Download presentation

Presentation is loading. Please wait.

Published byEmerson Lyndon Modified over 2 years ago

1
암호학(Cryptology) 평문 암호문 평문 Bob Alice 공격자 Prof. Jk LEE/security

2
**비자카드 번호 확인 0699 0043 1313 9642 1st 16th Select odd numbers**

Select even numbers After * 2, if 9 then -9 *10 = 70 Prof. Jk LEE/security

3
**암호학(Cryptology)이란? 암호화 기법과 암호분석기법에 관한 원리,수단,방법을 연구하는 학문**

평문의 해독 불가하도록 하는 방법과 해독 불가능한 메시지를 해독 가능하도록 형태를 바꾸는 방법으로 구성 Prof. Jk LEE/security

4
**Basic Encryption and Decryption**

S R sender message receiver S T R sender transmission medium receiver S R sender access receiver O interceptor/intruder Prof. Jk LEE/security

5
**sender access receiver O interceptor/intruder**

S T R sender access receiver O interceptor/intruder - block - intercept - modify - fabricate Prof. Jk LEE/security

6
**Terminology Encryption Decryption**

Cryptosystem: system for encryption and decryption Plaintext Ciphertext Prof. Jk LEE/security

7
**Encryption Algorithms**

decryption plaintext ciphertext Original Encryption Prof. Jk LEE/security

8
**Symmetric cryptosystem**

encryption decryption plaintext ciphertext Original key key Symmetric cryptosystem encryption decryption plaintext ciphertext Original Encryption Key:KE Decryption Key:KD Asymmetric cryptosystem Prof. Jk LEE/security

9
**Cryptanalysis Cryptography: hidden writing**

cryptanalyst: studies encryption,encryption message cryptology: research of encryption and decryption Prof. Jk LEE/security

10
**Cryptanalyst’s chore:**

- attempt to break a single message - attempt to recognize patterns in encrypted message - attempt to find general weaknesses in an encryption algorithm break an encryption ! Prof. Jk LEE/security

11
**암호시스템의 설계요건 난이도가 클 것 키의 크기가 작을 것 암.복호화 여건의 간결성과 처리속도의 효율성 에러 전파율이 적을 것**

Prof. Jk LEE/security

12
**암호시스템의 분류 시대별 분류: 평문의 암호화 단위분류: 암호화 형식에 의한 분류: 고전 암호시스템:19세기이전**

근대 암호시스템:1,2차 대전 현대암호화 시스템:1950년이후 평문의 암호화 단위분류: 블록 암호시스템 스트림 암호시스템 암호화 형식에 의한 분류: 비밀키(대칭형) 암호시스템:비밀키 공개키(비대칭형) 암호시스템:공개키와 비공개키 Prof. Jk LEE/security

13
**스트림 암호: stream cipher Synchronization! encryption decryption plaintext**

평문 길이 최소 단위:한 개 단위의 비트나 문자 스트림 암호: stream cipher encryption decryption plaintext ciphertext Original 키 생성 알고리즘 비밀키 기밀성과 무결성이 보장되는 채널 암호화의 속도가 빠르다 비트가 독립적인 관계로 각각의 비트를 암호의 개별적인 개체로 취급이 가능 오류의 영향이 적다 암호키에 대한 엄격한 동기화 요구 Synchronization! 키 생성 알고리즘이 중요! Prof. Jk LEE/security

14
**블록 암호:Block cipher 스트림 암호와 대칭성 Bolck Original ciphertext plaintext**

평문의 길이가 한개이상 블록 암호:Block cipher encryption decryption plaintext Bolck ciphertext Original 비밀키 기밀성과 무결성이 보장되는 채널 DES,RSA등 스트림 암호와 대칭성 암호화,블럭화에 대한 처리 시간이 요구 오류시 다른 비트등에 영향 Prof. Jk LEE/security

