHI NESCA NNOTT HINK

49 Prof. Jk LEE/security49  USED BY VIGENERE TABLE:  Machines cannot think  uaopm kmkvt unhbl jmed

50 Prof. Jk LEE/security50  High-frequency letters:  A,E,O,T : 40% and N,I: 25% a e I n o t A a e I n o t E e l m r s x I I m r w x c N n r w b c h O o s x c d l T t x b g h m

51 Prof. Jk LEE/security51  Ci : u a o p m k m k v t  Po: ? AA ? E ? E ? ? A  O I I T  T T

52 Prof. Jk LEE/security52 Dual message entagement  Key : disregardthismessage  mess: thismessageiscrucial wpajqejvdzlqkovvmulgp

53 Prof. Jk LEE/security53 transposition  plaintext --> rearrangement --> cipertext  ex) Cryptanalyst; 3 x4 matrix: column tr c r y p row 2,4,1,3 t a n a  RAYPATCTLYNS l y s t

54 Prof. Jk LEE/security54 example  Suppose d =4, f=( ):  Ptx: cryp togr aphy  Cxt: pcry rtog yaph  how identity?  How to decipher?

55 Prof. Jk LEE/security55 General monoalphbetic cipers  “starw wars” --> starw STARW BCDEF GHIJK LMNOP QUVXY Z

56 Prof. Jk LEE/security56  ABCDEFGHIJKLMNOPQRSTUVWXY Z  SBGLQZTCHMUADINVREJOXWFKP Y

57 Prof. Jk LEE/security57 EXAMPLE(report)  DE : BASED ON FREQUENCY BRYH DRL R ITEEIA IRBS TEF CIAAXA NFR NDTEA RF FGKN RGL AOAYJNDAYA EDRE BRYH NAGE EDA IRBS NRF FMYA EK ZK TE CKIIKNAL DAY EK FXDKKI KGA LRH NDTXD NRF RZRTGFE EDA YMIAF

58 Prof. Jk LEE/security58  “Mary had a little lamb its fleece was white as snow and everywhere that mary went the lamb was sure to go it followed her to school one day which was against the rules.”

59 Prof. Jk LEE/security59 Example  Columnar transpositions t hisi sames saget oshow howac olumn artra nspos I tion : tssoh oaniw haaso lrsto imghw works utpir seeoa mrook istwc nasns c1 c2 c3 c4 c5 c6 c7 c8 c9 c10 c11 c12 etc.

60 Prof. Jk LEE/security60  Most common Diagrams and Trigrams diagramstrigrams enent reion erand nting thive ontio infor tfour anthi orone

61 Prof. Jk LEE/security61 Cryptanalysis by Diagram Analysis  Two different strings of letters from a transposition ciphertext can represent pairs of adjacent letters from the plaintext. Problems: to find where in the cipertext a pair of adjacent olumns lies where the ends of the columns are

62 Prof. Jk LEE/security62  c1 to c8, c2 to c9, …..c7 to c14.  The windows of comparison shift:  c1 to c9, c2 to c10….

63 Prof. Jk LEE/security63

64 Prof. Jk LEE/security64  Tssoh oaniw haaso lrsto (I(m(g(h(w (u (t (p (I (r s)e)e)o))a m)r)o)o)k istwc nasns  50ch. -> single column 10 * 5 matrix or  second column -> 8*7 matrix

65 Prof. Jk LEE/security65 Double Transposition Algorithm  Involves two columnar transpositions:

66 Prof. Jk LEE/security66  Result from the second column: tno (m(I m)tssi l(g(rr)w xswr(h s)o) cxo hs(we)o) nxhat (ue)k)ax oao(to) isxas (I(pa)sn x

67 Prof. Jk LEE/security67  Stream ciphers: convert one symbol of plaintext immediately into a symbol of ciphertext - speed of transformation - low error propagation * low diffusion * susceptibility to malicious and modifications

68 Prof. Jk LEE/security68 Y Key(optional) ISSOPMI Plaintext WDHUW…… Ciphertext Encryption Stream Encryption Example: Monoalphabetic,Polyalphabetic Ciphers

69 Prof. Jk LEE/security69 Block ciphers  Encrypt a group of plaintext symbols as one block key plaintext po xn ba oi encryption qc tp kb

70 Prof. Jk LEE/security70  Diffusion  immunity to insertion  slowness of encryption  error propagation  Example: columnar transposition

71 Prof. Jk LEE/security71 GOOD ciphers?  The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption  The set of keys and enciphering algorithm should be free from complexity  The implementation of the process should be as simple as possible Shannon Characteristics:

72 Prof. Jk LEE/security72  Errors in ciphering should not propagate and cause corrupton of further information in the message  The size of the enciphered text should be no larger than the text of the original message


Download ppt "Prof. Jk LEE/security1 암호학 (Cryptology) Bob Alice 공격자 암호문 평문."

Similar presentations


Ads by Google