Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena.

Published byDwain Benson Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena."— Presentation transcript:

1 Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena

2 Course Administration Everyone receiving my emails? Lecture slides worked okay? – Both ppt and pdf versions Everyone knows how to access the course web page? TA/Grader info posted I am posting the lectures in advance (the evening before the lecture) – But, this should not affect the attendance 5/8/2015Lecture 2.1 - Private Key Cryptography - I2

3 Outline of today’s lecture Cryptography Overview Private Key Cryptography: Encryption Classical Ciphers 5/8/2015Lecture 2.1 - Private Key Cryptography - I3

4 Cryptography Etymology: Secret (Crypt) Writing (Graphy) Study of mathematical techniques to achieve various goals in information security, such as confidentiality, authentication, integrity, non- repudiation, etc. Not the only means of providing information security, rather a subset of techniques. Quite an old field! 5/8/2015Lecture 2.1 - Private Key Cryptography - I4

5 Cryptography: Cast of Characters Alice (A) and Bob (B): communicating parties Eve (E): Eavesdropping (or passive) adversary Mallory (M): Man-in-the-Middle (or active adversary) Trent (T): a trusted third party (TTP) 5/8/2015Lecture 2.1 - Private Key Cryptography - I5

6 Today’s Focus How to achieve confidentiality by means of cryptography? 5/8/2015Lecture 2.1 - Private Key Cryptography - I6

7 Private Key/Public Key Cryptography Private Key: Sender and receiver share a common (private) key – Encryption and Decryption is done using the private key – Also called conventional/shared-key/single-key/ symmetric-key cryptography Public Key: Every user has a private key and a public key – Encryption is done using the public key and Decryption using private key – Also called two-key/asymmetric-key cryptography 5/8/2015Lecture 2.1 - Private Key Cryptography - I7

8 Common Terminologies Plaintext Key Encrypt (encipher) Ciphertext Decrypt (decipher) Cipher Cryptosystem Cryptanalysis (codebreaking) Cryptology: Cryptography + Cryptanalysis 5/8/2015Lecture 2.1 - Private Key Cryptography - I8

9 Private key model 5/8/2015Lecture 2.1 - Private Key Cryptography - I9

10 Open vs Closed Design Closed Design (as was followed in military communication during the World Wars) – Keep the cipher secret – Also sometimes referred to as the “proprietary design” – Bad practice! (why?) Open Design (Kerckhoffs' principle) – Keep everything public, except the key – Good practice – this is what we focus upon! 5/8/2015Lecture 2.1 - Private Key Cryptography - I10

11 Private Key Encryption: main functions 1.KeyGen: K = KeyGen(l) (l is a security parameter) 2.Enc: C = Enc(K,M) 3.Dec: M = Dec(K,C) 5/8/2015Lecture 2.1 - Private Key Cryptography - I11

12 Goals of the Attacker Learn the plaintext corresponding to a given ciphertext -- One-Way Security Extract the key – Key Recovery Security Learn some information about the plaintext corresponding to a given ciphertext – Semantic Security Key recovery security and one-way security are a must for an encryption scheme. Semantic Security is ideal. 5/8/2015Lecture 2.1 - Private Key Cryptography - I12

13 Capabilities of the Attacker 1.No Information (besides the algorithm) 2.Ciphertext only – Adversary knows only the ciphertext(s) 3.Known plaintext – Adversary knows a set of plaintext-ciphertext pairs 4.Chosen (and adaptively chosen) plaintext (CPA attack) – Adversary chooses a number of plaintexts and obtains the corresponding ciphertexts 5.Chosen (and adaptively chosen) ciphertext attack (CCA attack) – Adversary chooses a number of ciphertexts and obtains the corresponding plaintexts 5/8/2015Lecture 2.1 - Private Key Cryptography - I13

14 Security Model 1 is the hardest and 5 is the easiest attack to perform A cryptosystem secure against 5 is the strongest, and secure against 1 is the weakest A cryptosystem secure against 5 is automatically secure against 4, 3, 2 and 1 least attacker capability...................................... most attacker capability 1<2<3<4<5 weakest cryptosystem ……………………………………… strongest cryptosystem 5/8/2015Lecture 2.1 - Private Key Cryptography - I14

15 Brute Force Attacks: Key Recovery Since the key space is finite, given a pair (or more) of plaintext and ciphertext, a cryptanalyst can try and check all possible keys. For above to be not feasible, key space should be large!! – How large? – Large enough to make it impractical for an adversary. But what is impractical today, may not be so tomorrow. At least 2 80 – see this paper on “selecting cryptographic key sizes” http://www.win.tue.nl/~klenstra/key.pdf http://www.win.tue.nl/~klenstra/key.pdf 5/8/2015Lecture 2.1 - Private Key Cryptography - I15

16 Ciphers We Will Study Classical ones – Substitution Ciphers Caesar’s Cipher Monoalphabetic Polyalphabetic – Transposition Ciphers Modern ones – DES/AES – Others… 5/8/2015Lecture 2.1 - Private Key Cryptography - I16

17 Caesar Cipher (or Shift Cipher) Substitution cipher Let messages be all lower case from a through z (no spaces or punctuation). Represent letters by numbers from 0 to 25. Encryption function C i = E(P i ) = P i + K (mod 26) where K is secret key Decryption is P i = D(C i ) = C i - K (mod 26) 5/8/2015Lecture 2.1 - Private Key Cryptography - I17

