Presentation is loading. Please wait.

Presentation is loading. Please wait.

CHAPTERS 1 & 2 TJADEN, EARLY CHAPTERS OF THE CODE BOOK, INTRODUCTION TO CRYPTOOL AND SIMPLE CRYPTOGRAPHIC TECHNIQUES Dr. Suzanne Buchele (some content.

Published byCaren Francis Modified over 7 years ago

Similar presentations

Presentation on theme: "CHAPTERS 1 & 2 TJADEN, EARLY CHAPTERS OF THE CODE BOOK, INTRODUCTION TO CRYPTOOL AND SIMPLE CRYPTOGRAPHIC TECHNIQUES Dr. Suzanne Buchele (some content."— Presentation transcript:

1 CHAPTERS 1 & 2 TJADEN, EARLY CHAPTERS OF THE CODE BOOK, INTRODUCTION TO CRYPTOOL AND SIMPLE CRYPTOGRAPHIC TECHNIQUES Dr. Suzanne Buchele (some content borrowed from Ed Crowley at The University of Houston)

2 Major Issues in Computer and Network Security
Identity theft and fraud Pornography (esp. and minors) E-commerce security Protecting critical infrastructures Computerized crime National and international laws and issues related to cybercrime Prosecution of cybercrime, including evidence and forensics Privacy issues Freedom of speech vs. hate crime and terrorism issues

3 What is a Secure Computer System?
A security policy specifies exactly what types of actions are and are not permitted Example security policy: Only authorized users should be able to use the system Users should not be able to read, modify, or delete other user’s private files The system’s resources should be shared fairly among all users A secure system always obeys its security policy A violation of a system’s security policy is called a security breach

4 SECURITY BREACHES Security breaches can occur:
Accidentally – such as when a faulty program causes the system to malfunction Intentionally – such as when a malicious user discovers a way to access another user’s files Creating a secure system in which security breaches cannot occur can be either relatively easy or nearly impossible, depending on: What the security policy requires How the system implements the policy

5 RELATIVE SECURITY Recall our first security principle:
There is no such thing as absolute security Few useful systems will be absolutely secure, due to Complexity of computer systems and Limits on our ability to verify their software View security in a more relative sense Inherent tradeoffs with how difficult, expensive, and dangerous the system makes it to breach security Example: safes and padlocks

6 Trade-offs between Cost and Security
Example: user authentication System A - authenticates the user sitting at a terminal every five minutes by retinal scan System B - authenticates users once when they log in using a password System A is probably more secure than system B, but it is also more costly and inconvenient for users Is the added security and expense of system A called for? Perhaps, for a corporation with millions of dollars worth of trade secrets to protect Probably not, for a small company or an individual with little of value on their computer system

7 SYSTEM FUNCTIONALITY PRINCIPLE JUSTIFICATION
System Functionality Principle: A computer system should include as much functionality as necessary, and no more. Why? Because limiting system functionality reduces avenues of attack: Security breaches caused by system functionality can be caused by: Software bugs that enable attackers to cause some part of the system to malfunction Unforeseen interactions between system components

8 POLICY SIMPLICITY PRINCIPLE JUSTIFICATION
The Policy Simplicity Principle: A security policy should be as simple as possible, and no simpler. Why? Simplifying security policies makes them easier to: get right reason about implement Security breaches caused by policy shortcomings are most often due to: An incomplete or inconsistent policy, A misunderstanding of the policy’s requirements An error in its implementation

9 CHIEF CONCERNS OF A SECURE SYSTEM
Data: Privacy Integrity Availability Users: Authentication Nonrepudiation System:

10 Data Privacy Data privacy means that information access is limited to authorized entities Examples: Certain files on the system can only be accessed by particular users Communications between two users cannot be read by some third party Cryptography is an important technique used to protect the privacy of data

11 DATA INTEGRITY Data integrity means that information can be modified only: by an authorized principal and to the extent of the authorization Examples: A bank’s system must ensure that only authorized bank personnel can change account balances (privacy is also a concern) A company wants to make sure that its freeware program is not modified to behave maliciously (privacy is not a concern) Message-digest functions can be used to protect data

