Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS588: Cryptology – Principles and Applications

Published byLoreen Cornelia Gray Modified over 6 years ago

Similar presentations

Presentation on theme: "CS588: Cryptology – Principles and Applications"— Presentation transcript:

1 David Evans http://www.cs.virginia.edu/~evans
CS588: Cryptology – Principles and Applications Lecture 1: Introduction With a magnetic card and his dog Buddy's name as a password, President Clinton e-signed a bill Friday that will make electronic signatures as real as those on paper. FoxNews, 30 June 2000 Background just got here last week finished degree at MIT week before Philosophy of advising students don’t come to grad school to implement someone else’s idea can get paid more to do that in industry learn to be a researcher important part of that is deciding what problems and ideas are worth spending time on grad students should have their own project looking for students who can come up with their own ideas for research will take good students interested in things I’m interested in – systems, programming languages & compilers, security rest of talk – give you a flavor of the kinds of things I am interested in meant to give you ideas (hopefully even inspiration!) but not meant to suggest what you should work on CS588: Cryptology University of Virginia Computer Science David Evans

2 University of Virginia CS 588
Menu Course Introduction Why you should or shouldn’t take this course Course Logistics: details on Syllabus Introduction to Cryptology Terminology A simple substitution cipher Brief history of 4000 years of Cryptology Send registration by noon Friday. 29 Aug 2001 University of Virginia CS 588

3 University of Virginia CS 588
Resources David Evans (call me “Dave”), Office Hours (236A): Tuesdays, 10:30-11:30am; Weds after class Research: code safety, static analysis, programming and reasoning about swarms TAs: Danny Loffredo, CS Reading Room: Tuesdays, 3:30-4:30 Anthony Wood, TBA Web: 29 Aug 2001 University of Virginia CS 588

4 Why you should take this course?
Reason #1: Fate of Humanity Cryptology plays a central role in human history. More than anything else, survival of humanity depends on computer security. 29 Aug 2001 University of Virginia CS 588

5 Why you should take this course? Reason #2: Intellectual
Cryptology is about making and solving puzzles. Purest form of intellectual endeavor. 29 Aug 2001 University of Virginia CS 588

6 Why you should take this course? Reason #3: Be like Tom
Mr. Jefferson would have wanted you to. 29 Aug 2001 University of Virginia CS 588

7 Bad reasons to take this class
You want to write the ultimate destructive virus. You want to break into (UVA’s | the CIA’s | your bank’s) computer systems. 29 Aug 2001 University of Virginia CS 588

8 University of Virginia CS 588
How to get an A in CS551 Problem Sets (40-50%) 4 throughout term (1st is due 10 Sept) Project (30-50%) Teams of 1 – 4 Can involve design/implementation Can involve survey/analysis Exams (30-50%) Midterm, Final Class Contribution (0-10%) 29 Aug 2001 University of Virginia CS 588

9 “Easy ways” to get an A in CS551
Break into my grades file (on my home computer) and change your grade to “Haha” Physical attacks on my house, car or office are NOT eligible! (And NOT encouraged!) Don’t try to break into UVA’s grade records: Too easy (probably only worth a B, or C- for social engineering attack) Honor code violation Discover a security flaw important enough to get reported in the New York Times Factor RSA-300 = 29 Aug 2001 University of Virginia CS 588

10 Bonus Points / Demerits
(100 points = 1 problem set) +100 Posting in RISKS +(varies) Solving a challenge problem -100 Send me a virus -200 Get arrested for computer attack -1000 Get convicted for computer attack I get arrested for something you do 29 Aug 2001 University of Virginia CS 588

11 University of Virginia CS 588
Challenge Problems Open until solved or last day of class Usually only first satisfactory answer gets bonus Better, later answer might still get bonus Solve in groups, each member gets n / n * value (e.g., 2 people = 2 / 2 = 0.7) First challenge problem starts tomorrow: Jefferson wheel cryptogram (see course web page) 29 Aug 2001 University of Virginia CS 588

