Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 2: Cryptography Technique

Published byPreston Gilbert Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 2: Cryptography Technique"— Presentation transcript:

1 Chapter 2: Cryptography Technique
"You can have everything in life you want if you'll just help enough other people to get what they want!" -- Zig Ziglar Prepared by: SITI ZAINAH ADNAN If you do have any feedback or comment, please feel free to me at Your cooperation is very much appreciated !

2 Chapter 2: Cryptography Technique
TOPICS Introduction Terminology & Basic Encryption Methods Secret Code Monoalphabetic Ciphers Cryptanalysis of a Monoalphabetic Cipher Polyalphabetic Substitution Cipher Transpositions Stream and Block Ciphers

3 References Book (available at the Informatics library)
CHAPTER 2, 3 and 4: Security In Computing, Charles P.Pfleeger, Prentice Hall International Notes (available at IVC)

4 Encryption Transforms data so that it is unintelligible to the outside observer To maintain secure data in an insecure environment

5 Encryption encryption decryption plain text input Transmitted
ciphertext plain text output

6 Encryption With One Key
Symmetric encryption (Single-key encryption OR Private Key encryption) Secret key shared by sender and recipient encryption decryption plain text input Transmitted ciphertext plain text output

7 Encryption with Two Keys
Asymmetric encryption (Two-key encryption OR Public-Key encryption) Encryption key encryption decryption plain text input Transmitted ciphertext plain text output Decryption key

8 Terminology Encryption
A process of encoding a message so that its meaning is not obvious. Also known as encode/encipher Decryption Is the reverse process of encryption.Also known as decode/decipher Cryptosystem A system for encryption and decryption. Plaintext The original form of a message.

9 Terminology Ciphertext The encrypted form of an original message.
Secret Code Use of simple secret code to represent the original message. Example, apple means go ahead.

10 Terminology Cryptography
The science of using mathematics to encrypt and decrypt data Enables user to store sensitive information or transmit it across insecure networks so that it cannot be read by anyone except the intended recipient Cryptanalysis The science of analyzing and breaking secure communication Done by cryptanalyst (attackers) Cryptology The research into and study of encryption and decryption; include cryptography and cryptanalyst

11 Terminology Key A value that is used together with the plaintext as input into encryption algorithms to produce ciphertext Allows different encryption of a plaintext Provide additional security If the encryption algorithm is revealed, future message can still be kept secret because the interceptor will not know the key value Basically really big numbers, measured in bits e.g bit key

12 Cryptosystem model X Y K X’ K’ Message Source Destination Key
Cryptanalyst Encryption Algorithms Decryption Secure channel X Y K X’ K’ Cryptosystem model

13 An opponent, observing Y but not having access to K or X, may attempt to recover X or K or both X and K - assume that opponent knows the encryption E and decryption D algorithms To recover X and K, plaintext estimate X’ and estimate K’ are recovered

14 Input are ; message X and the encryption key K, the encryption algorithm forms the chipertext as:
Y + [Y1, Y2....Yn] OR Y= Ek (X) Y is produced by encryption algorithm E as a function of plaintext X, which determined by key K value The intended receiver, in possession of the key, is able to invert the transformation: X = Dk (Y)

15 Encryption algorithms
Two basic methods: Substitution Monoalphabetic ciphers Polyalphabetic ciphers Transposition (permutation)

16 Monoalphabetic Ciphers
Each letter is translated or substituted by a fixed letter after it in the alphabet. E.g. Caesar Cipher uses a shift 3. The plaintext letter pi is encipher as ciphered letter ci by the rule. ci = E(pi) = pi + 3 A translation chart of the Caesar cipher is as shown below. Plain text ABCD E FG H IJKLMNOPQRSTUVWXYZ Cipher text defg h ij k lmnopqrstuvwxyzabc E.g. Happy New Year would be kdssb qhz bhdu

17 Monoalphabetic Cipher Cryptanalysis
Some letters are used more often than others. Example of the clues: The letter E, T and A occur more than J, Q and Z The break between the two words, the SS can be translated to VV Therefore cryptanalysis uses such occurrence patterns to decipher the cipher text easily Count do help to narrow the possibilities The frequent occurring letters in the ciphertext are likely to be among the more frequently occurring letters in English