12 Data Availability Data availability means that information will be accessible in a timely manner when it is needed Examples: A system with such strict virus protection that the user is unable to use a USB drive on it A system that gives priority to certain users, so that other users are unable to access the system during busy times Denial-of-service attacks that make a network unusable Replication and fault tolerance can be used to ensure the availability of data

13 User Authentication User authentication means that the system can accurately determine a user’s identity The security of many actions depend on the identity of the person performing the action Examples: Only certain users should be able to add or delete system accounts Messages across a network must be sent to the correct and legitimate recipients Passwords, smart cards, and biometrics (e.g. retinal or fingerprint scanning) can all be used to authenticate users

14 User Privacy User privacy means that users have some control over what information the system collects and makes available to others Examples: Some users may not want others to know at what times and from what locations they log on, what programs they run, or with whom they are communicating Some users may not want their identity to be known or derived from their username Users may not want to receive unsolicited commercial offers through Anonymity can help to protect a user’s privacy

15 User NonRepudiation User nonrepudiation means that a user cannot deny or repudiate a communication was sent or initiated by them Examples: A customer requests her broker purchase shares of a particular stock, but when the price goes down later in the day she attempts to deny that she authorized the purchase Being able to verify that a message came from the party who sent it User nonrepudiation typically involves digital signatures using a cryptographic technique that cannot be forged.

16 System Authentication
System authentication concerns systems authenticating themselves to other systems Examples: In a networked environment, authenticating clients and servers to each other, for the purpose of exchanging messages, data packets, or other information to and from known entities In an internetworked environment, routers verify among themselves that they are valid routers and provide valid paths to other segments of the network (route authentication) System authentication typically uses cryptographic protocols and sometimes some limited trust

17 System Nonrepudiation
System nonrepudiation means that a system cannot deny or repudiate a communication was sent or initiated by it Examples: In a network, the IP address of the sending server or router should be authentic If someone is hacking into a system, knowing from which server the malicious intrusion originates can aid law enforcement System nonrepudiation typically involves digital signatures using a cryptographic technique that cannot be forged, but also a level of trust.

18 Security in Stand-Alone and Networked Environments
Stand-alone system: the operating system is likely to control all communication channels user must be physically present to use the system, usually only has access to own data Networked/Internetworked systems: no host controls the communication medium, and eavesdropping is usually easy user may be far away and may be accessing the system over an insecure communications channel, potential to eavesdrop, forge, or modify communications

19 Cryptography Text defines Cryptography as the science of designing and analyzing cryptosystems which are used to disguise messages so that only certain people can see through the disguise. Basic Cryptography Terms: Plaintext: the unencrypted text or data Ciphertext: the encrypted text or data Encryption: the process used to convert plaintext into ciphertext Decryption: the process used to convert ciphertext into its associated plaintext

20 Classic Cryptography: Caesar Cipher
Used by Caesar and his generals to communicate securely Simple shift cipher: each character of the ciphertext is derived by shifting the associated character in the plaintext forward by n characters in the alphabet n is the encryption and decryption key Encryption: Ci = (Pi + n) mod 26 Decryption: Pi = (Ci - n) mod 26 mod means wrap around from z to a Example (in-class exercise): Encrypt: “Six AM” with a key of 4 Decrypt: “Egnefufgfuaz oubtqd” with a key of 12 Ask: Substitution or transposition cipher? In terms of substitution cipher, key is literally the 26 characters shifted by n. For Caesar shift cipher, easier to encode as just n

21 Keyspace of a Cryptosystem
The set of possible (usable) keys of a cryptosystem is referred to as the cryptosystem’s keyspace For the Caesar cipher, any value from the set {1, 2, …, 25} can be a key Cryptosystems with a small keyspace are vulnerable to a brute-force or exhaustive search for the correct key Caesar cipher vulnerable to brute force attack? Yes! Only 25 keys to search.

