Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.

Slides:



Advertisements
Similar presentations
Cryptography encryption authentication digital signatures
Advertisements

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Fubswrjudskb Frxuvh qxpehu: / Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.
Network Management and Security
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Computer Security CS 426 Lecture 3
L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.
Chapter 2 – Classical Encryption Techniques
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.
Chapter 12 Cryptography (slides edited by Erin Chambers)
Cryptography Week-6.
Cryptanalysis. The Speaker  Chuck Easttom  
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
CIS 5371 Cryptography Introduction.
Week 2 - Wednesday.  What did we talk about last time?  Encryption  Shift ciphers  Transposition ciphers.
Chapter 1 Introduction Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li
Lec. 5 : History of Cryptologic Research II
Based on Applied Cryptography by Schneier Chapter 1: Foundations Dulal C. Kar.
Cryptography and Network Security (CS435) Part Two (Classic Encryption Techniques)
Network Security Lecture 12 Presented by: Dr. Munam Ali Shah.
1 Chapter 2-1 Conventional Encryption Message Confidentiality.
Network Security Lecture 11 Presented by: Dr. Munam Ali Shah.
Lecture 3.4: Public Key Cryptography IV CS 436/636/736 Spring 2013 Nitesh Saxena.
Symmetric-Key Cryptography
Module :MA3036NI Cryptography and Number Theory Lecture Week 3 Symmetric Encryption-2.
Network Security Lecture 10 Presented by: Dr. Munam Ali Shah.
Terminology and classical Cryptology
CSCI 5857: Encoding and Encryption
Cryptography Lynn Ackler Southern Oregon University.
Cryptography Part 1: Classical Ciphers Jerzy Wojdyło May 4, 2001.
Lecture 3 Page 1 Advanced Network Security Review of Cryptography Advanced Network Security Peter Reiher August, 2014.
Traditional Symmetric-Key Ciphers
Computer Security Cryptography. Cryptography Now and Before  In the past – mainly used for confidentiality  Today –Still used for confidentiality –Data.
Data Security and Encryption (CSE348) 1. Lecture # 3 2.
CRYPTOGRAPHY. TOPICS OF SEMINAR Introduction & Related Terms Categories and Aspects of cryptography Model of Network Security Encryption Techniques Public.
Overview of Cryptography & Its Applications
24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
NEW DIRECTIONS IN CRYPTOGRAPHY Made Harta Dwijaksara, Yi Jae Park.
K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.
Intro to Cryptography Lesson Introduction
CS555Spring 2012/Topic 31 Cryptography CS 555 Topic 3: One-time Pad and Perfect Secrecy.
Symmetric Cipher Model Plaintext input 1- encryption algorithm 2- secret key Encryption Cipher text output Cipher text input 1- Decryption algorithm 2-
Lecture 1: Introduction, and Private Key Crypto -- I CS 436/636/736 Spring 2016 Nitesh Saxena.
1 CIS 5371 Cryptography 1.Introduction. 2 Prerequisites for this course  Basic Mathematics, in particular Number Theory  Basic Probability Theory 
Computer Security (CS4800)
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
1 Classical Encryption Techniques. 2 Symmetric cipher model –Cryptography –Cryptanalysis Substitution techniques –Caesar cipher –Monoalphabetic cipher.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
1 CIS 5371 Cryptography 1.Introduction. 2 Prerequisites for this course  Basic Mathematics, in particular Number Theory  Basic Probability Theory 
CRYPTOGRAPHY G REEK WORD MEANING “ SECRET WRITING ”
Chapter 2 Basic Encryption and Decryption
Introduction Of System Security
Cryptography.
Outline Some Basic Terminology Symmetric Encryption
Lecture 2: Cryptography I
Symmetric Encryption or conventional / private-key / single-key
Presentation transcript:

Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena

Course Administration Everyone receiving my s? Lecture slides worked okay? – Both ppt and pdf versions Everyone knows how to access the course web page? TA/Grader info posted I am posting the lectures in advance (the evening before the lecture) – But, this should not affect the attendance 5/8/2015Lecture Private Key Cryptography - I2