18 Monoalphabetic Cipher Cryptanalysis
A C E G I K M O Q S U W Y SP 20 15 10 5

19 Polyalphabetic Cipher
The weakness of monoalphabetic cipher is that their frequency distribution reflects the distribution of the underlaying alphabet. A cipher that is more cryptographically secure would display flat distribution. One way to flatten the distribution is to combine distribution that are high with that are low. Uses multiple mappings between plaintext and ciphertext and it is not just a single mapping

20 Polyalphabetic Cipher
Example of mapping: Odd position mapping ABCDEFGHIJKLMNOPQR S T UVWXYZ….. Adgjmpsvybehknqtwz c f ilorux Even position mapping ABCDEFGHIJKLMN O PQR S TUVWXYZ….. Nsxchmrwbglqva f kpu z ejotydi Example of text: TREAT YIMPO SSIBL E  fumnf dyvtf czysh h

21 Polyalphabetic Cipher
As compared with monoalphabetic cipher E.g. encryption using Odd position mapping TREATY IMPOSSIBLE  fzmafu yktq cc ydhm

22 Transposition Rearrange the order of bits, characters or blocks of characters that are being encrypted or decrypted. The original letters of the plaintext are preserved; only their positions change. E.g. Columnar Transposition The rearrangement of the characters of the plaintext into columns The resulting ciphertext is formed by traversing the columns

23 Columnar Transposition

24 Columnar Transposition
The plaintext is : THIS IS A MESSAGE TO SHOW HOW A COLUMNAR TRANSPOSITION IS WORKING The ciphertext is : TAGO CASIR HMEW ORPOK IETH LTONS SSOO URSS ISSW MAIW SAHA NNTO

25 Stream Ciphers ISSOPMI wdhuw Plaintext cihertext Encryption
Key (optional) ISSOPMI wdhuw Plaintext cihertext Encryption It converts one symbol of plaintext immediately into a symbol of ciphertext The transformation depends only on the symbol, the key, and control information of the encipherment algorithm E.g. substitution encryption

26 Stream Ciphers - Advantages
Speed of transformation Each symbol is encrypted without regard for any other plaintext symbols, each symbol can be encrypted as soon as it is read Low error propagation Each symbol is separately encoded, an error in the encryption process affects only that character

27 Stream Ciphers - Disadvantages
Low diffusion Each symbol is separately enciphered Susceptible to malicious insertions and modifications Since, each symbol is separately enciphered, an active interceptor who has broken the code can splice together pieces of previous messages and transmit a spurious message that may look authentic

28 Block Ciphers OI TP YR Encryption ba
qc kd em Key (optional) It encrypts a group of plaintext symbols as one block , e.g. 64 bits or more It works on blocks of plaintext and produce blocks of ciphertext E.g. transposition encryption

29 Block Ciphers - Advantages
Diffusion Information from plaintext is diffused into several ciphertext symbols One ciphertext block may be depend on several plaintext letters Immunity of insertions Since blocks of symbols are enciphered, it is impossible to insert a single symbol into one block The length of the block would then be incorrect, and decipherment would reveal the insertion

30 Block Ciphers - Disadvantages
Slowness of encryption Block ciphers must wait until an entire block of plaintext symbols has been received before sorting the encryption process Error propagation An error will affect the transformation of all other characters in the same block

31 Key Management Protocols
Attack to Remote communications: When two remote systems transfer messages along communication medium, several potential attack scenarios arise. There are three main types of attacks: Disclosure to an unauthorised listener. Receipt of a message from a masquerading sender. Corruption or blocking of sent messages.

32 Key Management Protocols
a. Disclosure to an unauthorised listener: Involves a malicious entity or an intruder gaining access to the message by simply observing and interpreting the data travelling along the communication medium. b. Receipt of a message from a masquerading sender: This attack involves an unauthorised masquerading entity claiming to be some authorised entity. The result is that a bad message might be sent from an intruder.