22 Cryptanalysis Cryptanalysis the science of attacking cryptosystems to deduce the key and/or recover plaintext Generally accepted that the most secure cryptosystems are those whose algorithmic details are public Public analysis helps to uncover flaws that designers overlooked In any event, a good idea to assume adversary knows the ciphertext and encryption algorithm

23 Cryptanalysis of the Caesar Cipher
Ciphertext: “GRR MGAR OY JOBOJKJ OT ZNXKK VGXZY” Perform decryption and obtain possible plaintexts with each possible key: (If key is 1): FQQ LFZQ NX INANIJI NS YMWJJ UFWYX (If key is 2): EPP KEYP MW HMZMHIH MR XLVII TEVXW (If key is 3): DOO JDXO LV GLYLGHG LQ WKUHH SDUWV (If key is 4): CNN ICWN KU FKXKFGF KP VJTGG RCTVU (if key is 5): BMM HBVM JT EJWJEFE JO UISFF QBSUT (if key is 6): ALL GAUL IS DIVIDED IN THREE PARTS (if key is 7): ZKK FZTK HR CHUHCDC HM SGQDD OZQSR (if key is 26): GRR MGAR OY JOBOJKJ OT ZNXKK VGXZY This is a bruce-force approach Only one of the possible plaintexts makes sense, so we deduce the plaintext (and the key as well)

24 Classic Cryptography: The Monoalphabetic Replacement Cipher
Similar to Caesar cipher but with a much larger keyspace A key is any permutation of the 26 letters of the alphabet Q: How many keys? A: 26! = 403,291,461,126,605,635,584,000,000, exhaustive search would take more than 12 million years Example: JQPLMZKOWHANXIEURYTGSFDVCB Defines a cipher alphabet, which specifies a cipher letter (bottom row) for each letter in the plaintext (top row): A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

25 Monoalphabetic Replacement Cipher Encryption and decryption
Cipher alphabet: Encrypt: “I prefer freedom with danger to slavery with ease” W uymzmy zymmlex dwgo ljikmy ge tnjfmyc dwgo mjtm Decrypt: “Jnn gom deynl’t j tgjkm” All the world’s a stage A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

26 Monoalphabetic Replacement Cipher Weak Keys
Some keys result in better-disguised ciphertext than others: Using JQPLMZKOWHANXIEURYTGSFDVCB as a key with the plaintext “I prefer freedom with danger to slavery with ease” results in the ciphertext: “W uymzmy zymmlex dwgo ljikmy ge tnjfmyc dwgo mjtm” Using ABCDEFGHIJKLMNOPQRSTUVWXZY as a key with the same plaintext results in the ciphertext: “I prefer freedom with danger to slaverz with ease.” A weak key produces ciphertext that easily deciphered The existence of weak keys need not be a problem so long as: They are not used The vast majority of the keys are not weak Using ABCDEFGHIJKLMNOPQRSTUVWXYZ as a key with the same plaintext results in the ciphertext: “I prefer freedom with danger to slavery with ease”

27 Cryptoanalyzing a monoalphabetic Replacement cipher
Exhaustive search at one trillion keys per second takes 400 trillion seconds, or more than 12 million years. However, it is fairly easy to perform cryptanalysis on this cipher, but not using exhaustive search. Example: “Jnn gom deynl’t j tgjkm” Ideas? Easier on longer pieces of text, harder on shorter pieces Easier in the presence of capitalization, punctuation, and spaces Will do in lab today

28 Polyalphabetic Replacement Cipher
Uses two or more cipher alphabets Example: : Encrypt and decrypt using some prearranged pattern of the two cipher alphabets E.g. use 1st cipher alphabet on 1st, 3rd, 5th, etc. letters, use second 2nd cipher alphabet on 2nd, 4th, 6th, etc. letters Encrypt: “I prefer freedom with danger to slavery with ease” W myrzry eyrmteq dhga lbixmw gp tljymxc gwio rjnm A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

29 Polyalphabetic Vigenère Cipher
Considered Le Chiffre Indéchiffrable in its time Much more difficult to decipher than a monoalphabetic or simpler polyalphabetic cipher Uses 26 cipher alphabets, each one a Caesar shift of one more than the previous, arranged in a Vigenère square The key is a code word or phrase, repeated over and over for the length of the plaintext message Each character in the key defines a row of the Vigenère square, so that is the row used to encode the corresponding plaintext character into ciphertext More on Friday…