12 Decrypting the Honor Code
Learn from your fellow students – they are your best resource! Write down who you discussed assignments with, all external sources you used Don’t use answers from last year’s class Be honest – you know what cheating is and isn’t Don’t “pledge” your assignments, but let me know if you plan to cheat 29 Aug 2001 University of Virginia CS 588

13 University of Virginia CS 588
Logistics Questions? 29 Aug 2001 University of Virginia CS 588

14 What is cryptology? Greek: “krypto” = hide
Cryptology – science of hiding = cryptography + cryptanalysis + steganography Cryptography – secret writing Cryptanalysis – analyzing (breaking) secrets Cryptanalysis is what attacker does Decipher or Decryption is what legitimate receiver does Kryptonite – breaking ciphers all night? 29 Aug 2001 University of Virginia CS 588

15 Cryptology and Security
Cryptology is a branch of mathematics. Security is about people. 29 Aug 2001 University of Virginia CS 588

16 University of Virginia CS 588
Terminology Insecure Channel Encrypt Ciphertext Decrypt Plaintext Plaintext Eve Alice C = E(P) P = D(C) E must be invertible Bob 29 Aug 2001 University of Virginia CS 588

17 Kerckhoff’s Principle
Cryptography always involves: Transformation Secret Security should depend only on the key Don’t assume enemy won’t know algorithm Can capture machines, disassemble programs, etc. Too expensive to invent new algorithm if it might have been compromised Security through obscurity isn’t Look at history of examples Better to have scrutiny by open experts “The enemy knows the system being used.” Claude Shannon 29 Aug 2001 University of Virginia CS 588

18 University of Virginia CS 588
Alice and Bob Encrypt Ciphertext Decrypt Plaintext Plaintext KE KD Alice C = E(KE, P) = EKE (P) P = D(KD, C) = DKD (C) If KE = KD it is symmetric encryption If KE  KD it is asymmetric encryption Bob 29 Aug 2001 University of Virginia CS 588

19 University of Virginia CS 588
Substitution Cipher C = EK(p) Ci = K[pi] Key is alphabet mapping: a  J, b  L, ... Suppose attacker knows algorithm but not key, how many keys to try? 26! If every person on earth tried one per second, it would take 5B years. 29 Aug 2001 University of Virginia CS 588

20 Monoalphabetic Cipher
“XBW HGQW XS ACFPSUWG FWPGWXF CF AWWKZV CDQGJCDWA CD BHYJD DJXHGW; WUWD XBW ZWJFX PHGCSHF YCDA CF GSHFWA LV XBW KGSYCFW SI FBJGCDQ RDSOZWAQW OCXBBWZA IGSY SXBWGF.” 29 Aug 2001 University of Virginia CS 588

21 University of Virginia CS 588
Frequency Analysis “XBW HGQW XS ACFPSUWG FWPGWXF CF AWWKZV CDQGJCDWA CD BHYJD DJXHGW; WUWD XBW ZWJFX PHGCSHF YCDA CF GSHFWA LV XBW KGSYCFW SI FBJGCDQ RDSOZWAQW OCXBBWZA IGSY SXBWGF.” W: 20 “Normal” English: C: 11 e 12% F: 11 t % G: 11 a 8% 29 Aug 2001 University of Virginia CS 588

22 University of Virginia CS 588
Pattern Analysis “XBe HGQe XS ACFPSUeG FePGeXF CF AeeKZV CDQGJCDeA CD BHYJD DJXHGe; eUeD XBe ZeJFX PHGCSHF YCDA CF GSHFeA LV XBe KGSYCFe SI FBJGCDQ RDSOZeAQe OCXBBeZA IGSY SXBeGF.” XBe = “the” Most common trigrams in English: the = 6.4% and = 3.4% 29 Aug 2001 University of Virginia CS 588

23 University of Virginia CS 588
Guessing “the HGQe tS ACFPSUeG FePGetF CF AeeKZV CDQGJCDeA CD hHYJD DJtHGe; eUeD the ZeJFt PHGCSHF YCDA CF GSHFeA LV the KGSYCFe SI FhJGCDQ RDSOZeAQe OCthheZA IGSY StheGF.” S = “o” 29 Aug 2001 University of Virginia CS 588

