Applied Cryptography Chapter 1 Foundations Jaewon Lee

2 Terminology Sender and Receiver Sender and Receiver Messages and Encryption Messages and Encryption Authentication, Integrity, and Nonrepudiation Authentication, Integrity, and Nonrepudiation Algorithms and Keys Algorithms and Keys Symmetric Algorithms Symmetric Algorithms Public-Key Algorithms Public-Key Algorithms Cryptanalysis Cryptanalysis Security of Algorithms Security of Algorithms

3 Encryption and Decryption Encryption E(M) = C Decryption D(C) = M PlaintextCiphertext Original Plaintext MCM D(E(M)) = M

4 Algorithms and Keys Cryptographic algorithm (cipher) Cryptographic algorithm (cipher) –restricted algorithm –public algorithm Key Key –large number of values in keyspace –encryption key and decryption key Encryption E K (M) = C Decryption D K (C) = M PlaintextCiphertext Original Plaintext Key MCM D K (E K (M)) = M

5 Symmetric Algorithms Conventional algorithm, secret-key algorithm, single-key algorithm Conventional algorithm, secret-key algorithm, single-key algorithm –security rests in the key –stream cipher and block cipher –fast vs. key management problem –e.g) DES, 3DES, IDEA, RC2, RC5 / RC4 Encryption E K (M) = C Decryption D K (C) = M PlaintextCiphertext Original Plaintext Key MCM D K (E K (M)) = M K

6 Public-Key Algorithms Asymmetric algorithm Asymmetric algorithm –encryption key and decryption key (public key and private key) –security rests in the difficult math. problem –slow, but efficient –e.g) RSA, ECC, ElGamal, DSA Encryption E K pub (M) = C Decryption D K prv (C) = M PlaintextCiphertext Original Plaintext Public KeyPrivate Key MCM D K prv (E K pub (M)) = M

7 Cryptanalysis Ciphertext-only attack Ciphertext-only attack –Given : C 1 = E k (P 1 ), C 2 =E k (P 2 ), … C i = E k (P i ) –Deduce : Either P 1, P 2, …P i ; k ; or an algorithm to infer P i+1 from C i+1 =E k (P i+1 ) Known-plaintext attack Known-plaintext attack –Given : P 1, C 1 = E k (P 1 ), P 2, C 2 =E k (P 2 ), … P i, C i = E k (P i ) –Deduce : Either k, or an algorithm to infer P i+1 from C i+1 =E k (P i+1 ) Chosen-plaintext attack Chosen-plaintext attack –Given : P 1, C 1 = E k (P 1 ), P 2, C 2 =E k (P 2 ), … P i, C i = E k (P i ), where the cryptanalyst gets to choose P 1, P 2, …, P i –Deduce : Either k, or an algorithm to infer P i+1 from C i+1 =E k (P i+1 ) Adaptive-chosen-plaintext attack Adaptive-chosen-plaintext attack

8 Cryptanalysis (cont’d) Chosen-ciphertext attack Chosen-ciphertext attack –Given : C 1, P 1 = D k (C 1 ), C 2, P 2 =D k (C 2 ), … C i, P i = D k (C i ), –Deduce : k Chosen-key attack Chosen-key attack Rubber-hose cryptanalysis Rubber-hose cryptanalysis

9 Evaluation of Algorithm Security Security –total break –global deduction –instance (or local) deduction –information deduction Complexity Complexity –data complexity –processing complexity –storage requirements

10 Steganography Hide secret messages in other messages, such that the secret’s very existence is concealed. Hide secret messages in other messages, such that the secret’s very existence is concealed. –invisible inks –tiny pin punctures –minute differences between handwritten characters –pencil marks on typewritten characters

11 Substitution Ciphers and Transposition Ciphers Substitution ciphers Substitution ciphers –simple substitution cipher (monoalphabetic) –homophonic substitution cipher –polygram substitution cipher –polyalphabetic substitution cipher Transposition ciphers Transposition ciphers –the order of characters is shuffled around Rotor machines Rotor machines –“ Enigma ” used by the Germans during World War II

12 Simple XOR XOR operations XOR operations –a  a = 0 –a  b = 1 –a  b  b = a Symmetric algorithm Symmetric algorithm –P  K = C –C  K = P

13 One-Time Pads Perfect encryption scheme Perfect encryption scheme –large nonrepeating set of truly random key letters –e.g) message : ONETIMEPAD pad : TBFRGFARFM ciphertext : IPKLPSFHGQ because O + T mod 26 = I N + B mod 26 = P E + F mod 26 = K etc.

14 Computer Algorithms DES (Data Encryption Standard) DES (Data Encryption Standard) –the most popular computer encryption algorithm –U.S. government gurantees RSA (Rivest, Shamir, and Adleman) RSA (Rivest, Shamir, and Adleman) –the most popular public-key algorithm –used for both encryption and digital signature DSA (Digital Signature Algorithm) DSA (Digital Signature Algorithm) –U.S standard digital signature algorithm –only for digital signautre

15 Large Numbers Physical Analogue Number Odds of being killed by lightning (per day) 1 in 9 billion (2 33 ) Odds of winning the top prize in a U.S. state lottery 1 in 4,000,000 (2 22 ) Odds of winning the top prize in a U.S. state lottery and being killed by lightning in the same day 1 in 2 55 Odds of drowning (in the U.S. per year) 1 in 59,000 (2 16 ) Odds of being killed in an automobile accident(in the U.S. in 1993) 1 in 6100 (2 13 ) Odds of being killed in an automobile accident(in the U.S. per lifetime) 1 in 88 (2 7 ) Time until the next ice age 14,000 (2 14 ) years Time until the sun goes nova 10 9 (2 30 ) years Age of the planet 10 9 (2 30 ) years Age of the Universe (2 34 ) years Number of atoms in the planet (2 170 ) Number of atoms in the sun (2 190 ) Number of atoms in the galaxy (2 223 ) Number of atoms in the Universe (dark matter excluded) (2 265 ) Volume of the Universe (2 280 ) cm 3 If the Universe is Closed: Total lifetime of the Universe (2 37 ) years (2 61 ) seconds If the Universe is Open: Time until low-mass stars cool off (2 47 ) years Time until planets detach from stars (2 50 ) years Time until stars detach from galaxies (2 64 ) years Time until orbits decay by gravitational radiation (2 67 ) years Time until black holes decay by the Hawking process (2 213 ) years Time until all matter is liquid at zero temperature (2 216 ) years Time until all matter decays to iron 10 10^26 years Time until all matter collapses to black holes 10 10^76 years