30 The Code Book Website There is a lot of great information at The Code Book’s website: The Black Chamber has good information and tools: In particular, the Vigenère Cipher tools and information are interesting:

31 Introduction to Cryptool
Freeware program with graphical user interface Cryptographic methods can be applied and analyzed Contains nearly all state-of-the-art cryptography functions Easy entry to learn about modern and classical cryptography Comprehensive online help (understandable without deeper cryptography knowledge) Not a “hacker tool”

32 Why Cryptool? Origin in awareness initiative of a financial institute
Developed in close cooperation with universities Designed to help improve university education and in- firm training Target groups: Core group: Students of computer science, business computing and mathematics But also for: computer users, application developers, employees Prerequisite: PC knowledge Preferable: Interest and knowledge in mathematics and/or programming

33 The CrypTool Project Origin in awareness program of a bank (in-firm training) Awareness for employees Developed in co-operation with universities (improving education) Timeline: 1998 Project Start –more than 17 man-years effort since then 2000 CrypTool available as freeware 2002 CrypTool on Citizen-CD-ROM from BSI(German Information Security Agency) 2003 CrypTool becomes Open-Source 2007 CrypTool available in German, English, Polish and Spanish 2008 .NET version and Java version

34 The CrypTool Project – Cont’d
Awards: 2004 TeleTrusT (TTT Förderpreis) 2004 NRW(IT Security Award NRW) 2004 RSA Europe (Finalist of European Information Security Award 2004) 2008 “Selected Landmark” in initiative: “Germany –Land of Ideas" Developers: Developed by people from companies and universities in different countries Currently over 40 people working on CrypTool world wide Additional project members or usable sources are always appreciated

35 Features of Cryptool (1)
Classical cryptography Caesar (and ROT-13) Monoalphabetic substitution (and Atbash) Vigenère Hill Homophone substitution Playfair ADFGVX Byte Addition XOR Vernam Permutation / Transposition(Rail Fence, Scytale, …) Solitaire

36 Features of Cryptool (2)
Cryptanalysis Manually (supported) Mono alphabetical substitution Playfair, ADFGVX, Solitaire Supported analysis methods Entropy, floatingfrequency Histogram, n-gram analysis Autocorrelation Periodicity Random analysis Base64 / UU-Encode

37 Features of Cryptool (3)
Cryptanalysis: Attack on classical methods Cipher text only: Caesar Vigenère Addition XOR Substitution Playfair Known-plaintext: Hill Single-column transposition

38 Features of Cryptool (4)
Modern symmetric encryption IDEA, RC2, RC4, RC6, DES, 3DES, DESX AES candidates of the last selection round (Serpent, Twofish, …) AES (=Rijndael) DESL, DESXL Asymmetric encryption RSA with X.509 certificates RSA demonstration Understanding of examples Alphabet and block length selectable Hybrid encryption (RSA + AES)

39 Features of Cryptool (5)
Brute-force attack on symmetric algorithm For all algorithms Assumptions: Entropy of plaintext is small or key is partly known or plaintext alphabet is known Attack on RSA encryption Factorization of RSA module Lattice-based attacks Attack on hybrid encryption Attack on RSA or Attack on AES (side-channel attack)

40 Features of Cryptool (6)
Digital signatures RSA with X.509 certificates DSA with X.509 certificates Elliptic Curve DSA, Nyberg-Rueppel Hash functions MD2, MD4, MD5 SHA, SHA-1, SHA-2, RIPEMD-160 Random generators Secude x2mod n Linear congruence generator (LCG) Inverse congruence generator (ICG)

41 Features of Cryptool (7)
Attack on RSA signature Factorization of the RSA module Feasible up to 250 bits or 75decimal places Attack on hash functions / digital signature Generate hash collisions for ASCII based text (birthday paradox) (up to 40 bit in around 5 min) Analysis of random data FIPS-PUB test battery Periodicity, Vitany, entropy Floating frequency, histogram n-gram analysis, autocorrelation ZIP compression test