24 University of Virginia CS 588
Guessing “the HGQe to ACFPoUeG FePGetF CF AeeKZV CDQGJCDeA CD hHYJD DJtHGe; eUeD the ZeJFt PHGCoHF YCDA CF GoHFeA LV the KGoYCFe oI FhJGCDQ RDoOZeAQe OCthheZA IGoY otheGF.” otheGF = “others” 29 Aug 2001 University of Virginia CS 588

25 University of Virginia CS 588
Guessing “the HrQe to ACsPoUer sePrets Cs AeeKZV CDQrJCDeA CD hHYJD DJtHre; eUeD the ZeJst PHrCoHs YCDA Cs roHseA LV the KroYCse oI shJrCDQ RDoOZeAQe OCthheZA IroY others.” “sePrets” = “secrets” 29 Aug 2001 University of Virginia CS 588

26 University of Virginia CS 588
Guessing “the HrQe to ACscoUer secrets Cs AeeKZV CDQrJCDeA CD hHYJD DJtHre; eUeD the ZeJst cHrCoHs YCDA Cs roHseA LV the KroYCse oI shJrCDQ RDoOZeAQe OCthheZA IroY others.” “ACscoUer” = “discover” 29 Aug 2001 University of Virginia CS 588

27 University of Virginia CS 588
Guessing “the HrQe to discover secrets is deeKZV iDQrJiDed iD hHYJD DJtHre; eveD the ZeJst cHrioHs YiDd is roHsed LV the KroYise oI shJriDQ RDoOZedQe OithheZd IroY others.” 29 Aug 2001 University of Virginia CS 588

28 Monoalphabetic Cipher
“The urge to discover secrets is deeply ingrained in human nature; even the least curious mind is roused by the promise of sharing knowledge withheld from others.” - John Chadwick, The Decipherment of Linear B 29 Aug 2001 University of Virginia CS 588

29 University of Virginia CS 588
Why was it so easy? Doesn’t hide statistical properties of plaintext Doesn’t hide relationships in plaintext (EE cannot match dg) English (and all natural languages) are very redundant: about 1.3 bits of information per letter Compress English with gzip – about 1:6 29 Aug 2001 University of Virginia CS 588

30 University of Virginia CS 588
How to make it harder? Cosmetic Hide statistical properties: Encrypt “e” with 12 different symbols, “t” with 9 different symbols, etc. Add nulls, remove spaces Polyalphbetic cipher Use different substitutions Transposition Scramble order of letters 29 Aug 2001 University of Virginia CS 588

31 University of Virginia CS 588
Types of Attacks Ciphertext-only - How much Ciphertext? Known Plaintext - often “Guessed Plaintext” Chosen Plaintext (get ciphertext) Not as uncommon as it sounds! Chosen Ciphertext (get plaintext) Dumpster Diving Social Engineering “Rubber-hose cryptanalysis” Cryptanalyst uses threats, blackmail, torture, bribery to get the key. Not recommended in CS588 29 Aug 2001 University of Virginia CS 588

32 Really Brief History First 4000 years
Vigenère Babbage breaks Vigenère; Kasiski (1863) publishes Cryptographers Alberti – first polyalphabetic cipher monoalphabetics Cryptanalysts al-Kindi - frequency analysis 3000BC 900 1460 1854 29 Aug 2001 University of Virginia CS 588

33 Really Brief History - last 100 years
Mauborgne – one-time pad Quantum Crypto ? Linear, Differential Cryptanalysis Feistel block cipher, DES Enigma adds rotors, stops repeated key Turing’s loop attacks, Colossus Public-Key 1978 Rejewski repeated message-key attack Cryptanalysts Mechanical ciphers - Enigma Cryptographers 1895 – Invention of Radio 1854 1918 1939 1945 1973 29 Aug 2001 University of Virginia CS 588

