Download presentation
Presentation is loading. Please wait.
Published byIsabella Cooper Modified over 7 years ago
1
Information Hiding Cryptography & Steganography
Lesson 6
2
What is Cryptography Protecting information by transforming it into an unreadable format Encryption is the process that transforms the data into the unreadable format, Decryption restores it to its original format. Used to prevent information from “falling into the wrong hands” Data is only available to the people that are supposed to see it
3
A little history Cryptography is not new 1900 BC hieroglyphics
60 BC Caesar cipher Simple substitution cipher Replace each letter with alphabet shifted K letters If K=3 then “hello” becomes “khoor” Thomas Jefferson considered by some to be the father of U.S. cryptography Cryptography vital during World Wars German Enigma machine in WW II “Lucifer” IBM project in late 1960’s became successful commercial product
4
How does it work A few terms Plaintext – the original message
Ciphertext – the encrypted message Encryption – how the message is scrambled Decryption – how the message is unscrambled Cryptographic system – specific method of encryption and decryption (also called a cipher or cryptosystem) Transposition – rearranging elements Substitution – replacing elements
5
How does it work Encryption is NOT the same as a code
Code – words are substituted for other words Navajo code talkers from WW II “dah-he-tih-hi (hummingbird) substituted for “fighter plane” “besh-lo” (iron fish) meant “submarine”
6
How does it work Encryptkey(Plaintext) = Ciphertext
Decryptkey(Ciphertext) = Plaintext Must know method and key (if used) Not all crypto methods use keys
7
How does it work Caesar cipher
Plaintext = “hello” Encryption method = substitute letter with letter plus 3 Encrypt(“hello”) = Ciphertext = “khoor” How can we make this method more secure?
8
How does it work Caesar cipher with incrementing substitution
Plaintext = “hello” Encryption method = substitute letter with letter(I) where I starts at 3 and increments 1 for each letter Encrypt(“hello”) = Ciphertext = “kiqrv”
9
Different Methods Symmetric – same key is used for both encryption and decryption (also called private key encryption) DES - Data Encryption Standard Loosely based on Lucifer which used 112 bit keys NSA asked that the key length be shortened to 56 bits Triple-DES – variant of DES AES - Advanced Encryption Standard IDEA – International Data Encryption Algorithm
10
Different Methods DES Encrypts 64-bit blocks using a 56-bit key
64-bit block is permutated 64-bit block split into two 32-bit blocks Each sub-block is combined with the key and processed 16 times Sub-blocks are joined and sent through an inverse permutation process
11
How DES Works Initial Permutation DES operates on a 64-bit block of
plaintext which it breaks into two 32 bit blocks.
12
Different Methods Skipjack – developed and released by NSA
Uses 80-bit keys Used in Clipper chip Meant to help FBI combat criminals using encryption Built in back door for law enforcement Government has “master key” Key escrow – session key held for later release to law enforcement when needed Government tried to force this as a standard Not widely accepted
13
Different Methods Problems with symmetric methods
Same key is used to encrypt and decrypt Shared key is more likely to be compromised Possible to brute force short keys Certain keys are weak Different keys can produce identical ciphertext Distribution of keys
14
Different Methods Asymmetric – uses two different keys (also called public key) Private key – known only to one party Public key – available to anyone Diffie-Hellman First discussion of public-key distribution system RSA (named for its inventors Ron Rivest, Adi Shamir, and Leonard Adleman) PGP (Pretty Good Privacy)
15
Different Methods Diffie-Hellman Method
Ciphertext = Encrypt public key[Plaintext] Plaintext = Decrypt private key[Ciphertext] Each party creates their own private key Each party computes a public key using a mathematical function of the private key Public keys are exchanged Message key is computed from other person’s public key and your own private key If the math is right, the message key is the same on both sides
16
Uses of Public Key Cryptography
Digital Signatures Used to authenticate digital material Prove identity and validity of action or material Transmission of symmetric key (public key encryption is generally slower)
17
Uses of Public Key Cryptography
Digital Signatures and Public Key Encryption Message encrypted or signed with private key of sender and public key of recipient Recipient decrypts with own private key and sender’s public key Only sender has the right private key so if it decrypts it must have come from the sender NOTE: Assumes keys have not been compromised
18
Uses of Cryptography Digital Certificates
Used to encode and verify messages Requires a Certificate Authority that creates a digital certificate based on a private key and other authentication information Implements the “trusted third party” concept X.509 is a popular standard for defining digital certificates
19
Uses of Cryptography VPN (Virtual Private Network)
Connects geographically separate offices using public communication means Packets are usually “tunneled” – entire packet is encrypted and encapsulated in a new packet before sending Hardware or software based Sometimes integrated into firewalls Usually cheaper than leased lines Very good for mobile employees that need access to the company network
20
Uses of Cryptography Smart Cards
IPv6 will support IPsec – built in encryption SSH – Secure Shell, an alternative to Telnet – PGP very popular in this area File or disk encryption
21
Uses of Cryptography Key Escrow and Key Recovery
Keys held in “reserve” in case the original keys are lost or damaged Usually split between two parties, each with half of the key Often requires two or more people to access and recover key
22
Breaking Crypto Weaknesses The human factor
Security of key and message Key length Short keys can be broken even with a good algorithm Algorithm Very difficult to develop a secure algorithm Weak algorithm can be insecure even with a long key
23
Breaking Crypto Differential Cryptanalysis Linear Cryptanalysis
Look for differences in pairs of messages Only works on certain ciphers Linear Cryptanalysis Looks for simple approximation of encryption function Differential Power Analysis Measures power consumption of hardware encryption devices The basic idea of the attacks is that the power consumption of a device (such as a smartcard) is statistically correlated to the operations it performs. By monitoring the power usage (or electromagnetic radiation, etc.) during cryptographic operations, it is possible to obtain information correlated to the keys. The collected data is then analyzed to actually find the keys.