42 Features of Cryptool (8)
Animation / Demos Caesar, Vigenère, Nihilist, DES (all with ANIMAL) Enigma (Flash) Rijdael/AES (Java and Flash) Hybrid encryption and decryption (AES-RSA and AES-ECC) Generation and verification of digital signatures Diffie-Hellman key exchange Secret sharing (with CRT or Shamir) Challenge-response method (authentication) Side-channel attack Secure with the S/MIME protocol (Java and Flash) Graphical 3D presentation of (random) data streams Sensitivity of hash functions re: plaintext modifications Number theory and RSA crypto system (with Authorware)

43 Features of Cryptool (9!)
Additional functions Homophone and permutation encryption (Double Column Transposition) PKCS #12 import and export for PSEs(Personal Security Environment) Generate hashes of large files, without loading them Flexible brute-force attacks on any modern symmetric algorithm ECC demonstration (as Java application) Password Quality Meter (PQM) and password entropy And a lot more …

44 Cryptool Demo…

45 Polyalphabetic Vigenère Cipher
Considered Le Chiffre Indéchiffrable in its time Much more difficult to decipher than a monoalphabetic or simpler polyalphabetic cipher Uses 26 cipher alphabets, each one a Caesar shift of one more than the previous, arranged in a Vigenère square The key is a code word or phrase, repeated over and over for the length of the plaintext message Each character in the key defines a row of the Vigenère square, so that is the row used to encode the corresponding plaintext character into ciphertext

46 Vigenère Square: Encrypting
Each letter in the key selects a different row in the square That is the row used to encode the corresp. plaintext letter In-class exercise: Key word: AshesiUniversityCollege Plaintext: The quick brown fox jumped over the lazy dog In class exercise: Codeword: AshesiUniversityCollege, Plaintext: “The quick brown fox jumped over the lazy dog” Answer: TZL UMQWX JMSNF NHV LIXAIJ SVWY XZM FNHT HFY

47 Vigenère Square: Decrypting
In-class exercise: Key word: AshesiUniversityCollege Cipher text: CMWGSSY Plaintext: cupcake In class exercise: Codeword: AshesiUniversityCollege, Plaintext: “The quick brown fox jumped over the lazy dog” Answer: TZL UMQWX JMSNF NHV LIXAIJ SVWY XZM FNHT HFY

48 Cryptoanalyzing the Vigenère Cipher
Was thought to be impregnable to frequency analysis Can’t use simple frequency analysis as in monoalphabetic systems Cryptoanalysis foothold: k different cipher alphabets used to encrypt the message, where k is the length of the key Charles Babbage used form of frequency analysis to attack the cipher: Search the ciphertext for sequences of letters that appear more than once in the ciphertext. Two ways repetitions could arise: 1. The same sequence of letters in the plaintext were enciphered using the same part of the (repeated) key 2. Two different letters in the plaintext were enciphered using different parts of the key, resulting in the same ciphertext sequence Most likely!

49 Cryptoanalyzing the Vigenère Cipher
Assuming long sequences of ciphertext and a relatively short key (repeated over and over for the length of the ciphertext), can assume that many repeated sequences of letters in the ciphertext result from repeated sequences of letters in the plaintext enciphered using the same part of the key Count the space between occurrences of repeated ciphertext sequences, look for a common factor Common factor likely to be length of key Once know length of key, can use brute force or other cues in the ciphertext to attack from there Will do in lab today, but unfortunately no easy way to count characters between occurrences in Cryptool

50 The Code Book Website There is a lot of great information at The Code Book’s website: In particular, the Vigenère Cipher tools and information are interesting: In lab today: Look at vignere_tool and vignere_strong in class

51 The Enigma Machine Major components: Developed after WWI (1918)
Commercially developed Mid-1920’s By original developer? Yes, eventually… Why not earlier? Used by Germans in WW II (for 2 decades) Major components: Keyboard and Lampboard Plugboard 3 Rotors (scramblers) Reflector

52 Enigma Components Plugboard 3 Rotors (scramblers) Reflector
6 cables, to exchange 6 letters 3 Rotors (scramblers) 1st one advances by one position with every character that is typed Reflector Makes it symmetric: plaintext -> ciphertext is same process as ciphertext -> plaintext Keyboard and Lampboard Typing plaintext on keyboard lights up ciphertext on lampboard, for sending Typing ciphertext on keyboard lights up plaintext on lampboard, for recording deciphered message