34 University of Virginia CS 588
Themes Arms race between cryptographers and cryptanalysts But, often disconnect between two (e.g., Mary Queen of Scots uses monoalphabetic cipher long after known breakable) Motivated by war (more recently: commerce) Driven by advances in technology, mathematics Multi-disciplinary field Linguists, classicists, mathematicians, computer scientists, physicists Secrecy often means advances rediscovered and miscredited 29 Aug 2001 University of Virginia CS 588

35 Security vs. Pragmatics
Trade-off between security and effort one-time pad: perfect security, but requires distribution and secrecy of long key DES: short key, fast algorithm, but breakable quantum cryptography: perfect security, guaranteed secrecy of key, slow, requires expensive hardware Don’t spend $10M to protect $1M. Don’t protect $1B with encryption that can be broken for $1M. 29 Aug 2001 University of Virginia CS 588

36 Perfectly Secure Cipher: One-Time Pad
Mauborgne/Vernam [1917] XOR (): 0  0 =  0 = 1 0  1 =  1 = 0 a  a = 0 a  0 = a a  b  b = a E(P, K) = P  K D(C, K) = C  K = (P  K)  K = P 29 Aug 2001 University of Virginia CS 588

37 University of Virginia CS 588
Why perfectly secure? For any given ciphertext, all plaintexts are equally possible. Ciphertext: Key1: Plaintext1: = “CS” Key2: Plaintext2: = “BS” More formal proof next time 29 Aug 2001 University of Virginia CS 588

38 University of Virginia CS 588
Go to the beach? Cannot reuse K What if receiver has C1 = P1  K and C2 = P2  K C1  C2 = P1  K  P2  K = P1  P2 Need to generate truly random bit sequence as long as all messages Need to securely distribute key 29 Aug 2001 University of Virginia CS 588

39 “One-Time” Pad’s in Practice
Lorenz Machine – Nazi high command in WWII Pad generated by 12 rotors Receiver and sender set up rotors in same positions One operator retransmitted a message (but abbreviated message header the second time!) Enough for Bletchley Park to figure out key – and structure of machine that generated it! But still had to try all configurations 29 Aug 2001 University of Virginia CS 588

40 Colossus – First Programmable Computer
Bletchley Park, 1944 Read ciphertext and Lorenz wheel patterns from tapes Tried each alignment, calculated correlation with German Decoded messages (63M letters by 10 Colossus machines) that enabled Allies to know German troop locations to plan D-Day Destroyed in 1960, kept secret until 1970s 29 Aug 2001 University of Virginia CS 588

41 University of Virginia CS 588
Charge Send me your registration survey by noon tomorrow Start thinking about projects and teams Subscribe to comp.risks and Cryptogram (instructions on manifest) Next time: Proving Ciphers are Perfect (in Theory) Information Theory 29 Aug 2001 University of Virginia CS 588

Download ppt "CS588: Cryptology – Principles and Applications"

Similar presentations

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 1: Introduction and Cryptography before World.

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 1: Introduction and Cryptography before World.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.

CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
30 Aug 2000University of Virginia CS 5511 What is cryptology? Greek: “krypto” = hide Cryptology – science of hiding = cryptography + cryptanalysis + steganography.

30 Aug 2000University of Virginia CS 5511 What is cryptology? Greek: “krypto” = hide Cryptology – science of hiding = cryptography + cryptanalysis + steganography.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Computer Security CS 426 Lecture 3

Computer Security CS 426 Lecture 3
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.
Cryptography Week-6.

Cryptography Week-6.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Lecture 2 Overview.

Lecture 2 Overview.
Cryptography Lecture 1: Introduction Piotr Faliszewski.

Cryptography Lecture 1: Introduction Piotr Faliszewski.
Security in Computing Cryptography (Introduction) Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing.

Security in Computing Cryptography (Introduction) Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.

Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Chapter 1 Introduction Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li

Chapter 1 Introduction Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li
Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.
Chapter 3 Evolution of Classical Cryptography

Chapter 3 Evolution of Classical Cryptography
David Evans CS200: Computer Science University of Virginia Computer Science Lecture 12: Decrypting Work Circle Fractal.

David Evans CS200: Computer Science University of Virginia Computer Science Lecture 12: Decrypting Work Circle Fractal.

Similar presentations

Ads by Google