15
**관용암호시스템:conventional cryptosystem 대칭형암호시스템:symmetric cryptosystem**

암호화,복호화 키가 동일 관용암호시스템:conventional cryptosystem or 대칭형암호시스템:symmetric cryptosystem Ex) DES 송수신자간에 대칭키(비밀 키) 공유 Prof. Jk LEE/security

16
**공개키암호시스템:Public-key cryptosystem 비대칭형암호시스템:Asymmetric cryptosystem**

암호화,복호화 키가 다를 경우 공개키암호시스템:Public-key cryptosystem or 비대칭형암호시스템:Asymmetric cryptosystem Ex) 디지털 서명,개인신분확인등에 활용 송신자: 공개키, 수신자: 개인키 Prof. Jk LEE/security

17
**Representation of Characters**

Letter/code A 0 B 1 C 2 D 3 E 4 F 5 G 6 H 7 I 8 J 9 K 10 L11 M12 N13 O14 P15 Q16 R17 S18 T19 U20 V21 W22 X23 Y24 Z25 A + 3 =D or K -1 = J :modular arithmetic Prof. Jk LEE/security

18
**Monoalphabetic ciphers**

The Caesar cipher: Ci =E(pi) =pi +3 Plaintext: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphert.: D E F G H I J K L M N O P Q R s T U V W X Y Z A B C Ex) TREATY IMPOSSIBLE WUHDWB LPSRVVLEOH Prof. Jk LEE/security

19
**Example I CAME I SAW I CONQUERED L FDPH L VDZ L FRQTXHUHG L I ??**

I I+3 I CAME I SAW I CONQUERED Prof. Jk LEE/security

20
**C: L GR QRW OLNH BUXWXV F(m) = (m+?) mod 26 P: I DO NOT LIKE BRUTUS**

Prof. Jk LEE/security

21
**Advantage/disadvantage of the Caesar cipher**

Quite simple cipher obvious pattern is major weakness 암호화: C = Ek(m) = (m + k) mode 26 복호화: m = Dk(c) = (c - k) mode 26 Prof. Jk LEE/security

22
**Frequency distributions**

Ex) UZQSOVUOHXMOPVGPOPEVSGZWSZOPFPESXUDBMETSXAIZ VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWTMXUZUHSX EPTEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ Prof. Jk LEE/security

23
**Frequency distributions**

Cipher’s frequency: P Z S U O M 6.67 H D E V X F 3.33 W Q T A B G 1.67 Y I J C K L 0 N R 0 Prof. Jk LEE/security

24
**Frequencies of English letters**

E T 9.25 R 8.50 N 7.75 I O 7.50 A 7.25 S D 4.25 L 3.75 H 3.50 C 3.50 F 3.00 U 3.00 M P 2.75 Y 2.25 G 2.00 W 1.50 V1.50 B 1.25 K X Q 0.50 J Z 0.25 Prof. Jk LEE/security

25
**ZW 3times occurs: Z:t,W:h “ZWP” the : trigraph**

P:e, Z:t {S,U,O,M,H} {r,n,I,o,a,s} {A,B,G,Y,I,J} {w,v,b,k,x,q,j,z} digraph:2 문자 빈도: “th” ZW times occurs: Z:t,W:h “ZWP” the : trigraph Prof. Jk LEE/security

26
**UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ **

t a e e t e a t h a t e e a a VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWTMXUZUHSX e t t a t h a e e e a e t h t a EPTEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ e e e t a t e t h e et Prof. Jk LEE/security

27
**“ it was disclosed yesterday that several informal but **

direct contacts have been made with political representatives of the viet cong in moscow” Prof. Jk LEE/security

28
**Other monoalphabetic substitutions**

Permutation: number of 1 to 10 p1 = 1,3,5,7,9,10,8,6,4,2 p2 = 10,9,8,7,6,5,4,3,2,1 ex) p1(3) = 5 or p2(7) = 4 Prof. Jk LEE/security