33 Key Management Protocols
c. Corruption or blocking of sent messages: Refers to messages sent by a sender being corrupted or blocked by an unauthorised intruder. Intruders corrupt the “good message” and replace it with a “bad message”.

34 Key Management Protocols
Encryption systems provide an important tool in computer security, it gives a user the ability to transmit information in a concealed form. It is very useful to transmit documents and data over a channel that may be intercepted. Protocol is established to orderly sequence the steps of the encryption by two or more parties in their communication Three type of encryption protocols: Private key protocol Public key protocol Arbitrated protocol

35 Private Key Protocol A protocol that may be used between communicating entities to authenticate systems and hide messages. Assumed that communicating entities have access to encryption routines M that encrypts and decrypts using some key K. Both sender and receiver knows K. Sender Receiver message [M]k [[M]k]k message encrypt decrypt

36 Encryption With Private Key

37 Private Key Protocol - Advantages
Fast Useful for encrypting data for a short distance

38 Private Key Protocol - Disadvantages
If the key is revealed (stolen etc.), the interceptors can decrypt all the information in both direction. Distribution of keys becomes a problem, as keys must be transmitted with utmost security. The number of keys increases with the square of the number of users exchanging secret information.

39 Public Key Protocol Deviced by Whitfield Diffie and Martin Hellman in 1996. This scheme overcomes the exchange of private key problem. Makes use of two encryption keys, public key and private key. Allows remote entities to advertise part of the encryption key, that is public key. Requires both public key and private key to encrypt and decrypt a message. Addresses several problems of key distribution and key loss issues.

40 Encryption with Public Keys

41 Public Key Protocol Based on mathematical functions rather than on substitution and permutation Asymmetric involving the use of two separate keys, in contrast to symmetric conventional encryption, which uses only one key Has profound consequences in the area of confidentiality, key distribution, and authentication

42 Public Key Cryptosystem
Each end system in a network generates a pair of keys to be used for encryption and decryption of messages that it will receive Each system publishes it’s encryption key by placing it in a public register or file. This is the public key. The companion key is kept private (eg. Verisign provide security service for international e-commerce, DigiCert mainly for local e-commerce) If A wishes to send a message to B, it encrypts the message using B’s public key When B receives the message, B decrypts it using B’s private key. No other recipient can decrypt the message because only B knows B’s private key.

43 Public Key - Advantages
All participants have access to public keys and private keys are generated locally by each participant and therefore need never be distributed As long as system controls it’s private key, its incoming communication is secure At any time,a system can change its private key and publish the companion public key to replace its old public key It is computationally infeasible to deduce the private key from the public key Anyone who has a public key can encrypt information but cannot decrypt it Only the person who has the corresponding private key can decrypt the information

44 Public Key – Examples Elgamal (named for its investor, Taher Elgamal)
RSA (named for its investors; Ron Rivest, Adi Shamir and Leonard Adleman) Diffie-Hellman (named for its investors) DSA – Digital Signature Algorithm (invented by David Kravitz)

45 Public Key Cryptosystem : Encryption
Plaintext input output Alice’s public key ring: Joy, Mike, Bob etc Encryption Algorithm Decryption Algorithm Bob’s public key Bob’s private key Transmitted chipertext Encryption algorithm eg. RSA Decryption algorithm (reverse of encryption algorithm

46 Public Key Cryptosystem : Authentication
Plaintext input output Bob’s public key ring: Joy, Mike, Alice etc Encryption Algorithm Decryption Algorithm Alice’s private key Alice’s public key Transmitted chipertext Encryption algorithm eg. RSA Decryption algorithm (reverse of encryption algorithm

47 Public Key Cryptosystem Applications
Message source Message dest. Encryption Algorithm Decryption Algorithm Source A Source B X Y Z Key pair source Public Key A Private Key A Public Key B Private Key B

48 Public Key Protocol Sender (B) Receiver (A)
Message [[M]SB]PA [[[[M]SB]PA]SA]PB Message Encrypt Decrypt Legend: SB:Secret key of B PB:Public key of B SA:Secret key of A PA:Public key of A

49 Arbitration Protocols with Third Party
An alternative to the point key management protocols between senders and receivers. Protocol that uses third party to ensure authentication between communicating entities. Two types of arbitrated key management protocols might be envisioned.