24
DPA
25
Breaking Crypto Brute Force DES Challenge
Just try different keys until you get one that works DES Challenge Worked off of 56 bit keys Sponsored by RSA to show weaknesses in DES Electronic Frontier Foundation built special system (DES Cracker) to crack DES in 56 hours Jan 19, 1999 – Distributed.Net cracks 56-bit DES in 22 hours and 15 minutes using 100,000 PCs on Internet and DES Cracker Testing 245 billion keys per second Depends on where key falls in possible keyspace
26
Breaking Crypto Advances in computing power enhances ability to break crypto. 56-bit DES broken in less than a day Roughly 70 thousand trillion possible keys 128-bit DES would have 3 * 10^38 possible keys 1 billion processors capable of processing 100 million keys/sec would take 10^20 years to try all keys Cracking just needs to find a suitable key, not try every combination
27
Steganography
28
Steganography Literally means “covered writing”
The practice of hiding a message in such a manner that its very existence is concealed. Done by embedding the message in some medium such as a document, image, sound recording, or video. Those who know the medium contains a message can extract it. For those who don’t know about it, the message will be completely invisible. Related concept is digital “watermarking”
29
Steganography -- historical examples
In the Histories of Herodotus Demaratus wanted to notify the Spartans that Xerxes planned to invade Greece. He had the wax scraped off of writing tablets, the message carved into the wood, then recovered with the wax. The message was thus hidden. Shave the head of a messenger, tattoo the message on his head, let his hair grow back. Codes, invisible ink, microdots
30
Encoded messages “Pershing sails from N.Y. June 1”
Example 1: President’s embargo ruling should have immediate notice. Grave situation affecting international law, statement foreshadows ruin of many neutrals. Yellow journals unifying national excitement immensely. Example 2: Apparently neutral's protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects pretext for embargo on byproducts, ejecting suets and vegetable oils.
31
Hiding images in files Takes advantage of coding scheme
For pictures, each pixel represented by 1 or more bytes. If the least significant bit is used to encode the message, small variations in the picture may occur but the message will be hidden inside. A 400 x 300 image will have 120,000 pixels thus if 8 bit coding scheme (256 colors) 120,000 bits of coded message can be encrypted or 15,000 bytes (characters). If RGB scheme used with 3 bytes/pixel (one for each color RGB) even more data can be hidden since the resulting file is much larger.
32
Steganography CAB = 8 shades of gray 000 001 010 011 100 101 110 111
33
Steganography CAB = Original = Hidden = 8 shades of gray 000 001 010 011 100 101 110 111
34
Steganography original hidden original 8 shades of gray 000 001 010
original hidden original 8 shades of gray 000 001 010 011 100 101 110 111
35
Example (hideseek on gif file)
Original Version with hidden text Text: “This is a MacGregor 26X.”
36
Example (hideseek on gif file)
Original Version with hidden text Text: “This is a MacGregor 26X under power. Cool looking boat with lots of neat features. Uses water ballast system so very easily trailered. This also results in an extremely shallow draft so it can be easily beached..”
37
Example (PGE on jpg file)
Original Picture with hidden text Text: “A sample text to hide.”
38
Example (PGE on jpg file)
Original Picture with hidden text Text: “A sample text to hide. This is a larger file to hide. The photo is cool, how did that car get underneath the jet in the first place?”
39
Example (Hide4pgp with wav)
Original Wav file with hidden text Text: “An example of text hidden in a sound file.”
40
Steganography (TextHide)
41
Steganography (TextHide)
42
What can you do about it? First of all, why worry? Detection
There are some legitimate concerns but often there are many other easy ways to conceal/capture info. Detection Watermarks harder than complete stego images Any manipulation of image introduces distortion Changes between colors rarely occur in 1-bit shifts (not true of gray-scale) one way to foil is to use color palettes that change dramatically with 1-bit shifts
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.