29
**Let a1,a2,…,ak be a set of the plaintext alphabet,**

p is a permutation of 1,2,..,k in a monoalphabetic substitution each ci is ap(pi). Ex) p(l) = 25 - l then A : z, B:y and Z: a ABCDEFGHIJKLMNOPQRSTUVWXYZ ke y a bc d fg hi j l m no pq r s t u v wxz Prof. Jk LEE/security

30
**ABCDEFGHIJKLMNOPQRSTUVWXYZ sp ec t a u l r bd f g h i j kmn oq v wxyz **

:spectacular ex) ABCDEFGHIJKLMNOPQRSTUVWXYZ a dg j permutation: p(l) = (3* l) mod 26 p(K) = (3* 10) mod 26 =30-26=4=e Prof. Jk LEE/security

31
**Cryptanalysis of monoalphabetic ciphers**

Brute-force:가능한 모든 키를 시도 Probable-word attack:추정단어공격 ex) 계좌 화일의 전송 --> 파일 머릿부분에 키워드의 존재 원시코드--> 표준화 된 위치에 키 문장 암호알고리즘의 특성: 절대 안정성 계산상 안정성:정보가치초과,유효기간초과 Prof. Jk LEE/security

32
**steganography 문자 마킹(character marking) 보이지 않는 잉크(invisible ink)**

핀 구멍(Pin punctures) 타자수정리본(tpewriter correction ribbon) Prof. Jk LEE/security

33
**Polyalphabetic substitution ciphers**

If T --> a, or T --> b and X --> a or X --> b: T:high frequency X:low frequency E1(T) = a, E2(T) = b while E1 (X)= b and E2(X)= a combine two distributions: odd positions even positions Prof. Jk LEE/security

34
**Two encryption algorithms**

Odd positions: A B C D E F G H I J K L M N O P Q R a d g j m o s v y b e h k n q t w z S T U V W X Y Z c f i l o r u x : p(l) = (3* l) mod 26 Prof. Jk LEE/security

35
**Even positions: A B C D E F G H I J K L M N O P Q R**

n s x c h m r w bg l q v a f k p u S T U V W X Y Z z e j o t y d i : p(l) = ((5* l)+ 13) mod 26 Prof. Jk LEE/security

36
**example TREATY IMPOSSIBLE TREAT YIMPO SSIBL E encryption**

fumnf dyvtv czysh h Prof. Jk LEE/security

37
**Vigenere tableaux “but soft what light through yonder window breaks”**

juliet : key words julie tjuli etjul ietju lietj uliet julie tjuli BUTSO FTWHA TLIGH TTHRO UGHYO NDERW INDOW BREAK En KOEAS YCQSI ….. Prof. Jk LEE/security

38
**Cryptanalysis of polyalphabetic substitution**

Kasiski method for repeated patterns: use repetions in the ciphertext to give cluses to the dryptanalyst of the period P : TOBEO RNOTT OBE K: NOWNO WNOWN OWN C: GCXRC NACPG CXR Prof. Jk LEE/security

39
**Index of coincidence(IC): introduced in 1920 by W. Friedman **

measures the variation in the frequencies of the letters in a cipheretext Prof. Jk LEE/security

40
**example Dcrypt using vigenere ciper:**

TSMVM MPPCW CZUGX HPECP RFAUE IOBQW PPIMS FXIPC TSQPK SZNUL OPACR DDPKT SLVFW ELTKR GHIZS FNIDF ARMUE NOSKR GDIPH WSGVL EDMCM SMWKP IYOJS TLVFA HPBJI RAQIW HLDGA IYOU Prof. Jk LEE/security

41
**split the ciper text into 5 ection gettings:**

Ic = : (åP(ai)) split the ciper text into 5 ection gettings: a->6 g->5 I->6 q->3 v->4 b->2 h->5 m->8 r->6 w->6 c->6 I->10 n->3 s->10 x->2 d->6 j->2 o->5 t->5 y->2 e->5 k->5 p->l3 u->5 z->3 f->6 Prof. Jk LEE/security