53 Enigma Components aklfhjwlk

54 Enigma Demo in Cryptool

55 One Time Pad Key is used to offset that character via Caesar shift
Unbreakable Sender and receiver must generate a large, non- repeating set of truly random key letters Must be as long or longer than the plaintext message E.g. IPKLPSFHGQYPWKQMSVCX… Key is used to offset that character via Caesar shift Sender uses each key letter on the pad to encrypt one letter of plaintext: Ci = (Pi + Ki) mod 26 Receiver uses each key letter on the pad to decrypt one letter of ciphertext: Pi = (Ci - Ki) mod 26

56 One Time Pad - Example One time pad key: IPKLPSFHGQYPWKQMSVCX…
Plaintext: “ATTACKATDAWN” Ciphertext: “JJEMSDGBKRVD” A (1) + I (9) mod 26 = J (10) A (1) + F (6) mod 26 = G (7) T (20) + P (16) mod 26 = J (10) T (20) + H (8) mod 26 = B (2) T (20) + K (11) mod 26 = E (5) D (4) + G (7) mod 26 = K (11) A (1) + L (12) mod 26 = M (13) A (1) + Q (17) mod 26 = R (18) C (3) + P (16) mod 26 = S (19) W(23) + Y(25) mod 26 = V (22) K (11) + S (19) mod 26 = D (4) N (14) + P (16) mod 26 = D (4)

57 One Time Pad - Security Provably secure:
If we assume the adversary doesn’t know any of the key letters on the one-time pad, and If they were generated truly randomly then all key letters are equally likely in each position Then when the adversary sees the ciphertext: “JJEMSDGBKRVD”, all plaintexts are equally possible! JJEMSDGBKRVD = ATTACKATDAWN for key IPKLPSFHGQYP JJEMSDGBKRVD = ELVISISALIVE for key EXIDZUNAYIZY

58 One Time Pad - Drawbacks
Key must be as long as the message Security depends on adversary never obtaining a copy of the pad Pad must be distributed securely to sender and receiver Pad must be destroyed immediately after use to lessen the likelihood that old messages will be compromised Key can only be used One Time! Security depends on using the cryptosystem properly Pad must be generated truly randomly (pseudo-random won’t due) No part of the pad can ever be reused

59 Types of Cryptosystems
Codes, ciphers, or a combination of the two Ciphers (e.g. the Caesar cipher) Transform each plaintext block into a ciphertext block Block is a fixed-size unit on which a cryptosystem operates Can be a single character (e.g. Caesar cipher), or several (many) characters Codes Sender and receiver each have a copy of a codebook which specifies one or more codewords for each word that might be used in a message

60 Transposition Vs. Substitution Cipher
What’s the difference? Transposition Cipher: all the same characters are used, they are just rearranged according to some pattern. The pattern is the key. Substitution Cipher: each plaintext character (or, a subset of the characters, e.g. the alphanumeric characters only) are substituted character-for- character for a ciphertext character. The cipher alphabet which infers the correspondence between plaintext characters and ciphertext characters, is the key.

61 Transposition Cipher Example
Transposition ciphers shuffle the blocks into a new order that depends on the plaintext block and key Example: => “AKDT ATAWATNC” A T C K D W N

62 Codes Sender and receiver each have a copy of a codebook which specifies one or more codewords for each word that might be used in a message: Codewords can be random numbers, strings of characters, or other symbols Plaintext: “ATTACK AT DAWN” Ciphertext: “March September October” or “March September April” “July December January September April July” or … Plaintext Word Codeword AT September ATTACK March December DAWN April October (null) July January

63 Types of Cryptosystems – Symmetric and Asymmetric Key
Same key used for encryption and decryption Typically used for bulk encryption Asymmetric-key (or public-key) Different key used for encryption and decryption Usually not used for bulk encryption Hybrid cryptosystems

64 Symmetric-key Cryptosystems
Also called Shared-Key Cryptosystems Standard use of a symmetric-key cryptosystem: Sender and receiver agree on a secret key Must be done securely! Key Distribution Problem Messages are encrypted by the sender with the shared key and decrypted by the receiver with the shared key Typically encryption and decryption algorithms are different Inverse/reverse algorithms Note: Users need to have a previously-established shared secret to communicate securely