Outline of today’s lecture Cryptography Overview Private Key Cryptography: Encryption Classical Ciphers 5/8/2015Lecture Private Key Cryptography - I3

Cryptography Etymology: Secret (Crypt) Writing (Graphy) Study of mathematical techniques to achieve various goals in information security, such as confidentiality, authentication, integrity, non- repudiation, etc. Not the only means of providing information security, rather a subset of techniques. Quite an old field! 5/8/2015Lecture Private Key Cryptography - I4

Cryptography: Cast of Characters Alice (A) and Bob (B): communicating parties Eve (E): Eavesdropping (or passive) adversary Mallory (M): Man-in-the-Middle (or active adversary) Trent (T): a trusted third party (TTP) 5/8/2015Lecture Private Key Cryptography - I5

Today’s Focus How to achieve confidentiality by means of cryptography? 5/8/2015Lecture Private Key Cryptography - I6

Private Key/Public Key Cryptography Private Key: Sender and receiver share a common (private) key – Encryption and Decryption is done using the private key – Also called conventional/shared-key/single-key/ symmetric-key cryptography Public Key: Every user has a private key and a public key – Encryption is done using the public key and Decryption using private key – Also called two-key/asymmetric-key cryptography 5/8/2015Lecture Private Key Cryptography - I7

Common Terminologies Plaintext Key Encrypt (encipher) Ciphertext Decrypt (decipher) Cipher Cryptosystem Cryptanalysis (codebreaking) Cryptology: Cryptography + Cryptanalysis 5/8/2015Lecture Private Key Cryptography - I8

Private key model 5/8/2015Lecture Private Key Cryptography - I9

Open vs Closed Design Closed Design (as was followed in military communication during the World Wars) – Keep the cipher secret – Also sometimes referred to as the “proprietary design” – Bad practice! (why?) Open Design (Kerckhoffs' principle) – Keep everything public, except the key – Good practice – this is what we focus upon! 5/8/2015Lecture Private Key Cryptography - I10

Private Key Encryption: main functions 1.KeyGen: K = KeyGen(l) (l is a security parameter) 2.Enc: C = Enc(K,M) 3.Dec: M = Dec(K,C) 5/8/2015Lecture Private Key Cryptography - I11

Goals of the Attacker Learn the plaintext corresponding to a given ciphertext -- One-Way Security Extract the key – Key Recovery Security Learn some information about the plaintext corresponding to a given ciphertext – Semantic Security Key recovery security and one-way security are a must for an encryption scheme. Semantic Security is ideal. 5/8/2015Lecture Private Key Cryptography - I12

Capabilities of the Attacker 1.No Information (besides the algorithm) 2.Ciphertext only – Adversary knows only the ciphertext(s) 3.Known plaintext – Adversary knows a set of plaintext-ciphertext pairs 4.Chosen (and adaptively chosen) plaintext (CPA attack) – Adversary chooses a number of plaintexts and obtains the corresponding ciphertexts 5.Chosen (and adaptively chosen) ciphertext attack (CCA attack) – Adversary chooses a number of ciphertexts and obtains the corresponding plaintexts 5/8/2015Lecture Private Key Cryptography - I13

Security Model 1 is the hardest and 5 is the easiest attack to perform A cryptosystem secure against 5 is the strongest, and secure against 1 is the weakest A cryptosystem secure against 5 is automatically secure against 4, 3, 2 and 1 least attacker capability most attacker capability 1<2<3<4<5 weakest cryptosystem ……………………………………… strongest cryptosystem 5/8/2015Lecture Private Key Cryptography - I14

Brute Force Attacks: Key Recovery Since the key space is finite, given a pair (or more) of plaintext and ciphertext, a cryptanalyst can try and check all possible keys. For above to be not feasible, key space should be large!! – How large? – Large enough to make it impractical for an adversary. But what is impractical today, may not be so tomorrow. At least 2 80 – see this paper on “selecting cryptographic key sizes” 5/8/2015Lecture Private Key Cryptography - I15

Ciphers We Will Study Classical ones – Substitution Ciphers Caesar’s Cipher Monoalphabetic Polyalphabetic – Transposition Ciphers Modern ones – DES/AES – Others… 5/8/2015Lecture Private Key Cryptography - I16

