Download presentation
Presentation is loading. Please wait.
Published byAusten Blake Modified over 6 years ago
1
Cryptography This week we are going to use OpenSSL
We will begin to introduce some cryptographic concepts Cryptography takes a long time to learn properly There are many idiosyncrasies that must be considered (and we will not cover) Just to compound the idiosyncrasies: They cover many topics from algorithm implementation to use… This lab will not introduce everything - I find the topic immensely interesting and I hope you do as well Further Reading (not expensive): Bruce Schneier’s Applied Cryptography You will compare unencrypted data with encrypted data You are going to evaluate Code Books for fault tolerance. You will also look for patterns in encrypted material
2
Analysis Tools Available to you
C Programming language Spreadsheet that can read a CSV format Data Input, Encrypted Material, Date Output Histograms You know how to write text files – add commas and newlines where necessary Comma-separated Values (CSV) Generate plots to illustrate what you deem important A tool for visualizing images IJ can help with that Do you need anything else? Statistics is helpful, although you will not need for this assignment
3
Applied Cryptography Principles
What properties cryptography principles seem important? What if you see patterns in encrypted material? Those patterns could have interesting occurrences Does the encrypted material change greatly if the input data is changes by a small amount? What about the same data encrypted twice – does it look the same? Is it still “encrypted” if it is? What about the time it takes to decrypt data? Is faster always better? Much more needs to be considered, but you are already equipped to analyze the topics above.
4
Actual Cryptography run Time
How would you analyze how long an algorithm takes? What cryptography steps are the most important relative to time? What steps do you think are necessary? Where do you need to call the clock? What math will you need to perform? You should analyze timing information as a function of the input length.
5
Ciphers Block Ciphers: We are going to be looking here Stream Ciphers
DES: Developed back 70’s; people are starting to get away from vanilla DES. IDEA: Designed in 1991 as a DES replacement. Algebraic weaknesses have been discovered. AES: NIST adopted in Considered secure. Many More… Stream Ciphers RC4: Created in 1997, should be avoided… Many more…
6
Code Books Typically used for block cipher algorithms – some can make a block cipher look more like a a stream cipher Electronic Code Book (ECB) Cipher-Block Chaining (CBC) Cipher Feedback (CFB) Output Feedback (OFB) Initialization Vector (IV): block of bits to randomize the encryption and produce distinct cipher texts even if the same plaintext is encrypted multiple times
7
Avalanche Effect For every input bit that is changed the encrypted output should change dramatically. (Applied Math) Deviations and variances between Encrypted data should be high
8
Electronic Code Book (ECB)
Really simple design The message is divided into blocks and each block is encrypted separately.
9
Cipher Block Chaining (CBC)
Starting to get more interesting. IV is XORed with the input What does an error in the encrypted material do to the output (post decryption)?
10
Cipher Feedback (CFB) This code book doesn’t even encrypt the plaintext! This looks like it could save a small amount of time in certain circumstances What happens if the encrypted material is corrupted?
11
Output Feedback (OFB) Okay this code book doesn’t run plaintext through the cipher at all… Does it save time? This algorithm could be run in parallel in ways the others could not! What happens if there is an error in the encrypted material?
12
Pulling it together Good Cryptography means good algorithms, code books, keys, and IV Output Feedback (OFB) does not work well with a bad key (Good IV is also not enough) Idea does has since been removed from OpenSSL Can you find a weak key that will give you similar results?
13
What do you need to do for the lab?
This Lab: two components that are not graded equally Practical component implementing the concepts discussed Graded as 1 lab Documentation Component Describing what you are seeing with graphics you generated Graded as 2 labs You cannot complete the documentation without the code We have not discussed histograms Histograms should be an array that is as large is the dynamic range The data type should be large enough to not roll over You can write it out as a CSV file and use bar plot in excel I’m not saying you need to use a bar plot, bar plots are just traditional
14
The analysis has three components…
Part 1: Analyze code books to see what happens if an encrypted material bit is corrupted Part 2: Analyze the run time of specific code books How does it change relative to the number of blocks passed in? Part 3: Analyze encrypted spatial patterns This should be done with imagery and histograms So… Verify you are writing out the correct amount of data Size of data in / Block Size should not have a remainder Why is this important?
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.