42
**We split the cipher text into five sections getting:**

TMCHRIPFTSODSEGFANGWESITHRHI from text positions 51, l = 0, I, ...,27. SPZPFOPXSZPDLLHNRODSDMYLPALY from text positions 51+1, l " 0,1,...,27. MPHEABIIQNAPVTIIMSIGMWOVBQDO from text positions 51+2, l = 0,1,...,27. VCGCUQMPPUCKFKZDUKPVCKJFJIGU from text positions 51+3, l = 0,1,..., 27. MWXPEWSCKLRTWRSFERHLMPSAIWA from text positions 51+4, l = 0,1,..., 27. 5i= i+1= i+2= 5I+3= I+4= Prof. Jk LEE/security

43
**SPZPFOPXSZPDLLHNRODSDMYLPALY P-> E, Q-> F: **

The second section is: SPZPFOPXSZPDLLHNRODSDMYLPALY P-> E, Q-> F: HEOEUDEMHOESAAWCGDSHSBNAEPAN The fourth section is: VCGCUQMPPUCKFKZDUKPVCKJFJIGU U->A,V-> B: BIMIAWSVVAIQLQFJAQVBIQPLFOMA Prof. Jk LEE/security

44
**C-> A or K-> A. Trying these gives respectively: **

TAEASOKNNSAIDIXBSINTAIHDHGES CGCEGCFFECAFAJDEAFFCADFDCGE Of these two the first looks the most promising so we look at what we have for our five sections as rows: ………………………………………………... HEOEUDEMHOESAAWCGDSHSBNAEPAN Prof. Jk LEE/security

45
**TMCHRIPFTSODSEGFANGWES ITHRHI HEOEUDEMHOESAAWCGDSHSBNAEPAN **

M -> E, N-> F,... in the third row giving: TMCHRIPFTSODSEGFANGWES ITHRHI HEOEUDEMHOESAAWCGDSHSBNAEPAN E H M WSTAAIFSHN L A AE K A YEOGN T IVG TAEASOKNNSAIDIXBS INTAIHDHGES Hence we decide that the plaintext is: THE TIME HAS COME THE WALRUS SAID TO SPEAK OF MANY THINGS OF SHOES AND SHIPS AND SEALING WAX OF CABBAGES AND KINGS AND WHY THE SEA IS BOLLING HOT AND WHETHER PIGS HAVE WINGS Prof. Jk LEE/security

46
**EXAMPLE “STAR WARS” I KNOW ONLY THAT I KNOW NOTHING**

H UINF NIAP OCSO H UINF INOCHIT Prof. Jk LEE/security

47
**VERNAM CIPHER VERNAMCIPHER 21417130122 8157 417**

II Plaintext VERNAMCIPHE R Numeric Equivalent + Random Number II =Sum = mod Ciphertext : tahrsp itxma Prof. Jk LEE/security

48
**LONG SEQUENCE FROM BOOKS**

“What of thinking? I am,Iexist,that is certain” Machine cannot think iamie xistt hatis cert MACHI NESCA NNOTT HINK Prof. Jk LEE/security

49
**USED BY VIGENERE TABLE: Machines cannot think**

uaopm kmkvt unhbl jmed Prof. Jk LEE/security

50
**High-frequency letters: A,E,O,T : 40% and N,I: 25%**

a e I n o t A a e I n o t E e l m r s x I I m r w x c N n r w b c h O o s x c d l T t x b g h m Prof. Jk LEE/security

51
**Ci : u a o p m k m k v t Po: ? AA ? E ? E ? ? A O I I T T T**

Prof. Jk LEE/security

52
**Dual message entagement**

Key : disregardthismessage mess: thismessageiscrucial wpajqejvdzlqkovvmulgp Prof. Jk LEE/security

53
**transposition plaintext --> rearrangement --> cipertext**

ex) Cryptanalyst; 3 x4 matrix:column tr. c r y p row 2,4,1,3 t a n a \ RAYPATCTLYNS l y s t Prof. Jk LEE/security