18 Security of Caesar Cipher Easy to brute force: size of key-space is 26 – Not secure against even ciphertext-only attack (the one where adversary had the least capability) 5/8/2015Lecture 2.1 - Private Key Cryptography - I18

19 Monoalphabetic Substitution 5/8/2015Lecture 2.1 - Private Key Cryptography - I19 ABCDEFGHIJKLMNOPQRSTUVWXYZ POLYTECHNIUVRSBKWADFGJMQXZ POKEMONMASTER KBUTRBSRPDFTA

20 Monoalphabetic Substitution Key space is large 26! = 4 x 10 26 – Quite large, however, – Can be broken (not secure against ciphertext-only) using language characteristics! 5/8/2015 Lecture 2.1 - Private Key Cryptography - I 20

21 Polyalphabetic Substitution – Vigenere Cipher Use K mono-alphabetic ciphers – E 1, E 2, … E k. In position i, of plaintext, use cipher E i. Example using Caesar ciphers … Plaintext: helloiloveyouwontyoutellmeyourname Key: polytechnicpolytechnicpolytechnicpoly Ciphertext: wswjhmnv……………………………… A little harder to break but frequency analysis is possible Some well known techniques for determining key length – we will not cover (see text for Kasiski method) 5/8/2015Lecture 2.1 - Private Key Cryptography - I21

22 One time Pad or Vernam Cipher: Best Possible Cipher If we use Vigenere with key length as long as plaintext, then cryptanalysis will be difficult! If we change key every time we encrypt then cryptanalyst’s job becomes even more difficult. One-time pad or Vernam Cipher. How do we get such long keys? Such a cipher is difficult to break but not very practical. 5/8/2015Lecture 2.1 - Private Key Cryptography - I22

23 Binary Vernam plaintext is binary string and key is binary string of equal length, then encryption can be done by a simple XOR operation. Plaintext: 01010000010001010011 Key: 11010101001001100111 Ciphertext: 10000101011000110100 If the key is random and is not re-used, then such a system offers unconditional security – perfect secrecy! Intuitively perfect secrecy can be seen from the fact that given any plaintext and ciphertext, there is a key which maps the selected plaintext to the selected ciphertext. So given a ciphertext, we get no information whatsoever on what key or plaintext could have been used. How do we obtain “random” bit-strings for shared secret keys as long as the messages, and never re-use them? Again system is not practical. 5/8/2015Lecture 2.1 - Private Key Cryptography - I23

24 Transposition Harder to break than substitution ciphers Still susceptible to frequency analysis 5/8/2015Lecture 2.1 - Private Key Cryptography - I24 POKEMONMASTER 12345678910111213 71826103911124513 OENTEMPKMOASR

25 Product Ciphers Substitution and transposition ciphers are not secure due to language characteristics What about using two or more of these ciphers in a serial fashion – Two or more substitutions – Two or more Transpositions – A few substitutions and a few transposition  Transition from classical to modern ciphers 5/8/2015Lecture 2.1 - Private Key Cryptography - I25

26 Some Questions Enigma is an example of ------- design? Encryption can provide confidentiality, but not integrity: true or false? World’s best cipher is ---? I give you a ciphertext, and ask you to give me the corresponding plaintext – what attack is this? How does it compare to the known plaintext attack? All classical ciphers are based on either ---- or ----? Why are they all broken? What’s the problem in choosing a long long key? It should give you a lot of security, no? 5/8/2015Lecture 2.1 - Private Key Cryptography - I26

27 Some Questions An encryption scheme is said to be deterministic if encrypting the same plaintext twice yields the same ciphertext. (otherwise it is said to be randomized). – Is a deterministic scheme a good scheme in terms of security? 5/8/2015Lecture 2.1 - Private Key Cryptography - I27

28 Further Reading Stallings (edition 5) – Chapter 2.1 to 2.3 HAC – Chapter 1 and 7 5/8/2015Lecture 2.1 - Private Key Cryptography - I28

Download ppt "Lecture 2.1: Private Key Cryptography -- I CS 436/636/736 Spring 2013 Nitesh Saxena."

Similar presentations

Cryptography encryption authentication digital signatures

Cryptography encryption authentication digital signatures
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Fubswrjudskb Frxuvh qxpehu:4003-482 / 4005-705 Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.

Fubswrjudskb Frxuvh qxpehu: / Lqvwuxfwru:Lyrqd Ehcdnryd Wrgdb’v Wrslfv: 1.Orjlvwlfv: -Fodvv olvw -Vboodexv 2. Wkh Pdwk 3. Zkdw lv Fubswrjudskb.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.

CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from

Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 17 Fall 2002.
Network Management and Security

Network Management and Security
1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.

1 Day 04- Cryptography Acknowledgements to Dr. Ola Flygt of Växjö University, Sweden for providing the original slides.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 2.2: Private Key Cryptography II CS 436/636/736 Spring 2012 Nitesh Saxena.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Computer Security CS 426 Lecture 3

Computer Security CS 426 Lecture 3
L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.

L1.1. An Introduction to Classical Cryptosystems Rocky K. C. Chang, February 2013.
Chapter 2 – Classical Encryption Techniques

Chapter 2 – Classical Encryption Techniques
3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.

3.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 3 Traditional Symmetric-Key Ciphers.
Chapter 12 Cryptography (slides edited by Erin Chambers)

Chapter 12 Cryptography (slides edited by Erin Chambers)

Similar presentations

Ads by Google