Presentation on theme: "Cryptography encryption authentication digital signatures"— Presentation transcript:
1Cryptography encryption authentication digital signatures one-way functionshash algorithmskey generation, exchange and management
2EncryptionTransforming a message - the plaintext, into an unrecognisable (encrypted) form, called the ciphertext.To the layman this is known as coding and decoding messages. The proper terms are encrypting and decrypting.
3The intention is that if an encrypted message is intercepted, then the interceptor will not be able to interpret the ciphertext.Messages have been encrypted for many years using letter substitution for example.These days mathematical algorithms are used to encrypt and decrypt messages using computers.
4Caesar’s CipherTo encrypt a message written using the English alphabet A..ZEach letter in the plaintext message is replaced by the letter k places along in the alphabet (where k is between 0 and 25 inclusive) wrapping around to the beginning of the alphabet if necessary.To decrypt the message, each letter is replaced by the letter 26-k places along.
8The KeyOne of the reasons for enciphering this text is to show the reader how easily this type of cipher can be broken…...
9DefinitionsThe sender A (Alice) wants to send a message m (the plaintext) to a receiver B (Bob).Alice encrypts the message using an encryption key e and an encryption algorithm f to produce a ciphertext c=f(m,e)To decrypt the ciphertext c, Bob uses his decryption key d and a decryption algorithm g to obtain the original message m=g(c,d)
10A property of the encryption process must be that Bob retrieves the original message. Thus for a particular pair of keys e,d, it must be true that for every m in M, if m encrypts to c, then c decrypts to m. Hence for every m in M:if c=f(m,e) then m=g(c,d)org(f(m,e),d)=m
11Alice keeps the encryption key e secret and Bob keeps the decryption key d secret. Alice and Bob may know each others keys (this is true for symmetric key algorithms) or they might not (in public key cryptosystems).If the message is very long it might be broken up into shorter blocks. Each block is then encrypted and decrypted separately.
12The characters of the message come from a message alphabet M and the ciphertext will be characters of the ciphertext alphabet CThe two alphabets M and C may be the same but they could be different.A cryptosystem refers to all the aspects of a particular encryption system, so includes the information about the message and ciphertext alphabets, the encryption and decryption algorithms, the method of blocking and the allowable keys.
13The keyspace K is the set of all possible encryption keys The keyspace K is the set of all possible encryption keys. We usually include the trivial keys in the key space even though they will not be used.The enemy in the cryptosystem is the person who intercepts the message and tries to gain unauthorised information. Such a person is called a cryptanalyst and is usually given the name Charles.A cryptographer is someone who studies all aspects of cryptosystems.
14What Charles might try to do: Determine the message without determining either keyDetermine the decryption key so that he can decrypt the message (and other messages encrypted using the same encryption key)Determine the encryption key so that he can determine the decryption keyDetermine the encryption key so that he can masquerade as Alice
15When considering the security of an encryption algorithm, it is best to assume that Charles, the enemy, has knowledge of the encryption and decryption algorithms, the key space and the methods of blocking.In fact assume that Charles knows everything except the keys used.Also assume that Charles has adequate computing power, finance and expertise on his side.
16Attacks on a cryptosystem We always assume that Charles has all the information on a particular cryptosystem except for the keys used. What sort of attack he can launch depends on what other information he has.Types of attack are called:
17Types of attack: ciphertext only known message probable known message chosen messagechosen ciphertextchosen message and ciphertext
18Methods of AttackThe cryptanalyst has various strategies that he can use. Following are brief explanations of three of them:
191. Try all possible decryption keys The success of this will depend onthe size of the keyspacethe redundancy in the messageHow long it takes to recover the key depends onthe number of keyshow long it takes to investigate each key
202. Analyse the ciphertext statistically For example, if the cryptosystem uses a substitution cipher on an English text message, a frequency count on the letters of the ciphertext will give an indication of the substitutions used for the most commonly used letters.Redundancy in the English language will give away the rest of the key.
21Blocking the message into groups of say 8 characters makes this kind of attack much harder. For example, the ciphertext G QT Q TQZcan be decrypted quite easilyHowever, a similar message (encrypted with a different key and blocked together) is SRYSRSPwhich isn’t quite so easy to decrypt.
223. Differential Cryptanalysis This method requires Charles to generate a large number of messages which only differ by a small amount, persuading Alice to encrypt them, and then analysing the corresponding ciphertexts.
23Properties of a good cryptosystem A large alphabet M to make it hard to do statistical analysisA large keyspace to make it hard to do exhaustive keyspace searchSpeed of execution (for high message throughput)The same algorithm for encryption and decryption (to reduce costs)