54
**example Suppose d =4, f=(2 3 4 1): Ptx: cryp togr aphy**

Cxt: pcry rtog yaph how identity? How to decipher? Prof. Jk LEE/security

55
**General monoalphbetic cipers**

“starw wars” --> starw STARW BCDEF GHIJK LMNOP QUVXY Z Prof. Jk LEE/security

56
**ABCDEFGHIJKLMNOPQRSTUVWXYZ**

SBGLQZTCHMUADINVREJOXWFKPY Prof. Jk LEE/security

57
**EXAMPLE(report) DE : BASED ON FREQUENCY**

BRYH DRL R ITEEIA IRBS TEF CIAAXA NFR NDTEA RF FGKN RGL AOAYJNDAYA EDRE BRYH NAGE EDA IRBS NRF FMYA EK ZK TE CKIIKNAL DAY EK FXDKKI KGA LRH NDTXD NRF RZRTGFE EDA YMIAF Prof. Jk LEE/security

58
“Mary had a little lamb its fleece was white as snow and everywhere that mary went the lamb was sure to go it followed her to school one day which was against the rules.” Prof. Jk LEE/security

59
**Example Columnar transpositions t hisi sames saget oshow howac olumn**

I tion : tssoh oaniw haaso lrsto imghw works utpir seeoa mrook istwc nasns c1 c2 c3 c4 c5 c c7 c8 c9 c10 c c12 etc. Prof. Jk LEE/security

60
**Most common Diagrams and Trigrams**

diagrams trigrams en ent re ion er and nt ing th ive on tio in for tf our an thi or one Prof. Jk LEE/security

61
**Cryptanalysis by Diagram Analysis**

Two different strings of letters from a transposition ciphertext can represent pairs of adjacent letters from the plaintext. Problems: to find where in the cipertext a pair of adjacent olumns lies where the ends of the columns are Prof. Jk LEE/security

62
**The windows of comparison shift: c1 to c9, c2 to c10….**

c1 to c8, c2 to c9, …..c7 to c14. The windows of comparison shift: c1 to c9, c2 to c10…. Prof. Jk LEE/security

63
Prof. Jk LEE/security

64
**Tssoh oaniw haaso lrsto (I(m(g(h(w **

(u (t (p (I (r s)e)e)o))a m)r)o)o)k istwc nasns 50ch. -> single column 10 * 5 matrix or second column -> 8*7 matrix Prof. Jk LEE/security

65
**Double Transposition Algorithm**

Involves two columnar transpositions: Prof. Jk LEE/security

66
**tno (m(I m)tssi l(g(rr)w xswr(h s)o) cxo **

Result from the second column: tno (m(I m)tssi l(g(rr)w xswr(h s)o) cxo hs(we)o) nxhat (ue)k)ax oao(to) isxas (I(pa)sn x Prof. Jk LEE/security

67
**- speed of transformation**

Stream ciphers: convert one symbol of plaintext immediately into a symbol of ciphertext - speed of transformation - low error propagation * low diffusion * susceptibility to malicious and modifications Prof. Jk LEE/security

68
**Example: Monoalphabetic,Polyalphabetic Ciphers**

Stream Encryption Y Key(optional) ISSOPMI Plaintext WDHUW…… Ciphertext Encryption Example: Monoalphabetic,Polyalphabetic Ciphers Prof. Jk LEE/security

69
**Block ciphers Encrypt a group of plaintext symbols as one block key**

plaintext po xn ba oi encryption qc tp kb Prof. Jk LEE/security

70
**slowness of encryption error propagation **

Diffusion immunity to insertion slowness of encryption error propagation Example: columnar transposition Prof. Jk LEE/security

71
**Shannon Characteristics:**

GOOD ciphers? Shannon Characteristics: The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption The set of keys and enciphering algorithm should be free from complexity The implementation of the process should be as simple as possible Prof. Jk LEE/security

72
**Errors in ciphering should not propagate and cause corrupton of further information in the message**

The size of the enciphered text should be no larger than the text of the original message Prof. Jk LEE/security

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google