65 Asymmetric-Key Cryptosystems
Also known as Public-Key Cryptosystems Standard use of a public-key cryptosystem: Generate a public-key/private-key pair Disseminate your public key widely Keep your private key secret Anybody can encrypt a message to you using your public key Only you can decrypt the message using your private key Note: unlike symmetric-key cryptosystems, users don’t need to have a previously-established shared secret to communicate securely

66 Public-Key Cryptosystems
Typical use for a public-key cryptosystem: Digital signatures - proof of authorship of a document or agreement with its contents User encrypts a document with his private key to create a digital signature Anybody can verify the digital signature by using the signer’s public key Only the signer can produce his signature, and he can’t reasonably claim he didn’t sign a document bearing his signature Note: unlike symmetric-key cryptosystems, users can create authentic, unforgable, nonrepudiable digital signatures

67 Public-Key Cryptosystems (cont)
In order for a public-key cryptosystem to work: For every message, M, Decrypt(Encrypt(M, APublic), APrivate) = M For every pair of users, A and B, (APublic, APrivate) and (BPublic, BPrivate) must be distinct Deriving APrivate from APublic or the plaintext from the ciphertext is difficult Key generation, encryption, and decryption routines must be relatively fast Here “difficult” means impossible in practice to do a brute-force attack

68 Public-Key Cryptosystems - Problems
Problem #1 - Man in the Middle: Recall - everybody should know A’s public key So if B wants to send a message, M, to A then B needs to encrypt M with APublic What if an adversary, C, is able to trick B into thinking that CPublic is APublic? A and B think their messages are secure, but C can read them Public-key cryptography depends heavily on knowing to whom a public key belongs PKI – Public Key Infrastructure

69 Public-Key Cryptosystems - Problems
Problem #2 - Known Ciphertext: Recall - everybody should know A’s public key So if C sees an encrypted message, Encrypt(M, APublic) from B to A C can guess/choose a message, M’ Encrypt M’ with A’s public key to get Encrypt(M’, APublic) Compare Encrypt( M’ , APublic) with Encrypt(M, APublic), if they match then C knows the message B sent to A This is a serious problem if the number of possible plaintext messages is small enough to allow an exhaustive search

70 Hybrid Cryptosystems Symmetric-key cryptosystems:
Good for bulk data, but require shared secrets Public-key cryptosystems: Don’t require any shared secrets, but too slow for bulk encryption Hybrid cryptosystems: Given a message M Choose a key, K, at random to be used with a symmetric-key algorithm Encrypt K with the recipient’s public key Encrypt M with K Send: Message M encrypted with K, and K encrypted with the recipient’s public key

71 Hybrid Cryptosystems (Cont’d)
Send: Message M encrypted with K, and K encrypted with the recipient’s public key: Recipient decrypts first part of the message with his/her private key to learn K Recipient uses K to decrypt the remainder of the message, M Result: Doesn’t require any shared secrets, and o.k. for bulk encryption

72 On To Lab… After a 10 minute break!

Download ppt "CHAPTERS 1 & 2 TJADEN, EARLY CHAPTERS OF THE CODE BOOK, INTRODUCTION TO CRYPTOOL AND SIMPLE CRYPTOGRAPHIC TECHNIQUES Dr. Suzanne Buchele (some content."

Similar presentations

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Chapter 2  Classic Cryptography 1 Overview  What is cryptography?  Classic cryptosystems o The Caesar cipher o Monoalphabetic replacement cipher o The.

Chapter 2  Classic Cryptography 1 Overview  What is cryptography?  Classic cryptosystems o The Caesar cipher o Monoalphabetic replacement cipher o The.
Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:

Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies

Cryptographic Technologies
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.

What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Chapter 12 Cryptography (slides edited by Erin Chambers)

Chapter 12 Cryptography (slides edited by Erin Chambers)
Cryptography Week-6.

Cryptography Week-6.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.
Information Systems Security

Information Systems Security
Cryptography, Authentication and Digital Signatures

Cryptography, Authentication and Digital Signatures
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Similar presentations

Ads by Google