50 Arbitration Protocols with Third Party
1) All data communication is performed through a third party, so that A might communicate with C through arbiter B. This requires that A and B agree on some key management protocol and that B and C agree on a protocol as well. A B C Arbitrator A sends message to C B routes message to C from A C receives message from A

51 Arbitration Protocols with Third Party
2) The third party arbiter establishing authentication between the sender and receiver e.g. visiting prisoner at prison, have to go thru the prison warden

52 Reasons why an arbiter is not desirable
Difficult to find a trusted arbitrator e.g. recognize and valid authority Cause delay in communication e.g. have to go thru arbiter for any communication Costly in maintaining an arbiter e.g. fees payment, service charges Bottleneck happens if many users access to same arbiter e.g. delay in communication Not secure since arbiter has access to sensitive information e.g. no 100% confidentiality

53 Key Distribution This scheme involves distribution of public and secret keys by transmission over a secure channel. Uses private key management protocol between remote systems and the KDC - Key Distribution Centre. This approach allows two entities to receive keys from KDC for their communication. Secrecy of their transmission to the KDC is assured by the distribution process.

54 Pretty Good Privacy (PGP)
It is a hybrid cryptosystem by Philip Zimmerman Fast ,easy and free ported to most popular computer platforms, PCs and Macs as well to protect messages on the Internet Used in e.g. Netscape Messager, MS Outlook Express and Qualcomm Eudora Pro

55 PGP Encryption PGP compresses the plaintext to save transmission time and disk space and to strengthen cryptographic security Compression reduces plaintext pattern and enhances resistance to cryptanalysis PGP creates session key, one-time-only secret key from the random movement of user’s mouse and keystrokes type Using the IDEA algorithm with the session key, the message is encrypted. The session key is encrypted with the RSA algorithm and the recipient’s public key The encrypted message and session key is then bundled together and ready to be mailed or stored

56 PGP Encryption

57 PGP Decryption The recipients copy of PGP uses his/her the private key to recover the temporary session key Then, PGP uses it to decrypt the ciphertext

58 PGP Decryption

59 Secure Socket Layer (SSL)
Developed by Netscape in 1994 Provides two functions: Encrypting the information flow between client and server Client/server authentication Latest version is SSL 3.0 (1996) Supported by: Client applications (Netscape Navigator, Microsoft Internet Explorer) Server applications (Netscape, Microsoft, Apache, Oracle, NSCA etc.) Certification Authorities (VeriSign)

60 Secure Socket Layer (SSL)
Comes with two strength: 40-bit and 128-bit which refer to the length of the “session key” generated by every encrypted transaction HTTPS - Hypertext Transfer Protocol Secure represent secure site using SSL services (HTTP + SSL)

61 Secure Socket Layer (SSL)
Fundamental concerns about communication over the Internet and other TCP/IP networks: SSL server authentication allows a user to confirm a server's identity SSL client authentication allows a server to confirm a user's identity An encrypted SSL connection requires all information sent between a client and a server to be encrypted by the sending software and decrypted by the receiving software, thus providing a high degree of confidentiality

Download ppt "Chapter 2: Cryptography Technique"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.

Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.
Making “Good” Encryption Algorithms

Making “Good” Encryption Algorithms
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 2 Basic Encryption and Decryption (part B)

Chapter 2 Basic Encryption and Decryption (part B)
Security Module – Part 1 Spring 2006 V.T. Raja, Ph.D., Oregon State University.

Security Module – Part 1 Spring 2006 V.T. Raja, Ph.D., Oregon State University.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.

CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
IT 221: Classical and Modern Encryption Techniques Lecture 2: Classical and Modern Encryption Techniques For Educational Purposes Only Revised: September.

IT 221: Classical and Modern Encryption Techniques Lecture 2: Classical and Modern Encryption Techniques For Educational Purposes Only Revised: September.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

Similar presentations

Ads by Google