Caesar Cipher (or Shift Cipher) Substitution cipher Let messages be all lower case from a through z (no spaces or punctuation). Represent letters by numbers from 0 to 25. Encryption function C i = E(P i ) = P i + K (mod 26) where K is secret key Decryption is P i = D(C i ) = C i - K (mod 26) 5/8/2015Lecture Private Key Cryptography - I17

Security of Caesar Cipher Easy to brute force: size of key-space is 26 – Not secure against even ciphertext-only attack (the one where adversary had the least capability) 5/8/2015Lecture Private Key Cryptography - I18

Monoalphabetic Substitution 5/8/2015Lecture Private Key Cryptography - I19 ABCDEFGHIJKLMNOPQRSTUVWXYZ POLYTECHNIUVRSBKWADFGJMQXZ POKEMONMASTER KBUTRBSRPDFTA

Monoalphabetic Substitution Key space is large 26! = 4 x – Quite large, however, – Can be broken (not secure against ciphertext-only) using language characteristics! 5/8/2015 Lecture Private Key Cryptography - I 20

Polyalphabetic Substitution – Vigenere Cipher Use K mono-alphabetic ciphers – E 1, E 2, … E k. In position i, of plaintext, use cipher E i. Example using Caesar ciphers … Plaintext: helloiloveyouwontyoutellmeyourname Key: polytechnicpolytechnicpolytechnicpoly Ciphertext: wswjhmnv……………………………… A little harder to break but frequency analysis is possible Some well known techniques for determining key length – we will not cover (see text for Kasiski method) 5/8/2015Lecture Private Key Cryptography - I21

One time Pad or Vernam Cipher: Best Possible Cipher If we use Vigenere with key length as long as plaintext, then cryptanalysis will be difficult! If we change key every time we encrypt then cryptanalyst’s job becomes even more difficult. One-time pad or Vernam Cipher. How do we get such long keys? Such a cipher is difficult to break but not very practical. 5/8/2015Lecture Private Key Cryptography - I22

Binary Vernam plaintext is binary string and key is binary string of equal length, then encryption can be done by a simple XOR operation. Plaintext: Key: Ciphertext: If the key is random and is not re-used, then such a system offers unconditional security – perfect secrecy! Intuitively perfect secrecy can be seen from the fact that given any plaintext and ciphertext, there is a key which maps the selected plaintext to the selected ciphertext. So given a ciphertext, we get no information whatsoever on what key or plaintext could have been used. How do we obtain “random” bit-strings for shared secret keys as long as the messages, and never re-use them? Again system is not practical. 5/8/2015Lecture Private Key Cryptography - I23

Transposition Harder to break than substitution ciphers Still susceptible to frequency analysis 5/8/2015Lecture Private Key Cryptography - I24 POKEMONMASTER OENTEMPKMOASR

Product Ciphers Substitution and transposition ciphers are not secure due to language characteristics What about using two or more of these ciphers in a serial fashion – Two or more substitutions – Two or more Transpositions – A few substitutions and a few transposition  Transition from classical to modern ciphers 5/8/2015Lecture Private Key Cryptography - I25

Some Questions Enigma is an example of design? Encryption can provide confidentiality, but not integrity: true or false? World’s best cipher is ---? I give you a ciphertext, and ask you to give me the corresponding plaintext – what attack is this? How does it compare to the known plaintext attack? All classical ciphers are based on either ---- or ----? Why are they all broken? What’s the problem in choosing a long long key? It should give you a lot of security, no? 5/8/2015Lecture Private Key Cryptography - I26

Some Questions An encryption scheme is said to be deterministic if encrypting the same plaintext twice yields the same ciphertext. (otherwise it is said to be randomized). – Is a deterministic scheme a good scheme in terms of security? 5/8/2015Lecture Private Key Cryptography - I27

Further Reading Stallings (edition 5) – Chapter 2.1 to 2.3 HAC – Chapter 1 and 7 5/8/2015Lecture Private Key Cryptography - I28

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.